I have to read and load ed25519 public key for verifying signature in java, the token input pattern is: {public_key}/message.signature for example:
6a3239269f93999baec60382189c718031ad22c4c807ff29417824132cf0aa2d/eyJpc3N1ZV9kYXRlIjogIjIwMjItMTAtMjMiLCAiZXhwaXJ5X2RhdGUiOiAiMjAyMi0xMS0yMyIsICJsaWNlbnNlX3R5cGUiOiAxLCAibGljZW5zZV9rZXkiOiAiOTczZTIxOWVlNDg5NDVlNmViMDhjYzQzM2QyYjBjMDUifQ==.122ff0664a54122c6929183a561bb211a4168801e5917f33b69231eea56205ae32af4804a69a9fd25c6fab4bbf44048b57b11d71c5b8fe4fb153d0f45c5e140f
This token created via python library 'ed25519':
private_key, public_key = ed25519.create_keypair()
public_key_string = public_key.to_ascii(encoding='hex').decode('utf-8')
signature = private_key.sign(json_string.encode('utf-8'), encoding='hex')
token = public_key_string + '/' +
base64.b64encode(json_string.encode('utf-8')).decode('utf-8') +
'.' + signature.decode('utf-8')
When Im trying to split the token into parts in java and load the public key (with bouncycastle library), exception have been thrown and said that the buffer must be 32 length (which as you can see the length of the public key is 64), what am I missing here?
The public key encoded as hexadecimals, and then encoded using base64. To revert this incorrect way of encoding you'd first need to decode the base64 and then decode the hexadecimals to bytes. To fix the python script instead, perform base64.b64encode(public_key.to_bytes() and remove the public_key_string.
It seems weird that the public key is base 64 & hex encoded and why the signature is only hex encoded. It makes most sense to encode both using base64, if any textual output is required at all. Quite often text is used where binary could suffice just as well.