# OpenSSL Key Creation and base32 formatting



## systemx (Dec 10, 2021)

Hello,

FreeBSD 13.0-RELEASE amd64

`openssl genpkey -algorithm x25519 -out /tmp/k1.prv.pem`

I can complete the command above and get a successful output, but now I am trying to format this key to Base32 format and the command I input below fails of course because basez is not an option for BSD.

`cat /tmp/k1.prv.pem | grep -v " PRIVATE KEY" | base64pem -d | tail --bytes=32 | base32 | sed 's/=//g' > /tmp/k1.prv.key`


Is there a workaround I can try? or any insight?


----------



## covacat (Dec 10, 2021)

cat /tmp/k1.prv.pem | grep -v " PRIVATE KEY" |openssl base64 -d|tail -c 32|hexdump -v -e  '1/1 "%u\n"' |awk -f a.awk 

```
BEGIN {
 s=0
 ALFA = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567="
 R[1] = 6;R[2] = 4; R[3] = 3; R[4] = 1;
 }
{
s=s*256 + $1;

 if (!(NR % 5)) {
 for(j=7;j>=0;j--) {
  L[j] = s % 32;
  s = int(s/32);
  }
  for(j=0;j<8;j++) {
   printf "%c",substr(ALFA,L[j]+1,1)
   }
 s = 0
 }
}
END {
r = NR % 5;
if(r) {
n = R[r]
while(r) {
 s=s*256;
 r = (r + 1) % 5;
 }
 for(j=7;j>=0;j--) {
  L[j] = s %32;
  if( n > 0) L[j] = 32;
  n--;
  s = int(s/32);
  }
  for(j=0;j<8;j++) {
   printf "%c",substr(ALFA,L[j]+1,1)
   }
  }
 print ""
 
}
```


----------



## systemx (Dec 12, 2021)

`openssl genpkey -algorithm x25519 -out /tmp/k1.prv.pem`

`cat /tmp/k1.prv.pem | grep -v " PRIVATE KEY" | openssl base64 -d | tail -c 32 | hexdump -v -e '1/1 "%u\n"' | awk -f a.awk`

`openssl pkey -in /tmp/k1.prv.pem -pubout | grep -v " PUBLIC KEY" |  tail -c 32 | hexdump -v -e '1/1 "%u\n"' | awk -f a.awk`


I run the following commands from top to bottom, and I do see results, but I am not sure if my format for the public key is accurate. I was trying to base it off of the creation of the private key using the "code". That worked well, now I am questioning the output of the public key on the last command. I get results, and no error, but is it right? Things might not be matching up...

All I am trying to do is convert *pub.pem*  and *pri.pem* keys  to base 32 format. That is all.


----------



## covacat (Dec 12, 2021)

well, i ran your original command on an ubuntu box and compared with my results and it was the same


----------



## systemx (Dec 12, 2021)

hmm, I am not sure. If you run all 3 commands one after another in my previous post that works out for you?


----------



## covacat (Dec 12, 2021)

openssl pkey -in /tmp/k1.prv.pem -pubout | grep -v " PUBLIC KEY" |  tail -c 32 | hexdump -v -e '1/1 "%u\n"' | awk -f a.awk
this is missing the base64 decoding


----------



## systemx (Dec 12, 2021)

That it was! This resolved my problem as I suspected 'things' were not matching up because of this.


----------

