Udostępnij za pośrednictwem


Appendix A: Certificate Request Structure

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

This appendix provides additional detailed information about the key archival process regarding the certificate request structure.

ASN.1 Structure

A certificate request for key archival to the CA is a CMC Full PKIRequest message as specified in RFC 2797. The ASN.1 structure used by the Windows Server 2003 CA is demonstrated in Figure 46.

Art Image

Figure 46:  CMC Request Message

Understanding the PKCS #7 Message Content Structure

The first section of the CMC message contains a PKCS #7 message that has the relevant elements for generating a certificate request.

Understanding the controlSequence TaggedAttribute Element

The TaggedAttribute element in the message contains the following information.

  • Extensions—The Extensions section of the TaggedAttribute element contains the following extensions.

    • Application Policies

    • Template Information

    • Key Usage

    • Enhanced Key Usage

  • Attributes—The Attributes section of the TaggedAttribute element contains the following data.

    • Common Name

    • Template Name to be used

    • Hash of the encrypted private key BLOB  

  • Other request information

Understanding the reqSequence TaggedRequest Element

The reqSequence TaggedRequest element contains a nested PKCS #10 message. This message contains the user’s public key in addition to other information relevant for generating the certificate.

Understanding the cmsSequence TaggedContentInfo Element

The cmsSequence TaggedContentInfo element can contain nested PKCS #7 and CMC messages. In a standard archival request, this element is not used.

Understanding the otherMsgSequence OtherMsg Element

Not Used

Understanding the Signatures Structure

The signatures section of the CMC message contains one or more signatures used to sign the request. The following is an example of the signatures section.

Signer Count: 1 
 
Signer Info[0]: 
Signature matches request Public Key 
CMSG_SIGNER_INFO_CMS_VERSION(3) 
CERT_ID_KEY_IDENTIFIER(2) 
    0000  81 92 56 3a c4 31 f8 82  0c 54 c9 d0 98 4f d8 c5 
    0010  34 63 9e cc 
Hash Algorithm: 
    Algorithm ObjectId: 1.3.14.3.2.26 sha1 
    Algorithm Parameters: NULL 
Encrypted Hash Algorithm: 
    Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA 
    Algorithm Parameters: NULL 
Encrypted Hash: 
    0000  c1 ae 90 a7 a3 0b 52 66  ea c4 d0 04 17 2e 94 95 
    0010  14 20 06 ...

Understanding the Authenticated Attributes Structure

The authenticated attributes section contains additional authenticated attributes, such as Content Type, Message Digest, and Client Information. The following is an example of the authenticated attributes section.

Authenticated Attributes[0]: 
  3 attributes: 
  Attribute[0]: 1.2.840.113549.1.9.3 (Content Type) 
    Value[0][0]: 
    Unknown Attribute type 
    1.3.6.1.5.5.7.12.2 CMC Data 
  Attribute[1]: 1.2.840.113549.1.9.4 (Message Digest) 
    Value[1][0]: 
    Unknown Attribute type 
    Message Digest: 
        5e 1f 0f f0 28 a4 fe 91 0d c2 2f 1a 18 78 7e 2e 10 7f 17 39 
  Attribute[2]: 1.3.6.1.4.1.311.21.20 (Client Information) 
    Value[2][0]: 
    Unknown Attribute type 
    Client Id: = 1 
    XECI_XENROLL -- 1 
    User: CONTOSO0\avibm 
    Machine: dcross-stress.contoso.com 
    Process: certreq

Understanding the Unauthenticated Attributes Structure

The unauthenticated attributes section contains the encrypted private key. The private key is contained in an enveloped PKCS #7 message that is encrypted to the CA’s exchange key. Since this is an unauthenticated attribute, the SHA1 hash of the PKCS #7 message is included as one of the attributes of the controlSequence TaggedAttribute attributes.

The following is an example of the unauthenticated attributes section.

Unauthenticated Attributes[0]: 
  1 attributes: 
 
  Attribute[0]: 1.3.6.1.4.1.311.21.13 (Encrypted Private Key) 
    Value[0][0]: 
    Unknown Attribute type 
================ Begin Nesting Level 1 ================ 
PKCS7 Message: 
  CMSG_ENVELOPED(3) 
  CMSG_ENVELOPED_DATA_PKCS_1_5_VERSION(0) 
  Content Type: 1.2.840.113549.1.7.1 PKCS 7 Data 
 
PKCS7 Message Content: 
0000    d4 a6 31 b6 5a ee 62 90  cc 17 b1 7a 6a 0d 40 9a 
..1.Z.b....zj.@. 
0010    33 fd 11 14 0b ae 12 bd  3b 32 b8 73 af cc 1b 76 
3.......;2.s...v ...

Performing Binary Export for a Request

To view and decode a CMS key archival request from a Windows Server 2003 CA, it is necessary to do a binary export directly from the CA database. A binary export can be easily achieved through the Certification Authority MMC snap-in or by using the certutil.exe command-line tool.

Binary Request Export Using the Certification Authority MMC Snap-In Walkthrough

To export a binary request using the Certification Authority MMC Snap-in

  1. Log on to the CA machine using a CA Administrator account.

  2. Open the Certification Authority MMC snap-in.

  3. Click the Issued Certificates folder.

  4. If the binary request column has not been previously added to the database view, it must be added to support a binary request export. To add a column to the view, click View on the menu bar, and then select the Add/Remove Columns menu option.

