Home Library Learn Downloads Support Community
Sign in | United States - English | |
3 out of 3 rated this helpful Rate this topic

Public Key BLOBs

Public key BLOBs, type PUBLICKEYBLOB, are used to store RSA public keys. They have the following format.

Copy 
BLOBHEADER blobheader;
RSAPUBKEY rsapubkey;
BYTE modulus[rsapubkey.bitlen/8];

Notice that public key BLOBs are not encrypted but contain public keys in plaintext form.

The RSAPUBKEY structure contains information specific to the particular public key contained in the key BLOB. It is defined as follows.

Copy 
typedef struct _RSAPUBKEY {
  DWORD magic; 
  DWORD bitlen;
  DWORD pubexp;
} RSAPUBKEY;

The following table describes each of the fields in the RSAPUBKEY structure.

FieldDescription
bitlenNumber of bits in the modulus. In practice, this must always be a multiple of eight.
magic This is set to "RSA1" (0x31415352) for public keys and to "RSA2" (0x32415352) for private keys. These hexadecimal values are an ASCII encoding of "RSA1" and "RSA2".
pubexpThe public exponent.

 

The public key modulus data is located directly after the RSAPUBKEY structure. The size of this data will vary depending on the size of the public key. The number of bytes can be determined by dividing the value of the bitlen member of RSAPUBKEY by eight.

Sample Public Key BLOB

The following hexadecimal example shows a sample public key BLOB, generated by the Microsoft Base Cryptographic Provider. This contains a key exchange public key.

Copy 
0x00000000 06 02 00 00 00 a4 00 00  ........
0x00000008 52 53 41 31 00 02 00 00  RSA1....
0x00000010 01 00 01 00 e1 94 84 7a  .......z
0x00000018 27 4c 7b da db c5 99 dd  'L{.....
0x00000020 ed 20 1a b8 66 44 21 dc  . ..fD!.
0x00000028 10 e5 ee 48 62 39 ae 8f  ...Hb9..
0x00000030 cf 17 81 f0 37 8b b5 46  ....7..F
0x00000038 a9 65 b7 4e 75 83 84 4e  .e.Nu..N
0x00000040 4f ce f1 f2 ad a0 b1 22  O......"
0x00000048 09 ec c2 30 96 f8 27 2b  ...0..'+
0x00000050 33 cf a4 be              3...

Notice that the BLOBHEADER and RSAPUBKEY structures have been assigned the following values, and the last 64 bytes of the BLOB contain the public key's modulus data.

Copy 
blobheader.bType    = PUBLICKEYBLOB;      // 0x06
blobheader.bVersion = CUR_BLOB_VERSION;   // 0x02
blobheader.reserved = 0;                  // 0x0000
blobheader.aiKeyAlg = CALG_RSA_KEYX;      // 0x0000a400
rsapubkey.magic     = 0x31415352;         // "RSA1"
rsapubkey.bitlen    = 512;                // 0x00000200
rsapubkey.pubexp    = 65537;              // 0x00010001

When filling in the BLOBHEADER structure, place zero in the reserved field.

 

 

Send comments about this topic to Microsoft

Build date: 9/7/2011

Did you find this helpful?
(1500 characters remaining)
Community Content Add
Annotations FAQ
WARNING, the modulus is defined as LITTLE ENDIAN in PUBLICKEYBLOB
A frequent error is to try to build a PUBLICKEYBLOB using BIG endian data from another cryptosystem. or try to copy the little endian modulus from a PUBLICKEYBLOB into another cryptosystem which expects BIG endian.
History