Provided by: nettle-bin_2.7.1-1ubuntu0.2_amd64 bug

NAME

       pkcs1-conv - convert keys from PKCS#1 format to s-expression format

SYNOPSIS

       pkcs1-conv [{--private-rsa-key|--public-rsa-key|--public-key-info} [--base-64]] < FILE

DESCRIPTION

       This  manual  page documents briefly the pkcs1-conv command.  This manual page was written
       for the Debian GNU/Linux distribution because the original program does not have a  manual
       page.

       pkcs1-conv converts private and public RSA keys from PKCS #1 format to sexp format.

OPTIONS

       This  program  follows  the usual GNU command line syntax, with long options starting with
       two dashes (`-').

       By default pkcs1-conv expects a PEM-encapsulated RSA  key  on  standard  input,  and  will
       determine  its  type  from  the Pre-Encapsulation Boundary.  To convert a DER-encoded (non
       PEM-encoded) key, one of the first three options below must be used:

       --private-rsa-key
              Specify that a DER-encoded RSAPrivateKey, as defined by PKCS  #1  (RFC  3447),  and
              described in section A.1.2 of its appendix A, is to be expected as input.

       --public-rsa-key
              Specify  that  a  DER-encoded  RSAPublicKey,  as defined by PKCS #1 (RFC 3447), and
              described in section A.1.1 of its appendix A, is to be expected as input.

       --public-key-info
              Specify that a  DER-encoded  SubjectPublicKeyInfo,  as  defined  by  PKCS  #6,  and
              described in section A.1 of its appendix A, encapsulating an RSAPublicKey, is to be
              expected as input.

       --base-64
              Together with --private-rsa-key, --public-rsa-key,  or  --public-key-info,  specify
              that base64 encoding is applied on top of the DER encoding.

       -?, --help
              Show summary of options (not implemented).

       -V, --version
              Show version of program.

DIAGNOSTICS

       pkcs1-conv  will  complain  and  exit  with  a  status  of  1  if  the input doesn't match
       expectations. In PEM mode (when no option is used), if no PEM block is  found,  pkcs1-conv
       will output nothing but exit with a zero status.

EXAMPLES

       $ openssl genrsa -out privkey.pem
       $ pkcs1-conv < privkey.pem > privkey.sexp
       $ openssl rsa -in privkey.pem -outform DER -out privkey.der
       $ openssl rsa -in privkey.pem -outform DER -pubout -out pubkey.der
       $ pkcs1-conv --rsa-private-key < privkey.der > privkey.sexp
       $ pkcs1-conv --public-key-info < pubkey.der > pubkey.sexp

SEE ALSO

       ssh-conv(1), sexp-conv(1), rsa(1SSL), genrsa(1SSL), RFC 3447.

AUTHOR

       This  manual  page  was  written  by  Magnus Holmgren <holmgren@debian.org> for the Debian
       GNU/Linux system (but may be used by others).

COPYRIGHT

       Copyright © 2007 Magnus Holmgren.

       Copying and distribution of this file, with or without modification, are permitted in  any
       medium without royalty provided the copyright notice and this notice are preserved.