PivRsaPrivateKey Class

Namespace: Yubico.YubiKey.Piv Assembly: Yubico.YubiKey.dll

This class holds an RSA private key.

C#

public sealed class PivRsaPrivateKey : PivPrivateKey, IPrivateKey, IKeyBase

Inheritance object PrivateKey PivPrivateKey PivRsaPrivateKey

Implements

IPrivateKey

IKeyBase

Remarks

At its foundation, an RSA private key consists of a modulus and private exponent. However, to improve performance, the primeP, primeQ, exponentP, exponentQ, and coefficient can be used to make the computations. These are the elements of the Chinese Remainder Theorem method of computing RSA private key operations. These are the elements needed by the YubiKey. There are several ways to create an encoded key, however, this class only supports the encoding scheme specified by Yubico.

TLV || TLV || TLV || TLV || TLV
01 length prime P || 02 length prime Q ||
03 length prime p Exponent dP || 04 length prime q Exponent dQ ||

The YubiKey supports 1024-bit, 2048-bit, 3072-bit, and 4096-bit RSA keys. Each element in the private key will be half that size. So for a 1024-bit RSA key pair, the CRT components are each 512 bits (64 bytes) long, for a 2048-bit RSA key pair, the CRT components are each 1024 bits (128 bytes) long, for a 3072-bit RSA key pair, the CRT components are each 1536 bits (192 bytes) long, and for a 4096-bit RSA key pair, the CRT components are each 2048 bits (256 bytes) long.

You can build an object from either the encoded private key, and then examine each component, or you can build an object from the components, then then examine the encoding.

Constructors

Name	Description
PivRsaPrivateKey(ReadOnlySpan<byte>, ReadOnlySpan<byte>, ReadOnlySpan<byte>, ReadOnlySpan<byte>, ReadOnlySpan<byte>)	Create a new instance of an RSA private key object based on the given CRT components.

Properties

Name	Description
Coefficient	Contains the coefficient portion of the RSA private key.
ExponentP	Contains the exponent p portion of the RSA private key.
ExponentQ	Contains the exponent q portion of the RSA private key.
PrimeP	Contains the prime p portion of the RSA private key.
PrimeQ	Contains the prime q portion of the RSA private key.

Methods

Name	Description
Clear()	Call on the object to clear (overwrite) any sensitive data it is holding.
CreateRsaPrivateKey(ReadOnlyMemory<byte>)	Create a new instance of an RSA private key object based on the encoding.

Extension Methods

IPrivateKeyExtensions.Cast<T>(IPrivateKey)

KeyExtensions.EncodeAsPiv(IPrivateKey)