diff options
author | Matt Caswell <matt@openssl.org> | 2018-04-05 13:03:37 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-04-06 10:10:05 +0100 |
commit | e65c959f1fd5469ba96fceb68ce8b7c8d52edb39 (patch) | |
tree | ff20b3e5abb41d9c88530daf6a1d0777e9c22d7a /apps | |
parent | a6f5b1163452a36da1c8378eab3f29ae234e5c7f (diff) |
Add a note and better error if using Ed25519/Ed448 in dgst
Fixes #5873
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5880)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/dgst.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/apps/dgst.c b/apps/dgst.c index 4bf20f33e5..d158a0ccb2 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -235,6 +235,8 @@ int dgst_main(int argc, char **argv) } if (keyfile != NULL) { + int type; + if (want_pub) sigkey = load_pubkey(keyfile, keyform, 0, NULL, e, "key file"); else @@ -245,6 +247,15 @@ int dgst_main(int argc, char **argv) */ goto end; } + type = EVP_PKEY_id(sigkey); + if (type == EVP_PKEY_ED25519 || type == EVP_PKEY_ED448) { + /* + * We implement PureEdDSA for these which doesn't have a separate + * digest, and only supports one shot. + */ + BIO_printf(bio_err, "Key type not supported for this operation\n"); + goto end; + } } if (mac_name != NULL) { |