[cifs-protocol] [REG:110092263101306] RE: backup protocol
Matthieu Patou
mat at samba.org
Wed Sep 22 20:46:12 MDT 2010
On 23/09/2010 03:27, Hongwei Sun wrote:
> Matthieu,
>
> After checking the logic in the code, I found that Windows clients will reverse the EncryptedSecret part in the Client-Side-Wrapped_Secret structure (2.2.2 MS-BKRP). This matches what you have found. I will file a request to have it confirmed and updated into the document.
>
Thanks.
> As of the GUID field in Client-Side-Wrapped_Secret structure, it is not in reverse byte order. As documented in item 10 of client-side wrapping logic in 3.2.4.1 MS-BKRP:
>
> 10. Copy the GUID of the server public key to guidKey. This value MUST be retrieved from the SubjectUniqueID field of the server's ClientWrap public key certificate, as specified in [X509] section 2.2.1
>
> It is clear that the GUID is copied from SubjectUniqueID in a certificate , not SerialNumber in a certificate. This is also confirmed by code review. Please verify this against the public key certificate you are using.
>
In section Product behavior we have this note:
<5> Section 2.2.1:
...
The serialNumber field is identical to the subjectUniqueID field.
...
Furthermore if you have a look at the certificate in DER format that I
attached to my first email you'll find that the serialNumber is
popultated with a 16 bytes array that once reverted is the GUID of the
certificate in the AD.
Matthieu.
> Please let me know if you have any further questions.
>
> Thanks!
>
> Hongwei
>
>
>
> -----Original Message-----
> From: Matthieu Patou [mailto:mat at samba.org]
> Sent: Wednesday, September 22, 2010 1:26 PM
> To: Sebastian Canevari
> Cc: cifs-protocol at samba.org; Interoperability Documentation Help; Darryl Welch; Hongwei Sun
> Subject: Re: backup protocol
>
> Hi Sebastian,
>
> I made more investigation this night and after realizing that the guid of the certificate was stored in reverse order in different fields like serialNumber field in the certificate I tried to give a try and reverse the bytes of the blob before trying to decrypt it.
>
> And it turns out that I managed to uncrypt the blob when doing so (please see the file secret.cr.decrypted that really looks like an encrypted_secret version 2 struct).
>
> I also attached the permuted version of the blob.
>
> Can you check and told me if the documentation should state that the encrypted_struct should be reverted.
> I also think that the documentation should in the behavior notes states that the serialNumber contains the guid of the certificate but in reverse byte order.
>
> Regards.
>
> Matthieu.
>
> On 22/09/2010 20:34, Sebastian Canevari wrote:
>> Thanks Matthieu!
>>
>> Someone from my team will get in touch with you shortly.
>>
>> Thanks and regards,
>>
>> Sebastian
>>
>>
>> Sebastian Canevari
>> Escalation Engineer, US-CSS DSC PROTOCOL TEAM 7100 N Hwy 161, Irving,
>> TX - 75039 "Las Colinas - LC2"
>> Tel: +1 469 775 7849
>> e-mail: sebastc at microsoft.com
>>
>> -----Original Message-----
>> From: Matthieu Patou [mailto:mat at samba.org]
>> Sent: Tuesday, September 21, 2010 8:56 PM
>> To: cifs-protocol at samba.org; Interoperability Documentation Help
>> Cc: Darryl Welch
>> Subject: backup protocol
>>
>> Hello dochelp,
>>
>>
>> I would like to have some confirmation on backup protocol, here is the dump as the samba server will receive it from a windows client to unwrap a secret.
>>
>>
>> ./bin/ndrdump backupkey bkrp_BackupKey_debug in
>> ~/workspace/samba/tcpdump/bkrp/bkrp_in
>> pull returned NT_STATUS_OK
>> WARNING! 52 unread bytes
>> [0000] 8A E3 13 71 02 F4 36 71 02 40 28 00 30 7C DE 3D ...q..6q .@(.0|.=
>> [0010] 5D 16 D1 11 AB 8F 00 80 5F 14 DB 40 01 00 00 00 ]....... _.. at ....
>> [0020] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
>> [0030] 02 00 00 00 ....
