[cifs-protocol] [MS-SAMR] 3.2.2.5 Deriving an Encryption Key fr... - TrackingID#2207140040006706

Jeff McCashland (He/him) jeffm at microsoft.com
Thu Jul 14 22:03:10 UTC 2022


Hi Andreas,

You referenced the PBKDF2 profile from the RFC:
   PBKDF2 (P, S, c, dkLen)

And where it's used in [MS-SAMR] section 3.2.2.5:
CEK :: = (PBKDF2(NT HASH of "OldPassword", Salt, IterationCount, 512))

P = NT HASH of "OldPassword"
S = Salt
c = IterationCount
dkLen = 512

I think the 512 is actually the dkLen, rather than a reference to SHA512. Let me know if you still get an error using 512 as dkLen. 

Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team 
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300

-----Original Message-----
From: Jeff McCashland (He/him) 
Sent: Thursday, July 14, 2022 10:53 AM
To: Andreas Schneider <asn at samba.org>
Cc: cifs-protocol at lists.samba.org; Jeff McCashland <jeffm at microsoftsupport.com>
Subject: RE: [MS-SAMR] 3.2.2.5 Deriving an Encryption Key fr... - TrackingID#2207140040006706

[HC to BCC]

Hi Andreas,

I will assist you with this issue. I have the traces you uploaded to the workspace for our previous case. In general, it's best to wait for a new workspace link before uploading traces, so the traces are connected to the correct issue. 

Below I've included credentials and a workspace link for this specific issue/case. The reason I've been setting up separate workspaces is that any time you update/fix your implementation, we consider subsequent concerns as new issues even if the operation and error are the same. 

I'll analyze the traces and let you know what I find. 

Credentials for any additional files related to this issue:
Log in as: 2207140040006706_andreas at dtmxfer.onmicrosoft.com
1-time: 75M1vMQ]

Workspace link: https://support.microsoft.com/files?workspace=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ3c2lkIjoiOTQwYTI3MmYtNTA3ZC00MWRiLTg1YTUtZWJmMmRlNTIxMzJhIiwic3IiOiIyMjA3MTQwMDQwMDA2NzA2IiwiYXBwaWQiOiI0ZTc2ODkxZC04NDUwLTRlNWUtYmUzOC1lYTNiZDZlZjIxZTUiLCJzdiI6InYxIiwicnMiOiJFeHRlcm5hbCIsInd0aWQiOiI0NGQ3MTRmYy00NTRkLTRhOTgtOWFjNi0xNzcwOTJmNjcyNTgiLCJpc3MiOiJodHRwczovL2FwaS5kdG1uZWJ1bGEubWljcm9zb2Z0LmNvbSIsImF1ZCI6Imh0dHA6Ly9zbWMiLCJleHAiOjE2NjU1OTcwNzksIm5iZiI6MTY1NzgyMTA3OX0.TGwaNQYExmasfoHGEEd1ZeXoXkqMc0_3-vdRo02F2qIMVEL0QDNZPCjSotF_eK-2uCPI-uZHrqQ5nYuXKxJaQ4GFTPic0ncYkbiFdhbVPTJgwKpjyddv9AM11lV1M8_5wgtMPCQjeEehKaevPB6ioCMXTMsX5cJAJ92ZGnIwCAwDuqGKILmLWltKtyQl5oYOOKRbi8zsPHFt7SKQqc3yP4YGb0NemT1e2tllZ_rewpEChdlqqrg9BC9-EL-UOUhnqcJRaJ5R_PzDPA4hKywK8o-5NJ3bZku7bAdgP1LLhMwhfFe0vMetd5o7EUMpTACriiD-UqiQTUKdyEMHQlVBbw&wid=940a272f-507d-41db-85a5-ebf2de52132a

Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300

-----Original Message-----
From: Hung-Chun Yu <HungChun.Yu at microsoft.com>
Sent: Thursday, July 14, 2022 10:20 AM
To: Andreas Schneider <asn at samba.org>
Cc: cifs-protocol at lists.samba.org
Subject: [MS-SAMR] 3.2.2.5 Deriving an Encryption Key fr... - TrackingID#2207140040006706

[BCC] dochelp

HI Andreas

Thank you for contacting Microsoft Open Specifications Support. We created SR Case - TrackingID#2207140040006706 to track this issue. Do leave this tag in the subject line for future reference.
One of our engineers will be contacting you shortly.

