[cifs-protocol] [Pfif] MS-NRPC: AES Schannel problems

Stefan (metze) Metzmacher metze at samba.org
Thu Sep 17 14:29:12 MDT 2009


>    We just found that there is a problem with the logic in step 9 of (Generating an Initial Netlogon Signature Token) and step 5 of (Receiving an Initial Netlogon Signature Token). When we  encrypt or decrypt SequenceNumber,  the IV is actually the concatenation of checksum, instead of SequenceNumber itself.    I will file a request to update the document. 
>    You can change your function netsec_do_seq_num() to use checksum to construct IV.

Thanks very much, I got it working!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20090917/63a785de/attachment.pgp>

More information about the cifs-protocol mailing list