How do I convert an XML RSA key to a PEM file?
https://stackoverflow.com/questions/3094222
-
29-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have two XML files, structured as follows:
My Key
<RSAKeyValue>
<Modulus> ... </Modulus>
<Exponent> ... </Exponent>
<P> ... </P>
<Q> ... </Q>
<DP> ... </DP>
<DQ> ... </DQ>
<InverseQ> ... </InverseQ>
<D> ... </D>
</RSAKeyValue>
A Public Key
<RSAKeyValue>
<Modulus> ... </Modulus>
<Exponent> ... </Exponent>
</RSAKeyValue>
I am using the xmlseclibs library by Robert Richards which requires a .PEM representation of the key in order to encrypt and decrypt things.
As an encryption novice, I'm not sure where to begin, and a cursory Google search did not reveal anything particularly obvious...
Thanks!
Solution
I have found a Java utility that can do it.
OTHER TIPS
For those who want the resulting PEM to be readable by BouncyCastle:
- use XMLSec2PEM tool to get a pem file
- convert pem to pkcs8 and back (!)
The final solution I am happy with:
java XMLSec2PEM my.xml > my.pem- edit
my.pemmanually a bit org.bouncycastle.openssl.PEMReader.readObject()returnsnull:-(openssl pkcs8 -topk8 -inform pem -in my.pem -outform pem -nocrypt -out my.pkcs8openssl pkcs8 -inform pem -nocrypt -in my.pkcs8 -out my.pkcs8.pem- now
my.pkcs8.pemis readable with thePEMReader
I was searching for hours for exactly the same problem. This Java tool did the job :)
But the link has changed, it is now available from here
Found this useful online tool RSA Key Converter, which supports
- XML -> PEM
- PEM -> XML
Since xmlseclibs is PHP it seems like another PHP solution might be desirable. Here's how:
<?php
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
$rsa->loadKey('<RSAKeyValue>
<Modulus> ... </Modulus>
<Exponent> ... </Exponent>
<P> ... </P>
<Q> ... </Q>
<DP> ... </DP>
<DQ> ... </DQ>
<InverseQ> ... </InverseQ>
<D> ... </D>
</RSAKeyValue>');
$privatekey = $rsa->getPrivateKey();
$publickey = $rsa->getPublicKey();
?>
phpseclib has built in support for XML keys, PuTTY keys and PKCS1 keys. It'll auto detect the format and load it and getPrivateKey / getPublicKey will output PKCS1 formatted keys by default if no parameters are provided. More info:
