Currently I'm working on adding strong cryptography using the EVP api
in openssl. If you have openssl, you will have support for cast5
(fully compatable with ircII), blowfish, and aes256 (not compatable with
anybody else)
I have been getting requests for years for "blowfish support" but what I
have concluded is that what people are asking for is FiSH support. FiSH
is a plugin for mirc, irssi, and xchat that ciphers text with blowfish
and ascii armors it into those "+OK " strings you see occasionally.
The difficulty I'm running into with FiSH is it uses a custom algorithm
for blowfish that supports keys longer than the specification (FiSH supports
576 bits, but blowfish only supports 448 bits), and some channels use the
longer keylength. The other problem is the ascii armoring is a custom
algorithm (like base64 but not exactly base64). The only real solution
for compatability in this case is to include substantial parts of the FiSH
source code into epic, since the standard tools can't do the job. [1]
Unfortunately, FiSH is not licensed, intentionally by its author. This
would be unsuitable for inclusion in EPIC because some distros like
debian would protest, and rightly so.
In conclusion, the good news is, EPIC will be sprouting strong crypto
support for privmsgs/notices. The bad news is, this isn't compatable with
FiSH, which is what most people wanted support for in the first place.
Jeremy
[1] I couldn't possibly "clean room" a cryptographic algorithm since I don't
know or understand how cryptography works. All I have the ability to do
is cut&paste the stuff.
_______________________________________________
List mailing list
List@epicsol.org
http://epicsol.org/mailman/listinfo/list
