4.2.3.4 GSS_WrapEx Examples
The GSS_WrapEx() is specified in section 3.4.6. The following data is part of the security context state for the NTLM Session.
SeqNum for the message:
-
0000000: 00 00 00 00 ••••
Plaintext data where conf_req_flag == TRUE and sign == TRUE:
-
0000000: 50 00 6c 00 61 00 69 00 6e 00 74 00 65 00 78 00 P·l·a·i·n·t·e·x· 0000010: 74 00 t·
The sealkey is created using SEALKEY() (section 3.4.5.3):
Cut key exchange key to 56 bits:
-
0000000: eb 93 42 9a 8b d9 52 ..B...R
MD5(ConcatenationOf(SealKey, "session key to client-to-server sealing key magic constant")):
-
0000000: 04 dd 7f 01 4d 85 04 d2 65 a2 5c c8 6a 3a 7c 06 •..•M.•.e.\.j:.•
The signkey is created using SIGNKEY() (section 3.4.5.2):
MD5(ConcatenationOf(RandomSessionKey, "session key to client-to-server signing key magic constant")):
-
0000000: 60 e7 99 be 5c 72 fc 92 92 2a e8 eb e9 61 fb 8d `...\r...*...a..
The output message data and signature is created using SEAL() specified in section 3.4.3. Output_message will contain conf_state == TRUE, signed == TRUE and data:
Data:
-
0000000: a0 23 72 f6 53 02 73 f3 aa 1e b9 01 90 ce 52 00 .#r.S•s..•.•..R• 0000010: c9 9d ╔¥
Checksum: HMAC_MD5(SigningKey, ConcatenationOf(SeqNum, Message))[0..7]:
-
0000000: ff 2a eb 52 f6 81 79 3a *.R..y:•
Signature:
-
0000000: 01 00 00 00 ff 2a eb 52 f6 81 79 3a 00 00 00 00 •••• *.R..y:••••