[cifs-protocol] [Pfif] MS-NRPC: AES Schannel problems
Stefan (metze) Metzmacher
metze at samba.org
Fri Aug 28 11:00:23 MDT 2009
Stefan (metze) Metzmacher schrieb:
> Hongwei,
>
>> The SharedSecret used for AES session key computation, as described in 3.1.4.3 MS-NRPC , should be the NTOWF (MD4(UNICODE(Passwd))) of the plaintext password. The section 3.1.1 of MS-NRPC explains what a SharedSecret is used for session key calculation in Windows implementations. The SharedSecret is stored in UnicodePwd AD attribute. Please see section 3.1.1 and Windows Behavior notes <66>,<67> of MS-NRPC for details.
>
> Yes, I saw that and that's why I've also done it like this,
> but I was wondering why Section 3.4.1 has
> M4SS := MD4(UNICODE(SharedSecret)) explicit for the hmac_md5 session key
> and the des session key.
>
> I think it would make sense to also add it to the hmac_sha256 section
> in order to remove the confusion I had.
>
>> I will continue working on all questions related to AES encryption.
>
> Thanks, as it seems I compute the session key correct, this is the place
> (netlogon_creds_step_crypt()) where I have a bug, because I'm getting
> access denied when I try DCERPC_SCHANNEL_AES against a w2k8r2rc server.
>
Please also provide details about the aes encryption used when schannel
acts as security provider for dcerpc.
I noticed that the documentation on has only the
NETLOGON_NEG_SUPPORTS_AES_SHA2 (0x00400000)
flag, but w2k8r2 used the new flag NETLOGON_NEG_SUPPORTS_AES(0x01000000).
I assume the docs may missing also some crypto details, because of this...
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20090828/58a60cdf/attachment.pgp>
More information about the cifs-protocol
mailing list