In this post we will see how we can check for errors our RSA private and public keys.
As it mentioned here, we can use the OpenSSL command line utility to generate a private RSA key, and then its public key.
Generate private RSA key
openssl genrsa -out private.key 4096
Generate public RSA key from private
openssl rsa -in private.key -outform PEM -pubout -out public.pem
There are cases of course where the keys are given to us and we spend time to make our code work with them. With the commands below, we can quickly check their validity.
Check private RSA keys for errors
openssl rsa -check -in private.key -noout
The above command will echo just a RSA key ok message if the key is valid. If not, it will list some errors.
Note: The RSA key ok message might appear even if the output has errors. The fact that it shows errors, indicates that the key is not valid.
Check public RSA keys for errors
openssl pkey -inform PEM -pubin -in public.pem -noout
The above command will echo nothing if the key is valid. If not, it will list some errors.
One useful tool to check and manage keys is KeyStore Explorer. It has some cool features such as analyze your keys or detect the file.
Ken Riley says
This was super helpful to me as a non c# developer needing to sign jwt’s for use in other technologies. I am commenting on this and the jwt article as both were life savers. Thanks!