Standard ways of PKCS #8 encryption without PKCS #5?
Jack Lloyd
lloyd at randombit.net
Fri Dec 23 12:33:47 EST 2005
Does anyone know of any 'standard' [*] ways of encrypting private keys in the
usual PKCS #8 format without using password-based encryption? It is obviously
not hard to do, as you can stick whatever you like into the encryptionAlgorithm
field, so it would be easy to specify an plain encryption algorithm OID
(aes256-cbc, or whatever) plus an IV (and possibly a key check value and/or
some optional key label fields). I'm sure this is not the first time someone
has needed such a thing - any references would be useful.
[*]: Standard in this case being "at least one implementation/spec has it, and
(preferably) it is reasonably secure/sane"
Thanks,
Jack
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list