KI_PKCS_RSAPrivateBER

KI_PKCS_RSAPrivateBER

Purpose:

This KI is similar to KI_PKCS_RSAPrivate except that it uses the ASN.1 BER format. This KI allows you to parse and create an ASN.1 key info type that is encoded with the PKCS #8 standard. You call B_SetKeyInfo to initialize a key object from the encoded key info type that includes the modulus, exponents, two primes, and Chinese Remainder Theorem information. You call B_GetKeyInfo with this KI to create an encoded key info type from a key object that was created using KI_PKCS_RSAPrivate, KI_PKCS_RSAPrivateBER or KI_RSA_CRT. The OID for RSA PKCS #1 encryption, excluding the tag and length bytes, in decimal, is “42, 134, 72, 134, 247, 13, 1, 1, 1”. Also see KI_PKCS_RSAPrivate.

Type of information this allows you to use:

the encoding of an RSA private key that is encoded as a PKCS #8 PrivateKeyInfo type that contains a PKCS #1 RSAPrivateKey type. Note that this encoding contains all of the information specified by KI_PKCS_RSAPrivate.

Format of info supplied to B_SetKeyInfo:

pointer to an ITEM structure that gives the address and length of the BER encoding. The encoding is converted to DER before it is copied to the key object. B_SetKeyInfo returns BE_WRONG_KEY_INFO if the PrivateKeyInfo specifies a private key for an algorithm other than the RSA algorithm.

Format of info returned by B_GetKeyInfo:

pointer to an ITEM structure that gives the address and length of the DER encoding.

Can get this info type if key object already has:

KI_PKCS_RSAPrivate, KI_PKCS_RSAPrivateBER or KI_RSA_CRT.

2 7 8

R S A B S A F E C r y p t o - C L i b r a r y R e f e r e n c e M a n u a l

Page 288
Image 288
RSA Security 5 manual KIPKCSRSAPrivateBER