[cifs-protocol] [REG:110092949275537] MS-LSAD 2.2.7.16 LSAPR_TRUSTED_DOMAIN_AUTH_BLOB
Bryan Burgin
bburgin at microsoft.com
Mon Oct 18 10:10:25 MDT 2010
Günther,
As a follow-up, below is the text of [MS-LSAD] 2.2.7.16 as it was updated for your issue. It will become available in a future refresh of the documentation.
Bryan
2.2.7.16 LSAPR_TRUSTED_DOMAIN_AUTH_BLOB
The LSAPR_TRUSTED_DOMAIN_AUTH_BLOB structure contains a counted buffer of authentication material. Domain trust authentication is specified in [MS-ADTS]<%5bMS-ADTS%5d.pdf> section 7.1.6.9.1.
typedef struct _LSAPR_TRUSTED_DOMAIN_AUTH_BLOB {
[range(0,65536)] unsigned long AuthSize;
[size_is(AuthSize)] unsigned char* AuthBlob;
} LSAPR_TRUSTED_DOMAIN_AUTH_BLOB,
*PLSAPR_TRUSTED_DOMAIN_AUTH_BLOB;
AuthSize: The count of bytes in AuthBlob.<26>
AuthBlob: An array of bytes containing the authentication material. If the AuthSize field has a value other than 0, this field MUST NOT be NULL. Always encrypted using algorithms, as specified in section 5.1.1. The plaintext layout is in the following format.
The incoming and outgoing authentication information buffer size included at the end of the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB can be used to extract the incoming and outgoing authentication information buffers from the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB. Each of these buffers contains the byte offset to both the current and the previous authentication information. This information can be used to extract current and (if any) previous authentication information.
0
1
2
3
4
5
6
7
8
9
1
0
1
2
3
4
5
6
7
8
9
2
0
1
2
3
4
5
6
7
8
9
3
0
1
512 bytes of random data ...
CountOutgoingAuthInfos
ByteOffsetCurrentOutgoingAuthInfo
ByteOffsetPreviousOutgoingAuthInfo
CurrentOutgoingAuthInfos
...
PreviousOutgoingAuthInfos (optional)
...
CountIncomingAuthInfos
ByteOffsetCurrentIncomingAuthInfo
ByteOffsetPreviousIncomingAuthInfo
CurrentIncomingAuthInfos
...
PreviousIncomingAuthInfos (optional)
...
OutgoingAuthInfoSize
IncomingAuthInfoSize
CountOutgoingAuthInfos (4 bytes): Specifies the count of entries present in the CurrentOutgoingAuthInfos field. Also specifies the count of entries present in the PreviousOutgoingAuthInfos field if this optional field is present.
ByteOffsetCurrentOutgoingAuthInfo (4 bytes): Specifies the byte offset from the beginning of CountOutgoingAuthInfos to the start of the CurrentOutgoingAuthInfos field. If CountOutgoingAuthInfos is 0, this field MUST be ignored.
ByteOffsetPreviousOutgoingAuthInfo (4 bytes): Specifies the byte offset from the beginning of CountOutgoingAuthInfos to the start of the PreviousOutgoingAuthInfos field. If the difference between ByteOffsetPreviousOutgoingAuthInfo and OutgoingAuthInfoSize is 0, the PreviousOutgoingAuthInfos field has zero entries.
CurrentOutgoingAuthInfos: Contains an array of CountOutgoingAuthInfos of LSAPR_AUTH_INFORMATION (section 2.2.7.17) entries in self-relative format. Each LSAPR_AUTH_INFORMATION entry in the array MUST be 4-byte aligned. When it is necessary to insert unused padding bytes into a buffer for data alignment, such bytes MUST be set to 0.
