Sample code for 30+ languages & platforms
AutoIt

Get Ed25519 Key in Different Formats

See more Ed25519 Examples

Demonstrates how to get/save an Ed25519 private key to different formats.

Converting a private key from one format to another is done by loading in one format and saving/getting in another.

Note: This example requires Chilkat v9.5.0.83 or greater.

Chilkat AutoIt Downloads

AutoIt
Local $bSuccess = False

; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.

$oEddsa = ObjCreate("Chilkat.EdDSA")
$oPrng = ObjCreate("Chilkat.Prng")
$oPrivKey = ObjCreate("Chilkat.PrivateKey")

; Generates a new ed25519 key and stores it in privKey.
$bSuccess = $oEddsa.GenEd25519Key($oPrng,$oPrivKey)
If ($bSuccess = False) Then
    ConsoleWrite($oEddsa.LastErrorText & @CRLF)
    Exit
EndIf

; ----------------------------------------------------------
; Ed25519 PKCS1 format
; 
; This is the format created by:  openssl genpkey -algorithm X25519 -out xkey.pem
Local $sPkcs1Base64 = $oPrivKey.GetPkcs1ENC("base64")
ConsoleWrite($sPkcs1Base64 & @CRLF)

; Sample output:  MC4CAQAwBQYDK2VuBCIEIB1mwirs+eC6XGbkjPIiZyBwQ7768uSd9v5PHOLFbIXo

; PKCS1 is a binary ASN.1 DER format.  You can examine the contents with two online tools:
; 1) Go to ASN.1 Decoder  and paste the base64 into the online form.
; 2) Or Decode Base64 ASN.1 to XML 

; The PKCS1 ASN.1 format for an Ed25519 key look like this:
;   SEQUENCE
;     INTEGER 0
;     SEQUENCE
;       OBJECT IDENTIFIER 1.3.101.110 curveX25519 (ECDH 25519 key agreement algorithm)
;     OCTET STRING 
;       OCTET STRING (32 byte) 1D66C...

; Save it directly to a file.
$bSuccess = $oPrivKey.SavePkcs1File("qa_output/ed25519.key")

; ----------------------------------------------------------
; Ed25519 Unencrypted PKCS8 format
; 
; For ed25519, the ASN.1 output is the same as for PKCS1.
Local $sPkcs8Base64 = $oPrivKey.GetPkcs8ENC("base64")
ConsoleWrite($sPkcs8Base64 & @CRLF)

; PKCS8 is a binary ASN.1 DER format.  You can examine the contents with two online tools:
; 1) Go to ASN.1 Decoder  and paste the base64 into the online form.
; 2) Or Decode Base64 ASN.1 to XML 

; ----------------------------------------------------------
; Ed25519 Encrypted PKCS8 format
; 
; Note: The encrypted output cannot be examined using the above online tools because the ASN.1 is encrypted.
Local $sPassword = "secret"
Local $sPkcs8EncBase64 = $oPrivKey.GetPkcs8EncryptedENC("base64",$sPassword)
ConsoleWrite($sPkcs8EncBase64 & @CRLF)

; ----------------------------------------------------------
; Ed25519 in PEM format:
; 
Local $sEd25519Pem = $oPrivKey.GetPkcs1Pem()
ConsoleWrite($sEd25519Pem & @CRLF)

; Sample output:

; -----BEGIN PRIVATE KEY-----
; MC4CAQAwBQYDK2VuBCIEIOKPhbULJagBAi7hbRdn1f4AAzh1RqqCHqCAvau7N6yO
; -----END PRIVATE KEY-----

; ----------------------------------------------------------
; Ed25519 in JWK Format
; 
Local $sJwk = $oPrivKey.GetJwk()

$oJson = ObjCreate("Chilkat.JsonObject")
$oJson.Load($sJwk)
$oJson.EmitCompact = False
ConsoleWrite($oJson.Emit() & @CRLF)

; Sample output:
; {
;   "kty": "OKP",
;   "crv": "Ed25519",
;   "x": "SE2Kne5xt51z1eciMH2T2ftDQp96Gl6FhY6zSQujiP0",
;   "d": "O-eRXewadF0sNyB0U9omcnt8Qg2ZmeK3WSXPYgqe570",
;   "use": "sig"
; }

; In the above JWK, x is the public key, y is the private key.
; Both are 32 bytes and are base64-url encoded.

; ----------------------------------------------------------
; Ed25519 in XML Format
; 
Local $sEd25519_xml = $oPrivKey.GetXml()
ConsoleWrite($sEd25519_xml & @CRLF)

; Sample output:  <Ed25519KeyValue>w4b/gI0zgYKgjtfWLjNfc4issmP7Qap84uesYNgEefP/WoY3jNOhOzgTYsMtOnuyGn3MdA4NZtsUXVNI1NiTlA==</Ed25519KeyValue>

; The base64 content is composed of the concatenation of the 32-byte private key with the 32-byte public key and then base64 encoded.
; In other words:  Base64(privKey || pubKey)

; ----------------------------------------------------------
; Ed25519 in Raw Hex Format
; 
$oSbPubKeyHex = ObjCreate("Chilkat.StringBuilder")
Local $sPrivKeyHex = $oPrivKey.GetRawHex($oSbPubKeyHex)

; We should have a 32-byte private key (a 64 character hex string).
ConsoleWrite("private key = " & $sPrivKeyHex & @CRLF)

; We should have a 32-byte public key (a 64 character hex string).
ConsoleWrite("public key = " & $oSbPubKeyHex.GetAsString() & @CRLF)

; Sample output:
; key type = ed25519
; size in bits = 256
; private key = d4ee72dbf913584ad5b6d8f1f769f8ad3afe7c28cbf1d4fbe097a88f44755842
; public key = 19bf44096984cdfe8541bac167dc3b96c85086aa30b6b6cb0c5c38ad703166e1