adding new libpurple ciphers - HMAC and TripleDES/CBC

Elliott Sales de Andrade quantum.analyst at gmail.com
Sun Dec 2 03:39:13 EST 2007 

Hello all,

So, I've been looking at implementing MSNP15 (from MSNPiki [1] and
OpenRCE [2]), and I managed to get a version running that logs on
correctly. At the moment, it's pretty hackish, but fortunately, there
are minimal changes that are required. Anyway, first things first are
to fix those hacks.

The first thing we need are two additions to the available ciphers, as
well as some updates to the existing ciphers.

Firstly, there is keyed-Hash Message Authentication Code (HMAC) [3].
It is fairly simple to implement. There are a few questions I have
with this, though. HMAC can be used with several different hashing
functions. In order to implement this,  I was thinking of having just
one "hmac" cipher, with an option (via
purple_cipher_context_set_option) to select an underlying cipher
(would a PurpleCipher do?). Secondly, HMAC needs to know the block
size of the underlying hash function. I see functions to find the key
size and the salt size, but I don't think the block size is currently
available. Would we just add a function to the padding?

Secondly, there is TripleDES [4]. This is mostly based on DES. What's
needed is to add support for decryption in the DES cipher. I'm not
sure why this wasn't implemented, since it only requires specifying a
1 the mode parameter of des_ecb_crypt. Once this is added, TripleDES
is just a matter of chaining together encryption, decryption, and
encryption. As a side note, I was wondering why DES encryption returns
0? If it returned TRUE, this would match the digests. Also, is there
any reason the output length parameter is not checked for being NULL?

Finally, there is adding a Cipher-block chaining (CBC) [5] mode to
TripleDES (and regular DES may benefit from this as well). Again, this
is a simple thing to implement. The only question I have is how to
specify it. I'm thinking of just adding an option again. Probably an
enum or some defines will do here.

Anyway, I'll submit some patches for this ASAP after I get some
feedback here. Of course, I don't really know a lot about these
ciphers, and I learnt most of it off of wikipedia, so if someone knows
better, feel free to suggest some optimizations or things to do
better.

[1] http://msnpiki.msnfanatic.com/index.php/MSN_Protocol_Version_15
[2] http://www.openrce.org/blog/view/449
[3] http://en.wikipedia.org/wiki/HMAC
[4] http://en.wikipedia.org/wiki/Triple_DES
[5] http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

More information about the Devel mailing list