Thanks Matthieu!
Someone from my team will get in touch with you shortly.
Thanks and regards,
Sebastian
Sebastian Canevari
Escalation Engineer, US-CSS DSC PROTOCOL TEAM
7100 N Hwy 161, Irving, TX - 75039
"Las Colinas - LC2"
Tel: +1 469 775 7849
e-mail: sebastc at microsoft.com
-----Original Message-----
From: Matthieu Patou [mailto:mat at samba.org]
Sent: Tuesday, September 21, 2010 8:56 PM
To: cifs-protocol at samba.org; Interoperability Documentation Help
Cc: Darryl Welch
Subject: backup protocol
Hello dochelp,
I would like to have some confirmation on backup protocol, here is the dump as the samba server will receive it from a windows client to unwrap a secret.
./bin/ndrdump backupkey bkrp_BackupKey_debug in ~/workspace/samba/tcpdump/bkrp/bkrp_in
pull returned NT_STATUS_OK
WARNING! 52 unread bytes
[0000] 8A E3 13 71 02 F4 36 71 02 40 28 00 30 7C DE 3D ...q..6q .@(.0|.=
[0010] 5D 16 D1 11 AB 8F 00 80 5F 14 DB 40 01 00 00 00 ]....... _.. at ....
[0020] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
[0030] 02 00 00 00 ....
bkrp_BackupKey_debug: struct bkrp_BackupKey
in: struct bkrp_BackupKey
guidActionAgent : *
guidActionAgent :
47270c64-2fc7-499b-ac5b-0e37cdce899a
data_in : *
data_in: struct bkrp_client_side_wrapped
version : 0x00000002 (2)
encrypted_secret_len : 0x00000100 (256)
access_check_len : 0x00000058 (88)
guid :
a1dc8bbd-743f-473e-8d00-0a4742df76bd
encrypted_secret: ARRAY(256)
[0] : 0x30 (48)
[1] : 0xe5 (229)
[2] : 0x9a (154)
[3] : 0x15 (21)
[4] : 0x1b (27)
[5] : 0x59 (89)
[6] : 0xb8 (184)
[7] : 0x1e (30)
[8] : 0xb6 (182)
[9] : 0xb8 (184)
[10] : 0x2a (42)
[11] : 0xd0 (208)
[12] : 0x9f (159)
[13] : 0x30 (48)
[14] : 0xaa (170)
[15] : 0xb3 (179)
[16] : 0x12 (18)
[17] : 0x9a (154)
[18] : 0x98 (152)
[19] : 0x55 (85)
[20] : 0x63 (99)
[21] : 0xd2 (210)
[22] : 0x11 (17)
[23] : 0xe4 (228)
[24] : 0x41 (65)
[25] : 0x00 (0)
[26] : 0xdb (219)
[27] : 0x37 (55)
[28] : 0x9c (156)
[29] : 0xd9 (217)
[30] : 0x86 (134)
[31] : 0x63 (99)
[32] : 0xa1 (161)
[33] : 0x30 (48)
[34] : 0x1d (29)
[35] : 0x8c (140)
[36] : 0xf4 (244)
[37] : 0x25 (37)
[38] : 0x00 (0)
[39] : 0x16 (22)
[40] : 0xe2 (226)
[41] : 0xc1 (193)
[42] : 0xb0 (176)
[43] : 0x36 (54)
[44] : 0x89 (137)
[45] : 0x10 (16)
[46] : 0x83 (131)
[47] : 0x56 (86)
[48] : 0xad (173)
[49] : 0x8f (143)
[50] : 0x0b (11)
[51] : 0x11 (17)
