The IV is generated from the repeated md5() of the client key.
Look in CBC.pm for that.
Cheers
Paul
On Wed, 19 Jul 2000, Colin Viebrock wrote:
> > $challenge = read_data($fh);
> >
> > # Encrypt the challenge bytes with our password to generate
> > # the session key.
> > $cipher = new Crypt::CBC(pack('H*', $private_key), $crypt_type);
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > # Respond to the challenge with the MD5 checksum of the challenge.
> > send_data($fh,md5($challenge));
>
>
> Since my perl is a bit weak, have I got this pseudo-PHP right then:
>
> $challenge = socket_read(); /* pseudo function */
> /* challenge is sent un-encrypted */
>
> $private_key = 'abcdef123456890';
> $session_key = pack('H*', $private_key);
>
> $ans = md5($challenge);
> $encry_ans = mcrypt_CBC(MCRYPT_DES, $session_key, $ans, MCRYPT_ENCRYPT);
>
> socket_write($encry_ans);
>
> If I can just get over this step, I should have a functional base class
> for PHP, which I'm more than willing to share (or open up on Sourceforge or
> something).
>
> Also ... I read the the initialization vector is somewhat important.
> Can anyone shed light on this?
>
>
> - Colin
>
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:41 EDT