NAME

       pkcs1-conv - convert keys from PKCS#1 format to s-expression format

SYNOPSIS

       pkcs1-conv [{--private-rsa-key|--public-rsa-key|--public-key-info} [--base-64]] < FILE

DESCRIPTION

       This  manual  page documents briefly the pkcs1-conv command.  This manual page was written for the Debian
       GNU/Linux distribution because the original program does not have a manual page.

       pkcs1-conv converts private and public RSA keys from PKCS #1 format to sexp format.

OPTIONS

       This program follows the usual GNU command line syntax, with long options starting with two dashes (`-').

       By default pkcs1-conv expects a PEM-encapsulated RSA key on standard input, and will determine  its  type
       from  the  Pre-Encapsulation  Boundary.  To convert a DER-encoded (non PEM-encoded) key, one of the first
       three options below must be used:

       --private-rsa-key
              Specify that a DER-encoded RSAPrivateKey, as defined by PKCS  #1  (RFC  3447),  and  described  in
              section A.1.2 of its appendix A, is to be expected as input.

       --public-rsa-key
              Specify  that  a  DER-encoded  RSAPublicKey,  as  defined  by PKCS #1 (RFC 3447), and described in
              section A.1.1 of its appendix A, is to be expected as input.

       --public-key-info
              Specify that a DER-encoded SubjectPublicKeyInfo, as defined by PKCS #6, and described  in  section
              A.1 of its appendix A, encapsulating an RSAPublicKey, is to be expected as input.

       --base-64
              Together  with  --private-rsa-key,  --public-rsa-key,  or  --public-key-info,  specify that base64
              encoding is applied on top of the DER encoding.

       -?, --help
              Show summary of options (not implemented).

       -V, --version
              Show version of program.

DIAGNOSTICS

       pkcs1-conv will complain and exit with a status of 1 if the input doesn't match expectations. In PEM mode
       (when no option is used), if no PEM block is found, pkcs1-conv will output nothing but exit with  a  zero
       status.

EXAMPLES

       $ openssl genrsa -out privkey.pem
       $ pkcs1-conv < privkey.pem > privkey.sexp
       $ openssl rsa -in privkey.pem -outform DER -out privkey.der
       $ openssl rsa -in privkey.pem -outform DER -pubout -out pubkey.der
       $ pkcs1-conv --rsa-private-key < privkey.der > privkey.sexp
       $ pkcs1-conv --public-key-info < pubkey.der > pubkey.sexp

SEE ALSO

       ssh-conv(1), sexp-conv(1), rsa(1SSL), genrsa(1SSL), RFC 3447.

AUTHOR

       This  manual  page  was  written by Magnus Holmgren <holmgren@debian.org> for the Debian GNU/Linux system
       (but may be used by others).

COPYRIGHT

       Copyright © 2007 Magnus Holmgren.

       Copying and distribution of this file, with or without modification, are permitted in any medium  without
       royalty provided the copyright notice and this notice are preserved.

nettle 1.15                                         June 2007                                      PKCS1-CONV(1)