I'm trying to generate keys of type Ed25519 on Android. Right now i use the library org.bouncycastle:bcpkix-jdk15on.
This is my code:
val keyPairGenerator = Ed25519KeyPairGenerator()
keyPairGenerator.init(Ed25519KeyGenerationParameters(SecureRandom()))
val keyPair = keyPairGenerator.generateKeyPair()
val privateKey = (keyPair.private as Ed25519PrivateKeyParameters).encoded
val publicKey = (keyPair.public as Ed25519PublicKeyParameters).encoded
val privateKeyBase64 = Base64.toBase64String(privateKey)
val publicKeyBase64 = Base64.toBase64String(publicKey)
Log.d(TAG, publicKeyBase64)
This print this public key (one example):
JU+YTj99pb35tX+pLZAZAzdpwVp7GMGPkX0TcmsC7iQ=
This is an example of a public key I generated with the command line tool ssh-keygen:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKuDxTrKvkL3HbXrFuU796bmi9+KbKLTzT0QLumiJFmk [email protected]
You can see the payload has not the same size.
Then, when i try to use it on Github, the one generated by ssh-keygen works, but the other one don't. Even if i add ssh-ed25519 and the email.
This is the error message i get:
Key is invalid. You must supply a key in OpenSSH public key format.
So how can i generate a key in the right format with Java?
First, that isn't Java, although it is some language that compiles to run in the JVM and access Java libraries -- I'm guessing Scala or Kotlin, although I'm not familiar enough with either to say which. Second, you can't be using only bcpkix, because the classes you use aren't there; they are in bcprov (or bcprov-ext).
Your problem is the 'blob' in OpenSSH publickey format uses the SSH protocol's encoding for the relevant keytype, which for ed25519 adds prefix lengths and a (redundant) copy of the keytype string. This can be done by hand, but since you're already using Bouncy it can do most of it for you:
For OpenSSH the third component doesn't have to be an email address, it can be any information you want to associate with the key. I don't know if GitHub is stricter here, but as you have a working value you might as well keep it.