Hi Mike: According to MS-NRPC pg 111, bit 17 (indicated as bit R) of negotiable flag is actually referring to "supports the NetrServerPasswordSet2 functionality". In the packet trace that attached earlier, I had successfully negotiated the session key (from pkt 519-523) with the DC using unprotected RPC and established the SChannel. However, when sending the encrypted message (encrypted with AES-key derived from the session key) over Schannel to DC, DC responded with DCE RPC fault with error = 0x00000721.
And, I also tried to use the initialization vector constructed using the last block (size=8 bytes) of the encrypted Confounder field, same error code returned from DC. There's no problem if only integrity is negotiated. So, I suppose the ivec mentioned in the MS-NRPC spec to encrypt the message might not correct ? Regards, Yen -----Original Message----- From: Michael B Allen [mailto:[email protected]] Sent: Tuesday, July 05, 2011 3:43 AM To: Moh Yen Liew Cc: [email protected] Subject: Re: [cifs-protocol] [MS-NRPC] Problem encrypting data when use AES based Netlogon SChannel On Sun, Jul 3, 2011 at 8:47 PM, Moh Yen Liew <[email protected]> wrote: > Hi: > > I am trying to implement AES-based Netlogon SChannel with > Windows 2k8R2 server. > > However, the server always return 0x00721 status code to me. <snip> > Please see attached network trace: > > - pkt 531, which contain the encrypted data > > - Pkt 532, server return 0x721 status code . <snip> > If AES is negotiated, decrypt using an initialization vector > constructed by concatenating twice the sequence number ( thus getting 16 > bytes of data) Hi Yen, Is bit 17 in NegotiateFlags of NetrServerAuthenticate3 supposed to be off like it is in your capture? Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/ _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
