Jack Lloyd <[EMAIL PROTECTED]> writes: >Does anyone know of any 'standard' [*] ways of encrypting private keys in the >usual PKCS #8 format without using password-based encryption? It is obviously >not hard to do, as you can stick whatever you like into the >encryptionAlgorithm field, so it would be easy to specify an plain encryption >algorithm OID (aes256-cbc, or whatever) plus an IV (and possibly a key check >value and/or some optional key label fields). I'm sure this is not the first >time someone has needed such a thing - any references would be useful. > >[*]: Standard in this case being "at least one implementation/spec has it, and >(preferably) it is reasonably secure/sane"
If you're using PKCS #8 then you'd want to use PKCS #15 with CMS password- based encryption, which, although it's called "password-based encryption", is as you've pointed out a general-purpose mechanism that can be used to wrap data using a key from any source, not just a PKCS #5 password. (PKCS #15 is the logical successor to PKCS #8). Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]