Hongwei, > The SharedSecret used for AES session key computation, as described in > 3.1.4.3 MS-NRPC , should be the NTOWF (MD4(UNICODE(Passwd))) of the plaintext > password. The section 3.1.1 of MS-NRPC explains what a SharedSecret is used > for session key calculation in Windows implementations. The SharedSecret is > stored in UnicodePwd AD attribute. Please see section 3.1.1 and Windows > Behavior notes <66>,<67> of MS-NRPC for details.
Yes, I saw that and that's why I've also done it like this, but I was wondering why Section 3.4.1 has M4SS := MD4(UNICODE(SharedSecret)) explicit for the hmac_md5 session key and the des session key. I think it would make sense to also add it to the hmac_sha256 section in order to remove the confusion I had. > > I will continue working on all questions related to AES encryption. Thanks, as it seems I compute the session key correct, this is the place (netlogon_creds_step_crypt()) where I have a bug, because I'm getting access denied when I try DCERPC_SCHANNEL_AES against a w2k8r2rc server. metze > > -----Original Message----- > > From: Stefan (metze) Metzmacher [mailto:me...@samba.org] > > Sent: Tuesday, August 25, 2009 11:13 AM > > To: Interoperability Documentation Help > > Cc: p...@tridgell.net; cifs-proto...@samba.org > > Subject: MS-NRPC: AES Schannel problems > > > > Hi, > > > > I'm currently trying to implement the AES based Netlogon Secure Channel in > Samba. > > > > But the documentation is not really clear about the used algorithms. > > > > I have started with the implementation here: > > http://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel > > > > And here's the actual commit that tries to add aes support: > > http://gitweb.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=50dca9ce0f051c863f00cc949db2c19bf247887b > > > > In Section "3.1.4.3 Session-Key Computation" the hmac-sha256 base computation > of the session-key seems to use the plain SharedSecret and not the NT-HASH of > it (MD4(UNICODE(ShareSecret))), is that correct? > > I thought the plain text is never stored in AD by default... > > Where should the netlogon server get the plain text from? > > I just tried the NT-HASH see my netlogon_creds_init_hmac_sha256() function. > > > > In Section "3.1.4.4 Netlogon Credential Computation" there's a AesEncrypt > function used. Can you please document the exact algorithm that's used there. > You say AES128 is used in CFB mode without initialization vector. > > > > http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation > > says that all modes except ECB require an IV. > > > > It would also be nice if you could add some more example values in secion 4.2 > Cryptographic Values for Session Key Validation. > > > > metze > > > > > > > > > >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol