You may be looking at an old version of openssl; 0.9.7 has AES-128, -192, and -256 (look in the cyphers rather than the hashes).
The trick is that the URL and encryption keys are derived from the identifier via different hashes -- the URL path is SHA-1, and the key is an MD5 hash of the identifier with a salt. Knowing the original identifier gets you both; knowing only the hashed URL doesn't get you anything else.
In any case, all of this works fine as a Perl one-liner, the rant was about the difficulty of doing the same thing in Java. Took me about a day and a half of research, and a long afternoon of coding.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: I'm still not quite certain what you're looking at...
Date: 2004-09-24 07:13 am (UTC)The trick is that the URL and encryption keys are derived from the identifier via different hashes -- the URL path is SHA-1, and the key is an MD5 hash of the identifier with a salt. Knowing the original identifier gets you both; knowing only the hashed URL doesn't get you anything else.
In any case, all of this works fine as a Perl one-liner, the rant was about the difficulty of doing the same thing in Java. Took me about a day and a half of research, and a long afternoon of coding.