  5. In the Add/Remove Columns dialog box, select the Binary Request field in the Available Columns list box on the left.

  6. Click Add, and then click OK.

Next, a binary request can be exported.

  1. Select a request from the issued certificates view, and then click the Action menu.

  2. Select Export Binary Data on the All Tasks menu.

  3. In the Export Binary Data dialog box, choose Binary Request as the column you want to export.

  4. Click OK.

The data will be exported into ASCII format that can be opened in Notepad using notepad.exe.

Note

Following the previous steps will generate a dump of the certificate archival request only; it does not include the private key material. To dump a full certificate archival request including the private key material, follow the command-line option.

Binary Request Export Using the CertUtil.exe Command-Line Tool Walkthrough

To use the certutil.exe to view the certificate request including private key material, a request file has to be generated first.

To generate a request file

  1. Run Notepad.exe.

  2. Paste the following certificate request information into Notepad.

    [Version]

    Signature= "$Windows NT$"

    [NewRequest]

    Subject = "CN=Test Subject"

    KeySpec = 1

    Exportable = FALSE

    PrivateKeyArchive = TRUE

    [RequestAttributes]

    CertificateTemplate = EFS

    Note

noteNote
Make sure that the CA is configured for key archival before starting this process. In this example, the EFS template is used; this should be changed to an existing certificate template that allows private key archival.
</div></td>
</tr>
</tbody>
</table>
  1. Save the file as CertificateRequest.inf, and then close Notepad.

  2. Open the command-line window.

  3. Type the following command.

    Certreq –new CertificateRequest.inf CertificateRequest.req

    Notes:

    • This command will prompt you to select the CA to fetch the CA exchange certificate from, and to encrypt the private key to.

    • This command will write the request to a file named by the last argument on the command line: CertificateRequest.req.

    • To avoid using the CA selection dialog, you can specify the CA via -config CAMachineDNSName\CACertCommonName before or after the –new option.

  4. Type the following command.

    certreq -submit CertificateRequest.req KeyArchival.cer KeyArchival. p7b KeyArchival.rsp

    This command will prompt you to select the CA to submit the request to.

    Notes:

    • This command will write the newly issued certificate, a PKCS7 containing only the issued certificate and chain, and the full CMC response to files named by the last three arguments on the command line: KeyArchival.cer, KeyArchival.p7b, and KeyArchival.rsp, respectively.

    • To avoid the U/I, you can specify the CA via -config CAMachineDNSName\CACertCommonName before or after the –submit.

  5. Type the following command.

    certreq -accept KeyArchival.rsp

    This command verifies the response, installs the certificate, and associates it with the private key.

  6. Type the following command.

    Certutil –privatekey –dump CertificateRequest.req >CertificateRequest.txt

    This command will generate a dump of the certificate archival request into the CertificateRequest.txt file.  

  7. Type the following command.

    Certutil –privatekey –dump KeyArchival.rsp >CertificateResponse.txt

    This command will generate a dump of the certificate archival response into the CertificateResponse.txt file.

For non-Windows Server 2003 clients or servers enrolling to a Windows Server 2003 CA, the format of the request may be different. The reason is that non-Windows Server 2003 platforms may not support CMC data structures and, therefore, may not be able to encode the request information inside a PKIData object. Instead, the request information may be inside the Data body but not encoded as a PKIData object.

Note

certreq.exe and other tools may be installed on a Windows Server 2003 Professional machine by installing the Administrative Tools (adminpak.msi) that are located in the \i386 directory on all Windows Server 2003 CD-ROM media.

CMC Request and Response Examples

Request:

SEQUENCE :  
 OBJECT IDENTIFIER :  signedData [1.2.840.113549.1.7.2] 
 CONTEXT SPECIFIC (0) :  
    SEQUENCE :  
       INTEGER : 3 
       SET :  
          SEQUENCE :  
             OBJECT IDENTIFIER :  sha1 [1.3.14.3.2.26] 
             NULL :  
       SEQUENCE :  
          OBJECT IDENTIFIER :  [1.3.6.1.5.5.7.12.2] 
          CONTEXT SPECIFIC (0) :  
             OCTET STRING :  
                SEQUENCE :  
                   SEQUENCE :  
                      SEQUENCE :  
                         INTEGER : 2 
                         OBJECT IDENTIFIER :  [1.3.6.1.5.5.7.7.8] 
                            SET :  
                               SEQUENCE :  
                                  INTEGER : 0 
                               SEQUENCE :  
                                  INTEGER : 1 
                               SEQUENCE :  
                                  SEQUENCE :  
                                     OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.10] 
                                     OCTET STRING :  
                                        SEQUENCE :  
                                           SEQUENCE :  
                                              OBJECT IDENTIFIER :  encryptedFileSystem [1.3.6.1.4.1.311.10.3.4] 
                                  SEQUENCE :  
                                     OBJECT IDENTIFIER :  keyUsage [2.5.29.15] 
                                     OCTET STRING :  
                                     BIT STRING UnusedBits:5 :  
                                           20 
                                  SEQUENCE :  
                                     OBJECT IDENTIFIER :  extKeyUsage [2.5.29.37] 
                                        OCTET STRING :  
                                           SEQUENCE :  
                                              OBJECT IDENTIFIER :  encryptedFileSystem [1.3.6.1.4.1.311.10.3.4] 
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.7] 
                                        OCTET STRING :  
                                           SEQUENCE :  
                                              OBJECT IDENTIFIER :  
 [1.3.6.1.4.1.311.21.8.4014942.3497959.5914804.3829722.12246394.103.3066650.1537810] 
                                              INTEGER : 100 
                                              INTEGER : 2 
                         SEQUENCE :  
                            INTEGER : 3 
                            OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.10.10.1] 
                            SET :  
                               SEQUENCE :  
                                  INTEGER : 0 
                                  SEQUENCE :  
                                     INTEGER : 1 
                                  SET :  
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.21] 
                                        SET :  
                                           OCTET STRING :  
                                              9231E6C0B87445190EA2CA934B2807FF799 
                                              3C59F 
                         SEQUENCE :  
                            INTEGER : 4 
                            OBJECT IDENTIFIER :  [1.3.6.1.5.5.7.7.18] 
                            SET :  
                               OCTET STRING :  
                                  436572746966696361746554656D706C6174653D4172636 
                                  869766554657374426173696345465326 
                      SEQUENCE :  
                         CONTEXT SPECIFIC (0) :  
                            INTEGER : 1 
                            SEQUENCE :  
                               SEQUENCE :  
                                  INTEGER : 0 
                                  SEQUENCE :  
                                     SET :  
                                        SEQUENCE :  
                                           OBJECT IDENTIFIER :  commonName [2.5.4.3] 
                                           PRINTABLE STRING :  
'Test Subject' 
                                  SEQUENCE :  
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  rsaEncryption [1.2.840.113549.1.1.1] 
                                        NULL :  
                                     BIT STRING UnusedBits:0 :  
                                        SEQUENCE :  
                                           INTEGER :  
                                              00DAFF7C6859557C698CDA4598222E8E90E 
                                              EB481889531E9F67F10C081F2545B060BE7 
                                              714E755325AC710774764DCA8120C6BEB7B 
                                              6EF74B0260EDD56DD299B242A94EE83C420 
                                              AC7FF0E694122E26EF67670782223C4E8D8 
                                              12C98047F24E10CF6A26FEBEEB826638924 
                                              F36B697CEA02EFC4CA0D108CB85047266AD 
                                              27DE582D181A1 
                                           INTEGER : 65537 
                                  CONTEXT SPECIFIC (0) :  
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.13.2.3] 
                                        SET :  
                                           IA5 STRING :  
                                              '5.2.3790.2' 
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.20] 
                                        SET :  
                                           SEQUENCE :  
                                              INTEGER : 1 
                                              UTF8 STRING :  
                                                 'dcross-stress.contoso.com' 
                                              UTF8 STRING :  
                                                 'CONTOSO0\avibm' 
                                              UTF8 STRING :  
                                                 'certreq' 
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.13.2.2] 
                                        SET :  
                                           SEQUENCE :  
                                              INTEGER : 1 
                                              BMP STRING :  
                                                 'Microsoft Strong Cryptographic P' 
                                                 'rovider' 
                                              BIT STRING UnusedBits:0 :  
                                                 00000000000000000000000000000000 
                                                 00000000000000000000000000000000 
                                                 00000000000000000000000000000000 
                                                 00000000000000000000000000000000 
                                                 00000000000000000000000000000000 
                                                 00000000000000000000000000000000 
                                                 00000000000000000000000000000000 
                                                 00000000000000000000000000000000 
                                                 0000000000000000 
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  extensionReq [1.2.840.113549.1.9.14] 
                                        SET :  
                                           SEQUENCE :  
                                              SEQUENCE :  
                                                 OBJECT IDENTIFIER :  sMIMECapabilities [1.2.840.113549.1.9.15] 
                                                 OCTET STRING :  
                                                    SEQUENCE :  
                                                       SEQUENCE :  
                                                          OBJECT IDENTIFIER :  rc2CBC [1.2.840.113549.3.2] 
                                                          INTEGER : 128 
                                                       SEQUENCE :  
                                                          OBJECT IDENTIFIER :  rc4 [1.2.840.113549.3.4] 
                                                          INTEGER : 128 
                                                       SEQUENCE :  
                                                          OBJECT IDENTIFIER :  desCBC [1.3.14.3.2.7] 
                                                       SEQUENCE :  
                                                          OBJECT IDENTIFIER :  DES-EDE3-CBC [1.2.840.113549.3.7] 
                                              SEQUENCE :  
                                                 OBJECT IDENTIFIER :  subjectKeyIdentifier [2.5.29.14] 
                                                 OCTET STRING :  
                                                    OCTET STRING :  
                                                       8192563AC431F8820C54C9D098 
                                                       4FD8C534639ECC 
                                              SEQUENCE :  
                                                 OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.10] 
                                                 OCTET STRING :  
                                                    SEQUENCE :  
                                                       SEQUENCE :  
                                                          OBJECT IDENTIFIER :  encryptedFileSystem [1.3.6.1.4.1.311.10.3.4] 
