Matthieu, This is good information that narrows the scope of the problem. I will check it and get back to you shortly.
Thanks! Hongwei -----Original Message----- From: Matthieu Patou [mailto:[email protected]] Sent: Wednesday, September 22, 2010 1:26 PM To: Sebastian Canevari Cc: [email protected]; Interoperability Documentation Help; Darryl Welch; Hongwei Sun Subject: Re: backup protocol Hi Sebastian, I made more investigation this night and after realizing that the guid of the certificate was stored in reverse order in different fields like serialNumber field in the certificate I tried to give a try and reverse the bytes of the blob before trying to decrypt it. And it turns out that I managed to uncrypt the blob when doing so (please see the file secret.cr.decrypted that really looks like an encrypted_secret version 2 struct). I also attached the permuted version of the blob. Can you check and told me if the documentation should state that the encrypted_struct should be reverted. I also think that the documentation should in the behavior notes states that the serialNumber contains the guid of the certificate but in reverse byte order. Regards. Matthieu. On 22/09/2010 20:34, Sebastian Canevari wrote: > Thanks Matthieu! > > Someone from my team will get in touch with you shortly. > > Thanks and regards, > > Sebastian > > > Sebastian Canevari > Escalation Engineer, US-CSS DSC PROTOCOL TEAM 7100 N Hwy 161, Irving, > TX - 75039 "Las Colinas - LC2" > Tel: +1 469 775 7849 > e-mail: [email protected] > > -----Original Message----- > From: Matthieu Patou [mailto:[email protected]] > Sent: Tuesday, September 21, 2010 8:56 PM > To: [email protected]; Interoperability Documentation Help > Cc: Darryl Welch > Subject: backup protocol > > Hello dochelp, > > > I would like to have some confirmation on backup protocol, here is the dump > as the samba server will receive it from a windows client to unwrap a secret. > > > ./bin/ndrdump backupkey bkrp_BackupKey_debug in > ~/workspace/samba/tcpdump/bkrp/bkrp_in > pull returned NT_STATUS_OK > WARNING! 52 unread bytes > [0000] 8A E3 13 71 02 F4 36 71 02 40 28 00 30 7C DE 3D ...q..6q .@(.0|.= > [0010] 5D 16 D1 11 AB 8F 00 80 5F 14 DB 40 01 00 00 00 ]....... _...@.... > [0020] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` > [0030] 02 00 00 00 .... > bkrp_BackupKey_debug: struct bkrp_BackupKey > in: struct bkrp_BackupKey > guidActionAgent : * > guidActionAgent : > 47270c64-2fc7-499b-ac5b-0e37cdce899a > data_in : * > data_in: struct bkrp_client_side_wrapped > version : 0x00000002 (2) > encrypted_secret_len : 0x00000100 (256) > access_check_len : 0x00000058 (88) > guid : > a1dc8bbd-743f-473e-8d00-0a4742df76bd > encrypted_secret: ARRAY(256) > [0] : 0x30 (48) > [1] : 0xe5 (229) > [2] : 0x9a (154) > [3] : 0x15 (21) > [4] : 0x1b (27) > [5] : 0x59 (89) > [6] : 0xb8 (184) > [7] : 0x1e (30) > [8] : 0xb6 (182) > [9] : 0xb8 (184) > [10] : 0x2a (42) > [11] : 0xd0 (208) > [12] : 0x9f (159) > [13] : 0x30 (48) > [14] : 0xaa (170) > [15] : 0xb3 (179) > [16] : 0x12 (18) > [17] : 0x9a (154) > [18] : 0x98 (152) > [19] : 0x55 (85) > [20] : 0x63 (99) > [21] : 0xd2 (210) > [22] : 0x11 (17) > [23] : 0xe4 (228) > [24] : 0x41 (65) > [25] : 0x00 (0) > [26] : 0xdb (219) > [27] : 0x37 (55) > [28] : 0x9c (156) > [29] : 0xd9 (217) > [30] : 0x86 (134) > [31] : 0x63 (99) > [32] : 0xa1 (161) > [33] : 0x30 (48) > [34] : 0x1d (29) > [35] : 0x8c (140) > [36] : 0xf4 (244) > [37] : 0x25 (37) > [38] : 0x00 (0) > [39] : 0x16 (22) > [40] : 0xe2 (226) > [41] : 0xc1 (193) > [42] : 0xb0 (176) > [43] : 0x36 (54) > [44] : 0x89 (137) > [45] : 0x10 (16) > [46] : 0x83 (131) > [47] : 0x56 (86) > [48] : 0xad (173) > [49] : 0x8f (143) > [50] : 0x0b (11) > [51] : 0x11 (17) > [52] : 0x60 (96) > [53] : 0x20 (32) > [54] : 0xc4 (196) > [55] : 0x07 (7) > [56] : 0x81 (129) > [57] : 0x77 (119) > [58] : 0xc1 (193) > [59] : 0xd4 (212) > [60] : 0x95 (149) > [61] : 0x7d (125) > [62] : 0x81 (129) > [63] : 0xe8 (232) > [64] : 0xcc (204) > [65] : 0xa6 (166) > [66] : 0xbf (191) > [67] : 0xc5 (197) > [68] : 0xf5 (245) > [69] : 0x23 (35) > [70] : 0x8d (141) > [71] : 0x29 (41) > [72] : 0x2e (46) > [73] : 0x9c (156) > [74] : 0x8d (141) > [75] : 0x21 (33) > [76] : 0xff (255) > [77] : 0xc3 (195) > [78] : 0xb7 (183) > [79] : 0xc3 (195) > [80] : 0xba (186) > [81] : 0x14 (20) > [82] : 0x35 (53) > [83] : 0xec (236) > [84] : 0x6f (111) > [85] : 0x50 (80) > [86] : 0x24 (36) > [87] : 0x14 (20) > [88] : 0x17 (23) > [89] : 0x83 (131) > [90] : 0x5f (95) > [91] : 0xdc (220) > [92] : 0xbc (188) > [93] : 0x2a (42) > [94] : 0xd9 (217) > [95] : 0xf6 (246) > [96] : 0xee (238) > [97] : 0xf9 (249) > [98] : 0x4f (79) > [99] : 0x63 (99) > [100] : 0x16 (22) > [101] : 0x0a (10) > [102] : 0xfc (252) > [103] : 0x93 (147) > [104] : 0xb4 (180) > [105] : 0xa2 (162) > [106] : 0x4c (76) > [107] : 0x10 (16) > [108] : 0xcf (207) > [109] : 0x28 (40) > [110] : 0x54 (84) > [111] : 0x55 (85) > [112] : 0x7e (126) > [113] : 0xa7 (167) > [114] : 0x47 (71) > [115] : 0xdb (219) > [116] : 0x24 (36) > [117] : 0x96 (150) > [118] : 0xe4 (228) > [119] : 0xdd (221) > [120] : 0x5f (95) > [121] : 0x4c (76) > [122] : 0x0c (12) > [123] : 0x4d (77) > [124] : 0xc8 (200) > [125] : 0x17 (23) > [126] : 0xc9 (201) > [127] : 0x53 (83) > [128] : 0xdb (219) > [129] : 0x58 (88) > [130] : 0x98 (152) > [131] : 0x03 (3) > [132] : 0xf6 (246) > [133] : 0xf9 (249) > [134] : 0x19 (25) > [135] : 0xec (236) > [136] : 0x56 (86) > [137] : 0xb0 (176) > [138] : 0x8d (141) > [139] : 0xf5 (245) > [140] : 0x39 (57) > [141] : 