F
FISH
I'd be very grateful if someone could help me out with this
problem regarding the internals of SHA-1 and Java. I maintain
an Open Source (GPL) project which implements the Yahoo Instant
Messenger protocol (YMSG) as a Java package...
http://jymsg9.sourceforge.net/
As I'm sure you know, Yahoo occasionally tweaks its login
protocol to lock out third party code. So far I've been able
to match them by updating my own code, based upon changes made
to other third party projects like libyahoo2 and gaim (see
http://libyahoo2.sf.net/ and http://gaim.sf.net/ ). But the
most recent change has caused me some headaches. It's a small
alteration regarding SHA-1, but I'm not sure if I can easily
replicate it in Java.
I'm hoping some knowledgable soul here will throw some light on
the matter - if I cannot solve this problem, then the whole jYMSG
project is at threat!
Below is a fragment of C source (taken from libyahoo2, via Gaim)
showing the two new lines apparently required to fix the login
process. As you can see, it involves an assignment to a variable
'sizeLo'... My problem is, how can I replicate this using the
standard SHA-1 code which comes with java.security.MessageDigest ?
shaUpdate(&ctx1, crypt_hash_xor1, 64);
/* Start of additions */
if(j>=3)
ctx1.sizeLo = 0x1ff;
/* End of additions */
shaUpdate(&ctx1, magic_key_char, 4);
shaFinal(&ctx1, digest1);
My knowledge of message digests and the like is limited. I took
a look at some SHA-1 C source on-line, and it appears that sizeLo
is manipulated when updating the digest, then used when padding
the data(?). But there is a further update following the setting
of sizeLo, so I can't just replicate the behaviour by manually
padding the digest with the correct bytes myself (can I?)
So, I guess my problem amounts to....
1) Can I reproduce the effect of setting sizeLo mid-way through
a digest update, as in the source above, using
java.security.MessageDigest ?
2) If not, can anyone recommend a good, GPL-friendly, SHA-1
implementation in Java, which would facilitate such a thing?
Any help or suggestions gratefully received!
Some links... The SHA-1 C source I studied was here...
http://www.openaether.org/jabberd2/source/util/sha1.c
http://www.openaether.org/jabberd2/source/util/sha1.h
And the web CVS page for the complete source file from which
the sample C fragement was taken is here...
http://cvs.sourceforge.net/viewcvs.py/libyahoo2/libyahoo2/src/libyahoo2.c
-FISH- ><>
problem regarding the internals of SHA-1 and Java. I maintain
an Open Source (GPL) project which implements the Yahoo Instant
Messenger protocol (YMSG) as a Java package...
http://jymsg9.sourceforge.net/
As I'm sure you know, Yahoo occasionally tweaks its login
protocol to lock out third party code. So far I've been able
to match them by updating my own code, based upon changes made
to other third party projects like libyahoo2 and gaim (see
http://libyahoo2.sf.net/ and http://gaim.sf.net/ ). But the
most recent change has caused me some headaches. It's a small
alteration regarding SHA-1, but I'm not sure if I can easily
replicate it in Java.
I'm hoping some knowledgable soul here will throw some light on
the matter - if I cannot solve this problem, then the whole jYMSG
project is at threat!
Below is a fragment of C source (taken from libyahoo2, via Gaim)
showing the two new lines apparently required to fix the login
process. As you can see, it involves an assignment to a variable
'sizeLo'... My problem is, how can I replicate this using the
standard SHA-1 code which comes with java.security.MessageDigest ?
shaUpdate(&ctx1, crypt_hash_xor1, 64);
/* Start of additions */
if(j>=3)
ctx1.sizeLo = 0x1ff;
/* End of additions */
shaUpdate(&ctx1, magic_key_char, 4);
shaFinal(&ctx1, digest1);
My knowledge of message digests and the like is limited. I took
a look at some SHA-1 C source on-line, and it appears that sizeLo
is manipulated when updating the digest, then used when padding
the data(?). But there is a further update following the setting
of sizeLo, so I can't just replicate the behaviour by manually
padding the digest with the correct bytes myself (can I?)
So, I guess my problem amounts to....
1) Can I reproduce the effect of setting sizeLo mid-way through
a digest update, as in the source above, using
java.security.MessageDigest ?
2) If not, can anyone recommend a good, GPL-friendly, SHA-1
implementation in Java, which would facilitate such a thing?
Any help or suggestions gratefully received!
Some links... The SHA-1 C source I studied was here...
http://www.openaether.org/jabberd2/source/util/sha1.c
http://www.openaether.org/jabberd2/source/util/sha1.h
And the web CVS page for the complete source file from which
the sample C fragement was taken is here...
http://cvs.sourceforge.net/viewcvs.py/libyahoo2/libyahoo2/src/libyahoo2.c
-FISH- ><>