2.2.2.2.5.1 RSAKeyBlob Structure

This section provides the definition for the RSAKeyBlob structure that is used to encode the value of the EncodedKeyBlob field of the HomeGroup Signing Key messages defined in section 2.2.2.2.5.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

0x07

0x02

0x00

0x00

0x00

0x24

0x00

0x00

0x52

0x53

0x41

0x32

0x00

0x08

0x00

0x00

Public Exponent

Modulus (256 bytes)

...

...

Prime1 (128 bytes)

...

...

Prime2 (128 bytes)

...

...

Exponent1 (128 bytes)

...

...

Exponent2 (128 bytes)

...

...

Coefficient (128 bytes)

...

...

Private Exponent (256 bytes)

...

...

Public Exponent (4 bytes): This MUST be a 32-bit unsigned number in little-endian format. It MUST be the public exponent of the key pair, which is referred to as e in [RFC3447] section 2.

Modulus (256 bytes): This MUST be the RSA modulus, which is referred to as n in [RFC3447] section 2. It MUST be equal to Prime1 * Prime2. It MUST be encoded in little-endian format.

Prime1 (128 bytes): This MUST be the first prime factor of the RSA modulus, which is referred to as p in [RFC3447] section 2. It MUST be encoded in little-endian format.

Prime2 (128 bytes): This MUST be the second prime factor of the RSA modulus, which is referred to as q in [RFC3447] section 2. It MUST be encoded in little-endian format.

Exponent1 (128 bytes): This MUST be the Chinese Remainder Theorem exponent of Prime1, which is referred to as dP in [RFC3447] section 2. It MUST be encoded in little-endian format.

Exponent2 (128 bytes): This MUST be the Chinese Remainder Theorem exponent of Prime2, which is referred to as dQ in [RFC3447] section 2. It MUST be encoded in little-endian format.

Coefficient (128 bytes): This MUST be the Chinese Remainder Coefficient of Prime1 and Prime2, which is referred to as qInv in [RFC3447] section 2. It MUST be encoded in little-endian format.

Private Exponent (256 bytes): This MUST be the RSA private exponent, which is referred to as d in [RFC3447] section 2. It MUST be encoded in little-endian format.