Share via

2.2.2.1 PUBLIC_KEY_BLOB

  • Article

The PUBLIC_KEY_BLOB message is used to store information about RSA key exchange public keys and RSA signature public keys. It is used during secure session negotiation.

The syntax of the PUBLIC_KEY_BLOB message is represented by the following diagram.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

PublicKeyBlobDataLength

Reserved0

Type

Version

Reserved

AlgID

Magic

BitLen

PubExp

Modulus (variable)

...

PublicKeyBlobDataLength (4 bytes): A 32-bit unsigned integer. This field contains the total length of the PUBLIC_KEY_BLOB instance excluding the PublicKeyBlobDataLength and Reserved0 fields.

Reserved0 (4 bytes): A 32-bit unsigned integer. This field MUST be set to 0x0.

Type (1 byte): An 8-bit unsigned integer. This field MUST be set to 0x6. This indicates that the public key is transferred.

Version (1 byte): An 8-bit unsigned integer. This field MUST be set to 0x2.

Reserved (2 bytes): A 16-bit unsigned integer. This field MUST be set to 0x0.

AlgID (4 bytes): A 32-bit unsigned integer. This field is set to the CALG_RSA_KEYX value if the key exchange public key is stored in the BLOB or the CALG_RSA_SIGN value if the signature public key is stored.

Value

Meaning

CALG_RSA_KEYX

0x0000A400

RSA public key exchange algorithm

CALG_RSA_SIGN

0x00002400

RSA public key signature algorithm

Magic (4 bytes): A 32-bit unsigned integer. This field MUST be set to 0x31415352. The value can be interpreted as the ASCII-encoded string "RSA1".

BitLen (4 bytes): A 32-bit unsigned integer that specifies the size of the public key in bits. This field MUST be set to 0x200 (512) because the 512 (=0x200) bit RSA key is used.

PubExp (4 bytes): A 32-bit unsigned integer that is a public exponent, as specified in [RFC8017].

Modulus (variable): A variable-length array of bytes that stores the RSA public key. The size, in bytes, of the Modulus field is BitLen/8.