Add a note and better error if using Ed25519/Ed448 in dgst

Fixes #5873

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5880)

diff --git a/apps/dgst.c b/apps/dgst.c
index 4bf20f33e5fe877d97682afbd63ceae103948333..d158a0ccb2843af199467d4dde07b66d02aaf1ae 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -235,6 +235,8 @@ int dgst_main(int argc, char **argv)
     }
 
     if (keyfile != NULL) {
+        int type;
+
         if (want_pub)
             sigkey = load_pubkey(keyfile, keyform, 0, NULL, e, "key file");
         else
@@ -245,6 +247,15 @@ int dgst_main(int argc, char **argv)
              */
             goto end;
         }
+        type = EVP_PKEY_id(sigkey);
+        if (type == EVP_PKEY_ED25519 || type == EVP_PKEY_ED448) {
+            /*
+             * We implement PureEdDSA for these which doesn't have a separate
+             * digest, and only supports one shot.
+             */
+            BIO_printf(bio_err, "Key type not supported for this operation\n");
+            goto end;
+        }
     }
 
     if (mac_name != NULL) {

diff --git a/doc/man1/dgst.pod b/doc/man1/dgst.pod
index 5cad2438a99f88e2c9fc652813371cde3d8ed79e..3d546f0adc2f0a6fe4b110a7de4c77b54834f3c4 100644 (file)
--- a/doc/man1/dgst.pod
+++ b/doc/man1/dgst.pod
@@ -86,7 +86,9 @@ Filename to output to, or standard output by default.
 
 =item B<-sign filename>
 
-Digitally sign the digest using the private key in "filename".
+Digitally sign the digest using the private key in "filename". Note this option
+does not support Ed25519 or Ed448 private keys. Use the B<pkeyutl> command
+instead for this.
 
 =item B<-keyform arg>