Am 15.10.20 um 20:15 schrieb Tom Talpey: > On 10/12/2020 5:50 AM, Aurélien Aptel wrote: >> Patch LGTM >> >> Reviewed-by: Aurelien Aptel <aaptel@xxxxxxxx> >> >> Stefan Metzmacher via samba-technical <samba-technical@xxxxxxxxxxxxxxx> >>> This isn't in MS-SMB2 yet. >>> >>> Is this AES_128? >> >> This is returned in latest Windows Server Insider builds but it's not >> documented yet. >> >> https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewserver >> >> I've asked dochelp about it during the SDC plugfest and they gave me >> this: >> >> The new ContextType is: >> SMB2_SIGNING_CAPABILITIES 0x0008 >> The Data field contains a list of signing algorithms. >> • It adds a new negotiate context, which enables SMB to decouple signing algorithms from dialects. E.g. if both client and server supports it, a session may use >> HMAC-SHA256 with SMB 3.1.1. >> • It adds the AES-GMAC algorithm. >> SigningAlgorithmCount (2 bytes): Count of signing algorithms >> SigningAlgorithms (variable): An array of SigningAlgorithmCount 16-bit integer IDs specifying the supported signing algorithms. >> The following IDs are assigned: >> 0 = HMAC-SHA256 >> 1 = AES-CMAC >> 2 = AES-GMAC >> >> >> I've been CCed in a Microsoft email thread later on and it seems to be >> unclear why this was missed/wasn't documented. Maybe this is subject to >> change so take with a grain of salt. > > Just curious if you've heard back on this. Insider builds will sometimes > support things that don't make it to the release. Even Preview docs can > change. However, AES_GMAC has been on the radar since 2015 (*) so > perhaps the time has come! > > I'd suggest wrapping this context and the integrity algs in some kind of > conditional, in case this is delayed... Does anyone know how the nonce/iv is constructed for GMAC? I see a Windows server returning a signed final session setup (which is a plain SMB2 response without any TRANSFORM-like header). Also is using AES-128-GCM only with auth_data and no plain/cipher-text the correct way to implement GMAC? metze
Attachment:
signature.asc
Description: OpenPGP digital signature
