[jcifs] Question about NT Domains
Tony Thompson
tony.thompson at stone-ware.com
Tue Jun 11 10:06:48 EST 2002
It looks like the E() is what I need to do the one way transformation (partially). If the old password is longer than 8 bytes, I have to concatenate several results from E().
But, I still need to do RC4 encryption on the two passwords. I don't think that RC4 encryption is part of the JCE or, even if it was, that you would want jCIFS dependent on the JCE. What do the Samba "guys" do? Is there anything that we can use to do this?
>>> "Michael B. Allen" <miallen at eskimo.com> 06/07/02 08:10PM >>>
On Fri, 07 Jun 2002 15:12:30 -0500
"Tony Thompson" <tony.thompson at stone-ware.com> wrote:
> I decided to try and tackle this but, I am having a couple of issues. According to the cifsrap2.doc, an RC4 encryption must be performed on the old password before it is sent. I didn't see anything hanging around in jCIFS that would do this. Any suggestions?
>
> A one way transformation must also be performed on the old password. The document describes the gyrations required to do this but, one of the elements of the transformation is "an 8 byte string whose value is available from Microsoft upon request". Any idea what this string might be or how to get it?
>
> Is there something already in jCIFS that would do all of the above for me (i.e. is this same type of thing used anywhere else)? I know it is a long shot but, I had to ask.
Look at the top of jcifs/smb/SmbSession.java. You can in all likelyhood
just use the E() method. It's probably very similar but i don't know
really. It will take some fiddling and reasoning. You don't really need to
know much about encryption to do it but you might want to get a capture and
copy out the encrypted value of a known password so you can test your
encryption method.
Mike
--
http://www.eskimo.com/~miallen/c/jus.c
More information about the jcifs
mailing list