0x9d (157) > [142] : 0xfb (251) > [143] : 0xea (234) > [144] : 0x59 (89) > [145] : 0xdd (221) > [146] : 0xeb (235) > [147] : 0x3d (61) > [148] : 0xa0 (160) > [149] : 0xaf (175) > [150] : 0x1b (27) > [151] : 0x7c (124) > [152] : 0xe1 (225) > [153] : 0x85 (133) > [154] : 0x22 (34) > [155] : 0xd2 (210) > [156] : 0x19 (25) > [157] : 0x45 (69) > [158] : 0xa8 (168) > [159] : 0x14 (20) > [160] : 0x2a (42) > [161] : 0x8f (143) > [162] : 0x26 (38) > [163] : 0x3d (61) > [164] : 0x3e (62) > [165] : 0x4f (79) > [166] : 0xc8 (200) > [167] : 0x4d (77) > [168] : 0xb5 (181) > [169] : 0xb4 (180) > [170] : 0xeb (235) > [171] : 0x49 (73) > [172] : 0x6b (107) > [173] : 0x16 (22) > [174] : 0xc2 (194) > [175] : 0x5f (95) > [176] : 0xa7 (167) > [177] : 0x3b (59) > [178] : 0x1e (30) > [179] : 0xd3 (211) > [180] : 0x25 (37) > [181] : 0xe9 (233) > [182] : 0x84 (132) > [183] : 0xc0 (192) > [184] : 0x30 (48) > [185] : 0xd9 (217) > [186] : 0x56 (86) > [187] : 0xf7 (247) > [188] : 0x15 (21) > [189] : 0x89 (137) > [190] : 0xd5 (213) > [191] : 0xac (172) > [192] : 0x40 (64) > [193] : 0x96 (150) > [194] : 0x14 (20) > [195] : 0xed (237) > [196] : 0x02 (2) > [197] : 0xcf (207) > [198] : 0x66 (102) > [199] : 0x03 (3) > [200] : 0xee (238) > [201] : 0xf5 (245) > [202] : 0x79 (121) > [203] : 0xa3 (163) > [204] : 0xc6 (198) > [205] : 0x4e (78) > [206] : 0x59 (89) > [207] : 0xfe (254) > [208] : 0x01 (1) > [209] : 0x07 (7) > [210] : 0xda (218) > [211] : 0x5f (95) > [212] : 0xd1 (209) > [213] : 0xb8 (184) > [214] : 0xd6 (214) > [215] : 0xe3 (227) > [216] : 0x15 (21) > [217] : 0x28 (40) > [218] : 0x78 (120) > [219] : 0x83 (131) > [220] : 0x4b (75) > [221] : 0xf6 (246) > [222] : 0x5b (91) > [223] : 0xd6 (214) > [224] : 0xb0 (176) > [225] : 0x10 (16) > [226] : 0xb7 (183) > [227] : 0x74 (116) > [228] : 0x5f (95) > [229] : 0xaa (170) > [230] : 0xaa (170) > [231] : 0xc4 (196) > [232] : 0x4f (79) > [233] : 0x53 (83) > [234] : 0xe7 (231) > [235] : 0x1f (31) > [236] : 0xfd (253) > [237] : 0xe4 (228) > [238] : 0xab (171) > [239] : 0xa3 (163) > [240] : 0xbb (187) > [241] : 0xf3 (243) > [242] : 0x98 (152) > [243] : 0x5c (92) > [244] : 0x47 (71) > [245] : 0xea (234) > [246] : 0x2b (43) > [247] : 0xa5 (165) > [248] : 0xbf (191) > [249] : 0xa1 (161) > [250] : 0xbe (190) > [251] : 0xa2 (162) > [252] : 0x3b (59) > [253] : 0x3b (59) > [254] : 0x13 (19) > [255] : 0x6a (106) > access_check: ARRAY(88) > [0] : 0xaa (170) > [1] : 0x5e (94) > [2] : 0x85 (133) > [3] : 0xdd (221) > [4] : 0xfb (251) > [5] : 0xdf (223) > [6] : 0x5c (92) > [7] : 0x8e (142) > [8] : 0x0f (15) > [9] : 0xc4 (196) > [10] : 0x9e (158) > [11] : 0xdf (223) > [12] : 0x43 (67) > [13] : 0xb7 (183) > [14] : 0xb8 (184) > [15] : 0xaa (170) > [16] : 0x01 (1) > [17] : 0x17 (23) > [18] : 0xf6 (246) > [19] : 