mike-engel · mike-engel · Feb 1, 2023 · Jan 28, 2023 · Feb 1, 2023 · Feb 1, 2023
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,7 @@
 - Update from jsonwebtoken 7 to 8
 - Add Macports installation info #231
 - Remove Gofish installation info. See #228
+- Adds support for EdDSA algo
 
 # 5.0.3
 

diff --git a/src/cli_config.rs b/src/cli_config.rs
@@ -158,6 +158,7 @@ pub enum SupportedAlgorithms {
     PS512,
     ES256,
     ES384,
+    EdDSA,
 }
 
 fn is_payload_item(val: &str) -> Result<Option<PayloadItem>, String> {
@@ -199,5 +200,6 @@ pub fn translate_algorithm(alg: &SupportedAlgorithms) -> Algorithm {
         SupportedAlgorithms::PS512 => Algorithm::PS512,
         SupportedAlgorithms::ES256 => Algorithm::ES256,
         SupportedAlgorithms::ES384 => Algorithm::ES384,
+        SupportedAlgorithms::EdDSA => Algorithm::EdDSA,
     }
 }
diff --git a/src/translators.rs b/src/translators.rs
@@ -25,7 +25,7 @@ impl PayloadItem {
         match val {
             Some(value) => match from_str(value) {
                 Ok(json_value) => Some(PayloadItem(name.to_string(), json_value)),
-                Err(_) => match from_str(format!("\"{}\"", value).as_str()) {
+                Err(_) => match from_str(format!("\"{value}\"").as_str()) {
                     Ok(json_value) => Some(PayloadItem(name.to_string(), json_value)),
                     Err(_) => None,
                 },

diff --git a/src/translators/decode.rs b/src/translators/decode.rs
@@ -70,7 +70,12 @@ pub fn decoding_key_from_secret(alg: &Algorithm, secret_string: &str) -> JWTResu
             }
         }
         Algorithm::EdDSA => {
-            panic!("EdDSA is not implemented yet!");
+            let secret = slurp_file(&secret_string.chars().skip(1).collect::<String>());
+
+            match secret_string.ends_with(".pem") {
+                true => DecodingKey::from_ed_pem(&secret),
+                false => Ok(DecodingKey::from_ed_der(&secret)),
+            }
         }
     }
 }

diff --git a/src/translators/encode.rs b/src/translators/encode.rs
@@ -56,7 +56,14 @@ pub fn encoding_key_from_secret(alg: &Algorithm, secret_string: &str) -> JWTResu
                 false => Ok(EncodingKey::from_ec_der(&secret)),
             }
         }
-        Algorithm::EdDSA => panic!("EdDSA is not implemented yet"),
+        Algorithm::EdDSA => {
+            let secret = slurp_file(&secret_string.chars().skip(1).collect::<String>());
+
+            match secret_string.ends_with(".pem") {
+                true => EncodingKey::from_ed_pem(&secret),
+                false => Ok(EncodingKey::from_ed_der(&secret)),
+            }
+        }
     }
 }
 
@@ -124,14 +131,14 @@ pub fn print_encoded_token(
         }
         (None, Ok(jwt)) => {
             if atty::is(Stream::Stdout) {
-                println!("{}", jwt);
+                println!("{jwt}");
             } else {
-                print!("{}", jwt);
+                print!("{jwt}");
             };
         }
         (_, Err(err)) => {
             bunt::eprintln!("{$red+bold}Something went awry creating the jwt{/$}\n");
-            eprintln!("{}", err);
+            eprintln!("{err}");
             return Err(err);
         }
     }

diff --git a/src/utils.rs b/src/utils.rs
@@ -2,7 +2,7 @@ use std::fs;
 use std::path::Path;
 
 pub fn slurp_file(file_name: &str) -> Vec<u8> {
-    fs::read(file_name).unwrap_or_else(|_| panic!("Unable to read file {}", file_name))
+    fs::read(file_name).unwrap_or_else(|_| panic!("Unable to read file {file_name}"))
 }
 
 pub fn write_file(path: &Path, content: &[u8]) {

diff --git a/tests/main_test.rs b/tests/main_test.rs
@@ -617,6 +617,42 @@ mod tests {
         assert!(result.is_ok());
     }
 
+    #[test]
+    fn encodes_and_decodes_an_eddsa_token_using_key_from_file() {
+        let body: String = "{\"field\":\"value\"}".to_string();
+        let encode_matcher = App::command()
+            .try_get_matches_from(vec![
+                "jwt",
+                "encode",
+                "-A",
+                "EDDSA",
+                "--exp",
+                "-S",
+                "@./tests/private_eddsa_key.pem",
+                &body,
+            ])
+            .unwrap();
+        let encode_matches = encode_matcher.subcommand_matches("encode").unwrap();
+        let encode_arguments = EncodeArgs::from_arg_matches(encode_matches).unwrap();
+        let encoded_token = encode_token(&encode_arguments).unwrap();
+        let decode_matcher = App::command()
+            .try_get_matches_from(vec![
+                "jwt",
+                "decode",
+                "-S",
+                "@./tests/public_eddsa_key.pem",
+                "-A",
+                "EDDSA",
+                &encoded_token,
+            ])
+            .unwrap();
+        let decode_matches = decode_matcher.subcommand_matches("decode").unwrap();
+        let decode_arguments = DecodeArgs::from_arg_matches(decode_matches).unwrap();
+        let (result, _, _) = decode_token(&decode_arguments);
+
+        assert!(result.is_ok());
+    }
+
     #[test]
     fn shows_timestamps_as_iso_dates() {
         let exp = (Utc::now() + Duration::minutes(60)).timestamp();

diff --git a/tests/private_eddsa_key.pem b/tests/private_eddsa_key.pem
@@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIOlt2x5aBpWjO8MNAiE7h9nfpZqFDXVBoRAuZu85fWMU
+-----END PRIVATE KEY-----
diff --git a/tests/public_eddsa_key.pem b/tests/public_eddsa_key.pem
@@ -0,0 +1,3 @@
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEABzKf6VPTrsj8oqur2gHMkpRCl2DHxe04q0A8lV/QP+A=
+-----END PUBLIC KEY-----