Key formats

EdDSA

References:

• https://tools.ietf.org/html/draft-ietf-curdle-pkix-10

generated with openssl 1.1.1pre7:

openssl genpkey -algorithm ED25519 -outform DER -out key.der
openssl pkey -inform DER -in key.der -pubout -outform DER -out pub.der

The AlgorithmIdentifier consists of OID 1.3.101.112 with no parameters (?!).

The private key file does not contain the public key.

---

Misc References

• https://tools.ietf.org/html/rfc5915
• https://tools.ietf.org/html/draft-josefsson-pkix-eddsa-04 (dead?)
• https://www.davidb.org/post/key-formats/
• https://tools.ietf.org/html/rfc8032 (EdDSA)
• https://github.com/briansmith/ring/issues/224 (what to do about eddsa?)

---

Key Storage, Key Management

• https://crypto.stackexchange.com/questions/3481/secure-private-key-storage
• https://csrc.nist.gov/projects/key-management
• PKCS 8
  • https://tools.ietf.org/html/rfc5958 (updates pkcs8)
  • https://tools.ietf.org/html/rfc5959
  • https://tools.ietf.org/html/rfc6162
  • https://www.openssl.org/docs/man1.1.0/apps/pkcs8.html
• PKCS 12 aka PFX
  • https://www.openssl.org/docs/manmaster/man1/pkcs12.html
  • ANTI: https://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html
  • https://en.wikipedia.org/wiki/PKCS_12
• https://www.gnu.org/software/gnu-crypto/draft-keyring.html
• PKCS 5 (password-based stuff)
  • https://tools.ietf.org/html/rfc8018
• Key management
  • https://en.wikipedia.org/wiki/Key_management
  • https://www.owasp.org/index.php/Key_Management_Cheat_Sheet