                                              SEQUENCE :  
                                                 OBJECT IDENTIFIER :  keyUsage [2.5.29.15] 
                                                 OCTET STRING :  
                                                    BIT STRING UnusedBits:5 :  
                                                       20 
                                              SEQUENCE :  
                                                 OBJECT IDENTIFIER :  extKeyUsage [2.5.29.37] 
                                                 OCTET STRING :  
                                                    SEQUENCE :  
                                                       OBJECT IDENTIFIER :  encryptedFileSystem [1.3.6.1.4.1.311.10.3.4] 
                                              SEQUENCE :  
                                                 OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.7] 
                                                 OCTET STRING :  
                                                    SEQUENCE :  
                                                       OBJECT IDENTIFIER :  
 [1.3.6.1.4.1.311.21.8.4014942.3497959.5914804.3829722.12246394.103.3066650.1537810] 
                                                       INTEGER : 100 
                                                       INTEGER : 2 
                               SEQUENCE :  
                                  OBJECT IDENTIFIER :  sha1withRSAEncryption [1.2.840.113549.1.1.5] 
                                  NULL :  
                               BIT STRING UnusedBits:0 :  
                                  31E945A575155D8F91E972DB26A52C8FAE16D7F5074365D 
                                  C2E585C8718AB09A4FBB67D8A78A63C76B14482A1DEDCAA 
                                  5B234035F3CFFABCAF3DEC24C5944ACE46A1BAFE857F310 
                                  7C21105C817FA88C0CCB23B88D2684327B40CB99E9A059F 
                                  3B95BAC6423740CA1B46B4DC58664863325004DCA2857C2 
                                  2B4117942CC7D39E86900 
                      SEQUENCE :  
                      SEQUENCE :  
          SET :  
             SEQUENCE :  
                INTEGER : 3 
                CONTEXT SPECIFIC (0) :  
                   8192563AC431F8820C54C9D0984FD8C534639ECC 
                SEQUENCE :  
                   OBJECT IDENTIFIER :  sha1 [1.3.14.3.2.26] 
                   NULL :  
                CONTEXT SPECIFIC (0) :  
                   SEQUENCE :  
                      OBJECT IDENTIFIER :  contentType [1.2.840.113549.1.9.3] 
                      SET :  
                         OBJECT IDENTIFIER :  [1.3.6.1.5.5.7.12.2] 
                   SEQUENCE :  
                      OBJECT IDENTIFIER :  messageDigest [1.2.840.113549.1.9.4] 
                      SET :  
                         OCTET STRING :  
                            5E1F0FF028A4FE910DC22F1A18787E2E107F1739 
                   SEQUENCE :  
                      OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.20] 
                      SET :  
                         SEQUENCE :  
                            INTEGER : 1 
                            UTF8 STRING :  
                               'dcross-stress.contoso.com' 
                            UTF8 STRING : 'CONTOSO0\avibm' 
                            UTF8 STRING : 'certreq' 
                SEQUENCE :  
                   OBJECT IDENTIFIER :  rsaEncryption [1.2.840.113549.1.1.1] 
                   NULL :  
                OCTET STRING :  
                   C1AE90A7A30B5266EAC4D004172E949514200653AA5EA3C2BF17C7731DA8EB 
                   1A635CE1DC4F5AD9FB44EF2D9E8C9F961800DBEBC1ADE14E0459A8B46880DF 
                   01A177FC9B02B89113638F3A6A3B3ED0765BD16B905D6BCB404F65E79AAB12 
                   97F2F9F52D68D13373D41D510D97A954800368F8DEDEE13D8635EBF4364512 
                   17407F1A 
                CONTEXT SPECIFIC (1) :  
                   SEQUENCE :  
                      OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.13] 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  envelopedData [1.2.840.113549.1.7.3] 
                            CONTEXT SPECIFIC (0) :  
                               SEQUENCE :  
                                  INTEGER : 0 
                                  SET :  
                                     SEQUENCE :  
                                        INTEGER : 0 
                                        SEQUENCE :  
                                           SEQUENCE :  
                                              SET :  
                                                 SEQUENCE :  
                                                    OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                                                    IA5 STRING :  
                                                       'com' 
                                              SET :  
                                                 SEQUENCE :  
                                                    OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                                                    IA5 STRING :  
                                                       'contoso' 
                                              SET :  
                                                 SEQUENCE :  
                                                    OBJECT IDENTIFIER :  commonName [2.5.4.3] 
                                                    PRINTABLE STRING :  
                                                       'TestEnrollment' 
                                           INTEGER :  
                                              18D0100D00000000005B 
                                        SEQUENCE :  
                                           OBJECT IDENTIFIER :  rsaEncryption [1.2.840.113549.1.1.1] 
                                           NULL :  
                                        OCTET STRING :  
                                           A41AAE9CDA66F283D6D4BC829D2F58BCECFD3F 
                                           5A57EC8AE14021179AE5F93F03AE90747FD300 
                                           4573ED78F802E02AB3C6ADEDEAA367069DA399 
                                           8E1D2D34ABEEFF0F8DE2CB76078C56D883BD94 
                                           D7CE9C5CD75F5E3F442A467F74E07C5A434E4A 
                                           F1BDD6EC493F3A870764B6CC6446FA5D674255 
                                           D93F248DE23E0D96902C79901800 
                                  SEQUENCE :  
                                     OBJECT IDENTIFIER :  data [1.2.840.113549.1.7.1] 
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  DES-EDE3-CBC [1.2.840.113549.3.7] 
                                        OCTET STRING :  
                                           06003B8D3EB4B44C 
                                     CONTEXT SPECIFIC (0) :  
                                        D4A631B65AEE6290CC17B17A6A0D409A33FD11140 
                                        BAE12BD3B32B873AFCC1B76A4022D0FB2B50E431A 
                                        1E48C8D45865EC5B730D7357D61C9495235143381 
                                        19CDBF34C5455B73C9FF38AEFBC4E32DD8145647B 
                                        46B0B4A60D29D062051F116C6BA49253D4590944A 
                                        7CCB70F43E7E850B34DE55074B3C5FF5AE1C5A18C 
                                        6BC271D1F2BC3FBBE19558252C894110CC801292D 
                                        63DA1485BDB957270E6C1A38FE33D672EA3E8D031 
                                        CD7BCFEF5C738818DCC43A6F76F3EC81701C561DF 
                                        9FA6032C47236D9A16973BDF6A033F4925CC5B491 
                                        C00C635C65F744C8FEBE19B1EDD2172AE3A7CFB70 
                                        87A6BCAE7BB52BCEEF412889C4A45ACAE0ACC0E43 
                                        A14C7AA34FB4B4C49360ADD0C65D1494B792E04D7 
                                        8D43C2EDB79974B5C08C87E0C72767C26A2EBF6F0 
                                        E273269D139F2D6F451301944B76218D9BD4C5931 
                                        50C79FA5DA1AF1383E5342EC2F5318E2404774345 
                                        B82A0CB4EE26FC0D59A1D18EDBBEFF6135675D014 
                                        293470B301CC59387C4E627E1F6B038A158A927B9 
                                        160387104BFC5466B7FB4107DF02D136E076F2CAD 
                                        94718ADD9F93C0D376A80A6E3796C6236888E6517 
                                        1D36A0F3BFAA8B8E44FC8DA426F3F19128A910D83 
                                        71A7D68CDFEFCA0BBF32888D8AC679975AE43BB6D 
                                        209D61F82EEA2463616E905177E929CFD3D85C8ED 
                                        8ED1EDCECA01CA1580960E87D57591817C863FE33 
                                        757F527DC7C6457ED5CEDC3BE1597A05BFB10A145 
                                        522C98AF266A992CC607434D3421D57A80195D052 
                                        557AE89652193B840FC27CB343C2C242445453E78 
                                        9E6E397DFC84363B4EAE801DF1BE2993D1AF13256 
                                        A1390C4B7D51127CC55FF0B1184D4E87967961E86 
                                        B722E1048C0

