Package com.nimbusds.jose.crypto

Class Ed25519Signer

java.lang.Object
com.nimbusds.jose.crypto.impl.BaseJWSProvider
com.nimbusds.jose.crypto.impl.EdDSAProvider
com.nimbusds.jose.crypto.Ed25519Signer
All Implemented Interfaces:
JCAAware<JCAContext>, JOSEProvider, JWSProvider, JWSSigner
@ThreadSafe public class Ed25519Signer extends EdDSAProvider implements JWSSigner
Ed25519 signer of JWS objects. Expects an OctetKeyPair with "crv" Ed25519. Uses the Edwards-curve Digital Signature Algorithm (EdDSA).

See RFC 8037 for more information.

This class is thread-safe.

Supports the following algorithm:

Version:
2024-05-07
Author:
Tim McLean

  • Constructor Details

    • Ed25519Signer

      public Ed25519Signer(OctetKeyPair privateKey) throws JOSEException
      Creates a new Ed25519 signer.
      Parameters:
      privateKey - The private key. Must be of type Ed25519 ("crv": "Ed25519") and not null.
      Throws:
      JOSEException - If the key subtype is not supported or if the key is not a private key.

  • Method Details

    • getPrivateKey

      public OctetKeyPair getPrivateKey()
      Gets the Ed25519 private key as an OctetKeyPair.
      Returns:
      The private key.

    • sign

      public Base64URL sign(JWSHeader header, byte[] signingInput) throws JOSEException
      Description copied from interface: JWSSigner
      Signs the specified input of a JWS object.
      Specified by:
      sign in interface JWSSigner
      Parameters:
      header - The JSON Web Signature (JWS) header. Must specify a supported JWS algorithm and must not be null.
      signingInput - The input to sign. Must not be null.
      Returns:
      The resulting signature part (third part) of the JWS object.
      Throws:
      JOSEException - If the JWS algorithm is not supported, if a critical header parameter is not supported or marked for deferral to the application, or if signing failed for some other internal reason.