[range(0, 31)] uint32 l1_index;
[range(0, 31)] uint32 l2_index;
GUID root_key_id;
- uint32 unknown; /* This might be the length of a key that is rarely or never present. */
+ uint32 additional_info_len;
[value(2 * ndr_charset_length(domain_name, CH_UTF16))] uint32 domain_name_len;
[value(2 * ndr_charset_length(forest_name, CH_UTF16))] uint32 forest_name_len;
+ /*
+ * https://lists.samba.org/archive/cifs-protocol/2023-December/004170.html
+ * This is the public key blob of an ephemeral public key used in secret
+ * agreement, or a random number used in deriving a symmetric key.
+ */
+ [flag(NDR_SECRET)] uint8 additional_info[additional_info_len];
nstring domain_name; /* DNS name of the domain which generated the key. */
nstring forest_name; /* DNS name of the forest which generated the key. */
} KeyEnvelope;
self.assertEqual(self.root_key_id, envelope.root_key_id)
- self.assertEqual(0, envelope.unknown)
+ self.assertEqual(0, envelope.additional_info_len)
+ self.assertFalse(envelope.additional_info)
self.assertEqual(self.domain_name, envelope.domain_name)
self.assertEqual(utf16_encoded_len(self.domain_name), envelope.domain_name_len)
envelope.root_key_id = self.root_key_id
- envelope.unknown = 0
+ envelope.additional_info = []
+ envelope.additional_info_len = 0
envelope.domain_name = self.domain_name
envelope.forest_name = self.forest_name