Are asymmetrical cryptographic keys fundamentally inter-convertible between the major key container formats? For example, can I convert an X.509 key file into a PGP or OpenGPG key file?
And--assuming the answer is yes--is it "security neutral" to keep one key pair in whatever format and convert into whichever container file format is needed for the occasion?
I'm getting a little tired of maintaining so many key pairs for X.509, OpenGPG, and SSH, when they're all RSA at the heart.
Yes and no: yes, the RSA keys embedded into certificates and privkeys are just numbers. You can extract them from the certificate and use them to build keys in other formats. This is commonly done to convert between different certificate formats.
PGP has some support for X.509 for S/MIME, but no ability to use X.509 privkeys verbatim.
SSH has some beta support for directly using X.509 keys and certificates.
You will found how to convert kes between these containers there: http://sysmic.org/dotclear/index.php?post/2010/03/24/Convert-keys-betweens-GnuPG,-OpenSsh-and-OpenSSL
I'd also have a look at OpenSSL. It has so many different -in and -out functions that will likely be able to convert certs. from one type to the other.
Have a look at http://marc.info/?l=openssl-users&m=105162569405053&w=2
来源:https://stackoverflow.com/questions/57384/inter-convertability-of-asymmetric-key-containers-eg-x-509-pgp-openssh