2.2.1.1.1.2 Certificate BLOB Encoding
The encoded certificate structure MUST be formatted as follows.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Reserved |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Length |
|||||||||||||||||||||||||||||||
|
Value (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
Reserved (8 bytes): This field MUST be set to the following bytes, in the following order: 0x20 0x00 0x00 0x00 0x01 0x00 0x00 0x00.
Length (4 bytes): This field MUST contain the length of the Value field in bytes. It MUST be an unsigned 32-bit number in little-endian format.
Value (variable): This field MUST contain the ASN.1 DER encoding of the X.509 certificate of the EFS Recovery Agent. The certificate MUST contain a public key for use with the RSA or ECC encryption algorithm. For more details, see [RFC5280].