RSA private key token, 1024-bit Modulus-Exponent internal format for cryptographic coprocessor feature
The format of the RSA private key token, 1024-bit Modulus-Exponent internal format for cryptographic coprocessor feature.
Table 1 shows the format of the RSA private key token,
1024-bit Modulus-Exponent internal format for cryptographic coprocessor feature.
| Offset (decimal) | Length (bytes) | Description |
|---|---|---|
| 000 | 001 | X'02', section identifier, RSA private key. |
| 001 | 001 | X'00', version. |
| 002 | 002 | Length of the RSA private key section X'016C' (364 decimal). |
| 004 | 020 | SHA-1 hash value of the private key subsection cleartext, offset 28 to the section end. This hash value is checked after an enciphered private key is deciphered for use. |
| 024 | 004 | Reserved; set to binary zero. |
| 028 | 001 | Key format and security:
|
| 029 | 001 | Format of external key from which this token was derived:
|
| 030 | 020 | SHA-1 hash of the key token structure contents that follow the public key section. If no sections follow, this field is set to binary zeros. |
| 050 | 001 | Key use flag bits.
All other bits reserved, set to binary zero. |
| 051 | 009 | Reserved; set to binary zero. |
| 060 | 048 | Object Protection Key (OPK) encrypted under a PKA master key—can be under the Signature Master Key (SMK) or Key Management Master Key (KMMK) depending on key use. |
| 108 | 128 | Secret key exponent d, encrypted under the OPK. d = e-1 mod((p-1)(q-1)) |
| 236 | 128 | Modulus, n. n = pq where p and q are prime and 1 < n < 2 1024. |