0xd4 (212) > [20] : 0x93 (147) > [21] : 0xcb (203) > [22] : 0x35 (53) > [23] : 0xb9 (185) > [24] : 0x9f (159) > [25] : 0x57 (87) > [26] : 0x2a (42) > [27] : 0xed (237) > [28] : 0x8d (141) > [29] : 0x6f (111) > [30] : 0xdc (220) > [31] : 0x4d (77) > [32] : 0x9c (156) > [33] : 0xae (174) > [34] : 0x9f (159) > [35] : 0x2a (42) > [36] : 0x45 (69) > [37] : 0xc9 (201) > [38] : 0xbb (187) > [39] : 0xf5 (245) > [40] : 0x48 (72) > [41] : 0x8a (138) > [42] : 0x3e (62) > [43] : 0x98 (152) > [44] : 0x62 (98) > [45] : 0x93 (147) > [46] : 0xb8 (184) > [47] : 0x20 (32) > [48] : 0x77 (119) > [49] : 0x0e (14) > [50] : 0x8f (143) > [51] : 0x24 (36) > [52] : 0x75 (117) > [53] : 0x16 (22) > [54] : 0x12 (18) > [55] : 0x2e (46) > [56] : 0x7b (123) > [57] : 0xf0 (240) > [58] : 0xb9 (185) > [59] : 0x61 (97) > [60] : 0x1d (29) > [61] : 0xee (238) > [62] : 0x8f (143) > [63] : 0x2a (42) > [64] : 0xed (237) > [65] : 0xfb (251) > [66] : 0xed (237) > [67] : 0x39 (57) > [68] : 0x41 (65) > [69] : 0xba (186) > [70] : 0x73 (115) > [71] : 0x91 (145) > [72] : 0x68 (104) > [73] : 0x0c (12) > [74] : 0x21 (33) > [75] : 0x4b (75) > [76] : 0x9d (157) > [77] : 0x2e (46) > [78] : 0x13 (19) > [79] : 0x3b (59) > [80] : 0x4a (74) > [81] : 0x5a (90) > [82] : 0x96 (150) > [83] : 0x83 (131) > [84] : 0x74 (116) > [85] : 0x4d (77) > [86] : 0x52 (82) > [87] : 0x34 (52) > data_in_len : 0x00000174 (372) > param : 0x00000000 (0) > dump OK > > > If the dump is really correct (well it looks pretty good to my mind), > the encrypted secret will be: > encrypted_secret: ARRAY(256) > [0] : 0x30 (48) > [1] : 0xe5 (229) > [2] : 0x9a (154) > [3] : 0x15 (21) > [4] : 0x1b (27) > [5] : 0x59 (89) > [6] : 0xb8 (184) > [7] : 0x1e (30) > [8] : 0xb6 (182) > [9] : 0xb8 (184) > [10] : 0x2a (42) > [11] : 0xd0 (208) > [12] : 0x9f (159) > [13] : 0x30 (48) > [14] : 0xaa (170) > [15] : 0xb3 (179) > [16] : 0x12 (18) > [17] : 0x9a (154) > [18] : 0x98 (152) > [19] : 0x55 (85) > [20] : 0x63 (99) > [21] : 0xd2 (210) > [22] : 0x11 (17) > [23] : 0xe4 (228) > [24] : 0x41 (65) > [25] : 0x00 (0) > [26] : 0xdb (219) > [27] : 0x37 (55) > [28] : 0x9c (156) > [29] : 0xd9 (217) > [30] : 0x86 (134) > [31] : 0x63 (99) > [32] : 0xa1 (161) > [33] : 0x30 (48) > [34] : 0x1d (29) > [35] : 0x8c (140) > [36] : 0xf4 (244) > [37] : 0x25 (37) > [38] : 0x00 (0) > [39] : 0x16 (22) > [40] : 0xe2 (226) > [41] : 0xc1 (193) > [42] : 0xb0 (176) > [43] : 0x36 (54) > [44] : 0x89 (137) > [45] : 0x10 (16) > [46] : 0x83 (131) > [47] : 0x56 (86) > [48] : 0xad (173) > [49] : 0x8f (143) > [50] : 0x0b (11) > [51] : 0x11 (17) > [52] : 0x60 (96) > [53] : 0x20 (32) > [54] : 0xc4 (196) > [55] : 0x07 (7) > [56] : 0x81 (129) > [57] : 0x77 (119) > [58] : 0xc1 (193) > [59] : 0xd4 (212) > [60] : 0x95 (149) > [61] : 0x7d (125) > [62] : 