Thanks Matthieu! Someone from my team will get in touch with you shortly.
Thanks and regards, Sebastian Sebastian Canevari Escalation Engineer, US-CSSĀ DSC PROTOCOL TEAM 7100 N Hwy 161, Irving, TX - 75039 "Las Colinas - LC2" Tel: +1 469 775 7849 e-mail: [email protected] -----Original Message----- From: Matthieu Patou [mailto:[email protected]] Sent: Tuesday, September 21, 2010 8:56 PM To: [email protected]; Interoperability Documentation Help Cc: Darryl Welch Subject: backup protocol Hello dochelp, I would like to have some confirmation on backup protocol, here is the dump as the samba server will receive it from a windows client to unwrap a secret. ./bin/ndrdump backupkey bkrp_BackupKey_debug in ~/workspace/samba/tcpdump/bkrp/bkrp_in pull returned NT_STATUS_OK WARNING! 52 unread bytes [0000] 8A E3 13 71 02 F4 36 71 02 40 28 00 30 7C DE 3D ...q..6q .@(.0|.= [0010] 5D 16 D1 11 AB 8F 00 80 5F 14 DB 40 01 00 00 00 ]....... _...@.... [0020] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [0030] 02 00 00 00 .... bkrp_BackupKey_debug: struct bkrp_BackupKey in: struct bkrp_BackupKey guidActionAgent : * guidActionAgent : 47270c64-2fc7-499b-ac5b-0e37cdce899a data_in : * data_in: struct bkrp_client_side_wrapped version : 0x00000002 (2) encrypted_secret_len : 0x00000100 (256) access_check_len : 0x00000058 (88) guid : a1dc8bbd-743f-473e-8d00-0a4742df76bd encrypted_secret: ARRAY(256) [0] : 0x30 (48) [1] : 0xe5 (229) [2] : 0x9a (154) [3] : 0x15 (21) [4] : 0x1b (27) [5] : 0x59 (89) [6] : 0xb8 (184) [7] : 0x1e (30) [8] : 0xb6 (182) [9] : 0xb8 (184) [10] : 0x2a (42) [11] : 0xd0 (208) [12] : 0x9f (159) [13] : 0x30 (48) [14] : 0xaa (170) [15] : 0xb3 (179) [16] : 0x12 (18) [17] : 0x9a (154) [18] : 0x98 (152) [19] : 0x55 (85) [20] : 0x63 (99) [21] : 0xd2 (210) [22] : 0x11 (17) [23] : 0xe4 (228) [24] : 0x41 (65) [25] : 0x00 (0) [26] : 0xdb (219) [27] : 0x37 (55) [28] : 0x9c (156) [29] : 0xd9 (217) [30] : 0x86 (134) [31] : 0x63 (99) [32] : 0xa1 (161) [33] : 0x30 (48) [34] : 0x1d (29) [35] : 0x8c (140) [36] : 0xf4 (244) [37] : 0x25 (37) [38] : 0x00 (0) [39] : 0x16 (22) [40] : 0xe2 (226) [41] : 0xc1 (193) [42] : 0xb0 (176) [43] : 0x36 (54) [44] : 0x89 (137) [45] : 0x10 (16) [46] : 0x83 (131) [47] : 0x56 (86) [48] : 0xad (173) [49] : 0x8f (143) [50] : 0x0b (11) [51] : 0x11 (17) [52] : 0x60 (96) [53] : 0x20 (32) [54] : 0xc4 (196) [55] : 0x07 (7) [56] : 0x81 (129) [57] : 0x77 (119) [58] : 0xc1 (193) [59] : 0xd4 (212) [60] : 0x95 (149) [61] : 0x7d (125) [62] : 0x81 (129) [63] : 0xe8 (232) [64] : 0xcc (204) [65] : 0xa6 (166) [66] : 0xbf (191) [67] : 0xc5 (197) [68] : 0xf5 (245) [69] : 0x23 (35) [70] : 0x8d (141) [71] : 0x29 (41) [72] : 0x2e (46) [73] : 0x9c (156) [74] : 0x8d (141) [75] : 0x21 (33) [76] : 0xff (255) [77] : 0xc3 (195) [78] : 0xb7 (183) [79] : 0xc3 (195) [80] : 0xba (186) [81] : 0x14 (20) [82] : 0x35 (53) [83] : 0xec (236) [84] : 0x6f (111) [85] : 0x50 (80) [86] : 0x24 (36) [87] : 0x14 (20) [88] : 0x17 (23) [89] : 0x83 (131) [90] : 0x5f (95) [91] : 0xdc (220) [92] : 0xbc (188) [93] : 0x2a (42) [94] : 0xd9 (217) [95] : 0xf6 (246) [96] : 0xee (238) [97] : 0xf9 (249) [98] : 0x4f (79) [99] : 0x63 (99) [100] : 0x16 (22) [101] : 0x0a (10) [102] : 0xfc (252) [103] : 0x93 (147) [104] : 0xb4 (180) [105] : 0xa2 (162) [106] : 0x4c (76) [107] : 0x10 (16) [108] : 0xcf (207) [109] : 0x28 (40) [110] : 0x54 (84) [111] : 0x55 (85) [112] : 0x7e (126) [113] : 0xa7 (167) [114] : 0x47 (71) [115] : 0xdb (219) [116] : 0x24 (36) [117] : 0x96 (150) [118] : 0xe4 (228) [119] : 0xdd (221) [120] : 0x5f (95) [121] : 0x4c (76) [122] : 0x0c (12) [123] : 0x4d (77) [124] : 0xc8 (200) [125] : 0x17 (23) [126] : 0xc9 (201) [127] : 0x53 (83) [128] : 0xdb (219) [129] : 0x58 (88) [130] : 0x98 (152) [131] : 0x03 (3) [132] : 0xf6 (246) [133] : 0xf9 (249) [134] : 0x19 (25) [135] : 0xec (236) [136] : 0x56 (86) [137] : 0xb0 (176) [138] : 0x8d (141) [139] : 0xf5 (245) [140] : 0x39 (57) [141] : 0x9d (157) [142] : 0xfb (251) [143] : 0xea (234) [144] : 0x59 (89) [145] : 0xdd (221) [146] : 0xeb (235) [147] : 0x3d (61) [148] : 0xa0 (160) [149] : 0xaf (175) [150] : 0x1b (27) [151] : 0x7c (124) [152] : 0xe1 (225) [153] : 0x85 (133) [154] : 0x22 (34) [155] : 0xd2 (210) [156] : 0x19 (25) [157] : 0x45 (69) [158] : 0xa8 (168) [159] : 0x14 (20) [160] : 0x2a (42) [161] : 0x8f (143) [162] : 0x26 (38) [163] : 0x3d (61) [164] : 0x3e (62) [165] : 0x4f (79) [166] : 0xc8 (200) [167] : 0x4d (77) [168] : 0xb5 (181) [169] : 0xb4 (180) [170] : 0xeb (235) [171] : 0x49 (73) [172] : 0x6b (107) [173] : 0x16 (22) [174] : 0xc2 (194) [175] : 0x5f (95) [176] : 0xa7 (167) [177] : 0x3b (59) [178] : 0x1e (30) [179] : 0xd3 (211) [180] : 0x25 (37) [181] : 0xe9 (233) [182] : 0x84 (132) [183] : 0xc0 (192) [184] : 0x30 (48) [185] : 0xd9 (217) [186] : 0x56 (86) [187] : 0xf7 (247) [188] : 0x15 (21) [189] : 0x89 (137) [190] : 0xd5 (213) [191] : 0xac (172) [192] : 0x40 (64) [193] : 0x96 (150) [194] : 0x14 (20) [195] : 0xed (237) [196] : 0x02 (2) [197] : 0xcf (207) [198] : 0x66 (102) [199] : 0x03 (3) [200] : 0xee (238) [201] : 0xf5 (245) [202] : 0x79 (121) [203] : 0xa3 (163) [204] : 0xc6 (198) [205] : 0x4e (78) [206] : 0x59 (89) [207] : 0xfe (254) [208] : 0x01 (1) [209] : 0x07 (7) [210] : 0xda (218) [211] : 0x5f (95) [212] : 0xd1 (209) [213] : 0xb8 (184) [214] : 0xd6 (214) [215] : 0xe3 (227) [216] : 0x15 (21) [217] : 0x28 (40) [218] : 0x78 (120) [219] : 0x83 (131) [220] : 0x4b (75) [221] : 0xf6 (246) [222] : 0x5b (91) [223] : 0xd6 (214) [224] : 0xb0 (176) [225] : 0x10 (16) [226] : 0xb7 (183) [227] : 0x74 (116) [228] : 0x5f (95) [229] : 0xaa (170) [230] : 0xaa (170) [231] : 0xc4 (196) [232] : 0x4f (79) [233] : 0x53 (83) [234] : 0xe7 (231) [235] : 0x1f (31) [236] : 0xfd (253) [237] : 0xe4 (228) [238] : 0xab (171) [239] : 0xa3 (163) [240] : 0xbb (187) [241] : 0xf3 (243) [242] : 0x98 (152) [243] : 0x5c (92) [244] : 0x47 (71) [245] : 0xea (234) [246] : 0x2b (43) [247] : 0xa5 (165) [248] : 0xbf (191) [249] : 0xa1 (161) [250] : 0xbe (190) [251] : 0xa2 (162) [252] : 0x3b (59) [253] : 0x3b (59) [254] : 0x13 (19) [255] : 0x6a (106) access_check: ARRAY(88) [0] : 0xaa (170) [1] : 0x5e (94) [2] : 0x85 (133) [3] : 0xdd (221) [4] : 0xfb (251) [5] : 0xdf (223) [6] : 0x5c (92) [7] : 0x8e (142) [8] : 0x0f (15) [9] : 0xc4 (196) [10] : 0x9e (158) [11] : 0xdf (223) [12] : 0x43 (67) [13] : 0xb7 (183) [14] : 0xb8 (184) [15] : 0xaa (170) [16] : 0x01 (1) [17] : 0x17 (23) [18] : 0xf6 (246) [19] : 0xd4 (212) [20] : 0x93 (147) [21] : 0xcb (203) [22] : 0x35 (53) [23] : 0xb9 (185) [24] : 0x9f (159) [25] : 0x57 (87) [26] : 0x2a (42) [27] : 0xed (237) [28] : 0x8d (141) [29] : 0x6f (111) [30] : 0xdc (220) [31] : 0x4d (77) [32] : 0x9c (156) [33] : 0xae (174) [34] : 0x9f (159) [35] : 0x2a (42) [36] : 0x45 (69) [37] : 0xc9 (201) [38] : 0xbb (187) [39] : 0xf5 (245) [40] : 0x48 (72) [41] : 0x8a (138) [42] : 0x3e (62) [43] : 0x98 (152) [44] : 0x62 (98) [45] : 0x93 (147) [46] : 0xb8 (184) [47] : 0x20 (32) [48] : 0x77 (119) [49] : 0x0e (14) [50] : 0x8f (143) [51] : 0x24 (36) [52] : 0x75 (117) [53] : 0x16 (22) [54] : 0x12 (18) [55] : 0x2e (46) [56] : 0x7b (123) [57] : 0xf0 (240) [58] : 0xb9 (185) [59] : 0x61 (97) [60] : 0x1d (29) [61] : 0xee (238) [62] : 0x8f (143) [63] : 0x2a (42) [64] : 0xed (237) [65] : 0xfb (251) [66] : 0xed (237) [67] : 0x39 (57) [68] : 0x41 (65) [69] : 0xba (186) [70] : 0x73 (115) [71] : 0x91 (145) [72] : 0x68 (104) [73] : 0x0c (12) [74] : 0x21 (33) [75] : 0x4b (75) [76] : 0x9d (157) [77] : 0x2e (46) [78] : 0x13 (19) [79] : 0x3b (59) [80] : 0x4a (74) [81] : 0x5a (90) [82] : 0x96 (150) [83] : 0x83 (131) [84] : 0x74 (116) [85] : 0x4d (77) [86] : 0x52 (82) [87] : 0x34 (52) data_in_len : 0x00000174 (372) param : 0x00000000 (0) dump OK If the dump is really correct (well it looks pretty good to my mind), the encrypted secret will be: encrypted_secret: ARRAY(256) [0] : 0x30 (48) [1] : 0xe5 (229) [2] : 0x9a (154) [3] : 0x15 (21) [4] : 0x1b (27) [5] : 0x59 (89) [6] : 0xb8 (184) [7] : 0x1e (30) [8] : 0xb6 (182) [9] : 0xb8 (184) [10] : 0x2a (42) [11] : 0xd0 (208) [12] : 0x9f (159) [13] : 0x30 (48) [14] : 0xaa (170) [15] : 0xb3 (179) [16] : 0x12 (18) [17] : 0x9a (154) [18] : 0x98 (152) [19] : 0x55 (85) [20] : 0x63 (99) [21] : 0xd2 (210) [22] : 0x11 (17) [23] : 0xe4 (228) [24] : 0x41 (65) [25] : 0x00 (0) [26] : 0xdb (219) [27] : 0x37 (55) [28] : 0x9c (156) [29] : 0xd9 (217) [30] : 0x86 (134) [31] : 0x63 (99) [32] : 0xa1 (161) [33] : 0x30 (48) [34] : 0x1d (29) [35] : 0x8c (140) [36] : 0xf4 (244) [37] : 0x25 (37) [38] : 0x00 (0) [39] : 0x16 (22) [40] : 0xe2 (226) [41] : 0xc1 (193) [42] : 0xb0 (176) [43] : 0x36 (54) [44] : 0x89 (137) [45] : 0x10 (16) [46] : 0x83 (131) [47] : 0x56 (86) [48] : 0xad (173) [49] : 0x8f (143) [50] : 0x0b (11) [51] : 0x11 (17) [52] : 0x60 (96) [53] : 0x20 (32) [54] : 0xc4 (196) [55] : 0x07 (7) [56] : 0x81 (129) [57] : 0x77 (119) [58] : 0xc1 (193) [59] : 0xd4 (212) [60] : 0x95 (149) [61] : 0x7d (125) [62] : 0x81 (129) [63] : 0xe8 (232) [64] : 0xcc (204) [65] : 0xa6 (166) [66] : 0xbf (191) [67] : 0xc5 (197) [68] : 0xf5 (245) [69] : 0x23 (35) [70] : 0x8d (141) [71] : 0x29 (41) [72] : 0x2e (46) [73] : 0x9c (156) [74] : 0x8d (141) [75] : 0x21 (33) [76] : 0xff (255) [77] : 0xc3 (195) [78] : 0xb7 (183) [79] : 0xc3 (195) [80] : 0xba (186) [81] : 0x14 (20) [82] : 0x35 (53) [83] : 0xec (236) [84] : 0x6f (111) [85] : 0x50 (80) [86] : 0x24 (36) [87] : 0x14 (20) [88] : 0x17 (23) [89] : 0x83 (131) [90] : 0x5f (95) [91] : 0xdc (220) [92] : 0xbc (188) [93] : 0x2a (42) [94] : 0xd9 (217) [95] : 0xf6 (246) [96] : 0xee (238) [97] : 0xf9 (249) [98] : 0x4f (79) [99] : 0x63 (99) [100] : 0x16 (22) [101] : 0x0a (10) [102] : 0xfc (252) [103] : 0x93 (147) [104] : 0xb4 (180) [105] : 0xa2 (162) [106] : 0x4c (76) [107] : 0x10 (16) [108] : 0xcf (207) [109] : 0x28 (40) [110] : 0x54 (84) [111] : 0x55 (85) [112] : 0x7e (126) [113] : 0xa7 (167) [114] : 0x47 (71) [115] : 0xdb (219) [116] : 0x24 (36) [117] : 0x96 (150) [118] : 0xe4 (228) [119] : 0xdd (221) [120] : 0x5f (95) [121] : 0x4c (76) [122] : 0x0c (12) [123] : 0x4d (77) [124] : 0xc8 (200) [125] : 0x17 (23) [126] : 0xc9 (201) [127] : 0x53 (83) [128] : 0xdb (219) [129] : 0x58 (88) [130] : 0x98 (152) [131] : 0x03 (3) [132] : 0xf6 (246) [133] : 0xf9 (249) [134] : 0x19 (25) [135] : 0xec (236) [136] : 0x56 (86) [137] : 0xb0 (176) [138] : 0x8d (141) [139] : 0xf5 (245) [140] : 0x39 (57) [141] : 0x9d (157) [142] : 0xfb (251) [143] : 0xea (234) [144] : 0x59 (89) [145] : 0xdd (221) [146] : 0xeb (235) [147] : 0x3d (61) [148] : 0xa0 (160) [149] : 0xaf (175) [150] : 0x1b (27) [151] : 0x7c (124) [152] : 0xe1 (225) [153] : 0x85 (133) [154] : 0x22 (34) [155] : 0xd2 (210) [156] : 0x19 (25) [157] : 0x45 (69) [158] : 0xa8 (168) [159] : 0x14 (20) [160] : 0x2a (42) [161] : 0x8f (143) [162] : 0x26 (38) [163] : 0x3d (61) [164] : 0x3e (62) [165] : 0x4f (79) [166] : 0xc8 (200) [167] : 0x4d (77) [168] : 0xb5 (181) [169] : 0xb4 (180) [170] : 0xeb (235) [171] : 0x49 (73) [172] : 0x6b (107) [173] : 0x16 (22) [174] : 0xc2 (194) [175] : 0x5f (95) [176] : 0xa7 (167) [177] : 0x3b (59) [178] : 0x1e (30) [179] : 0xd3 (211) [180] : 0x25 (37) [181] : 0xe9 (233) [182] : 0x84 (132) [183] : 0xc0 (192) [184] : 0x30 (48) [185] : 0xd9 (217) [186] : 0x56 (86) [187] : 0xf7 (247) [188] : 0x15 (21) [189] : 0x89 (137) [190] : 0xd5 (213) [191] : 0xac (172) [192] : 0x40 (64) [193] : 0x96 (150) [194] : 0x14 (20) [195] : 0xed (237) [196] : 0x02 (2) [197] : 0xcf (207) [198] : 0x66 (102) [199] : 0x03 (3) [200] : 0xee (238) [201] : 0xf5 (245) [202] : 0x79 (121) [203] : 0xa3 (163) [204] : 0xc6 (198) [205] : 0x4e (78) [206] : 0x59 (89) [207] : 0xfe (254) [208] : 0x01 (1) [209] : 0x07 (7) [210] : 0xda (218) [211] : 0x5f (95) [212] : 0xd1 (209) [213] : 0xb8 (184) [214] : 0xd6 (214) [215] : 0xe3 (227) [216] : 0x15 (21) [217] : 0x28 (40) [218] : 0x78 (120) [219] : 0x83 (131) [220] : 0x4b (75) [221] : 0xf6 (246) [222] : 0x5b (91) [223] : 0xd6 (214) [224] : 0xb0 (176) [225] : 0x10 (16) [226] : 0xb7 (183) [227] : 0x74 (116) [228] : 0x5f (95) [229] : 0xaa (170) [230] : 0xaa (170) [231] : 0xc4 (196) [232] : 0x4f (79) [233] : 0x53 (83) [234] : 0xe7 (231) [235] : 0x1f (31) [236] : 0xfd (253) [237] : 0xe4 (228) [238] : 0xab (171) [239] : 0xa3 (163) [240] : 0xbb (187) [241] : 0xf3 (243) [242] : 0x98 (152) [243] : 0x5c (92) [244] : 0x47 (71) [245] : 0xea (234) [246] : 0x2b (43) [247] : 0xa5 (165) [248] : 0xbf (191) [249] : 0xa1 (161) [250] : 0xbe (190) [251] : 0xa2 (162) [252] : 0x3b (59) [253] : 0x3b (59) [254] : 0x13 (19) [255] : 0x6a (106) And I'm having difficulties to uncrypt it although I'm pretty sure of my private and public key (extracted from the active directory). I get the public key from backupkey protocol when supplying the BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID and the private key by extracting it from a replicated s4 DC. The certificate is cert.pem and the key is privkeycert.pem. I'm able to encrypt the cert's public key and decrypt with the private key: As this: echo "super test" | openssl rsautl -encrypt -certin -inkey cert.pem | openssl rsautl -decrypt -inkey privkeycert.pem gives me the clear text. So it should means that I'm able to decrypt the encrypted_secret as it is stated in the documentation (ms-bkrp.pdf) "If the dwVersion field is set to 0x00000002, this field MUST contain the structure specified in Section 2.2.2.1, padded and encrypted with the server's public key according to the PKCS#1 v1.5 RSA encryption scheme specified in [RFC3447] section 7.2." Trying to decrypt the secrets with the private key (which openssl rsautl -decrypt -inkey privkeycert.pem -in secret.cr RSA operation error 12156:error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02:rsa_pk1.c:190: 12156:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:rsa_eay.c:592: Is there anything I get wrong ? Thanks for you help. Regards. Matthieu. -- Matthieu Patou Samba Team http://samba.org _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
