Document how to generate key files #662

lukpueh · 2023-11-29T11:30:02Z

in-toto now accepts standard PKCS8 and subjectPublicKeyInfo key files in cli (#649, #651, #654, #652).

Given available 3rd tooling to easily generate compatible keys, in-toto no longer provides API for that (as it did previously for its proprietary key format).

It might still be helpful to include 3rd party tool usage in in-toto docs, e.g.

# RSA and ECDSA on LibreSSL 3.3.6
openssl genpkey -algorithm rsa -out rsa_private.pem
openssl pkcs8 -in rsa_private.pem -topk8 -passout pass:hunter2 -out rsa_private_encrypted.pem
openssl rsa -in rsa_private.pem -pubout -out rsa_public.pem

openssl genpkey -algorithm EC \
        -pkeyopt ec_paramgen_curve:P-256 \
        -pkeyopt ec_param_enc:named_curve \
        -out ecdsa_private.pem
openssl pkcs8 -in ecdsa_private.pem -topk8 -passout pass:hunter2 -out ecdsa_private_encrypted.pem
openssl pkey -in ecdsa_private.pem -pubout -out ecdsa_public.pem

# Ed25519 on OpenSSL 3.1.1
openssl genpkey -algorithm Ed25519 -out ed25519_private.pem
openssl pkcs8 -in ed25519_private.pem -topk8 -passout pass:hunter2 -out ed25519_private_encrypted.pem
openssl pkey -in ed25519_private.pem -pubout -out ed25519_public.pem

lukpueh added the documentation label Nov 29, 2023

lukpueh mentioned this issue Jan 16, 2024

Tool for importing PEM formatted ecdsa keys #522

Closed

MVrachev mentioned this issue Apr 3, 2024

Task: discuss the future of the rstuf key commands prior 1.0.0 repository-service-tuf/repository-service-tuf-cli#547

Open

1 task

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Document how to generate key files #662

Document how to generate key files #662

lukpueh commented Nov 29, 2023

Document how to generate key files #662

Document how to generate key files #662

Comments

lukpueh commented Nov 29, 2023