problem with ed25519 key

[eman1986]

Hi,

I'm having some issues getting the library to work with my ED25519 key, when I try to create a jwt token I get this error:

PHP Fatal error: Uncaught SodiumException: sodium_crypto_sign_detached(): Argument #2 ($secret_key) must be SODIUM_CRYPTO_SIGN_SECRETKEYBYTES bytes long in /home/ed/JwtDemo/vendor/lcobucci/jwt/src/Signer/Eddsa.php:22
Stack trace:
#0 /home/ed/JwtDemo/vendor/lcobucci/jwt/src/Signer/Eddsa.php(22): sodium_crypto_sign_detached()
#1 /home/ed/JwtDemo/vendor/lcobucci/jwt/src/Token/Builder.php(119): Lcobucci\JWT\Signer\Eddsa->sign()
#2 /home/ed/JwtDemo/login.php(23): Lcobucci\JWT\Token\Builder->getToken()
#3 {main}

this is what my config looks like:

$configuration = Configuration::forAsymmetricSigner(new Eddsa(), LocalFileReference::file('keys/jwt/key'), LocalFileReference::file('keys/jwt.key.pub', 'mypassphrase'));

in case you're wondering how I made my jwt key, here's how:

ssh-keygen -t ed25519 -m PEM -f ~/jwt.key -C "JWT Key"

hopefully someone can tell me where I went wrong.

Thanks

[lcobucci]

@eman1986 differently from the other algorithms, EdDSA doesn't use the PEM format as input.

Libsodium simplifies things quite a lot and provides functions to generate keys.

You first need to generate the keypair and then extract the secret/public keys from it:

$keypair = sodium_crypto_sign_keypair();
$secret = sodium_crypto_sign_secretkey($keypair);
$public = sodium_crypto_sign_publickey($keypair);

Here's a full signature/verification process: https://3v4l.org/SKdcp

[eman1986]

Thanks, I couldn't find much on that type of key so I appreciate you steering me in the right direction