[jcifs] SOLVED: Unverifiable Signature

Michael B Allen mba2000 at ioplex.com
Wed Apr 7 03:46:37 GMT 2004

If someone would like to try my double secret pre-release it has the fix
for the "Unverifiable signature" problem as well as fixes for directory
timestamp issues, DFS bugs found by Gary, as well as several other SMB
signature issues.

However! This code also has some significant refactoring and cleanups.
NbtSocket has been hacked, NT_STATUS codes are now used, the way MIDs are
allocated has changed, etc. These kinds of things can change the behavior
of the client significantly but I haven't tested this stuff at all.


I have a few more things on the list (e.g. raw transport) and I'll start 0.9.


PS: The "Unverifiable signature" bug turned out to be a padding byte that
wasn't being properly considered when updating the signing digest.
Normally this byte is 0x00 which works. But occationally MS servers have
garbage in this byte. A 0x01 instead of 0x00 is all that's needed for the
signature to fail. The time dependancy is probably due to how MS servers
handle buffers. If you wait a half-second you get a 0x01 in the pad byte
of a ReadAndX response. If you're quick to send the next request it's

More information about the jcifs mailing list