Diffie-Hellman Version 3 Public Key BLOBs
Diffie-Hellman version 3 Public Key BLOBs (type PUBLICKEYBLOB) are used to export and import information about a DH public key. They have the following format:
BLOBHEADER blobheader;
// As explained under "Data Structures"
DHPUBKEY_VER3 dhpubkeyver3;
BYTE p[dhpubkeyver3.bitlenP/8];
// Where P is the prime modulus
BYTE q[dhpubkeyver3.bitlenQ/8];
// Where Q is a large factor of P-1
BYTE g[dhpubkeyver3.bitlenP/8];
// Where G is the generator parameter
BYTE j[dhpubkeyver3.bitlenJ/8];
// Where J is (P-1)/Q
BYTE y[dhpubkeyver3.bitlenP/8];
// Where Y is (G^X) mod P
This BLOB format is exported when the CRYPT_BLOB_VER3 flag is used with CryptExportKey. Because the version is in the BLOB, there is no need to specify a flag when using this BLOB with CryptImportKey.
In addition, this BLOB format is used with the CryptSetKeyParam function when the dwParam value KP_PUB_PARAMS is used to set key parameters on a DH key. This is done when the CRYPT_PREGEN flag has been used to generate the key. When used in this situation, the y value is ignored and therefore should not be included in the BLOB.
The following table describes each component of the key BLOB.
| Field | Description |
|---|---|
| blobheader | A BLOBHEADER structure. The bType member must have a value of PUBLICKEYBLOB. |
| dhpubkeyver3 | A DHPUBKEY_VER3 structure. The magic member should be set to 0x33484400 for public keys. Notice that the hexadecimal value is just an ASCII encoding of "DH3". |
| P | The P value is located directly after the DHPUBKEY_VER3 structure and should always be the length, in bytes, of the DHPUBKEY_VER3 bitlenP field (bit length of P) divided by eight (little-endian format). |
| Q | The Q value is located directly after the P value and should always be the length in bytes of the DHPUBKEY_VER3 bitlenQ field divided by eight (little-endian format). If the bitlenQ value is 0, then the value is absent from the BLOB. |
| G | The G value is located directly after the Q value and should always be the length, in bytes, of the DHPUBKEY_VER3 bitlenP field (bit length of P) divided by eight. If the length of the data is one or more bytes shorter than P divided by 8, the data must be padded with the necessary bytes (of zero value) to make the data the desired length (little-endian format). |
| J | The J value is located directly after the G value and should always be the length in bytes of the DHPUBKEY_VER3 bitlenJ field divided by eight (little-endian format). If the bitlenQ value is 0, then the value is absent from the BLOB. |
| Y | The Y value, (G^X) mod P, is located directly after the J value and should always be the length in bytes of the DHPUBKEY_VER3 bitlenP field (bit length of P) divided by eight. If the length of the data that results from the calculation of (G^X) mod P is one or more bytes shorter than P divided by 8, the data must be padded with the necessary bytes (of zero value) to make the data the desired length (little-endian format). When this structure is used with CryptSetKeyParam with the dwParam value KP_PUB_PARAMS, this value is not included in the BLOB. |
Note
Public key BLOBs are not encrypted, but contain public keys in plaintext form.