Export (0) Print
Expand All

Input Buffers for the Digest Challenge Response

HTTP authentication using Microsoft Digest requires three input buffers to generate a challenge response. The following table summarizes these buffers.

Buffer numberContainsBuffer type
0Challenge received from the ServerSECBUFFER_TOKEN
1HTTP MethodSECBUFFER_PARAMS
2H(Entity)SECBUFFER_PARAMS
3The service principal name (SPN) of the target server.SECBUFFER_TARGET_HOST | SECBUFFER_READONLY
4Channel bindings token valuesSECBUFFER_CHANNEL_BINDINGS | SECBUFFER_READONLY

 

Buffer zero contains the Digest challenge received from the server in response to the initial request for an access-protected resource.

Buffer 1 contains the string representation of the method, such as "GET" or "POST". The method is used in the calculation of A2, as described in RFC 2617.

Buffer 2 is the MD5 hash of the message's entity-body as described in RFC 2617.

Buffer 3 contains the SPN of the target server in UTF-8 formatting when Digest is used with channel bindings.

Buffer 4 contains the channel binding token value when Digest is used with channel bindings.

Input Buffers for SASL

Supply buffer zero only. For compatibility with other SSPs, you may call InitializeSecurityContext (Digest) without a valid server challenge. In this case the pInput parameter should be set to NULL.

 

 

Community Additions

ADD
Show:
© 2014 Microsoft