PEM (.pem, .key, .crt, .cer)

Background & Context

    • General MIME type: application/x-pem-file
    • Container format for cryptography-related data.
    • Commonly used for exchange and storage of public and private keys and security certificates.
    • PEM is an acronym for Privacy-Enhanced Mail.
    • Plain text format.
    • Stores data in a Base64-encoded format.
    • PEM is based on a set of 1993 IETF standards.
    • The PEM format is described in the internet standard recommendation RFC 7468.

Import & Export

  • Import["file.pem"] imports a PEM file, returning a list of objects in the file.
  • Import["file.pem"] returns an expression of the form {obj1,obj2,}, where the obji are PrivateKey, PublicKey, SecurityCertificate or ImportedObject.
  • Import["file.pem",elem] imports the specified elements from a PEM file.
  • Import["file.pem",{{elem1,elem2,}}] imports multiple elements.
  • The import format can be specified with Import["file","PEM"] or Import["file",{"PEM",elem,}].
  • The most commonly used file extensions for this format are .pem, .cer, .crt and .key.
  • See the following reference pages for full general information:
  • Importimport from a file
    CloudImportimport from a cloud object
    ImportStringimport from a string
    ImportByteArrayimport from a byte array

Import Elements

  • General Import elements:
  • "Elements" list of elements and options available in this file
    "Rules"list of rules for all available elements
  • Structure elements:
  • "ObjectTypes"types of encoded objects in the file
    "ObjectTypeLabels"names of objects in the header lines
    "PrivateKey"list of PrivateKey objects
    "PublicKey"list of PublicKey objects
    "SecurityCertificate"list of SecurityCertificate objects
    "Summary"summary of properties
  • Data representation elements:
  • "Data"list of keys, certificates and other PEM objects
  • Import by default uses the "Data" element for the PEM format.

Examples

open allclose all

Basic Examples  (2)

Import an RSA public key stored in a PEM file:

Import a PEM file containing a certificate and a private key:

Get the file summary:

Scope  (5)

Show all elements available in the file:

Import, by default, returns the list of all PEM objects in the file:

Import an object of a specific type:

Import will return an ImportedObject for types of content data other than PrivateKey, PublicKey or SecurityCertificate:

Import multiple elements at once:

Import Elements  (7)

"Data"  (1)

Get data from all objects in the file:

"ObjectTypeLabels"  (1)

Get data type names of all objects in the file:

"ObjectTypes"  (1)

Check which PEM objects are present in the file and their order:

"PrivateKey"  (1)

Import a list of PrivateKey objects in the file:

If there are none in a given file, Import will return an empty list:

"PublicKey"  (1)

Import a list of PublicKey objects in the file:

If there are none in a given file, Import will return an empty list:

"SecurityCertificate"  (1)

Import a list of SecurityCertificate objects in the file:

If there are none in a given file, Import will return an empty list:

"Summary"  (1)

Get the file summary:

Applications  (1)

Import an elliptic curve private key from the file:

Compute its corresponding public key:

Digitally sign a message with your private key:

Verify the signature with the public key: