If a passphrase is used for the result list, the parameters in the URL have to be additionally encrypted and the signature of the URL has to be passed.
The URL for the integration with passphrase has the following basic structure:
http://servername/JobRouter/modules/jobarchive/index.php?action=showresultlist&id=<resultListId>&eq=<encryptedQueryParameters>&signature=<signature>
•<resultListId> = ID of the result list
•<encryptedQueryParameters> = URL parameter (encrypted or Base64 encoded)
•<signature> = Signature of the URL based on the signature key (see chapter Generating the URL signature)
The parameter value <encryptedQueryParameters> is generated as follows:
<encryptedQueryParameters> = URL_ENCODE( BASE64_ENCODE(
BINARY_TO_HEX(
ENCRYPT(
viewer=<viewer>&viewMode=<viewMode>&username=<username>&
validFrom=<validFrom>&validUntil=<validUntil>&
filters= URL_ENCODE( BASE64_ENCODE( <filters> ))
)
)
))
The encrypting (ENCRYPT) of the URL parameters uses the AES algorithm in CBC mode with PKCS5 padding. For this a key and an initialization vector (IV) are needed. They are derived from the result list.
•Initially a SHA-512 hash of the passphrase is generated in hexadecimal format (String of 128 chars)
•The first 32 chars of the SHA-512 hash are used as key
•The chars 32 to 48 of the SHA-512 hash are used as initialization vector
PHP code snippet
$key = getKey($passphrase);
$blocksize = 16;
$data = pkcs5Pad($stringToEncrypt, $blocksize);
$iv = getIv($passphrase);
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, $iv);
Java code snippet
Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
c.init(Cipher.ENCRYPT_MODE, getKey(passphrase), getIv(passphrase));
byte[] encrypted = c.doFinal(stringToEncrypt.getBytes("UTF-8"));
.NET code snippet
byte[] bytesToEncrypt = UTF8Encoding.UTF8.GetBytes(stringToEncrypt);
byte[] key = getKey(passphrase);
byte[] iv = GetIV(passphrase);
RijndaelManaged aes = new RijndaelManaged();
ICryptoTransform encryptor = aes.CreateEncryptor(key, iv);
byte[] encryptedData = encryptor.TransformFinalBlock(bytesToEncrypt, 0, bytesToEncrypt.Length);
The binary data has to be converted into hexadecimal format after encrypting (BINARY_TO_HEX).
PHP code snippet
$encryptedHexString = bin2hex($encrypted);
Java code snippet
StringBuffer sb = new StringBuffer();
for (int i = 0; i < encrypted.length; i++) {
sb.append(Integer.toString((encrypted[i] & 0xff) + 0x100, 16).substring(1));
}
String encryptedHexString = sb.toString();
.NET code snippet
StringBuilder hex = new StringBuilder(encryptedData.Length * 2);
foreach (byte b in encryptedData) {
hex.AppendFormat("{0:x2}", b);
}
string encryptedHexString = hex.ToString();
