[PATCH] smb3.1.1: allow dumping GCM256 keys to improve debugging of encrypted shares

Steve French smfrench at gmail.com
Fri May 7 03:18:13 UTC 2021


On Thu, May 6, 2021 at 7:17 PM Stefan Metzmacher <metze at samba.org> wrote:
>
> Hi Steve,
>
> > +/*
> > + * Dump full key (32 byte encrypt/decrypt keys instead of 16 bytes)
> > + * is needed if GCM256 (stronger encryption) negotiated
> > + */
> > +struct smb3_full_key_debug_info {
> > + __u64 Suid;
> > + __u16 cipher_type;
> > + __u8 auth_key[16]; /* SMB2_NTLMV2_SESSKEY_SIZE */
>
> Why this? With kerberos the authentication key can be 32 bytes too.
>
> Why are you exporting it at all?

I don't remember the original reason for why it was thought wireshark
could use this.

Aurelien,
Do you remember the context/reasons for each of the exported fields?

-- 
Thanks,

Steve



More information about the samba-technical mailing list