Hi Iain, your explanation is not confusing at all. I haven't tried it yet, but this must be the problem because I don't do the conversion, I just hash it as it is.
Thanks a lot, Antoine --- Iain Shigeoka <[EMAIL PROTECTED]> wrote: > On 12/18/01 2:44 AM, "Antoine Maitre" > <[EMAIL PROTECTED]> wrote: > > > I'm trying to implement zerok authentication for > my client. I use the method > > > described in the document > (http://docs.jabber.org/draft-proto/html/zerok.html) > > > but it doesn't work. I checked the the XML files > in the spool folder on the > > Jabber server and the hash provided there doesn't > match. Can anyone tell me > > what I'm doing wrong. > > Your protocol packets look good. I'd guess that > you're not carrying out the 0k > auth algorithms correctly. The document you refer > to is not very clear on the > implementation of the 0k computation. For example, > each hash(n) that you > create must be converted to a lower case hexadecimal > string representation > which is then used as input for the next > hash(n+1)... This can be confusing > because the real hash is a set bits and not the > hexadecimal string > representation (and it must lowercase). > > I hope this isn't confusing rather than helping... > Arrgh. Let me run through > the algorithm > > sha1 digest(password + toke) => hash0' ->>> > lowercase hex rep ->>> hash0 > sha1 digest(hash0) => hash1' ->>> lowercase hex rep > ->>> hash1 > sha1 digest(hash1) => hash2' ->>> lowercase hex rep > ->>> hash2 > Etc... > > The doc doesn't explain the "->>> l.h.r. ->>>" step > and from a normal > cryptography standpoint you'd never think to do > that... :) > > -iain > > > __________________________________________________ > Do You Yahoo!? > Check out Yahoo! Shopping and Yahoo! Auctions for > all of > your unique holiday gifts! Buy at > http://shopping.yahoo.com > or bid at http://auctions.yahoo.com > _______________________________________________ > jdev mailing list > [EMAIL PROTECTED] > http://mailman.jabber.org/listinfo/jdev __________________________________________________ Do You Yahoo!? Check out Yahoo! Shopping and Yahoo! Auctions for all of your unique holiday gifts! Buy at http://shopping.yahoo.com or bid at http://auctions.yahoo.com _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
