3 files changed, 7 insertions, 12 deletions

diff --git a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/DecryptTool.java b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/DecryptTool.java
index fc485eb92f2..f1c166ba934 100644
--- a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/DecryptTool.java
+++ b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/DecryptTool.java
@@ -14,12 +14,9 @@ import org.apache.commons.cli.Option;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Paths;
-import java.util.Arrays;
 import java.util.List;
 import java.util.Optional;
 
-import static com.yahoo.security.ArrayUtils.toUtf8Bytes;
-
 /**
  * Tooling for decrypting a file using a private key that corresponds to the public key used
  * to originally encrypt the file.
@@ -47,7 +44,7 @@ public class DecryptTool implements Tool {
                     .longOpt(RECIPIENT_PRIVATE_KEY_FILE_OPTION)
                     .hasArg(true)
                     .required(false)
-                    .desc("Recipient private key file")
+                    .desc("Recipient private key file in Base58 encoded format")
                     .build(),
             Option.builder("i")
                     .longOpt(KEY_ID_OPTION)
@@ -103,7 +100,7 @@ public class DecryptTool implements Tool {
                                                        "used when generating the supplied token");
                 }
             }
-            var privateKey   = KeyUtils.fromBase64EncodedX25519PrivateKey(Files.readString(privKeyPath).strip());
+            var privateKey   = KeyUtils.fromBase58EncodedX25519PrivateKey(Files.readString(privKeyPath).strip());
             var secretShared = SharedKeyGenerator.fromSealedKey(sealedSharedKey, privateKey);
             var cipher       = SharedKeyGenerator.makeAesGcmDecryptionCipher(secretShared);
 
diff --git a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/EncryptTool.java b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/EncryptTool.java
index 737bade400f..886433f00f8 100644
--- a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/EncryptTool.java
+++ b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/EncryptTool.java
@@ -15,8 +15,6 @@ import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.util.List;
 
-import static com.yahoo.security.ArrayUtils.toUtf8Bytes;
-
 /**
  * Tooling to encrypt a file using a public key, emitting a non-secret token that can be
  * passed on to a recipient holding the corresponding private key.
@@ -42,7 +40,7 @@ public class EncryptTool implements Tool {
                     .longOpt(RECIPIENT_PUBLIC_KEY_OPTION)
                     .hasArg(true)
                     .required(false)
-                    .desc("Recipient X25519 public key in Base64 encoded format")
+                    .desc("Recipient X25519 public key in Base58 encoded format")
                     .build(),
             Option.builder("i")
                     .longOpt(KEY_ID_OPTION)
@@ -79,7 +77,7 @@ public class EncryptTool implements Tool {
             var inputArg   = leftoverArgs[0];
             var outputPath = Paths.get(CliUtils.optionOrThrow(arguments, OUTPUT_FILE_OPTION));
 
-            var recipientPubKey = KeyUtils.fromBase64EncodedX25519PublicKey(CliUtils.optionOrThrow(arguments, RECIPIENT_PUBLIC_KEY_OPTION).strip());
+            var recipientPubKey = KeyUtils.fromBase58EncodedX25519PublicKey(CliUtils.optionOrThrow(arguments, RECIPIENT_PUBLIC_KEY_OPTION).strip());
             var keyId  = KeyId.ofString(CliUtils.optionOrThrow(arguments, KEY_ID_OPTION));
             var shared = SharedKeyGenerator.generateForReceiverPublicKey(recipientPubKey, keyId);
             var cipher = SharedKeyGenerator.makeAesGcmEncryptionCipher(shared);
diff --git a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/KeygenTool.java b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/KeygenTool.java
index d7885dc6455..3d5accde98f 100644
--- a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/KeygenTool.java
+++ b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/KeygenTool.java
@@ -59,7 +59,7 @@ public class KeygenTool implements Tool {
         return new ToolDescription(
                 "<options>",
                 "Generates an X25519 key pair and stores its private/public parts in " +
-                "separate files in Base64 encoded form.",
+                "separate files in Base58 encoded form.",
                 "Note: this is a BETA tool version; its interface may be changed at any time",
                 OPTIONS);
     }
@@ -101,8 +101,8 @@ public class KeygenTool implements Tool {
 
             var privFilePerms = PosixFilePermissions.fromString("rw-------");
             Files.createFile( privOutPath, PosixFilePermissions.asFileAttribute(privFilePerms));
-            Files.writeString(privOutPath, KeyUtils.toBase64EncodedX25519PrivateKey(privKey) + "\n");
-            Files.writeString(pubOutPath,  KeyUtils.toBase64EncodedX25519PublicKey(pubKey) + "\n");
+            Files.writeString(privOutPath, KeyUtils.toBase58EncodedX25519PrivateKey(privKey) + "\n");
+            Files.writeString(pubOutPath,  KeyUtils.toBase58EncodedX25519PublicKey(pubKey) + "\n");
 
         } catch (IOException e) {
             throw new RuntimeException(e);