Re: Decrypting PKCS8 private keys

Jan Luehe (luehe@laguna.eng.sun.com)
Wed, 19 May 1999 18:43:49 -0700 (PDT)

Message-Id: <199905200143.SAA10581@laguna.eng.sun.com>
Date: Wed, 19 May 1999 18:43:49 -0700 (PDT)
From: Jan Luehe <luehe@laguna.eng.sun.com>
Subject: Re: Decrypting PKCS8 private keys
To: java-security@java.sun.com, dtaylor@forge.com.au

David:

> I have some questions about private keys and key factories
>
> 1. PKCS8 encrypted keys
>
> My question is: what comes out of that octet string when you decrypt it? Is
> it a PKCS8 PrivateKeyInfo structure that can then be put into a
> PKCS8EncodedKeySpec or is it the lower level key info such an
> RSAPrivateKey?

The decryption result is a PKCS#8 PrivateKeyInfo which can be stored in a
PKCS8EncodedKeySpec and fed to a KeyFactory.

>
> A point about doing this in Java: the PKCS8EncodedKeySpec and KeyFactory
> classes don't seem to have any provision for keys stored in
> EncryptedPrivateKeyInfo structures. You generally need a password to
> decrypt the keys and there is nowhere to set this password. A key factory
> could recognise the encrypted key info and prompt for the password, but
> this sort of thing shouldn't be open to interpretation.

When you instantiate a KeyFactory, you do that based on the
algorithm of the key you are trying to parse. In the case of
EncryptedPrivateKeyInfo, that algorithm is not visible
(it's part of the encrypted key info). So how would you
instantiate an appropriate KeyFactory for an EncryptedPrivateKeyInfo?

>
> 2. X509EncodedKeySpec
>
> The docs for X509EncodedKeySpec say it can be used for the DER encoding of
> a public or private key according the X.509 spec. Does the X.509 spec give
> structures for private keys? What are the ASN.1 structures (leading to the
> DER encoding) that are acceptable for private keys in a X509EncodedKeySpec?
> Also, what key types - I guess RSA and DSA - but any others?

I was under the impression that X.509 (at some point in the past)
also defined an ASN.1 structure for RSA private keys, consisting of
a SEQUENCE of the modulus and the private exponent. I have not been able to
find that definition in the latest X.509 docs. Can anyone confirm?

If X.509 defines ASN.1 structures for public keys only, the
"private key" reference should be removed from the X509EncodedKeySpec
javadocs.

Hope that hepls.

Jan