Re: Convert eddsa public key fro PEM to DER
On 8/14/19 8:42 AM, Matt Caswell wrote: On 14/08/2019 13:21, Robert Moskowitz wrote: On 8/14/19 6:22 AM, Matt Caswell wrote: On 14/08/2019 11:06, Robert Moskowitz wrote: I googled how to convert a PEM public key to DER and only found examples for RSA keys. Mine are ed25519. I thought it would be a simple algorithm substitution: $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\ -outform DER -out $dir/private/intermediate.key.der Invalid command 'ed25519'; type "help" for a list. So since my other commands use -algorithm, I tried: $ openssl -algorithm $algorithm -pubin -inform PEM -in $dir/private/intermediate.key.pem\ -outform DER -out $dir/private/intermediate.key.der Invalid command '-algorithm'; type "help" for a list. So what is the command to convert an ed25519 public key from DER to PEM. The command I used to create the key was: openssl genpkey -aes256 -algorithm ed25519\ -outform pem -out $dir/private/intermediate.key.pem Firstly, that command creates a private key not a public key. The what does the following say: $ openssl pkey -inform $format\ -in $dir/private/intermediate.key.pem -text -noout Enter pass phrase for /home/rgm/uasca/intermediate/private/intermediate.key.pem: ED25519 Private-Key: priv: It says in the two lines above that you have a private key. Every private key implicitly has an associated public key with it (which is also shown below). But the combined set is private, because it contains private data. By contrast if you just have a public key then there is no private portion and so the whole key is public. Thanks. It is beginning to filter into my morning brain mush. Matt 70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72: 16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6: cf:58 pub: a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e: e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4: 54:db So if you want to convert the above *private* key into DER then: openssl pkey -in ed25519.pem -out ed25519.der -outform DER If on the other hand you want to read the above *private* key and output the associated *public* key in DER then: openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout Yes. thanks. That works. Matt
Re: Convert eddsa public key fro PEM to DER
On 14/08/2019 13:21, Robert Moskowitz wrote: > > > On 8/14/19 6:22 AM, Matt Caswell wrote: >> >> On 14/08/2019 11:06, Robert Moskowitz wrote: >>> I googled how to convert a PEM public key to DER and only found examples >>> for RSA >>> keys. Mine are ed25519. I thought it would be a simple algorithm >>> substitution: >>> >>> $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\ -outform DER -out $dir/private/intermediate.key.der >>> Invalid command 'ed25519'; type "help" for a list. >>> >>> So since my other commands use -algorithm, I tried: >>> >>> $ openssl -algorithm $algorithm -pubin -inform PEM -in >>> $dir/private/intermediate.key.pem\ -outform DER -out $dir/private/intermediate.key.der >>> Invalid command '-algorithm'; type "help" for a list. >>> >>> So what is the command to convert an ed25519 public key from DER to PEM. >>> The >>> command I used to create the key was: >>> >>> openssl genpkey -aes256 -algorithm ed25519\ >>> -outform pem -out $dir/private/intermediate.key.pem >> Firstly, that command creates a private key not a public key. > > The what does the following say: > > $ openssl pkey -inform $format\ >> -in $dir/private/intermediate.key.pem -text -noout > Enter pass phrase for > /home/rgm/uasca/intermediate/private/intermediate.key.pem: > ED25519 Private-Key: > priv: It says in the two lines above that you have a private key. Every private key implicitly has an associated public key with it (which is also shown below). But the combined set is private, because it contains private data. By contrast if you just have a public key then there is no private portion and so the whole key is public. Matt > 70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72: > 16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6: > cf:58 > pub: > a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e: > e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4: > 54:db > > >> >> So if you want to convert the above *private* key into DER then: >> >> openssl pkey -in ed25519.pem -out ed25519.der -outform DER >> >> If on the other hand you want to read the above *private* key and output the >> associated *public* key in DER then: >> >> openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout > > Yes. thanks. That works. > >> >> Matt >> >> >
Re: Convert eddsa public key fro PEM to DER
On 8/14/19 6:22 AM, Matt Caswell wrote: On 14/08/2019 11:06, Robert Moskowitz wrote: I googled how to convert a PEM public key to DER and only found examples for RSA keys. Mine are ed25519. I thought it would be a simple algorithm substitution: $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\ -outform DER -out $dir/private/intermediate.key.der Invalid command 'ed25519'; type "help" for a list. So since my other commands use -algorithm, I tried: $ openssl -algorithm $algorithm -pubin -inform PEM -in $dir/private/intermediate.key.pem\ -outform DER -out $dir/private/intermediate.key.der Invalid command '-algorithm'; type "help" for a list. So what is the command to convert an ed25519 public key from DER to PEM. The command I used to create the key was: openssl genpkey -aes256 -algorithm ed25519\ -outform pem -out $dir/private/intermediate.key.pem Firstly, that command creates a private key not a public key. The what does the following say: $ openssl pkey -inform $format\ > -in $dir/private/intermediate.key.pem -text -noout Enter pass phrase for /home/rgm/uasca/intermediate/private/intermediate.key.pem: ED25519 Private-Key: priv: 70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72: 16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6: cf:58 pub: a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e: e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4: 54:db So if you want to convert the above *private* key into DER then: openssl pkey -in ed25519.pem -out ed25519.der -outform DER If on the other hand you want to read the above *private* key and output the associated *public* key in DER then: openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout Yes. thanks. That works. Matt
Re: Convert eddsa public key fro PEM to DER
On 14/08/2019 11:06, Robert Moskowitz wrote: > I googled how to convert a PEM public key to DER and only found examples for > RSA > keys. Mine are ed25519. I thought it would be a simple algorithm > substitution: > > $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\ >> -outform DER -out $dir/private/intermediate.key.der > > Invalid command 'ed25519'; type "help" for a list. > > So since my other commands use -algorithm, I tried: > > $ openssl -algorithm $algorithm -pubin -inform PEM -in > $dir/private/intermediate.key.pem\ >> -outform DER -out $dir/private/intermediate.key.der > > Invalid command '-algorithm'; type "help" for a list. > > So what is the command to convert an ed25519 public key from DER to PEM. The > command I used to create the key was: > > openssl genpkey -aes256 -algorithm ed25519\ > -outform pem -out $dir/private/intermediate.key.pem Firstly, that command creates a private key not a public key. So if you want to convert the above *private* key into DER then: openssl pkey -in ed25519.pem -out ed25519.der -outform DER If on the other hand you want to read the above *private* key and output the associated *public* key in DER then: openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout Matt
