[Cryptography-dev] Loading a Curve25519 X.509 key

Wed Mar 10 14:16:59 EST 2021

Yes, load_{pem,der}_{public,private}_key can load
ed25519/ed448/x25519/x448 keys as well as long as they are in
PKCS8/subjectPublicKeyInfo formats. We should fix those docs.

-Paul

On Wed, Mar 10, 2021 at 11:05 AM Alex Gaynor <alex.gaynor at gmail.com> wrote:
>
> Hi Saruabh,
>
> I think https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization.html#cryptography.hazmat.primitives.serialization.load_pem_public_key
> should work. Notwithstanding the docs, I believe it'll load an
> X25519PublicKey :-) If that works for you, let us know and I'll make
> sure we fix those docs.
>
> Alex
>
> On Wed, Mar 10, 2021 at 11:56 AM Saurabh Kapoor <saurabh at fintify.com> wrote:
> >
> > Hi,
> >
> > A service we communicate with sends us their Curve25519 public key as a PEM file. The key is DER encoded and the format is X.509's SubjectPublicKeyInfo.
> >
> > We would like to create a cryptography.hazmat.primitives.asymmetric.x25519.X25519PublicKey for this object but I am unable to find the routines to load such keys. X25519PublicKey.load_public_bytes(..) expects a raw key.
> >
> > Using the following openssl command I can examine the key: openssl asn1parse -in pub_key.pem
> >
> > Any suggestions on how my service written in Python can load this kind of a public key? I've also posted a slightly more detailed question here: https://stackoverflow.com/questions/66492939/python-decoding-an-ecdh-curve-25519-public-key-encoded-as-a-pem-file
> >
> > regards,
> > Saurabh
> > _______________________________________________
> > Cryptography-dev mailing list
> > Cryptography-dev at python.org
> > https://mail.python.org/mailman/listinfo/cryptography-dev
>
>
>
> --
> All that is necessary for evil to succeed is for good people to do nothing.
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev