[PATCH][SMB3.1.1] Add defines for new signing context
Stefan Metzmacher
metze at samba.org
Tue Nov 10 08:42:13 UTC 2020
Am 15.10.20 um 20:15 schrieb Tom Talpey:
> On 10/12/2020 5:50 AM, Aurélien Aptel wrote:
>> Patch LGTM
>>
>> Reviewed-by: Aurelien Aptel <aaptel at suse.com>
>>
>> Stefan Metzmacher via samba-technical <samba-technical at lists.samba.org>
>>> This isn't in MS-SMB2 yet.
>>>
>>> Is this AES_128?
>>
>> This is returned in latest Windows Server Insider builds but it's not
>> documented yet.
>>
>> https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewserver
>>
>> I've asked dochelp about it during the SDC plugfest and they gave me
>> this:
>>
>> The new ContextType is:
>> SMB2_SIGNING_CAPABILITIES 0x0008
>> The Data field contains a list of signing algorithms.
>> • It adds a new negotiate context, which enables SMB to decouple signing algorithms from dialects. E.g. if both client and server supports it, a session may use
>> HMAC-SHA256 with SMB 3.1.1.
>> • It adds the AES-GMAC algorithm.
>> SigningAlgorithmCount (2 bytes): Count of signing algorithms
>> SigningAlgorithms (variable): An array of SigningAlgorithmCount 16-bit integer IDs specifying the supported signing algorithms.
>> The following IDs are assigned:
>> 0 = HMAC-SHA256
>> 1 = AES-CMAC
>> 2 = AES-GMAC
>>
>>
>> I've been CCed in a Microsoft email thread later on and it seems to be
>> unclear why this was missed/wasn't documented. Maybe this is subject to
>> change so take with a grain of salt.
>
> Just curious if you've heard back on this. Insider builds will sometimes
> support things that don't make it to the release. Even Preview docs can
> change. However, AES_GMAC has been on the radar since 2015 (*) so
> perhaps the time has come!
>
> I'd suggest wrapping this context and the integrity algs in some kind of
> conditional, in case this is delayed...
Does anyone know how the nonce/iv is constructed for GMAC?
I see a Windows server returning a signed final session setup
(which is a plain SMB2 response without any TRANSFORM-like header).
Also is using AES-128-GCM only with auth_data and no plain/cipher-text the correct way to implement GMAC?
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20201110/3ada057f/signature.sig>
More information about the samba-technical
mailing list