次の方法で共有


3.2.5.1 Received Generalized Main Mode First Exchange Response

When the initiator receives a response:

Main Mode First Exchange Response packet

Figure 5: Main Mode First Exchange Response packet

On receiving a packet when initiator is in the Main Mode First Generalized Packet Sent state, the initiator MUST verify that the exchange type in the ISAKMP header of the response indicates that the responder supports the Authenticated Internet Protocol.

If so, the initiator MUST transition to the Main Mode Initiator First exchange Done state.

The initiator MUST also verify that the message is constructed as follows:

  • HDR: The ISAKMP header MUST be identical to the first IKE phase 1 initiator header (see section 2.2.1), except that the exchange type MUST be 243 (main mode exchange type). The Encrypted flag SHOULD NOT be set.

    1. The initiator MUST verify that the encrypted flag is set to zero.

    2. The initiator MAY<14> verify that the message ID field is zero.

  • The remaining payloads MUST follow an unencrypted Crypto payload.

  • Security association (SA): The SA payload MUST be verified by looking up the PAD and the SPD and checking if the proposed transforms are acceptable, as specified in [RFC2408] section 5.4.

  • Auth payload (auth): The Auth payload MUST be verified by looking up the PAD and the SPD and confirming that the chosen authentication method by peer is acceptable as specified in [RFC2408] section 5.4.

If the NATD payloads are present, they MUST be processed as specified in [RFC3947] section 3.2. If the presence of a NAT is detected ([RFC3947] section 3.2), then the isNatPresent setting MUST be set to TRUE (see section 3.1.1).

The same Vendor ID interpretation rules as specified in [MS-IKEE] section 3.7.5.1 MUST be used to determine whether to mark the peer as Negotiation Discovery capable (by setting the PeerIsNegotiationDiscoveryCapable flag) in the MMSAD. If the cryptographic parameters in the MMSAD entry for this main mode SA indicate that the initiator was using Diffie Hellman key exchange, then the initiator MUST additionally verify the presence of a KE payload in the received message and calculate the DH shared secret g^xy (section 3.1.7.4).

If the peer security principal name isn't stored in the MMSAD for this main mode SA, then the initiator MUST additionally verify the presence of a GSS_ID payload in the received message and update the Peer security principal name in main mode SA with the ID stored in the payload.

If the initiator is not in Main Mode First Generalized Packet Sent state when it receives this packet, it MUST tear down the corresponding main mode SA if it can match the packet to one, or silently discard the packet otherwise.