none
signing in SMB2 RRS feed

  • Question

  • Hi,

    I am trying to implement SMB2 signing.

    I am referring [MS-SMB2], [MS-NLMP] ,
    http://davenport.sourceforge.net/ntlm.html#appendixC10, http://social.msdn.microsoft.com/Forums/en-US/43b3cc11-7a51-4fbb-8f31-f2cffb125b5a/mssmb2-how-to-obtain-sessionkey-from-gss?forum=os_fileservices and http://blogs.msdn.com/b/openspecification/archive/2010/04/20/ntlm-keys-and-sundry-stuff.aspx.

    But could not make it work.

    Can I get some example (like in http://davenport.sourceforge.net/ntlm.html#appendixC10) which shows steps until the generation of SMB2 signature.

    Thanks

    Jimmy

    Thursday, June 26, 2014 12:32 PM

Answers

  • Hi Jimmy:

    In case of SMB/SMB2, when NTLM authentication is used, the key to calculate the SMB2 signature is not the NTLM signing key. The SMB2 Session.SessionKey is set to ExportedSessionKey, as described in MS-SMB2 section 3.3.5.5.3.

    In your case, the ExportedSessionKey is 0x7c77120853902d400f5173d1e4838a2e. Please use this as Session.SessionKey and calculate the SMB2 signature.

    Please let me know if this does not answer your question.


    Regards, Obaid Farooqi

    Friday, June 27, 2014 8:42 PM
    Owner

All replies

  • Hello  Jimmy Mathew BAN,
    Thank you for your inquiry about SMB protocols. One of the Open specifications team member will contact you shortly.

     
    Regards,
    Sreekanth Nadendla
    Microsoft Windows Open specifications

    Thursday, June 26, 2014 2:42 PM
    Moderator
  • Hi Jimmy:
    I'll help you with this issue.

    The signing algorithm used in SMB version 2.x and SMB3.x are different. The detais are provided in MS-SMB2 section "3.1.4.1 Signing An Outgoing Message". Since you ask for SMB2 siging, I'll provide

    the details below for SMB2:

    Signing in SMB2
    ---------------
     
    Session Key: F6-F8-A5-CD-C1-37-29-20-6B-69-C6-0B-4C-6F-8C-73

    Message with signature zeroed out (it's a tree connect command):
                    0xFE,0x53,0x4D,0x42,0x40,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x03,0x00,0x01,0x00,
                    0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
                    0xFF,0xFE,0x00,0x00,0x00,0x00,0x00,0x00,0x35,0x00,0x00,0x04,0x00,0x04,0x00,0x00,
                    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
                    0x09,0x00,0x00,0x00,0x48,0x00,0x2C,0x00,0x5C,0x00,0x5C,0x00,0x6F,0x00,0x62,0x00,
                    0x61,0x00,0x69,0x00,0x64,0x00,0x66,0x00,0x2D,0x00,0x77,0x00,0x73,0x00,0x32,0x00,
                    0x30,0x00,0x30,0x00,0x38,0x00,0x72,0x00,0x32,0x00,0x5C,0x00,0x49,0x00,0x50,0x00,
                    0x43,0x00,0x24,0x00


    HMAC-SHA256 hash of the message above using the above session key:
    81-04-71-B1-62-AE-EB-D8-A4-08-30-84-C8-AB-24-C6-57-3F-6D-7D-C7-DD-59-2B-8B-C8-0F-28-22-3E-9D-8D

    First 16-bytes of the above hash
    81-04-71-B1-62-AE-EB-D8-A4-08-30-84-C8-AB-24-C6

    The final message with signature:

                    0xFE,0x53,0x4D,0x42,0x40,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x03,0x00,0x01,0x00,
                    0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
                    0xFF,0xFE,0x00,0x00,0x00,0x00,0x00,0x00,0x35,0x00,0x00,0x04,0x00,0x04,0x00,0x00,
                    0x81,0x04,0x71,0xB1,0x62,0xAE,0xEB,0xD8,0xA4,0x08,0x30,0x84,0xC8,0xAB,0x24,0xC6,
                    0x09,0x00,0x00,0x00,0x48,0x00,0x2C,0x00,0x5C,0x00,0x5C,0x00,0x6F,0x00,0x62,0x00,
                    0x61,0x00,0x69,0x00,0x64,0x00,0x66,0x00,0x2D,0x00,0x77,0x00,0x73,0x00,0x32,0x00,
                    0x30,0x00,0x30,0x00,0x38,0x00,0x72,0x00,0x32,0x00,0x5C,0x00,0x49,0x00,0x50,0x00,
                    0x43,0x00,0x24,0x00

    Please let me know if it does not answer your question.


