javaencryptionldapspring-security-ldap

How can I decrypt wcrypt data from ldap?


I need to fetch data from a LDAP using Java and SpringBoot. I managed to retrieve the OpenOTP data from the Ldap, but I found it's encrypted using wcrypt and I have no idea of how to decrypt it in Java and didn't find any article related to that.

Here is an example of what I get :

OpenOTP.TokenModel={wcrypt}DK2HtINFjxBOrjO5b7UcHLbydZgdfAvwu32jqFwSAk5=

I assume I will need a password to decrypt the data, but even once I have it I should probably have a bcrypt-like class for wcrypt ?


Solution

  • For security reasons, it is impossible to decrypt the encrypted data out of the LDAP. The only solution is to use the Manager API and call the method Search_Inventory_Items to fetch the data de-crypted. Here is an example with curl :

    curl -k\
     --user "Default\\admin:password"\
     --header "Content-Type: application/json"\
     --data '{"method":"Search_Inventory_Items", "params": {"type":"OTP Token"}, "id":0, "jsonrpc":"2.0"}'\
     https://localhost/manag/