[jcifs] Question about NT Domains
Allen, Michael B (RSCH)
Michael_B_Allen at ml.com
Tue Jun 11 10:52:14 EST 2002
RC4 is a very simple algorithm. A very simple search on google turned up numerous RC4.java classes.
> -----Original Message-----
> From: Tony Thompson [SMTP:tony.thompson at stone-ware.com]
> Sent: Monday, June 10, 2002 8:07 PM
> To: miallen at eskimo.com
> Cc: jcifs at samba.org
> Subject: Re: [jcifs] Question about NT Domains
>
> It looks like the E() is what I need to do the one way transformation (partially). If the old password is longer than 8 bytes, I have to concatenate several results from E().
>
> But, I still need to do RC4 encryption on the two passwords. I don't think that RC4 encryption is part of the JCE or, even if it was, that you would want jCIFS dependent on the JCE. What do the
> Samba "guys" do? Is there anything that we can use to do this?
>
> >>> "Michael B. Allen" <miallen at eskimo.com> 06/07/02 08:10PM >>>
> On Fri, 07 Jun 2002 15:12:30 -0500
> "Tony Thompson" <tony.thompson at stone-ware.com> wrote:
>
> > I decided to try and tackle this but, I am having a couple of issues. According to the cifsrap2.doc, an RC4 encryption must be performed on the old password before it is sent. I didn't see
> anything hanging around in jCIFS that would do this. Any suggestions?
> >
> > A one way transformation must also be performed on the old password. The document describes the gyrations required to do this but, one of the elements of the transformation is "an 8 byte string
> whose value is available from Microsoft upon request". Any idea what this string might be or how to get it?
> >
> > Is there something already in jCIFS that would do all of the above for me (i.e. is this same type of thing used anywhere else)? I know it is a long shot but, I had to ask.
>
> Look at the top of jcifs/smb/SmbSession.java. You can in all likelyhood
> just use the E() method. It's probably very similar but i don't know
> really. It will take some fiddling and reasoning. You don't really need to
> know much about encryption to do it but you might want to get a capture and
> copy out the encrypted value of a known password so you can test your
> encryption method.
>
> Mike
>
> --
> http://www.eskimo.com/~miallen/c/jus.c
>
>
>
More information about the jcifs
mailing list