Are asymmetrical cryptographic keys fundamentally inter-convertible between the major key container formats? For example, can I convert an X.509 key file into a PGP or OpenGPG key file?

And--assuming the answer is yes--is it "security neutral" to keep one key pair in whatever format and convert into whichever container file format is needed for the occasion?

I'm getting a little tired of maintaining so many key pairs for X.509, OpenGPG, and SSH, when they're all RSA at the heart.

Question author C-lawrence-wenham | Source



Yes and no: yes, the RSA keys embedded into certificates and privkeys are just numbers. You can extract them from the certificate and use them to build keys in other formats. This is commonly done to convert between different certificate formats.

PGP has some support for X.509 for S/MIME, but no ability to use X.509 privkeys verbatim.

SSH has some beta support for directly using X.509 keys and certificates.

Answer author Tqbf

Ask about this question here!