2.2.2.1.17 KeyAgreementGenerateNonce
The KeyAgreementGenerateNonce structure is used to generates a nonce value for inclusion in the DHNonce in a Kerberos PKINIT message exchange ([RFC4556] Section 3.2.1). This nonce is part of the Diffie-Hellman agreement that is part of Kerberos PKINIT.
When populating this field of the KerbCredIsoRemoteInput structure, the CallId field MUST be set to RemoteCallKerbKeyAgreementGenerateNonce.
-
struct { KEY_AGREEMENT_HANDLE KeyAgreementHandle; } KeyAgreementGenerateNonce;
KeyAgreementHandle: A KEY_AGREEMENT_HANDLE type that contains the key agreement associated with the nonce.
When populating this field of the KerbCredIsoRemoteOutput structure, the CallId field MUST be set to RemoteCallKerbKeyAgreementGenerateNonce.
-
struct { PULONG NonceLen; [size_is(, *NonceLen)] PBYTE* Nonce; } KeyAgreementGenerateNonce;
NonceLen: A pointer to a ULONG that indicates the byte length of the Nonce field.
Nonce: A byte array that contains the nonce for use in a key agreement operation.