PreviousOutgoingAuthInfos: Contains an array of CountOutgoingAuthInfos LSAPR_AUTH_INFORMATION entries in self-relative format. See the comments for the ByteOffsetPreviousOutgoingAuthInfo field to determine when this field is present. Each LSAPR_AUTH_INFORMATION entry in the array MUST be 4-byte aligned. When it is necessary to insert unused padding bytes into a buffer for data alignment, such bytes MUST be set to 0.
CountIncomingAuthInfos (4 bytes): Specifies the count of entries present in the CurrentIncomingAuthInfos field. Also specifies the count of entries present in the PreviousIncomingAuthInfos field if this optional field is present.
ByteOffsetCurrentIncomingAuthInfo (4 bytes): Specifies the byte offset from the beginning of CountIncomingAuthInfos to the start of the CurrentIncomingAuthInfos field. If CountIncomingAuthInfos is 0, this field MUST be ignored.
ByteOffsetPreviousIncomingAuthInfo (4 bytes): Specifies the byte offset from the beginning of CountIncomingAuthInfos to the start of the PreviousIncomingAuthInfos field. If the difference between ByteOffsetPreviousIncomingAuthInfo and IncomingAuthInfoSize is 0, the PreviousIncomingAuthInfos field has zero entries.
CurrentIncomingAuthInfos: Contains an array of CountIncomingAuthInfos LSAPR_AUTH_INFORMATION entries in self-relative format. Each LSAPR_AUTH_INFORMATION entry in the array MUST be 4-byte aligned. When it is necessary to insert unused padding bytes into a buffer for data alignment, such bytes MUST be set to 0.
PreviousIncomingAuthInfos: Contains an array of CountIncomingAuthInfos LSAPR_AUTH_INFORMATION entries in self-relative format. See the comments for the ByteOffsetPreviousIncomingAuthInfo field to determine when this field is present. Each LSAPR_AUTH_INFORMATION entry in the array MUST be 4-byte aligned. When it is necessary to insert unused padding bytes into a buffer for data alignment, such bytes MUST be set to 0.
OutgoingAuthInfoSize (4 bytes): Specifies the size, in bytes, of the subportion of the structure from the beginning of the CountOutgoingAuthInfos field through the end of the of the PreviousOutgoingAuthInfos field.
IncomingAuthInfoSize (4 bytes): Specifies the size, in bytes, of the sub-portion of the structure from the beginning of the CountIncomingAuthInfos field through the end of the of the PreviousIncomingAuthInfos field.
-----Original Message-----
From: Bryan Burgin
Sent: Thursday, October 07, 2010 2:50 PM
To: Guenther Deschner (gd at samba.org)
Cc: MSSolve Case Email; 'cifs-protocol at samba.org'; 'pfif at tridgell.net'
Subject: RE: [REG:110092949275537] MS-LSAD 2.2.7.16 LSAPR_TRUSTED_DOMAIN_AUTH_BLOB
Günther,
I should have waited a few seconds longer as I just received feedback from the product group. Below are your questions and answers. Updates will be made to the technical documents in a future refresh. Please let me know if this resolves your questions.
Thank you for your patience.
Bryan
Q1: Is CountOutgoingAuthInfos defining the number of CurrentOutgoingAuthInfos *and* PreviousOutgoingAuthInfos in total, n-times both structs or just n-times CurrentOutgoingAuthInfos ? In any case, is it up the user to figure out the number of PreviousOutgoingAuthInfos from calculation with the offsets ?
(likewise for CountIncomingAuthInfos and CurrentIncomingAuthInfos and PreviousIncomingAuthInfos)
A: PreviousOutgoingAuthInfos is either an array of 0 elements or an array of exactly the same number of elements as CurrentOutgoingAuthInfos (this number is CountOutgoingAuthInfos). Same applies to CountIncomingAuthInfos and CurrentIncomingAuthInfos and PreviousIncomingAuthInfos
Q2: "CountIncomingAuthInfos": is there a typo ? It says: "Specifies the count of entries present in the CountIncomingAuthInfos field"
A: Yes, It should say "Specifies the count of entries present in the CurrentIncomingAuthInfos field"
Q3: Which values do ByteOffsetCurrentOutgoingAuthInfo and ByteOffsetPreviousOutgoingAuthInfo have in case CountOutgoingAuthInfos is 0 ?
