Share via

3.6 EncryptionHeader Structure

  • Article

This section provides an example of an EncryptionHeader structure (section 2.3.2) used by Office Binary Document RC4 CryptoAPI Encryption (section 2.3.5) to specify the encryption properties for an encrypted stream (1).

 00001400:                                       04 00 00 00
 00001410:  00 00 00 00 01 68 00 00  04 80 00 00 28 00 00 00
 00001420:  01 00 00 00 B0 0A 86 02  00 00 00 00 4D 00 69 00
 00001430:  63 00 72 00 6F 00 73 00  6F 00 66 00 74 00 20 00
 00001440:  42 00 61 00 73 00 65 00  20 00 43 00 72 00 79 00
 00001450:  70 00 74 00 6F 00 67 00  72 00 61 00 70 00 68 00
 00001460:  69 00 63 00 20 00 50 00  72 00 6F 00 76 00 69 00
 00001470:  64 00 65 00 72 00 20 00  76 00 31 00 2E 00 30 00


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

Flags

SizeExtra

AlgID

AlgIDHash

KeySize

ProviderType

Reserved1

Reserved2

CSPName

...

Flags (4 bytes): 0x00000004 specifies that the encryption algorithm uses CryptoAPI encryption.

SizeExtra (4 bytes): 0x00000000 is the value in a reserved field.

AlgID (4 bytes): 0x00006801 specifies that the encryption algorithm used is RC4.

AlgIDHash (4 bytes): 0x00008004 specifies that SHA-1 is the hashing algorithm that is used.

KeySize (4 bytes): 0x00000028 specifies that the key is 40 bits long.

ProviderType (4 bytes): 0x00000001 specifies that RC4 is the provider type.

Reserved1 (4 bytes): 0x02860AB0 is the value in a reserved field.

Reserved2 (4 bytes): 0x00000000 is the value in a reserved field.

CSPName (variable): "Microsoft Base Cryptographic Provider v1.0" specifies the name of the cryptographic provider supplying the RC4 implementation that was used to encrypt the file.