<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin-top:0cm;
margin-right:0cm;
margin-bottom:10.0pt;
margin-left:0cm;
line-height:115%;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Courier New";
mso-fareast-language:SV;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=SV link=blue vlink=purple><div class=WordSection1><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>Hi,<o:p></o:p></span></pre><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>I am trying to learn and implement SMB2 Server. I am very interested to learn GSS-API (NTLMSSP, NTLMSSP_AUTH) inside. So, I am doing experiment with my own component of GSS-API. I read the description of mechListMIC in <b>RFC4178 & RFC2478</b>. But I couldn’t understand how to calculate mechListMIC for ‘<b>SessionSetup Response, Unknown message type</b>’ response. <o:p></o:p></span></pre><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></pre><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>Actually, I can generate the <b>mechListMIC</b> for <b>negTokenInit</b> phase of ‘<b>NegotiateProtocol Response</b>’. But the problem is, when client sends ‘<b>SessionSetup Request, NTLMSSP_AUTH, User: Domain\Administrator, Unknown message type</b>’ request, I can’t understand how is it generating ‘<i>mechListMIC: 01 00 00 00 78 1E E9 4A DB 99 7F E9 00 00 00 00</i>’ and how should I send response back in ‘<b>SessionSetup Response, Unknown message type</b>’ with corresponding mechListMIC based on the previous SessionSetup Request. <o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>I tried with the following Info:<o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SMB2.CSessionSetup.securityBlob.GSSAPI.InitialContextToken.InnerContextToken.SpnegoToken.NegTokenInit.MechTypes , hex data = <span style='background:lime;mso-highlight:lime'>30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A</span> <o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>AND<o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SMB2.CSessionSetup.securityBlob.GSSAPI.NegotiationToken.NegTokenResp.MechListMic, hex data = <span style='background:aqua;mso-highlight:aqua'>01 00 00 00 78 1E E9 4A DB 99 7F E9 00 00 00 00</span><o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SecBuffer SignBuffers[2];<o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SignBufferDesc.ulVersion = SECBUFFER_VERSION; // SECBUFFER_VERSION = 0<o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SignBufferDesc.cBuffers = 2;<o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SignBufferDesc.pBuffers = SignBuffers;<o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SignBuffers[0] = <span style='background:lime;mso-highlight:lime'>30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A;</span><o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SignBuffers[1] = <span style='background:aqua;mso-highlight:aqua'>01 00 00 00 78 1E E9 4A DB 99 7F E9 00 00 00 00;</span><o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SignBuffers[0].BufferType = SECBUFFER_DATA; // SECBUFFER_DATA = 1<o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>SignBuffers[1].BufferType = SECBUFFER_TOKEN; // SECBUFFER_TOKEN = 2<o:p></o:p></span></pre><pre><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'> <o:p></o:p></span></pre><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>Can anyone please tell me what information do I need to use inside <b>HMAC-MD5 (key, data)</b> algorithm to generate <b>mechListMIC</b> for <b>SessionSetup Response</b> and how? <o:p></o:p></span></pre><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>If you can create a step-by-step example using my test case to calculate mechListMIC for ‘<b>SessionSetup Response, Unknown message type</b>’ response, that would be very helpful for me. Please let me know if you need any further information.<o:p></o:p></span></pre><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></pre><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></pre><pre style='text-align:justify'><span lang=EN-US style='font-size:11.0pt;font-family:"Times New Roman","serif"'>Thanks,<o:p></o:p></span></pre><p class=MsoNormal><span lang=EN-US style='font-family:"Times New Roman","serif"'>Shishir</span><o:p></o:p></p></div></body></html>