2.2.6.32 SAMPR_ENCRYPTED_PASSWORD_AES

The SAMPR_ENCRYPTED_PASSWORD_AES structure carries an encrypted string.

 typedef struct _SAMPR_ENCRYPTED_PASSWORD_AES {
     UCHAR                       AuthData[64];
     UCHAR                       Salt[16];
     ULONG                       cbCipher;
     [size_is(cbCipher)] PUCHAR  Cipher;
     ULONGLONG                   PBKDF2Iterations;
 } SAMPR_ENCRYPTED_PASSWORD_AES,  *PSAMPR_ENCRYPTED_PASSWORD_AES;

AuthData: An authentication signature HMAC-SHA-512 hash of the value of Cipher+versionbyte+versionbyte_length as specified in AES Cipher Usage (section 3.2.2.4).

Salt: A random number used by the client to encrypt the data stored in Cipher with AES and to derive encryption keys with PBKDF2.

cbCipher: The size of Cipher in bytes.

Cipher: A pointer to a buffer of UCHAR to carry encrypted cleartext password. The encryption key is method-specific, while the algorithm is specified in AES Cipher Usage (section 3.2.2.4) and is common for all methods that use this structure. Refer to the SamrUnicodeChangePasswordUser4 method syntax (section 3.1.5.10.4) and the processing instructions in SamrSetInformationUser2 (section 3.1.5.6.4.6) for encryption key selection specifications.

Note: The SamrUnicodeChangePasswordUser4 method does not require a context handle and can be called directly, nor does it return a context handle.

PBKDF2Iterations: The number of PBKDF2 Iterations used by the client to derive an encryption key with PBKDF2.

For all protocol uses, the decrypted format of Cipher is the following structure.

     typedef struct _SAMPR_USER_PASSWORD_AES {
         USHORT PasswordLength;
         WCHAR  Buffer [SAM_MAX_PASSWORD_LENGTH];
     } SAMPR_USER_PASSWORD_AES, *PSAMPR_USER_PASSWORD_AES;

PasswordLength: An unsigned short integer value that indicates the length of the cleartext password in bytes.

Buffer: A buffer of 512 characters that holds the cleartext value of the password that is PasswordLength number of bytes from the beginning of the buffer. The remaining unused portions of the buffer MUST be filled by the client with random bytes. 

A decrypted cipher of less than (SAM_MAX_PASSWORD_LENGTH * sizeof(WCHAR)) + sizeof(USHORT)) bytes will be rejected by the server and a failure status of STATUS_WRONG_PASSWORD returned to the client.