I'm writing Java code that works with a set of WireGuard peers, and would like to check if the String representing the public key for each peer actually is a valid key.
Asked
Active
Viewed 717 times
1 Answers
1
I found the answer (written by Jason Donenfeld himself) on the WireGuard mailing list, but find it appropriate to make it available here as well.
In brief, public and private keys are both 32 byte strings encoded in base 64, and can be matched against this regex:
^[A-Za-z0-9+/]{42}[AEIMQUYcgkosw480]=$
His explanation for the last two characters was very useful:
[...] 32 does not divide evenly by .75, so there's a padding character and the penultimate character does not include the whole base64 alphabet. 43 base64 chars can represent up to 258bits, which is more than 256bits.
gjoranv
- 4,376
- 3
- 21
- 37