[HC to BCC] Hi Andreas,
I will assist you with this issue. I have the traces you uploaded to the workspace for our previous case. In general, it's best to wait for a new workspace link before uploading traces, so the traces are connected to the correct issue. Below I've included credentials and a workspace link for this specific issue/case. The reason I've been setting up separate workspaces is that any time you update/fix your implementation, we consider subsequent concerns as new issues even if the operation and error are the same. I'll analyze the traces and let you know what I find. Credentials for any additional files related to this issue: Log in as: 2207140040006706_andr...@dtmxfer.onmicrosoft.com 1-time: 75M1vMQ] Workspace link: https://support.microsoft.com/files?workspace=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ3c2lkIjoiOTQwYTI3MmYtNTA3ZC00MWRiLTg1YTUtZWJmMmRlNTIxMzJhIiwic3IiOiIyMjA3MTQwMDQwMDA2NzA2IiwiYXBwaWQiOiI0ZTc2ODkxZC04NDUwLTRlNWUtYmUzOC1lYTNiZDZlZjIxZTUiLCJzdiI6InYxIiwicnMiOiJFeHRlcm5hbCIsInd0aWQiOiI0NGQ3MTRmYy00NTRkLTRhOTgtOWFjNi0xNzcwOTJmNjcyNTgiLCJpc3MiOiJodHRwczovL2FwaS5kdG1uZWJ1bGEubWljcm9zb2Z0LmNvbSIsImF1ZCI6Imh0dHA6Ly9zbWMiLCJleHAiOjE2NjU1OTcwNzksIm5iZiI6MTY1NzgyMTA3OX0.TGwaNQYExmasfoHGEEd1ZeXoXkqMc0_3-vdRo02F2qIMVEL0QDNZPCjSotF_eK-2uCPI-uZHrqQ5nYuXKxJaQ4GFTPic0ncYkbiFdhbVPTJgwKpjyddv9AM11lV1M8_5wgtMPCQjeEehKaevPB6ioCMXTMsX5cJAJ92ZGnIwCAwDuqGKILmLWltKtyQl5oYOOKRbi8zsPHFt7SKQqc3yP4YGb0NemT1e2tllZ_rewpEChdlqqrg9BC9-EL-UOUhnqcJRaJ5R_PzDPA4hKywK8o-5NJ3bZku7bAdgP1LLhMwhfFe0vMetd5o7EUMpTACriiD-UqiQTUKdyEMHQlVBbw&wid=940a272f-507d-41db-85a5-ebf2de52132a Best regards, Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300 -----Original Message----- From: Hung-Chun Yu <hungchun...@microsoft.com> Sent: Thursday, July 14, 2022 10:20 AM To: Andreas Schneider <a...@samba.org> Cc: cifs-protocol@lists.samba.org Subject: [MS-SAMR] 3.2.2.5 Deriving an Encryption Key fr... - TrackingID#2207140040006706 [BCC] dochelp HI Andreas Thank you for contacting Microsoft Open Specifications Support. We created SR Case - TrackingID#2207140040006706 to track this issue. Do leave this tag in the subject line for future reference. One of our engineers will be contacting you shortly. Hung-Chun Yu Escalation Engineer Microsoft Open Specifications -----Original Message----- From: Andreas Schneider <a...@samba.org> Sent: Thursday, July 14, 2022 1:03 AM To: Interoperability Documentation Help <doch...@microsoft.com> Cc: cifs-protocol@lists.samba.org Subject: [EXTERNAL] [MS-SAMR] 3.2.2.5 Deriving an Encryption Key from a Plaintext Password Dear Dochelp Team, I need your help again :-) I'm trying to implement SamrUnicodeChangePasswordUser4. However when I try to run my implementation against Windows. I always get STATUS_WRONG_PASSWORD returned. For the SamrUnicodeChangePasswordUser4 method (section 3.1.5.10.4), the shared secret is the plaintext old password and the CEK is generated as specified in section 3.2.2.5. 