[cifs-protocol] [EXTERNAL] Re: [MS-OAPXBC] Incorrect session key instructions
David Mulder
dmulder at samba.org
Wed Jan 24 22:07:28 UTC 2024
On 1/24/24 2:34 PM, Sreekanth Nadendla wrote:
> Hello David, William,
> You are correct i.e. the individual fields are sent after base64
> encoding in the response.
>
> So, the following data needs to be Base64URL decoded first in order to
> decrypt
> 1) iv, payload, tag ( used when decrypting using dir algorithm. )
>
> 2) encrypted Key parsed out from response (when
> decrypting using RSA-OAEP algorithm, device transport key, account
> info is used to decrypt)
>
> Have you been able to parse the response header and verify which
> algorithm is used ? "Direct use of a shared symmetric key as CEK" vs
> "RSAES using OAEP".
> It's value will be either RSA-OAEP or dir in the header.
Here's an example:
Header:
{"enc":"A256GCM","alg":"RSA-OAEP"}
CEK field:
EGzWVAJryfCZcHTBuh2GlgpsSJ07_uJYJzxHugaMcs0fRqPCuyJbmnPUF4RAIA52NuxIIvUX2IQZbkip81SbSyDQdZc9qrMTBGBij4X3vTq_lRX6AVu9qY_S8CmOp1Uj0fwwuJ0JZBB9gyaIVz55aSmh0EpJLD6sZaWoCQ_yW4zi2Zkh76Ejj6oXdg4N4EcuT_BE_BYa-k4C6rzEZOC56tFhLeajJiaQZjkS9sDFFCqD954yakiK6OITMQWCgrxWnouXBzIgXIeeLHfoBpV2FKjLgUW9j_W_PSj02awvzPxCCgxCoMttuH0gSg_nIBslqsRUOtV7Z6-R4PRQCvu7bBBMCatoGEDCIcSDOsxGXi4qWebJDDV8lwRJDnX6fj0XlWiaSw37
Which if we decode with base64url, it's 294 bytes long (which can't be
decrypted because it is too long).
Here's a whole session_key_jwe we're getting back from MS:
eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.EGzWVAJryfCZcHTBuh2GlgpsSJ07_uJYJzxHugaMcs0fRqPCuyJbmnPUF4RAIA52NuxIIvUX2IQZbkip81SbSyDQdZc9qrMTBGBij4X3vTq_lRX6AVu9qY_S8CmOp1Uj0fwwuJ0JZBB9gyaIVz55aSmh0EpJLD6sZaWoCQ_yW4zi2Zkh76Ejj6oXdg4N4EcuT_BE_BYa-k4C6rzEZOC56tFhLeajJiaQZjkS9sDFFCqD954yakiK6OITMQWCgrxWnouXBzIgXIeeLHfoBpV2FKjLgUW9j_W_PSj02awvzPxCCgxCoMttuH0gSg_nIBslqsRUOtV7Z6-R4PRQCvu7bBBMCatoGEDCIcSDOsxGXi4qWebJDDV8lwRJDnX6fj0XlWiaSw37.fGFa6aVfmf83em7B.EA.O8wTp91cEL3-bACPGhi3iA
I'm consistently getting this sort of response, with a garbled CEK.
I tried putting this JWE through Powershell, and attempted decrypting
the CEK with
`System.Security.Cryptography.RSAOAEPKeyExchangeDeformatter`. This fails
with:
MethodInvocationException:
/home/dmulder/.local/share/powershell/Modules/AADInternals/0.9.2/PRT_Utils.ps1:754
Line |
754 | … $CEK =
[System.Security.Cryptography.RSAOAEPKeyExchang …
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Exception calling "DecryptKeyExchange" with "1" argument(s):
"The length of the data to decrypt is not valid
| for the size of this key."
--
David Mulder
Labs Software Engineer, Samba
SUSE
1221 S Valley Grove Way, Suite 500
Pleasant Grove, UT 84062
(P)+1 385.208.2989
dmulder at suse.com
http://www.suse.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20240124/29dd76ad/attachment.htm>
More information about the cifs-protocol
mailing list