[PATCH][SMB3.1.1] Add defines for new signing context

Stefan Metzmacher metze at samba.org
Tue Nov 10 08:42:13 UTC 2020

Am 15.10.20 um 20:15 schrieb Tom Talpey:
> On 10/12/2020 5:50 AM, Aurélien Aptel wrote:
>> Patch LGTM
>> Reviewed-by: Aurelien Aptel <aaptel at suse.com>
>> Stefan Metzmacher via samba-technical <samba-technical at lists.samba.org>
>>> This isn't in MS-SMB2 yet.
>>> Is this AES_128?
>> This is returned in latest Windows Server Insider builds but it's not
>> documented yet.
>> https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewserver
>> I've asked dochelp about it during the SDC plugfest and they gave me
>> this:
>>      The new ContextType is:
>>      The Data field contains a list of signing algorithms.
>>      •    It adds a new negotiate context, which enables SMB to decouple signing algorithms from dialects. E.g. if both client and server supports it, a session may use
>> HMAC-SHA256 with SMB 3.1.1.
>>      •    It adds the AES-GMAC algorithm.
>>            SigningAlgorithmCount (2 bytes): Count of signing algorithms
>>      SigningAlgorithms (variable): An array of SigningAlgorithmCount 16-bit integer IDs specifying the supported signing algorithms.
>>            The following IDs are assigned:
>>      0 = HMAC-SHA256
>>      1 = AES-CMAC
>>      2 = AES-GMAC
>> I've been CCed in a Microsoft email thread later on and it seems to be
>> unclear why this was missed/wasn't documented. Maybe this is subject to
>> change so take with a grain of salt.
> Just curious if you've heard back on this. Insider builds will sometimes
> support things that don't make it to the release. Even Preview docs can
> change. However, AES_GMAC has been on the radar since 2015 (*) so
> perhaps the time has come!
> I'd suggest wrapping this context and the integrity algs in some kind of
> conditional, in case this is delayed...

Does anyone know how the nonce/iv is constructed for GMAC?
I see a Windows server returning a signed final session setup
(which is a plain SMB2 response without any TRANSFORM-like header).

Also is using AES-128-GCM only with auth_data and no plain/cipher-text the correct way to implement GMAC?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20201110/3ada057f/signature.sig>

More information about the samba-technical mailing list