blob: fcb62118a424740c62fddb10ef6e9a834e003c94 [file] [log] [blame]
Yingdi Yu55ea01a2015-07-21 22:42:17 -07001Export/Import Credentials
2=========================
3
4Sometimes, one may need to export credentials (e.g., certificate and private key) from
5one machine, and import them into another machine. This requires a secured container for
6sensitive information. We define **SafeBag**, which contains both an NDN certificate
7(:doc:`version 2.0 <certificate-format>`) and the corresponding private
8key which is encrypted in `PKCS#8 format <https://tools.ietf.org/html/rfc5208>`_.
9
10The format of **SafeBag** is defined as:
11
12::
13
Junxiao Shi9a04dda2019-07-02 15:18:20 +000014 SafeBag = SAFE-BAG-TYPE TLV-LENGTH
15 CertificateV2 ; a data packet following certificate format spec
16 EncryptedKeyBag
17
18 EncryptedKeyBag = ENCRYPTED-KEY-BAG-TYPE TLV-LENGTH
19 *OCTET ; private key encrypted in PKCS#8 format
Yingdi Yu55ea01a2015-07-21 22:42:17 -070020
21All TLV-TYPE codes are application specific:
22
23+---------------------------------------------+-------------------+----------------+
Junxiao Shi9a04dda2019-07-02 15:18:20 +000024| TLV-TYPE | Assigned number | Assigned number|
Yingdi Yu55ea01a2015-07-21 22:42:17 -070025| | (decimal) | (hexadecimal) |
26+=============================================+===================+================+
27| SafeBag | 128 | 0x80 |
28+---------------------------------------------+-------------------+----------------+
29| EncryptedKeyBag | 129 | 0x81 |
30+---------------------------------------------+-------------------+----------------+