3.2.2.5 Deriving an Encryption Key from a Plaintext Password The client MUST derive the CEK in the following manner: CEK :: = (PBKDF2(NT HASH of "OldPassword", Salt, IterationCount, 512)) Looking at the RFC 8018 section 5.2: PBKDF2 (P, S, c, dkLen) Options: PRF underlying pseudorandom function (hLen denotes the length in octets of the pseudorandom function output) Input: P password, an octet string S salt, an octet string c iteration count, a positive integer dkLen intended length in octets of the derived key, a positive integer, at most (2^32 - 1) * hLen Output: DK derived key, a dkLen-octet string The MS-SAMR document doesn't say a word about the dkLen. Which would be how many bytes the pbkdf2 function should return for the CEK. I've used 16 bytes (same as the session key) as dkLen. However I get STATUS_WRONG_PASSWORD ./bin/rpcclient ncacn_np:earth.milkyway.site -U'bob%Pa$$w0rd@3' -c 'chgpasswd4 bob Pa$$w0rd@3 Pa$$w0rd@6' [...] rpc_api_pipe: host earth.milkyway.site returned 4 bytes. samr_ChangePasswordUser4: struct samr_ChangePasswordUser4 out: struct samr_ChangePasswordUser4 result : NT_STATUS_WRONG_PASSWORD I've uploaded traces to: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Ffiles&data=05%7C01%7Cjeffm%40microsoft.com%7C2e7351441cdb4696179208da65bd0dae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637934159907789590%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZnF7vMBiUpxR5NHinHK%2B0ID8gXvuo%2FgzJ%2FWcXlDBojU%3D&reserved=0? workspace=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ3c2lkIjoiNTY5YjBlMTItMzYyNS00NjhlLWIwNjgtOTBiZDYyZDk2MTllIiwic3IiOiIyMjA3MTEwMDQwMDA4ODMyIiwiYXBwaWQiOiI0ZTc2ODkxZC04NDUwLTRlNWUtYmUzOC1lYTNiZDZlZjIxZTUiLCJzdiI6InYxIiwicnMiOiJFeHRlcm5hbCIsInd0aWQiOiJhYzUxMDFlOS1mMTExLTQ5MGUtOGVlYS04NWMxNGMyNzMyNmIiLCJpc3MiOiJodHRwczovL2FwaS5kdG1uZWJ1bGEubWljcm9zb2Z0LmNvbSIsImF1ZCI6Imh0dHA6Ly9zbWMiLCJleHAiOjE2NjU0MTQxMzEsIm5iZiI6MTY1NzYzODEzMX0.Oe0Nrl4WiClzTrLHTGeFVX6S- oHNH4LjSGoiVF9eXNo9wN9w- NyabVRaEUpWVvKheXcqukAuNYvxDGCnoj2ZbpPsE1JY4EByZfqC2l--8i6N0smD8Rtccd_YLg_hx9SqGO- Dgr6Y5zLo6FMBUnfF6xQ8jhqB5a7ZJf4- TfMnCgXDsltrLzB_JU1rLDsVGI5ZzZfN9BEOJeKxS9PJEB3azUy8lFvcMsyq8ZL5LOzyQyhg7H2CglwDjzNeGmg2Wov8vdVdh3Ahk0AZ08Otf7i-7tpggx0F9FsH13oS2j6IOzEni23z2G6AqNL4j7ss_23sCp5njIL70rvGv3LliynERA&wid=569b0e12-3625-468e- b068-90bd62d9619e Help here would be much appreciated. Thanks you dochelp team. Best regards Andreas -- Andreas Schneider a...@samba.org Samba Team https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.samba.org%2F&data=05%7C01%7Cjeffm%40microsoft.com%7C2e7351441cdb4696179208da65bd0dae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637934159907789590%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=g%2BBw0bw7eD7Mit%2FCPz%2FBAPYvOS65NyD%2Bq24mqS%2F4Cl0%3D&reserved=0 GPG-ID: 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D _______________________________________________ cifs-protocol mailing list cifs-protocol@lists.samba.org https://lists.samba.org/mailman/listinfo/cifs-protocol
