I am developing some kind of a P2P network where the nodes communicate with each other via TCP and each message is signed by Ed25519 private key. I use libsodium for signing and signature verification.
I am currently developing a configuration of nodes and I had this question:
How to store public/private keys on a disk? Are there any common file formats and best practices for this?
If you are storing the file on disk then PKCS#12 Personal Information Exchange Syntax format is best practice. It is commonly referred to as a key store. But note that PKCS#12 relies on secret key encryption to encrypt the key store entries. That generally means that entries in such a store are encrypted with password based encryption. Which of course means that the library that performs the encryption has to be passed a password.
The entries themselves are generally wrapped using PKCS#8: Private-Key Information Syntax Specification which can also be used on it's own. PKCS#8 is a format to store a single encrypted key. It consists of an outer layer which defines the methods of encryption and an inner format that is used to describe what kind of key is encrypted. Sometimes the inner format itself is used to describe keys stored in plaintext (or wrapped by some other means).
Finally there are formats to describe the key themselves. These are again used within the PKCS#8 entries (much like Matryoshka dolls). Generally these use the X9.63 format for EC keys to describe the keys using ASN.1 (which is also the method of encoding PKCS#12 and PKCS#8). The ed25519 curve is however rather new so it seems to be lacking an official ASN.1 specification. There is however an internet draft that describes (a possible) standard format.
