5.1.5 AES Cipher Usage
-
Advanced Encryption Standard (AES) encryption is achieved in this protocol by using the AEAD-AES-256-CBC-HMAC-SHA512 cipher<119>, as specified in [AES-CBC]. In order to use an encryption key, AES encryption requires a shared secret between the server and the client - a Content Encryption key. The Content Encryption key used is the session key negotiated by the transport. In this case, it is a 16-byte SMB session key.
-
The data MUST be encrypted and decrypted using AEAD-AES-256-CBC-HMAC-SHA512, as follows:
Let IV be a random 16-byte number.
Let CEK be the shared secret.
Encryption is then completed as follows:
Let enc_key ::= HMAC-SHA-512(CEK, LSAD_AES256_ENC_KEY_STRING)
Let mac_key ::= HMAC-SHA-512(CEK, LSAD_AES256_MAC_KEY_STRING)
Let Cipher ::= AES-CBC(enc_key, IV, secret_plaintext)
Let AuthData ::= HMAC-SHA-512(mac_key, versionbyte + IV + Cipher + versionbyte_length)
-
Note that enc_key is truncated to 32-bytes and the entire 64-byte mac_key is used.