    Regards, Obaid Farooqi

    Thursday, June 26, 2014 8:53 PM
    Owner
  • Hi Obaid,

    Thanks a lot for your response. I Would like to get a clarity on signing key generation as well.

    Let me explain the steps I am doing. Not able to identify where is it going wrong.

    LMCompatabilityLevel is set to 0. Negotiate 128  key, Negotiate key exchange key,  Negotiate Extended Security and Negotiate NTLM key are set. So it is NTLMv1 authentication with NTLM2 session security.

    NEGOTIATE_MESSAGE:

    Flags is set to 0xe2088297

    CHALLENGE_MESSGAE:

    Flags:                        0xe28a8215

    Server Challenge:     0x96ce83ac1cafb100

    AUTHENTICATE_MESSGAE:

    Flags:                       0xe2888215

    LM Response:          0x78179ed3f86f57d800000000000000000000000000000000

    NTLM Response:      0xa65b8ef6ffeb0a9e4b2f83dd25eae26079aa0d2a5cb82b17

    Session key:            0xe55852c3257d900521164756106cd24a

    Now calculating signing key and smb2 signature at server side upon receiving AUTHENTICATE_MESSAGE

    Password in Unicode:  0x6e006f00760065006c006c00

    NTOWFv1 = md4(Password in Unicode )

                    = md4(0x6e006f00760065006c006c00)

                    = 0x55db0294bc42d6e1b81ae2b5c7f2943f

    SessionBaseKey = md4(NTOWFv1)

                               = md4(0x55db0294bc42d6e1b81ae2b5c7f2943f)

                               = 0xcc7aecd0db6b384470bb80599aa1b25c

    KeyExchangeKey = HMAC-MD5(SessionBaseKey, Concatenation Of(Server challenge, LMResponse[0..7]))

                                 = HMAC-MD5(0xcc7aecd0db6b384470bb80599aa1b25c, Concatenation of                            (0x96ce83ac1cafb100, 0x78179ed3f86f57d8))

                                 = 0x85caf1c2fca9949243ec2a9a31c9b0c9

    ExportedSessionKey = RC4K(KeyExchangeKey, AUTHENTICATE_MESSAGE.EncryptedRandomSessionKey)

                                      = RC4K(0x85caf1c2fca9949243ec2a9a31c9b0c9, 0xe55852c3257d900521164756106cd24a)

                                      = 0x7c77120853902d400f5173d1e4838a2e

    SigningKey =  MD5(ConcatenationOf(ExportedSessionKey, "session key to server-to-client signing key magic constant"))

                      = 0x5e339f38aa38948062760b2d8a6e5524

    HMAC-SHA256 hash = HMAC-SHA256(0x5e339f38aa38948062760b2d8a6e5524, Message to be signed)

    Message to be signed is the response to AUTHENTICATE_MESSAGE

    Message with signature zeroed out is

    fe 53 4d 42 40 00 01 00 00 00 00 00 01 00 01 00 09 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 ff fe 00 00 00 00 00 00 5d 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 00 48 00 1d 00 a1 1b 30 19 a0 03 0a 01 00 a3 12 04 10 01 00 00 00 5f 86 a8 69 61 fb 35 cf 00 00 00 00

    32 Byte hash I am getting after HMAC-SHA256 of above message with signing key(0x5e339f38aa38948062760b2d8a6e5524) is

    b1 d1 66 64 56 82 53 a9 5e ff 1c 90 ce 97 0e 3c fc bd 79 b0 9f 97 88 86 1a c0 c3 d2 6f 65 35 1e

    This is incorrect. First 16 bytes of hash should be        0a d5 1b 21 46 22 73 d8 06 d3 30 23 74 70 f3 bf

    Not sure where is it going wrong.

    Thanks

    Jimmy

    Friday, June 27, 2014 3:30 AM
  • Hi Jimmy:

    In case of SMB/SMB2, when NTLM authentication is used, the key to calculate the SMB2 signature is not the NTLM signing key. The SMB2 Session.SessionKey is set to ExportedSessionKey, as described in MS-SMB2 section 3.3.5.5.3.

    In your case, the ExportedSessionKey is 0x7c77120853902d400f5173d1e4838a2e. Please use this as Session.SessionKey and calculate the SMB2 signature.

    Please let me know if this does not answer your question.


    Regards, Obaid Farooqi

    Friday, June 27, 2014 8:42 PM
    Owner
  • Hi Obaid,

    It is working now. Thanks a lot for your help

    Thanks

    Jimmy

    Thursday, July 3, 2014 6:02 AM