[52] : 0x60 (96)
[53] : 0x20 (32)
[54] : 0xc4 (196)
[55] : 0x07 (7)
[56] : 0x81 (129)
[57] : 0x77 (119)
[58] : 0xc1 (193)
[59] : 0xd4 (212)
[60] : 0x95 (149)
[61] : 0x7d (125)
[62] : 0x81 (129)
[63] : 0xe8 (232)
[64] : 0xcc (204)
[65] : 0xa6 (166)
[66] : 0xbf (191)
[67] : 0xc5 (197)
[68] : 0xf5 (245)
[69] : 0x23 (35)
[70] : 0x8d (141)
[71] : 0x29 (41)
[72] : 0x2e (46)
[73] : 0x9c (156)
[74] : 0x8d (141)
[75] : 0x21 (33)
[76] : 0xff (255)
[77] : 0xc3 (195)
[78] : 0xb7 (183)
[79] : 0xc3 (195)
[80] : 0xba (186)
[81] : 0x14 (20)
[82] : 0x35 (53)
[83] : 0xec (236)
[84] : 0x6f (111)
[85] : 0x50 (80)
[86] : 0x24 (36)
[87] : 0x14 (20)
[88] : 0x17 (23)
[89] : 0x83 (131)
[90] : 0x5f (95)
[91] : 0xdc (220)
[92] : 0xbc (188)
[93] : 0x2a (42)
[94] : 0xd9 (217)
[95] : 0xf6 (246)
[96] : 0xee (238)
[97] : 0xf9 (249)
[98] : 0x4f (79)
[99] : 0x63 (99)
[100] : 0x16 (22)
[101] : 0x0a (10)
[102] : 0xfc (252)
[103] : 0x93 (147)
[104] : 0xb4 (180)
[105] : 0xa2 (162)
[106] : 0x4c (76)
[107] : 0x10 (16)
[108] : 0xcf (207)
[109] : 0x28 (40)
[110] : 0x54 (84)
[111] : 0x55 (85)
[112] : 0x7e (126)
[113] : 0xa7 (167)
[114] : 0x47 (71)
[115] : 0xdb (219)
[116] : 0x24 (36)
[117] : 0x96 (150)
[118] : 0xe4 (228)
[119] : 0xdd (221)
[120] : 0x5f (95)
[121] : 0x4c (76)
[122] : 0x0c (12)
[123] : 0x4d (77)
[124] : 0xc8 (200)
[125] : 0x17 (23)
[126] : 0xc9 (201)
[127] : 0x53 (83)
[128] : 0xdb (219)
[129] : 0x58 (88)
[130] : 0x98 (152)
[131] : 0x03 (3)
[132] : 0xf6 (246)
[133] : 0xf9 (249)
[134] : 0x19 (25)
[135] : 0xec (236)
[136] : 0x56 (86)
[137] : 0xb0 (176)
[138] : 0x8d (141)
[139] : 0xf5 (245)
[140] : 0x39 (57)
[141] : 0x9d (157)
[142] : 0xfb (251)
[143] : 0xea (234)
[144] : 0x59 (89)
[145] : 0xdd (221)
[146] : 0xeb (235)
[147] : 0x3d (61)
[148] : 0xa0 (160)
[149] : 0xaf (175)
[150] : 0x1b (27)
[151] : 0x7c (124)
[152] : 0xe1 (225)
[153] : 0x85 (133)
[154] : 0x22 (34)
[155] : 0xd2 (210)
[156] : 0x19 (25)
[157] : 0x45 (69)
[158] : 0xa8 (168)
[159] : 0x14 (20)
[160] : 0x2a (42)
[161] : 0x8f (143)
[162] : 0x26 (38)
[163] : 0x3d (61)
[164] : 0x3e (62)
[165] : 0x4f (79)
[166] : 0xc8 (200)
[167] : 0x4d (77)
[168] : 0xb5 (181)
[169] : 0xb4 (180)
[170] : 0xeb (235)
[171] : 0x49 (73)
[172] : 0x6b (107)
[173] : 0x16 (22)
[174] : 0xc2 (194)
[175] : 0x5f (95)
[176] : 0xa7 (167)
[177] : 0x3b (59)
[178] : 0x1e (30)
