2.2.1 Handshake Message
The Handshake message structure is defined as follows.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
MessageId |
MajorVersion |
MinorVersion |
HighByteOfPayloadSize |
||||||||||||||||||||||||||||
|
LowByteOfPayloadSize |
AuthPayload (variable) |
||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
MessageId (1 byte): The type of Handshake message. The value of this field MUST be a value from the following table.
-
Value
Meaning
HandshakeDone
0x14
The handshake has completed successfully.
HandshakeError
0x15
An error occurred during the handshake. The AuthPayload field contains an HRESULT. See the description of the AuthPayload field for further information.
HandshakeInProgress
0x16
The message is part of the handshake phase and is not the final message from the host. The final Handshake message from a host is always transferred in a HandshakeDone message.
MajorVersion (1 byte): An unsigned integer that, along with the MinorVersion field, specifies the version of the .NET NegotiateStream Protocol being used. This field MUST be set to 0x01.
MinorVersion (1 byte): An unsigned integer that, along with the MajorVersion field, defines the version of the .NET NegotiateStream Protocol being used. This field MUST be set to 0x00.
HighByteOfPayloadSize (1 byte): An unsigned integer that, along with the LowByteOfPayloadSize field, defines the size, in bytes, of the AuthPayload field. This field represents the high-order byte of the payload size.
LowByteOfPayloadSize (1 byte): An unsigned integer that, along with the HighByteOfPayloadSize field, defines the size, in bytes, of the AuthPayload field. This field represents the low-order byte of the payload size.
AuthPayload (variable): When the Handshake message has a MessageId of HandshakeDone or HandshakeInProgress, this field contains the authentication tokens generated by the Security Support Provider Interface (SSPI) security packages (SPNEGO and NTLM) used by the .NET NegotiateStream Protocol. The formats for these tokens are defined in [MS-SPNG] section 2.2 and [MS-NLMP] section 2.2 respectively. When the Handshake message has a MessageId of HandshakeInProgress, this field MUST have a non-zero length. When the Handshake message has a MessageId of HandshakeDone, this field MUST be of zero length if the remote side's security package did not return a security token when indicating successful initialization of the security context. When the Handshake message has a MessageId of HandshakeError, the AuthPayload field MUST have a length of 8 bytes, and contain either an HRESULT error code describing an error encountered by the security package or the Win32 error code ERROR_TRUST_FAILURE (0x000006FE) indicating that the security package was able to successfully authenticate, but the negotiated security parameters were unacceptable to the remote side.
-
The following structure MUST be used to format this error code within the AuthPayload field:
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
1Reserved
ErrorCode
-
Reserved (4 bytes): This field is reserved and MUST be set to zero. The recipient MUST ignore the value.
-
ErrorCode (4 bytes): An HRESULT describing an error encountered by the remote side's security package, or the value 0x000006FE.