This is a bid request for a custom GINA dll written in C++ using visual studio 2008. This should be a quick and relatively easy job for anyone proficient in C++.
My company is researching the feasability of building an easy to implement identity management solution.
The most crucial component to such an application will be the ability to synchronise passwords.
To achieve this goal for companies using Novell eDirectory, we require a custom built GINA dll that will install to workstations running Novell Client.
Our custom GINA dll will pass all function calls to "[url removed, login to view]". If "[url removed, login to view]" does not exist, all calls will be passed on to "[url removed, login to view]".
When the user hits CTRL+ALT+DEL and chooses "change password", a custom password dialog must appear. This dialog will allow the user to type and re-type his/her new password.
When the user clicks "OK" the dialog will do the following:
1) Call NWDSChangeObjectPassword() in [url removed, login to view] (part of the Novell Client) to change the password in eDirectory. This will fail if the password does not meet complexity requirements. If it fails, the dialog will display an error message and the user can try again.
2) If the call to NWDSChangeObjectPassword() succeeds, you will then call NWDSWhoAmI() to retrieve the current user's distinguishedName (DN).
3) You will put the distinguished name in a string, followed by a tab (ASCII character 9) and then followed by the users password.
4) You will encrypt this string using Blowfish encryption in CBC mode. The encryption key will be a configurable string-constant in your code.
5) You will write the length of the encrypted string (the digest) to a file as a 16-bit unsigned integer, followed by the digest itself. The file will be called [url removed, login to view], located in %systemroot%\system32.
6) You will make sure that the unencrypted password is cleared from memory.
If you are unfamiliar with GINA dll's, you can find documentation from Microsoft at the following locations:
1. [url removed, login to view]([url removed, login to view]).aspx#gina_export_functions
2. [url removed, login to view]
There is also an excellent example called "GINA Stub" in the platform SDK, from which you can copy most code.
You will build the DLL using Visual Studio 2008 and C++.
I will (re)compile the component using Visual Studio 2008 after filling in the aforementioned encryption key. (the encryption will not use an initialisation vector).
I will install and test the component manually on a Windows XP (32-bit) and a Windows 7 (64-bit) workstation with Novell Client version 4.91 for XP and Novell Client 2 for Windows Vista/2008. After testing the component I will attempt to decrypt the blowfish encrypted files using PHP's mcrypt functions.
If all works as expected, I will accept your work. Quick turn-around and neat code will be rewarded with a bonus.
I don't require any formal documentation other than the following:
- Document each function in your code with it's intended purpose, input and output (as comments in the code)
- Create clean readable code in small functions and well seperated libraries (if needed)
If you use any external libraries (other than Novell's [url removed, login to view]), please make sure they are statically linked to the DLL.
If a testbed is needed, I can supply one using virtual machines to which you can connect using Microsoft Remote Desktop.