EdDSA Support#

The EdDSA algorithm is based on Edwards Curves, and its use with JOSE is standardized by RFC 8037. The Identity Server fully supports the Ed25519 and Ed448 signature algorithms for digital signature creation and validation.

Contrary to RSA and Elliptic Curve algorithms, EdDSA explicitly specifies the hashing algorithm to use when calculating signatures, hence the signature algorithm name for the two EdDSA algorithms (Ed25519 and Ed448) is the same for both, i.e. EdDSA. The actual signature algorithm that is used to create or verify signatures must be derived from the accompanying key.

Example of a JWT header that is signed with EdDSA:

{
  alg: 'EdDSA',
  x5t: 'ZRNic4l1nEsFtyu0BDTL4sbF0eo'
}

In the above JWT header, the x5t field points to the certificate that contains an EdDSA key. If that key is using the Ed25519 key algorithm, it should be validated using the Ed25519 signature algorithm.

Note that RFC 8037 profiles EdDSA for the PureEdDSA variants of Ed25519 and Ed448, and therefore does not use the Ed25519ph, Ed25519ctx or Ed448ph variants.