locked
SSPI example using WDigest RRS feed

  • Question

  • Hello everybody,

    Where could one find a simple example using SSPI with WDigest in C++?

    SSPI Sample Application for Windows  Mobile 6.5 in MSDN shows a client app using NTLM. The more elaborate example Sample SSPI Code is using Negotiate (again, NTLM or Kerberos). Tweaking with the latter is not really straightforward: for once, the client-side message sending function doesn't work with 0 length messages (which is actually a legitimate value returned by the first Initialize). After fixing that and changing the flags used in AcceptSecurityContext()/InitializeSecurityContext() to ASC_REQ_CONFIDENTIALITY, the server side finally generated the challenge. Here is the nonce:

    qop="auth,auth-int,auth-conf",cipher="3des,rc4",algorithm=md5-sess,nonce="+Upgraded+v11af11e8220fa61ec0975247aaf03349667a4e0630593cb0196c5947814cffec94d5f6bf258462c45e6642ffd5108a5fd54c9adae6058b64d",charset=utf-8,realm="..."

    where the realm is the actual domain name. However, the second call to client's InitializeSecurityContext() returns SEC_E_INVALID_TOKEN. Again, this is based heavily on MSDN's example modified for WDigest, so I am kind of lost at the moment ...

    Any (working) snippet would be greatly appreciated,

    Bogdan

    Saturday, December 4, 2010 1:27 PM