>> bkrp_BackupKey_debug: struct bkrp_BackupKey
>> in: struct bkrp_BackupKey
>> guidActionAgent : *
>> guidActionAgent :
>> 47270c64-2fc7-499b-ac5b-0e37cdce899a
>> data_in : *
>> data_in: struct bkrp_client_side_wrapped
>> version : 0x00000002 (2)
>> encrypted_secret_len : 0x00000100 (256)
>> access_check_len : 0x00000058 (88)
>> guid :
>> a1dc8bbd-743f-473e-8d00-0a4742df76bd
>> encrypted_secret: ARRAY(256)
>> [0] : 0x30 (48)
>> [1] : 0xe5 (229)
>> [2] : 0x9a (154)
>> [3] : 0x15 (21)
>> [4] : 0x1b (27)
>> [5] : 0x59 (89)
>> [6] : 0xb8 (184)
>> [7] : 0x1e (30)
>> [8] : 0xb6 (182)
>> [9] : 0xb8 (184)
>> [10] : 0x2a (42)
>> [11] : 0xd0 (208)
>> [12] : 0x9f (159)
>> [13] : 0x30 (48)
>> [14] : 0xaa (170)
>> [15] : 0xb3 (179)
>> [16] : 0x12 (18)
>> [17] : 0x9a (154)
>> [18] : 0x98 (152)
>> [19] : 0x55 (85)
>> [20] : 0x63 (99)
>> [21] : 0xd2 (210)
>> [22] : 0x11 (17)
>> [23] : 0xe4 (228)
>> [24] : 0x41 (65)
>> [25] : 0x00 (0)
>> [26] : 0xdb (219)
>> [27] : 0x37 (55)
>> [28] : 0x9c (156)
>> [29] : 0xd9 (217)
>> [30] : 0x86 (134)
>> [31] : 0x63 (99)
>> [32] : 0xa1 (161)
>> [33] : 0x30 (48)
>> [34] : 0x1d (29)
>> [35] : 0x8c (140)
>> [36] : 0xf4 (244)
>> [37] : 0x25 (37)
>> [38] : 0x00 (0)
>> [39] : 0x16 (22)
>> [40] : 0xe2 (226)
>> [41] : 0xc1 (193)
>> [42] : 0xb0 (176)
>> [43] : 0x36 (54)
>> [44] : 0x89 (137)
>> [45] : 0x10 (16)
>> [46] : 0x83 (131)
>> [47] : 0x56 (86)
>> [48] : 0xad (173)
>> [49] : 0x8f (143)
>> [50] : 0x0b (11)
>> [51] : 0x11 (17)
>> [52] : 0x60 (96)
>> [53] : 0x20 (32)
>> [54] : 0xc4 (196)
>> [55] : 0x07 (7)
>> [56] : 0x81 (129)
>> [57] : 0x77 (119)
>> [58] : 0xc1 (193)
>> [59] : 0xd4 (212)
>> [60] : 0x95 (149)
>> [61] : 0x7d (125)
>> [62] : 0x81 (129)
>> [63] : 0xe8 (232)
>> [64] : 0xcc (204)
>> [65] : 0xa6 (166)
>> [66] : 0xbf (191)
>> [67] : 0xc5 (197)
>> [68] : 0xf5 (245)
>> [69] : 0x23 (35)
>> [70] : 0x8d (141)
>> [71] : 0x29 (41)
>> [72] : 0x2e (46)
>> [73] : 0x9c (156)
>> [74] : 0x8d (141)
>> [75] : 0x21 (33)
>> [76] : 0xff (255)
>> [77] : 0xc3 (195)
>> [78] : 0xb7 (183)
>> [79] : 0xc3 (195)
>> [80] : 0xba (186)
>> [81] : 0x14 (20)
>> [82] : 0x35 (53)
>> [83] : 0xec (236)
>> [84] : 0x6f (111)
>> [85] : 0x50 (80)
>> [86] : 0x24 (36)
>> [87] : 0x14 (20)
>> [88] : 0x17 (23)
>> [89] : 0x83 (131)
>> [90] : 0x5f (95)
>> [91] : 0xdc (220)
>> [92] : 0xbc (188)
>> [93] : 0x2a (42)
>> [94] : 0xd9 (217)
>> [95] : 0xf6 (246)
>> [96] : 0xee (238)
>> [97] : 0xf9 (249)
>> [98] : 0x4f (79)
>> [99] : 0x63 (99)
>> [100] : 0x16 (22)
>> [101] : 0x0a (10)
