On Tue, 12 Feb 2002, Chris Love wrote: > Well I guess my earlier message is not going to be posted or responded > to, but these are some of my findings. As I compare what I have > developed and compare it to the PHP, Java and Perl Clients I can find no > difference in what I am doing except that I want to use DES.
There should be no difference in the method of encryption. You should be able to replace Blowfish with DES and vice-versa. > Run 2- > 1)Connect > 2)Read Check Version > 3)Send Version Check Reply > 4)Send Authenticate > 5)Receive Challenge (encouraging) > 6a)Create MD5 Hash of Challenge bits (16 bytes long) > 6b)Let's try to encrypt that HASH > 6b1)MD5 Hash the Key 'Seed' and get the first 8 bytes for the > real DES key > 6b2)get the first second 8 bytes for the real DES IV (I think > this could be anything) > 6c)DES Encrypt the Challenge Bits > 6d)change the encrypted bytes to ASCII Just write the bytes. > 6e)Add 'RandomIV' and the IV before the encrypted String You need to send: Content-Length: <insert length of the following>\r\n\r\nRandomIV<8 byte IV><encrypted buf> > 6f)Send the Encrypted Bytes back to the OPENSRS Server > 7)Receive another Challenge request??????? At this point you should receive encrypted XML if you were successful. -- Robert Dale digital mission llc
