[jcifs] Code to initialize NTML password

jehan procaccia jehan.procaccia at it-sudparis.eu
Sun Oct 3 14:24:03 MDT 2010


  Hi,

I still can't find a way to compute ntml md4 hash for ldap 
sambaNTpassword attribute .
http://davenport.sourceforge.net/ntlm.html#appendixD gives a sample java 
code to compute it (ntlmHash()) , but It always fails.
apparently recent java.security.MessageDigest; don't know MD4 :-(, at 
execution:
=> java.security.NoSuchAlgorithmException: MD4 MessageDigest not available
So I tried with gnu.crypto.hash.md4
http://www.gnu.org/software/gnu-crypto/manual/api/gnu/crypto/hash/MD4.html
bu't I can't find a way to implement it, I'am quite newbie to java 
programming ....
Any help to compute from a clear text string a MD4 hash greatly appreciated

regards .


Le 16/09/2010 21:20, Michael B Allen a écrit :
> Hi Jehan,
>
> I think the sambaNTpassword is probably just the first hash
> computation of the password without the challenge. It is a kookie DES
> computation. I think it's the computation in the lmHash method in the
> examples at the end of this page:
>
>    http://davenport.sourceforge.net/ntlm.html
>
> You definitely don't need JCIFS to calculate that hash but the
> equivalent code in JCIFS is jcifs.smb.NtlmPasswordAuthentication.E
> (although it uses a goofy DES class that should have been removed from
> JCIFS long ago since I think you can do the same thing with Cipher des
> = Cipher.getInstance("DES/ECB/NoPadding");).
>
> But I don't even know that that is what Samba is really putting in LDAP.
>
> Mike
>
> On Thu, Sep 16, 2010 at 12:08 PM, jehan procaccia
> <jehan.procaccia at it-sudparis.eu>  wrote:
>>   hello,
>>
>> I already have a java Servlet that sets unix userpassword field in openldap.
>> Now that I have added the samba.schema to my ldap server I want people to be
>> able to enter/initiate their sambaNTpassword  ( I understood that there's no
>> way to derive the NTpassword from the unix crypt password !?)
>> So I am searching for a simple java code that computes a NTML (MD4 !?) hash
>> from the clear text password string that my Servlet already gets from the
>> users input field .
>>
>> any sample code available ?
>>
>> Thanks .
>>
>
>



More information about the jCIFS mailing list