RSA private key token, 1024-bit Modulus-Exponent internal format for cryptographic coprocessor feature

The format of the RSA private key token, 1024-bit Modulus-Exponent internal format for cryptographic coprocessor feature.

Table 1 shows the format of the RSA private key token, 1024-bit Modulus-Exponent internal format for cryptographic coprocessor feature.
Table 1. RSA private internal key token, 1024-bit Modulus-Exponent format for cryptographic coprocessor feature

RSA private internal key token, 1024-bit Modulus-Exponent format for cryptographic coprocessor feature

Offset (decimal) Length (bytes) Description
000 001 X'02', section identifier, RSA private key.
001 001 X'00', version.
002 002 Length of the RSA private key section X'016C' (364 decimal).
004 020 SHA-1 hash value of the private key subsection cleartext, offset 28 to the section end. This hash value is checked after an enciphered private key is deciphered for use.
024 004 Reserved; set to binary zero.
028 001 Key format and security:
X'02'
RSA private key.
029 001 Format of external key from which this token was derived:
Value
Description
X'21'
External private key was specified in the clear.
X'22'
External private key was encrypted.
030 020 SHA-1 hash of the key token structure contents that follow the public key section. If no sections follow, this field is set to binary zeros.
050 001 Key use flag bits.
B'11xx xxxx'
Only key unwrapping (KM-ONLY)
B'10xx xxxx'
Both signature generation and key unwrapping (KEY-MGMT)
B'01xx xxxx'
Undefined
B'00xx xxxx'
Only signature generation (SIG-ONLY)

All other bits reserved, set to binary zero.

051 009 Reserved; set to binary zero.
060 048 Object Protection Key (OPK) encrypted under a PKA master key—can be under the Signature Master Key (SMK) or Key Management Master Key (KMMK) depending on key use.
108 128 Secret key exponent d, encrypted under the OPK. d = e-1 mod((p-1)(q-1))
236 128 Modulus, n. n = pq where p and q are prime and 1 < n < 2 1024.