3.2.4.5 R_GetData (Opnum 10)

The secure session MUST be negotiated by the client prior to calling the R_GetData method.

The pbMDData field of the METADATA_RECORD structure is not used for the R_GetData call.

The IIS_CRYPTO_BLOB message that is received by the client upon successful completion of the call to the R_GetData method contains encrypted or encoded data.

The following set of steps MUST be performed by the client to decrypt or decode IIS_CRYPTO_BLOB data received from the server:

• If the BlobSignature member in the IIS_CRYPTO_BLOB message is set to ENCRYPTED_DATA_BLOB_SIGNATURE, the data inside the message will be decrypted based on the description in section 3.1.4.1.3.

• If the BlobSignature member in the IIS_CRYPTO_BLOB message is set to CLEARTEXT_DATA_BLOB_SIGNATURE, the BlobData member inside the IIS_CRYPTO_BLOB will be interpreted as a CLEARTEXT_DATA_BLOB message. The ClearTextData field represents the actual cleartext data.