Generate public key and private key with OpenSSL in Windows 10

How do I convert a PEM file to XML RSA key ?

Editorial Staff

This tutorial guides you on how to convert a PEM file to XML RSA key. Also let’s see how to convert the other way i.e., XML RSA key to PEM file.

Convert a PEM file to XML RSA key

In our previous tutorial I explained how to generate public key and private key with OpenSSL in Windows 10. There might be a situation where you wanted to convert private.pem key file to private.xml format.

You may wanted to generate XML based RSA keys (private and public), so that it can be used in .NET development environment.

For example, private.pem file content or RSA private key will look like below.

-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAn5URTLlhm69L+CdonLd7WYey5MSDp5N1csO58xZbGKTO8A6K
uCwHmJ51UW6Q+AxUZtYaIYC2CVeDNmZpfqxvqwz0wq/3T67I5HvSjBpJqUCptu2E
5aE/EQs0iGivZnp3Zqh9Qs0EDcWNpT9aM+qwEMDv54zF/+YdSCF5pp+/A7kP5jaa
TDYjF8fQoaB84+XWc8B5o16JLiU1YNn4suVYbXQpm/dVlT/UvCA+Aepn79s9mMRx
ZmNyibGhyQ+NoMipk3jzsB3TfnXShosyWyhFLc5EJ5giEpJclQipC071QZt7ZaAk
jjFor93uUAppBvzBCkt0/dv8rkcc7FW2PimMrwIDAQABAoIBAQCM6SbudZ8fxokx
ZTL1dvq/Uph/cprCBO4nWXa/lFT6DMUBqgWJnK9Ub08uiZAOx2xbpeBLBwk2dITT
K1kp1n+ALZ+OrayWOsL/JesDdU7n2cZCVbcMwPYcSaWoca+3sJnwFwUMUFWtB20M
pkUzJJ81G/h6oI5RaNMgVxbBL7uOP5zWIH0zdrAGdhLBanHZl4cebnWubjfN4Tfm
hanXD0Sjj+JEOV9MWX0i7nyvjKsiena3Fzzf6mZiy8TqaWPK+sRYf+aE+kYnzDoR
+2n51+N2ff3FY8qeEXijzMqo2zgiYBDnE6b+Us2T+jVHtVx0FeMYujjIcvP5K3c4
1P/01JPRAoGBANPk/dVA35nkgB6VdrU1VzvcqKDoIFiPwjVD5QmAvqIE/kSwhcS5
rZCVXXQX3Oyzq2v1DZlWklhBhPrqyHyTj42BDTxTVpMi7wMfd2hXEZjrfTV4mpB7
r42gmRsLPiqeBrhKVrh6YZlRJnkN57oz9SdptOxPRwk2I/4SJ5r1KIjHAoGBAMDM
kYSqR9sMa80tKeue2vkS1k2l6pMuIO/F1jEe0HsksvhBbilh1q2Ks0WTmx1beTw0
vmnKF6JX6d8kdsocNnsBVKIDhmOnkv5tMpr7LNx6A7XzGLsQINTHndIuYhZl6aPb
OTjS0qVoLPYjB21ge63uBCBiQ40x/L8zKwCEgYTZAoGBAMaI7yBJiXgqtbRyPGhq
0xJenI0vEWeJQuEffVEbFQK/hPIdJyj9BFfM62QkG7aYXYxobdZ3W+VfdlaXd0Pq
Cn3+JcWZHCv+dk3JxNq5gd5y/r0EBGZNzV341JuXPCc4K3mvBXQSDrJVa6PO2IkJ
t7C3BXLIkPlbhfu/TOaOv+zvAoGAUtzZQiKJZYzuHC3oEXuh82D0OEUyD3XI9CSc
TVpIElUQkoBUn3aMdOPi7ulkxnZVIdotaHxSMhUE0EH0yCLeC3nj7QoEzXntRGqc
UF3Zxxyt0Zqcq3FgGvN8UiRbRfMhOqpy6og5vpuKj3M4svq/zV456c0x6VJtpaOR
PNS2cekCgYA9QjTCAs7oM9Kcm07byJrqO2sKMXNAinimWlF5Ew83uEsUf5XqPt5g
+30oWCFMuqxp/bQkrTvrWik4+4RRsOw4vN3xfzroHwPcr3iErnxZSRccw/JcqV3e
fpxKC+fSNYGT4ICMPUh/oVv2aNcU2BovH/sAqnubOV92RrcaypcpLg==
-----END RSA PRIVATE KEY-----

The XML structure of the converted XML RSA private key will look like below.