0x81 (129) > [63] : 0xe8 (232) > [64] : 0xcc (204) > [65] : 0xa6 (166) > [66] : 0xbf (191) > [67] : 0xc5 (197) > [68] : 0xf5 (245) > [69] : 0x23 (35) > [70] : 0x8d (141) > [71] : 0x29 (41) > [72] : 0x2e (46) > [73] : 0x9c (156) > [74] : 0x8d (141) > [75] : 0x21 (33) > [76] : 0xff (255) > [77] : 0xc3 (195) > [78] : 0xb7 (183) > [79] : 0xc3 (195) > [80] : 0xba (186) > [81] : 0x14 (20) > [82] : 0x35 (53) > [83] : 0xec (236) > [84] : 0x6f (111) > [85] : 0x50 (80) > [86] : 0x24 (36) > [87] : 0x14 (20) > [88] : 0x17 (23) > [89] : 0x83 (131) > [90] : 0x5f (95) > [91] : 0xdc (220) > [92] : 0xbc (188) > [93] : 0x2a (42) > [94] : 0xd9 (217) > [95] : 0xf6 (246) > [96] : 0xee (238) > [97] : 0xf9 (249) > [98] : 0x4f (79) > [99] : 0x63 (99) > [100] : 0x16 (22) > [101] : 0x0a (10) > [102] : 0xfc (252) > [103] : 0x93 (147) > [104] : 0xb4 (180) > [105] : 0xa2 (162) > [106] : 0x4c (76) > [107] : 0x10 (16) > [108] : 0xcf (207) > [109] : 0x28 (40) > [110] : 0x54 (84) > [111] : 0x55 (85) > [112] : 0x7e (126) > [113] : 0xa7 (167) > [114] : 0x47 (71) > [115] : 0xdb (219) > [116] : 0x24 (36) > [117] : 0x96 (150) > [118] : 0xe4 (228) > [119] : 0xdd (221) > [120] : 0x5f (95) > [121] : 0x4c (76) > [122] : 0x0c (12) > [123] : 0x4d (77) > [124] : 0xc8 (200) > [125] : 0x17 (23) > [126] : 0xc9 (201) > [127] : 0x53 (83) > [128] : 0xdb (219) > [129] : 0x58 (88) > [130] : 0x98 (152) > [131] : 0x03 (3) > [132] : 0xf6 (246) > [133] : 0xf9 (249) > [134] : 0x19 (25) > [135] : 0xec (236) > [136] : 0x56 (86) > [137] : 0xb0 (176) > [138] : 0x8d (141) > [139] : 0xf5 (245) > [140] : 0x39 (57) > [141] : 0x9d (157) > [142] : 0xfb (251) > [143] : 0xea (234) > [144] : 0x59 (89) > [145] : 0xdd (221) > [146] : 0xeb (235) > [147] : 0x3d (61) > [148] : 0xa0 (160) > [149] : 0xaf (175) > [150] : 0x1b (27) > [151] : 0x7c (124) > [152] : 0xe1 (225) > [153] : 0x85 (133) > [154] : 0x22 (34) > [155] : 0xd2 (210) > [156] : 0x19 (25) > [157] : 0x45 (69) > [158] : 0xa8 (168) > [159] : 0x14 (20) > [160] : 0x2a (42) > [161] : 0x8f (143) > [162] : 0x26 (38) > [163] : 0x3d (61) > [164] : 0x3e (62) > [165] : 0x4f (79) > [166] : 0xc8 (200) > [167] : 0x4d (77) > [168] : 0xb5 (181) > [169] : 0xb4 (180) > [170] : 0xeb (235) > [171] : 0x49 (73) > [172] : 0x6b (107) > [173] : 0x16 (22) > [174] : 0xc2 (194) > [175] : 0x5f (95) > [176] : 0xa7 (167) > [177] : 0x3b (59) > [178] : 0x1e (30) > [179] : 0xd3 (211) > [180] : 0x25 (37) > [181] : 0xe9 (233) > [182] : 0x84 (132) > [183] : 0xc0 (192) > [184] : 0x30 (48) > [185] : 0xd9 (217) > [186] : 0x56 (86) > [187] : 0xf7 (247) > [188] : 0x15 (21) > [189] : 0x89 (137) > [190] : 0xd5 (213) > [191] : 0xac (172) > [192] : 0x40 (64) > [193] : 0x96 (150) > [194] : 0x14 (20) > [195] : 0xed (237) > [196] : 0x02 (2) > [197] : 0xcf (207) > [198] : 