>> [102] : 0xfc (252)
>> [103] : 0x93 (147)
>> [104] : 0xb4 (180)
>> [105] : 0xa2 (162)
>> [106] : 0x4c (76)
>> [107] : 0x10 (16)
>> [108] : 0xcf (207)
>> [109] : 0x28 (40)
>> [110] : 0x54 (84)
>> [111] : 0x55 (85)
>> [112] : 0x7e (126)
>> [113] : 0xa7 (167)
>> [114] : 0x47 (71)
>> [115] : 0xdb (219)
>> [116] : 0x24 (36)
>> [117] : 0x96 (150)
>> [118] : 0xe4 (228)
>> [119] : 0xdd (221)
>> [120] : 0x5f (95)
>> [121] : 0x4c (76)
>> [122] : 0x0c (12)
>> [123] : 0x4d (77)
>> [124] : 0xc8 (200)
>> [125] : 0x17 (23)
>> [126] : 0xc9 (201)
>> [127] : 0x53 (83)
>> [128] : 0xdb (219)
>> [129] : 0x58 (88)
>> [130] : 0x98 (152)
>> [131] : 0x03 (3)
>> [132] : 0xf6 (246)
>> [133] : 0xf9 (249)
>> [134] : 0x19 (25)
>> [135] : 0xec (236)
>> [136] : 0x56 (86)
>> [137] : 0xb0 (176)
>> [138] : 0x8d (141)
>> [139] : 0xf5 (245)
>> [140] : 0x39 (57)
>> [141] : 0x9d (157)
>> [142] : 0xfb (251)
>> [143] : 0xea (234)
>> [144] : 0x59 (89)
>> [145] : 0xdd (221)
>> [146] : 0xeb (235)
>> [147] : 0x3d (61)
>> [148] : 0xa0 (160)
>> [149] : 0xaf (175)
>> [150] : 0x1b (27)
>> [151] : 0x7c (124)
>> [152] : 0xe1 (225)
>> [153] : 0x85 (133)
>> [154] : 0x22 (34)
>> [155] : 0xd2 (210)
>> [156] : 0x19 (25)
>> [157] : 0x45 (69)
>> [158] : 0xa8 (168)
>> [159] : 0x14 (20)
>> [160] : 0x2a (42)
>> [161] : 0x8f (143)
>> [162] : 0x26 (38)
>> [163] : 0x3d (61)
>> [164] : 0x3e (62)
>> [165] : 0x4f (79)
>> [166] : 0xc8 (200)
>> [167] : 0x4d (77)
>> [168] : 0xb5 (181)
>> [169] : 0xb4 (180)
>> [170] : 0xeb (235)
>> [171] : 0x49 (73)
>> [172] : 0x6b (107)
>> [173] : 0x16 (22)
>> [174] : 0xc2 (194)
>> [175] : 0x5f (95)
>> [176] : 0xa7 (167)
>> [177] : 0x3b (59)
>> [178] : 0x1e (30)
>> [179] : 0xd3 (211)
>> [180] : 0x25 (37)
>> [181] : 0xe9 (233)
>> [182] : 0x84 (132)
>> [183] : 0xc0 (192)
>> [184] : 0x30 (48)
>> [185] : 0xd9 (217)
>> [186] : 0x56 (86)
>> [187] : 0xf7 (247)
>> [188] : 0x15 (21)
>> [189] : 0x89 (137)
>> [190] : 0xd5 (213)
>> [191] : 0xac (172)
>> [192] : 0x40 (64)
>> [193] : 0x96 (150)
>> [194] : 0x14 (20)
>> [195] : 0xed (237)
>> [196] : 0x02 (2)
>> [197] : 0xcf (207)
>> [198] : 0x66 (102)
>> [199] : 0x03 (3)
>> [200] : 0xee (238)
>> [201] : 0xf5 (245)
>> [202] : 0x79 (121)
>> [203] : 0xa3 (163)
>> [204] : 0xc6 (198)
>> [205] : 0x4e (78)
>> [206] : 0x59 (89)
>> [207] : 0xfe (254)
>> [208] : 0x01 (1)
>> [209] : 0x07 (7)
>> [210] : 0xda (218)
>> [211] : 0x5f (95)
>> [212] : 0xd1 (209)
>> [213] : 0xb8 (184)
>> [214] : 0xd6 (214)
>> [215] : 0xe3 (227)
>> [216] : 0x15 (21)
