I totally agree with you. There could be a "Random" IV specified i.e. (01234567890ABCDE - hex) for and the hashes for the key and also the encrypted data. Because it would be A LOT easier to do any implementation of the OpenSRS API in other OSs or programming languages as PERL.
Hopefully someone at OpenSRS will agree with this and provide proper documentation about the encryption "system" they use and provide this trivial data to help people implement their API. Because "hash the key and use the hash to encrypt data sent to OpenSRS" in documentation doesn't mention anything about rehashing the hashed key. Uroš Gaber PowerCom d.o.o. Kersnikova 6, 1234 Mengeš, Slovenia P.E.: Slovenska 24, 1234 Mengeš, Slovenia Mobile: +386 (0)41 400-801 Phone office: +386 (0)1 723-01-62 Fax office: +386 (0)1 723-01-63 eMail: [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, July 21, 2003 5:26 PM To: [EMAIL PROTECTED] Subject: Re: Question about a document This is why I have *BEGGED* in the past for some test vectors for each and every step of the encryption process. Since there are so many steps / layers only a set of test vectors will allow simple and quick debugging isolation of ones code. And fact is such test vectors should only take a few minute of work to provide ......... Interestingly when I've made the above request several people suggested I was just a hacker trying to break into other peoples accounts -- Which is a really silly and ignorant viewpoint if you think about it, espicially when I specifically asked for test vectors for a trivial key ... So perhaps now OpenSRS, or others, would be more willing to provide some test vectors as other people are clearly interested in; native Windows operation, clear and accurate docmentation, OS independent OpenSRS development support, etc. ... I suggest providing the test vectors for a trivial key such as, 012345678901234567890 ....... (hex) or, A5A5A5A5A5 ..... (hex) for both DES and Blowfish since OpenSRS should never issue such trivial keys. Thank you. On Mon, 21 Jul 2003 09:55:22 +0200 "Uroš Gaber, PowerCom d.o.o." <[EMAIL PROTECTED]> wrote: >Hi! > >Thank you all for the document. Got it from three sources >now. > >It's really useful, and I think that this should be >documented in >OpenSRS API documentation. > >Never the less... I tried it with the encryption as the >document has >stated, and still no luck. > >I've tried with different MD5 components, but it's all >the same. I've >tried with DES and Blowfish encryption. So if someone has >any xperience >with this, please let me know. > >Again thank to all who supplied the document. > >Have a nice day! > >Uroš Gaber >eMail: [EMAIL PROTECTED] > > >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On >Behalf Of [EMAIL PROTECTED] >Sent: Sunday, July 20, 2003 11:07 PM >To: [EMAIL PROTECTED] >Subject: Re: Question about a document > > > >Thank you Eric! > > >On Sun, 20 Jul 2003 14:12:48 -0400 > "WebWiz" <[EMAIL PROTECTED]> wrote: >>Or, better still... >> >>I've posted it at >>http://www.atlcon.net/downloads/opensrs/ >> >>Regards, >>Eric Longman >>Atl-Connect Internet Services >> >> >>----- Original Message ----- >>From: "Uros" <[EMAIL PROTECTED]> >>To: <[EMAIL PROTECTED]> >>Sent: Sunday, July 20, 2003 2:56 AM >>Subject: Question about a document >> >> >>> Hi! >>> >>> I've been browsing through the dev-list archives and I stumbled on a >>>URL >>for >>> a "decipher.doc / .pdf" document, that is dead. >>> If someone has this document, please email it to me. >>> >>> I'm trying to create a new client for the OpenSRS in delphi, and I >>>didn't find any other usefull information on the encryption / >>>decryption part of >>> the API. >>> >>> Thank you! >>> >>> Uros Gaber >>> >>> >>> >> > > >