Response:

SEQUENCE :  
    OBJECT IDENTIFIER :  signedData [1.2.840.113549.1.7.2] 
    CONTEXT SPECIFIC (0) :  
       SEQUENCE :  
          INTEGER : 3 
          SET :  
             SEQUENCE :  
                OBJECT IDENTIFIER :  sha1 [1.3.14.3.2.26] 
                NULL :  
          SEQUENCE :  
             OBJECT IDENTIFIER :  [1.3.6.1.5.5.7.12.3] 
             CONTEXT SPECIFIC (0) :  
                OCTET STRING :  
                   SEQUENCE :  
                      SEQUENCE :  
                         SEQUENCE :  
                            INTEGER : 1 
                            OBJECT IDENTIFIER :  [1.3.6.1.5.5.7.7.1] 
                            SET :  
                               SEQUENCE :  
                                  INTEGER : 0 
                                  SEQUENCE :  
                                     INTEGER : 1 
                                  UTF8 STRING : 'Issued' 
                         SEQUENCE :  
                            INTEGER : 2 
                            OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.10.10.1] 
                            SET :  
                               SEQUENCE :  
                                  INTEGER : 0 
                                  SEQUENCE :  
                                     INTEGER : 1 
                                  SET :  
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.17] 
                                        SET :  
                                           OCTET STRING :  
                                              DE73D68A50323310A01EEDDF66188213DC9 
                                              CD490 
                                     SEQUENCE :  
                                        OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.21] 
                                        SET :  
                                           OCTET STRING :  
                                              9231E6C0B87445190EA2CA934B2807FF799 
                                              3C59F 
                      SEQUENCE :  
                      SEQUENCE :  
          CONTEXT SPECIFIC (0) :  
             SEQUENCE :  
                SEQUENCE :  
                   CONTEXT SPECIFIC (0) :  
                      INTEGER : 2 
                   INTEGER :  
                      172B1FB96BBBF2BA49A64EBEA41833EF 
                   SEQUENCE :  
                      OBJECT IDENTIFIER :  sha1withRSAEncryption [1.2.840.113549.1.1.5] 
                      NULL :  
                   SEQUENCE :  
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'com' 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'contoso' 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  commonName [2.5.4.3] 
                            PRINTABLE STRING :  
                               'TestEnrollment' 
                   SEQUENCE :  
                      UTC TIME : '040210162354Z' 
                      UTC TIME : '090210162738Z' 
                   SEQUENCE :  
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'com' 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'contoso' 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  commonName [2.5.4.3] 
                            PRINTABLE STRING :  
                               'TestEnrollment' 
                   SEQUENCE :  
                      SEQUENCE :  
                         OBJECT IDENTIFIER :  rsaEncryption [1.2.840.113549.1.1.1] 
                         NULL :  
                      BIT STRING UnusedBits:0 :  
                         SEQUENCE :  
                            INTEGER :  
                               00E23136361B94412ABD67C376C6AC882B50F45D9AD28719C1 
                               5B0F3125CB352E19F5A381A33FF2971CC4702747BD94C3EE93 
                               75493C1A48F5174BE1F8135CCFB641F3EE6042C4771E8E176A 
                               7B65E49E407903072C28E2CC92153454664630FDA3CC70A805 
                               086B586592AF45BFFE5CC82DCF1ED622DD9BE4ECF64D635600 
                               9338C96F7D2EF77447F3ACD2AFC9C76EBC7A77DAAA9245A0EE 
                               0398D041B37DD78BD77C46D84A808AECDB88EC4319B1E6ADB9 
                               19053A84D3403163003EE696F65E0A55F5EA7A4955870D451E 
                               E4A0AB684EE6ED503437A3F4388DC96A00A9F7D26E3527B3D0 
                               F657EFB8E431B24A97ADBD1475DAF545B9754856200E640E42 
                               CA8BF78614A953 
                            INTEGER : 65537 
                   CONTEXT SPECIFIC (3) :  
                      SEQUENCE :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.20.2] 
                            OCTET STRING :  
                               BMP STRING : 'CA' 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  keyUsage [2.5.29.15] 
                            OCTET STRING :  
                               BIT STRING UnusedBits:1 :  
                                  86 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  basicConstraints [2.5.29.19] 
                            BOOLEAN : 'FF' 
                            OCTET STRING :  
                               SEQUENCE :  
                                  BOOLEAN : 'FF' 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  subjectKeyIdentifier [2.5.29.14] 
                            OCTET STRING :  
                               OCTET STRING :  
                                  10C8E49879236E65350924C24EFB074EFB5F4AA0 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  cRLDistributionPoints [2.5.29.31] 
                            OCTET STRING :  
                               SEQUENCE :  
                                  SEQUENCE :  
                                     CONTEXT SPECIFIC (0) :  
                                        CONTEXT SPECIFIC (0) :  
                                           CONTEXT SPECIFIC (6) :  
                                              'ldap:///CN=TestEnrollment,CN=dcross' 
                                              '-stress,CN=CDP,CN=Public%20Key%20Se' 
                                              'rvices,CN=Services,CN=Configuration' 
                                              ',DC=contoso,DC=com?certificateRevoc' 
