[cifs-protocol] Session keys are not always 16 bytes long
Andrew Bartlett
abartlet at samba.org
Fri Feb 27 20:29:09 GMT 2009
On Fri, 2009-02-27 at 09:22 -0800, Hongwei Sun wrote:
> Andrew,
>
> We finished updating the MS-SMB document as you suggested.
>
> (1) The following text is updated to describe how session keys are generally used for signing in Windows clients and servers in section 3.1.4.1 and 3.1.5.1.
>
> "The MD5 algorithm, as specified in [RFC1321], MUST be used to generate a hash of the SMB message (from the start of the SMB header) through the entire session key with the actual session key length".
>
> (2) The following Windows Behavior note is updated to describe the special behavior of Windows clients, especially when the session key length is less than 16.
>
> "<177> Section 3.1.4.1: Windows SMB clients use the entire session key for signing if the session key length is equal to or greater than 16, and pad the session key with zero up to 16 bytes if the session key length is less than 16."
>
> Please let us know if you have any further questions. We really appreciate your suggestion.
Again, please remove this from the Windows Behaviour notes, and put it
in the main section. All clients that wish to interoperate must do this
(Samba does, for example), so it's in no way windows specific.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20090228/438bad3f/attachment.bin
More information about the cifs-protocol
mailing list