Convert puttygen Ed25519 private key to JKS

Question

I am trying to convert a putty generated Ed25519 private key to a JKS keystore, I tried looking into lots of documentations but I am a bit lost

First I generate my key using puttygen (It is a key I am using as an example, I am not planning on using this one)

PuTTY-User-Key-File-3: ssh-ed25519
Encryption: none
Comment: eddsa-key-20240404
Public-Lines: 2
AAAAC3NzaC1lZDI1NTE5AAAAIN3TmCpGrfLD94S1GjHtsFUNw6hsd3SRHeuj06Yj
y9F5
Private-Lines: 1
AAAAIDt5Sc7bkLdz0zduq1sOW4dgXWNvkzfKShwdR7U9H6gZ
Private-MAC: df9c28347ae0cdd41627521dc1052f7043d6ce689e2e8bebfb492493ba6382c5

Then I export it to OpenSSH format using puttygen

-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtz
c2gtZWQyNTUxOQAAACDd05gqRq3yw/eEtRox7bBVDcOobHd0kR3ro9OmI8vReQAA
AKC2h1lEtodZRAAAAAtzc2gtZWQyNTUxOQAAACDd05gqRq3yw/eEtRox7bBVDcOo
bHd0kR3ro9OmI8vReQAAAEA7eUnO25C3c9M3bqtbDluHYF1jb5M3ykocHUe1PR+o
Gd3TmCpGrfLD94S1GjHtsFUNw6hsd3SRHeuj06Yjy9F5AAAAEmVkZHNhLWtleS0y
MDI0MDQwNAECAwQFBgcICQoL
-----END OPENSSH PRIVATE KEY-----

Then I am trying to use openssl to convert this to a pkcs12 store but It is not able to read the private key, so I am stuck here.

openssl req -new -x509 -key key.pem -out certfile

And the result is :

Could not find private key from key.pem

I tried with an RSA key and it works fine, but with Ed25519 I am unable to get openssl to read the openssh format or convert it to a format that openssl can read.

Answer 1

I tried with an RSA key and it works fine

Until version 7.8, OpenSSH used the OpenSSL 'traditional' (i.e. non-PKCS8) formats for privatekey types RSA, RSA, and ECDSA, but not Ed25519, which uses OpenSSH's 'new format' because there was (and still is) no OpenSSL traditional format for that algorithm (or the other Bernstein et al ones). If you use the Windows version of puttygen, which I assume you did though you don't say so because the Unix version of puttygen doesn't describe this conversion as export, Conversions / Export OpenSSH key writes RSA in legacy format which OpenSSL can use but Ed25519 in new format which OpenSSL cannot use. But Export OpenSSH key (force new format) writes new format for RSA also and that won't be usable.

While there is no feature to automatically convert either Putty or OpenSSH formats for Ed25519 to PKCS8 format used by OpenSSL, the unencrypted variant of PKCS8 for Ed25519 is not hard to hack by hand in Unix, including Unixalikes (now fairly common) on Windows: WSL, git4win aka git-bash, cygwin, mingw, gnuwin32. Just take the Private-lines: from your unencrypted PuTTY ed25519 and do something like:

( printf '\x30\x2e\x02\x01\x00\x30\x05\x06\x03\x2b\x65\x70\x04\x22\x04\x20'; 
printf AAAAIDt5Sc7bkLdz0zduq1sOW4dgXWNvkzfKShwdR7U9H6gZ | base64 -d | tail -c+5 ) | openssl pkey 
# for OpenSSL versions below 3.0.0 (all now EOL upstream) append -inform der

In bare Windows I'd bet the equivalent can be done in PowerShell, but I don't know enough of it to do so.

---

Alternatively, as commented by A.B., you could generate the key with OpenSSL which (unsurprisingly) already uses OpenSSL format and doesn't need any conversion:

openssl genpkey -algorithm ed25519

or since for a Java keystore you actually want to create both a privatekey and selfsigned certificate, you can do it within the req command:

openssl req -newkey ed25519 -x509 -keyout keyfile -out certfile [-nodes] [other options] 

And finally, if you want a Java keystore because you are using a Java version/environment that supports Ed25519 -- and I can't see any other reason that makes sense -- you can just generate it in Java in the first place:

keytool -genkeypair -keyalg ed25519 [-keystore file] [other options]

Note Java 9 up will by default create a keystore as PKCS12 not JKS. If you really want JKS, specify -storetype JKS. But no version of Java that supports Ed25519 needs or even prefers JKS, so I can't see why you would want to.