-
Hi! I've generated the key using
While inspecting the code, I found that the outputs of
Could you please take a look? 😅 I'm using latest Fedora Kinoite 41, the output of
Resources I've been following: |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
You can use this script I wrote, that I mostly sourced from OSTree's tests. In particular this test: Lines 760 to 776 in 111a45f For some reason the sign command wants the concatenated private key seed and the public key rather then just the private key seed like e.g. Wireguard. It also doesn't want the PKCS#8 header that OpenSSL generates. #!/usr/bin/bash
umask=$(umask)
pemfile=private.pem
umask 177
openssl genpkey -algorithm ed25519 -outform PEM -out "${pemfile}"
# Extract the private and public parts from generated key.
ED25519PUBLIC="$(openssl pkey -outform DER -pubout -in ${pemfile} | tail -c 32 | base64)"
ED25519SEED="$(openssl pkey -outform DER -in ${pemfile} | tail -c 32 | base64)"
# Secret key is concantination of SEED and PUBLIC
ED25519SECRET="$(echo ${ED25519SEED}${ED25519PUBLIC} | base64 -d | base64 -w 0)"
echo $ED25519SEED > secret.ed25519
echo $ED25519SECRET > secret_concatinated.ed25519
umask $umask
echo $ED25519PUBLIC > public.ed25519
rm -f $pemfile
echo "Generated ed25519 keys:"
echo "public: ${ED25519PUBLIC}"
|
Beta Was this translation helpful? Give feedback.
You can use this script I wrote, that I mostly sourced from OSTree's tests. In particular this test:
ostree/tests/libtest.sh
Lines 760 to 776 in 111a45f