alg value for Ed25519?

ED25519 is an EdDSA (Edwards-curve DSA) signature scheme. See also RFC8037 and RFC8032.

According to the jose documentation alg needs to be set to EdDSA:

JWS Algorithm: Edwards-curve DSA
alg: EdDSA

EdDSAis also listed in the section JSON Web Signature and Encryption Algorithms of the IANA Registry (thanks @Florent Morselli for the hint)

Here I show an example how to generate an ed25519 keypair and a signed token using Node.js Crypto and jose, then verify the token with the public key in Python:

Generate key pair and token:

const { SignJWT } = require('jose/jwt/sign')
const { generateKeyPairSync } = require('node:crypto')

const { publicKey, privateKey } = generateKeyPairSync('ed25519');
console.log(publicKey.export({format:'pem',type:'spki'}))
console.log(privateKey.export({format:'pem',type:'pkcs8'}))

const jwt = await new SignJWT({ 'id': 1 })
    .setProtectedHeader({ alg: 'EdDSA' })
    .setExpirationTime('2h')
    .sign(privateKey)

console.log(jwt)

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEA7fySb/9h7hVH8j1paD5IoLfXj4prjfNLwOPUYKvsTOc=
-----END PUBLIC KEY-----

-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIIJtJBnTuKbIy5YjoNiH95ky3DcA3kRB0I2i7DkVM6Cf
-----END PRIVATE KEY-----

eyJhbGciOiJFZERTQSJ9.eyJpZCI6MX0.RAxBAQPFOxrCfgqb56eaAz9u2lByj-WEO- JWgJH3Cyx1o1Hwjn1pA2M4NgJeob9vb2Oaw4FOeYFr6_33XMTnAQ

The decoded token header:


{
  "alg": "EdDSA"
}

Verify the token in Python with PyJWT:

import jwt

public_key = """-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEA7fySb/9h7hVH8j1paD5IoLfXj4prjfNLwOPUYKvsTOc=
-----END PUBLIC KEY-----"""

token = 'eyJhbGciOiJFZERTQSJ9.eyJpZCI6MX0.RAxBAQPFOxrCfgqb56eaAz9u2lByj-WEO-JWgJH3Cyx1o1Hwjn1pA2M4NgJeob9vb2Oaw4FOeYFr6_33XMTnAQ'

decoded = jwt.decode(token, public_key, algorithms='EdDSA', verify=True)
print(decoded)

Note: jwt.io currently doesn't support the EdDSA/ED25519 algorithm, so you can't verify the token on that site. I also don't know about any other JWT website that can verify EdDSA signed tokens.

Recommended topics

Hot tags