2.2.6.22 SAMPR_ENCRYPTED_USER_PASSWORD_NEW

The SAMPR_ENCRYPTED_USER_PASSWORD_NEW structure carries an encrypted string.

 typedef struct _SAMPR_ENCRYPTED_USER_PASSWORD_NEW {
   unsigned char Buffer[(256 * 2) + 4 + 16];
 } SAMPR_ENCRYPTED_USER_PASSWORD_NEW,
  *PSAMPR_ENCRYPTED_USER_PASSWORD_NEW;

Buffer: An array to carry encrypted cleartext password data.

For all protocol uses, the decrypted format of Buffer is the following structure.

 typedef struct _SAMPR_USER_PASSWORD_NEW {
     WCHAR Buffer[256];
     ULONG Length;
     UCHAR ClearSalt[16];
 } SAMPR_USER_PASSWORD_NEW, *PSAMPR_USER_PASSWORD_NEW;

Buffer: This array contains the cleartext value at the end of the buffer. The cleartext value can be no more than 512 bytes. The start of the string is Length number of bytes from the end of the buffer. The unused portions of SAMPR_USER_PASSWORD_NEW.Buffer SHOULD be filled with random bytes by the client.

Length: An unsigned integer, in little-endian byte order, that indicates the number of bytes of the cleartext value (located in SAMPR_USER_PASSWORD_NEW.Buffer).

ClearSalt: This value (a salt) MUST be filled with random bytes by the client and MUST NOT be encrypted. The length of 16 was chosen in particular because 128 bits of randomness was deemed sufficiently secure when this protocol was introduced (circa 1998).

Implementations of this protocol MUST protect the SAMPR_ENCRYPTED_USER_PASSWORD_NEW structure by encrypting the first 516 bytes of data referenced in its Buffer field on request (and reply) and by decrypting on receipt. See section 3.2.2.1 for the specification of the algorithm performing encryption and decryption.

The first 516 bytes are defined as the first 516 bytes of the SAMPR_USER_PASSWORD_NEW structure defined previously. The last 16 bytes of the SAMPR_ENCRYPTED_USER_PASSWORD_NEW structure are defined as the last 16 bytes of the SAMPR_USER_PASSWORD_NEW structure and MUST NOT be encrypted or decrypted.