2.2.3.1.2.1 Keytoken Structure
The keytoken structure is used to decrypt encrypted structures in a message.
A keytoken is returned by all invocations of encryption primitive of the security provider by the Distributed Routing Table (DRT). This keytoken identifies the key material that is used to decrypt the buffers encrypted specifically for the target node. The following is the unencrypted format of the keytoken.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
IV BLOCK LENGTH |
Padding1 |
||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
IV BLOCK DATA (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Field1 |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
AES 256 KEY (32 bytes) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
IV BLOCK LENGTH (2 bytes): The length of the IV BLOCK DATA field.
Padding1 (6 bytes): MUST be set to zero and ignored on receipt.
IV BLOCK DATA (variable): This is the random initialization vector passed to each encrypt operation. This vector is equal in size to the block size of the encryption algorithm.
Field1 (12 bytes): MUST be set to the constant 0x4b44424d0100000020000000.
AES 256 KEY (32 bytes): This is the encryption key used to perform AES-256 encryption of the input buffers. AES encryption is described in [FIPS197].