[prev in list] [next in list] [prev in thread] [next in thread]
List: cifs-protocol
Subject: [cifs-protocol] RE: Regarding String2key for random trust keys
From: Andrew Bartlett <abartlet () samba ! org>
Date: 2008-08-19 12:30:31
Message-ID: 1219149031.13951.6.camel () naomi ! s4 ! naomi ! abartlet ! net
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Tue, 2008-08-19 at 14:48 +1000, Andrew Bartlett wrote:
> On Fri, 2008-08-15 at 09:32 -0700, John Dunning wrote:
> > Hello Andrew,
> > I wanted to ask you if you have taken a look at Section 3 of RFC
> > 3629 which may be of help for this problem.
>
> Is that the expected target string format for string2key operations?
>
> > If you have and it didn't help then we need to get more information on
> > how you are actually doing the conversion. For example are you using
> > your own function or a canned one?
>
> We use our own implementation of iconv() for the UTF16 -> UTF8
> translations.
>
> http://gitweb.samba.org/?p=samba.git;a=blob;f=source/lib/charset/iconv.c;h=4f4bc8fd2da70c9f9d5bb75b2ee0f946516c996a;hb=v4-0-test#l589
>
> It (rightly) rejects the random data as not being valid UTF16 input.
>
> As far as I can tell, it is not possible for random bytes to simply be
> described as UTF16 (and then converted to another charset), so I suspect
> we will need a filter or modified function.
Talking with tridge about this problem, perhaps the problem is that
these buffers are not really 'Unicode' (by the convention of this
document, ie UTF-16). If the buffers were instead UCS2 and rules about
illegal and reserved ranges were ignored, then the standard UTF8 Huffman
encoding were applied, would this result in the same UTF8 string as
Micorsoft uses for it's input into the AES and DES string2key functions?
For reference, MS-ADTS 7.1.6.8.1.1 describes it this way:
TRUST_AUTH_TYPE_CLEAR AuthInfo byte field contains a cleartext password,
encoded as a Unicode string.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
["signature.asc" (application/pgp-signature)]
_______________________________________________
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic