如何将XML RSA密钥转换为PEM文件?

时间:2021-11-28 06:24:42

I have two XML files, structured as follows:

我有两个XML文件,结构如下:

My Key

我的钥匙

<RSAKeyValue>
  <Modulus> ... </Modulus>
  <Exponent> ... </Exponent>
  <P> ... </P>
  <Q> ... </Q>
  <DP> ... </DP>
  <DQ> ... </DQ>
  <InverseQ> ... </InverseQ>
  <D> ... </D>
</RSAKeyValue>

A Public Key

公钥

<RSAKeyValue>
   <Modulus> ... </Modulus>
   <Exponent> ... </Exponent>
</RSAKeyValue>

I am using the xmlseclibs library by Robert Richards which requires a .PEM representation of the key in order to encrypt and decrypt things.

我正在使用Robert Richards的xmlseclibs库,它需要密钥的.PEM表示才能加密和解密。

As an encryption novice, I'm not sure where to begin, and a cursory Google search did not reveal anything particularly obvious...

作为加密新手,我不知道从哪里开始,粗略的谷歌搜索没有透露任何特别明显的东西......

Thanks!

谢谢!

5 个解决方案

#1


7  

I have found a Java utility that can do it.

我找到了一个可以做到的Java实用程序。

#2


1  

For those who want the resulting PEM to be readable by BouncyCastle:

对于那些希望BouncyCastle可以读取生成的PEM的人:

  1. use XMLSec2PEM tool to get a pem file
  2. 使用XMLSec2PEM工具获取pem文件
  3. convert pem to pkcs8 and back (!)
  4. 将pem转换为pkcs8并返回(!)

The final solution I am happy with:

我很满意的最终解决方案:

  1. java XMLSec2PEM my.xml > my.pem
  2. java XMLSec2PEM my.xml> my.pem
  3. edit my.pem manually a bit
  4. 手动编辑my.pem
  5. org.bouncycastle.openssl.PEMReader.readObject() returns null :-(
  6. org.bouncycastle.openssl.PEMReader.readObject()返回null :-(
  7. openssl pkcs8 -topk8 -inform pem -in my.pem -outform pem -nocrypt -out my.pkcs8
  8. openssl pkcs8 -topk8 -inform pem -in my.pem -outform pem -nocrypt -out my.pkcs8
  9. openssl pkcs8 -inform pem -nocrypt -in my.pkcs8 -out my.pkcs8.pem
  10. openssl pkcs8 -inform pem -nocrypt -in my.pkcs8 -out my.pkcs8.pem
  11. now my.pkcs8.pem is readable with the PEMReader
  12. 现在my.pkcs8.pem可以通过PEMReader读取

#3


0  

I was searching for hours for exactly the same problem. This Java tool did the job :)

我正在寻找完全相同问题的几个小时。这个Java工具做了这个工作:)

But the link has changed, it is now available from here

但链接已经改变,现在可以从这里获得

#4


0  

Found this useful online tool RSA Key Converter, which supports

找到了这个有用的在线工具RSA Key Converter,它支持

  • XML -> PEM
  • XML - > PEM
  • PEM -> XML
  • PEM - > XML

#5


0  

Since xmlseclibs is PHP it seems like another PHP solution might be desirable. Here's how:

由于xmlseclibs是PHP,似乎可能需要另一个PHP解决方案。就是这样:

<?php
include('Crypt/RSA.php');

$rsa = new Crypt_RSA();
$rsa->loadKey('<RSAKeyValue>
  <Modulus> ... </Modulus>
  <Exponent> ... </Exponent>
  <P> ... </P>
  <Q> ... </Q>
  <DP> ... </DP>
  <DQ> ... </DQ>
  <InverseQ> ... </InverseQ>
  <D> ... </D>
</RSAKeyValue>');

