[cifs-protocol] [REG:115021312396540] Wrong Key length in MS-BKRP 3.1.4.1.2.1 Processing a Valid ServerWrap Wrapped Secret
Edgar Olougouna
edgaro at microsoft.com
Fri Feb 13 10:14:22 MST 2015
Andrew,
I am taking of this as well.
Thanks,
Edgar
-----Original Message-----
From: Vilmos Foltenyi
Sent: Thursday, February 12, 2015 7:34 PM
To: Andrew Bartlett
Cc: cifs-protocol at lists.samba.org; MSSolve Case Email
Subject: [REG:115021312396540] Wrong Key length in MS-BKRP 3.1.4.1.2.1 Processing a Valid ServerWrap Wrapped Secret
[dochelp to Bcc, SR # to Subject]
Hi Andrew,
Thank you for your question. I created case SR 115021312396540 to track this issue with the Protocol Documentation support team. Edgar from our team will begin working with you.
Regards,
Vilmos Foltenyi - MSFT
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Thursday, February 12, 2015 15:55
To: Interoperability Documentation Help
Cc: cifs-protocol at lists.samba.org
Subject: Wrong Key length in MS-BKRP 3.1.4.1.2.1 Processing a Valid ServerWrap Wrapped Secret
G'Day,
The MS-BKRP protocol docs at "3.1.4.1.2.1 Processing a Valid ServerWrap Wrapped Secret" (point 1) and "3.1.4.1.1 BACKUPKEY_BACKUP_GUID" (point 3) clearly state that the first 64 bytes of the secret are used for the key. This is not the case - testing by extracting the key from the Windows DC over LSA QuerySecret show that the entire key (256 bytes), not the first 64 bytes, is used.
Please correct the docs.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the cifs-protocol
mailing list