Client failing negotiation of NPS CryptoBindings

Question

I've got a client that's authenticating against NPS Server, but it's being prevented from completing the authentication by the fact that NPS is sending a CryptoBinding request which the client can't continue from. Pretty much all of the documentation around CryptoBinding is either contradictory, wrong, or entirely missing. There are three different sets of docs that describe it, all of which contradict each other and all of which are wrong, and several different sets of docs covering individual aspects of the CryptoBinding process like the PRF used, also contradictory or wrong. In addition it's documented that if you NAK the CryptoBinding request the server will continue when in fact it just fails the authentication.

The only correct "documentation" I've found is the source code for wpa_supplicant/eapol_test/hostapd, which will authenticate against NPS Server using CryptoBinding (the statement that the Microsoft docs on this are wrong is based on the fact that none of them match what eapol_test does, and eapol_test works with NPS Server).

The problem is that code that will authenticate against eapol_test works, but the exact same code run against NPS Server doesn't. Exhaustively enumerating all of the contradictions and ambiguities in the different Microsoft docs isn't feasible because there are too many of them to run through. Does anyone know of any definitive documentation, other than the eapol_test source code, for what NPS Server is actually doing with CryptoBindings?