2.2.2.1.5 Encrypted FEK
The Encrypted FEK field in the DDF and DRF key list entries MUST consist of the following structure, encrypted as specified in the description of the Flags field for the key list entry.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Key Length |
|||||||||||||||||||||||||||||||
|
Entropy |
|||||||||||||||||||||||||||||||
|
Algorithm |
|||||||||||||||||||||||||||||||
|
Reserved |
|||||||||||||||||||||||||||||||
|
Key (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
Key Length (4 bytes): The length, in bytes, of the Key field. It MUST be a 32-bit unsigned integer in little-endian format. Possible values depend on the algorithm ID (ALG_ID) as specified in section 2.2.13.<11>
Entropy (4 bytes): The number of bits of true randomness in the key contained in this structure. It MUST be a 32-bit unsigned integer in little-endian format. Possible values depend on the Algorithm as specified in section 2.2.13.
Algorithm (4 bytes): The symmetric cryptographic algorithm associated with this key. It MUST be a 32-bit unsigned integer in little-endian format. Possible values are specified in section 2.2.13. The possible values for this field are constrained by the value of the EFS version field in the EFSRPC Metadata.
Reserved (4 bytes): MUST be set to zero and ignored.