Partager via


2.2.2.1 Server License Request (SERVER_LICENSE_REQUEST)

The Server License Request packet is sent to the client to initiate the RDP licensing handshake.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

ServerRandom (32 bytes)

...

...

ProductInfo (variable)

...

KeyExchangeList (variable)

...

ServerCertificate (variable)

...

ScopeList (variable)

...

ServerRandom (32 bytes): A 32-byte array containing a random number. This random number is created using a cryptographically secure pseudo-random number generator and is used to generate licensing encryption keys (see section 5.1.2). These keys are used to encrypt licensing data in subsequent licensing messages (see sections 5.1.3 and 5.1.4).

ProductInfo (variable): A variable-length Product Information structure. This structure contains the details of the product license required for connecting to the terminal server.

KeyExchangeList (variable): A Licensing Binary BLOB structure (see [MS-RDPBCGR] section 2.2.1.12.1.2) of type BB_KEY_EXCHG_ALG_BLOB (0x000D). This BLOB contains the list of 32-bit unsigned integers specifying key exchange algorithms that the server supports. The terminal server supports only one key exchange algorithm as of now, so the BLOB contains the following value.

Value

Meaning

KEY_EXCHANGE_ALG_RSA

0x00000001

Indicates RSA key exchange algorithm with a 512-bit asymmetric key.<2>

ServerCertificate (variable): A Licensing Binary BLOB structure (see [MS-RDPBCGR] section 2.2.1.12.1.2) of type BB_CERTIFICATE_BLOB (0x0003). This BLOB contains the terminal server certificate (see section 2.2.1.4). The terminal server can choose not to send the certificate by setting the wblobLen field in the Licensing Binary BLOB structure to 0. If encryption is in effect and is already protecting RDP traffic, the licensing protocol MAY<3> choose not to send the server certificate (for RDP security measures, see [MS-RDPBCGR] sections 5.3 and 5.4). If the licensing protocol chooses not to send the server certificate, then the client uses the public key obtained from the server certificate sent as part of Server Security Data in the Server MCS Connect Response PDU (see [MS-RDPBCGR] section 2.2.1.4).

ScopeList (variable): A variable-length Scope List structure that contains a list of entities that issued the client license. This list is used by the client in conjunction with ProductInfo to search for an appropriate license in its license store.<4>