Convert eddsa public key fro PEM to DER

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Convert eddsa public key fro PEM to DER

Robert Moskowitz
I googled how to convert a PEM public key to DER and only found examples
for RSA keys.  Mine are ed25519.  I thought it would be a simple
algorithm substitution:

$ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
 >  -outform DER -out $dir/private/intermediate.key.der

Invalid command 'ed25519'; type "help" for a list.

So since my other commands use -algorithm, I tried:

$ openssl -algorithm $algorithm -pubin -inform PEM -in
$dir/private/intermediate.key.pem\
 >  -outform DER -out $dir/private/intermediate.key.der

Invalid command '-algorithm'; type "help" for a list.

So what is the command to convert an ed25519 public key from DER to
PEM.  The command I used to create the key was:

    openssl genpkey -aes256 -algorithm ed25519\
        -outform pem -out $dir/private/intermediate.key.pem

thanks


Reply | Threaded
Open this post in threaded view
|

Re: Convert eddsa public key fro PEM to DER

Matt Caswell-2


On 14/08/2019 11:06, Robert Moskowitz wrote:

> I googled how to convert a PEM public key to DER and only found examples for RSA
> keys.  Mine are ed25519.  I thought it would be a simple algorithm substitution:
>
> $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
>>  -outform DER -out $dir/private/intermediate.key.der
>
> Invalid command 'ed25519'; type "help" for a list.
>
> So since my other commands use -algorithm, I tried:
>
> $ openssl -algorithm $algorithm -pubin -inform PEM -in
> $dir/private/intermediate.key.pem\
>>  -outform DER -out $dir/private/intermediate.key.der
>
> Invalid command '-algorithm'; type "help" for a list.
>
> So what is the command to convert an ed25519 public key from DER to PEM.  The
> command I used to create the key was:
>
>    openssl genpkey -aes256 -algorithm ed25519\
>        -outform pem -out $dir/private/intermediate.key.pem

Firstly, that command creates a private key not a public key.

So if you want to convert the above *private* key into DER then:

openssl pkey -in ed25519.pem -out ed25519.der -outform DER

If on the other hand you want to read the above *private* key and output the
associated *public* key in DER then:

openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout

Matt

Reply | Threaded
Open this post in threaded view
|

Re: Convert eddsa public key fro PEM to DER

Robert Moskowitz


On 8/14/19 6:22 AM, Matt Caswell wrote:

>
> On 14/08/2019 11:06, Robert Moskowitz wrote:
>> I googled how to convert a PEM public key to DER and only found examples for RSA
>> keys.  Mine are ed25519.  I thought it would be a simple algorithm substitution:
>>
>> $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
>>>    -outform DER -out $dir/private/intermediate.key.der
>> Invalid command 'ed25519'; type "help" for a list.
>>
>> So since my other commands use -algorithm, I tried:
>>
>> $ openssl -algorithm $algorithm -pubin -inform PEM -in
>> $dir/private/intermediate.key.pem\
>>>    -outform DER -out $dir/private/intermediate.key.der
>> Invalid command '-algorithm'; type "help" for a list.
>>
>> So what is the command to convert an ed25519 public key from DER to PEM.  The
>> command I used to create the key was:
>>
>>     openssl genpkey -aes256 -algorithm ed25519\
>>         -outform pem -out $dir/private/intermediate.key.pem
> Firstly, that command creates a private key not a public key.

The what does the following say:

$    openssl pkey -inform $format\
 >        -in $dir/private/intermediate.key.pem -text -noout
Enter pass phrase for
/home/rgm/uasca/intermediate/private/intermediate.key.pem:
ED25519 Private-Key:
priv:
     70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72:
     16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6:
     cf:58
pub:
     a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e:
     e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4:
     54:db


>
> So if you want to convert the above *private* key into DER then:
>
> openssl pkey -in ed25519.pem -out ed25519.der -outform DER
>
> If on the other hand you want to read the above *private* key and output the
> associated *public* key in DER then:
>
> openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout

Yes. thanks.  That works.

