> The DES decode/encode function is focused on >org.bouncycastle.crypto.engines.DESEngine and >org.bouncycastle.crypto.modes.CBCBlockCipher, right?
I'm not sure what do you mean here. Actually you shouldn't bother about ciphering mode as you have only one block to encipher, so modification of org.bouncycastle.crypto.engines.DESEngine class will be enough. > And according to spec, the variation of crypt exists in expansion >permutation. And this variation occurs in >org.bouncycastle.crypto.engines.DESEngine.desFunction, right?That's absolutely right. Actually you only need to permutate mentioned in the paper bits (1-12 and 25-36) in every pair of elements in wKey[] array. Please feel free to ask more question if something is unclear or you got any trouble. Thanks, Yuri On 9/5/07, Leo Li <[EMAIL PROTECTED]> wrote: > > On 9/4/07, Yuri Dolgov <[EMAIL PROTECTED]> wrote: > > > Thank you, Yuri. The information you give is a lot help to me. > > > The license is still a problem since actually the crypt > > >implementation does not tell which license it belongs, so I am > > >hesitating whether I am permitted to see the source code.:) > > > > O.k. that's not a problem, actually there is an free implementation of > DES > > in Bouncycastle, so we could easily modify it and make crypt() > > implementation. > > I could assist you if want to. > > Thank you, Yuri. > Your help is precious to me.:) > > The DES decode/encode function is focused on > org.bouncycastle.crypto.engines.DESEngine and > org.bouncycastle.crypto.modes.CBCBlockCipher, right? > > And according to spec, the variation of crypt exists in expansion > permutation. And this variation occurs in > org.bouncycastle.crypto.engines.DESEngine.desFunction, right? > > Thanks, again.:) > > > > > > Thanks, > > Yuri > > > > > > On 9/4/07, Leo Li <[EMAIL PROTECTED]> wrote: > > > > > > On 9/4/07, Yuri Dolgov <[EMAIL PROTECTED]> wrote: > > > > Hello Leo, > > > > > > > > "crypt" is really hashing algorithm based on widely known DES > cipher. > > > You > > > > can find implementation algorithm description on [1] or > implementation > > > > details on [2]. crypt() algorithm slightly changes standard DES > > > > implementation using additional permutation of the intermediate > value, > > > so > > > > you have to have DES implementation to make it possible. > > > > Actually there are number of known java implementations of crypt > > > algorithm > > > > (see [3]), but I haven't checked if they have appropriate licences. > > > > > > > > [1] http://www.unix.org.ua/orelly/networking/puis/ch08_06.htm > > > > [2] > http://davesource.com/Projects/DEStiny/Docs/Proposal/Proposal.rtf > > > > [3] http://www.dynamic.net.au/christos/crypt/ > > > > > > Thank you, Yuri. The information you give is a lot help to me. > > > The license is still a problem since actually the crypt > > > implementation does not tell which license it belongs, so I am > > > hesitating whether I am permitted to see the source code.:) > > > > > > > > > > > Thanks, > > > > Yuri > > > > > > > > On 9/4/07, Leo Li <[EMAIL PROTECTED]> wrote: > > > > > > > > > > Hi, all > > > > > Now I am looking at the implementation for JndiLoginModule > which > > > > > is missing in current harmony class library. > > > > > But now I encounter a problem: > > > > > As spec says, according to RFC 2307[1], the password stored > in > > > > > jndi directory is encoded by a crypto algorithm: > > > > > > > > > > userPassword values MUST be represented by following syntax: > > > > > > > > > > passwordvalue = schemeprefix encryptedpassword > > > > > schemeprefix = "{" scheme "}" > > > > > scheme = "crypt" / "md5" / "sha" / > altscheme > > > > > altscheme = "x-" keystring > > > > > encryptedpassword = encrypted password > > > > > > > > > > The encrypted password contains of a plaintext key hashed using > the > > > > > algorithm scheme. > > > > > > > > > > And currently, spec says it only acknowledge the "crypt" > algorithm. > > > > > Besides, posix has such a system call as "crypt" which take the > > > > > responsibility[2]. But it lacks on windows. > > > > > So we had better implement the algorithm in java. But where is > the > > > > > details of the algorithm? And I guess maybe we can borrow one from > a > > > > > project which is under a licence compatible with apache. But > where? > > > > > Is there any familiar with it? > > > > > Thanks. > > > > > > > > > > > > > > > > > > > > [1]http://www.ietf.org/rfc/rfc2307.txt > > > > > [2]http://www.yiluda.net/manual/linux/man/crypt.html > > > > > -- > > > > > Leo Li > > > > > China Software Development Lab, IBM > > > > > > > > > > > > > > > > > > -- > > > Leo Li > > > China Software Development Lab, IBM > > > > > > > > -- > Leo Li > China Software Development Lab, IBM >
