[jcifs] Question about NT Domains

Allen, Michael B (RSCH) Michael_B_Allen at ml.com
Tue Jun 11 10:52:14 EST 2002 

RC4 is a very simple algorithm. A very simple search on google turned up numerous RC4.java classes.

> -----Original Message-----
> From:	Tony Thompson [SMTP:tony.thompson at stone-ware.com]
> Sent:	Monday, June 10, 2002 8:07 PM
> To:	miallen at eskimo.com
> Cc:	jcifs at samba.org
> Subject:	Re: [jcifs] Question about NT Domains
> 
> It looks like the E() is what I need to do the one way transformation (partially).  If the old password is longer than 8 bytes, I have to concatenate several results from E().
> 
> But, I still need to do RC4 encryption on the two passwords.  I don't think that RC4 encryption is part of the JCE or, even if it was, that you would want jCIFS dependent on the JCE.  What do the
> Samba "guys" do?  Is there anything that we can use to do this?
> 
> >>> "Michael B. Allen" <miallen at eskimo.com> 06/07/02 08:10PM >>>
> On Fri, 07 Jun 2002 15:12:30 -0500
> "Tony Thompson" <tony.thompson at stone-ware.com> wrote:
> 
> > I decided to try and tackle this but, I am having a couple of issues.  According to the cifsrap2.doc, an RC4 encryption must be performed on the old password before it is sent.  I didn't see
> anything hanging around in jCIFS that would do this.  Any suggestions?
> > 
> > A one way transformation must also be performed on the old password.  The document describes the gyrations required to do this but, one of the elements of the transformation is "an 8 byte string
> whose value is available from Microsoft upon request".  Any idea what this string might be or how to get it?
> > 
> > Is there something already in jCIFS that would do all of the above for me (i.e. is this same type of thing used anywhere else)?  I know it is a long shot but, I had to ask.
> 
> Look  at  the  top  of jcifs/smb/SmbSession.java. You can in all likelyhood
> just  use  the  E()  method.  It's  probably  very similar but i don't know
> really.  It will take some fiddling and reasoning. You don't really need to
> know much about encryption to do it but you might want to get a capture and
> copy  out  the  encrypted  value  of  a known password so you can test your
> encryption method. 
> 
> Mike
> 
> -- 
> http://www.eskimo.com/~miallen/c/jus.c 
> 
> 
>

More information about the jcifs mailing list