SafeBag Format for Exported Credentials¶

Sometimes it may be necessary to export an identity’s credentials (i.e., private key and associated certificate) from one machine and import them into another. This requires a secure container to carry the sensitive information. For this purpose, we define the SafeBag format, which contains an NDN certificate and the corresponding private key in encrypted form. The private key is formatted as a DER-encoded EncryptedPrivateKeyInfo structure as described in PKCS #8.

The TLV encoding of SafeBag is defined as follows:

SafeBag = SAFE-BAG-TYPE TLV-LENGTH
            Certificate
            EncryptedKey

EncryptedKey = ENCRYPTED-KEY-TYPE TLV-LENGTH
                 *OCTET ; PKCS #8 EncryptedPrivateKeyInfo

Type	Assigned number (decimal)	Assigned number (hexadecimal)
SafeBag	128	0x80
EncryptedKey	129	0x81

ndn-cxx: NDN C++ library with eXperimental eXtensions 0.9.0 documentation

SafeBag Format for Exported Credentials¶

Table of Contents

Developer Documentation

Search