2.5 Server Secret Key

The server secret Ks is obtained by hashing an arbitrary binary string known as the server secret key. To obtain the secret key, it SHOULD be exported to a file.<4> A passphrase MUST be provided while exporting the secret key to encrypt the contents of the file. The passphrase is handled as a UTF-16 string. The passphrase, excluding the null terminating character, is hashed using the SHA-256 hash algorithm to obtain an encryption key. The plaintext for the file consists of an SHA-256 hash of the secret key followed by the secret key. The plaintext is encrypted using the AES-256 encryption algorithm with Cipher Block Chaining (CBC) and PKCS7 block padding using the encryption key. The Initialization Vector (IV) is a 16-byte block of all zeros. The resulting cipher text is exported to the file.