idnits 2.17.1 draft-turner-asymmetrickeyformat-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to contain a disclaimer for pre-RFC5378 work, and may have content which was first submitted before 10 November 2008. The disclaimer is necessary when there are original authors that you have been unable to contact, or if some do not wish to grant the BCP78 rights to the IETF Trust. If you are able to get all authors (current and original) to grant those rights, you can and should remove the disclaimer; otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 12, 2010) is 5128 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '0' on line 596 -- Looks like a reference, but probably isn't: '1' on line 598 ** Downref: Normative reference to an Informational draft: draft-ietf-pkix-new-asn1 (ref. 'RFCTBD1') ** Downref: Normative reference to an Informational draft: draft-ietf-smime-new-asn1 (ref. 'RFCTBD2') -- Obsolete informational reference (is this intentional?): RFC 3447 (Obsoleted by RFC 8017) -- Obsolete informational reference (is this intentional?): RFC 5208 (Obsoleted by RFC 5958) Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group Sean Turner, IECA 2 Internet Draft April 12, 2010 3 Intended Status: Standard Track 4 Obsoletes: 5208 (once approved) 5 Expires: October 12, 2010 7 Asymmetric Key Packages 8 draft-turner-asymmetrickeyformat-05.txt 10 Abstract 12 This document defines the syntax for private key information and a 13 content type for it. Private-key information includes a private key 14 for a specified public-key algorithm and a set of attributes. The 15 Cryptographic Message Syntax (CMS), as defined in RFC 5652, can be 16 used to digitally sign, digest, authenticate, or encrypt the 17 asymmetric key format content type. This document obsoletes RFC 18 5208. 20 Status of this Memo 22 This Internet-Draft is submitted to IETF in full conformance with the 23 provisions of BCP 78 and BCP 79. This document may contain material 24 from IETF Documents or IETF Contributions published or made publicly 25 available before November 10, 2008. The person(s) controlling the 26 copyright in some of this material may not have granted the IETF 27 Trust the right to allow modifications of such material outside the 28 IETF Standards Process. Without obtaining an adequate license from 29 the person(s) controlling the copyright in such materials, this 30 document may not be modified outside the IETF Standards Process, and 31 derivative works of it may not be created outside the IETF Standards 32 Process, except to format it for publication as an RFC or to 33 translate it into languages other than English. 35 Internet-Drafts are working documents of the Internet Engineering 36 Task Force (IETF), its areas, and its working groups. Note that 37 other groups may also distribute working documents as Internet- 38 Drafts. 40 Internet-Drafts are draft documents valid for a maximum of six months 41 and may be updated, replaced, or obsoleted by other documents at any 42 time. It is inappropriate to use Internet-Drafts as reference 43 material or to cite them other than as "work in progress." 45 The list of current Internet-Drafts can be accessed at 46 http://www.ietf.org/ietf/1id-abstracts.txt 47 The list of Internet-Draft Shadow Directories can be accessed at 48 http://www.ietf.org/shadow.html 50 This Internet-Draft will expire on September 12, 2010. 52 Copyright Notice 54 Copyright (c) 2010 IETF Trust and the persons identified as the 55 document authors. All rights reserved. 57 This document is subject to BCP 78 and the IETF Trust's Legal 58 Provisions Relating to IETF Documents 59 (http://trustee.ietf.org/license-info) in effect on the date of 60 publication of this document. Please review these documents 61 carefully, as they describe your rights and restrictions with respect 62 to this document. Code Components extracted from this document must 63 include Simplified BSD License text as described in Section 4.e of 64 the Trust Legal Provisions and are provided without warranty as 65 described in the Simplified BSD License. 