Exporting RSA/Schannel Keys

Master keys can be exported into SIMPLEBLOBs. This should be implemented the same way as the export of normal bulk encryption keys, such as RC4 or DES. The aiKeyAlg field of the BLOBHEADER structure should be set to the algorithm identifier of the master key (CALG_PCT1_MASTER, CALG_SSL2_MASTER, CALG_SSL3_MASTER, or CALG_TLS1_MASTER).

If the CPExportKey function is being used to export an SSL2 master key and the CRYPT_SSL2_SLUMMING flag is set, then the first 8 bytes of the encryption block padding should be set to 0x03 rather than to random data. This helps prevent version rollback attacks, and is discussed in the SSL3 specification.

If the CRYPT_DESTROYKEY flag is specified with the CPExportKey function, then the CSP should destroy the key (or the key handle) after exporting the key. This flag is intended for use only with opaque blobs. See the The Opaque Blob Type section.