[179] : 0xd3 (211)
[180] : 0x25 (37)
[181] : 0xe9 (233)
[182] : 0x84 (132)
[183] : 0xc0 (192)
[184] : 0x30 (48)
[185] : 0xd9 (217)
[186] : 0x56 (86)
[187] : 0xf7 (247)
[188] : 0x15 (21)
[189] : 0x89 (137)
[190] : 0xd5 (213)
[191] : 0xac (172)
[192] : 0x40 (64)
[193] : 0x96 (150)
[194] : 0x14 (20)
[195] : 0xed (237)
[196] : 0x02 (2)
[197] : 0xcf (207)
[198] : 0x66 (102)
[199] : 0x03 (3)
[200] : 0xee (238)
[201] : 0xf5 (245)
[202] : 0x79 (121)
[203] : 0xa3 (163)
[204] : 0xc6 (198)
[205] : 0x4e (78)
[206] : 0x59 (89)
[207] : 0xfe (254)
[208] : 0x01 (1)
[209] : 0x07 (7)
[210] : 0xda (218)
[211] : 0x5f (95)
[212] : 0xd1 (209)
[213] : 0xb8 (184)
[214] : 0xd6 (214)
[215] : 0xe3 (227)
[216] : 0x15 (21)
[217] : 0x28 (40)
[218] : 0x78 (120)
[219] : 0x83 (131)
[220] : 0x4b (75)
[221] : 0xf6 (246)
[222] : 0x5b (91)
[223] : 0xd6 (214)
[224] : 0xb0 (176)
[225] : 0x10 (16)
[226] : 0xb7 (183)
[227] : 0x74 (116)
[228] : 0x5f (95)
[229] : 0xaa (170)
[230] : 0xaa (170)
[231] : 0xc4 (196)
[232] : 0x4f (79)
[233] : 0x53 (83)
[234] : 0xe7 (231)
[235] : 0x1f (31)
[236] : 0xfd (253)
[237] : 0xe4 (228)
[238] : 0xab (171)
[239] : 0xa3 (163)
[240] : 0xbb (187)
[241] : 0xf3 (243)
[242] : 0x98 (152)
[243] : 0x5c (92)
[244] : 0x47 (71)
[245] : 0xea (234)
[246] : 0x2b (43)
[247] : 0xa5 (165)
[248] : 0xbf (191)
[249] : 0xa1 (161)
[250] : 0xbe (190)
[251] : 0xa2 (162)
[252] : 0x3b (59)
[253] : 0x3b (59)
[254] : 0x13 (19)
[255] : 0x6a (106)
access_check: ARRAY(88)
[0] : 0xaa (170)
[1] : 0x5e (94)
[2] : 0x85 (133)
[3] : 0xdd (221)
[4] : 0xfb (251)
[5] : 0xdf (223)
[6] : 0x5c (92)
[7] : 0x8e (142)
[8] : 0x0f (15)
[9] : 0xc4 (196)
[10] : 0x9e (158)
[11] : 0xdf (223)
[12] : 0x43 (67)
[13] : 0xb7 (183)
[14] : 0xb8 (184)
[15] : 0xaa (170)
[16] : 0x01 (1)
[17] : 0x17 (23)
[18] : 0xf6 (246)
[19] : 0xd4 (212)
[20] : 0x93 (147)
[21] : 0xcb (203)
[22] : 0x35 (53)
[23] : 0xb9 (185)
[24] : 0x9f (159)
[25] : 0x57 (87)
[26] : 0x2a (42)
[27] : 0xed (237)
[28] : 0x8d (141)
[29] : 0x6f (111)
[30] : 0xdc (220)
[31] : 0x4d (77)
[32] : 0x9c (156)
[33] : 0xae (174)
[34] : 0x9f (159)
[35] : 0x2a (42)
[36] : 0x45 (69)
[37] : 0xc9 (201)
[38] : 0xbb (187)
[39] : 0xf5 (245)
[40] : 0x48 (72)
[41] : 0x8a (138)
[42] : 0x3e (62)
[43] : 0x98 (152)
[44] : 0x62 (98)
[45] : 0x93 (147)
[46] : 0xb8 (184)
[47] : 0x20 (32)
[48] : 0x77 (119)
