2.2.2.9.1 RSA Private Key BLOB

  • Article

The following is the diagram of elements in the RSA private key BLOB that MUST be passed to the CA.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

Type

Version

Reserved

Key Alg

Magic

Bitlen

PubExp

Modulus (variable)

...

P (variable)

...

Q (variable)

...

Dp (variable)

...

Dq (variable)

...

Iq (variable)

...

D (variable)

...

Type (1 byte): Length MUST be 1 byte.

This field MUST be set to 0x07.

Version (1 byte): Length MUST be 1 byte.

This field MUST be set to 0x02.

Reserved (2 bytes): Length MUST be 2 bytes.

This field MUST be set to 0 and ignored upon receipt.

Key Alg (4 bytes): Length MUST be 4 bytes.

This field MUST be present as an unsigned integer in little-endian format.

Value MUST be 0x0000A400 (RSA_KEYX).

Magic (4 bytes): Length MUST be 4 bytes.

This field MUST be present as an unsigned integer in little-endian format.

Value MUST be 0x32415352 (RSA2).

Bitlen (4 bytes): Length MUST be 4 bytes.

This field MUST be present as an unsigned integer in little-endian format.

The value of this field MUST indicate the number of bits in the Rivest-Shamir-Adleman (RSA) modules. (This is the RSA key size.)

PubExp (4 bytes): Length MUST be 4 bytes.

This field MUST be present as an unsigned integer in little-endian format.

The value of this field MUST be the RSA public key exponent for this key. The client SHOULD set this value to 65,537.

Modulus (variable): This field MUST be of length ceil(bl/8), where bl is the value of the Bitlen field defined in the preceding diagram.

This field MUST be present as a byte string in little-endian format.

The value MUST be the RSA key modulus. The modulus is defined as p*q.

P (variable): This field MUST be of length ceil(bl/16), where bl is the value of the Bitlen field defined in the preceding diagram.

This field MUST be present as a byte string in little-endian format.

The value contained in this field MUST be one of the prime number factors of the modulus (given in the previous field).

Q (variable): This field MUST be of length ceil(bl/16), where bl is the value of the Bitlen field defined in the preceding diagram.

This field MUST be present as a byte string in little-endian format.

The value MUST be the other prime number factor of the RSA modulus.

Dp (variable): This field MUST be of length ceil(bl/16), where bl is the value of the Bitlen field defined in the preceding diagram.

This field MUST be present as a byte string in little-endian format.

The value of this field MUST be d mod (p-1), where d is the private exponent of this RSA private key.

Dq (variable): This field MUST be of length ceil(bl/16), where bl is the value of the Bitlen field defined in the preceding diagram.

This field MUST be present as a byte string in little-endian format.

The value of this field MUST be d mod (q-1), where d is the private exponent of this RSA private key.

Iq (variable): This field MUST be of length ceil(bl/16), where bl is the value of the Bitlen field defined in the preceding diagram.

This field MUST be present as a byte string in little-endian format.

This field MUST contain the inverse of q modulus p.

D (variable): This field MUST be of length ceil(bl/8), where bl is the value of the Bitlen field defined in the preceding diagram.

This field MUST be present as a byte string in little-endian format.

The value in this field is the RSA private exponent.

Note Ceil(x) is the value of x rounded up to the closest integer. For example, ceil(1.2) = 2 and ceil(3) = 3.