2.2.20.6 KEYCREDENTIALLINK_ENTRY Identifiers
The KEYCREDENTIALLINK_ENTRY structure, Identifier and Value fields are defined in section 2.2.20.3 where the Value is a series of bytes whose size and meaning are defined by the Identifier. The following table lists the available identifiers, data length, and the semantics of the related data.
Identifier value |
Length in bytes of the data in the Value field |
Description of the data stored in the Value field |
---|---|---|
KeyID (0x01) |
32 |
A SHA256 hash of the Value field of the KeyMaterial entry. |
KeyHash (0x02) |
32 |
A SHA256 hash of all entries following this entry. |
KeyMaterial (0x03) |
Variable |
Key material of the credential. |
KeyUsage (0x04) |
1 |
Must be set to one of KEY_USAGE_NGC, KEY_USAGE_FIDO, or KEY_USAGE_FEK. |
KeySource (0x05) |
1 |
Must be set to KEY_SOURCE_AD. |
DeviceId (0x06) |
16 |
Contains a device object identifier, or all zeros. |
CustomKeyInformation (0x07) |
2 |
Must contain a CUSTOM_KEY_INFORMATION structure. |
KeyApproximateLastLogonTimeStamp (0x08) |
8 |
The approximate time this key was last used, in FILETIME format. |
KeyCreationTime (0x09) |
8 |
The approximate time this key was created, in FILETIME format. |
All keys MUST contain KeyID, KeyMaterial, and KeyUsage entries. Keys SHOULD contain KeyHash, KeyApproximateLastLogonTimeStamp, and KeyCreationTime entries.