[49] : 0x0e (14)
[50] : 0x8f (143)
[51] : 0x24 (36)
[52] : 0x75 (117)
[53] : 0x16 (22)
[54] : 0x12 (18)
[55] : 0x2e (46)
[56] : 0x7b (123)
[57] : 0xf0 (240)
[58] : 0xb9 (185)
[59] : 0x61 (97)
[60] : 0x1d (29)
[61] : 0xee (238)
[62] : 0x8f (143)
[63] : 0x2a (42)
[64] : 0xed (237)
[65] : 0xfb (251)
[66] : 0xed (237)
[67] : 0x39 (57)
[68] : 0x41 (65)
[69] : 0xba (186)
[70] : 0x73 (115)
[71] : 0x91 (145)
[72] : 0x68 (104)
[73] : 0x0c (12)
[74] : 0x21 (33)
[75] : 0x4b (75)
[76] : 0x9d (157)
[77] : 0x2e (46)
[78] : 0x13 (19)
[79] : 0x3b (59)
[80] : 0x4a (74)
[81] : 0x5a (90)
[82] : 0x96 (150)
[83] : 0x83 (131)
[84] : 0x74 (116)
[85] : 0x4d (77)
[86] : 0x52 (82)
[87] : 0x34 (52)
data_in_len : 0x00000174 (372)
param : 0x00000000 (0)
dump OK
If the dump is really correct (well it looks pretty good to my mind),
the encrypted secret will be:
encrypted_secret: ARRAY(256)
[0] : 0x30 (48)
[1] : 0xe5 (229)
[2] : 0x9a (154)
[3] : 0x15 (21)
[4] : 0x1b (27)
[5] : 0x59 (89)
[6] : 0xb8 (184)
[7] : 0x1e (30)
[8] : 0xb6 (182)
[9] : 0xb8 (184)
[10] : 0x2a (42)
[11] : 0xd0 (208)
[12] : 0x9f (159)
[13] : 0x30 (48)
[14] : 0xaa (170)
[15] : 0xb3 (179)
[16] : 0x12 (18)
[17] : 0x9a (154)
[18] : 0x98 (152)
[19] : 0x55 (85)
[20] : 0x63 (99)
[21] : 0xd2 (210)
[22] : 0x11 (17)
[23] : 0xe4 (228)
[24] : 0x41 (65)
[25] : 0x00 (0)
[26] : 0xdb (219)
[27] : 0x37 (55)
[28] : 0x9c (156)
[29] : 0xd9 (217)
[30] : 0x86 (134)
[31] : 0x63 (99)
[32] : 0xa1 (161)
[33] : 0x30 (48)
[34] : 0x1d (29)
[35] : 0x8c (140)
[36] : 0xf4 (244)
[37] : 0x25 (37)
[38] : 0x00 (0)
[39] : 0x16 (22)
[40] : 0xe2 (226)
[41] : 0xc1 (193)
[42] : 0xb0 (176)
[43] : 0x36 (54)
[44] : 0x89 (137)
[45] : 0x10 (16)
[46] : 0x83 (131)
[47] : 0x56 (86)
[48] : 0xad (173)
[49] : 0x8f (143)
[50] : 0x0b (11)
[51] : 0x11 (17)
[52] : 0x60 (96)
[53] : 0x20 (32)
[54] : 0xc4 (196)
[55] : 0x07 (7)
[56] : 0x81 (129)
[57] : 0x77 (119)
[58] : 0xc1 (193)
[59] : 0xd4 (212)
[60] : 0x95 (149)
[61] : 0x7d (125)
[62] : 0x81 (129)
[63] : 0xe8 (232)
[64] : 0xcc (204)
[65] : 0xa6 (166)
[66] : 0xbf (191)
[67] : 0xc5 (197)
[68] : 0xf5 (245)
[69] : 0x23 (35)
[70] : 0x8d (141)
[71] : 0x29 (41)
[72] : 0x2e (46)
[73] : 0x9c (156)
[74] : 0x8d (141)
[75] : 0x21 (33)
[76] : 0xff (255)
[77] : 0xc3 (195)
[78] : 0xb7 (183)
[79] : 0xc3 (195)
[80] : 0xba (186)
[81] : 0x14 (20)