0x66 (102) > [199] : 0x03 (3) > [200] : 0xee (238) > [201] : 0xf5 (245) > [202] : 0x79 (121) > [203] : 0xa3 (163) > [204] : 0xc6 (198) > [205] : 0x4e (78) > [206] : 0x59 (89) > [207] : 0xfe (254) > [208] : 0x01 (1) > [209] : 0x07 (7) > [210] : 0xda (218) > [211] : 0x5f (95) > [212] : 0xd1 (209) > [213] : 0xb8 (184) > [214] : 0xd6 (214) > [215] : 0xe3 (227) > [216] : 0x15 (21) > [217] : 0x28 (40) > [218] : 0x78 (120) > [219] : 0x83 (131) > [220] : 0x4b (75) > [221] : 0xf6 (246) > [222] : 0x5b (91) > [223] : 0xd6 (214) > [224] : 0xb0 (176) > [225] : 0x10 (16) > [226] : 0xb7 (183) > [227] : 0x74 (116) > [228] : 0x5f (95) > [229] : 0xaa (170) > [230] : 0xaa (170) > [231] : 0xc4 (196) > [232] : 0x4f (79) > [233] : 0x53 (83) > [234] : 0xe7 (231) > [235] : 0x1f (31) > [236] : 0xfd (253) > [237] : 0xe4 (228) > [238] : 0xab (171) > [239] : 0xa3 (163) > [240] : 0xbb (187) > [241] : 0xf3 (243) > [242] : 0x98 (152) > [243] : 0x5c (92) > [244] : 0x47 (71) > [245] : 0xea (234) > [246] : 0x2b (43) > [247] : 0xa5 (165) > [248] : 0xbf (191) > [249] : 0xa1 (161) > [250] : 0xbe (190) > [251] : 0xa2 (162) > [252] : 0x3b (59) > [253] : 0x3b (59) > [254] : 0x13 (19) > [255] : 0x6a (106) > > > And I'm having difficulties to uncrypt it although I'm pretty sure of > my private and public key (extracted from the active directory). > I get the public key from backupkey protocol when supplying the > BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID and the private key by extracting > it from a replicated s4 DC. > > The certificate is cert.pem and the key is privkeycert.pem. > > I'm able to encrypt the cert's public key and decrypt with the private key: > > As this: echo "super test" | openssl rsautl -encrypt -certin -inkey > cert.pem | openssl rsautl -decrypt -inkey privkeycert.pem gives me the > clear text. > > So it should means that I'm able to decrypt the encrypted_secret as it > is stated in the documentation (ms-bkrp.pdf) > > "If the dwVersion field is set to 0x00000002, this field MUST contain > the structure specified in Section 2.2.2.1, padded and encrypted with > the server's public key according to the > PKCS#1 v1.5 RSA encryption scheme specified in [RFC3447] section 7.2." > > > Trying to decrypt the secrets with the private key (which > > > openssl rsautl -decrypt -inkey privkeycert.pem -in secret.cr RSA > operation error 12156:error:0407106B:rsa > routines:RSA_padding_check_PKCS1_type_2:block > type is not 02:rsa_pk1.c:190: > 12156:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding > check > failed:rsa_eay.c:592: > > > Is there anything I get wrong ? > > Thanks for you help. > > Regards. > Matthieu. > -- Matthieu Patou Samba Team http://samba.org _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
