Appendix c. diffie-hellman private keys – Zilog EZ80F91AZA User Manual

UM020107-1211

ZTP Network Security SSL Plug-In

User Manual

71

Appendix C. Diffie-Hellman Private Keys

Although this implementation supports the establishment of an SSL session using Diffie-
Hellman certificates with the SSLv3 and TLSv1 handshake protocols, it must be noted
that this use of Diffie-Hellman certificates is extremely rare. Consequently, few utilities
are able to generate Diffie-Hellman certificates, and even fewer utilities will generate a
Diffie-Hellman private key. Those utilities that do output DH private keys are likely to do
so in different formats. The PKCS#3: Diffie-Hellman Key Agreement Standard does not
specify the format of the DH private key.

Therefore, this implementation uses the simplest possible encoding of the DH private key
consistent with the ASN.1 definition in PKCS#15 – a single ASN.1 DER-encoded integer
containing the value of the private key:

DHPrivateKey ::= INTEGER -- private key, x

As an example, the DER encoding of the private key

0x12345678

is:

02 04 12 34 56 78

The segments in this key can be defined as:

02

:

ASN.1 INTEGER.

04

:

Length of the integer in octets.

12 34 56 78

:

Value of the integer MSB first.