diff options
| author | Matt Caswell <matt@openssl.org> | 2018-04-05 14:03:37 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-04-06 11:10:05 +0200 |
| commit | e65c959f1fd5469ba96fceb68ce8b7c8d52edb39 (patch) | |
| tree | ff20b3e5abb41d9c88530daf6a1d0777e9c22d7a /apps/dgst.c | |
| parent | Support EVP_PKEY_sign() and EVP_PKEY_verify() for EdDSA (diff) | |
| download | openssl-e65c959f1fd5469ba96fceb68ce8b7c8d52edb39.tar.xz openssl-e65c959f1fd5469ba96fceb68ce8b7c8d52edb39.zip | |
Add a note and better error if using Ed25519/Ed448 in dgst
Fixes #5873
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5880)
Diffstat (limited to 'apps/dgst.c')
| -rw-r--r-- | apps/dgst.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/apps/dgst.c b/apps/dgst.c index 4bf20f33e5..d158a0ccb2 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -235,6 +235,8 @@ int dgst_main(int argc, char **argv) } if (keyfile != NULL) { + int type; + if (want_pub) sigkey = load_pubkey(keyfile, keyform, 0, NULL, e, "key file"); else @@ -245,6 +247,15 @@ int dgst_main(int argc, char **argv) */ goto end; } + type = EVP_PKEY_id(sigkey); + if (type == EVP_PKEY_ED25519 || type == EVP_PKEY_ED448) { + /* + * We implement PureEdDSA for these which doesn't have a separate + * digest, and only supports one shot. + */ + BIO_printf(bio_err, "Key type not supported for this operation\n"); + goto end; + } } if (mac_name != NULL) { |