Sample code for 30+ languages & platforms
PowerShell

Working with PEM Encrypted Private Keys

See more PEM Examples

Demonstrates how to load and save PEM encrypted private keys.

Chilkat PowerShell Downloads

PowerShell
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"

$success = $false

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

$success = $false

$pem = New-Object Chilkat.Pem

$pemPassword = "secret"

# To load a PEM file containing encrypted private keys, simply
# provide the password.
$success = $pem.LoadPemFile("/Users/chilkat/testData/pem/pemContainingEncryptedPrivateKeys.pem",$pemPassword)
if ($success -eq $false) {
    $($pem.LastErrorText)
    exit
}

$fac = New-Object Chilkat.FileAccess
$pemText = $fac.ReadEntireTextFile("/Users/chilkat/testData/pem/pemContainingEncryptedPrivateKeys.pem",$pemPassword)

# To load a PEM from a string, call LoadPem instead of LoadPemFile:
$success = $pem.LoadPem($pemText)
if ($success -eq $false) {
    $($pem.LastErrorText)
    exit
}

# A few notes:
# The PEM may contain both private keys and certificates (or anything else).
# The password is utilized for whatever content in the PEM is encrypted.  
# It is OK to have both encrypted and non-encrypted content within a given PEM.

# PEM private keys can be encrypted in different formats.  The LoadPem and LoadPemFile
# methods automatically handle the different formats.
# One format is PKCS8 and is indicated by this delimiter within the PEM:

# -----BEGIN ENCRYPTED PRIVATE KEY-----
# MIICoTAbBgkqhkiG9w0BBQMwDgQIfdD0zv24lgkCAggABIICgE0PdHJmRbNs6cBX
# ...

# Another format, we'll call "passphrase" looks like this in the PEM:
# -----BEGIN RSA PRIVATE KEY-----
# Proc-Type: 4,ENCRYPTED
# DEK-Info: DES-EDE3-CBC,A4215544D11C5D0C
# 
# paqy9XRexcSjurHfG0xhCaUD0HrvIdhuC0CbRxxxeMlkLaV6+uT80rBxt2AaibWG
# ...

# Show the bit length of each private key:

$numPrivateKeys = $pem.NumPrivateKeys
if ($numPrivateKeys -eq 0) {
    $(("Error: Expected the PEM to contain private keys."))
    exit
}

$privKey = New-Object Chilkat.PrivateKey
for ($i = 1; $i -le $numPrivateKeys; $i++) {
    $pem.PrivateKeyAt($i - 1,$privKey)
    $([string]$i + ": " + $privKey.BitLength + " bits")
}