67 1. Introduction 69 This document defines the syntax for private key information and a 70 Cryptographic Message Syntax (CMS) [RFC5652] content type for it. 71 Private-key information includes a private key for a specified 72 public-key algorithm and a set of attributes. The CMS can be used to 73 digitally sign, digest, authenticate, or encrypt the asymmetric key 74 format content type. This document obsoletes PKCS#8 v1.2 [RFC5208]. 76 1.1. Requirements Terminology 78 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 79 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 80 document are to be interpreted as described in [RFC2119]. 82 1.2. ASN.1 Syntax Notation 84 The key package is defined using ASN.1 [X.680], [X.681], [X.682], and 85 [X.683]. 87 1.3. Summary of Updates to RFC 5208 89 The following summarizes the updates to [RFC5208]: 91 - Changed the name "PrivateKeyInfo" to "OneAsymmetricKey". This 92 reflects the addition of the public key field to allow both parts 93 of the asymmetric key to be conveyed separately. Not all 94 algorithms will use both fields; however, the publicKey field was 95 added for completeness. 97 - Defined Asymmetric Key Package CMS content type. 99 - Removed redundant IMPLICIT from attributes. 101 - Added publicKey to OneAsymmetricKey and updated the version number. 103 - Added that PKCS#9 attributes may be supported. 105 - Added discussion of compatibility with other private-key formats. 107 - Added requirements for encoding rule set. 109 - Changed imports from PKCS#5 to [RFCTBD1] and [RFCTBD2]. 111 - Replaced ALGORITHM-IDENTIFIER with ALGORITHM from [RFCTBD1]. 113 - Registers application/pkcs8 media type and .p8 file extension. 115 2. Asymmetric Key Package CMS Content Type 117 The asymmetric key package CMS content type is used to transfer one 118 or more plaintext asymmetric keys from one party to another. An 119 asymmetric key package MAY be encapsulated in one or more CMS 120 protecting content types (see Section 4). Earlier versions of this 121 specification [RFC5208] did not specify a particular encoding rule 122 set, but generators SHOULD use DER [X.690] and receivers SHOULD be 123 prepared to handle BER [X.690] and DER [X.690]. 125 The asymmetric key package content type has the following syntax: 127 ct-asymmetric-key-package CONTENT-TYPE ::= 128 { AsymmetricKeyPackage IDENTIFIED BY id-ct-KP-aKeyPackage } 130 id-ct-KP-aKeyPackage OBJECT IDENTIFIER ::= 131 { joint-iso-itu-t(2) country(16) us(840) organization(1) 132 gov(101) dod(2) infosec(1) formats(2) 133 key-package-content-types(78) 5 134 } 136 AsymmetricKeyPackage ::= SEQUENCE SIZE (1..MAX) OF OneAsymmetricKey 137 OneAsymmetricKey ::= SEQUENCE { 138 version Version, 139 privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, 140 privateKey PrivateKey, 141 attributes [0] Attributes OPTIONAL, 142 ..., 143 [[2: publicKey [1] PublicKey OPTIONAL ]], 144 ... 145 } 147 PrivateKeyInfo ::= OneAsymmetricKey 149 -- PrivateKeyInfo is used by [P12]. If any items tagged as version 150 -- 2 are used, the version must be v2, else the version should be 151 -- v1. When v1, PrivateKeyInfo is the same as it was in [RFC5208]. 153 Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2, ... ) 155 PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier 156 { PUBLIC-KEY, 157 { PrivateKeyAlgorithms } } 159 PrivateKey ::= OCTET STRING 160 -- Content varies based on type of key. The 161 -- algorithm identifier dictates the format of 162 -- the key. 164 PublicKey ::= BIT STRING 165 -- Content varies based on type of key. The 166 -- algorithm identifier dictates the format of 167 -- the key. 169 Attributes ::= SET OF Attribute { { OneAsymmetricKeyAttributes } } 171 The AsymmetricKeyPackage contains one or more OneAsymmetricKey 172 elements. 174 The syntax of OneAsymmetricKey accommodates a version number, an 175 indication of the asymmetric algorithm to be used with the private 176 key, a private key, optional keying material attributes (e.g., 177 userCertificate from [X.520]), and an optional public key. In 178 general, either the public key or the certificate will be present. 