Re: Asymmetric key pairs storage format

According to <1.41421@xxxxxxxxx>:
I would be interested to store RSA and DSA key pairs (that is,
both private and public keys) to persistent storage in a platform-
independent way. I am not aware of any officially anointed formats out
there for this purpose, but maybe somebody in this forum knows better.

For RSA, PKCS#1 includes an ASN.1 syntax for a serialization format
of a RSA private key. It so happens that the RSA private key includes
the modulus and public exponent, i.e. all the elements which constitute
the public key, hence that serialized private key can be viewed as
a serialized key pair.

For DSA, there is an ASN.1-based serialization hidden in PKCS#11 (when
talking about wrapping private keys, section 12.6 in version 2.20 of
PKCS#11). Basically, two objects are defined, one holding the DSA
"parameters" (p, q and g) and the other the private key itself as an
INTEGER (the value x). The public key (y) can be recomputed from the
private key through a simple modular exponentiation (y = g^x mod p).

A common "bag" for both formats is PKCS#8. PKCS#8 contains an identifier
for the key type, and then the private key itself serialized in a format
appropriate for that key type.

The PKCS can be downloaded for free from the RSA Labs web site, currently
there:
http://www.rsa.com/rsalabs/node.asp?id=2124

If you are new to ASN.1, you can find some free and detailed information
at:
http://www.oss.com/asn1/larmouth.html
(and you will curse me forever, for sending you unwarned into the
hellish realm of ASN.1.)

Alternatively, you may simply use some existing code which handles
PKCS#8 and knows how to read and write RSA and DSA keys. In the C world,
you may try OpenSSL (www.openssl.org), which is quite common (and free,
and opensource). The Java standard library already contains some support
for PKCS#8.


--Thomas Pornin
.

Relevant Pages

  • Re: PEM Format Information
    ... > the Public and Private key formats used in RSA? ... Several formats can be used, it depends on the choice of the ... The way the syntax is described is using ASN.1 (Abstract ...
    (sci.crypt)
  • Re: import private key
    ... What format is the private key in? ... Importing certificate is easy. ... The only formats directly supported by CryptoAPI are ...
    (microsoft.public.platformsdk.security)
  • Re: Separating public and private keys
    ... Also, if you have the private key, you implicitly essentially ... have the public key, since the "public key" is essentially the modulus which is just ... It is also worth pointing out that there are several different encoded formats ... When you export the certificate you can decide if you want to export the ...
    (microsoft.public.platformsdk.security)
  • Re: Irony of stone-age interface for Unix-emulating XP box
    ... > if I create a private key for one of ssh or putty I can't use ... That's because PuTTY and OpenSSH use different formats for their ... an OpenSSH private key to its own format: ...
    (comp.os.linux.setup)
  • RE: PGP scripting...
    ... cryptosystems, ... In these systems divulging your private key compromises the public ... Here is a quick over view of the public key encryption routines (the ...
    (SecProg)