> Thank you, Yuri. The information you give is a lot help to me. > The license is still a problem since actually the crypt >implementation does not tell which license it belongs, so I am >hesitating whether I am permitted to see the source code.:)
O.k. that's not a problem, actually there is an free implementation of DES in Bouncycastle, so we could easily modify it and make crypt() implementation. I could assist you if want to. Thanks, Yuri On 9/4/07, Leo Li <[EMAIL PROTECTED]> wrote: > > On 9/4/07, Yuri Dolgov <[EMAIL PROTECTED]> wrote: > > Hello Leo, > > > > "crypt" is really hashing algorithm based on widely known DES cipher. > You > > can find implementation algorithm description on [1] or implementation > > details on [2]. crypt() algorithm slightly changes standard DES > > implementation using additional permutation of the intermediate value, > so > > you have to have DES implementation to make it possible. > > Actually there are number of known java implementations of crypt > algorithm > > (see [3]), but I haven't checked if they have appropriate licences. > > > > [1] http://www.unix.org.ua/orelly/networking/puis/ch08_06.htm > > [2] http://davesource.com/Projects/DEStiny/Docs/Proposal/Proposal.rtf > > [3] http://www.dynamic.net.au/christos/crypt/ > > Thank you, Yuri. The information you give is a lot help to me. > The license is still a problem since actually the crypt > implementation does not tell which license it belongs, so I am > hesitating whether I am permitted to see the source code.:) > > > > > Thanks, > > Yuri > > > > On 9/4/07, Leo Li <[EMAIL PROTECTED]> wrote: > > > > > > Hi, all > > > Now I am looking at the implementation for JndiLoginModule which > > > is missing in current harmony class library. > > > But now I encounter a problem: > > > As spec says, according to RFC 2307[1], the password stored in > > > jndi directory is encoded by a crypto algorithm: > > > > > > userPassword values MUST be represented by following syntax: > > > > > > passwordvalue = schemeprefix encryptedpassword > > > schemeprefix = "{" scheme "}" > > > scheme = "crypt" / "md5" / "sha" / altscheme > > > altscheme = "x-" keystring > > > encryptedpassword = encrypted password > > > > > > The encrypted password contains of a plaintext key hashed using the > > > algorithm scheme. > > > > > > And currently, spec says it only acknowledge the "crypt" algorithm. > > > Besides, posix has such a system call as "crypt" which take the > > > responsibility[2]. But it lacks on windows. > > > So we had better implement the algorithm in java. But where is the > > > details of the algorithm? And I guess maybe we can borrow one from a > > > project which is under a licence compatible with apache. But where? > > > Is there any familiar with it? > > > Thanks. > > > > > > > > > > > > [1]http://www.ietf.org/rfc/rfc2307.txt > > > [2]http://www.yiluda.net/manual/linux/man/crypt.html > > > -- > > > Leo Li > > > China Software Development Lab, IBM > > > > > > > > -- > Leo Li > China Software Development Lab, IBM >
