[cifs-protocol] [Pfif] MS-NRPC: AES Schannel problems

Stefan (metze) Metzmacher metze at samba.org
Fri Aug 28 11:00:23 MDT 2009

Stefan (metze) Metzmacher schrieb:
> Hongwei,
>>     The SharedSecret used for AES session key computation, as described in MS-NRPC , should be the NTOWF (MD4(UNICODE(Passwd))) of the plaintext password.   The section 3.1.1 of MS-NRPC explains what a SharedSecret is used for session key calculation in Windows implementations.  The SharedSecret  is stored in UnicodePwd AD attribute.  Please see section 3.1.1 and Windows Behavior notes <66>,<67> of MS-NRPC for details.
> Yes, I saw that and that's why I've also done it like this,
> but I was wondering why Section 3.4.1 has
> M4SS := MD4(UNICODE(SharedSecret)) explicit for the hmac_md5 session key
> and the des session key.
> I think it would make sense to also add it to the hmac_sha256 section
> in order to remove the confusion I had.
>>      I will continue working on all questions related to AES encryption.
> Thanks, as it seems I compute the session key correct, this is the place
> (netlogon_creds_step_crypt()) where I have a bug, because I'm getting
> access denied when I try DCERPC_SCHANNEL_AES against a w2k8r2rc server.

Please also provide details about the aes encryption used when schannel
acts as security provider for dcerpc.

I noticed that the documentation on has only the
flag, but w2k8r2 used the new flag NETLOGON_NEG_SUPPORTS_AES(0x01000000).

I assume the docs may missing also some crypto details, because of this...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20090828/58a60cdf/attachment.pgp>

More information about the cifs-protocol mailing list