[cifs-protocol] [EXTERNAL] [MS-OAPXBC] Incorrect session key instructions
William Brown
wbrown at suse.de
Thu Jan 25 03:22:04 UTC 2024
> On 25 Jan 2024, at 13:13, Sreekanth Nadendla <srenaden at microsoft.com> wrote:
>
> William, David
> Are you decrypting with the machine key (device transport key) ?
Yes, we are.
> Also have you been able to separate header, encryptedkey, iv, payload and authentication Tag from the response ?
Yes, we have,
> I want to see what was sent in these fields and ensure that the parsing scheme is valid.
https://github.com/kanidm/compact-jwt/pull/18/files
Specifically, https://github.com/kanidm/compact-jwt/blob/b13dda1420e527d639f2962f4022609d2a46ae50/src/compact.rs#L402
Please also see https://github.com/kanidm/compact-jwt/blob/b13dda1420e527d639f2962f4022609d2a46ae50/src/crypto/rsaes_oaep.rs#L269 which is the RFC compliance test vectors.
>
> If the Algorithm is dir instead of RSA-OAEP, is your implementation working ?
Yes.
We have now been able to get a sample of a valid exchange ( https://github.com/kanidm/compact-jwt/blob/b13dda1420e527d639f2962f4022609d2a46ae50/src/crypto/ms_oapxbc.rs#L256 ) with a correctly sized CEK (256 bytes). We are still unsure under what conditions MS is sending us a 294 CEK under.
--
Sincerely,
William Brown
Senior Software Engineer,
Identity and Access Management
SUSE Labs, Australia
More information about the cifs-protocol
mailing list