                                              'ationList?base?objectClass=cRLDistr' 
                                              'ibutionPoint' 
                                           CONTEXT SPECIFIC (6) :  
                                              'https://dcross-stress.contoso.com/Ce' 
                                              'rtEnroll/TestEnrollment.crl' 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.1] 
                            OCTET STRING :  
                               INTEGER : 0 
                SEQUENCE :  
                   OBJECT IDENTIFIER :  sha1withRSAEncryption [1.2.840.113549.1.1.5] 
                   NULL :  
                BIT STRING UnusedBits:0 :  
                   CA9E6760A8DFB0D213E90D7450B5C7A7C5C920760D01EB45E4F46A23780841 
                   40EDE1A37BA123934C06A39F9638F86C9A50258E43E71DE44239A20DFD6EAE 
                   C636F6B50C964EF23A72B349F35530A96CC99AF8937F22F684AF5E39E64C90 
                   F49C0D87621BBB13DE9FAF84609C26C5ECEB37F479CAEF826D36C19FD5C80D 
                   B865D0C6FF287DE8FF0CD3FE0476E514ED82D9A23DCB684D28E3B93A229A7B 
                   D4DAF89E9A2F2D62599B91E8746830BCF88947611A82E9893137ABBA74B489 
                   6C9C1492DCA2A7FA75F46451C7838EC0E9FB5D9222D3895C116C2C13E3995F 
                   6D56ACB5F62FD7B764FAAB5AF0B5EA73AF3211B40AE44697DCB6E0D28E88E9 
                   00037A506832C0BA 
             SEQUENCE :  
                SEQUENCE :  
                   CONTEXT SPECIFIC (0) :  
                      INTEGER : 2 
                   INTEGER : '18E922D0000000000060' 
                   SEQUENCE :  
                      OBJECT IDENTIFIER :  sha1withRSAEncryption [1.2.840.113549.1.1.5] 
                      NULL :  
                   SEQUENCE :  
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'com' 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'contoso' 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  commonName [2.5.4.3] 
                            PRINTABLE STRING :  
                               'TestEnrollment' 
                   SEQUENCE :  
                      UTC TIME : '040812185455Z' 
                      UTC TIME : '050812185455Z' 
                   SEQUENCE :  
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'com' 
                      SET :  
                         SEQUENCE :  
                              OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                              IA5 STRING : 'contoso' 
                        SET :  
                           SEQUENCE :  
                              OBJECT IDENTIFIER :  commonName [2.5.4.3] 
                              PRINTABLE STRING : 'Users' 
                        SET :  
                           SEQUENCE :  
                              OBJECT IDENTIFIER :  commonName [2.5.4.3] 
                              PRINTABLE STRING :  
                                 'Avi Ben-Menahem' 
                     SEQUENCE :  
                        SEQUENCE :  
                           OBJECT IDENTIFIER :  rsaEncryption [1.2.840.113549.1.1.1] 
                           NULL :  
                        BIT STRING UnusedBits:0 :  
                           SEQUENCE :  
                              INTEGER :  
                                 00DAFF7C6859557C698CDA4598222E8E90EEB481889531E9F6 
                                 7F10C081F2545B060BE7714E755325AC710774764DCA8120C6 
                                 BEB7B6EF74B0260EDD56DD299B242A94EE83C420AC7FF0E694 
                                 122E26EF67670782223C4E8D812C98047F24E10CF6A26FEBEE 
                                 B826638924F36B697CEA02EFC4CA0D108CB85047266AD27DE5 
                                 82D181A1 
                              INTEGER : 65537 
                     CONTEXT SPECIFIC (3) :  
                        SEQUENCE :  
                           SEQUENCE :  
                              OBJECT IDENTIFIER :  sMIMECapabilities [1.2.840.113549.1.9.15] 
                              OCTET STRING :  
                                 SEQUENCE :  
                                    SEQUENCE :  
                                       OBJECT IDENTIFIER :  rc2CBC [1.2.840.113549.3.2] 
                                       INTEGER : 128 
                                    SEQUENCE :  
                                       OBJECT IDENTIFIER :  rc4 [1.2.840.113549.3.4] 
                                       INTEGER : 128 
                                    SEQUENCE :  
                                       OBJECT IDENTIFIER :  desCBC [1.3.14.3.2.7] 
                                    SEQUENCE :  
                                       OBJECT IDENTIFIER :  DES-EDE3-CBC [1.2.840.113549.3.7] 
                           SEQUENCE :  
                              OBJECT IDENTIFIER :  subjectKeyIdentifier [2.5.29.14] 
                              OCTET STRING :  
                                 OCTET STRING :  
                                    8192563AC431F8820C54C9D0984FD8C534639ECC 
                           SEQUENCE :  
                              OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.10] 
                              OCTET STRING :  
                                 SEQUENCE :  
                                    SEQUENCE :  
                                       OBJECT IDENTIFIER :  encryptedFileSystem [1.3.6.1.4.1.311.10.3.4] 
                           SEQUENCE :  
                              OBJECT IDENTIFIER :  keyUsage [2.5.29.15] 
                              OCTET STRING :  
                                 BIT STRING UnusedBits:5 :  
                                    20 
                           SEQUENCE :  
                              OBJECT IDENTIFIER :  extKeyUsage [2.5.29.37] 
                              OCTET STRING :  
                                 SEQUENCE :  
                                    OBJECT IDENTIFIER :  encryptedFileSystem [1.3.6.1.4.1.311.10.3.4] 
                           SEQUENCE :  
                              OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.21.7] 
                              OCTET STRING :  
                                 SEQUENCE :  
                                    OBJECT IDENTIFIER :   
