2.2.6 Crypto Binding Request Attribute

The following diagram specifies the format that MUST be used for the Crypto Binding Request attribute. This attribute is used by the SSTP server to communicate the supported hashing methods and nonce to the SSTP client.

The fields of the structure MUST be transmitted as bytes from left to right.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

Reserved

Attribute ID

LengthPacket

Reserved1

Hash Protocol Bitmask

Nonce (32 bytes)

...

...

Reserved (1 byte): This field is reserved for future use. MUST be set to zero when sent and MUST be ignored on receipt.

Attribute ID (1 byte): An 8-bit (1-byte) field that is used to specify the type of attribute; its value MUST be 0x04 for the Crypto Binding Request attribute.

LengthPacket (2 bytes): A 16-bit unsigned integer in network byte order that packs data for two fields, configured in the following format.

0

1

2

3

4

5

6

7

8

9

1

0

1

2

3

4

5

R

Length

R (4 bits): This 4-bit field is reserved for future use. MUST be set to zero when sent and MUST be ignored on receipt.

Length (12 bits): A 12-bit unsigned integer in network byte order that MUST specify the length of the Crypto Binding Request attribute. Its value MUST be 40 (that is, 0x028).

Reserved1 (3 bytes): This 24-bit field is reserved for future use. MUST be set to zero when sent and MUST be ignored on receipt.

Hash Protocol Bitmask (1 byte): This 1-byte bitmask field is used (with the ServerHashProtocolSupported state variable described in section 3.3.1) to specify the hashing methods allowed by the server that the client uses to compute the Compound MAC in the Crypto Binding attribute. For more information, see section 3.2.5.2. The following bits are defined.

A 1 MUST be placed in the appropriate bit position to select the supported hash protocol. The server MUST select at least one hash protocol. If the server selects both the SHA256 and the SHA1 hash protocols and the client supports both hash protocols (as indicated by the value of the ClientHashProtocolSupported state variable described in section 3.2.1), then the client MUST select the SHA256 protocol. For more information about how the client processes the Hash Protocol Bitmask when it receives a Call Connect Acknowledge message, see section 3.2.5.3.2.


0


1


2


3


4


5


6


7

0

0

0

0

0

0

B

A

Where the bits are defined as:

Value

Description

A

                

CERT_HASH_PROTOCOL_SHA1 is enabled when A=1 and is disabled when A=0.

B

                

CERT_HASH_PROTOCOL_SHA256 is enabled when B=1 and is disabled when B=0.

Nonce (32 bytes): A 256-bit unsigned integer that contains a temporally unique (or random) value. For more information, see [RFC1750].

Show: