[Question] Assembly HMAC

[adapa]

Hey, please only assembly related replies for this thread. Anyway, I am having a hard time understanding the way WOW's protocol is working (because of not being able to "live" debug), but I am getting pretty far.

Now, my understanding from the HMAC_Prepare call is autheticating a message. If you don't know what HMAC is you can look it up here: HMAC - Wikipedia, the free encyclopedia

Here is a nice picture of what the below code is doing IMO: File:Shahmac.jpg - Wikipedia, the free encyclopedia

Anyway, the below code is located @ the HMAC_Prepare:

Code:

00275F86  |> 0FB611         /MOVZX EDX,BYTE PTR DS:[ECX]             ;  ECX = Start of k?
00275F89  |. 3050 C0        |XOR BYTE PTR DS:[EAX-40],DL             ;  EAX-40 =  ipad start (do i have these mixed up)
00275F8C  |. 0FB611         |MOVZX EDX,BYTE PTR DS:[ECX]             ;  ECX = Start Of k?
00275F8F  |. 3010           |XOR BYTE PTR DS:[EAX],DL                ;  EAX = opad start (do I have these mixed up)
00275F91  |. 41             |INC ECX                                 ;  k++
00275F92  |. 40             |INC EAX                                 ;  (i/o)pad++
00275F93  |. 83EE 01        |SUB ESI,1
00275F96  |.^75 EE          \JNZ SHORT Wow.00275F86
00275F98  |> 8BCF           MOV ECX,EDI                              ;  EDI?
00275F9A  |. E8 516B0300    CALL Wow.002ACAF0                        ;  Added 28(dec)1C(hex) ??Message?? to ECX
00275F9F  |. 6A 40          PUSH 40                                  ; /Arg2 = 00000040
00275FA1  |. 53             PUSH EBX                                 ; |Arg1
00275FA2  |. 8BCF           MOV ECX,EDI                              ; |The start of i_key_pad?
00275FA4  |. E8 87701C00    CALL Wow.0043D030                        ; \Wow.003DD030
00275FA9  |. 5F             POP EDI                                  ;  ^-->First Pass Of i_pad_message Then o_pad_hash_sum1

Do I have this right? I am also confused on what MAC we are confirming. And, if the ipad is the first HMAC(hard written code), and vice versa for opad. Blah, its things like these that can break your soul. Any direction from assembly gurus(or wow' protocol gurus) would be helpful.

From here, we call WOW.003DD030(SHA1_Process2) which I believe is getting the: Hash_Sum_1 in the picture above. But its weird because when we return back to WowConnection__SetEncryptionKey, we call SHA1_Process2 again. Is there a double hash or something?

I know this post is pretty technical, but I can handle it if I just know what the protocol is doing, what the MAP is confirming, and what this all has todo with making the RC4 Encryption table... -_-;;