When a DSS public key is exported, it is in a PUBLICKEYBLOB format, as follows:
BLOBHEADER blobheader;
DSSPUBKEY dsspubkey;
BYTE p[dsspubkey.bitlen/8];
BYTE q[20];
BYTE g[dsspubkey.bitlen/8];
BYTE y[dsspubkey.bitlen/8];
DSSSEED seedstruct;
The following table describes each public key component. All values are in little-endian format.
| Field | Description |
|---|---|
| blobheader | A BLOBHEADER structure The bType member must have a value of PUBLICKEYBLOB. |
| dsspubkey | A DSSPUBKEY structure. The magic member must have a value of 0x31535344 (the ASCII encoding of "DSS1"). |
| p | The prime modulus P. Must always have the most significant bit of the most significant byte set to 1. |
| q | The prime Q - 20 bytes in length. The most significant bit of the most significant byte must be set to 1. |
| g | The generator G. Must be the same length as p (must be padded with 0x00 bytes if it is less). |
| y | The public key Y. Must be same length as p, if smaller then it must be padded with 0x00. |
| seedstruct | Seed and counter values for verifying primes. |
Notice that public-key blobs are not encrypted, but contain public keys in plaintext form.