Convert eddsa public key fro PEM to DER
Robert Moskowitz
rgm at htt-consult.com
Wed Aug 14 12:45:09 UTC 2019
On 8/14/19 8:42 AM, Matt Caswell wrote:
>
> On 14/08/2019 13:21, Robert Moskowitz wrote:
>>
>> On 8/14/19 6:22 AM, Matt Caswell wrote:
>>> On 14/08/2019 11:06, Robert Moskowitz wrote:
>>>> I googled how to convert a PEM public key to DER and only found examples for RSA
>>>> keys. Mine are ed25519. I thought it would be a simple algorithm substitution:
>>>>
>>>> $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
>>>>> -outform DER -out $dir/private/intermediate.key.der
>>>> Invalid command 'ed25519'; type "help" for a list.
>>>>
>>>> So since my other commands use -algorithm, I tried:
>>>>
>>>> $ openssl -algorithm $algorithm -pubin -inform PEM -in
>>>> $dir/private/intermediate.key.pem\
>>>>> -outform DER -out $dir/private/intermediate.key.der
>>>> Invalid command '-algorithm'; type "help" for a list.
>>>>
>>>> So what is the command to convert an ed25519 public key from DER to PEM. The
>>>> command I used to create the key was:
>>>>
>>>> openssl genpkey -aes256 -algorithm ed25519\
>>>> -outform pem -out $dir/private/intermediate.key.pem
>>> Firstly, that command creates a private key not a public key.
>> The what does the following say:
>>
>> $ openssl pkey -inform $format\
>>> -in $dir/private/intermediate.key.pem -text -noout
>> Enter pass phrase for /home/rgm/uasca/intermediate/private/intermediate.key.pem:
>> ED25519 Private-Key:
>> priv:
> It says in the two lines above that you have a private key. Every private key
> implicitly has an associated public key with it (which is also shown below). But
> the combined set is private, because it contains private data. By contrast if
> you just have a public key then there is no private portion and so the whole key
> is public.
Thanks. It is beginning to filter into my morning brain mush.
>
> Matt
>
>
>
>> 70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72:
>> 16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6:
>> cf:58
>> pub:
>> a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e:
>> e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4:
>> 54:db
>>
>>
>>> So if you want to convert the above *private* key into DER then:
>>>
>>> openssl pkey -in ed25519.pem -out ed25519.der -outform DER
>>>
>>> If on the other hand you want to read the above *private* key and output the
>>> associated *public* key in DER then:
>>>
>>> openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout
>> Yes. thanks. That works.
>>
>>> Matt
>>>
>>>
More information about the openssl-users
mailing list