BROWSE CATDV SUPPORT MANUALS

The CatDV REST API uses RSA encryption to secure the transmission of passwords over the wire. For additional security a new public/private key pair is created for every session, with the private key being retained by the server and the public key being sent to the client. The client should encrypt the plain text password with the public key and send the encrypted value to the server, which then uses its private key to retrieve the original value.

RSA Encryption

For detailed information about the RSA algorithm please refer to RSA (algorithm) – Wikipedia.

The core of the algorithm for encryption is

c = powMod(m, e, n);

Where

 e,n  -  the two large integer components of the public RSA key.
 m    -  the message converted to a large integer.
 c    -  the encrypted message as a large integer.

The values for ‘e’ and ‘n’ are extracted from the public key that is returned by:

GET /session/key

The public key is returned as two base36 encoded strings representing ‘n’ and ‘e’ separated by a ‘:’. For example:

nnux4mb561sc6o0gai3z5cvh051n8zwfktgjhzf1t5d2ihzh57t
89kq47lu3pgx93uwkbj5cdtbyyo82bar4iyd3e3swdjb2dhz:1ekh

The value of m is calculated by taking the UTF-8 encoded string that represents the password and treating it as a large integer where the first byte is the most significant.

The encrypted value ‘c’ is converted to base36 to give a string used as the encrypted password.