Yingdi Yu | 55ea01a | 2015-07-21 22:42:17 -0700 | [diff] [blame] | 1 | Export/Import Credentials |
| 2 | ========================= |
| 3 | |
| 4 | Sometimes, one may need to export credentials (e.g., certificate and private key) from |
| 5 | one machine, and import them into another machine. This requires a secured container for |
| 6 | sensitive information. We define **SafeBag**, which contains both an NDN certificate |
| 7 | (:doc:`version 2.0 <certificate-format>`) and the corresponding private |
| 8 | key which is encrypted in `PKCS#8 format <https://tools.ietf.org/html/rfc5208>`_. |
| 9 | |
| 10 | The format of **SafeBag** is defined as: |
| 11 | |
| 12 | :: |
| 13 | |
Junxiao Shi | 9a04dda | 2019-07-02 15:18:20 +0000 | [diff] [blame] | 14 | SafeBag = SAFE-BAG-TYPE TLV-LENGTH |
| 15 | CertificateV2 ; a data packet following certificate format spec |
| 16 | EncryptedKeyBag |
| 17 | |
| 18 | EncryptedKeyBag = ENCRYPTED-KEY-BAG-TYPE TLV-LENGTH |
| 19 | *OCTET ; private key encrypted in PKCS#8 format |
Yingdi Yu | 55ea01a | 2015-07-21 22:42:17 -0700 | [diff] [blame] | 20 | |
| 21 | All TLV-TYPE codes are application specific: |
| 22 | |
| 23 | +---------------------------------------------+-------------------+----------------+ |
Junxiao Shi | 9a04dda | 2019-07-02 15:18:20 +0000 | [diff] [blame] | 24 | | TLV-TYPE | Assigned number | Assigned number| |
Yingdi Yu | 55ea01a | 2015-07-21 22:42:17 -0700 | [diff] [blame] | 25 | | | (decimal) | (hexadecimal) | |
| 26 | +=============================================+===================+================+ |
| 27 | | SafeBag | 128 | 0x80 | |
| 28 | +---------------------------------------------+-------------------+----------------+ |
| 29 | | EncryptedKeyBag | 129 | 0x81 | |
| 30 | +---------------------------------------------+-------------------+----------------+ |