Return-Path: 
 <dev-return-29019-apmail-harmony-dev-archive=harmony.apache.org@harmony.apache.org>
Delivered-To: apmail-harmony-dev-archive@www.apache.org
Received: (qmail 61577 invoked from network); 4 Sep 2007 10:54:43 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 4 Sep 2007 10:54:43 -0000
Received: (qmail 65148 invoked by uid 500); 4 Sep 2007 10:54:37 -0000
Delivered-To: apmail-harmony-dev-archive@harmony.apache.org
Received: (qmail 65110 invoked by uid 500); 4 Sep 2007 10:54:37 -0000
Mailing-List: contact dev-help@harmony.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@harmony.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@harmony.apache.org>
List-Post: <mailto:dev@harmony.apache.org>
List-Id: <dev.harmony.apache.org>
Reply-To: dev@harmony.apache.org
Delivered-To: mailing list dev@harmony.apache.org
Received: (qmail 65101 invoked by uid 99); 4 Sep 2007 10:54:36 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 Sep 2007 03:54:36 -0700
X-ASF-Spam-Status: No, hits=2.0 required=10.0
	tests=HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of dolgov.g.yuri@gmail.com
 designates 209.85.198.187 as permitted sender)
Received: from [209.85.198.187] (HELO rv-out-0910.google.com) (209.85.198.187)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 Sep 2007 10:54:30 +0000
Received: by rv-out-0910.google.com with SMTP id k20so1168438rvb
        for <dev@harmony.apache.org>; Tue, 04 Sep 2007 03:54:10 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;
        b=F62ICAL0Rmb5Ebx6/n77tKwyJ0Bk9xuS76z5O2Da+7CC4p5vhWQ0M0sOE1vVozR7NA40nLuPELVoAgJO3l4F4VCTlcUt/RFQZ2DimJXj3wB7NVEHfRD/a2zXWmdHO7K/2RO3VfXSh545HQVLw2gCoTRnhKPZl9TdU/5ixQa9j7s=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;
        b=bMNI9TaEkzrb4Yux9A8Z/qSYrmCfZpw1AqmbU4t0l16sXKoM0qiONNSJeFUEX/ekHfdBqMQ9M5ljo6bJ5HZJM+/pX5Y2ea5GwVa0PwemkLvRrprFIGotarQWFd2TZUaXJgbxSbTqf9sjv7fQnSaM5zfaNfmN8ka1bDYDowzCNPE=
Received: by 10.140.136.6 with SMTP id j6mr1389418rvd.1188903247710;
        Tue, 04 Sep 2007 03:54:07 -0700 (PDT)
Received: by 10.141.26.20 with HTTP; Tue, 4 Sep 2007 03:54:06 -0700 (PDT)
Message-ID: <fb98610c0709040354k3bb2b002o93ff11c7e00f0d60@mail.gmail.com>
Date: Tue, 4 Sep 2007 17:54:07 +0700
From: "Yuri Dolgov" <dolgov.g.yuri@gmail.com>
To: dev@harmony.apache.org
Subject: Re: [classlib][auth]Help to implement the "crypt" algorithm
In-Reply-To: <e66844de0709040231g78d662fdu97dfb3ed5c81326e@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_16342_13669551.1188903247595"
References: <e66844de0709040231g78d662fdu97dfb3ed5c81326e@mail.gmail.com>
X-Virus-Checked: Checked by ClamAV on apache.org

------=_Part_16342_13669551.1188903247595
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hello Leo,

"crypt" is really hashing algorithm based on widely known DES cipher. You
can find implementation algorithm description on [1] or implementation
details on [2]. crypt() algorithm slightly changes standard DES
implementation using additional permutation of the intermediate value, so
you have to have DES implementation to make it possible.
Actually there are number of known java implementations of crypt algorithm
(see [3]), but I haven't checked if they have appropriate licences.

[1] http://www.unix.org.ua/orelly/networking/puis/ch08_06.htm
[2] http://davesource.com/Projects/DEStiny/Docs/Proposal/Proposal.rtf
[3] http://www.dynamic.net.au/christos/crypt/

Thanks,
Yuri

On 9/4/07, Leo Li <liyilei1979@gmail.com> wrote:
>
> Hi, all
>      Now I am looking at the implementation for JndiLoginModule which
> is missing in current harmony class library.
>      But now I encounter a problem:
>      As spec says, according to RFC 2307[1], the password stored in
> jndi directory is encoded by a crypto algorithm:
>
>      userPassword values MUST be represented by following syntax:
>
>         passwordvalue          = schemeprefix encryptedpassword
>         schemeprefix           = "{" scheme "}"
>         scheme                 = "crypt" / "md5" / "sha" / altscheme
>         altscheme              = "x-" keystring
>         encryptedpassword      = encrypted password
>
>    The encrypted password contains of a plaintext key hashed using the
>    algorithm scheme.
>
>    And currently, spec says it only acknowledge the "crypt" algorithm.
>    Besides, posix has such a system call as "crypt" which take the
> responsibility[2]. But it lacks on windows.
>    So we had better implement the algorithm in java. But where is the
> details of the algorithm? And I guess maybe we can borrow one from a
> project which is under a licence compatible with apache. But where?
>    Is there any familiar with it?
>    Thanks.
>
>
>
> [1]http://www.ietf.org/rfc/rfc2307.txt
> [2]http://www.yiluda.net/manual/linux/man/crypt.html
> --
> Leo Li
> China Software Development Lab, IBM
>

------=_Part_16342_13669551.1188903247595--