Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
857
Views
0
Helpful
2
Replies

JabberSDK and encoded passwords

bojanraic
Level 1
Level 1

‎05-02-2014 01:48 PM

Hi,

Playing with Jabber SDK Samples, I noticed most of them pass plain text passwords in JavaScript to authenticate against CUCM.

Looking at the JSDoc, this is also possible:

jQuery('#phone').cwic('registerPhone', {

    user: 'fbar',

    password: {

        encoded: 'GJH$&*"@$%$^BLKJ==',

        cipher: 'cucm'

    },

    mode: 'DeskPhone',

    cucm: '1.2.3.4',

    success: function(registration) {

        console.log('registered in mode ' + registration.mode);

        console.log('registered with device ' + registration.device.name);

    }

);

https://developer.cisco.com/media/JabberVoiceAndVideoAPI/symbols/$.fn.cwic.html

What method is used to encode the password string? It does not seem to be standard base64. I would like to encode the password when the user logs in so that when he/she reaches a page with Jabber SDK integration, I can simply pass the encoded string.

Thanks,

Labels:
0 Helpful
2 Replies 2

Geevarghese Cheria
Cisco Employee
Cisco Employee

‎05-12-2014 10:55 PM

Hi,

As you have mentioned based on the url https://developer.cisco.com/media/JabberVoiceAndVideoAPI/symbols/$.fn.cwic-settings.html
we can see from the following url https://developer.cisco.com/media/JabberVoiceAndVideoAPI/symbols/src/src_www_src_cwic_cwic.js.html
that
        if (typeof password === "string") {
             // clear password, encrypt it
            password = { cipher: 'cucm', encrypted: _plugin.api.encryptCucmPassword(args.password) };
            if (registration.authenticate) { clearPassword = args.password; }
        } else if (typeof password !== "object" || (password.cipher !== "cucm" && password.cipher !== "base64"))  {
             return _triggerError($this, registering.errorCb, errorMap.InvalidArguments, 'invalid password (type ' + typeof password + ')', { registration: registration });
        }
          // make preferredDevice a string (possibly empty)
         var preferredDevice = args.device || _plugin.api.PreferredDevice;
         if (typeof preferredDevice === "object") {
             preferredDevice = (preferredDevice.name ? preferredDevice.name : '');
         }


Thanks and Regards,
Geevarghese

0 Helpful

dstaudt
Cisco Employee
Cisco Employee
In response to Geevarghese Cheria

‎05-28-2014 09:32 AM

Good find!

Just to clarify a bit, the Jabber SDK plugin itself (when installed and loaded) exposes a function that can encrypt using the 'cucm' cipher:

_plugin.api.encryptCucmPassword(password)

This function is undocumented (as are all of the bare plugin APIs), and I assume is mainly intended for use by the Jabber SDK javascript library internally to avoid credentials being sent over the wire in the clear (i.e. when the plugin executes registration steps.)

Normally one would expect the user credentials to be gathered from the user rather than hard-coded in the page HTML/JS.  Note that 'base64' appears to be third 'cipher' supported by the plugin.

0 Helpful
Customers Also Viewed These Support Documents