feat: add support for Ed25519 and Ed448 (EdDSA)

Author: panva

lib/oneShotAlgs.js

@@ -52,6 +52,11 @@ module.exports = function(alg, key) {
       digest: 'sha512',
       key: { key, dsaEncoding: 'ieee-p1363' },
     };
+  case 'EdDSA':
+    return {
+      digest: undefined,
+      key: { key },
+    };
   default:
     throw new Error('unreachable');
   }

lib/validateAsymmetricKey.js

@@ -2,6 +2,8 @@ const { ASYMMETRIC_KEY_DETAILS_SUPPORTED, RSA_PSS_KEY_DETAILS_SUPPORTED } = requ
 
 const allowedAlgorithmsForKeys = {
   'ec': ['ES256', 'ES256K', 'ES384', 'ES512'],
+  'ed25519': ['EdDSA'],
+  'ed448': ['EdDSA'],
   'rsa': ['RS256', 'PS256', 'RS384', 'PS384', 'RS512', 'PS512'],
   'rsa-pss': ['PS256', 'PS384', 'PS512']
 };

sign.js

@@ -15,6 +15,7 @@ const SUPPORTED_ALGS = [
   'PS256', 'PS384', 'PS512',
   'ES256', 'ES256K', 'ES384', 'ES512',
   'HS256', 'HS384', 'HS512',
+  'EdDSA',
   'none',
 ];
 

test/ed25519-private.pem

@@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEINm0OEjPHWFVPXX+RWO48diNrzeWvhxLYT0UfBHb6ZBA
+-----END PRIVATE KEY-----

test/ed25519-public-invalid.pem

@@ -0,0 +1,3 @@
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEAnbt7ZRTDvGWNmgiJQ+oOodLqvFS0fl1mlRHTaetHI0Q=
+-----END PUBLIC KEY-----

test/ed25519-public.pem

@@ -0,0 +1,3 @@
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEAbelG8IgnkVHYUdI5CN54QDdYkvgJkeDc7V8EVBN6zVg=
+-----END PUBLIC KEY-----

test/jwt.asymmetric_signing.tests.js

@@ -26,6 +26,11 @@ const algorithms = {
     pub_key: loadKey('secp256k1-public.pem'),
     invalid_pub_key: loadKey('secp256k1-public-invalid.pem')
   },
+  EdDSA: {
+    priv_key: loadKey('ed25519-private.pem'),
+    pub_key: loadKey('ed25519-public.pem'),
+    invalid_pub_key: loadKey('ed25519-public-invalid.pem')
+  },
   PS256: {
     pub_key: loadKey('pub.pem'),
     priv_key: loadKey('priv.pem'),

test/roundtrip.test.js

@@ -14,6 +14,8 @@ for (const [alg, opts] of [
   ["ES256K"],
   ["ES384"],
   ["ES512"],
+  ["EdDSA", { crv: "Ed25519" }],
+  ["EdDSA", { crv: "Ed448" }],
 ]) {
   const conditionalDescribe =
     parseInt(process.versions.node, 10) >= 18 ? describe : describe.skip;

test/schema.tests.js

@@ -10,6 +10,7 @@ describe('schema', function() {
     var cert_secp256k1_priv = fs.readFileSync(__dirname + '/secp256k1-private.pem');
     var cert_secp384r1_priv = fs.readFileSync(__dirname + '/secp384r1-private.pem');
     var cert_secp521r1_priv = fs.readFileSync(__dirname + '/secp521r1-private.pem');
+    var cert_ed25519_priv = fs.readFileSync(__dirname + '/ed25519-private.pem');
 
     function sign(options, secretOrPrivateKey) {
       jwt.sign({foo: 123}, secretOrPrivateKey, options);
@@ -30,6 +31,7 @@ describe('schema', function() {
       sign({algorithm: 'ES256K'}, cert_secp256k1_priv);
       sign({algorithm: 'ES384'}, cert_secp384r1_priv);
       sign({algorithm: 'ES512'}, cert_secp521r1_priv);
+      sign({algorithm: 'EdDSA'}, cert_ed25519_priv);
       sign({algorithm: 'HS256'}, 'superSecret');
       sign({algorithm: 'HS384'}, 'superSecret');
       sign({algorithm: 'HS512'}, 'superSecret');

verify.js

@@ -11,6 +11,7 @@ const EC_KEY_ALGS = ['ES256', 'ES256K', 'ES384', 'ES512'];
 const RSA_KEY_ALGS = ['RS256', 'RS384', 'RS512', 'PS256', 'PS384', 'PS512'];
 const PUB_KEY_ALGS = [].concat(RSA_KEY_ALGS, EC_KEY_ALGS);
 const HS_ALGS = ['HS256', 'HS384', 'HS512'];
+const EdDSA_ALGS = ['EdDSA'];
 
 function processPayload(header, payload, signature, options, done) {
   const clockTimestamp = options.clockTimestamp || Math.floor(Date.now() / 1000);
@@ -222,6 +223,10 @@ module.exports = function(jwtString, secretOrPublicKey, options, callback) {
         case 'ec':
           options.algorithms = EC_KEY_ALGS
           break;
+        case 'ed25519':
+        case 'ed448':
+          options.algorithms = EdDSA_ALGS;
+          break;
         default:
           options.algorithms = PUB_KEY_ALGS;
         }