NAME
pkcs1-conv - convert keys from PKCS#1 format to s-expression format
SYNOPSIS
pkcs1-conv [{--private-rsa-key|--public-rsa-key|--public-key-info}
[--base-64]] < FILE
DESCRIPTION
This manual page documents briefly the pkcs1-conv command. This manual
page was written for the Debian GNU/Linux distribution because the
original program does not have a manual page.
pkcs1-conv converts private and public RSA keys from PKCS #1 format to
sexp format.
OPTIONS
This program follows the usual GNU command line syntax, with long
options starting with two dashes (‘-’).
By default pkcs1-conv expects a PEM-encapsulated RSA key on standard
input, and will determine its type from the Pre-Encapsulation Boundary.
To convert a DER-encoded (non PEM-encoded) key, one of the first three
options below must be used:
--private-rsa-key
Specify that a DER-encoded RSAPrivateKey, as defined by PKCS #1
(RFC 3447), and described in section A.1.2 of its appendix A, is
to be expected as input.
--public-rsa-key
Specify that a DER-encoded RSAPublicKey, as defined by PKCS #1
(RFC 3447), and described in section A.1.1 of its appendix A, is
to be expected as input.
--public-key-info
Specify that a DER-encoded SubjectPublicKeyInfo, as defined by
PKCS #6, and described in section A.1 of its appendix A,
encapsulating an RSAPublicKey, is to be expected as input.
--base-64
Together with --private-rsa-key, --public-rsa-key, or --public-
key-info, specify that base64 encoding is applied on top of the
DER encoding.
-?, --help
Show summary of options (not implemented).
-V, --version
Show version of program.
DIAGNOSTICS
pkcs1-conv will complain and exit with a status of 1 if the input
doesn’t match expectations. In PEM mode (when no option is used), if no
PEM block is found, pkcs1-conv will output nothing but exit with a zero
status.
EXAMPLES
$ openssl genrsa -out privkey.pem
$ pkcs1-conv < privkey.pem > privkey.sexp
$ openssl rsa -in privkey.pem -outform DER -out privkey.der
$ openssl rsa -in privkey.pem -outform DER -pubout -out pubkey.der
$ pkcs1-conv --rsa-private-key < privkey.der > privkey.sexp
$ pkcs1-conv --public-key-info < pubkey.der > pubkey.sexp
SEE ALSO
ssh-conv(1), sexp-conv(1), rsa(1SSL), genrsa(1SSL), RFC 3447.
AUTHOR
This manual page was written by Magnus Holmgren <holmgren@debian.org>
for the Debian GNU/Linux system (but may be used by others).
COPYRIGHT
Copyright © 2007 Magnus Holmgren.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.