[PATCH] Joining a Windows Server 2008 (Longhorn)
abartlet at samba.org
Wed Jan 30 01:02:47 GMT 2008
On Wed, 2008-01-30 at 11:55 +1100, Luke Howard wrote:
> > The AES session key is longer - 32 bytes I think. This also comes up in
> > the smb signing case. Samba4 has this working (which is where I came
> > across this first, when we moved to a Heimdal KDC that supported AES
> > created the longer session keys)
> Depends on whether it's AES-128, -192 or -256. Do MS truncate longer
> keys for the SMB session key or do they digest it?
Neither, the full length is used (be it as short as 8 from DES or as
long as 32 from AES) as far as I can tell, even for the weird LSA
des-based crypto, and easily for the SAMR crypto and signing.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080130/27131f37/attachment.bin
More information about the samba-technical