PivRsaPrivateKey Class
Namespace: Yubico.YubiKey.Piv Assembly: Yubico.YubiKey.dllThis class holds an RSA private key.
public sealed class PivRsaPrivateKey : PivPrivateKeyRemarks
At its foundation, an RSA private key consists of a modulus and private exponent. However, to improve performance, the primeP, primeQ, exponentP, exponentQ, and coefficient can be used to make the computations. These are the elements of the Chinese Remainder Theorem method of computing RSA private key operations. These are the elements needed by the YubiKey. There are several ways to create an encoded key, however, this class only supports the encoding scheme specified by Yubico.
TLV || TLV || TLV || TLV || TLV
01 length prime P || 02 length prime Q ||
03 length prime p Exponent dP || 04 length prime q Exponent dQ ||The YubiKey supports only 1024-bit and 2048-bit RSA keys. Each element in the private key will be half that size. So for a 1024-bit RSA key pair, the CRT components are each 512 bits (64 bytes) long, and for a 2048-bit RSA key pair, the CRT components are each 1024 bits (128 bytes) long.
You can build an object from either the encoded private key, and then examine each component, or you can build an object from the components, then then examine the encoding.
Constructors
| Name | Description |
|---|---|
| PivRsaPrivateKey(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, ReadOnlySpan<Byte>) | Create a new instance of an RSA private key object based on the given CRT components. |
Properties
| Name | Description |
|---|---|
| Coefficient | Contains the coefficient portion of the RSA private key. |
| ExponentP | Contains the exponent p portion of the RSA private key. |
| ExponentQ | Contains the exponent q portion of the RSA private key. |
| PrimeP | Contains the prime p portion of the RSA private key. |
| PrimeQ | Contains the prime q portion of the RSA private key. |
Methods
| Name | Description |
|---|---|
| Clear() | Call on the object to clear (overwrite) any sensitive data it is holding. |
| CreateRsaPrivateKey(ReadOnlyMemory<Byte>) | Create a new instance of an RSA private key object based on the encoding. |