<?xml version="1.0" encoding="UTF-8"?>
<RSAKeyValue>
   <Modulus>n5URTLlhm69L+CdonLd7WYey5MSDp5N1csO58xZbGKTO8A6KuCwHmJ51UW6Q+AxUZtYaIYC2CVeDNmZpfqxvqwz0wq/3T67I5HvSjBpJqUCptu2E5aE/EQs0iGivZnp3Zqh9Qs0EDcWNpT9aM+qwEMDv54zF/+YdSCF5pp+/A7kP5jaaTDYjF8fQoaB84+XWc8B5o16JLiU1YNn4suVYbXQpm/dVlT/UvCA+Aepn79s9mMRxZmNyibGhyQ+NoMipk3jzsB3TfnXShosyWyhFLc5EJ5giEpJclQipC071QZt7ZaAkjjFor93uUAppBvzBCkt0/dv8rkcc7FW2PimMrw==</Modulus>
   <Exponent>AQAB</Exponent>
   <P>0+T91UDfmeSAHpV2tTVXO9yooOggWI/CNUPlCYC+ogT+RLCFxLmtkJVddBfc7LOra/UNmVaSWEGE+urIfJOPjYENPFNWkyLvAx93aFcRmOt9NXiakHuvjaCZGws+Kp4GuEpWuHphmVEmeQ3nujP1J2m07E9HCTYj/hInmvUoiMc=</P>
   <Q>wMyRhKpH2wxrzS0p657a+RLWTaXqky4g78XWMR7QeySy+EFuKWHWrYqzRZObHVt5PDS+acoXolfp3yR2yhw2ewFUogOGY6eS/m0ymvss3HoDtfMYuxAg1Med0i5iFmXpo9s5ONLSpWgs9iMHbWB7re4EIGJDjTH8vzMrAISBhNk=</Q>
   <DP>xojvIEmJeCq1tHI8aGrTEl6cjS8RZ4lC4R99URsVAr+E8h0nKP0EV8zrZCQbtphdjGht1ndb5V92Vpd3Q+oKff4lxZkcK/52TcnE2rmB3nL+vQQEZk3NXfjUm5c8Jzgrea8FdBIOslVro87YiQm3sLcFcsiQ+VuF+79M5o6/7O8=</DP>
   <DQ>UtzZQiKJZYzuHC3oEXuh82D0OEUyD3XI9CScTVpIElUQkoBUn3aMdOPi7ulkxnZVIdotaHxSMhUE0EH0yCLeC3nj7QoEzXntRGqcUF3Zxxyt0Zqcq3FgGvN8UiRbRfMhOqpy6og5vpuKj3M4svq/zV456c0x6VJtpaORPNS2cek=</DQ>
   <InverseQ>PUI0wgLO6DPSnJtO28ia6jtrCjFzQIp4plpReRMPN7hLFH+V6j7eYPt9KFghTLqsaf20JK0761opOPuEUbDsOLzd8X866B8D3K94hK58WUkXHMPyXKld3n6cSgvn0jWBk+CAjD1If6Fb9mjXFNgaLx/7AKp7mzlfdka3GsqXKS4=</InverseQ>
   <D>jOkm7nWfH8aJMWUy9Xb6v1KYf3KawgTuJ1l2v5RU+gzFAaoFiZyvVG9PLomQDsdsW6XgSwcJNnSE0ytZKdZ/gC2fjq2sljrC/yXrA3VO59nGQlW3DMD2HEmlqHGvt7CZ8BcFDFBVrQdtDKZFMySfNRv4eqCOUWjTIFcWwS+7jj+c1iB9M3awBnYSwWpx2ZeHHm51rm43zeE35oWp1w9Eo4/iRDlfTFl9Iu58r4yrInp2txc83+pmYsvE6mljyvrEWH/mhPpGJ8w6Eftp+dfjdn39xWPKnhF4o8zKqNs4ImAQ5xOm/lLNk/o1R7VcdBXjGLo4yHLz+St3ONT/9NST0Q==</D>
</RSAKeyValue>

You need to write some code or use online tools to perform this conversion. For example the following code sneppets shows how to convert a pem file to XML RSA key.

First, you need to get private key from .pem file.

private static PrivateKey getPrivateKey(KeyFactory factory, String pemFileName) throws InvalidKeySpecException, FileNotFoundException, IOException {
   PemFile pemFile = new PemFile(pemFileName);
   byte[] content = pemFile.getPemObject().getContent();
   PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(content);
   return factory.generatePrivate(privKeySpec);
}

You can use the following maven dependency in your pom.xml file and create PemFile class to handle pem file I/O operations as shown below.

https://mvnrepository.com/artifact/org.bouncycastle/bcprov-ext-jdk16/1.46

public class PemFile {
 
	private PemObject pemObject;
 
	public PemFile(String filename) throws FileNotFoundException, IOException {
		PemReader pemReader = new PemReader(new InputStreamReader(new FileInputStream(filename)));
		try {
			this.pemObject = pemReader.readPemObject();
		} finally {
			pemReader.close();
		}
	}
 
	public PemObject getPemObject() {
		return pemObject;
	}
}

Once you get the private key, then you need to cast the private key using RSAPrivateCrtKey interface and StringBuilder method to convert to XML RSA Key.

RSAPrivateCrtKey privKey = (RSAPrivateCrtKey) getPrivateKey();

BigInteger n = privKey.getModulus();
BigInteger e = privKey.getPublicExponent();
BigInteger d = privKey.getPrivateExponent();
BigInteger p = privKey.getPrimeP();
BigInteger q = privKey.getPrimeQ();
BigInteger dp = privKey.getPrimeExponentP();
BigInteger dq = privKey.getPrimeExponentQ();
BigInteger inverseQ = privKey.getCrtCoefficient(); 

StringBuilder builder = new StringBuilder();
builder.append("<RSAKeyValue>\n");
write(builder, "Modulus", n);
write(builder, "Exponent", e);
write(builder, "P", p);
write(builder, "Q", q);
write(builder, "DP", dp);
write(builder, "DQ", dq);
write(builder, "InverseQ", inverseQ);
write(builder, "D", d);
builder.append("</RSAKeyValue>");
private static void write(StringBuilder builder, String tag, BigInteger bigInt) {
    builder.append("\t<");
    builder.append(tag);
    builder.append(">");
    builder.append(encode(bigInt));
    builder.append("</");
    builder.append(tag);
    builder.append(">\n");
}

Alternatively you can also use any other XML API instead of StringBuilder method.

You can also use the following online rsa key converter tool to quickly perform the conversions below.

  • RSA Key PEM -> XML RSA Key
  • XML RSA Key -> PEM RSA Key.

That’s it hope it helped 🙂

Also See:

References:

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments