summaryrefslogtreecommitdiffstats
path: root/crypto/asymmetric_keys/pkcs8.asn1
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2018-10-09 18:47:46 +0200
committerJames Morris <james.morris@microsoft.com>2018-10-26 10:30:46 +0200
commit3c58b2362ba828ee2970c66c6a6fd7b04fde4413 (patch)
tree842096971b747ef531d6b4d3767ac85f993eb83f /crypto/asymmetric_keys/pkcs8.asn1
parentKEYS: Implement encrypt, decrypt and sign for software asymmetric key [ver #2] (diff)
downloadlinux-3c58b2362ba828ee2970c66c6a6fd7b04fde4413.tar.xz
linux-3c58b2362ba828ee2970c66c6a6fd7b04fde4413.zip
KEYS: Implement PKCS#8 RSA Private Key parser [ver #2]
Implement PKCS#8 RSA Private Key format [RFC 5208] parser for the asymmetric key type. For the moment, this will only support unencrypted DER blobs. PEM and decryption can be added later. PKCS#8 keys can be loaded like this: openssl pkcs8 -in private_key.pem -topk8 -nocrypt -outform DER | \ keyctl padd asymmetric foo @s Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Marcel Holtmann <marcel@holtmann.org> Reviewed-by: Marcel Holtmann <marcel@holtmann.org> Reviewed-by: Denis Kenzior <denkenz@gmail.com> Tested-by: Denis Kenzior <denkenz@gmail.com> Signed-off-by: James Morris <james.morris@microsoft.com>
Diffstat (limited to 'crypto/asymmetric_keys/pkcs8.asn1')
-rw-r--r--crypto/asymmetric_keys/pkcs8.asn124
1 files changed, 24 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/pkcs8.asn1 b/crypto/asymmetric_keys/pkcs8.asn1
new file mode 100644
index 000000000000..702c41a3c713
--- /dev/null
+++ b/crypto/asymmetric_keys/pkcs8.asn1
@@ -0,0 +1,24 @@
+--
+-- This is the unencrypted variant
+--
+PrivateKeyInfo ::= SEQUENCE {
+ version Version,
+ privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
+ privateKey PrivateKey,
+ attributes [0] IMPLICIT Attributes OPTIONAL
+}
+
+Version ::= INTEGER ({ pkcs8_note_version })
+
+PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier ({ pkcs8_note_algo })
+
+PrivateKey ::= OCTET STRING ({ pkcs8_note_key })
+
+Attributes ::= SET OF Attribute
+
+Attribute ::= ANY
+
+AlgorithmIdentifier ::= SEQUENCE {
+ algorithm OBJECT IDENTIFIER ({ pkcs8_note_OID }),
+ parameters ANY OPTIONAL
+}