[82] : 0x35 (53)
[83] : 0xec (236)
[84] : 0x6f (111)
[85] : 0x50 (80)
[86] : 0x24 (36)
[87] : 0x14 (20)
[88] : 0x17 (23)
[89] : 0x83 (131)
[90] : 0x5f (95)
[91] : 0xdc (220)
[92] : 0xbc (188)
[93] : 0x2a (42)
[94] : 0xd9 (217)
[95] : 0xf6 (246)
[96] : 0xee (238)
[97] : 0xf9 (249)
[98] : 0x4f (79)
[99] : 0x63 (99)
[100] : 0x16 (22)
[101] : 0x0a (10)
[102] : 0xfc (252)
[103] : 0x93 (147)
[104] : 0xb4 (180)
[105] : 0xa2 (162)
[106] : 0x4c (76)
[107] : 0x10 (16)
[108] : 0xcf (207)
[109] : 0x28 (40)
[110] : 0x54 (84)
[111] : 0x55 (85)
[112] : 0x7e (126)
[113] : 0xa7 (167)
[114] : 0x47 (71)
[115] : 0xdb (219)
[116] : 0x24 (36)
[117] : 0x96 (150)
[118] : 0xe4 (228)
[119] : 0xdd (221)
[120] : 0x5f (95)
[121] : 0x4c (76)
[122] : 0x0c (12)
[123] : 0x4d (77)
[124] : 0xc8 (200)
[125] : 0x17 (23)
[126] : 0xc9 (201)
[127] : 0x53 (83)
[128] : 0xdb (219)
[129] : 0x58 (88)
[130] : 0x98 (152)
[131] : 0x03 (3)
[132] : 0xf6 (246)
[133] : 0xf9 (249)
[134] : 0x19 (25)
[135] : 0xec (236)
[136] : 0x56 (86)
[137] : 0xb0 (176)
[138] : 0x8d (141)
[139] : 0xf5 (245)
[140] : 0x39 (57)
[141] : 0x9d (157)
[142] : 0xfb (251)
[143] : 0xea (234)
[144] : 0x59 (89)
[145] : 0xdd (221)
[146] : 0xeb (235)
[147] : 0x3d (61)
[148] : 0xa0 (160)
[149] : 0xaf (175)
[150] : 0x1b (27)
[151] : 0x7c (124)
[152] : 0xe1 (225)
[153] : 0x85 (133)
[154] : 0x22 (34)
[155] : 0xd2 (210)
[156] : 0x19 (25)
[157] : 0x45 (69)
[158] : 0xa8 (168)
[159] : 0x14 (20)
[160] : 0x2a (42)
[161] : 0x8f (143)
[162] : 0x26 (38)
[163] : 0x3d (61)
[164] : 0x3e (62)
[165] : 0x4f (79)
[166] : 0xc8 (200)
[167] : 0x4d (77)
[168] : 0xb5 (181)
[169] : 0xb4 (180)
[170] : 0xeb (235)
[171] : 0x49 (73)
[172] : 0x6b (107)
[173] : 0x16 (22)
[174] : 0xc2 (194)
[175] : 0x5f (95)
[176] : 0xa7 (167)
[177] : 0x3b (59)
[178] : 0x1e (30)
[179] : 0xd3 (211)
[180] : 0x25 (37)
[181] : 0xe9 (233)
[182] : 0x84 (132)
[183] : 0xc0 (192)
[184] : 0x30 (48)
[185] : 0xd9 (217)
[186] : 0x56 (86)
[187] : 0xf7 (247)
[188] : 0x15 (21)
[189] : 0x89 (137)
[190] : 0xd5 (213)
[191] : 0xac (172)
[192] : 0x40 (64)
[193] : 0x96 (150)
[194] : 0x14 (20)
[195] : 0xed (237)
[196] : 0x02 (2)
[197] : 0xcf (207)
[198] : 0x66 (102)
[199] : 0x03 (3)
[200] : 0xee (238)
[201] : 0xf5 (245)
[202] : 0x79 (121)
[203] : 0xa3 (163)
[204] : 0xc6 (198)
[205] : 0x4e (78)
[206] : 0x59 (89)
[207] : 0xfe (254)