179 In very rare cases will both the public key and the certificate be 180 present as this includes two copies of the public key. 181 OneAsymmetricKey is a renamed extension of the PrivateKeyInfo syntax 182 defined in [RFC5208]. The new name better reflects the ability to 183 carry both private and public key components. Backwards 184 compatibility with the original PrivateKeyInfo is preserved via 185 version number. The fields in OneAsymmetricKey are used as follows: 187 - version identifies the version of OneAsymmetricKey. If publicKey 188 is present, then version is set to v2 else version is set to v1. 190 - privateKeyAlgorithm identifies the private-key algorithm and 191 optionally contains parameters associated with the asymmetric key. 192 The algorithm is identified by an object identifier (OID) and the 193 format of the parameters depends on the OID, but the 194 PrivateKeyAlgorithms information object set restricts the 195 permissible OIDs. The value placed in privateKeyAlgorithmIdentifier 196 is the value an originator would apply to indicate which algorithm 197 is to be used with the private key. 199 - privateKey is an OCTET STRING that contains the value of the 200 private key. The interpretation of the content is defined in the 201 registration of the private-key algorithm. For example, a DSA key 202 is an INTEGER, an RSA key is represented as RSAPrivateKey as 203 defined in [RFC3447], and an ECC key is represented as ECPrivateKey 204 as defined in [RFCTBD4]. 206 - attributes is OPTIONAL. It contains information corresponding to 207 the public key (e.g., certificates). The attributes field uses the 208 class ATTRIBUTE which is restricted by the 209 OneAsymmetricKeyAttributes information object set. 210 OneAsymmetricKeyAttributes is an open ended set in this document. 211 Others documents can constrain these values. Attributes from 212 [RFC2985] MAY be supported. 214 - publicKey is OPTIONAL. When present, it contains the public key 215 encoded in a BIT STRING. The structure within the bit string, if 216 any, depends on the privateKeyAlgorithm. For example, a DSA key is 217 an INTEGER. Note that RSA public keys are included in RSAPrivateKey 218 (i.e., n and e are present), as per [RFC3447], and ECC public keys 219 are included in ECPrivateKey (i.e., in the publicKey field), as per 220 [RFCTBD4]. 222 3. Encrypted Private Key Info 224 This section gives the syntax for encrypted private-key information, 225 which is used with [P12]. 227 Encrypted private-key information shall have ASN.1 type 228 EncryptedPrivateKeyInfo: 230 EncryptedPrivateKeyInfo ::= SEQUENCE { 231 encryptionAlgorithm EncryptionAlgorithmIdentifier, 232 encryptedData EncryptedData } 233 EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier 234 { CONTENT-ENCRYPTION, 235 { KeyEncryptionAlgorithms } } 237 EncryptedData ::= OCTET STRING 239 The fields in EncryptedPrivateKeyInfo are used as follows: 241 - encryptionAlgorithm identifies the algorithm under which the 242 private-key information is encrypted. 244 - encryptedData is the result of encrypting the private-key 245 information (i.e., the PrivateKeyInfo). 247 The encryption process involves the following two steps: 249 1. The private-key information is encoded, yielding an octet string. 250 Generators SHOULD use DER [X.690] and receivers SHOULD be 251 prepared to handle BER [X.690] and DER [X.690] 253 2. The result of step 1 is encrypted with the secret key to give an 254 octet string, the result of the encryption process. 256 4. Protecting the AsymmetricKeyPackage 258 CMS protecting content types, [RFC5652] and [RFC5083], can be used to 259 provide security to the AsymmetricKeyPackage: 261 - SignedData can be used to apply a digital signature to the 262 AsymmetricKeyPackage. 