Skip to content

Instantly share code, notes, and snippets.

@kostapc

kostapc/PKCS8-PKCS1-format-conversion.md

Forked from gtaban/PKCS8-PKCS1-format-conversion.md
Created November 29, 2020 13:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save kostapc/b385001256b9570ae3232ec636f6fada to your computer and use it in GitHub Desktop.
Save kostapc/b385001256b9570ae3232ec636f6fada to your computer and use it in GitHub Desktop.
Download ZIP
Raw
PKCS8-PKCS1-format-conversion.md

The default format of keys was changed in OpenSSL 1.0. From OpenSSL 1.0 change log:

Make PKCS#8 the default write format for private keys, replacing the traditional format. This form is standardised, more secure and doesn't include an implicit MD5 dependency. [Steve Henson]

Good explanations of the difference between the two formats: https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem

Converting RSA private key:

To convert from PKCS#8 to PKCS#1:

openssl pkcs8 -topk8 -inform pem -in file.key -outform pem -nocrypt -out file.pem

To convert from PKCS#8 to PKCS#1:

openssl rsa -in key1.pem -out key2.pem

Converting RSA public key:

To convert from PKCS#8 to PKCS#1:

openssl rsa -pubin -in <filename> -RSAPublicKey_out

To convert from PKCS#1 to PKCS#8:

openssl rsa -RSAPublicKey_in -in <filename> -pubout

Converting EC private key:

To convert from PKCS#8 to PKCS#1:

openssl ec -in ec2.pem -out ec3.pem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment