On Mon, Jun 28, 2010 at 6:25 PM, Andrew Bartlett <abartlet@xxxxxxxxx> wrote: > On Mon, 2010-06-28 at 17:47 -0500, Shirish Pargaonkar wrote: > >> When I look at Windows - Windows smb2 traces, the (16 bytes) signature >> looks nothing like >> version (which is 1), ciphertext of 8 bytes of hmac-md5, sequence number > > SMB2 SMB Signing does not use the NTLMSSP packet signing algorithm. > Instead, like SMB, it takes the session key already calculated and > applies a unique-to-SMB2 algorithm to it. This involves sha256 I > think. > > Andrew Bartlett > > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Samba Developer, Cisco Inc. > I have had luck with some kernel crypto apis while working on this code. I have been able to use arc4 and md5 hash apis successfully while not being able to figure out hmac-md5 apis and I had not even looked at sha, which I will. What is confusing to me is, current cifs code using ntlmv2 within ntlmssp authenticates and signs against Windows 2003 server successfully/ But it does not against Windows 7 and Windows 2008 (I do not have a Windows Vista installation). I am currently changing to code and I am sure I would be able to authenticate using ntlmv2 within ntlmssp. singing is what is confusing. With smb2 client also, I can authenticate against Windows 7 and Windows 2008 but signing fails. So I am confused about what algorithm to use for cifs to sign against Windows 7 and Windows 2008 server for ntlmv2 within ntlmssp and what algorithm to use for smb2 to sign against a Windows 7 and Windows 2008 server for ntlmv2 within ntlmssp. I have been reading and following MS-NLMP and http://davenport.sourceforge.net/ntlm.html -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
