Sample code for 30+ languages & platforms
Classic ASP

Get Ed25519 Key in Different Formats

See more Ed25519 Examples

Demonstrates how to get/save an Ed25519 private key to different formats.

Converting a private key from one format to another is done by loading in one format and saving/getting in another.

Note: This example requires Chilkat v9.5.0.83 or greater.

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

set eddsa = Server.CreateObject("Chilkat.EdDSA")
set prng = Server.CreateObject("Chilkat.Prng")
set privKey = Server.CreateObject("Chilkat.PrivateKey")

' Generates a new ed25519 key and stores it in privKey.
success = eddsa.GenEd25519Key(prng,privKey)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( eddsa.LastErrorText) & "</pre>"
    Response.End
End If

' ----------------------------------------------------------
' Ed25519 PKCS1 format
' 
' This is the format created by:  openssl genpkey -algorithm X25519 -out xkey.pem
pkcs1Base64 = privKey.GetPkcs1ENC("base64")
Response.Write "<pre>" & Server.HTMLEncode( pkcs1Base64) & "</pre>"

' Sample output:  MC4CAQAwBQYDK2VuBCIEIB1mwirs+eC6XGbkjPIiZyBwQ7768uSd9v5PHOLFbIXo

' PKCS1 is a binary ASN.1 DER format.  You can examine the contents with two online tools:
' 1) Go to ASN.1 Decoder  and paste the base64 into the online form.
' 2) Or Decode Base64 ASN.1 to XML 

' The PKCS1 ASN.1 format for an Ed25519 key look like this:
'   SEQUENCE
'     INTEGER 0
'     SEQUENCE
'       OBJECT IDENTIFIER 1.3.101.110 curveX25519 (ECDH 25519 key agreement algorithm)
'     OCTET STRING 
'       OCTET STRING (32 byte) 1D66C...

' Save it directly to a file.
success = privKey.SavePkcs1File("qa_output/ed25519.key")

' ----------------------------------------------------------
' Ed25519 Unencrypted PKCS8 format
' 
' For ed25519, the ASN.1 output is the same as for PKCS1.
pkcs8Base64 = privKey.GetPkcs8ENC("base64")
Response.Write "<pre>" & Server.HTMLEncode( pkcs8Base64) & "</pre>"

' PKCS8 is a binary ASN.1 DER format.  You can examine the contents with two online tools:
' 1) Go to ASN.1 Decoder  and paste the base64 into the online form.
' 2) Or Decode Base64 ASN.1 to XML 

' ----------------------------------------------------------
' Ed25519 Encrypted PKCS8 format
' 
' Note: The encrypted output cannot be examined using the above online tools because the ASN.1 is encrypted.
password = "secret"
pkcs8EncBase64 = privKey.GetPkcs8EncryptedENC("base64",password)
Response.Write "<pre>" & Server.HTMLEncode( pkcs8EncBase64) & "</pre>"

' ----------------------------------------------------------
' Ed25519 in PEM format:
' 
ed25519Pem = privKey.GetPkcs1Pem()
Response.Write "<pre>" & Server.HTMLEncode( ed25519Pem) & "</pre>"

' Sample output:

' -----BEGIN PRIVATE KEY-----
' MC4CAQAwBQYDK2VuBCIEIOKPhbULJagBAi7hbRdn1f4AAzh1RqqCHqCAvau7N6yO
' -----END PRIVATE KEY-----

' ----------------------------------------------------------
' Ed25519 in JWK Format
' 
jwk = privKey.GetJwk()

set json = Server.CreateObject("Chilkat.JsonObject")
success = json.Load(jwk)
json.EmitCompact = 0
Response.Write "<pre>" & Server.HTMLEncode( json.Emit()) & "</pre>"

' Sample output:
' {
'   "kty": "OKP",
'   "crv": "Ed25519",
'   "x": "SE2Kne5xt51z1eciMH2T2ftDQp96Gl6FhY6zSQujiP0",
'   "d": "O-eRXewadF0sNyB0U9omcnt8Qg2ZmeK3WSXPYgqe570",
'   "use": "sig"
' }

' In the above JWK, x is the public key, y is the private key.
' Both are 32 bytes and are base64-url encoded.

' ----------------------------------------------------------
' Ed25519 in XML Format
' 
ed25519_xml = privKey.GetXml()
Response.Write "<pre>" & Server.HTMLEncode( ed25519_xml) & "</pre>"

' Sample output:  <Ed25519KeyValue>w4b/gI0zgYKgjtfWLjNfc4issmP7Qap84uesYNgEefP/WoY3jNOhOzgTYsMtOnuyGn3MdA4NZtsUXVNI1NiTlA==</Ed25519KeyValue>

' The base64 content is composed of the concatenation of the 32-byte private key with the 32-byte public key and then base64 encoded.
' In other words:  Base64(privKey || pubKey)

' ----------------------------------------------------------
' Ed25519 in Raw Hex Format
' 
set sbPubKeyHex = Server.CreateObject("Chilkat.StringBuilder")
privKeyHex = privKey.GetRawHex(sbPubKeyHex)

' We should have a 32-byte private key (a 64 character hex string).
Response.Write "<pre>" & Server.HTMLEncode( "private key = " & privKeyHex) & "</pre>"

' We should have a 32-byte public key (a 64 character hex string).
Response.Write "<pre>" & Server.HTMLEncode( "public key = " & sbPubKeyHex.GetAsString()) & "</pre>"

' Sample output:
' key type = ed25519
' size in bits = 256
' private key = d4ee72dbf913584ad5b6d8f1f769f8ad3afe7c28cbf1d4fbe097a88f44755842
' public key = 19bf44096984cdfe8541bac167dc3b96c85086aa30b6b6cb0c5c38ad703166e1

%>
</body>
</html>