3.1.4.4.2 DES Credential
The session key is computed as follows.
-
InitLMKey(KeyIn, KeyOut) KeyOut[0] = KeyIn[0] >> 0x01; KeyOut[1] = ((KeyIn[0]&0x01)<<6) | (KeyIn[1]>>2); KeyOut[2] = ((KeyIn[1]&0x03)<<5) | (KeyIn[2]>>3); KeyOut[3] = ((KeyIn[2]&0x07)<<4) | (KeyIn[3]>>4); KeyOut[4] = ((KeyIn[3]&0x0F)<<3) | (KeyIn[4]>>5); KeyOut[5] = ((KeyIn[4]&0x1F)<<2) | (KeyIn[5]>>6); KeyOut[6] = ((KeyIn[5]&0x3F)<<1) | (KeyIn[6]>>7); KeyOut[7] = KeyIn[6] & 0x7F; for( int i=0; i<8; i++ ){ KeyOut[i] = (KeyOut[i] << 1) & 0xfe; }
Assume bytes(s, e, l) returns bytes from s to e of the byte array l. After a session key is computed, a Netlogon credential is computed. If AES support is not negotiated between the client and the server, the Netlogon credentials are computed using DES:
-
ComputeNetlogonCredential(Input, Sk, Output) SET k1 to bytes(0, 6, Sk) CALL InitLMKey(k1, k3) SET k2 to bytes(7, 13, Sk) CALL InitLMKey(k2, k4) CALL DES_ECB(Input, k3, &output1) CALL DES_ECB(output1, k4, &output2) SET Output to output2
DES_ECB is the DES encryption algorithm in ECB mode ([FIPS81] and [FIPS46-2]).