On Thu, 14 Feb 2002, Chris Love wrote:
Conceptually, there's only one way to do it...
note: basically, anything that's not XML is operated on the byte-level.
There are two keys here..
1) Private Key - this is the key string you get from the website by clicking Generate
New Key,
and put in your config files. It is 112 characters, or 56 bytes (or
8 bytes
if you use DES?).
2) Real Key - This key is what we use to connect to the server, it is produced from
the Private
Key, and is 56 bytes in length (regardless of crypto algo).
Build the Real Key:
- Convert the Real Key to bytes, should be 56 bytes (DES 8 bytes?)
- md5 hash the real key - MD5 should produce a 16 byte hash
result = hash([********************************************************]);
- append the result to the private key, bytes 0 - 15
private_key = [**************** ];
- now we hash the significant bytes in the private_key (not the empty space), bytes 0
- 15
result = hash([****************];
- append the result, bytes 0 - 15, to the private key, bytes 16 - 31
private_key = [******************************** ];
- hash private_key again, bytes 0 - 31
result = hash([********************************];
- append the result, bytes 0 - 15, to the private_key, bytes 32 - 47
private_key = [************************************************ ];
- hash private_key again, bytes 0 - 47
results = hash([************************************************]);
- there's only 8 bytes left! append the first 8 bytes of the result to the
private_key,
bytes 48 - 55
private_key = [********************************************************]; (56
bytes)
Initialize your crypto algo with the private_key. Use CBC and no padding (we use our
own padding).
--
Robert Dale
digital mission llc
