[cifs-protocol] Session keys are not always 16 bytes long

Andrew Bartlett abartlet at samba.org
Fri Feb 27 20:29:09 GMT 2009

On Fri, 2009-02-27 at 09:22 -0800, Hongwei Sun wrote:
> Andrew,
>    We finished updating the MS-SMB document as you suggested.   
>    (1) The following text is updated to describe how session keys are generally used for signing in Windows clients and servers in section and 
>     "The MD5 algorithm, as specified in [RFC1321], MUST be used to generate a hash of the SMB message (from the start of the SMB header) through the entire session key with the actual session key length".
>    (2) The following Windows Behavior note is updated to describe the special behavior of Windows clients, especially when the session key length is less than 16.  
>     "<177> Section Windows SMB clients use the entire session key for signing if the session key length is equal to or greater than 16, and pad the session key with zero up to 16 bytes if the session key length is less than 16."   
>    Please let us know if you have any further questions.   We really appreciate your suggestion.

Again, please remove this from the Windows Behaviour notes, and put it
in the main section.  All clients that wish to interoperate must do this
(Samba does, for example), so it's in no way windows specific.

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20090228/438bad3f/attachment.bin

More information about the cifs-protocol mailing list