Share via

3.3.5.1 SecConnect

  • Article

The relay server MUST receive the SecConnect message in an SSTP Connect command, which MUST be the first command that the server receives for a new SSTP connection.

The SecConnect message contains an HMAC and an encrypted device nonce. See section 2.2.1 for the SecConnect message format. The client sends the encrypted nonce as a challenge to the relay server, and the HMAC to protect the message integrity.

Upon receiving the SecConnect message, the server does the following:

  1. Parses the message and extract all fields as defined in section 2.2.1.

  2. If the server finds incorrect version numbers in the SecConnect security message header, or encounters any error in parsing the message, it SHOULD<11> embed a SecConnectResponseAuthenticationFailed security message in a ConnectResponse command, and set the ResponseID field in the ConnectResponse to AuthenticationFailed (see [MS-GRVSSTP] for more details), and then send the ConnectResponse to the client.

  3. Retrieves the device URL for the connecting device, and then uses it to locate the device record. If the server cannot find the device record, or found the record without the secret device key, then the server knows that the device has not registered. In this case, the server sends an SSTP ConnectResponse command to the client by embedding a SecConnectResponseDeviceRegistrationNeeded security message within the command and setting the ResponseID field in the ConnectResponse command to Ok.

  4. Ensures that the device has at least one account on the device. If the server sees that the device record has an empty list of account URLs, it sends an SSTP ConnectResponse command to the client by embedding a SecConnectResponseAuthenticationFailed security message within the command.

  5. Retrieves the device key from the device record, decrypts the nonce in the SecConnect message using the secret device key and the IV with the MARC4 cipher as specified in section 3.1.1.4.

  6. Calculates a HMAC with the message identifier, device URL, server certificate fingerprint and the device nonce as specified in section 2.2.1, and verifies the HMAC.

    If the HMAC verification fails, the server sends an SSTP ConnectResponse command to the client by embedding a SecConnectResponseAuthenticationFailed security message within the command and setting the ResponseID field in the ConnectResponse command to AuthenticationFailed.

    If the SecConnect message is processed successfully, generates a new random nonce and a new random IV, encrypts the nonce as a challenge to the client using the secret device key and the IV with the MARC4 cipher as specified in section 3.1.1.4, and then creates a SecConnectResponse message as specified in section 2.2.2, and sends it along with a ConnectResponse command  to the client, with the ResponseID field in the ConnectResponse command set to OK.