264 - EncryptedData can be used to encrypt the AsymmetricKeyPackage with 265 simple symmetric encryption, where the sender and the receiver 266 already share the necessary encryption key. 268 - EnvelopedData can be used to encrypt the AsymmetricKeyPackage with 269 symmetric encryption, where the sender and the receiver do not 270 share the necessary encryption key. 272 - AuthenticatedData can be used to protect the AsymmetricKeyPackage 273 with message authentication codes, where key management information 274 is handled in a manner similar to EnvelopedData. 276 - AuthEnvelopedData can be used to protect the AsymmetricKeyPackage 277 with algorithms that support authenticated encryption, where key 278 management information is handled in a manner similar to 279 EnvelopedData. 281 5. Other Private-Key Format Considerations 283 This document defines the syntax and the semantics for a content type 284 that exchanges asymmetric private keys. There are two other formats 285 that have been used for the transport of asymmetric private keys: 287 - Personal Information Exchange (PFX) Syntax Standard [P12], which is 288 more commonly referred to as PKCS #12 or simply P12, is a transfer 289 syntax for personal identity information, including private keys, 290 certificates, miscellaneous secrets, and extensions. 291 OneAsymmetricKey, PrivateKeyInfo, and EncryptedPrivateKeyInfo can 292 be carried in a P12 message. The private key information, 293 OneAsymmetricKey and PrivateKeyInfo, are carried in the P12 keyBag 294 BAG-TYPE. EncryptedPrivateKeyInfo is carried in the P12 295 pkcs8ShroudedKeyBag BAG-TYPE. In current implementations, the file 296 extensions .pfx and .p12 can be used interchangeably. 298 - Microsoft's private key proprietary transfer syntax. The .pvk file 299 extension is used for local storage. 301 The .pvk and .p12/.pfx formats are not interchangeable; however, 302 conversion tools exist to convert from one format to another. 304 To extract the private key information from the AsymmetricKeyPackage, 305 the encapsulating layers need to be removed. At a minimum, the outer 306 ContentInfo [RFC5652] layer needs to be removed. If the 307 AsymmetricKeyPackage is encapsulated in a SignedData [RFC5652], then 308 the SignedData and EncapsulatedContentInfo layers [RFC5652] also need 309 to be removed. The same is true for EnvelopedData, EncryptedData, and 310 AuthenticatedData all from [RFC5652] as well as AuthEnvelopedData 311 from [RFC5083]. Once all the outer layers are removed, there are as 312 many sets of private key information as there are OneAsymmetricKey 313 structures. OneAsymmetricKey and PrivateKeyInfo are the same 314 structure; therefore, either can be saved as a .p8 file or copied in 315 to the P12 KeyBag BAG-TYPE. Removing encapsulating security layers 316 will invalidate any signature and may expose the key to unauthorized 317 disclosure. 319 .p8 files are sometimes PEM encoded. When .p8 files are PEM encoded 320 they use the .pem file extension. PEM encoding is either the Base64 321 encoding [RFC4648] of the DER encoded EncryptedPrivateKeyInfo 322 sandwiched between: 324 -----BEGIN ENCRYPTED PRIVATE KEY----- 325 -----END ENCRYPTED PRIVATE KEY----- 326 or the Base64 encoding [RFC4648] of the DER encoded PrivateKeyInfo 327 sandwiched between: 329 -----BEGIN PRIVATE KEY----- 330 -----END PRIVATE KEY----- 332 6. Security Considerations 334 Protection of the private-key information is vital to public-key 335 cryptography. Disclosure of the private-key material to another 336 entity can lead to masquerades. The encryption algorithm used in the 337 encryption process must be as 'strong' as the key it is protecting. 339 The asymmetric key package contents are not protected. This content 340 type can be combined with a security protocol to protect the contents 341 of the package. 343 7. IANA Considerations 345 This specification defines a new media type that IANA is requested to 346 add to the registry at: 348 http://www.iana.org/assignments/media-types/application 350 7.1. Registration of media type application/pkcs8 352 To: ietf-types@iana.org 354 Subject: Registration of media type application/pkcs8 356 Type name: application 358 Subtype name: pkcs8 360 Required parameters: None 362 Optional parameters: None 364 Encoding considerations: binary 366 Security considerations: Carries a cryptographic private key 368 Interoperability considerations: 370 The PKCS#8 object inside this media type MUST be DER-encoded 371 PrivateKeyInfo. 