harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yuri Dolgov" <dolgov.g.y...@gmail.com>
Subject Re: [classlib][auth]Help to implement the "crypt" algorithm
Date Wed, 05 Sep 2007 12:10:18 GMT
>   The DES decode/encode function is focused on
>org.bouncycastle.crypto.engines.DESEngine and
>org.bouncycastle.crypto.modes.CBCBlockCipher, right?

I'm not sure what do you mean here. Actually  you shouldn't
bother about ciphering mode as you have only one block to
encipher, so modification of org.bouncycastle.crypto.engines.DESEngine
class will be enough.

>  And according to spec, the variation of crypt exists in expansion
>permutation. And this variation occurs in
>org.bouncycastle.crypto.engines.DESEngine.desFunction, right?That's
absolutely right. Actually you only need to permutate mentioned
in the paper bits (1-12 and 25-36) in every pair of elements in wKey[]
array.

Please feel free to ask more question if something is unclear or you got any
trouble.

Thanks,
Yuri



On 9/5/07, Leo Li <liyilei1979@gmail.com> wrote:
>
> On 9/4/07, Yuri Dolgov <dolgov.g.yuri@gmail.com> wrote:
> > >   Thank you, Yuri. The information you give is a lot help to me.
> > >   The license is still a problem since actually the crypt
> > >implementation does not tell which license it belongs, so I am
> > >hesitating whether I am permitted to see the source code.:)
> >
> > O.k. that's not a problem, actually there is an free implementation of
> DES
> > in Bouncycastle, so we could easily modify it and make crypt()
> > implementation.
> > I could assist you if want to.
>
>    Thank you, Yuri.
>    Your help is precious to me.:)
>
>    The DES decode/encode function is focused on
> org.bouncycastle.crypto.engines.DESEngine and
> org.bouncycastle.crypto.modes.CBCBlockCipher, right?
>
>   And according to spec, the variation of crypt exists in expansion
> permutation. And this variation occurs in
> org.bouncycastle.crypto.engines.DESEngine.desFunction, right?
>
> Thanks, again.:)
>
>
> >
> > Thanks,
> > Yuri
> >
> >
> > On 9/4/07, Leo Li <liyilei1979@gmail.com> wrote:
> > >
> > > On 9/4/07, Yuri Dolgov <dolgov.g.yuri@gmail.com> wrote:
> > > > Hello Leo,
> > > >
> > > > "crypt" is really hashing algorithm based on widely known DES
> cipher.
> > > You
> > > > can find implementation algorithm description on [1] or
> implementation
> > > > details on [2]. crypt() algorithm slightly changes standard DES
> > > > implementation using additional permutation of the intermediate
> value,
> > > so
> > > > you have to have DES implementation to make it possible.
> > > > Actually there are number of known java implementations of crypt
> > > algorithm
> > > > (see [3]), but I haven't checked if they have appropriate licences.
> > > >
> > > > [1] http://www.unix.org.ua/orelly/networking/puis/ch08_06.htm
> > > > [2]
> http://davesource.com/Projects/DEStiny/Docs/Proposal/Proposal.rtf
> > > > [3] http://www.dynamic.net.au/christos/crypt/
> > >
> > >    Thank you, Yuri. The information you give is a lot help to me.
> > >    The license is still a problem since actually the crypt
> > > implementation does not tell which license it belongs, so I am
> > > hesitating whether I am permitted to see the source code.:)
> > >
> > > >
> > > > Thanks,
> > > > Yuri
> > > >
> > > > On 9/4/07, Leo Li <liyilei1979@gmail.com> wrote:
> > > > >
> > > > > Hi, all
> > > > >      Now I am looking at the implementation for JndiLoginModule
> which
> > > > > is missing in current harmony class library.
> > > > >      But now I encounter a problem:
> > > > >      As spec says, according to RFC 2307[1], the password stored
> in
> > > > > jndi directory is encoded by a crypto algorithm:
> > > > >
> > > > >      userPassword values MUST be represented by following syntax:
> > > > >
> > > > >         passwordvalue          = schemeprefix encryptedpassword
> > > > >         schemeprefix           = "{" scheme "}"
> > > > >         scheme                 = "crypt" / "md5" / "sha" /
> altscheme
> > > > >         altscheme              = "x-" keystring
> > > > >         encryptedpassword      = encrypted password
> > > > >
> > > > >    The encrypted password contains of a plaintext key hashed using
> the
> > > > >    algorithm scheme.
> > > > >
> > > > >    And currently, spec says it only acknowledge the "crypt"
> algorithm.
> > > > >    Besides, posix has such a system call as "crypt" which take the
> > > > > responsibility[2]. But it lacks on windows.
> > > > >    So we had better implement the algorithm in java. But where is
> the
> > > > > details of the algorithm? And I guess maybe we can borrow one from
> a
> > > > > project which is under a licence compatible with apache. But
> where?
> > > > >    Is there any familiar with it?
> > > > >    Thanks.
> > > > >
> > > > >
> > > > >
> > > > > [1]http://www.ietf.org/rfc/rfc2307.txt
> > > > > [2]http://www.yiluda.net/manual/linux/man/crypt.html
> > > > > --
> > > > > Leo Li
> > > > > China Software Development Lab, IBM
> > > > >
> > > >
> > >
> > >
> > > --
> > > Leo Li
> > > China Software Development Lab, IBM
> > >
> >
>
>
> --
> Leo Li
> China Software Development Lab, IBM
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message