>> [217] : 0x28 (40)
>> [218] : 0x78 (120)
>> [219] : 0x83 (131)
>> [220] : 0x4b (75)
>> [221] : 0xf6 (246)
>> [222] : 0x5b (91)
>> [223] : 0xd6 (214)
>> [224] : 0xb0 (176)
>> [225] : 0x10 (16)
>> [226] : 0xb7 (183)
>> [227] : 0x74 (116)
>> [228] : 0x5f (95)
>> [229] : 0xaa (170)
>> [230] : 0xaa (170)
>> [231] : 0xc4 (196)
>> [232] : 0x4f (79)
>> [233] : 0x53 (83)
>> [234] : 0xe7 (231)
>> [235] : 0x1f (31)
>> [236] : 0xfd (253)
>> [237] : 0xe4 (228)
>> [238] : 0xab (171)
>> [239] : 0xa3 (163)
>> [240] : 0xbb (187)
>> [241] : 0xf3 (243)
>> [242] : 0x98 (152)
>> [243] : 0x5c (92)
>> [244] : 0x47 (71)
>> [245] : 0xea (234)
>> [246] : 0x2b (43)
>> [247] : 0xa5 (165)
>> [248] : 0xbf (191)
>> [249] : 0xa1 (161)
>> [250] : 0xbe (190)
>> [251] : 0xa2 (162)
>> [252] : 0x3b (59)
>> [253] : 0x3b (59)
>> [254] : 0x13 (19)
>> [255] : 0x6a (106)
>> access_check: ARRAY(88)
>> [0] : 0xaa (170)
>> [1] : 0x5e (94)
>> [2] : 0x85 (133)
>> [3] : 0xdd (221)
>> [4] : 0xfb (251)
>> [5] : 0xdf (223)
>> [6] : 0x5c (92)
>> [7] : 0x8e (142)
>> [8] : 0x0f (15)
>> [9] : 0xc4 (196)
>> [10] : 0x9e (158)
>> [11] : 0xdf (223)
>> [12] : 0x43 (67)
>> [13] : 0xb7 (183)
>> [14] : 0xb8 (184)
>> [15] : 0xaa (170)
>> [16] : 0x01 (1)
>> [17] : 0x17 (23)
>> [18] : 0xf6 (246)
>> [19] : 0xd4 (212)
>> [20] : 0x93 (147)
>> [21] : 0xcb (203)
>> [22] : 0x35 (53)
>> [23] : 0xb9 (185)
>> [24] : 0x9f (159)
>> [25] : 0x57 (87)
>> [26] : 0x2a (42)
>> [27] : 0xed (237)
>> [28] : 0x8d (141)
>> [29] : 0x6f (111)
>> [30] : 0xdc (220)
>> [31] : 0x4d (77)
>> [32] : 0x9c (156)
>> [33] : 0xae (174)
>> [34] : 0x9f (159)
>> [35] : 0x2a (42)
>> [36] : 0x45 (69)
>> [37] : 0xc9 (201)
>> [38] : 0xbb (187)
>> [39] : 0xf5 (245)
>> [40] : 0x48 (72)
>> [41] : 0x8a (138)
>> [42] : 0x3e (62)
>> [43] : 0x98 (152)
>> [44] : 0x62 (98)
>> [45] : 0x93 (147)
>> [46] : 0xb8 (184)
>> [47] : 0x20 (32)
>> [48] : 0x77 (119)
>> [49] : 0x0e (14)
>> [50] : 0x8f (143)
>> [51] : 0x24 (36)
>> [52] : 0x75 (117)
>> [53] : 0x16 (22)
>> [54] : 0x12 (18)
>> [55] : 0x2e (46)
>> [56] : 0x7b (123)
>> [57] : 0xf0 (240)
>> [58] : 0xb9 (185)
>> [59] : 0x61 (97)
>> [60] : 0x1d (29)
>> [61] : 0xee (238)
>> [62] : 0x8f (143)
>> [63] : 0x2a (42)
>> [64] : 0xed (237)
>> [65] : 0xfb (251)
>> [66] : 0xed (237)
>> [67] : 0x39 (57)
>> [68] : 0x41 (65)
>> [69] : 0xba (186)
>> [70] : 0x73 (115)
>> [71] : 0x91 (145)
>> [72] : 0x68 (104)
>> [73] : 0x0c (12)
>> [74] : 0x21 (33)
>> [75] : 0x4b (75)
>> [76] : 0x9d (157)
>> [77] : 0x2e (46)
>> [78] : 0x13 (19)
