Stefan (metze) Metzmacher schrieb: > Hongwei, > >> The SharedSecret used for AES session key computation, as described in >> 3.1.4.3 MS-NRPC , should be the NTOWF (MD4(UNICODE(Passwd))) of the >> plaintext password. The section 3.1.1 of MS-NRPC explains what a >> SharedSecret is used for session key calculation in Windows implementations. >> The SharedSecret is stored in UnicodePwd AD attribute. Please see section >> 3.1.1 and Windows Behavior notes <66>,<67> of MS-NRPC for details. > > Yes, I saw that and that's why I've also done it like this, > but I was wondering why Section 3.4.1 has > M4SS := MD4(UNICODE(SharedSecret)) explicit for the hmac_md5 session key > and the des session key. > > I think it would make sense to also add it to the hmac_sha256 section > in order to remove the confusion I had. > >> I will continue working on all questions related to AES encryption. > > Thanks, as it seems I compute the session key correct, this is the place > (netlogon_creds_step_crypt()) where I have a bug, because I'm getting > access denied when I try DCERPC_SCHANNEL_AES against a w2k8r2rc server. >
Please also provide details about the aes encryption used when schannel acts as security provider for dcerpc. I noticed that the documentation on has only the NETLOGON_NEG_SUPPORTS_AES_SHA2 (0x00400000) flag, but w2k8r2 used the new flag NETLOGON_NEG_SUPPORTS_AES(0x01000000). I assume the docs may missing also some crypto details, because of this... metze
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol