Hi, I have a public key produced by ‘openssl rsa -in key.sec -pubout > key.pub’, which looks like this:
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnCdEo5fdYC/mjJLxjDK J/COk6ItJmY0x2Tvgg0o28/RZSkSa8OrbZTE5YEZVq3o5Nj26aPJZeF916reV8kc e+84/DNjP8HNGyZjnbxYgwSkDYYp15m0s+6Xt0j4dRqy+SMYxCqfg8AEhjgo1KWI /m2ThBfvlBZvwhmMZBJRO2LM7l1G6c5k4TDNaNjjzCYk/kA83xxmh06aX7HUtrA0 LZU4wQr8OORAYDz17MY6Ls463kpCm8Yofcs6C8N90vXha3SCbjF6HyJ0mWFiGYAb S0sT1aqJqFIEeZEsrE1M5XTRaNN58sufQGnVqPM5ZZG8O/TPST5UmXP4uFrJ8ZYe qwIDAQAB -----END PUBLIC KEY----- I couldn’t find in the OpenSSL doc what format this is supposed to be, so I naively tried several possibilities with GnuTLS from Guile: --8<---------------cut here---------------start------------->8--- scheme@(guile-user)> (use-modules (gnutls) (rnrs io ports)) scheme@(guile-user)> (define raw (call-with-input-file "/etc/nix/signing-key.pub" get-bytevector-all)) scheme@(guile-user)> (import-x509-certificate raw x509-certificate-format/der) ERROR: In procedure import-x509-certificate: ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum ASN1 parser: Error in TAG.> import-x509-certificate)'. Entering a new prompt. Type `,bt' for a backtrace or `,q' to continue. scheme@(guile-user) [1]> ,q scheme@(guile-user)> (import-x509-certificate raw x509-certificate-format/pem) ERROR: In procedure import-x509-certificate: ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum Base64 unexpected header error.> import-x509-certificate)'. Entering a new prompt. Type `,bt' for a backtrace or `,q' to continue. scheme@(guile-user) [1]> ,q scheme@(guile-user)> (pkcs1-import-rsa-parameters raw x509-certificate-format/pem) ERROR: In procedure pkcs1-import-rsa-parameters: ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum Base64 unexpected header error.> pkcs1-import-rsa-parameters)'. Entering a new prompt. Type `,bt' for a backtrace or `,q' to continue. scheme@(guile-user) [1]> ,q scheme@(guile-user)> (pkcs1-import-rsa-parameters raw x509-certificate-format/der) ERROR: In procedure pkcs1-import-rsa-parameters: ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum ASN1 parser: Error in DER parsing.> pkcs1-import-rsa-parameters)'. Entering a new prompt. Type `,bt' for a backtrace or `,q' to continue. scheme@(guile-user) [1]> ,q scheme@(guile-user)> (gnutls-version) $3 = "3.0.18" --8<---------------cut here---------------end--------------->8--- The page at <http://www.cryptosys.net/pki/rsakeyformats.html> suggests that it is a PEM-encoded X.509 certificate(?). What am I missing? Thanks, Ludo’. _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