373 Published specification: --THIS SPECIFICATION-- 374 /** RFC EDITOR: Replace "--THIS SPECIFICATION--" with the RFC # 375 assigned to this document. **/ 377 Applications which use this media type: 379 Any MIME-compliant transport 381 Additional information: 383 Magic number(s): None 384 File extension(s): .p8 385 Macintosh File Type Code(s): 387 Person & email address to contact for further information: 389 Sean Turner 391 Restrictions on usage: none 393 Author: 395 Sean Turner 397 Intended usage: COMMON 399 Change controller: 401 The IESG 403 8. References 405 8.1. Normative References 407 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 408 Requirement Levels", BCP 14, RFC 2119, March 1997. 410 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 411 Encodings", RFC 4648, October 2006. 413 [RFC5652] Housley, R., "Cryptographic Message Syntax (CMS)", RFC 414 5652, September 2009. 416 [RFCTBD1] Schaad, J., and P. Hoffman, "New ASN.1 Modules for PKIX", 417 draft-ietf-pkix-new-asn1-08, work-in-progress. 419 /** 420 RFC Editor: Please replace "TBD1" with the RFC number being assigned 421 to the draft. Please do this in both the references and the text. 422 **/ 424 [RFCTBD2] Schaad, J., and P. Hoffman, "New ASN.1 Modules for 425 SMIME", draft-ietf-smime-new-asn1-07, work-in-progress. 427 /** 428 RFC Editor: Please replace "TBD2" with the RFC number being assigned 429 to the draft. Please do this in both the references and the text. 430 **/ 432 [X.680] ITU-T Recommendation X.680 (2002) | ISO/IEC 8824-1:2002. 433 Information Technology - Abstract Syntax Notation One. 435 [X.681] ITU-T Recommendation X.681 (2002) | ISO/IEC 8824-2:2002. 436 Information Technology - Abstract Syntax Notation One: 437 Information Object Specification. 439 [X.682] ITU-T Recommendation X.682 (2002) | ISO/IEC 8824-3:2002. 440 Information Technology - Abstract Syntax Notation One: 441 Constraint Specification. 443 [X.683] ITU-T Recommendation X.683 (2002) | ISO/IEC 8824-4:2002. 444 Information Technology - Abstract Syntax Notation One: 445 Parameterization of ASN.1 Specifications. 447 [X.690] ITU-T Recommendation X.690 (2002) | ISO/IEC 8825-1:2002. 448 Information Technology - ASN.1 encoding rules: 449 Specification of Basic Encoding Rules (BER), Canonical 450 Encoding Rules (CER) and Distinguished Encoding Rules 451 (DER). 453 8.2. Informative References 455 [P12] RSA Laboratories, "PKCS #12 v1.0: Personal Information 456 Exchange Syntax", June 1999. 458 [RFC2985] Nystrom, M., and B. Kaliski, "PKCS #9: Selected Object 459 Classes and Attribute Types Version 2.0", RFC 2985, 460 November 2000. 462 [RFC3447] Jonsson, J., and B. Kaliski, "Public-Key Cryptography 463 Standards (PKCS) #1: RSA Cryptography Specifications 464 Version 2.1", RFC 3447, February 2003. 466 [RFC5083] Housley, R., "Cryptographic Message Syntax (CMS) 467 Authenticated-Enveloped-Data Content Type", RFC 5083, 468 November 2007. 470 [RFC5208] Kaliski, B., "PKCS #8: Private Key Information Syntax 471 Standard Version 1.2", RFC 5208, May 2008. 473 [X.520] ITU-T Recommendation X.520 (2005) | ISO/IEC 9594-6:2005, 474 Information technology - Open Systems Interconnection - 475 The Directory: Selected attribute types. 477 [RFCTBD4] Turner, S., and D. Brown, "EC Private Key Info 478 Structure", draft-turner-ecprivatekey-04, work-in- 479 progress. 481 /** 482 RFC Editor: Please replace "TBD4" with the RFC number being assigned 483 to the draft. Please do this in both the references and the text. 484 **/ 486 APPENDIX A: ASN.1 Module 488 This annex provides the normative ASN.1 definitions for the 489 structures described in this specification using ASN.1 as defined in 490 [X.680] through [X.683]. 