3.3.6. EdDSA Using Curve edwards25519

To sign using this algorithm, the signer applies the Ed25519 algorithm defined in Section 5.1.6 of [RFC8032] with the signer's private signing key and the signature base (Section 2.5). The signature base is taken as the input message (M) with no prehash function. The signature is a 64-octet concatenation of R and S as specified in Section 5.1.6 of [RFC8032], and this is taken as a byte array for the HTTP message signature output used in Section 3.1.

To verify using this algorithm, the signer applies the Ed25519 algorithm defined in Section 5.1.7 of [RFC8032] using the public key portion of the verification key material (A) and the signature base recreated as described in Section 3.2. The signature base is taken as the input message (M) with no prehash function. The signature to be verified is processed as the 64-octet concatenation of R and S as specified in Section 5.1.7 of [RFC8032]. The results of the verification function indicate whether the signature presented is valid.

The use of this algorithm can be indicated at runtime using the ed25519 value for the alg signature parameter.

3.3.6. EdDSA Using Curve edwards25519​

3.3.6. EdDSA Using Curve edwards25519