Hi,
How do I generate the pem representation of a curve25519 public key? I can generate the key using :
This prints a string like this :
But the expected strings are more like :
Even if I add the
" -----BEGIN PUBLIC KEY-----"
and
"-----END PUBLIC KEY-----"
tags, it still doesn't process the key.
So what format is exactly the base64 encoded string of the raw format of curve25519 public key? And how do I generate the public key pem format?
The requirement is for Swift iOS.
How do I generate the pem representation of a curve25519 public key? I can generate the key using :
Code Block let privateKey = Curve25519.KeyAgreement.PrivateKey() let publicKey = privateKey.publicKey print(publicKey.rawRepresentation.base64EncodedString())
This prints a string like this :
Code Block GyQfzi3bLfpDpzi8e9j6lovX15EZY1t1fQQcnJlURxI=
But the expected strings are more like :
Code Block -----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEApxUNh3jHlNSAWE7fadipsh9AjXv6439VY3EWEC5kbgY=\n-----END PUBLIC KEY-----
Even if I add the
" -----BEGIN PUBLIC KEY-----"
and
"-----END PUBLIC KEY-----"
tags, it still doesn't process the key.
So what format is exactly the base64 encoded string of the raw format of curve25519 public key? And how do I generate the public key pem format?
The requirement is for Swift iOS.
As I’ve discussed on your other thread, the rawRepresentation of a Curve25519 key is simply the 32-byte raw key. For example, this:
printed this:
The PEM you’re trying to create needs three levels of wrapping:
The correct way to render and parse ASN.1 is with an ASN.1 library. Unfortunately, iOS does not have an API for this, and the third-party libraries out there are quite hard to integrate.
In this case, however, you can get away with prepending a fixed header on to your 32-byte raw key data. To continue the above example,
If you put those bytes into a file and then dump the ASN.1, you’ll see this:
which should look very familiar.
IMPORTANT This only works because you know you’re working with a Curve 25519 key and that key’s raw bytes is of a fixed length.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
Code Block let privateKey = Curve25519.KeyAgreement.PrivateKey() let publicKey = privateKey.publicKey let rawKeyBytes = publicKey.rawRepresentation debugPrint(rawKeyBytes as NSData)
printed this:
Code Block <eeaef887 dec4db7c d5b1022f c504185c e28ac34f a55daf54 45f1739b a97dfd30>
The PEM you’re trying to create needs three levels of wrapping:
You first have to wrap the raw key in an ASN.1 SubjectPublicKeyInfo structure.
You then have to Base64 encode that.
Finally, you add the header and trailer strings.
The correct way to render and parse ASN.1 is with an ASN.1 library. Unfortunately, iOS does not have an API for this, and the third-party libraries out there are quite hard to integrate.
In this case, however, you can get away with prepending a fixed header on to your 32-byte raw key data. To continue the above example,
Code Block let prefix = Data([0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x6E, 0x03, 0x21, 0x00]) let subjectPublicKeyInfo = prefix + rawKeyBytes
If you put those bytes into a file and then dump the ASN.1, you’ll see this:
Code Block % dumpasn1 tmp.asn1 0 42: SEQUENCE { 2 5: SEQUENCE { 4 3: OBJECT IDENTIFIER curveX25519 (1 3 101 110) : } 9 33: BIT STRING : EE AE F8 87 DE C4 DB 7C D5 B1 02 2F C5 04 18 5C : E2 8A C3 4F A5 5D AF 54 45 F1 73 9B A9 7D FD 30 : } 0 warnings, 0 errors.
which should look very familiar.
IMPORTANT This only works because you know you’re working with a Curve 25519 key and that key’s raw bytes is of a fixed length.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"