ed25519-dalek icon indicating copy to clipboard operation
ed25519-dalek copied to clipboard
verified publisher icon dalek-cryptography

SigningKey cannot be serialized to a pem format

Open lebe-dev opened this issue 1 year ago • 3 comments

Hi.

SigningKey cannot be serialized to a pem format:

use ed25519_dalek::SigningKey;
use rand::rngs::OsRng;
...

let mut csprng = OsRng;
let signing_key: SigningKey = SigningKey::generate(&mut csprng);

match signing_key.to_pkcs1_pem(rsa::pkcs1::LineEnding::LF) {
    Ok(_) => {}
    Err(e) => {
        error!("{}", e)
    }
}

Cargo.toml:

ed25519-dalek = { version = "2.1.1", features = [
    "digest",
    "pem",
    "pkcs8",
    "signature",
    "serde",
    "rand_core",
] }

Error:

unknown/unsupported algorithm OID: 1.2.840.113549.1.1.1

lebe-dev avatar Nov 21 '24 08:11 lebe-dev

PKCS#1 is a format for RSA keys, not Ed25519 keys.

You want PKCS#8. See: https://docs.rs/ed25519-dalek/2.1.1/ed25519_dalek/#pkcs8-key-encoding

The fact you can call this at all is something of a quirk of the pkcs1 crate's API which should probably be fixed.

tarcieri avatar Nov 21 '24 13:11 tarcieri

Thanks, but i don't get how to use it for SigningKey. I couldn't find implementation for ed25519_dalek::pkcs8::EncodePrivateKey and how to use it in SigningKey context.

Could you provide a small example?

lebe-dev avatar Nov 22 '24 09:11 lebe-dev

The trait impl is here: https://docs.rs/ed25519-dalek/latest/ed25519_dalek/struct.SigningKey.html#impl-EncodePrivateKey-for-SigningKey

We should add an example to the documentation.

tarcieri avatar Dec 02 '24 19:12 tarcieri

ed25519-dalek has moved to: https://github.com/dalek-cryptography/curve25519-dalek/tree/main/ed25519-dalek

If you feel this issue has not yet been addressed, please request this issue be moved to that repo by leaving a comment, or open a new issue on that repo.

tarcieri avatar Jul 30 '25 13:07 tarcieri