$privatekey = $rsa->getPrivateKey();
$publickey = $rsa->getPublicKey();
?>

phpseclib has built in support for XML keys, PuTTY keys and PKCS1 keys. It'll auto detect the format and load it and getPrivateKey / getPublicKey will output PKCS1 formatted keys by default if no parameters are provided. More info:

phpseclib内置支持XML密钥,PuTTY密钥和PKCS1密钥。它将自动检测格式并加载它,如果没有提供参数,getPrivateKey / getPublicKey将默认输出PKCS1格式的键。更多信息:

http://phpseclib.sourceforge.net/rsa/examples.html#convert

http://phpseclib.sourceforge.net/rsa/examples.html#convert

#1


7  

I have found a Java utility that can do it.

我找到了一个可以做到的Java实用程序。

#2


1  

For those who want the resulting PEM to be readable by BouncyCastle:

对于那些希望BouncyCastle可以读取生成的PEM的人:

  1. use XMLSec2PEM tool to get a pem file
  2. 使用XMLSec2PEM工具获取pem文件
  3. convert pem to pkcs8 and back (!)
  4. 将pem转换为pkcs8并返回(!)

The final solution I am happy with:

我很满意的最终解决方案:

  1. java XMLSec2PEM my.xml > my.pem
  2. java XMLSec2PEM my.xml> my.pem
  3. edit my.pem manually a bit
  4. 手动编辑my.pem
  5. org.bouncycastle.openssl.PEMReader.readObject() returns null :-(
  6. org.bouncycastle.openssl.PEMReader.readObject()返回null :-(
  7. openssl pkcs8 -topk8 -inform pem -in my.pem -outform pem -nocrypt -out my.pkcs8
  8. openssl pkcs8 -topk8 -inform pem -in my.pem -outform pem -nocrypt -out my.pkcs8
  9. openssl pkcs8 -inform pem -nocrypt -in my.pkcs8 -out my.pkcs8.pem
  10. openssl pkcs8 -inform pem -nocrypt -in my.pkcs8 -out my.pkcs8.pem
  11. now my.pkcs8.pem is readable with the PEMReader
  12. 现在my.pkcs8.pem可以通过PEMReader读取

#3


0  

I was searching for hours for exactly the same problem. This Java tool did the job :)

我正在寻找完全相同问题的几个小时。这个Java工具做了这个工作:)

But the link has changed, it is now available from here

但链接已经改变,现在可以从这里获得

#4


0  

Found this useful online tool RSA Key Converter, which supports

找到了这个有用的在线工具RSA Key Converter,它支持

  • XML -> PEM
  • XML - > PEM
  • PEM -> XML
  • PEM - > XML

#5


0  

Since xmlseclibs is PHP it seems like another PHP solution might be desirable. Here's how:

由于xmlseclibs是PHP,似乎可能需要另一个PHP解决方案。就是这样:

<?php
include('Crypt/RSA.php');

$rsa = new Crypt_RSA();
$rsa->loadKey('<RSAKeyValue>
  <Modulus> ... </Modulus>
  <Exponent> ... </Exponent>
  <P> ... </P>
  <Q> ... </Q>
  <DP> ... </DP>
  <DQ> ... </DQ>
  <InverseQ> ... </InverseQ>
  <D> ... </D>
</RSAKeyValue>');

$privatekey = $rsa->getPrivateKey();
$publickey = $rsa->getPublicKey();
?>

phpseclib has built in support for XML keys, PuTTY keys and PKCS1 keys. It'll auto detect the format and load it and getPrivateKey / getPublicKey will output PKCS1 formatted keys by default if no parameters are provided. More info:

phpseclib内置支持XML密钥,PuTTY密钥和PKCS1密钥。它将自动检测格式并加载它,如果没有提供参数,getPrivateKey / getPublicKey将默认输出PKCS1格式的键。更多信息:

http://phpseclib.sourceforge.net/rsa/examples.html#convert

http://phpseclib.sourceforge.net/rsa/examples.html#convert