>> [79] : 0x3b (59)
>> [80] : 0x4a (74)
>> [81] : 0x5a (90)
>> [82] : 0x96 (150)
>> [83] : 0x83 (131)
>> [84] : 0x74 (116)
>> [85] : 0x4d (77)
>> [86] : 0x52 (82)
>> [87] : 0x34 (52)
>> data_in_len : 0x00000174 (372)
>> param : 0x00000000 (0)
>> dump OK
>>
>>
>> If the dump is really correct (well it looks pretty good to my mind),
>> the encrypted secret will be:
>> encrypted_secret: ARRAY(256)
>> [0] : 0x30 (48)
>> [1] : 0xe5 (229)
>> [2] : 0x9a (154)
>> [3] : 0x15 (21)
>> [4] : 0x1b (27)
>> [5] : 0x59 (89)
>> [6] : 0xb8 (184)
>> [7] : 0x1e (30)
>> [8] : 0xb6 (182)
>> [9] : 0xb8 (184)
>> [10] : 0x2a (42)
>> [11] : 0xd0 (208)
>> [12] : 0x9f (159)
>> [13] : 0x30 (48)
>> [14] : 0xaa (170)
>> [15] : 0xb3 (179)
>> [16] : 0x12 (18)
>> [17] : 0x9a (154)
>> [18] : 0x98 (152)
>> [19] : 0x55 (85)
>> [20] : 0x63 (99)
>> [21] : 0xd2 (210)
>> [22] : 0x11 (17)
>> [23] : 0xe4 (228)
>> [24] : 0x41 (65)
>> [25] : 0x00 (0)
>> [26] : 0xdb (219)
>> [27] : 0x37 (55)
>> [28] : 0x9c (156)
>> [29] : 0xd9 (217)
>> [30] : 0x86 (134)
>> [31] : 0x63 (99)
>> [32] : 0xa1 (161)
>> [33] : 0x30 (48)
>> [34] : 0x1d (29)
>> [35] : 0x8c (140)
>> [36] : 0xf4 (244)
>> [37] : 0x25 (37)
>> [38] : 0x00 (0)
>> [39] : 0x16 (22)
>> [40] : 0xe2 (226)
>> [41] : 0xc1 (193)
>> [42] : 0xb0 (176)
>> [43] : 0x36 (54)
>> [44] : 0x89 (137)
>> [45] : 0x10 (16)
>> [46] : 0x83 (131)
>> [47] : 0x56 (86)
>> [48] : 0xad (173)
>> [49] : 0x8f (143)
>> [50] : 0x0b (11)
>> [51] : 0x11 (17)
>> [52] : 0x60 (96)
>> [53] : 0x20 (32)
>> [54] : 0xc4 (196)
>> [55] : 0x07 (7)
>> [56] : 0x81 (129)
>> [57] : 0x77 (119)
>> [58] : 0xc1 (193)
>> [59] : 0xd4 (212)
>> [60] : 0x95 (149)
>> [61] : 0x7d (125)
>> [62] : 0x81 (129)
>> [63] : 0xe8 (232)
>> [64] : 0xcc (204)
>> [65] : 0xa6 (166)
>> [66] : 0xbf (191)
>> [67] : 0xc5 (197)
>> [68] : 0xf5 (245)
>> [69] : 0x23 (35)
>> [70] : 0x8d (141)
>> [71] : 0x29 (41)
>> [72] : 0x2e (46)
>> [73] : 0x9c (156)
>> [74] : 0x8d (141)
>> [75] : 0x21 (33)
>> [76] : 0xff (255)
>> [77] : 0xc3 (195)
>> [78] : 0xb7 (183)
>> [79] : 0xc3 (195)
>> [80] : 0xba (186)
>> [81] : 0x14 (20)
>> [82] : 0x35 (53)
>> [83] : 0xec (236)
>> [84] : 0x6f (111)
>> [85] : 0x50 (80)
>> [86] : 0x24 (36)
>> [87] : 0x14 (20)
>> [88] : 0x17 (23)
>> [89] : 0x83 (131)
>> [90] : 0x5f (95)
>> [91] : 0xdc (220)
>> [92] : 0xbc (188)
>> [93] : 0x2a (42)
>> [94] : 0xd9 (217)
>> [95] : 0xf6 (246)
>> [96] : 0xee (238)
>> [97] : 0xf9 (249)
>> [98] : 0x4f (79)
>> [99] : 0x63 (99)
>> [100] : 0x16 (22)
>> [101] : 0x0a (10)
