I have an API where I need to pass the "KeyMaterial" which according to API Docs is for:
Contains the cryptographic parameters that are required to perform End-to-End encryption for sharing the information between the producer and the consumer in a secure manner.
Here is the example they have shared
"KeyMaterial": {
"cryptoAlg": "ECDHE",
"curve": "Curve25519",
"params": "string",
"DHPublicKey": {
"expiry": "2018-12-23T11:39:57.153Z",
"Parameters": "string",
"KeyValue": "683938505ec529a700fcceab66273d1aa78d494208a4769930f0818872159265"
},
"Nonce": "R4s6vNI7I/JfdeA3/6dMMQ==",
"Signature": "jFJcYCOTVV6iiLPlM7qY+Zz+3PF8oUPFg1byb1GNr+k="
}
They also mention that
"Signature" field : Refers the signature standard for more information: https://www.w3.org/TR/xmldsig-core1/
"KeyValue" : Contains the value of ephemeral public key
However, I confused to how exactly should I be filling in these parameters. I could not find any reference implementations for ECDHE + Curve25519. Can anyone explain how exactly can I fill in these parameters? How do I generate the signature field? and the KeyValue field in "DHPublicKey"
Public Key can be generated like this.
Generate a X25519 private key : 32 byte random
private key * Generator point = Public Key
Nonce must be random bytes transformed into base64 encoding.
About the signature, I don't know what kind of signature it is.