Note openssl can be used to convert the keys like:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,A337ABA05A83C84E225C79ACD675C6D2
to the PKCS#8 format something like:
openssl pkcs8 -topk8 -in server.key -out server.pkcs8.key

+1 to broadening the support of our PEM file conversion.

I think the algorithm and the digest should be saved with the part for consistency with the rest of the code. I'm happy to do the refactoring to do that.

Refactoring made me think about tests to make sure i didn't break anything. I noticed we don't have any tests for PEMFile so I'm going to add some at the same time. I should have something to commit shortly.

Mostly done but I'm looking at trying to make the support for encrypted PKCS1 files more generic rather than just supporting the one cipher.

@markt-asf OK Please close this PR when yours is ready (or when you have committed).

Done. Not quite as generic as I would like but I couldn't figure out how to get from DEK-Info to JSSE standard names without a manual lookup.
Thanks for doing all the hard work on this. I just did a little refactoring

Mostly done but I'm looking at trying to make the support for encrypted PKCS1 files more generic rather than just supporting the one cipher.

I had the same problem:
https://github.com/ChristopherSchultz/pem-utils/blob/main/src/main/java/net/christopherschultz/pemutils/PEMFile.java#L404