Figure 1: CredSSP negotiation sequence using SPNEGO
Steps 1 through 4: The CredSSP client and CredSSP server complete the TLS handshake. When the handshake is complete, all subsequent CredSSP Protocol messages are encrypted by the TLS channel, as specified in [RFC2246]. As part of the TLS handshake, the CredSSP server does not request the client's X.509 certificate (thus far, the client is anonymous). Furthermore, the CredSSP Protocol does not require the client to have a commonly trusted certification authority root with the CredSSP server.
Steps 5 and 6: Over the encrypted TLS channel, the SPNEGO handshake between the client and server completes mutual authentication and establishes an encryption key.
Steps 7 and 8: The public key from the server's X.509 certificate in the TLS handshake is verified that it belongs to the server (and not to a man-in-the-middle attacker).
Step 9: The client sends its credentials to the target server that is protected under SPNEGO and TLS encryption. A sample of an unencrypted (ASN.1DER encoded) TSRequest.authInfo structure follows. This is encrypted on the wire.
-
30 82 01 0f a0 03 02 01-02 a1 82 01 06 04 82 01 0............... 02 30 81 ff a0 1a 04 18-62 00 62 00 62 00 62 00 .0......b.b.b.b. 62 00 62 00 62 00 62 00-62 00 62 00 62 00 62 00 b.b.b.b.b.b.b.b. a1 81 e0 30 81 dd a0 03-02 01 01 a2 2e 04 2c 4f ...0..........,O 00 4d 00 4e 00 49 00 4b-00 45 00 59 00 20 00 43 .M.N.I.K.E.Y. .C 00 61 00 72 00 64 00 4d-00 61 00 6e 00 20 00 33 .a.r.d.M.a.n. .3 00 78 00 32 00 31 00 20-00 30 00 a3 50 04 4e 6c .x.2.1. .0..P.Nl 00 65 00 2d 00 4d 00 53-00 53 00 6d 00 61 00 72 .e.-.M.S.S.m.a.r 00 74 00 63 00 61 00 72-00 64 00 55 00 73 00 65 .t.c.a.r.d.U.s.e 00 72 00 2d 00 38 00 62-00 64 00 61 00 30 00 31 .r.-.8.b.d.a.0.1 00 39 00 66 00 2d 00 31-00 32 00 36 00 36 00 2d .9.f.-.1.2.6.6.- 00 2d 00 35 00 33 00 32-00 36 00 38 00 a4 54 04 .-.5.3.2.6.8..T. 52 4d 00 69 00 63 00 72-00 6f 00 73 00 6f 00 66 RM.i.c.r.o.s.o.f 00 74 00 20 00 42 00 61-00 73 00 65 00 20 00 53 .t. .B.a.s.e. .S 00 6d 00 61 00 72 00 74-00 20 00 43 00 61 00 72 .m.a.r.t. .C.a.r 00 64 00 20 00 43 00 72-00 79 00 70 00 74 00 6f .d. .C.r.y.p.t.o 00 20 00 50 00 72 00 6f-00 76 00 69 00 64 00 65 . .P.r.o.v.i.d.e 00 72 00
The transformed TSRequest.authinfo structure is as follows:
-
Total Size: 275 - - - - - - - - - - - TSCredentials - - - - - - - - - - - - - - - tscredentials_len: 0X10F=271 credType: 0X2=2 creds_len: 0X106=262 - - - - - - - - - - - TSSmartCardCreds - - - - - - - - - - - - - - - pin: [bbbbbbbbbbbb] csp_len: 0XE0=224 - - - - - - - - - - - TSCspDataDetail - - - - - - - - - - - - - - - keySpec: 0X1=1 cardName not present readerName: [OMNIKEY CardMan 3x21 0] containerName: [le-MSSmartcardUser-8bda019f-1266--53268] cspName: [Microsoft Base Smart Card Crypto Provider] - - - - - - - - - - - TSSmartCardCreds ctd - - - - - - - - - - - - - - - userHint not present domainHint not present Bytes Remaining: 275-275=0