Sergey-
The Crypt::CBC module used by OpenSRS does some interesting things
during encryption, which makes it difficult to talk to it using a
language other than perl. I would suggest looking at the CBC.pm
source code distributed with OpenSRS to see what exactly is happening.
Or, you can get the PHP client from http://opensrs-php.sourceforge.net
which includes my CBC.inc code, which may be a bit easier to follow.
To answer your question, though, Crypt::CBC adds the 'RandomIV'
header (8 bytes) and a random initialization vector (IV, 8 bytes) to
the beginning of the message, and 8 bytes of padding to the end. So:
8 (header) + 8 (IV) + 16 (md5sum) + 8 (padding) = 40 bytes
Feel free to email me off-list if you have any more questions.
-mike
>
> Hello,
>
> I have some question according to cryptography in perl API provided by
> OpenSRS.
>
> I work on Java implementation of this library and use JCE.
> THe problem is that I cant reporduce with JCE authentication method.
> User get a challange , generate cipher and send MD5 checksum to send_data
> method. If cipher exists, send_data crypt this md5 chesum with a cipher.
> AFAIK length of MD5 checksum is 16 bytes lenght, but when I see length of
> $message, which is crypted by the sipher MD5 checksum, it is 40 bytes
> lentgh. When I use Cipher class from JCE API $message length is 16 bytes
> also. I notice that perl $cipher add 'RandomIV' string and any other data
> to the crypted message and message became 40 bytes length.
> How this string can be aimed on Java? I mean what should I do with md5
> chesum on Java to get correct string which will be accepted by the OpenSRS
> server?
>
> Sincerely,
> Sergey Lukichev
> [EMAIL PROTECTED]
>
>
>
--
"Modern electronic-rock music, inaugurated in the early 1960s, is, and
always has been, a joint enterprise of British military intelligence
and Satanic cults."
-- "The Satanic Roots of Rock"
http://www.av1611.org/othpubls/roots.html
GnuPG key available at http://devel.duluoz.net/pubkey.asc
Key ID = 1024D/9A256AE5 1999-11-13 Mike Glover <[EMAIL PROTECTED]>
Key fingerprint = EF6E 8BCB 4810 E98C F0FD 4596 367A 32B7 9A25 6AE5
