also accept PEM-encoded public keys as input file

create-gpg-shadow-key-from-x509-cert-req.py

@@ -41,12 +41,23 @@ def keygrip_from_key_sexp(key_sexp_data):
     return keygrip
 
 
-def create_gpg_key(input_path, gpg_key_output_path_pattern, smartcard_app_id_hex):
+def load_public_key(input_path):
     backend = cryptography.hazmat.backends.default_backend()
     with open(input_path, 'rb') as f:
-        req = cryptography.x509.load_pem_x509_csr(f.read(), backend)
-    assert req.is_signature_valid
-    pubnums = req.public_key().public_numbers()
+        input_data = f.read()
+    try:
+        return cryptography.hazmat.primitives.serialization.load_pem_public_key(
+            input_data,
+            backend,
+        )
+    except ValueError:
+        req = cryptography.x509.load_pem_x509_csr(input_data, backend)
+        assert req.is_signature_valid
+        return req.public_key()
+
+
+def create_gpg_key(input_path, gpg_key_output_path_pattern, smartcard_app_id_hex):
+    pubnums = load_public_key(input_path).public_numbers()
     key_data = ['shadowed-private-key', [
         'rsa',
         ['n', pubnums.n],
@@ -68,7 +79,7 @@ def _init_argparser():
     )
     argparser.add_argument(
         'input_path',
-        help='path to PEM-encoded X.509 signing request',
+        help='path to PEM-encoded X.509 signing request or public key',
     )
     argparser.add_argument(
         '--gpg-key-output-path',