[cifs-protocol] [EXTERNAL] [MS-OAPXBC] Incorrect session key instructions

William Brown wbrown at suse.de
Thu Jan 25 03:22:04 UTC 2024



> On 25 Jan 2024, at 13:13, Sreekanth Nadendla <srenaden at microsoft.com> wrote:
> 
> William, David
> Are you decrypting with the machine key (device transport key) ?

Yes, we are.

> Also have you been able to separate header, encryptedkey, iv, payload and authentication Tag from the response ?

Yes, we have,

> I want to see what was sent in these fields and ensure that the parsing scheme is valid.

https://github.com/kanidm/compact-jwt/pull/18/files

Specifically, https://github.com/kanidm/compact-jwt/blob/b13dda1420e527d639f2962f4022609d2a46ae50/src/compact.rs#L402

Please also see https://github.com/kanidm/compact-jwt/blob/b13dda1420e527d639f2962f4022609d2a46ae50/src/crypto/rsaes_oaep.rs#L269 which is the RFC compliance test vectors.

> 
> If the Algorithm is dir instead of RSA-OAEP, is your implementation working ?

Yes.


We have now been able to get a sample of a valid exchange ( https://github.com/kanidm/compact-jwt/blob/b13dda1420e527d639f2962f4022609d2a46ae50/src/crypto/ms_oapxbc.rs#L256 ) with a correctly sized CEK (256 bytes). We are still unsure under what conditions MS is sending us a 294 CEK under.



--
Sincerely,

William Brown

Senior Software Engineer,
Identity and Access Management
SUSE Labs, Australia




More information about the cifs-protocol mailing list