From: "Withers, Robert" <>
Date: Wed, 20 Nov 2002 17:07:32 -0500
Subject: RE: [e-lang] [VatTP] MAC calculation


I think I get the MAC, as it *is* pretty easy conceptually.   It is answering
the question, did any bits get corrupted (either externally or through
faulty algorithms).  The CBC is a little more confusing to me, other than
adding extra encryption to the 3des.  

My implementation is in squeak, so you don't have to do a thing!   I am
actually using a crypto library that another fellow is writing and he is
writing a test case for cbc.  I am very close to having a working VatTP
framework in squeak and the next work will be to tie it to my eventual
sending work.  

I have remaining issues in these areas:
1.  ASN.1 encoding for DSA public key - I currently have no VatID
2. cryptoHash of that encoding (is it MD5?)
3. UTF encoding for protocol version and authentication protocol
4. I have PROTO_NONE (easy) and PROTO_DES_SDH_M, but without header
5. I need to figure out cbc and msg sequence for the M2 version.
6. I have no VLS or support for TOK_DUP, TOK_TRY
7. I have no connection states managed in the VatTPMgr for the different
types of connection establishment (no suspend, etc).  I do have a state
machine and the connection knows its state, I just don't do anything with it
yet in the mgr. frantz

this is a *lot* of work, supporting elib, and I haven't even approached
makers, assayers, guards or any of that.   On the other hand, I am very close
to being able to communicate with an E vat, I think. frantz  


> -----Original Message-----
> From: Bill Frantz []
> Sent: Wednesday, November 20, 2002 2:15 PM
> To:;
> Subject: Re: [e-lang] [VatTP] MAC calculation
> At 10:44 PM -0800 11/19/02, Rob Withers wrote:
> >    Never mind these questions, folks, I managed to  find 
> the issue.  CBC
> >was broken and so I disabled it.  I am feeding  the padded 
> plaintext, on
> >the Receive side, to the computeMac: method.  I  see that I 
> need to go
> >ahead and unmarshall the aggregated msgs, to remove the  
> pad.  The part
> >that makes me shudder is recalculating each msg header for  
> feeding the
> >SHA1 hash function.  Other than this it is working.    :)   rob
> The basic reasoning is to include as much of the hairy 
> communication code
> under the MAC, so the MAC can test for edge cases that aren't handled
> properly.  We actually found a bug in the old E protocol that 
> resulted in a
> one bit difference in the MAC.
> If we include compression in some future version of the 
> protocol, having
> the MAC check the compression/expansion seems to me to be a 
> useful feature.
> What was the bug you found in CBC?  I will need to fix it.
> Cheers - Bill
> --------------------------------------------------------------
> -----------
> Bill Frantz           | The principal effect of| Periwinkle 
> -- Consulting
> (408)356-8506         | DMCA/SDMI is to prevent| 16345 Englewood Ave.
> | fair use.              | Los Gatos, 
> CA 95032, USA
> _______________________________________________
> e-lang mailing list
e-lang mailing list