package jwt

import (
	

	
	
	
)

var (
	ErrEd25519Verification = errors.New("ed25519: verification error")
)

// SigningMethodEd25519 implements the EdDSA family.
// Expects ed25519.PrivateKey for signing and ed25519.PublicKey for verification
type SigningMethodEd25519 struct{}

// Specific instance for EdDSA
var (
	SigningMethodEdDSA *SigningMethodEd25519
)

func init() {
	SigningMethodEdDSA = &SigningMethodEd25519{}
	RegisterSigningMethod(SigningMethodEdDSA.Alg(), func() SigningMethod {
		return SigningMethodEdDSA
	})
}

func ( *SigningMethodEd25519) () string {
	return "EdDSA"
}

// Verify implements token verification for the SigningMethod.
// For this verify method, key must be an ed25519.PublicKey
func ( *SigningMethodEd25519) (,  string,  interface{}) error {
	var  error
	var  ed25519.PublicKey
	var  bool

	if ,  = .(ed25519.PublicKey); ! {
		return ErrInvalidKeyType
	}

	if len() != ed25519.PublicKeySize {
		return ErrInvalidKey
	}

	// Decode the signature
	var  []byte
	if ,  = DecodeSegment();  != nil {
		return 
	}

	// Verify the signature
	if !ed25519.Verify(, []byte(), ) {
		return ErrEd25519Verification
	}

	return nil
}

// Sign implements token signing for the SigningMethod.
// For this signing method, key must be an ed25519.PrivateKey
func ( *SigningMethodEd25519) ( string,  interface{}) (string, error) {
	var  crypto.Signer
	var  bool

	if ,  = .(crypto.Signer); ! {
		return "", ErrInvalidKeyType
	}

	if ,  := .Public().(ed25519.PublicKey); ! {
		return "", ErrInvalidKey
	}

	// Sign the string and return the encoded result
	// ed25519 performs a two-pass hash as part of its algorithm. Therefore, we need to pass a non-prehashed message into the Sign function, as indicated by crypto.Hash(0)
	,  := .Sign(rand.Reader, []byte(), crypto.Hash(0))
	if  != nil {
		return "", 
	}
	return EncodeSegment(), nil
}