Sample code for 30+ languages & platforms
PureBasic

Get Ed25519 Key in Different Formats

See more Ed25519 Examples

Demonstrates how to get/save an Ed25519 private key to different formats.

Converting a private key from one format to another is done by loading in one format and saving/getting in another.

Note: This example requires Chilkat v9.5.0.83 or greater.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkEdDSA.pb"
IncludeFile "CkPrivateKey.pb"
IncludeFile "CkPrng.pb"
IncludeFile "CkJsonObject.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example assumes the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    eddsa.i = CkEdDSA::ckCreate()
    If eddsa.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    prng.i = CkPrng::ckCreate()
    If prng.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    privKey.i = CkPrivateKey::ckCreate()
    If privKey.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Generates a new ed25519 key and stores it in privKey.
    success = CkEdDSA::ckGenEd25519Key(eddsa,prng,privKey)
    If success = 0
        Debug CkEdDSA::ckLastErrorText(eddsa)
        CkEdDSA::ckDispose(eddsa)
        CkPrng::ckDispose(prng)
        CkPrivateKey::ckDispose(privKey)
        ProcedureReturn
    EndIf

    ; ----------------------------------------------------------
    ; Ed25519 PKCS1 format
    ; 
    ; This is the format created by:  openssl genpkey -algorithm X25519 -out xkey.pem
    pkcs1Base64.s = CkPrivateKey::ckGetPkcs1ENC(privKey,"base64")
    Debug pkcs1Base64

    ; Sample output:  MC4CAQAwBQYDK2VuBCIEIB1mwirs+eC6XGbkjPIiZyBwQ7768uSd9v5PHOLFbIXo

    ; PKCS1 is a binary ASN.1 DER format.  You can examine the contents with two online tools:
    ; 1) Go to ASN.1 Decoder  and paste the base64 into the online form.
    ; 2) Or Decode Base64 ASN.1 to XML 

    ; The PKCS1 ASN.1 format for an Ed25519 key look like this:
    ;   SEQUENCE
    ;     INTEGER 0
    ;     SEQUENCE
    ;       OBJECT IDENTIFIER 1.3.101.110 curveX25519 (ECDH 25519 key agreement algorithm)
    ;     OCTET STRING 
    ;       OCTET STRING (32 byte) 1D66C...

    ; Save it directly to a file.
    success = CkPrivateKey::ckSavePkcs1File(privKey,"qa_output/ed25519.key")

    ; ----------------------------------------------------------
    ; Ed25519 Unencrypted PKCS8 format
    ; 
    ; For ed25519, the ASN.1 output is the same as for PKCS1.
    pkcs8Base64.s = CkPrivateKey::ckGetPkcs8ENC(privKey,"base64")
    Debug pkcs8Base64

    ; PKCS8 is a binary ASN.1 DER format.  You can examine the contents with two online tools:
    ; 1) Go to ASN.1 Decoder  and paste the base64 into the online form.
    ; 2) Or Decode Base64 ASN.1 to XML 

    ; ----------------------------------------------------------
    ; Ed25519 Encrypted PKCS8 format
    ; 
    ; Note: The encrypted output cannot be examined using the above online tools because the ASN.1 is encrypted.
    password.s = "secret"
    pkcs8EncBase64.s = CkPrivateKey::ckGetPkcs8EncryptedENC(privKey,"base64",password)
    Debug pkcs8EncBase64

    ; ----------------------------------------------------------
    ; Ed25519 in PEM format:
    ; 
    ed25519Pem.s = CkPrivateKey::ckGetPkcs1Pem(privKey)
    Debug ed25519Pem

    ; Sample output:

    ; -----BEGIN PRIVATE KEY-----
    ; MC4CAQAwBQYDK2VuBCIEIOKPhbULJagBAi7hbRdn1f4AAzh1RqqCHqCAvau7N6yO
    ; -----END PRIVATE KEY-----

    ; ----------------------------------------------------------
    ; Ed25519 in JWK Format
    ; 
    jwk.s = CkPrivateKey::ckGetJwk(privKey)

    json.i = CkJsonObject::ckCreate()
    If json.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::ckLoad(json,jwk)
    CkJsonObject::setCkEmitCompact(json, 0)
    Debug CkJsonObject::ckEmit(json)

    ; Sample output:
    ; {
    ;   "kty": "OKP",
    ;   "crv": "Ed25519",
    ;   "x": "SE2Kne5xt51z1eciMH2T2ftDQp96Gl6FhY6zSQujiP0",
    ;   "d": "O-eRXewadF0sNyB0U9omcnt8Qg2ZmeK3WSXPYgqe570",
    ;   "use": "sig"
    ; }

    ; In the above JWK, x is the public key, y is the private key.
    ; Both are 32 bytes and are base64-url encoded.

    ; ----------------------------------------------------------
    ; Ed25519 in XML Format
    ; 
    ed25519_xml.s = CkPrivateKey::ckGetXml(privKey)
    Debug ed25519_xml

    ; Sample output:  <Ed25519KeyValue>w4b/gI0zgYKgjtfWLjNfc4issmP7Qap84uesYNgEefP/WoY3jNOhOzgTYsMtOnuyGn3MdA4NZtsUXVNI1NiTlA==</Ed25519KeyValue>

    ; The base64 content is composed of the concatenation of the 32-byte private key with the 32-byte public key and then base64 encoded.
    ; In other words:  Base64(privKey || pubKey)

    ; ----------------------------------------------------------
    ; Ed25519 in Raw Hex Format
    ; 
    sbPubKeyHex.i = CkStringBuilder::ckCreate()
    If sbPubKeyHex.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    privKeyHex.s = CkPrivateKey::ckGetRawHex(privKey,sbPubKeyHex)

    ; We should have a 32-byte private key (a 64 character hex string).
    Debug "private key = " + privKeyHex

    ; We should have a 32-byte public key (a 64 character hex string).
    Debug "public key = " + CkStringBuilder::ckGetAsString(sbPubKeyHex)

    ; Sample output:
    ; key type = ed25519
    ; size in bits = 256
    ; private key = d4ee72dbf913584ad5b6d8f1f769f8ad3afe7c28cbf1d4fbe097a88f44755842
    ; public key = 19bf44096984cdfe8541bac167dc3b96c85086aa30b6b6cb0c5c38ad703166e1


    CkEdDSA::ckDispose(eddsa)
    CkPrng::ckDispose(prng)
    CkPrivateKey::ckDispose(privKey)
    CkJsonObject::ckDispose(json)
    CkStringBuilder::ckDispose(sbPubKeyHex)


    ProcedureReturn
EndProcedure