>> [102] : 0xfc (252)
>> [103] : 0x93 (147)
>> [104] : 0xb4 (180)
>> [105] : 0xa2 (162)
>> [106] : 0x4c (76)
>> [107] : 0x10 (16)
>> [108] : 0xcf (207)
>> [109] : 0x28 (40)
>> [110] : 0x54 (84)
>> [111] : 0x55 (85)
>> [112] : 0x7e (126)
>> [113] : 0xa7 (167)
>> [114] : 0x47 (71)
>> [115] : 0xdb (219)
>> [116] : 0x24 (36)
>> [117] : 0x96 (150)
>> [118] : 0xe4 (228)
>> [119] : 0xdd (221)
>> [120] : 0x5f (95)
>> [121] : 0x4c (76)
>> [122] : 0x0c (12)
>> [123] : 0x4d (77)
>> [124] : 0xc8 (200)
>> [125] : 0x17 (23)
>> [126] : 0xc9 (201)
>> [127] : 0x53 (83)
>> [128] : 0xdb (219)
>> [129] : 0x58 (88)
>> [130] : 0x98 (152)
>> [131] : 0x03 (3)
>> [132] : 0xf6 (246)
>> [133] : 0xf9 (249)
>> [134] : 0x19 (25)
>> [135] : 0xec (236)
>> [136] : 0x56 (86)
>> [137] : 0xb0 (176)
>> [138] : 0x8d (141)
>> [139] : 0xf5 (245)
>> [140] : 0x39 (57)
>> [141] : 0x9d (157)
>> [142] : 0xfb (251)
>> [143] : 0xea (234)
>> [144] : 0x59 (89)
>> [145] : 0xdd (221)
>> [146] : 0xeb (235)
>> [147] : 0x3d (61)
>> [148] : 0xa0 (160)
>> [149] : 0xaf (175)
>> [150] : 0x1b (27)
>> [151] : 0x7c (124)
>> [152] : 0xe1 (225)
>> [153] : 0x85 (133)
>> [154] : 0x22 (34)
>> [155] : 0xd2 (210)
>> [156] : 0x19 (25)
>> [157] : 0x45 (69)
>> [158] : 0xa8 (168)
>> [159] : 0x14 (20)
>> [160] : 0x2a (42)
>> [161] : 0x8f (143)
>> [162] : 0x26 (38)
>> [163] : 0x3d (61)
>> [164] : 0x3e (62)
>> [165] : 0x4f (79)
>> [166] : 0xc8 (200)
>> [167] : 0x4d (77)
>> [168] : 0xb5 (181)
>> [169] : 0xb4 (180)
>> [170] : 0xeb (235)
>> [171] : 0x49 (73)
>> [172] : 0x6b (107)
>> [173] : 0x16 (22)
>> [174] : 0xc2 (194)
>> [175] : 0x5f (95)
>> [176] : 0xa7 (167)
>> [177] : 0x3b (59)
>> [178] : 0x1e (30)
>> [179] : 0xd3 (211)
>> [180] : 0x25 (37)
>> [181] : 0xe9 (233)
>> [182] : 0x84 (132)
>> [183] : 0xc0 (192)
>> [184] : 0x30 (48)
>> [185] : 0xd9 (217)
>> [186] : 0x56 (86)
>> [187] : 0xf7 (247)
>> [188] : 0x15 (21)
>> [189] : 0x89 (137)
>> [190] : 0xd5 (213)
>> [191] : 0xac (172)
>> [192] : 0x40 (64)
>> [193] : 0x96 (150)
>> [194] : 0x14 (20)
>> [195] : 0xed (237)
>> [196] : 0x02 (2)
>> [197] : 0xcf (207)
>> [198] : 0x66 (102)
>> [199] : 0x03 (3)
>> [200] : 0xee (238)
>> [201] : 0xf5 (245)
>> [202] : 0x79 (121)
>> [203] : 0xa3 (163)
>> [204] : 0xc6 (198)
>> [205] : 0x4e (78)
>> [206] : 0x59 (89)
>> [207] : 0xfe (254)
>> [208] : 0x01 (1)
>> [209] : 0x07 (7)
>> [210] : 0xda (218)
>> [211] : 0x5f (95)
>> [212] : 0xd1 (209)
>> [213] : 0xb8 (184)
>> [214] : 0xd6 (214)
>> [215] : 0xe3 (227)
>> [216] : 0x15 (21)
>> [217] : 0x28 (40)
