nisse@lysator.liu.se (Niels Möller) writes:
Nice. BTW, pkcs1-conv is intended to work also with PEM-formatted input, if you had any problem with that, I'd like to hear. You still need to use openssl for decrypting the key, though.
Yes, I've got "Invalid PKCS#1 private key." from pkcs1-conv when I tried to feed it with PEM-formatted input instead of DER-formatted one:
$ openssl rsa -inform PEM -outform PEM -in ~/.ssh/id_rsa \ -out /tmp/id_rsa.nopass.pem
$ cat /tmp/id_rsa.nopass.pem | pkcs1-conv --private-rsa-key Invalid PKCS#1 private key.
I've noticed that I can convince pkcs1-conv to process PEM-formatted input if I drop the "--private-rsa-key" argument:
$ cat /tmp/id_rsa.nopass.pem | pkcs1-conv
This outputs the expected result, completely identical to the working example using DER (posted in my previous message).
You're brave, trying to play around with the experimental release ;-)
I'm just experimenting, so the experimental release is just perfect for me. ;-)