3.1.4.3 Encrypting the Message

This optional interface is applicable only for the SMB 3.x dialect family.<92>

If the sender requires the message to be both encrypted and compressed, the sender MUST compress the message first as specified in section 3.1.4.4 and then encrypt the compressed message.

The sender MUST construct the SMB2 TRANSFORM_HEADER specified in section 2.2.41 as follows:

• OriginalMessageSize is set to the size of the SMB2 message being sent.

• SessionId is set to Session.SessionId.

• EncryptionAlgorithm/Flags is set to 0x0001.

•  Nonce is set to a newly generated implementation-specific value that is not used for any other encrypted message within the session.

• Signature is set to a value generated using the algorithm specified in Connection.CipherId as specified in [RFC5084] with the following input:

  • Nonce.AES_CCM_Nonce or Nonce.AES_GCM_Nonce based on the cipher specified by Connection.CipherId.

  • The SMB2 TRANSFORM_HEADER, excluding the ProtocolId and Signature fields, as the optional authenticated data.

  • The SMB2 message, including the header and the payload, as the data to be encrypted.

  • Session.EncryptionKey as the key to be used for signing.

The sender MUST encrypt the SMB2 message using Session.EncryptionKey. If Connection.Dialect is "3.1.1", then the cipher specified by Connection.CipherId is used. Otherwise, AES-128-CCM is used to encrypt, as specified in [RFC4309]. The sender MUST append the encrypted SMB2 message to the SMB2 TRANSFORM_HEADER and send it to the receiver.