I created a key pair + signed certificate for iOS/OSX development. Somewhere along the way, I lost the public key that goes with my private key. Maybe it's because Keychain Access doesn't group the private and public keys together, like it does with certificates and private keys (that is so irritating! why does it (not) do that!)
In Keychain Access, I can still right-click the private key -> "Request a certificate"; but without the public key available I get the error "The specified item could not be found in the keychain". I am pretty sure that public keys are recoverable, but how? Obviously, Keychain Access isn't smart enough to do it automatically.
I eventually figured this out and will mark my answer correct after a few days, unless someone adds something new to the answer.
I remembered vaguely being able to do this with openssl on .pem files, so that's the direction I headed.
private.p12
. Apply a password, or not.openssl pkcs12 -in private.p12 -out private.pem
. Enter password from previous step. You're forced to apply a password to the .pem.openssl rsa -in private.pem -pubout > public.pem
. Enter password from previous step.security import public.pem -k login.keychain
. If you don't specify a keychain, the import appears to complete but I couldn't find where the item was put.