doc/man1/x509.pod: fix typo

[openssl.git] / apps / dgst.c

diff --git a/apps/dgst.c b/apps/dgst.c
index d5646c91e25bbfe0ed1a715ee9ea0e1494369934..34494a404aeef250317e7b5bba413e84e3d9beea 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -1,7 +1,7 @@
 /*
  * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
- * Licensed under the OpenSSL license (the "License").  You may not use
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  * in the file LICENSE in the source distribution or at
  * https://www.openssl.org/source/license.html
@@ -235,6 +235,8 @@ int dgst_main(int argc, char **argv)
     }
 
     if (keyfile != NULL) {
+        int type;
+
         if (want_pub)
             sigkey = load_pubkey(keyfile, keyform, 0, NULL, e, "key file");
         else
@@ -245,6 +247,15 @@ int dgst_main(int argc, char **argv)
              */
             goto end;
         }
+        type = EVP_PKEY_id(sigkey);
+        if (type == EVP_PKEY_ED25519 || type == EVP_PKEY_ED448) {
+            /*
+             * We implement PureEdDSA for these which doesn't have a separate
+             * digest, and only supports one shot.
+             */
+            BIO_printf(bio_err, "Key type not supported for this operation\n");
+            goto end;
+        }
     }
 
     if (mac_name != NULL) {
@@ -277,8 +288,8 @@ int dgst_main(int argc, char **argv)
     }
 
     if (hmac_key != NULL) {
-        sigkey = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, impl,
-                                          (unsigned char *)hmac_key, -1);
+        sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl,
+                                              (unsigned char *)hmac_key, -1);
         if (sigkey == NULL)
             goto end;
     }