7. INTRODUCTION of PKCS#8
� This standard describes a syntax for private-key information.
� Private-key information includes a private key for some
public-key algorithm and a set of attributes.
8. Private-key information syntax
Private-key information shall have ASN.1 type PrivateKeyInfo:
PrivateKeyInfo ::= SEQUENCE {
version Version,
privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
privateKey PrivateKey,
attributes [0] IMPLICIT Attributes OPTIONAL
}
Version ::= INTEGER
PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
PrivateKey ::= OCTET STRING
Attributes ::= SET OF Attribute
9. Encrypted private-key information syntax
Encrypted private-key information shall have ASN.1 type
EncryptedPrivateKeyInfo:
EncryptedPrivateKeyInfo ::= SEQUENCE {
encryptionAlgorithm EncryptionAlgorithmIdentifier,
encryptedData EncryptedData }
EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
EncryptedData ::= OCTET STRING
10. Private-key Example
BER(Basic Encoding Rules)
- Format : TLV (Type + Length + Value)
- Reference : http://en.wikipedia.org/wiki/Basic_Encoding_Rules
http://www.vijaymukhi.com/vmis/ber.htm
Private-key(HEX Code)
: Type0 0 1 1 0 0 0 0
Class : 00=Universal
Primitive/construected : 1= Non Primitive Data-type -constructed
Number : 16=SEQUENCE
11. Private-key Example
: Length1000 0010
MSB : 1= 1~7bit-Length = 2Byte Length
02 D0
Length : 720
: Length0001 1010
MSB : 0= 1~7bit=Length = 26
Valu
e
Value =
OID
rsaEncryption OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
rsadsi(113549) pkcs(1) pkcs-1(1) 1 }
Private-key
OID Repository : http://www.oid-info.com/