RSA: PKI functions handling RSA keys
In NCEAS/PKIplus: Public Key Infrastructure for R Based on the X.509 Standard, Plus Access Functions

Description Usage Arguments Value Note Author(s) See Also Examples

PKI.load.key loads an RSA key in PKCS#1 PEM or DER format.

PKI.save.key creates a PEM or DER representation of a RSA key.

PKI.genRSAkey generates RSA public/private key pair.

PKI.mkRSApubkey creates a RSA public key with the supplied modulus and exponent.

PKI.load.OpenSSH.pubkey loads public key in OpenSSH format (as used in .ssh/authorized_keys file)

PKI.load.key(what, format = c("PEM", "DER"), private, file, password="")
PKI.save.key(key, format = c("PEM", "DER"), private, target)
PKI.genRSAkey(bits = 2048L)
PKI.mkRSApubkey(modulus, exponent=65537L, format = c("DER", "PEM", "key"))
PKI.load.OpenSSH.pubkey(what, first=TRUE, format = c("DER", "PEM", "key"))

`what`	string, raw vector or connection to load the key from
`key`	RSA key object
`format`	format - PEM is ASCII (essentially base64-encoded DER with header/footer), DER is binary and key means an acutal key object
`private`	logical, whether to use the private key (`TRUE`), public key (`FALSE`) or whichever is available (`NA` or missing).
`file`	filename to load the key from - `what` and `file` are mutually exclusive
`password`	string, used only if `what` is an encrypted private key as the password to decrypt the key
`target`	optional connection or a file name to store the result in. If missing, the result is just returned form teh function as either a character vector (PEM) or a raw vector (DER).
`bits`	size of the generated key in bits. Must be `2 ^ n` with integer `n > 8`.
`modulus`	modulus either as a raw vector (see `as.BIGNUMint`) or `bigz` object (from `gmp` package) or an integer.
`exponent`	exponent either as a raw vector (see `as.BIGNUMint`) or `bigz` object (from `gmp` package) or an integer.
`first`	logical, if `TRUE` only the first key will be used, otherwise the result is a list of keys.

PKI.load.key: private or public key object

PKI.save.key: raw vector (DER format) or character vector (PEM format).

PKI.genRSAkey: private + public key object

PKI.mkRSApubkey, PKI.load.OpenSSH.pubkey: raw vector (DER format) or character vector (PEM format) or a "public.key" object.

The format for private keys in PEM is PKCS#1, but for public keys it is X.509 SubjectPublicKeyInfo (certificate public key). This is consistent with OpenSSL RSA command line tool which uses the same convention.

The OpenSSH format is one line beginning with "ssh-rsa ". SSH2 PEM public keys (rfc4716) are supported in PKI.load.key and the binary payload is the same as the OpenSSH, only with different wrapping.

Simon Urbanek

PKI.encrypt, PKI.decrypt, PKI.pubkey

# generate 2048-bit RSA key
key <- PKI.genRSAkey(bits = 2048L)

# extract private and public parts as PEM
priv.pem <- PKI.save.key(key)
pub.pem <- PKI.save.key(key, private=FALSE)
# load back the public key separately
pub.k <- PKI.load.key(pub.pem)

# encrypt with the public key
x <- PKI.encrypt(charToRaw("Hello, world!"), pub.k)
# decrypt with private key
rawToChar(PKI.decrypt(x, key))

# compute SHA1 hash (fingerprint) of the public key
PKI.digest(PKI.save.key(key, "DER", private=FALSE))

# convert OpenSSH public key to PEM format
PKI.load.OpenSSH.pubkey(
    paste("ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuvOXqfZ3pJeWeqyQOIXZwmgM1RBqPUmVx3XgntpA+YtOZj",
    "KfuoJSpg3LhBuI/wXx8L2QZXNFibvX4qX2qoYsbHvkz2uonA3F7HRhCR/BJURR5nT135znVqALZo328v86HDsVWY",
    "R2/JzY1X8GI2R2iKUMGXF0hVuRphdwLB735CU= [email protected]", sep=""), 
    format="PEM")