Filter
Top Products
CCA Release 2.54
Figure B-13. RSA Public Key
Offset
(Bytes)
Length
(Bytes)
Description
000 001 X'04', Section identifier, RSA public key
001 001 The version number (X'00')
002 002 Section length, 12+xxx+yyy
004 002 Reserved, binary zero
006 002 RSA public-key exponent field length in bytes, “xxx”
008 002 Public-key modulus length in bits.
010 002 RSA public-key modulus field length in bytes, “yyy”
Note: If the token contains an RSA private-key section, this field length, yyy,
should be zero. The RSA private-key section will contain the modulus.
012 xxx Public-key exponent, e (this field length will generally be 1, 3, or 64 to 256
bytes). e must be odd and 1<e<n. (e is frequently valued to 3 or 2
16
+1
(=65 537), otherwise e is of the same order of magnitude as the modulus)
Note: You can import an RSA public key having an exponent valued to two
(2). Such a public key can correctly validate an ISO 9796-1 digital signature.
However, the current product implementation will not generate an “RSA” key
with a public exponent valued to two (a “Rabin” key).
012
+xxx
yyy Modulus, n. n=pq where p and q are prime and 2
512
<n<2
2048
. This field
will be absent when the modulus is contained in the private-key-section. If
present, the field length will be 64 to 256 bytes
Note: See “Number Representation in PKA Key-Tokens” on page B-8.
Figure B-14. RSA Private-Key Name
Offset
(Bytes)
Length
(Bytes)
Description
000 001 X'10', Section identifier, private-key name
001 001 The version number (X'00')
002 002 Section length, X'0044' (68 decimal)
004 064 Private-key name, left-justified, padded with space characters (X'20'). The
private-key name can be used by an access-control system to validate the
calling application's entitlement to employ the key. When generating a
retained private key, the name supplied in this part of the skeleton key-token
is subsequently used in the Coprocessor to locate the retained key.
Note: See “Number Representation in PKA Key-Tokens” on page B-8.
B-16 IBM 4758 CCA Basic Services, Release 2.54, February 2005