[jcifs] Question about NT Domains

[Tony Thompson]

It looks like the E() is what I need to do the one way transformation (partially).  If the old password is longer than 8 bytes, I have to concatenate several results from E().

But, I still need to do RC4 encryption on the two passwords.  I don't think that RC4 encryption is part of the JCE or, even if it was, that you would want jCIFS dependent on the JCE.  What do the Samba "guys" do?  Is there anything that we can use to do this?

>>> "Michael B. Allen" <miallen at eskimo.com> 06/07/02 08:10PM >>>
On Fri, 07 Jun 2002 15:12:30 -0500
"Tony Thompson" <tony.thompson at stone-ware.com> wrote:

> I decided to try and tackle this but, I am having a couple of issues.  According to the cifsrap2.doc, an RC4 encryption must be performed on the old password before it is sent.  I didn't see anything hanging around in jCIFS that would do this.  Any suggestions?
> 
> A one way transformation must also be performed on the old password.  The document describes the gyrations required to do this but, one of the elements of the transformation is "an 8 byte string whose value is available from Microsoft upon request".  Any idea what this string might be or how to get it?
> 
> Is there something already in jCIFS that would do all of the above for me (i.e. is this same type of thing used anywhere else)?  I know it is a long shot but, I had to ask.

Look  at  the  top  of jcifs/smb/SmbSession.java. You can in all likelyhood
just  use  the  E()  method.  It's  probably  very similar but i don't know
really.  It will take some fiddling and reasoning. You don't really need to
know much about encryption to do it but you might want to get a capture and
copy  out  the  encrypted  value  of  a known password so you can test your
encryption method. 

Mike

-- 
http://www.eskimo.com/~miallen/c/jus.c