                     [1.3.6.1.4.1.311.21.8.4014942.3497959.5914804.3829722.12246394.103.3066650.1537810] 
                                  INTEGER : 100 
                                  INTEGER : 2 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  authorityKeyIdentifier [2.5.29.35] 
                            OCTET STRING :  
                               SEQUENCE :  
                                  CONTEXT SPECIFIC (0) :  
                                     10C8E49879236E65350924C24EFB074EFB5F4AA0 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  cRLDistributionPoints [2.5.29.31] 
                            OCTET STRING :  
                               SEQUENCE :  
                                  SEQUENCE :  
                                     CONTEXT SPECIFIC (0) :  
                                        CONTEXT SPECIFIC (0) :  
                                           CONTEXT SPECIFIC (6) :  
                                              'ldap:///CN=TestEnrollment,CN=dcross' 
                                              '-stress,CN=CDP,CN=Public%20Key%20Se' 
                                              'rvices,CN=Services,CN=Configuration' 
                                              ',DC=contoso,DC=com?certificateRevoc' 
                                              'ationList?base?objectClass=cRLDistr' 
                                              'ibutionPoint' 
                                           CONTEXT SPECIFIC (6) :  
                                              'https://dcross-stress.contoso.com/Ce' 
                                              'rtEnroll/TestEnrollment.crl' 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  authorityInfoAccess [1.3.6.1.5.5.7.1.1] 
                            OCTET STRING :  
                               SEQUENCE :  
                                  SEQUENCE :  
                                     OBJECT IDENTIFIER :  caIssuers [1.3.6.1.5.5.7.48.2] 
                                     CONTEXT SPECIFIC (6) :  
                                        'ldap:///CN=TestEnrollment,CN=AIA,CN=Publi' 
                                        'c%20Key%20Services,CN=Services,CN=Configu' 
                                        'ration,DC=contoso,DC=com?cACertificate?ba' 
                                        'se?objectClass=certificationAuthority' 
                                  SEQUENCE :  
                                     OBJECT IDENTIFIER :  caIssuers [1.3.6.1.5.5.7.48.2] 
                                     CONTEXT SPECIFIC (6) :  
                                        'https://dcross-stress.contoso.com/CertEnro' 
                                        'll/dcross-stress.contoso.com_TestEnrollme' 
                                        'nt.crt' 
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  subjectAltName [2.5.29.17] 
                            OCTET STRING :  
                               SEQUENCE :  
                                  CONTEXT SPECIFIC (0) :  
                                     OBJECT IDENTIFIER :  [1.3.6.1.4.1.311.20.2.3] 
                                     CONTEXT SPECIFIC (0) :  
                                        UTF8 STRING :  
                                           'avibm@contoso.com' 
                SEQUENCE :  
                   OBJECT IDENTIFIER :  sha1withRSAEncryption [1.2.840.113549.1.1.5] 
                   NULL :  
                BIT STRING UnusedBits:0 :  
                   9D0000D2CC5668BEE443EBDE5EE4CADA5D61C17C00B262A3F231726FD2E7A8 
                   500603B89BE123D577FA2AE592567FB96743A6AE9B57AE089B1C205D6552F5 
                   5D60DD825D94D27301527FDB275035473DFC16A4F0C4886036A50CA1D320E3 
                   D284744CC0E552D1FFB24CD6110E6B17C86F830B5CC7A7E1791930320373CA 
                   C4E667BC372983597713CF8608389A6C82F9079FF8666C867BF2243DE5A22C 
                   20DBDBAD788A77758B68D9260EA5040A2F5C97C1AD80144F06F714D20BF671 
                   96BE5774D16080A9EAA5933C3C7EA34AE3F41DC001E0C2F83EA7AFAADA4812 
                   D0F27C48E288A20C44F085F328CCE6F478D6E4E89131D8EF43DA7B23DA39C9 
                   8CB15DE2EBA2BC8F 
          SET :  
             SEQUENCE :  
                INTEGER : 1 
                SEQUENCE :  
                   SEQUENCE :  
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'com' 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  domainComponent [0.9.2342.19200300.100.1.25] 
                            IA5 STRING : 'contoso' 
                      SET :  
                         SEQUENCE :  
                            OBJECT IDENTIFIER :  commonName [2.5.4.3] 
                            PRINTABLE STRING :  
                               'TestEnrollment' 
                   INTEGER :  
                      172B1FB96BBBF2BA49A64EBEA41833EF 
                SEQUENCE :  
                   OBJECT IDENTIFIER :  sha1 [1.3.14.3.2.26] 
                   NULL :  
                CONTEXT SPECIFIC (0) :  
                   SEQUENCE :  
                      OBJECT IDENTIFIER :  contentType [1.2.840.113549.1.9.3] 
                      SET :  
                         OBJECT IDENTIFIER :  [1.3.6.1.5.5.7.12.3] 
                   SEQUENCE :  
                      OBJECT IDENTIFIER :  messageDigest [1.2.840.113549.1.9.4] 
                      SET :  
                         OCTET STRING :  
                            17CEEAA968CDD0A92DFC7E9AA174F87755AD8A87 
                SEQUENCE :  
                   OBJECT IDENTIFIER :  rsaEncryption [1.2.840.113549.1.1.1] 
                   NULL :  
                OCTET STRING :  
                   C5D3AC35D5AAE5766640A2EF87D8ED005BB9BD63D51B10D803EEFEA1261161 
                   3031241F695A2EDFF0240EE624D22FECB5AB6B74FD97A5DB12B3B873558AD5 
                   0BC6DB59E438A7150A27749F53CBA447CD0751D7D49EEE3EBD1BBB20234887 
                   5DD11DE26764DDEB2EBFA1E0023DD8CECF9C2530E2D0886FF26EAB747635A7 
                   A57B7CA154BD0083A1DA891A35C3CD7EF5BA735FBCD2FD811FABE68C988C4D 
                   172572BE63AE0575CF646756D4E66B2B127A699119368AAFB8B54661D317AF 
                   2DF2622A0FFF01F18D5EF261E830107BD7F58848813CA6C0F8BF681A214E37 
                   13618340D6DE9594829FB2B2DB1CFF973DC01F22D982846E474DDB9767D1BF 
                   51E8C66F934593B5