(likewise for ByteOffsetCurrentIncomingAuthInfo and ByteOffsetPreviousIncomingAuthInfo and CountIncomingAuthInfos)
A: ByteOffsetCurrentOutgoingAuthInfo will always be 12 ([CountOutgoingAuthInfos][ByteOffsetCurrentOutgoingAuthInfo][ByteOffsetPreviousAuthInfos]) as it points to where the CurrentOutgoingAuthInfo array begins (which remains the same irrespective of how many entries are in the array).
In this case (when CountOutgoingAuthInfos is 0), ByteOffsetPreviousOutgoingAuthInfo will also be 12 as it points to where the PreviousOutgoingAuthInfo array begins (which is ByteOffsetCurrentOutgoingAuthInfo + size of CurrentIncomingAuthInfos and the latter is 0).
-----Original Message-----
From: Bryan Burgin
Sent: Thursday, October 07, 2010 2:03 PM
To: Guenther Deschner (gd at samba.org)
Cc: MSSolve Case Email
Subject: RE: [REG:110092949275537] MS-LSAD 2.2.7.16 LSAPR_TRUSTED_DOMAIN_AUTH_BLOB
Günther,
Just a quick update. I am expecting a reply from development very soon. As soon as I have a solution for you I'll pass it on.
Bryan
-----Original Message-----
From: Bryan Burgin
Sent: Wednesday, September 29, 2010 10:19 AM
To: Guenther Deschner (gd at samba.org)
Cc: MSSolve Case Email
Subject: [REG:110092949275537] MS-LSAD 2.2.7.16 LSAPR_TRUSTED_DOMAIN_AUTH_BLOB
[Darryl Welch, Will Gregg, Eric Urbasich on bcc, FYI] [Note to case: Guenther and the core Samba team are working with us in-person at a Interop Lab engagement]
Guenther,
I am reviewing this for you and will be making a request to improve the document. The case to track this issue is SR 110092949275537.
Bryan
-----Original Message-----
From: Guenther Deschner [mailto:gd at samba.org]
Sent: Tuesday, September 28, 2010 10:44 AM
To: Darryl Welch
Subject: MS-LSAD 2.2.7.16 LSAPR_TRUSTED_DOMAIN_AUTH_BLOB
Hi Darryl,
here are some questions for clarification for the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB struct as defined in MS-LSAD 2.2.7.16:
* Is CountOutgoingAuthInfos defining the number of CurrentOutgoingAuthInfos *and* PreviousOutgoingAuthInfos in total, n-times both structs or just n-times CurrentOutgoingAuthInfos ? In any case, is it up the user to figure out the number of PreviousOutgoingAuthInfos from calculation with the offsets ?
(likewise for CountIncomingAuthInfos and CurrentIncomingAuthInfos and PreviousIncomingAuthInfos)
* "CountIncomingAuthInfos": is there a typo ? It says: "Specifies the count of entries present in the CountIncomingAuthInfos field"
* Which values do ByteOffsetCurrentOutgoingAuthInfo and ByteOffsetPreviousOutgoingAuthInfo have in case CountOutgoingAuthInfos is 0 ?
(likewise for ByteOffsetCurrentIncomingAuthInfo and ByteOffsetPreviousIncomingAuthInfo and CountIncomingAuthInfos)
Thanks,
Guenther
--
Günther Deschner GPG-ID: 8EE11688
Red Hat gdeschner at redhat.com<mailto:gdeschner at redhat.com>
Samba Team gd at samba.org<mailto:gd at samba.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20101018/8629b33b/attachment-0001.html>
More information about the cifs-protocol
mailing list