492 AsymmetricKeyPackageModuleV1 493 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 494 smime(16) modules(0) id-mod-asymmetricKeyPkgV1(50) } 496 DEFINITIONS IMPLICIT TAGS ::= 498 BEGIN 500 -- EXPORTS ALL 502 IMPORTS 504 -- FROM New SMIME ASN.1 [RFCTBD2] 506 CONTENT-TYPE 507 FROM CryptographicMessageSyntax-2009 508 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 509 smime(16) modules(0) cms-2004-02(41) } 511 -- From New PKIX ASN.1 [RFCTBD1] 513 Attribute{}, ATTRIBUTE 514 FROM PKIX-CommonTypes-2009 515 { iso(1) identified-organization(3) dod(6) internet(1) 516 security(5) mechanisms(5) pkix(7) id-mod(0) 517 id-mod-pkixCommon-02(57) } 519 -- From New PKIX ASN.1 [RFCTBD1] 521 AlgorithmIdentifier{}, ALGORITHM, PUBLIC-KEY, CONTENT-ENCRYPTION 522 FROM AlgorithmInformation-2009 523 { iso(1) identified-organization(3) dod(6) internet(1) 524 security(5) mechanisms(5) pkix(7) id-mod(0) 525 id-mod-algorithmInformation-02(58) } 527 ; 529 KeyPackageContentTypes CONTENT-TYPE ::= { 530 ct-asymmetric-key-package, 531 ... -- Expect additional content types -- 532 } 533 ct-asymmetric-key-package CONTENT-TYPE ::= 534 { AsymmetricKeyPackage IDENTIFIED BY id-ct-KP-aKeyPackage } 536 id-ct-KP-aKeyPackage OBJECT IDENTIFIER ::= 537 { joint-iso-itu-t(2) country(16) us(840) organization(1) 538 gov(101) dod(2) infosec(1) formats(2) 539 key-package-content-types(78) 5 540 } 542 AsymmetricKeyPackage ::= SEQUENCE SIZE (1..MAX) OF OneAsymmetricKey 544 OneAsymmetricKey ::= SEQUENCE { 545 version Version, 546 privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, 547 privateKey PrivateKey, 548 attributes [0] Attributes OPTIONAL, 549 ..., 550 [[2: publicKey [1] PublicKey OPTIONAL ]], 551 ... 552 } 554 PrivateKeyInfo ::= OneAsymmetricKey 556 -- PrivateKeyInfo is used by [P12]. If any items tagged as version 557 -- 2 are used, the version must be v2, else the version should be 558 -- v1. When v1, PrivateKeyInfo is the same as it was in [RFC5208]. 560 Version ::= INTEGER {v1(0), v2(1)} (v1, ..., v2, ...) 562 PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier 563 { PUBLIC-KEY, 564 { PrivateKeyAlgorithms } } 566 PrivateKey ::= OCTET STRING 567 -- Content varies based on type of key. The 568 -- algorithm identifier dictates the format of 569 -- the key. 571 PublicKey ::= BIT STRING 572 -- Content varies based on type of key. The 573 -- algorithm identifier dictates the format of 574 -- the key. 576 Attributes ::= SET OF Attribute { { OneAsymmetricKeyAttributes } } 578 OneAsymmetricKeyAttributes ATTRIBUTE ::= { 579 ... -- For local profiles 580 } 581 -- An alternate representation that makes full use of ASN.1 582 -- constraints follows. Also note that PUBLIC-KEY needs to be 583 -- imported from the new PKIX ASN.1 Algorithm Information module 584 -- and PrivateKeyAlgorithms needs to be commented out. 586 -- OneAsymmetricKey ::= SEQUENCE { 587 -- version Version, 588 -- privateKeyAlgorithm SEQUENCE { 589 -- algorithm PUBLIC-KEY.&id({PublicKeySet}), 590 -- parameters PUBLIC-KEY.&Params({PublicKeySet} 591 -- {@privateKeyAlgorithm.algorithm}) 592 -- OPTIONAL} 593 -- privateKey OCTET STRING (CONTAINING 594 -- PUBLIC-KEY.&PrivateKey({PublicKeySet} 595 -- {@privateKeyAlgorithm.algorithm})), 596 -- attributes [0] Attributes OPTIONAL, 597 -- ..., 598 -- [[2: publicKey [1] BIT STRING (CONTAINING 599 -- PUBLIC-KEY.&Params({PublicKeySet} 600 -- {@privateKeyAlgorithm.algorithm}) 601 -- OPTIONAL, 602 -- ... 603 -- } 605 EncryptedPrivateKeyInfo ::= SEQUENCE { 606 encryptionAlgorithm EncryptionAlgorithmIdentifier, 607 encryptedData EncryptedData } 609 EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier 610 { CONTENT-ENCRYPTION, 611 { KeyEncryptionAlgorithms } } 613 EncryptedData ::= OCTET STRING -- Encrypted PrivateKeyInfo 615 PrivateKeyAlgorithms ALGORITHM ::= { 616 ... -- Extensible 617 } 619 KeyEncryptionAlgorithms ALGORITHM ::= { 620 ... -- Extensible 621 } 623 END 625 Acknowledgements 627 Many thanks go out to the Burt Kaliski and Jim Randall at RSA. 628 Without the prior version of the document, this one wouldn't exist. 630 I'd also like to thank Pasi Eronen, Alfred Hoenes, Russ Housley, Jim 631 Schaad, and Carl Wallace. 633 Author's Address 635 Sean Turner 636 IECA, Inc. 637 3057 Nutley Street, Suite 106 638 Fairfax, VA 22031 639 USA 641 Email: turners@ieca.com