Remove the gratuitous incompatibility from the front.
proc req-key-hash {file} {
## Return the key hash from the certificate request in FILE.
proc req-key-hash {file} {
## Return the key hash from the certificate request in FILE.
openssl req -in $file -noout -pubkey | \
openssl rsa 2>/dev/null -pubin -outform der | \
openssl req -in $file -noout -pubkey | \
openssl rsa 2>/dev/null -pubin -outform der | \
- openssl dgst -sha256 -hex]
+ openssl dgst -sha256 -hex] end]
proc cert-key-hash {file} {
## Return the key hash from the certificate in FILE.
proc cert-key-hash {file} {
## Return the key hash from the certificate in FILE.
openssl x509 -in $file -noout -pubkey | \
openssl rsa 2>/dev/null -pubin -outform der | \
openssl x509 -in $file -noout -pubkey | \
openssl rsa 2>/dev/null -pubin -outform der | \
- openssl dgst -sha256 -hex]
+ openssl dgst -sha256 -hex] end]