First asked on StackOverflow and referred to this board, here:
I have an embedded system (Netburner 5441x) that encodes public-private RSA keypairs into devices. I have ported OpenSSL into the system but the embedded processor cannot make RSA keypairs fast enough for production goals. So the next logical step is to have the embedded system get keys from a PC based server next to the machine, rather than make them on board.
What is the correct protocol for key transfer between the two nodes? Is there a network protocol widely used by keystores or HSMs? I've read most of the PKCS#N documents and it looks like it's all about object formats, but it's a lot of information and I may have missed something. Similarly, posts here mention X.509 but that looks to me like a certificate format and not a network protocol.
Should I just open a secure socket and send passphrase protected DER objects with no other framing?
Is there a standard for this kind of thing?