diff --git a/src/crypto/crypto.js b/src/crypto/crypto.js
index 088d0b15..0cb86be1 100644
--- a/src/crypto/crypto.js
+++ b/src/crypto/crypto.js
@@ -480,7 +480,7 @@ export function getPreferredCurveHashAlgo(algo, oid) {
     case enums.publicKey.eddsaLegacy:
       return publicKey.elliptic.getPreferredHashAlgo(oid);
     case enums.publicKey.ed25519:
-      return enums.hash.sha256;
+      return publicKey.elliptic.eddsa.getPreferredHashAlgo(algo);
     default:
       throw new Error('Unknown elliptic signing algo');
   }
diff --git a/src/crypto/public_key/elliptic/eddsa.js b/src/crypto/public_key/elliptic/eddsa.js
index 82ec956d..e38cbb96 100644
--- a/src/crypto/public_key/elliptic/eddsa.js
+++ b/src/crypto/public_key/elliptic/eddsa.js
@@ -61,9 +61,8 @@ export async function generate(algo) {
  * @async
  */
 export async function sign(algo, hashAlgo, message, publicKey, privateKey, hashed) {
-  if (hash.getHashByteLength(hashAlgo) < hash.getHashByteLength(enums.hash.sha256)) {
-    // see https://tools.ietf.org/id/draft-ietf-openpgp-rfc4880bis-10.html#section-15-7.2
-    throw new Error('Hash algorithm too weak: sha256 or stronger is required for EdDSA.');
+  if (hash.getHashByteLength(hashAlgo) < hash.getHashByteLength(getPreferredHashAlgo(algo))) {
+    throw new Error('Hash algorithm too weak for EdDSA.');
   }
   switch (algo) {
     case enums.publicKey.ed25519: {
@@ -90,6 +89,9 @@ export async function sign(algo, hashAlgo, message, publicKey, privateKey, hashe
  * @async
  */
 export async function verify(algo, hashAlgo, { RS }, m, publicKey, hashed) {
+  if (hash.getHashByteLength(hashAlgo) < hash.getHashByteLength(getPreferredHashAlgo(algo))) {
+    throw new Error('Hash algorithm too weak for EdDSA.');
+  }
   switch (algo) {
     case enums.publicKey.ed25519: {
       return nacl.sign.detached.verify(hashed, RS, publicKey);
@@ -124,3 +126,12 @@ export async function validateParams(algo, A, seed) {
       return false;
   }
 }
+
+export function getPreferredHashAlgo(algo) {
+  switch (algo) {
+    case enums.publicKey.ed25519:
+      return enums.hash.sha256;
+    default:
+      throw new Error('Unknown EdDSA algo');
+  }
+}
diff --git a/src/crypto/public_key/elliptic/eddsa_legacy.js b/src/crypto/public_key/elliptic/eddsa_legacy.js
index 7c348de1..63929ea7 100644
--- a/src/crypto/public_key/elliptic/eddsa_legacy.js
+++ b/src/crypto/public_key/elliptic/eddsa_legacy.js
@@ -47,7 +47,7 @@ nacl.hash = bytes => new Uint8Array(sha512().update(bytes).digest());
 export async function sign(oid, hashAlgo, message, publicKey, privateKey, hashed) {
   if (hash.getHashByteLength(hashAlgo) < hash.getHashByteLength(enums.hash.sha256)) {
     // see https://tools.ietf.org/id/draft-ietf-openpgp-rfc4880bis-10.html#section-15-7.2
-    throw new Error('Hash algorithm too weak: sha256 or stronger is required for EdDSA.');
+    throw new Error('Hash algorithm too weak for EdDSA.');
   }
   const secretKey = util.concatUint8Array([privateKey, publicKey.subarray(1)]);
   const signature = nacl.sign.detached(hashed, secretKey);
@@ -71,6 +71,9 @@ export async function sign(oid, hashAlgo, message, publicKey, privateKey, hashed
  * @async
  */
 export async function verify(oid, hashAlgo, { r, s }, m, publicKey, hashed) {
+  if (hash.getHashByteLength(hashAlgo) < hash.getHashByteLength(enums.hash.sha256)) {
+    throw new Error('Hash algorithm too weak for EdDSA.');
+  }
   const signature = util.concatUint8Array([r, s]);
   return nacl.sign.detached.verify(hashed, signature, publicKey.subarray(1));
 }