Re: Decrypting PKCS8 private keys

David Taylor (dtaylor@forge.com.au)
Fri, 21 May 1999 09:17:06 +1000

From: "David Taylor" <dtaylor@forge.com.au>
To: Jan Luehe <luehe@laguna.eng.sun.com>
Date: Fri, 21 May 1999 09:17:06 +1000
Subject: Re: Decrypting PKCS8 private keys

To try and make things clear so I can "fix" the FORGE provider...

For public keys My RSA key factory should accept:

X509EncodedKeySpecs with an X.509 PublicKeyInfo structure encoded in it (as
that is what is being passed in from the Certificate class)
RSAPublicKeySpec

For private keys it should accept:

PKCS8EncodedKeySpecs with a PKCS8 PrivateKeyInfo structure encoded in it
RSAPrivateKeySpec
RSAPrivateCrtKeySpec (this can be used when reading a PKCS1 RSAPrivateKey
encoded file, if the user decodes the DER themselves)

Is there anything else an RSA key factory should accept, either other key
specs or different key storage formats?

Regards,
David Taylor
FORGE Research.