Cryptography Reference
In-Depth Information
Thus, the fi nal PKCS #8 structure looks like this:
OID_pbeWithMD5AndDES_CBC
salt
iteration count
bit string
DES-Encrypted
OID_RSAPrivateKey
bit string
modulus (n)
public exponent (e)
private exponent (d)
prime1 (p)
prime2 (q)
exponent1 (d % p - 1)
exponent2 (e % q - 1)
coefficient (q^ - 1 %p)
Figure 7-2:
PKCS #8-encoded private key file
To decode this, then, you must fi rst unwrap the top level structure and then
decrypt it to reveal the second level structure, and fi nally unwrap that to reveal
the key. Listing 7-17 illustrates this process for the case of an RSA private key
encrypted using PBE with DES/MD5.
Listing 7-17:
“privkey.c” parse_pkcs8_private_key
static unsigned char OID_pbeWithMD5andDES_CBC[] =
{ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x03 };
Search WWH ::
Custom Search