RSA private key, 8192-bit Chinese Remainder Theorem with OPK
This RSA private key token with up to 8192-bit modulus is supported on the z9®,z10™, or later machines with the Nov. 2007 or later version of the licensed internal code installed on the CCA Crypto Express coprocessor.
| Offset (decimal) | Number of bytes | Description |
|---|---|---|
| 000 | 001 | X'08', section identifier, RSA private key, CRT format (RSA-CRT) with OPK |
| 001 | 001 | X'00', version. |
| 002 | 002 | Length of the RSA private-key section, 132 + ppp + qqq + rrr + sss + uuu + xxx + nnn. |
| 004 | 020 | SHA-1 hash value of the private-key subsection cleartext, offset 28 to the end of the modulus. |
| 024 | 004 | Reserved; set to binary zero. |
| 028 | 001 | Key format and security flag: External key token:
Internal key token:
All other values are reserved and undefined. |
| 029 | 001 | Key source flag byte: External key tokens: Reserved, binary zero. Internal key tokens:
|
| 030 | 020 | SHA-1 hash of the optional key-name section and any following sections. If there are no optional sections, then 20 bytes of X'00'. |
| 050 | 001 | Key use and translation control flag byte. Key usage:
Translation control:
All other bits reserved, set to binary zero. |
| 051 | 003 | Reserved, binary zero. |
| 054 | 002 | Length of prime number p in bytes: ppp. |
| 056 | 002 | Length of prime number q in bytes: qqq. |
| 058 | 002 | Length of dp in bytes: rrr. |
| 060 | 002 | Length of dq in bytes: sss. |
| 062 | 002 | Length of U in bytes: uuu. |
| 064 | 002 | Length of modulus n in bytes: nnn. |
| 066 | 002 | Reserved, binary zero. |
| 068 | 002 | Reserved, binary zero. |
| 070 | 002 | Length of padding field in bytes: xxx. |
| 072 | 004 | Reserved, set to binary zero. |
| 076 | 016 | External key token: Reserved, binary zero. Internal key token: Asymmetric master-key verification pattern. |
| 092 | 032 | External key token: Reserved, binary zero. Internal key token: Object Protection Key (OPK) data, 8-byte confounder and three 8-byte DES keys used in the Triple-DES CBC process to encrypt the private key and blinding information. These 32 bytes are Triple-DES CBC encrypted by the asymmetric master key. |
| 124 | Start of the (optionally) encrypted subsection. External key token:
Internal key token:
|
|
| 124 | 008 | Random number confounder. |
| 132 | ppp | Prime number p. |
| 132 + ppp | qqq | Prime number q |
| 132 + ppp + qqq | rrr | dp = d mod(p - 1) |
| 132 + ppp + qqq + rrr | sss | dq = d mod(q - 1) |
| 132 + ppp + qqq + rrr + sss | uuu | U = q**-1 mod(p). |
| 132 + ppp + qqq + rrr + sss + uuu | xxx | X'00' padding of length xxx bytes such that the length from the start of the confounder at offset 124 to the end of the padding field is a multiple of eight bytes. |
| End of the encrypted secure subsection; all of the fields starting with the confounder field and ending with the variable length pad field are encrypted under the OPK using TDES (CBC outer chaining) for key confidentiality. | ||
| 132 + ppp + qqq + rrr + sss + uuu + xxx | nnn | Modulus n. n = pq where p and q are prime and 2512 ≤ n < 24096. |