Sensitive Credential Elements

Data that is declared sensitive must be protected by being wrapped.

Wrapped Sensitive Data

All wrapped sensitive data is transported from the Credential Provider to ActivID CMS using the standard PKCS#1 v1.5 RSAES-PKCS1- v1_5 scheme using 3DES in Cipher-Block Chaining (CBC) encryption mode. All data is double-wrapped for uniformity and to facilitate encryption of large amounts of data (larger than the public key). Double-wrapped data is data to which the following functions have been applied:

  • Generated a symmetric session key

  • Encrypted the data using the symmetric session key

  • Wrapped the symmetric session key with a public transport key

Each CredentialProviderContext that requires secure transport of data should use the transport encryption certificate that is provided in the CredentialProviderConfiguration by ActivID CMS as an information attribute.

Sensitive data should be transported from the Credential Provider to ActivID CMS as a CRMF.EncryptedValue ASN.1 DER- encoded (Distinguished Encoding Rules) value that has been converted to Base64 representation. The structure of these encoded values are described in the following sections.

Level 1: DER-Encoded CRMF.EncryptedValue

The ASN.1 definition of the CRMF.EncryptedValue required by ActivID CMS is:

Copy 
EncryptedValue ::= SEQUENCE {
intendedAlg [0] AlgorithmIdentifier OPTIONAL,

  • The intended algorithm for which the value will be used

Copy 
symmAlg [1] AlgorithmIdentifier OPTIONAL,

  • The symmetric algorithm used to encrypt the value

Copy 
encSymmKey [2] BIT STRING OPTIONAL,

  • The (encrypted) symmetric key used to encrypt the value

Copy 
keyAlg [3] AlgorithmIdentifier OPTIONAL,

  • A brief description or identifier of the encValue content

Copy 
valueHint [4] OCTET STRING OPTIONAL,

  • This may be meaningful only to the sending entity, and only if the EncryptedValue might be re-examined by sending the entity in the future

Copy 
encValue BIT STRING

  • The encrypted value itself

Copy 
}

where

  • symmAlg indicates DESede/CBC/PKCS5Padding (OID 1.2.840.113549.3.7).

  • encSymmKey contains a DESede key that has been encrypted with RSA/ECB/PKCS1Padding (OID 1.2.840.113549.1.1.1) using the ActivID CMS RSA transport certificate.

  • encValue contains the sensitive data value encrypted with the DESede key according to the symmAlg algorithm; when the sensitive data value is a private key, this should be a PKCS#8 PrivateKeyInfo DER-encoded value.

  • Other parts of the EncryptedValue structure are not required.

Level 2: DER-Encoded PKCS#8 PrivateKeyInfo (for RSA Private Keys)

Once encValue has been decrypted with the DESede key, the ASN.1 definition of the PrivateKeyInfo is:

Copy 
PrivateKeyInfo ::= SEQUENCE { 
version Version,
privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, 
privateKey PrivateKey
attributes [0] IMPLICIT Attributes OPTIONAL
}

where:

  • version is the syntax version number.

  • PrivateKeyAlgorithmIdentifier indicates the RSA/ECB/PKCS1Padding (OID 1.2.840.113549.1.1.1).

  • PrivateKey is a PKCS#1 RSAPrivateKey DER-encoded value.

  • attributes is not required.

Level 3: DER-Encoded PKCS#1 RSAPrivateKey (for RSA Private Keys)

The ASN.1 definition of the PrivateKey attribute of the PKCS#8 object is:

Copy 
RSAPrivateKey ::= SEQUENCE { 
version Version,

  • an INTEGER version number; 0 for this standard

Copy 
modulus INTEGER,

  • n

Copy 
publicExponent INTEGER,

  • e

Copy 
privateExponent INTEGER,

  • d

Copy 
prime1 INTEGER,

  • primeP (p) (first prime factor of n)

Copy 
prime2 INTEGER,

  • primeQ (q) (second prime factor of n)

Copy 
exponent1 INTEGER,

  • primeExponentP: d mod (p - 1)

Copy 
exponent2 INTEGER,

  • primeExponentQ: d mod (q - 1)

Copy 
crtCoefficient INTEGER

  • Chinese Remainder Theorem ((inverse of q) mod p)

Copy 
}