[cifs-protocol] [EXTERNAL] [MS-OAPXBC] Incorrect session key instructions
David Mulder
dmulder at samba.org
Thu Jan 25 16:11:37 UTC 2024
On 1/24/24 8:53 PM, Sreekanth Nadendla wrote:
>
> It's unclear how the base64decoded followed by decrypted key varies in
> size randomly. I will investigate this tomorrow and get back to you.
I got the JWE with the correctly sized CEK from a Windows machine using
Powershell code. I'm making what I believe is exactly the same request
from Linux Rust code and getting the incorrectly sized one. So it's not
random. It works consistently on Windows. It fails consistently on
Linux. I've mirrored all the parameters from the Powershell request, but
still something about my request is causing your servers to trip up on
something.
My guess is it's not the PRT request that's directly causing the
failure, but perhaps it's a side effect of a previous request.
Here are the steps I'm taking:
1. Authenticate using username and password, requesting the DRS scope
("01cb2876-7ebd-4aa4-9cc9-d28bd4d359a9/.default").
2. Create an Rsa2048 public/private key pair. I use this both for the
transport key and for creating the CSR (I'm doing the same on Windows
using powershell).
3. Generate a CSR with the CN "7E980AD9-B86D-4306-9425-9AC066FB014A".
4. Send a join request as per
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-dvrj/e60e3298-f5bf-4203-97af-2082e08118cc
. Note that for testing, I've set the device type to 'Windows' and the
OSVersion to '10.0.22631.3007'. I've tested this with 'Linux' and a
custom distribution version, and neither seem to effect the join or PRT
request in any way. I've tried join types 0, 4, and 8. All work as
expected and don't effect the PRT request.
5. Store the returned signed certificate and the private key in the HSM.
6. Send a PRT request with a Jwt signed by the transport key created in
step 2. The Jwt header contains an x5c which is the Certificate returned
during step 5. The Jwt is modeled after
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-oapxbc/6da94507-af2e-41ed-a8da-e6edd4cbc2ca
and
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-oapxbc/1c277b53-36c6-4730-8772-631f9d3ab2ab
(username/password auth). I've also tried authenticating with a refresh
token (obtained using a DAG request with the
"1b730954-1685-4b74-9bfd-dac224a7b894/.default" scope). I see the exact
same issue of the incorrectly sized CEK on both the username/password
PRT and the refresh token PRT response.
Here's an example JWT for the PRT request:
{ "alg": "RS256", "typ": "JWT", "x5c": "MIID8jCC...<redacted>...bUA1US"
}.{ "client_id": "38aa3b87-a06d-4817-b275-7a316988d93b",
"request_nonce": "AwABAAEAAAACAOz_BQ...<redacted>...5Fp0UgAA", "scope":
"openid aza ugs", "win_ver": "10.0.18363.0", "grant_type": "password",
"username": "admin@<redacted>", "password": "<redacted>" }.[Signature]
The request_nonce was obtained as described in
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-oapxbc/451d1710-2428-4cec-9c6f-96c35d809d16
Here is an example request body:
windows_api_version=2.0&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&request=eyJhbG...<redacted>...T8tmkPg&client_info=1
Where the `request` parameter is the JWT, each section
(header/payload/signature) base64url encoded and separated by periods.
Here is an example response from MS:
*{*
***"token_type"**: *"Bearer"*,*
***"expires_in"**: *"1209599"*,*
***"ext_expires_in"**: *"0"*,*
***"expires_on"**: *"1707407869"*,*
***"refresh_token"**: *"0.AbcAblw...<redacted>...o4LbS"*,*
***"refresh_token_expires_in"**: *1209599*,*
***"id_token"**: *"eyJ0eXAiOiJK...<redacted>...yIjoiMS4wIn0."*,*
***"client_info"**: *"eyJ1aWQi...<redacted>...NlMjRiIn0"*,*
***"session_key_jwe"**:
*"eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.Lwx1oUwtrOVhZoHkPlNCVfvmInTIVfkpY4daNtS7fiL-dL-G2pgnSbCG23vwmk8VF9dbQPKkN4ERiWsXA8hjaZPE4XcWsylUrbT65hyO3U_r3nXLGxAYX06rRP21L8ak1qoFAl9wodJI30yHmBqYdsrO3BNa0QRXNmvliRF1fNnvzuRj5VQiqFi78-8as7rwKtUQ117R11q3EvaoYgwQUJS1JdDAiRDRHuVpVmfH8Gf279EpRuhKlyEN1gtjXCcK1U9cj3Oco47JeS3AuCZOrU0Q0rRSt0hWBFC21mLxqQ64hXTG3NOb5O-DFoN7sIf7vDBdQloZ2Sxq5gDVdegfmcsKTnjD3nooJIOuT8mmCyTeqdHlio-sYNBm0QzSsLPP3Dngl1bK.yLJM5ZkeigtBz5Cl.TA.lBRRBpOedY0K62Ti7jDqNA"*,*
***"device_tenant_id"**: *"68355c6e-0a63-442d-a2ec-71cc6bb3e24b"
*}*
I should note that all the other fields in the PRT can be parsed and are
sensible responses. Only the `session_key_jwe` has a problem.
> python3
>>> session_key_jwe =
"eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.Lwx1oUwtrOVhZoHkPlNCVfvmInTIVfkpY4daNtS7fiL-dL-G2pgnSbCG23vwmk8VF9dbQPKkN4ERiWsXA8hjaZPE4XcWsylUrbT65hyO3U_r3nXLGxAYX06rRP21L8ak1qoFAl9wodJI30yHmBqYdsrO3BNa0QRXNmvliRF1fNnvzuRj5VQiqFi78-8as7rwKtUQ117R11q3EvaoYgwQUJS1JdDAiRDRHuVpVmfH8Gf279EpRuhKlyEN1gtjXCcK1U9cj3Oco47JeS3AuCZOrU0Q0rRSt0hWBFC21mLxqQ64hXTG3NOb5O-DFoN7sIf7vDBdQloZ2Sxq5gDVdegfmcsKTnjD3nooJIOuT8mmCyTeqdHlio-sYNBm0QzSsLPP3Dngl1bK.yLJM5ZkeigtBz5Cl.TA.lBRRBpOedY0K62Ti7jDqNA"
>>> session_key_jwe_parts = session_key_jwe.split('.')
>>> len(base64.urlsafe_b64decode(session_key_jwe_parts[1]+'=='))
294
--
David Mulder
Labs Software Engineer, Samba
SUSE
1221 S Valley Grove Way, Suite 500
Pleasant Grove, UT 84062
(P)+1 385.208.2989
dmulder at suse.com
http://www.suse.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20240125/db49bd18/attachment.htm>
More information about the cifs-protocol
mailing list