2.2.2.2.7 Key Agreement Datum

 The Key Agreement datum encapsulates the parameters necessary to decrypt a key agreement protector (ProtectorType of 0x0001).


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

EFSX_Datum

...

KeyAgmtFlags

Data_Fields (variable)

...

EFSX_Datum (8 bytes): MUST be formatted as specified in section 2.2.2.2.2. The datum Type MUST be EFSX_TYPE_KEY_AGMT_DATA (0x0005). The datum Flags SHOULD include 0x0002, indicating a complex datum.

KeyAgmtFlags (2 bytes): This field is reserved and SHOULD be set to 0x0000.

Data_Fields (variable): This field contains any number of nested EFSX_Datum structures. The nested datum structures MUST NOT overlap, and MUST be entirely contained within the Key Agreement datum. This field SHOULD contain three datum structures of type EFSX_TYPE_BLOB (0x0001) and Roles of 0x0007, 0x0008, and 0x0009. The public keys referenced by Roles 0x0008 and 0x0009 MUST have BlobType set to 0x0001.