harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Leo Li" <liyilei1...@gmail.com>
Subject Re: [classlib][auth]Help to implement the "crypt" algorithm
Date Wed, 05 Sep 2007 07:44:51 GMT
On 9/4/07, Yuri Dolgov <dolgov.g.yuri@gmail.com> wrote:
> >   Thank you, Yuri. The information you give is a lot help to me.
> >   The license is still a problem since actually the crypt
> >implementation does not tell which license it belongs, so I am
> >hesitating whether I am permitted to see the source code.:)
>
> O.k. that's not a problem, actually there is an free implementation of DES
> in Bouncycastle, so we could easily modify it and make crypt()
> implementation.
> I could assist you if want to.

   Thank you, Yuri.
   Your help is precious to me.:)

   The DES decode/encode function is focused on
org.bouncycastle.crypto.engines.DESEngine and
org.bouncycastle.crypto.modes.CBCBlockCipher, right?

  And according to spec, the variation of crypt exists in expansion
permutation. And this variation occurs in
org.bouncycastle.crypto.engines.DESEngine.desFunction, right?

Thanks, again.:)


>
> Thanks,
> Yuri
>
>
> On 9/4/07, Leo Li <liyilei1979@gmail.com> wrote:
> >
> > On 9/4/07, Yuri Dolgov <dolgov.g.yuri@gmail.com> wrote:
> > > Hello Leo,
> > >
> > > "crypt" is really hashing algorithm based on widely known DES cipher.
> > You
> > > can find implementation algorithm description on [1] or implementation
> > > details on [2]. crypt() algorithm slightly changes standard DES
> > > implementation using additional permutation of the intermediate value,
> > so
> > > you have to have DES implementation to make it possible.
> > > Actually there are number of known java implementations of crypt
> > algorithm
> > > (see [3]), but I haven't checked if they have appropriate licences.
> > >
> > > [1] http://www.unix.org.ua/orelly/networking/puis/ch08_06.htm
> > > [2] http://davesource.com/Projects/DEStiny/Docs/Proposal/Proposal.rtf
> > > [3] http://www.dynamic.net.au/christos/crypt/
> >
> >    Thank you, Yuri. The information you give is a lot help to me.
> >    The license is still a problem since actually the crypt
> > implementation does not tell which license it belongs, so I am
> > hesitating whether I am permitted to see the source code.:)
> >
> > >
> > > Thanks,
> > > Yuri
> > >
> > > On 9/4/07, Leo Li <liyilei1979@gmail.com> wrote:
> > > >
> > > > Hi, all
> > > >      Now I am looking at the implementation for JndiLoginModule which
> > > > is missing in current harmony class library.
> > > >      But now I encounter a problem:
> > > >      As spec says, according to RFC 2307[1], the password stored in
> > > > jndi directory is encoded by a crypto algorithm:
> > > >
> > > >      userPassword values MUST be represented by following syntax:
> > > >
> > > >         passwordvalue          = schemeprefix encryptedpassword
> > > >         schemeprefix           = "{" scheme "}"
> > > >         scheme                 = "crypt" / "md5" / "sha" / altscheme
> > > >         altscheme              = "x-" keystring
> > > >         encryptedpassword      = encrypted password
> > > >
> > > >    The encrypted password contains of a plaintext key hashed using the
> > > >    algorithm scheme.
> > > >
> > > >    And currently, spec says it only acknowledge the "crypt" algorithm.
> > > >    Besides, posix has such a system call as "crypt" which take the
> > > > responsibility[2]. But it lacks on windows.
> > > >    So we had better implement the algorithm in java. But where is the
> > > > details of the algorithm? And I guess maybe we can borrow one from a
> > > > project which is under a licence compatible with apache. But where?
> > > >    Is there any familiar with it?
> > > >    Thanks.
> > > >
> > > >
> > > >
> > > > [1]http://www.ietf.org/rfc/rfc2307.txt
> > > > [2]http://www.yiluda.net/manual/linux/man/crypt.html
> > > > --
> > > > Leo Li
> > > > China Software Development Lab, IBM
> > > >
> > >
> >
> >
> > --
> > Leo Li
> > China Software Development Lab, IBM
> >
>


-- 
Leo Li
China Software Development Lab, IBM

Mime
View raw message