[cifs-protocol] Session keys are not always 16 bytes long

Hongwei Sun hongweis at microsoft.com
Tue Feb 10 15:13:48 GMT 2009


   I am sending you the new windows behavior notes that have been added to MS-SMB with respect to the length of session key used for SMB signing.

<173> Section Windows SMB clients use entire session key for signing if the session key length is equal to or more than 16, and pad session key with zero up to 16 bytes if session key length is less than 16; Windows SMB servers always use the actual length of the session key for signing.

   Please let me know if you have any more questions. 

Thanks !


-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Monday, February 02, 2009 7:08 PM
To: Hongwei Sun
Cc: Stefan (metze) Metzmacher; cifs-protocol at samba.org; pfif at tridgell.net
Subject: RE: [cifs-protocol] Session keys are not always 16 bytes long

On Tue, 2009-01-27 at 16:36 -0800, Hongwei Sun wrote:
> Andrew,
>   Thanks for the information provided.  We successfully reproduced and debugged the behavior of SMB signing between Samba Smbclient and Windows server using AES256 session key(32 bytes).   The outcome of live debugging proved that SMB signing is using entire 32 bytes session key, just as you reported initially.  The product team also confirmed this behavior.  We will update MS-SMB document accordingly.  
>   Please let us know if you have any further question regarding this topic.

I'm glad to hear you finally figured it out.  I look forward to seeing to doc updates.

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

More information about the cifs-protocol mailing list