harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yuri Dolgov" <dolgov.g.y...@gmail.com>
Subject Re: [classlib][auth]Help to implement the "crypt" algorithm
Date Tue, 04 Sep 2007 10:54:07 GMT
Hello Leo,

"crypt" is really hashing algorithm based on widely known DES cipher. You
can find implementation algorithm description on [1] or implementation
details on [2]. crypt() algorithm slightly changes standard DES
implementation using additional permutation of the intermediate value, so
you have to have DES implementation to make it possible.
Actually there are number of known java implementations of crypt algorithm
(see [3]), but I haven't checked if they have appropriate licences.

[1] http://www.unix.org.ua/orelly/networking/puis/ch08_06.htm
[2] http://davesource.com/Projects/DEStiny/Docs/Proposal/Proposal.rtf
[3] http://www.dynamic.net.au/christos/crypt/

Thanks,
Yuri

On 9/4/07, Leo Li <liyilei1979@gmail.com> wrote:
>
> Hi, all
>      Now I am looking at the implementation for JndiLoginModule which
> is missing in current harmony class library.
>      But now I encounter a problem:
>      As spec says, according to RFC 2307[1], the password stored in
> jndi directory is encoded by a crypto algorithm:
>
>      userPassword values MUST be represented by following syntax:
>
>         passwordvalue          = schemeprefix encryptedpassword
>         schemeprefix           = "{" scheme "}"
>         scheme                 = "crypt" / "md5" / "sha" / altscheme
>         altscheme              = "x-" keystring
>         encryptedpassword      = encrypted password
>
>    The encrypted password contains of a plaintext key hashed using the
>    algorithm scheme.
>
>    And currently, spec says it only acknowledge the "crypt" algorithm.
>    Besides, posix has such a system call as "crypt" which take the
> responsibility[2]. But it lacks on windows.
>    So we had better implement the algorithm in java. But where is the
> details of the algorithm? And I guess maybe we can borrow one from a
> project which is under a licence compatible with apache. But where?
>    Is there any familiar with it?
>    Thanks.
>
>
>
> [1]http://www.ietf.org/rfc/rfc2307.txt
> [2]http://www.yiluda.net/manual/linux/man/crypt.html
> --
> Leo Li
> China Software Development Lab, IBM
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message