Recovery BLOB Structure

When stored in the CA database, the private key is stored as a PKCS #7 message, encrypted with a 3DES symmetric key that is encrypted to the KRA(s) public key as a column in the CA database. When the recovery BLOB is retrieved by the certutil –getkey command, the encrypted PKCS #7 and the KRA certificate hashes are retrieved from the database. Also, the encrypted PKCS #7 is wrapped inside a signed PKCS #7 to allow collecting the previous certificates and attaching them to the signed PKCS #7. The PKCS #7 is not protected with a password since it is already protected by the public key of the recovery agent(s). The outer PKCS #7 wrapper can contain the certificate chains for the recovery agent(s) and the end-entity to facilitate the recovery operations and construction of the end-entity PKCS #12 file. Figure 47 illustrates the recovery BLOB structure.

The recovery BLOB consists of wrapping the encrypted PKCS #7 in the database in another (signed) PKCS #7 to allow a number of certificates to be included in the recovery BLOB. The returned certificates include the full chain of the user certificate being recovered, the chain of the signing CA certificate (which may differ from the CA certificate under which the user certificate was issued), and the KRA certificates to which the key was encrypted. The szOID_ARCHIVED_KEY_CERT_HASH(1.3.6.1.4.1.311.21.16) is an attribute containing the SHA-1 hash of the certificate for the key being recovered, attached as an authenticated attribute to the CA signature of the recovery BLOB. This allows certutil -recoverkey recoveryblobfile to also display the Subject name of the KRA certificate(s) used to protect the private key BLOB.

Art Image

Figure 47:  Recovery BLOB

ASN.1 Structure

The following is the ASN.1 structure of the PKCS #7 EnvelopedData object.

EnvelopedData ::= SEQUENCE {

version                             Version,

recipientInfos                    RecipientInfos,

encryptedContentInfo        EncryptedContentInfo

}

Storing the recovery BLOB as an enveloped PKCS #7 enables a recovery agent to retrieve the recovery BLOB from the CA database. The recovery agent’s private key is used to decrypt the EncryptedContentInfo to extract the PKCS #12 data. The following is the ASN.1 structure of the EncryptedContentInfo body.

EncryptedContentInfo ::= SEQUENCE {

contentType                          ContentType,

contentEncryptionAlgorithm    ContentEncryptionAlgorithmIdentifier,

encryptedContent[0]              IMPLICIT EncryptedContent OPTIONAL

}

By definition, there can be multiple recovery agent certificates specified by RecipientInfo, where IssuerAndSerialNumber is used to disambiguate between multiple recovery agent certificates. Only the recovery agent certificates included in the RecipientInfo body of the enveloped PKCS #7 object can be used to recover the archived key material. The following is the ASN.1 structure of the RecipientInfo body.

RecipientInfo ::= SEQUENCE {

version                           Version,

issuerAndSerialNumber    IssuerAndSerialNumber,

keyEncryptionAlgorithm    KeyEncryptionAlgorithmIdentifier,

encryptedKey                  EncryptedKey

}