[cifs-protocol] MS-NRPC: AES Schannel problems
Stefan (metze) Metzmacher
metze at samba.org
Tue Aug 25 10:12:32 MDT 2009
I'm currently trying to implement the AES based Netlogon Secure Channel
But the documentation is not really clear about the used algorithms.
I have started with the implementation here:
And here's the actual commit that tries to add aes support:
In Section "22.214.171.124 Session-Key Computation" the hmac-sha256 base
computation of the session-key seems to use the plain SharedSecret
and not the NT-HASH of it (MD4(UNICODE(ShareSecret))), is that correct?
I thought the plain text is never stored in AD by default...
Where should the netlogon server get the plain text from?
I just tried the NT-HASH see my netlogon_creds_init_hmac_sha256() function.
In Section "126.96.36.199 Netlogon Credential Computation" there's a
AesEncrypt function used. Can you please document the exact algorithm
that's used there. You say AES128 is used in CFB mode without
says that all modes except ECB require an IV.
It would also be nice if you could add some more example values
in secion 4.2 Cryptographic Values for Session Key Validation.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 252 bytes
Desc: OpenPGP digital signature
More information about the cifs-protocol