3.2.4.3 R_KeyExchangePhase2 (Opnum 27)
The client MUST call R_KeyExchangePhase2 after successful processing of R_KeyExchangePhase1 to complete the security session negotiation.
The client MUST perform the following steps:
Generate and store the client's session key.
Encrypt the client's session key with the server's key exchange public key.
Build an IIS_CRYPTO_BLOB structure with the BlobSignature field set to SESSION_KEY_BLOB_SIGNATURE to store the encrypted client's session key.
Compute the hash of the following three entities in this order:
The client's session key.
The server's session key.
The text value of HASH_TEXT_STRING_1, as specified in section 2.2.3.
Build an IIS_CRYPTO_BLOB structure with the BlobSignature field set to SESSION_BLOB_SIGNATURE to store the hash computed in the previous step.
Send IIS_CRYPTO_BLOBs built in the previous steps to the server.
Wait for the response from the server.
Retrieve the server's Hash IIS_CRYPTO_BLOB with the BlobSignature field set to HASH_BLOB_SIGNATURE sent by the server.
Build the hash for validation purposes.
Compute the hash of the client's session key.
Compute the hash of the text HASH_TEXT_STRING_2, as specified in section 2.2.3.
Compare hashes from the previous two steps. If they match, the server owns the server's key exchange private key and was able to decrypt the client's session key.
If a hash validation fails, the receiver MUST reject the data and the method that is processing the encrypted data MUST fail. Error messages resulting from a hash validation failure are implementation-dependent.
Secure session negotiation is now complete. The client and server can now use secure session to encrypt/decrypt data of a sensitive nature marked by the METADATA_SECURE secure flag with calls to the R_GetData, R_EnumData, R_GetAllData, and R_SetData methods.