Missing documentation for EdDSA key serialization

Anders Rundgren anders.rundgren.net at gmail.com
Mon Aug 31 15:16:09 UTC 2020

you can find test vectors that are also used by rfc8037 (JOSE).

However, there seems to be no information on how to create an EdDSA public key from such a vector.
Apparently you must be an expert on the inner workings of EdDSA in order to use this API.

I have though managed(...) but 1) it looks strange 2) it may be incorrect.

1. Convert the hex-code to a byte[] array.
2. Reverse (!) all the bytes in the byte[] array.
3. publicKey = kf.generatePublic(
                     new EdECPublicKeySpec(new NamedParameterSpec(alg),
                                           new EdECPoint(false, new BigInteger(1, theByteArray))));

Ideally, EdECPoint should have an constructor that does whatever it takes based on a byte[] array.

It is equally fuzzy in the other direction.  A "getByteArray()" on EdECPoint had been great.


More information about the security-dev mailing list