Curve25519 keys

From Crypto++ Wiki
Jump to navigation Jump to search

Curve25519 keys provides information on the keys used with x25519 and ed25519. The IETF has documents covering x25519, x448, ed25519 and ed448, and they are listed below. Note that draft-ietf-curdle-pkix expired on November 9, 2018.

The summary of the documents listed above is, the two keys shown below under Example Keys must work as expected.

Example Keys

RFC 8410, section 10.3, first example key:

-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
-----END PRIVATE KEY-----
   
$ echo 'MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC' | base64 -d > key.bin

$ dumpasn1 key.bin
  0  46: SEQUENCE {
  2   1:   INTEGER 0
  5   5:   SEQUENCE {
  7   3:     OBJECT IDENTIFIER curveEd25519 (1 3 101 112)
       :     }
 12  34:   OCTET STRING, encapsulates {
 14  32:     OCTET STRING
       :       D4 EE 72 DB F9 13 58 4A D5 B6 D8 F1 F7 69 F8 AD
       :       3A FE 7C 28 CB F1 D4 FB E0 97 A8 8F 44 75 58 42
       :     }
       :   }

RFC 8410, section 10.3, second example key:

-----BEGIN PRIVATE KEY-----
MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB
Z9w7lshQhqowtrbLDFw4rXAxZuE=
-----END PRIVATE KEY------

$ echo 'MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB
Z9w7lshQhqowtrbLDFw4rXAxZuE=' | tr -d ' ' | base64 -d > key.bin

$ dumpasn1 key.bin
  0 114: SEQUENCE {
  2   1:   INTEGER 1
  5   5:   SEQUENCE {
  7   3:     OBJECT IDENTIFIER curveEd25519 (1 3 101 112)
       :     }
 12  34:   OCTET STRING, encapsulates {
 14  32:     OCTET STRING
       :       D4 EE 72 DB F9 13 58 4A D5 B6 D8 F1 F7 69 F8 AD
       :       3A FE 7C 28 CB F1 D4 FB E0 97 A8 8F 44 75 58 42
       :     }
 48  31:   [0] {
 50  29:     SEQUENCE {
 52  10:       OBJECT IDENTIFIER '1 2 840 113549 1 9 9 20'
 64  15:       SET {
 66  13:         UTF8String 'Curdle Chairs'
       :         }
       :       }
       :     }
 81  33:   [1]
       :     00 19 BF 44 09 69 84 CD FE 85 41 BA C1 67 DC 3B
       :     96 C8 50 86 AA 30 B6 B6 CB 0C 5C 38 AD 70 31 66
       :     E1
       :   }

RFC 8410, section 10.3, third example key:

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=
-----END PUBLIC KEY-----

$ echo 'MCowBQYDK2VwAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=' | base64 -d > key.bin

$ dumpasn1 key.bin
  0  42: SEQUENCE {
  2   5:   SEQUENCE {
  4   3:     OBJECT IDENTIFIER curveEd25519 (1 3 101 112)
       :     }
  9  33:   BIT STRING
       :     19 BF 44 09 69 84 CD FE 85 41 BA C1 67 DC 3B 96
       :     C8 50 86 AA 30 B6 B6 CB 0C 5C 38 AD 70 31 66 E1
       :   }

OpenSSL test program:

$ dumpasn1 openssl.bin
  0  46: SEQUENCE {
  2   1:   INTEGER 0
  5   5:   SEQUENCE {
  7   3:     OBJECT IDENTIFIER curveX25519 (1 3 101 110)
       :     }
 12  34:   OCTET STRING, encapsulates {
 14  32:     OCTET STRING
       :       C0 62 A3 8F E7 18 73 E2 27 30 94 0E 27 EE 32 5E
       :       F3 83 A3 1E D9 79 48 E6 30 0A 0B 23 D1 95 6E 51
       :     }
       :   }

OpenSSL and x25519

$ cat x25519.c
#include <openssl/evp.h>
#include <openssl/pem.h>

int main (int argc, char* argv)
{
    EVP_PKEY *pkey = NULL;
    EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
    EVP_PKEY_keygen_init(pctx);
    EVP_PKEY_keygen(pctx, &pkey);
    EVP_PKEY_CTX_free(pctx);
    PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);
    return 0;
}

And then compile it. In the example below, OpenSSL was configured with --prefix=/opt/openssl-1.1.1.

$ gcc -I /opt/openssl-1.1.1/include/ -L /opt/openssl-1.1.1/lib x25519.c -o x25519.exe -l:libcrypto.a -lpthread -ldl

And finally:

$ ./x25519.exe
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VuBCIEIMBio4/nGHPiJzCUDifuMl7zg6Me2XlI5jAKCyPRlW5R 
-----END PRIVATE KEY-----

$ echo MC4CAQAwBQYDK2VuBCIEIMBio4/nGHPiJzCUDifuMl7zg6Me2XlI5jAKCyPRlW5R | base64 -d > x25519.bin

$ dumpasn1 x25519.bin
  0  46: SEQUENCE {
  2   1:   INTEGER 0
  5   5:   SEQUENCE {
  7   3:     OBJECT IDENTIFIER curveX25519 (1 3 101 110)
       :     }
 12  34:   OCTET STRING, encapsulates {
 14  32:     OCTET STRING
       :       C0 62 A3 8F E7 18 73 E2 27 30 94 0E 27 EE 32 5E
       :       F3 83 A3 1E D9 79 48 E6 30 0A 0B 23 D1 95 6E 51
       :     }
       :   }

0 warnings, 0 errors.

Downloads

No downloads available.