[ The conversation so far. Again, please watch replies and change psarc at sun.com to psarc-ext at sun.com. ]
Date: Thu, 27 Nov 2008 09:45:31 +0000 From: Darren J Moffat <[email protected]> Subject: Re: CIFS Client Message Signing [PSARC/2008/737 FastTrack timeout 12/08/2008] To: Jordan Brown <Jordan.Brown at Sun.COM> Cc: PSARC at sac.sfbay.sun.com, cifs-eng at Sun.COM Message-id: <492E6C3B.5010809 at Sun.COM> I understand this case is about the CIFS client but in the interest of "the bigger architectural picture" does the Solaris CIFS server support this already or is there a corresponding case for the server side ? While this is an already existing protocol and thus the crypto suites are predetermined I would still like this case to actually enumerate how the signing is done. In particular what crypto algorithms are used, where the key material for the signing comes from and if any key material is stored on persistent storage. Also does this case use the crypto framework APIs for the implementation of the crypto algorithms needed for the signing ? -- Darren J Moffat Date: Thu, 27 Nov 2008 02:14:13 -0800 From: "Alan.M.Wright" <[email protected]> Subject: Re: CIFS Client Message Signing [PSARC/2008/737 FastTrack timeout 12/08/2008] To: Darren J Moffat <Darren.Moffat at Sun.COM>, Jordan Brown <Jordan.Brown at Sun.COM> Cc: PSARC at sac.sfbay.sun.com, cifs-eng at Sun.COM Message-id: <8D7136E01FD04EFA8D083DC27880D5E7 at TOSHIBA> Darren J Moffat <Darren.Moffat at Sun.COM> wrote: >I understand this case is about the CIFS client but in the interest of "the >bigger architectural picture" does the Solaris CIFS server support this >already or is there a corresponding case for the server side ? Yes, the CIFS server already supports signing: both when clients connect to the CIFS server and when the CIFS server communicates with domain controllers, i.e. the CIFS server already does the client-side signing being presented here. This case is a step towards eliminating the need for the CIFS server to communicate directly with domain controllers and rely on the CIFS client for that purpose. > While this is an already existing protocol and thus the crypto suites are > predetermined I would still like this case to actually enumerate how the > signing is done. In particular what crypto algorithms are used, where the > key material for the signing comes from and if any key material is stored > on persistent storage. The algorithm is described in the Microsoft references and in the CIFS service case (PSARC/2006/715) section 3.1.5 (SMB Signing) and 3.6.1 (SMB Client): http://sac.sfbay.sun.com/Archives/CaseLog/arc/PSARC/2006/715/final.materials/cifs-design_1_1.pdf > Also does this case use the crypto framework APIs for the implementation > of the crypto algorithms needed for the signing ? I believe the answer is yes (this was a project requirement) but we'll confirm that. Alan > Darren J Moffat > Date: Thu, 27 Nov 2008 10:00:15 -0800 From: Jordan Brown <[email protected]> Subject: Re: CIFS Client Message Signing [PSARC/2008/737 FastTrack timeout 12/08/2008] To: Darren J Moffat <Darren.Moffat at Sun.COM> Cc: PSARC at sac.sfbay.sun.com, cifs-eng at Sun.COM Darren J Moffat wrote: > While this is an already existing protocol and thus the crypto suites > are predetermined I would still like this case to actually enumerate > how the signing is done. In particular what crypto algorithms are > used, where the key material for the signing comes from and if any key > material is stored on persistent storage. As Alan said, the algorithms are in the MS documentation. However, a brief summary: A random signing key is generated during the NTLM authentication phase and passed across the wire encrypted under a derivative of the user password. The signature is the MD5 of the concatenation of the signing key, a session identifier, and the message body. I am told that Kerberos is also supported, and I assume that there the Kerberos session key is used. Date: Thu, 27 Nov 2008 13:23:56 -0500 From: Gordon Ross <[email protected]> Subject: Re: CIFS Client Message Signing [PSARC/2008/737 FastTrack timeout 12/08/2008] To: Darren J Moffat <Darren.Moffat at Sun.COM> Cc: Jordan Brown <Jordan.Brown at Sun.COM>, PSARC at sac.sfbay.sun.com, cifs-eng at Sun.COM Message-id: <6986C7AE-96BC-453D-803C-EE125F7C79F7 at sun.com> On Nov 27, 2008, at 4:45 AM, Darren J Moffat wrote: > I understand this case is about the CIFS client but in the interest > of "the bigger architectural picture" does the Solaris CIFS server > support this already or is there a corresponding case for the > server side ? Yes, as Alan explained. > While this is an already existing protocol and thus the crypto > suites are predetermined I would still like this case to actually > enumerate how the signing is done. In particular what crypto > algorithms are used, where the key material for the signing comes > from and if any key material is stored on persistent storage. I'm not sure how this is relevant, since we have no choice but protocol compliance here. But that said, here are some references on the details of "SMB signing": [MS-SMB] Sec. 3.1.4.1 Sending Any Message http://msdn.microsoft.com/en-us/library/cc212475.aspx [MS-SMB] Sec. 3.1.5.1 Receiving Any Message http://msdn.microsoft.com/en-us/library/cc212477.aspx [MS-SMB] Sec. 4.3 Message Signing Example http://msdn.microsoft.com/en-us/library/cc246472.aspx > Also does this case use the crypto framework APIs for the > implementation of the crypto algorithms needed for the signing ? Yes. Gordon