[208] : 0x01 (1)
[209] : 0x07 (7)
[210] : 0xda (218)
[211] : 0x5f (95)
[212] : 0xd1 (209)
[213] : 0xb8 (184)
[214] : 0xd6 (214)
[215] : 0xe3 (227)
[216] : 0x15 (21)
[217] : 0x28 (40)
[218] : 0x78 (120)
[219] : 0x83 (131)
[220] : 0x4b (75)
[221] : 0xf6 (246)
[222] : 0x5b (91)
[223] : 0xd6 (214)
[224] : 0xb0 (176)
[225] : 0x10 (16)
[226] : 0xb7 (183)
[227] : 0x74 (116)
[228] : 0x5f (95)
[229] : 0xaa (170)
[230] : 0xaa (170)
[231] : 0xc4 (196)
[232] : 0x4f (79)
[233] : 0x53 (83)
[234] : 0xe7 (231)
[235] : 0x1f (31)
[236] : 0xfd (253)
[237] : 0xe4 (228)
[238] : 0xab (171)
[239] : 0xa3 (163)
[240] : 0xbb (187)
[241] : 0xf3 (243)
[242] : 0x98 (152)
[243] : 0x5c (92)
[244] : 0x47 (71)
[245] : 0xea (234)
[246] : 0x2b (43)
[247] : 0xa5 (165)
[248] : 0xbf (191)
[249] : 0xa1 (161)
[250] : 0xbe (190)
[251] : 0xa2 (162)
[252] : 0x3b (59)
[253] : 0x3b (59)
[254] : 0x13 (19)
[255] : 0x6a (106)
And I'm having difficulties to uncrypt it although I'm pretty sure of my
private and public key (extracted from the active directory).
I get the public key from backupkey protocol when supplying the
BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID and the private key by extracting it
from a replicated s4 DC.
The certificate is cert.pem and the key is privkeycert.pem.
I'm able to encrypt the cert's public key and decrypt with the private key:
As this: echo "super test" | openssl rsautl -encrypt -certin -inkey
cert.pem | openssl rsautl -decrypt -inkey privkeycert.pem
gives me the clear text.
So it should means that I'm able to decrypt the encrypted_secret as it
is stated in the documentation (ms-bkrp.pdf)
"If the dwVersion field is set to 0x00000002, this field MUST contain
the structure specified
in Section 2.2.2.1, padded and encrypted with the server's public key
according to the
PKCS#1 v1.5 RSA encryption scheme specified in [RFC3447] section 7.2."
Trying to decrypt the secrets with the private key (which
openssl rsautl -decrypt -inkey privkeycert.pem -in secret.cr
RSA operation error
12156:error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block
type is not 02:rsa_pk1.c:190:
12156:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check
failed:rsa_eay.c:592:
Is there anything I get wrong ?
Thanks for you help.
Regards.
Matthieu.
--
Matthieu Patou
Samba Team http://samba.org