Unicode C
Unicode C
Get Ed25519 Key in Different Formats
See more Ed25519 Examples
Demonstrates how to get/save an Ed25519 private key to different formats.Converting a private key from one format to another is done by loading in one format and saving/getting in another.
Note: This example requires Chilkat v9.5.0.83 or greater.
Chilkat Unicode C Downloads
#include <C_CkEdDSAW.h>
#include <C_CkPrngW.h>
#include <C_CkPrivateKeyW.h>
#include <C_CkJsonObjectW.h>
#include <C_CkStringBuilderW.h>
void ChilkatSample(void)
{
BOOL success;
HCkEdDSAW eddsa;
HCkPrngW prng;
HCkPrivateKeyW privKey;
const wchar_t *pkcs1Base64;
const wchar_t *pkcs8Base64;
const wchar_t *password;
const wchar_t *pkcs8EncBase64;
const wchar_t *ed25519Pem;
const wchar_t *jwk;
HCkJsonObjectW json;
const wchar_t *ed25519_xml;
HCkStringBuilderW sbPubKeyHex;
const wchar_t *privKeyHex;
success = FALSE;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
eddsa = CkEdDSAW_Create();
prng = CkPrngW_Create();
privKey = CkPrivateKeyW_Create();
// Generates a new ed25519 key and stores it in privKey.
success = CkEdDSAW_GenEd25519Key(eddsa,prng,privKey);
if (success == FALSE) {
wprintf(L"%s\n",CkEdDSAW_lastErrorText(eddsa));
CkEdDSAW_Dispose(eddsa);
CkPrngW_Dispose(prng);
CkPrivateKeyW_Dispose(privKey);
return;
}
// ----------------------------------------------------------
// Ed25519 PKCS1 format
//
// This is the format created by: openssl genpkey -algorithm X25519 -out xkey.pem
pkcs1Base64 = CkPrivateKeyW_getPkcs1ENC(privKey,L"base64");
wprintf(L"%s\n",pkcs1Base64);
// Sample output: MC4CAQAwBQYDK2VuBCIEIB1mwirs+eC6XGbkjPIiZyBwQ7768uSd9v5PHOLFbIXo
// PKCS1 is a binary ASN.1 DER format. You can examine the contents with two online tools:
// 1) Go to ASN.1 Decoder and paste the base64 into the online form.
// 2) Or Decode Base64 ASN.1 to XML
// The PKCS1 ASN.1 format for an Ed25519 key look like this:
// SEQUENCE
// INTEGER 0
// SEQUENCE
// OBJECT IDENTIFIER 1.3.101.110 curveX25519 (ECDH 25519 key agreement algorithm)
// OCTET STRING
// OCTET STRING (32 byte) 1D66C...
// Save it directly to a file.
success = CkPrivateKeyW_SavePkcs1File(privKey,L"qa_output/ed25519.key");
// ----------------------------------------------------------
// Ed25519 Unencrypted PKCS8 format
//
// For ed25519, the ASN.1 output is the same as for PKCS1.
pkcs8Base64 = CkPrivateKeyW_getPkcs8ENC(privKey,L"base64");
wprintf(L"%s\n",pkcs8Base64);
// PKCS8 is a binary ASN.1 DER format. You can examine the contents with two online tools:
// 1) Go to ASN.1 Decoder and paste the base64 into the online form.
// 2) Or Decode Base64 ASN.1 to XML
// ----------------------------------------------------------
// Ed25519 Encrypted PKCS8 format
//
// Note: The encrypted output cannot be examined using the above online tools because the ASN.1 is encrypted.
password = L"secret";
pkcs8EncBase64 = CkPrivateKeyW_getPkcs8EncryptedENC(privKey,L"base64",password);
wprintf(L"%s\n",pkcs8EncBase64);
// ----------------------------------------------------------
// Ed25519 in PEM format:
//
ed25519Pem = CkPrivateKeyW_getPkcs1Pem(privKey);
wprintf(L"%s\n",ed25519Pem);
// Sample output:
// -----BEGIN PRIVATE KEY-----
// MC4CAQAwBQYDK2VuBCIEIOKPhbULJagBAi7hbRdn1f4AAzh1RqqCHqCAvau7N6yO
// -----END PRIVATE KEY-----
// ----------------------------------------------------------
// Ed25519 in JWK Format
//
jwk = CkPrivateKeyW_getJwk(privKey);
json = CkJsonObjectW_Create();
CkJsonObjectW_Load(json,jwk);
CkJsonObjectW_putEmitCompact(json,FALSE);
wprintf(L"%s\n",CkJsonObjectW_emit(json));
// Sample output:
// {
// "kty": "OKP",
// "crv": "Ed25519",
// "x": "SE2Kne5xt51z1eciMH2T2ftDQp96Gl6FhY6zSQujiP0",
// "d": "O-eRXewadF0sNyB0U9omcnt8Qg2ZmeK3WSXPYgqe570",
// "use": "sig"
// }
// In the above JWK, x is the public key, y is the private key.
// Both are 32 bytes and are base64-url encoded.
// ----------------------------------------------------------
// Ed25519 in XML Format
//
ed25519_xml = CkPrivateKeyW_getXml(privKey);
wprintf(L"%s\n",ed25519_xml);
// Sample output: <Ed25519KeyValue>w4b/gI0zgYKgjtfWLjNfc4issmP7Qap84uesYNgEefP/WoY3jNOhOzgTYsMtOnuyGn3MdA4NZtsUXVNI1NiTlA==</Ed25519KeyValue>
// The base64 content is composed of the concatenation of the 32-byte private key with the 32-byte public key and then base64 encoded.
// In other words: Base64(privKey || pubKey)
// ----------------------------------------------------------
// Ed25519 in Raw Hex Format
//
sbPubKeyHex = CkStringBuilderW_Create();
privKeyHex = CkPrivateKeyW_getRawHex(privKey,sbPubKeyHex);
// We should have a 32-byte private key (a 64 character hex string).
wprintf(L"private key = %s\n",privKeyHex);
// We should have a 32-byte public key (a 64 character hex string).
wprintf(L"public key = %s\n",CkStringBuilderW_getAsString(sbPubKeyHex));
// Sample output:
// key type = ed25519
// size in bits = 256
// private key = d4ee72dbf913584ad5b6d8f1f769f8ad3afe7c28cbf1d4fbe097a88f44755842
// public key = 19bf44096984cdfe8541bac167dc3b96c85086aa30b6b6cb0c5c38ad703166e1
CkEdDSAW_Dispose(eddsa);
CkPrngW_Dispose(prng);
CkPrivateKeyW_Dispose(privKey);
CkJsonObjectW_Dispose(json);
CkStringBuilderW_Dispose(sbPubKeyHex);
}