Sample code for 30+ languages & platforms
Unicode C

Get Ed25519 Key in Different Formats

See more Ed25519 Examples

Demonstrates how to get/save an Ed25519 private key to different formats.

Converting a private key from one format to another is done by loading in one format and saving/getting in another.

Note: This example requires Chilkat v9.5.0.83 or greater.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkEdDSAW.h>
#include <C_CkPrngW.h>
#include <C_CkPrivateKeyW.h>
#include <C_CkJsonObjectW.h>
#include <C_CkStringBuilderW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkEdDSAW eddsa;
    HCkPrngW prng;
    HCkPrivateKeyW privKey;
    const wchar_t *pkcs1Base64;
    const wchar_t *pkcs8Base64;
    const wchar_t *password;
    const wchar_t *pkcs8EncBase64;
    const wchar_t *ed25519Pem;
    const wchar_t *jwk;
    HCkJsonObjectW json;
    const wchar_t *ed25519_xml;
    HCkStringBuilderW sbPubKeyHex;
    const wchar_t *privKeyHex;

    success = FALSE;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    eddsa = CkEdDSAW_Create();
    prng = CkPrngW_Create();
    privKey = CkPrivateKeyW_Create();

    // Generates a new ed25519 key and stores it in privKey.
    success = CkEdDSAW_GenEd25519Key(eddsa,prng,privKey);
    if (success == FALSE) {
        wprintf(L"%s\n",CkEdDSAW_lastErrorText(eddsa));
        CkEdDSAW_Dispose(eddsa);
        CkPrngW_Dispose(prng);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    // ----------------------------------------------------------
    // Ed25519 PKCS1 format
    // 
    // This is the format created by:  openssl genpkey -algorithm X25519 -out xkey.pem
    pkcs1Base64 = CkPrivateKeyW_getPkcs1ENC(privKey,L"base64");
    wprintf(L"%s\n",pkcs1Base64);

    // Sample output:  MC4CAQAwBQYDK2VuBCIEIB1mwirs+eC6XGbkjPIiZyBwQ7768uSd9v5PHOLFbIXo

    // PKCS1 is a binary ASN.1 DER format.  You can examine the contents with two online tools:
    // 1) Go to ASN.1 Decoder  and paste the base64 into the online form.
    // 2) Or Decode Base64 ASN.1 to XML 

    // The PKCS1 ASN.1 format for an Ed25519 key look like this:
    //   SEQUENCE
    //     INTEGER 0
    //     SEQUENCE
    //       OBJECT IDENTIFIER 1.3.101.110 curveX25519 (ECDH 25519 key agreement algorithm)
    //     OCTET STRING 
    //       OCTET STRING (32 byte) 1D66C...

    // Save it directly to a file.
    success = CkPrivateKeyW_SavePkcs1File(privKey,L"qa_output/ed25519.key");

    // ----------------------------------------------------------
    // Ed25519 Unencrypted PKCS8 format
    // 
    // For ed25519, the ASN.1 output is the same as for PKCS1.
    pkcs8Base64 = CkPrivateKeyW_getPkcs8ENC(privKey,L"base64");
    wprintf(L"%s\n",pkcs8Base64);

    // PKCS8 is a binary ASN.1 DER format.  You can examine the contents with two online tools:
    // 1) Go to ASN.1 Decoder  and paste the base64 into the online form.
    // 2) Or Decode Base64 ASN.1 to XML 

    // ----------------------------------------------------------
    // Ed25519 Encrypted PKCS8 format
    // 
    // Note: The encrypted output cannot be examined using the above online tools because the ASN.1 is encrypted.
    password = L"secret";
    pkcs8EncBase64 = CkPrivateKeyW_getPkcs8EncryptedENC(privKey,L"base64",password);
    wprintf(L"%s\n",pkcs8EncBase64);

    // ----------------------------------------------------------
    // Ed25519 in PEM format:
    // 
    ed25519Pem = CkPrivateKeyW_getPkcs1Pem(privKey);
    wprintf(L"%s\n",ed25519Pem);

    // Sample output:

    // -----BEGIN PRIVATE KEY-----
    // MC4CAQAwBQYDK2VuBCIEIOKPhbULJagBAi7hbRdn1f4AAzh1RqqCHqCAvau7N6yO
    // -----END PRIVATE KEY-----

    // ----------------------------------------------------------
    // Ed25519 in JWK Format
    // 
    jwk = CkPrivateKeyW_getJwk(privKey);

    json = CkJsonObjectW_Create();
    CkJsonObjectW_Load(json,jwk);
    CkJsonObjectW_putEmitCompact(json,FALSE);
    wprintf(L"%s\n",CkJsonObjectW_emit(json));

    // Sample output:
    // {
    //   "kty": "OKP",
    //   "crv": "Ed25519",
    //   "x": "SE2Kne5xt51z1eciMH2T2ftDQp96Gl6FhY6zSQujiP0",
    //   "d": "O-eRXewadF0sNyB0U9omcnt8Qg2ZmeK3WSXPYgqe570",
    //   "use": "sig"
    // }

    // In the above JWK, x is the public key, y is the private key.
    // Both are 32 bytes and are base64-url encoded.

    // ----------------------------------------------------------
    // Ed25519 in XML Format
    // 
    ed25519_xml = CkPrivateKeyW_getXml(privKey);
    wprintf(L"%s\n",ed25519_xml);

    // Sample output:  <Ed25519KeyValue>w4b/gI0zgYKgjtfWLjNfc4issmP7Qap84uesYNgEefP/WoY3jNOhOzgTYsMtOnuyGn3MdA4NZtsUXVNI1NiTlA==</Ed25519KeyValue>

    // The base64 content is composed of the concatenation of the 32-byte private key with the 32-byte public key and then base64 encoded.
    // In other words:  Base64(privKey || pubKey)

    // ----------------------------------------------------------
    // Ed25519 in Raw Hex Format
    // 
    sbPubKeyHex = CkStringBuilderW_Create();
    privKeyHex = CkPrivateKeyW_getRawHex(privKey,sbPubKeyHex);

    // We should have a 32-byte private key (a 64 character hex string).
    wprintf(L"private key = %s\n",privKeyHex);

    // We should have a 32-byte public key (a 64 character hex string).
    wprintf(L"public key = %s\n",CkStringBuilderW_getAsString(sbPubKeyHex));

    // Sample output:
    // key type = ed25519
    // size in bits = 256
    // private key = d4ee72dbf913584ad5b6d8f1f769f8ad3afe7c28cbf1d4fbe097a88f44755842
    // public key = 19bf44096984cdfe8541bac167dc3b96c85086aa30b6b6cb0c5c38ad703166e1


    CkEdDSAW_Dispose(eddsa);
    CkPrngW_Dispose(prng);
    CkPrivateKeyW_Dispose(privKey);
    CkJsonObjectW_Dispose(json);
    CkStringBuilderW_Dispose(sbPubKeyHex);

    }