Hung-Chun Yu
Escalation Engineer
Microsoft Open Specifications

-----Original Message-----
From: Andreas Schneider <asn at samba.org>
Sent: Thursday, July 14, 2022 1:03 AM
To: Interoperability Documentation Help <dochelp at microsoft.com>
Cc: cifs-protocol at lists.samba.org
Subject: [EXTERNAL] [MS-SAMR] 3.2.2.5 Deriving an Encryption Key from a Plaintext Password

Dear Dochelp Team,

I need your help again :-)

I'm trying to implement SamrUnicodeChangePasswordUser4. However when I try to run my implementation against Windows. I always get STATUS_WRONG_PASSWORD returned.

For the SamrUnicodeChangePasswordUser4 method (section 3.1.5.10.4), the shared secret is the plaintext old password and the CEK is generated as specified in section 3.2.2.5.

3.2.2.5 Deriving an Encryption Key from a Plaintext Password

The client MUST derive the CEK in the following manner:
CEK :: = (PBKDF2(NT HASH of "OldPassword", Salt, IterationCount, 512))



Looking at the RFC 8018 section 5.2:

PBKDF2 (P, S, c, dkLen)

   Options:        PRF        underlying pseudorandom function (hLen
                              denotes the length in octets of the
                              pseudorandom function output)

   Input:          P          password, an octet string
                   S          salt, an octet string
                   c          iteration count, a positive integer
                   dkLen      intended length in octets of the derived
                              key, a positive integer, at most
                              (2^32 - 1) * hLen

   Output:         DK         derived key, a dkLen-octet string


The MS-SAMR document doesn't say a word about the dkLen. Which would be how many bytes the pbkdf2 function should return for the CEK.

I've used 16 bytes (same as the session key) as dkLen. However I get STATUS_WRONG_PASSWORD


./bin/rpcclient ncacn_np:earth.milkyway.site -U'bob%Pa$$w0rd at 3' -c 'chgpasswd4 bob Pa$$w0rd at 3 Pa$$w0rd at 6'
[...]
rpc_api_pipe: host earth.milkyway.site returned 4 bytes.
     samr_ChangePasswordUser4: struct samr_ChangePasswordUser4
        out: struct samr_ChangePasswordUser4
            result                   : NT_STATUS_WRONG_PASSWORD


I've uploaded traces to:

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Ffiles&data=05%7C01%7Cjeffm%40microsoft.com%7C2e7351441cdb4696179208da65bd0dae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637934159907789590%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZnF7vMBiUpxR5NHinHK%2B0ID8gXvuo%2FgzJ%2FWcXlDBojU%3D&reserved=0?
workspace=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ3c2lkIjoiNTY5YjBlMTItMzYyNS00NjhlLWIwNjgtOTBiZDYyZDk2MTllIiwic3IiOiIyMjA3MTEwMDQwMDA4ODMyIiwiYXBwaWQiOiI0ZTc2ODkxZC04NDUwLTRlNWUtYmUzOC1lYTNiZDZlZjIxZTUiLCJzdiI6InYxIiwicnMiOiJFeHRlcm5hbCIsInd0aWQiOiJhYzUxMDFlOS1mMTExLTQ5MGUtOGVlYS04NWMxNGMyNzMyNmIiLCJpc3MiOiJodHRwczovL2FwaS5kdG1uZWJ1bGEubWljcm9zb2Z0LmNvbSIsImF1ZCI6Imh0dHA6Ly9zbWMiLCJleHAiOjE2NjU0MTQxMzEsIm5iZiI6MTY1NzYzODEzMX0.Oe0Nrl4WiClzTrLHTGeFVX6S-
oHNH4LjSGoiVF9eXNo9wN9w-
NyabVRaEUpWVvKheXcqukAuNYvxDGCnoj2ZbpPsE1JY4EByZfqC2l--8i6N0smD8Rtccd_YLg_hx9SqGO-
Dgr6Y5zLo6FMBUnfF6xQ8jhqB5a7ZJf4-
TfMnCgXDsltrLzB_JU1rLDsVGI5ZzZfN9BEOJeKxS9PJEB3azUy8lFvcMsyq8ZL5LOzyQyhg7H2CglwDjzNeGmg2Wov8vdVdh3Ahk0AZ08Otf7i-7tpggx0F9FsH13oS2j6IOzEni23z2G6AqNL4j7ss_23sCp5njIL70rvGv3LliynERA&wid=569b0e12-3625-468e-
b068-90bd62d9619e


Help here would be much appreciated. Thanks you dochelp team.


Best regards


        Andreas

--
Andreas Schneider                      asn at samba.org
Samba Team                             https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.samba.org%2F&data=05%7C01%7Cjeffm%40microsoft.com%7C2e7351441cdb4696179208da65bd0dae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637934159907789590%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=g%2BBw0bw7eD7Mit%2FCPz%2FBAPYvOS65NyD%2Bq24mqS%2F4Cl0%3D&reserved=0
GPG-ID:     8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D





More information about the cifs-protocol mailing list