>> [218] : 0x78 (120)
>> [219] : 0x83 (131)
>> [220] : 0x4b (75)
>> [221] : 0xf6 (246)
>> [222] : 0x5b (91)
>> [223] : 0xd6 (214)
>> [224] : 0xb0 (176)
>> [225] : 0x10 (16)
>> [226] : 0xb7 (183)
>> [227] : 0x74 (116)
>> [228] : 0x5f (95)
>> [229] : 0xaa (170)
>> [230] : 0xaa (170)
>> [231] : 0xc4 (196)
>> [232] : 0x4f (79)
>> [233] : 0x53 (83)
>> [234] : 0xe7 (231)
>> [235] : 0x1f (31)
>> [236] : 0xfd (253)
>> [237] : 0xe4 (228)
>> [238] : 0xab (171)
>> [239] : 0xa3 (163)
>> [240] : 0xbb (187)
>> [241] : 0xf3 (243)
>> [242] : 0x98 (152)
>> [243] : 0x5c (92)
>> [244] : 0x47 (71)
>> [245] : 0xea (234)
>> [246] : 0x2b (43)
>> [247] : 0xa5 (165)
>> [248] : 0xbf (191)
>> [249] : 0xa1 (161)
>> [250] : 0xbe (190)
>> [251] : 0xa2 (162)
>> [252] : 0x3b (59)
>> [253] : 0x3b (59)
>> [254] : 0x13 (19)
>> [255] : 0x6a (106)
>>
>>
>> And I'm having difficulties to uncrypt it although I'm pretty sure of
>> my private and public key (extracted from the active directory).
>> I get the public key from backupkey protocol when supplying the
>> BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID and the private key by extracting
>> it from a replicated s4 DC.
>>
>> The certificate is cert.pem and the key is privkeycert.pem.
>>
>> I'm able to encrypt the cert's public key and decrypt with the private key:
>>
>> As this: echo "super test" | openssl rsautl -encrypt -certin -inkey
>> cert.pem | openssl rsautl -decrypt -inkey privkeycert.pem gives me the
>> clear text.
>>
>> So it should means that I'm able to decrypt the encrypted_secret as it
>> is stated in the documentation (ms-bkrp.pdf)
>>
>> "If the dwVersion field is set to 0x00000002, this field MUST contain
>> the structure specified in Section 2.2.2.1, padded and encrypted with
>> the server's public key according to the
>> PKCS#1 v1.5 RSA encryption scheme specified in [RFC3447] section 7.2."
>>
>>
>> Trying to decrypt the secrets with the private key (which
>>
>>
>> openssl rsautl -decrypt -inkey privkeycert.pem -in secret.cr RSA
>> operation error 12156:error:0407106B:rsa
>> routines:RSA_padding_check_PKCS1_type_2:block
>> type is not 02:rsa_pk1.c:190:
>> 12156:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding
>> check
>> failed:rsa_eay.c:592:
>>
>>
>> Is there anything I get wrong ?
>>
>> Thanks for you help.
>>
>> Regards.
>> Matthieu.
>>
>
> --
> Matthieu Patou
> Samba Team http://samba.org
>
--
Matthieu Patou
Samba Team http://samba.org
More information about the cifs-protocol
mailing list