On 8/14/19 6:22 AM, Matt Caswell wrote:
On 14/08/2019 11:06, Robert Moskowitz wrote:
I googled how to convert a PEM public key to DER and only found examples for RSA
keys. Mine are ed25519. I thought it would be a simple algorithm substitution:
$ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
-outform DER -out $dir/private/intermediate.key.der
Invalid command 'ed25519'; type "help" for a list.
So since my other commands use -algorithm, I tried:
$ openssl -algorithm $algorithm -pubin -inform PEM -in
$dir/private/intermediate.key.pem\
-outform DER -out $dir/private/intermediate.key.der
Invalid command '-algorithm'; type "help" for a list.
So what is the command to convert an ed25519 public key from DER to PEM. The
command I used to create the key was:
openssl genpkey -aes256 -algorithm ed25519\
-outform pem -out $dir/private/intermediate.key.pem
Firstly, that command creates a private key not a public key.
The what does the following say:
$ openssl pkey -inform $format\
> -in $dir/private/intermediate.key.pem -text -noout
Enter pass phrase for
/home/rgm/uasca/intermediate/private/intermediate.key.pem:
ED25519 Private-Key:
priv:
70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72:
16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6:
cf:58
pub:
a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e:
e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4:
54:db
So if you want to convert the above *private* key into DER then:
openssl pkey -in ed25519.pem -out ed25519.der -outform DER
If on the other hand you want to read the above *private* key and output the
associated *public* key in DER then:
openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout
Yes. thanks. That works.
Matt
