How to convert a public key from a JWK into PEM for OpenSSL?

Question

There is an RSA key from an RFC:

https://tools.ietf.org/html/rfc7516#appendix-A.1

 {\"kty\":\"RSA\",
  \"n\":\"oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48         


        

Answer 1

So the key that you posted is a simple asn sequence of a a public key and the public exponent. It looks something like this:

SEQUENCE ::= {
    n Integer,
    e Integer
}

OpenSSL doesn't like that as-is because it's missing a few other things, like an ObjectIdenifier so that openssl knows what algorithm the key is for.

The quick way to fix this is to also put in the -RSAPublicKey_in option, so the full command will look something like this:

openssl rsa -inform pem -in FILEPATH.pem -pubin -pubout -RSAPublicKey_in

and change the header of the file back to include "RSA":

-----BEGIN RSA PUBLIC KEY-----

as well as the footer:

-----END RSA PUBLIC KEY-----

This will also output it in to a "normal" public key format that includes the missing ObjectIdentifier.

Note: I'm not sure what the version requirement for -RSAPublicKey_in are, but I was using OpenSSL 1.1.0.