none
NTLMv2 MAC Key formula signing problems RRS feed

  • Question


  • From the "Implementing CIFS" book 2004 by Christopher R. Hertel,  it states
    the formula for creating the NTLMv2 MAC Key is not yet known.  In short
    it states that it is possibly identical to the calculation of the LMv2 MAC Key, or
    possibly the concatenation of the Session Key with the first 28 bytes of the
    blob. 

    I've been unable to find better documentation than this.  I'm getting bad signatures
    for NTLMv2.  v1 is working fine.  This is for SMB1. 

    Any pointers to recent documentation or insight to the above would be much
    appreciated.

    Chris Parker
    Monday, June 2, 2008 6:36 PM

Answers

  • Chris not an answer but a question I just wanted to know if section 3.4 of MS-NLMP from WSPP does not describe what you want?
    Tuesday, June 3, 2008 12:09 PM
  •  

     Danny,
     
      I suggest that you should pay close attention  to the following sections in [MS-NLMP]

                    3.4.2 Message Integrity,

                    3.4.4.2 Message Signature Function NTLMv2  

                    3.4.5 KXKEY , SIGNKEY and SEALKEY.    

     

       Also for the description of SMB message signing process, you can refer to  [MS-SMB]  4.3 Protocol example: Message Signing Example.

     

     Hope it helps.

     

     Thanks


    Hongwei Sun -MSFT
    • Marked as answer by KeithHa Thursday, September 4, 2008 9:30 PM
    Thursday, July 24, 2008 10:17 PM

All replies

  • Chris not an answer but a question I just wanted to know if section 3.4 of MS-NLMP from WSPP does not describe what you want?
    Tuesday, June 3, 2008 12:09 PM

  • Yes it does, thank you.

    Chris

    Tuesday, June 3, 2008 6:42 PM
  • Chris,

    Were you able to get the digital signing working for NTLMv2?  I'm also working on NTLMv2 support for accessing Window's shares through SMB from a Java client.  I'm trying to make modification to JCIFS to add this support along with digital signing but I'm having some trouble.  I've got the NTLMv2 response implemented using the methods described in "Implementing CIFS" but I can't seem to get the digital signing part working.  I've read section 3.4 of the MS-NLMP and it seems like it's specified for NTLMSSP messaging instead of SMB.

    Thanks,
    Danny
    Friday, July 11, 2008 2:22 PM
  •  

     Danny,
     
      I suggest that you should pay close attention  to the following sections in [MS-NLMP]

                    3.4.2 Message Integrity,

                    3.4.4.2 Message Signature Function NTLMv2  

                    3.4.5 KXKEY , SIGNKEY and SEALKEY.    

     

       Also for the description of SMB message signing process, you can refer to  [MS-SMB]  4.3 Protocol example: Message Signing Example.

     

     Hope it helps.

     

     Thanks


    Hongwei Sun -MSFT
    • Marked as answer by KeithHa Thursday, September 4, 2008 9:30 PM
    Thursday, July 24, 2008 10:17 PM