Reputation: 859
How to convert private key that is in hex format to private key in pem and/or der format?
I have this private key in hex format:
308204BC020100300D06092A864886F70D0101010500048204A6308204A20201000282010100B3B6F5AB13FCDECC12438581E90302E12BCF14570B49DCA2BF40957B79B10630DE20CB18B21D7393AC54FBA9D236F09235C4AF4D8E9227B163B8E14835A8FA04B5B8D0AD4D384CAF56FE269DDE40872129C90897D1BDC569CA8F18A7721B7C374B10DCE98921255B8BE21D42360BD8C8A1FE38E4E2E32E22CECE6A56A7B22FCC82B6D5C333A59B47C9330553731F812284EC8A3847192EC76BBC6A086E8D5347B8DCE352672E606BDCAAE6E99A401540DC370ED7D06AA33818E90EDE4A9AF74C4EBD30D1DD4F0F9E1D57C92F4BC80A9E21E1B510AA7DE6B6D3F541498D64D19A901BC2CB6B2C4C5DF6205E3B0E0FB9D6AB8EBADD74809CA8EC23C34AEC26AC6502030099B502820100189D6B16364E7985235987E216C6FEA91C479E09FF13C14CA91C239800DFE8A13A3C9E2B584A43CF15C40C92181ADA987900B2A125655787209EB8E705A37AB465697B7502EA76C630F3293D9EEF8116B7689B59A207A478F9940335FCAFE0B0E53BD82D1D8F24FC5E518CD380A56BD669DDC6BA2D4242C9BBAE4043658552E9798FEF4787407689BDC0CFDDF0D7CD770E702442CE8CE5EA8FE9E14E228EE277F6757BDA62379B4E50A373F6E6558A6D9B87C3888C19C0CC213739FA8F4FD2C67A2F52C5710C4EEFAFF0C381B7531CF292A4763D1D38B2D5EB0B954358BAB8D9E9C207BF4C4B380A42D825E1E2B281ADD0978A4D125CC0F4E280B84A60D03D8D02818100D904EF9E99EEFA86B40B8BA53DA69D2E059E692A2FD47B13C83D31D8FFEE57ACF993DBF693D12575802179105915C32B7EADD3363FC2C9CF46832545EEBD3B1D7A76D0F504F0C7A250D31E8940E0F413946A53088A750B4743F9A910A6C565749CDC8629E3BA12C7492D59EFDC314B4EAA1DD4132FD174A3453689FCF737452D02818100D3FEAB5D8E9D68C4FCC49A11EAE2A17B9275DD574D9EC294CB6530591821CD9C125D240B613CD43D220E14062DB719907CB6F562C1DE312C956EBCEF143610B3AB526B4904AC0B46A7255AD63DDB2FB1F2555A17E9195138AA7575CB92BF08A3B14E59BBD3C87FFEB0BA6C298218F710EBC147D6E7A2D5B71C519B7F929D77190281803B6798FC0D14B85E4469398232BD222EEDDB9483B7CCE5630C32A8D4629A92E1F100A4FCDE252DD097070FA6A751CA22A4D6CB9AF92AB3A8ECC957D4BB50DC25C4BA8B3957C375D663EF3B74B3912BAB6C177BAAE119A4A782856450E78FF6CFBDECD2B7CB54C7074FB09209A927DFE8E2098B4F4BA307631672231DF98AD851028180298437FDF56371B397AD20D20EC5635B698CA66CD4863C43EA216D466CE5ED87EA17DFE1630BAC002EF7782629D55EEC9D461F6339E18DFAB45815EEC37DC64F8B04A1BEE6E28A3F0C067194F570D49F90FCD39C2C0C8B3EA4B5BF229A9D3CA4485DBD666BE318C2A8E787614415C099C4D036F05569C6C4D0C0293D36FA194D028180743B3A761A06BF2DFF3C065366A73707787909B261183AB20F0322BC2A76363E1DED705D4FE38D9E211022D252132A513D5C3417F4EC6BA12B4AC3A48CC28E823CAF0CC3A1784C73002323A91D121E25B09236447221DE23C32CA5C60A37CDCBCD7EB1093CF792662ADDA61B19AB51F5E9B5529D820811B0D32B5CBBB458C89A
and I would like to convert it to der and pem and sign a file with it so that other side can verify the signature with their public key.
I am trying to do it in a bash script using openssl and xxd and I'm considering to try with python maybe but somehow for now I can't make it work.
If anyone has any ideas I would be happy to hear them.
EDIT:
For instance I can convert hex to pem using https://holtstrom.com/michael/tools/hextopem.php online converter and I save it in private_key.pem file with -----BEGIN/END RSA PRIVATE KEY----- header/footer and if I check modulus of the private and matching public key they match but I can't load that key anywhere to use it for signing OpenSSL also won't load the key so I guess I'm missing something.
Upvotes: 2
Views: 23894
Answers (2)
Reputation: 1
In simple words:
DER is actually digital certificate data in binary format.
PEM is the base64 encoded form of that binary data.
Now, assuming your HEX data is the ASCII conversion of the PEM format (i.e. your PEM is actually base64 encoded), you can convert to PEM (micro-python):
import binascii
binascii.unhexlify(hex_data)
To convert HEX data into DER format:
binascii.a2b_base64(binascii.unhexlify(hex_data))
You can use the corresponding library for other languages.
Upvotes: -1
Reputation: 6971
With your hex input file (rsa-key-hex.txt), you can do the following -
Convert it to binary (which is actually DER format) -
xxd -r -ps rsa-key-hex.txt rsa-key.der
Print the DER private key -
openssl pkey -in rsa-key.der -inform der -noout -text
Convert it to PEM -
openssl pkey -in rsa-key.der -inform der -out rsa-key.pem -outform pem
Sign some input using the private key -
echo "Some Input" | openssl dgst -sha256 -sign rsa-key.pem > signature.dat
Extract the public key -
openssl pkey -in rsa-key.pem -pubout -out rsa-key-pub.pem
Check signature using the public key -
echo "Some Input" | openssl dgst -sha256 -verify rsa-key-pub.pem -signature signature.dat
Alternatively, check signature using the private key directly -
echo "Some Input" | openssl dgst -sha256 -prverify rsa-key.pem -signature signature.dat
Upvotes: 4
Related Questions
- Loading Public Key (DER Format) from Hex in Python
- Convert ECDSA private hex key to public key
- Convert Private key(string) to DER format using python
- Converting EC private key from PEM to DER in python
- convert .pem private key to .key format
- Convert private key from der to pem
- python convert RSA key (in PEM format) to hex string
- How to convert an ECDSA key from hex to PEM format
- convert rsa private key from .DER format to .PEM format programatically using opensl
- RSA hex keys to PEM format