CODEWITHSUNDEEP
jwtjose
user938363
user938363

Reputation: 10378

Generate EdDSA 25519 key pair for JOSE/NODEJS

Here is the command I used on ubuntu 20.x to generate key pair of EdDSA 25519 for JOSE/NODEJS (14.16) app:

$ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id-ed25519 -C myemail_address

Here is the private key generated:

-----BEGIN OPENSSH PRIVATE KEY-----
a3BlbnNzaC1rZXktdjEAAAAABG5vbmVAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACAp92w+fwodL4kaUDrNghdZScdcg54IJOO6tLpG91oeKgAAAJj71Y9w+9WP
cAAAAAtzc2gtZWQyNTUxOQAAACAp92w+awodL4kaUDrNghdZScdcg54IJOO6tLpG91oeKg
AAAEDsEfbdyx4HaM5cL1f2Ag2Knb0NDCIiuIDsm6FwR5NJESn3bD5/Ch0viRpQOs2CF1lJ
c1yDnggk47q0ukb3Wh4qAAAAFGVtY2yhYjIwMTFAZ21haWwuY29tAQ==
-----END OPENSSH PRIVATE KEY-----

The private key has 366 bytes instead of 32 bytes.

Here is the public key:

BAAAC3NzaC1lZ1I1NTE5AAAAICn3CD5/Ch0viRpQOs2CF1lJx1yDnggk47q0ukb3Wh4q myemail_address

It is 63bytes without counting email address and seems too long.

Is it the right way to generate key pair for EdDSA 25519? If it is not, what is the right way?

Upvotes: 7

Views: 5141

Answers (1)

user9775882
user9775882

Reputation:

You can use Node.js (>= 12.0.0) for this as well.

const keypair = crypto.generateKeyPairSync(
  'ed25519', 
  {
    privateKeyEncoding: { format: 'pem', type: 'pkcs8' }, 
    publicKeyEncoding: { format: 'pem', type: 'spki' }
  }
)

console.log(keypair.privateKey)
console.log(keypair.publicKey)

There is both blocking and non-blocking API for this.

Upvotes: 16

Related Questions