PowerShell
PowerShell
Working with PEM Encrypted Private Keys
See more PEM Examples
Demonstrates how to load and save PEM encrypted private keys.Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
$success = $false
$pem = New-Object Chilkat.Pem
$pemPassword = "secret"
# To load a PEM file containing encrypted private keys, simply
# provide the password.
$success = $pem.LoadPemFile("/Users/chilkat/testData/pem/pemContainingEncryptedPrivateKeys.pem",$pemPassword)
if ($success -eq $false) {
$($pem.LastErrorText)
exit
}
$fac = New-Object Chilkat.FileAccess
$pemText = $fac.ReadEntireTextFile("/Users/chilkat/testData/pem/pemContainingEncryptedPrivateKeys.pem",$pemPassword)
# To load a PEM from a string, call LoadPem instead of LoadPemFile:
$success = $pem.LoadPem($pemText)
if ($success -eq $false) {
$($pem.LastErrorText)
exit
}
# A few notes:
# The PEM may contain both private keys and certificates (or anything else).
# The password is utilized for whatever content in the PEM is encrypted.
# It is OK to have both encrypted and non-encrypted content within a given PEM.
# PEM private keys can be encrypted in different formats. The LoadPem and LoadPemFile
# methods automatically handle the different formats.
# One format is PKCS8 and is indicated by this delimiter within the PEM:
# -----BEGIN ENCRYPTED PRIVATE KEY-----
# MIICoTAbBgkqhkiG9w0BBQMwDgQIfdD0zv24lgkCAggABIICgE0PdHJmRbNs6cBX
# ...
# Another format, we'll call "passphrase" looks like this in the PEM:
# -----BEGIN RSA PRIVATE KEY-----
# Proc-Type: 4,ENCRYPTED
# DEK-Info: DES-EDE3-CBC,A4215544D11C5D0C
#
# paqy9XRexcSjurHfG0xhCaUD0HrvIdhuC0CbRxxxeMlkLaV6+uT80rBxt2AaibWG
# ...
# Show the bit length of each private key:
$numPrivateKeys = $pem.NumPrivateKeys
if ($numPrivateKeys -eq 0) {
$(("Error: Expected the PEM to contain private keys."))
exit
}
$privKey = New-Object Chilkat.PrivateKey
for ($i = 1; $i -le $numPrivateKeys; $i++) {
$pem.PrivateKeyAt($i - 1,$privKey)
$([string]$i + ": " + $privKey.BitLength + " bits")
}