>
> Matt
>
>

Reply | Threaded
Open this post in threaded view
|

Re: Convert eddsa public key fro PEM to DER

Matt Caswell-2


On 14/08/2019 13:21, Robert Moskowitz wrote:

>
>
> On 8/14/19 6:22 AM, Matt Caswell wrote:
>>
>> On 14/08/2019 11:06, Robert Moskowitz wrote:
>>> I googled how to convert a PEM public key to DER and only found examples for RSA
>>> keys.  Mine are ed25519.  I thought it would be a simple algorithm substitution:
>>>
>>> $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
>>>>    -outform DER -out $dir/private/intermediate.key.der
>>> Invalid command 'ed25519'; type "help" for a list.
>>>
>>> So since my other commands use -algorithm, I tried:
>>>
>>> $ openssl -algorithm $algorithm -pubin -inform PEM -in
>>> $dir/private/intermediate.key.pem\
>>>>    -outform DER -out $dir/private/intermediate.key.der
>>> Invalid command '-algorithm'; type "help" for a list.
>>>
>>> So what is the command to convert an ed25519 public key from DER to PEM.  The
>>> command I used to create the key was:
>>>
>>>     openssl genpkey -aes256 -algorithm ed25519\
>>>         -outform pem -out $dir/private/intermediate.key.pem
>> Firstly, that command creates a private key not a public key.
>
> The what does the following say:
>
> $    openssl pkey -inform $format\
>>        -in $dir/private/intermediate.key.pem -text -noout
> Enter pass phrase for /home/rgm/uasca/intermediate/private/intermediate.key.pem:
> ED25519 Private-Key:
> priv:

It says in the two lines above that you have a private key. Every private key
implicitly has an associated public key with it (which is also shown below). But
the combined set is private, because it contains private data. By contrast if
you just have a public key then there is no private portion and so the whole key
is public.

Matt



>     70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72:
>     16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6:
>     cf:58
> pub:
>     a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e:
>     e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4:
>     54:db
>
>
>>
>> So if you want to convert the above *private* key into DER then:
>>
>> openssl pkey -in ed25519.pem -out ed25519.der -outform DER
>>
>> If on the other hand you want to read the above *private* key and output the
>> associated *public* key in DER then:
>>
>> openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout
>
> Yes. thanks.  That works.
>
>>
>> Matt
>>
>>
>
Reply | Threaded
Open this post in threaded view
|

Re: Convert eddsa public key fro PEM to DER

Robert Moskowitz


On 8/14/19 8:42 AM, Matt Caswell wrote:

>
> On 14/08/2019 13:21, Robert Moskowitz wrote:
>>
>> On 8/14/19 6:22 AM, Matt Caswell wrote:
>>> On 14/08/2019 11:06, Robert Moskowitz wrote:
>>>> I googled how to convert a PEM public key to DER and only found examples for RSA
>>>> keys.  Mine are ed25519.  I thought it would be a simple algorithm substitution:
>>>>
>>>> $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
>>>>>     -outform DER -out $dir/private/intermediate.key.der
>>>> Invalid command 'ed25519'; type "help" for a list.
>>>>
>>>> So since my other commands use -algorithm, I tried:
>>>>
>>>> $ openssl -algorithm $algorithm -pubin -inform PEM -in
>>>> $dir/private/intermediate.key.pem\
>>>>>     -outform DER -out $dir/private/intermediate.key.der
>>>> Invalid command '-algorithm'; type "help" for a list.
>>>>
>>>> So what is the command to convert an ed25519 public key from DER to PEM.  The
>>>> command I used to create the key was:
>>>>
>>>>      openssl genpkey -aes256 -algorithm ed25519\
>>>>          -outform pem -out $dir/private/intermediate.key.pem
>>> Firstly, that command creates a private key not a public key.
>> The what does the following say:
>>
>> $    openssl pkey -inform $format\
>>>          -in $dir/private/intermediate.key.pem -text -noout
>> Enter pass phrase for /home/rgm/uasca/intermediate/private/intermediate.key.pem:
>> ED25519 Private-Key:
>> priv:
> It says in the two lines above that you have a private key. Every private key
> implicitly has an associated public key with it (which is also shown below). But
> the combined set is private, because it contains private data. By contrast if
> you just have a public key then there is no private portion and so the whole key
> is public.

Thanks.  It is beginning to filter into my morning brain mush.

>
> Matt
>
>
>
>>      70:71:84:2b:81:e8:78:cb:6b:9c:97:28:92:7f:72:
>>      16:0a:40:fd:7b:38:e6:71:f7:2e:ad:2d:19:8e:e6:
>>      cf:58
>> pub:
>>      a4:de:b3:3c:b7:bd:12:5b:1a:e5:ac:58:76:15:7e:
>>      e8:98:2c:87:57:8b:c4:5b:98:33:d5:41:b5:e2:a4:
>>      54:db
>>
>>
>>> So if you want to convert the above *private* key into DER then:
>>>
>>> openssl pkey -in ed25519.pem -out ed25519.der -outform DER
>>>
>>> If on the other hand you want to read the above *private* key and output the
>>> associated *public* key in DER then:
>>>
>>> openssl pkey -in ed25519.pem -out ed25519-pub.der -outform DER -pubout
>> Yes. thanks.  That works.
>>
>>> Matt
>>>
>>>