Re: Convert eddsa public key fro PEM to DER

[Robert Moskowitz <rgm@xxxxxxxxxxxxxxx>]

On 8/14/19 8:42 AM, Matt Caswell wrote:
> On 14/08/2019 13:21, Robert Moskowitz wrote:
> > On 8/14/19 6:22 AM, Matt Caswell wrote:
> > > On 14/08/2019 11:06, Robert Moskowitz wrote:
> > > > I googled how to convert a PEM public key to DER and only found examples for RSA
> > > > keys.  Mine are ed25519.  I thought it would be a simple algorithm substitution:
> > > >
> > > > $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
> > > > >     -outform DER -out $dir/private/intermediate.key.der
> > > > Invalid command 'ed25519'; type "help" for a list.
> > > >
> > > > So since my other commands use -algorithm, I tried:
> > > >
> > > > $ openssl -algorithm $algorithm -pubin -inform PEM -in
> > > > $dir/private/intermediate.key.pem\
> > > > >     -outform DER -out $dir/private/intermediate.key.der
> > > > Invalid command '-algorithm'; type "help" for a list.
> > > >
> > > > So what is the command to convert an ed25519 public key from DER to PEM.  The
> > > > command I used to create the key was:
> > > >
> > > >      openssl genpkey -aes256 -algorithm ed25519\
> > > >          -outform pem -out $dir/private/intermediate.key.pem
> > > Firstly, that command creates a private key not a public key.
> > The what does the following say:
> >
> > $    openssl pkey -inform $format\
> > >          -in $dir/private/intermediate.key.pem -text -noout
> > Enter pass phrase for /home/rgm/uasca/intermediate/private/intermediate.key.pem:
> > ED25519 Private-Key:
> > priv:
> It says in the two lines above that you have a private key. Every private key
> implicitly has an associated public key with it (which is also shown below). But
> the combined set is private, because it contains private data. By contrast if
> you just have a public key then there is no private portion and so the whole key
> is public.

Thanks.  It is beginning to filter into my morning brain mush.

> Matt
>
>
>
> >      70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72:
> >      16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6:
> >      cf:58
> > pub:
> >      a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e:
> >      e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4:
> >      54:db
> >
> >
> > > So if you want to convert the above *private* key into DER then:
> > >
> > > openssl pkey -in ed25519.pem -out ed25519.der -outform DER
> > >
> > > If on the other hand you want to read the above *private* key and output the
> > > associated *public* key in DER then:
> > >
> > > openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout
> > Yes. thanks.  That works.
> >
> > > Matt