How to encrypt form fields

Permanently deleted user

Created February 11, 2019 12:04

For a very specific use case, we need to "emulate" user actions through the web GUI (api is not an option in here due to lack of endpoint for some actions)

In order for actions like login or form submission we need to send the encrypted[Field] (ex: encryptedPassword)

Trough some digging in the JS code, I found that the field is encrypted based on the publicKey value which I believe to be a HEX String, unfortunately I haven't been able to replicate the process correctly, as all the encrypted fields I'm able to generate return a invalid username or password

This is the snippet I've been working on to generate the field

//form publicKey
String auth_mod = "0085c9815a503cc1b7fc671c9d70bd05528d3b97809c7504c5c9a5fab81d42de93e9333e0673e57b086"+
                  "af01ecf0044df86fd577ca9f0559927c18fae31542a3dd9a604b1b76abe3ee4249d7e74a457b5c665c8a"+
                  "ab2e67828567f32466453842b1fba14e776b9ba591ff05375f6969ac36e457e242adfd0b795d34d982a151b8fc3";

//Exp
String auth_exp = "10001";

//String to encrypt
byte[] bytepass = StringUtils.getBytesUtf8("password");

//Create RSA spec with returned data (16 = hex input - radix)
RSAPublicKeySpec rsa_params = new RSAPublicKeySpec(new BigInteger(auth_mod, 16), new BigInteger(auth_exp, 16));

//RSA Encrypting
KeyFactory factory = KeyFactory.getInstance("RSA");

//Create a public key with params
PublicKey pub = factory.generatePublic(rsa_params);

//Create a RSA cipher
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");


//Set the cipher to encrypt using the public key
cipher.init(Cipher.ENCRYPT_MODE, pub);

//Encode the password
byte[] pass_encrypted = cipher.doFinal((bytepass));
String hex_pass = Hex.encodeHexString(pass_encrypted);
System.out.println("Encrypted => " + hex_pass);
System.out.println("Length => " + hex_pass.length());

2 comments

Denis Lapuente

Created February 18, 2019 10:18

Hi Smith,

it's hard without understanding what your use case is to make any kind of suggestion. I'm assuming that you mean that you need to interact with TeamCity's UI, is that also correct?

Roman H

Created October 07, 2023 16:36

Hello,
I know this thread was opened more than 3 years ago at this point, but since I was working on a similar thing and couldn't find any resources, I'll show you my results.

unfortunately I haven't been able to replicate the process correctly, as all the encrypted fields I'm able to generate return a invalid username or password

The BS.Crypto library appends the length of the plaintext as a single byte to the end of the plaintext before applying the PKCS#1 v1.5 padding scheme. So to make your code work, the bytepass array has to be extended by 1 byte:

byte[] encodedPassword = StringUtils.getBytesUtf8("password");
byte[] bytePass = new byte[encodedPassword.length + 1];
System.arraycopy(encodedPassword, 0, bytePass, 0, encodedPassword.length);
bytePass[encodedPassword.length] = (byte)encodedPassword.length;

I'm not a professional java coder, I could get it working in python though.

Please sign in to leave a comment.