When Does Encryption Start?

Encryption begins in the middle of the message group responding to an IDENT command with encryption argument. This may happen at alive or login. The following examples illustrate where outgoing means from the monitor, incoming means to the monitor, >>> means unencrypted and >E> means encrypted. The first example shows a login exchange between Active Client and Monitor:

   outgoing >>> COMMENT: Monitor Version 2.2
   outgoing >>> REQUIRE: IDENT
   outgoing >>> WAITING:
   incoming >>> IDENT franco1 1lmi4gthl73ggclkeuf9mguum8s7964uu9trmb5adstcs0fiskup$
   outgoing >>> RESULT: IDENT 1ob5auk17la77tj3d6jho86mquk5kaiaglap8u2ara57pm0dl36a$
   outgoing >E> REQUIRE: PASSWORD
   outgoing >E> WAITING:
   incoming >E> PASSWORD franco
   outgoing >E> RESULT: PASSWORD N3I13BFDEJE0POJ07FW
   outgoing >E> REQUIRE: HOST_PORT
   outgoing >E> WAITING:
   incoming >E> HOST_PORT localhost 20500

The exchange continues between the Monitor and the Passive Server:

   outgoing >>> COMMENT: Monitor Version 2.2
   outgoing >>> PARTICIPANT_PASSWORD_CHECKSUM:  cb1f3f077473c05a81ba6dc0db4195fd8d$
   outgoing >>> REQUIRE: IDENT
   outgoing >>> WAITING:
   incoming >>> IDENT franco1 9ffcll7lb37v764sh1d1jg9s6gnpen683j4f10uf86hiv49b3j5f$
   outgoing >>> RESULT: IDENT 1ef0rtrg94369duver6rhfnnheu22d9isud88o2amvp85q7q1e4g$
   outgoing >E> REQUIRE: ALIVE
   outgoing >E> WAITING:
   incoming >E> ALIVE N3I13BFDEJE0POJ07FW
   outgoing >E> RESULT: ALIVE Identity has been verified.
   outgoing >E> REQUIRE: QUIT
   outgoing >E> WAITING:
   incoming >E> QUIT
   outgoing >E> RESULT: QUIT

The exchange resumes between the Monitor and the Active Client:

   outgoing >E> RESULT: HOST_PORT LOCALHOST 20500
   outgoing >E> WAITING:

The following example shows an ALIVE exchange between Monitor and Passive Server after an encrypted session has already been established as above:

   outgoing >E> REQUIRE: ALIVE
   outgoing >E> WAITING:
   incoming >E> ALIVE PK5OB0F9C5CRWE8NM89
   outgoing >E> RESULT: ALIVE Identity has been verified.
   outgoing >E> REQUIRE: QUIT
   outgoing >E> WAITING:
   incoming >E> QUIT
   outgoing >E> RESULT: QUIT

How to Strip Padding From Karn-Encrypted Strings

The Karn string you are trying to decrypt contains only non-zero characters. But the padding was added right after a real zero. Hence to strip padding you can use this code:

   // Strip the padding off the byte array and return the string 
   private String StripPadding (byte input[]) {
      ByteArrayOutputStream buffer = new ByteArrayOutputStream();
      for (int i=0 ; i < input.length && input[i] != 0 ; i++) 
         buffer.write(input[i]);
      return (new String(buffer.toByteArray()));
   }