3.7.5.2 Received Extended Mode Final Exchange Request

Extended Mode Final Exchange packet

Figure 25: Extended Mode Final Exchange packet

If the Extended Mode responder has finished GSS-API negotiation successfully, that is, it is in the GSS_API Done state and receives the above packet, then the responder MUST:

  • Decrypt the Crypto payload.

  • Compute Auth3, as specified in section 3.1.7.4.

  • Verify that the HAuth3 payload contains the computed Auth3 value.

If the responder is not in GSS_API_Done state when it receives the above packet, it MUST tear down the corresponding main mode if it can match the packet to an existing main mode, or silently discard it otherwise.

  • If the "Impersonation Active EM" flag on the MM SA is true, then the responder MUST set the ImpersonationHandle to a locally unique value that represents the incoming user.

  • If the initiator won the Key Dictation Weight negotiation (that is, KeyDictationLocalWinner is set), then the responder MUST consume the KeyDict(in) and KeyDict(out) payloads and use the quick mode keys supplied by the initiator.

If the responder encounters no errors while it processes this packet, the responder MUST send a message formatted as specified in the following diagram in response.

Extended Mode Final Exchange Response packet

Figure 26: Extended Mode Final Exchange Response packet

The responder MUST construct the response message as follows:

  • HDR: The ISAKMP header MUST have identical format to the first IKE phase 2 initiator packet (as specified in [RFC2409] section 5.5), except that the exchange type MUST be 245 (EM exchange type). The Encrypted flag MUST be set.

  • The remaining payload MUST be encapsulated in a Crypto payload. The Crypto payload MUST be constructed as specified in section 3.5.5.

  • HAuth4: The ISAKMP Hash payload that contains Auth4 MUST be computed as specified in section 3.1.

Before it sends the above response, the responder MUST add both QM SAs to the SAD and transition to Extended Mode Complete state and MUST enforce the rules defined in the PAD including the policy for use of Explicit Credentials in EM (see section 3.1.1), as follows: If Allow Explicit Credentials in EM is FALSE but Explicit Credentials EM is TRUE, then the responder MUST fail the connection. See section 3.7.7.1.

If the responder encounters any errors in the processing of this message. it MUST be treated as an Invalid Message Received (section 3.7.7.1) event.