How to decrypt answer to password reset question

michaelforward · ‎01-12-2016

I'm trying to decrypt the answer field in the pwd_reset_answer table within the PW Reset module.

The dictionary shows the field type as 2-Way Encrypted which should allow decryption, however when I attempt to decrypt a value with the decrypt() function from the GlideEncrypter package, I get the following error:

string may not be encrypted : Input length must be multiple of 8 when decrypting with padded cipher

Here is the script I used to attempt the decryption

var id = "186dcf4b4f7096001c53b4a18110c74e";

var Encrypter = new GlideEncrypter();

var a_encrypted = "";

var a_decrypted = "";

var gr = new GlideRecord('pwd_active_answer');

gr.get(id);

a_encrypted = gr.answer;

a_decrypted = Encrypter.decrypt(a_encrypted);

gs.print(a_decrypted);

Is decryption from our end even possible for this particular encrypted field?

sergiu_panaite · ‎01-12-2016

Hi Michael,

Are you sure "answer" field is 2-way encrypted in your instance?

In my own instance (geneva) I've enabled the Password Reset plugin and checking Dictionary record I see "answer" is 1Way password, which means I can't decrypt it:

Regards,

Sergiu

michaelforward · ‎01-12-2016

Yes it is 2-Way encrypted, however my instance is still on Fuji

sergiu_panaite · ‎01-12-2016

There was a known problem before Fuji where password2 fields with a length of 40 characters where it contained a password over 24 characters (requiring over 44 characters for encrypted string) could not be decrypted anymore.

What's the field size in Dictionary?

Regards,

Sergiu

michaelforward · ‎01-12-2016

The field size for both the answer and normalized_answer fields is 256