Performing
Performing ASN.1 encoding and decoding of PBE parameters associated with the private keys.
A cryptography key is a constant value applied using a cryptographic algorithm to encrypt text or to decrypt encrypted text.
Keys are classified as symmetric and asymmetric based on the type of algorithm applied. If the same key is used for both encryption and decryption, it is symmetric. If different keys are used for encryption and decryption, they are asymmetric. Asymmetric keys exist in the form of a public and private key pair, where the public key is used for encryption and the private key is used for decryption.
A key store is a repository of keys that can be retrieved and used to accomplish a variety of tasks.
The key store provides the following functionality:
Generation, import and export of RSA, DSA, and DH key pairs
Listing of stored keys
Authentication of users
Private key operations for authenticated users
The following block diagram describes the interaction of the ASN-PKCS component with the certificate and key stores:
The client application accesses the various certificates and keys of the device stored in the respective stores. Depending on the requests received from the store management and implementation components, ASN-PKCS acts on the keys during certain key and certificate manipulation operations. For details of the operations during which the ASN-PKCS APIs are invoked, see
ASN-PKCS APIs are used for encoding and decoding purposes during the following key and certificate manipulation operations:
Encoding and decoding of PKCS private keys (in raw text and PBE-encrypted forms) during import and export of keys. When PBE-encrypted PKCS keys are imported or exported, the ASN-PKCS APIs also help in encoding or decoding of the PBE parameters.
Encoding of the private keys accompanying public key certificates (according to
Creation of
Notes:
Device creators can use the ASN-PKCS component along with their own implementation of the certificate and key stores.
For details of the key and certificate operations, see
Performing
Performing ASN.1 encoding and decoding of PBE parameters associated with the private keys.
A cryptography key is a constant value applied using a cryptographic algorithm to encrypt text or to decrypt encrypted text.
Keys are classified as symmetric and asymmetric based on the type of algorithm applied. If the same key is used for both encryption and decryption, it is symmetric. If different keys are used for encryption and decryption, they are asymmetric. Asymmetric keys exist in the form of a public and private key pair, where the public key is used for encryption and the private key is used for decryption.
A key store is a repository of keys that can be retrieved and used to accomplish a variety of tasks.
The key store provides the following functionality:
Generation, import and export of RSA, DSA, and DH key pairs
Listing of stored keys
Authentication of users
Private key operations for authenticated users
The following block diagram describes the interaction of the ASN-PKCS component with the certificate and key stores:
The client application accesses the various certificates and keys of the device stored in the respective stores. Depending on the requests received from the store management and implementation components, ASN-PKCS acts on the keys during certain key and certificate manipulation operations. For details of the operations during which the ASN-PKCS APIs are invoked, see
ASN-PKCS APIs are used for encoding and decoding purposes during the following key and certificate manipulation operations:
Encoding and decoding of PKCS private keys (in raw text and PBE-encrypted forms) during import and export of keys. When PBE-encrypted PKCS keys are imported or exported, the ASN-PKCS APIs also help in encoding or decoding of the PBE parameters.
Encoding of the private keys accompanying public key certificates (according to
Creation of
Notes:
Device creators can use the ASN-PKCS component along with their own implementation of the certificate and key stores.
For details of the key and certificate operations, see