[cifs-protocol] RE: SMB2 signing
Sebastian Canevari
Sebastian.Canevari at microsoft.com
Fri May 30 17:59:33 GMT 2008
Hi y'all!
I'll be looking into this and I will either provide some answers and/or ask more questions as soon as I find either of them.
Thanks!
Sebas
Sebastian Canevari
Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
7100 N Hwy 161, Irving, TX - 75039
"Las Colinas - LC2"
Tel: +1 469 775 7849
e-mail: sebastc at microsoft.com
-----Original Message-----
From: tridge at samba.org [mailto:tridge at samba.org]
Sent: Thursday, May 29, 2008 11:49 PM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: SMB2 signing
Folks,
I'm trying (and failing) to get SMB2 signing implemented in
Samba. Looking at the MS-SMB2 docs some things are not at all clear:
1) section 3.1.4.1 refers to MS-MWBE for SHA-256. I can't see
anything in MS-MWBE that is relevant. What is that reference for?
2) I interpret step 2 as meaning that we concatenate the session key
with the packet, with the session key being put in front of the
packet in the concatenated buffer. Is that right?
3) It isn't clear if the buffer should include the 4 byte NBSS
length. I think not, but I think that should be made clear
4) step for talks about "high order 16 bytes". Do you mean the first
16 bytes? What is "high order" in a 32 byte buffer, which is what
SHA-256 gives.
5) what is the "big endian" thing about? SHA-256 gives a 32 byte
buffer. It does put the bytes in there in BE format, but what does it
mean to put the resulting 16 bytes in the packet in big endian
format?
Pu another way, I'm implementing it like this:
SHA256_CTX m;
uint8_t res[32];
memset(sig_in_packet, 0, 16);
SHA256_Init(&m);
SHA256_Update(&m, session_key, 16);
SHA256_Update(&m, packet, length);
SHA256_Final(res, &m);
memcpy(sig_in_packet, res, 16);
Using SHA-256 from Heimdal, which you can see here:
http://samba.org/ftp/unpacked/samba_4_0_test/source/heimdal/lib/hcrypto/sha256.c
But I'm finding the signatures don't match what windows produces. I've
tried quite a few combinations (like including the 4 byte header, or
doing the packet before the session key). No luck. Any clues?
Cheers, Tridge
PS: I also submitted this to the file services forum, but am
resubmitting to dochelp as a CAR, and also CCing the
cifs-protocol at samba.org public list to try to kick start some public
discussion on SMB2
More information about the cifs-protocol
mailing list