Re: Getting public key from .PEM file for ostree sign verify

From: MR ZenWiz <mrzenwiz gmail com>
To: Dan Nicholson <dbn endlessos org>
Cc: ostree-list <ostree-list gnome org>
Subject: Re: Getting public key from .PEM file for ostree sign verify
Date: Tue, 20 Jul 2021 15:18:05 -0700

That gives me an error:

$ openssl pkey -pubin -outform DER ~/fixture.pem
unable to load Public key
140403801552192:error:0909006C:PEM routines:get_name:no start
line:../crypto/pem/pem_lib.c:745:Expecting: PUBLIC KEY

Also gets this error if I add -pubout to the end.

Thanks.

Mark

On Tue, Jul 20, 2021 at 2:30 PM Dan Nicholson <dbn endlessos org> wrote:


On Tue, Jul 20, 2021 at 2:42 PM MR ZenWiz via ostree-list
<ostree-list gnome org> wrote:


I have been digging around to find out how to do this, but it appears
all the methods I've seen so far produce text-converted keys.

How do I extract the binary public key from a .pem file so I can use
ostree sign to verify the signature in the commitmeta?


I've never actually used ostree sign, but presumably you just want the
DER encoding of it:

openssl pkey -pubin -outform DER -in key.pem

--
Dan

Follow-Ups:
- Re: Getting public key from .PEM file for ostree sign verify
  - From: Dan Nicholson

References:
- Getting public key from .PEM file for ostree sign verify
  - From: MR ZenWiz
- Re: Getting public key from .PEM file for ostree sign verify
  - From: Dan Nicholson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]