From f3021aca4a154c2ff9bd0030f7974eb6a719550d Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 17 May 2018 16:24:29 +0100
Subject: [PATCH] Allow the ca application to use EdDSA

Using the ca application to sign certificates with EdDSA failed because it
is not possible to set the digest to "null". This adds the capability and
updates the documentation accordingly.

Fixes #6201

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6286)
---
 apps/ca.c            | 22 +++++++++++++---------
 crypto/ec/ecx_meth.c |  2 +-
 doc/man1/ca.pod      |  3 ++-
 3 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index afc5e349b4..60c8f6c373 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -735,17 +735,21 @@ end_of_options:
     if (md == NULL && (md = lookup_conf(conf, section, ENV_DEFAULT_MD)) == NULL)
         goto end;
 
-    if (strcmp(md, "default") == 0) {
-        int def_nid;
-        if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0) {
-            BIO_puts(bio_err, "no default digest\n");
-            goto end;
+    if (strcmp(md, "null") == 0) {
+        dgst = EVP_md_null();
+    } else {
+        if (strcmp(md, "default") == 0) {
+            int def_nid;
+            if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0) {
+                BIO_puts(bio_err, "no default digest\n");
+                goto end;
+            }
+            md = (char *)OBJ_nid2sn(def_nid);
         }
-        md = (char *)OBJ_nid2sn(def_nid);
-    }
 
-    if (!opt_md(md, &dgst)) {
-        goto end;
+        if (!opt_md(md, &dgst)) {
+            goto end;
+        }
     }
 
     if (req) {
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index 501daeca7e..ea56df0d4e 100644
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -778,7 +778,7 @@ static int pkey_ecd_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
     switch (type) {
     case EVP_PKEY_CTRL_MD:
         /* Only NULL allowed as digest */
-        if (p2 == NULL)
+        if (p2 == NULL || (const EVP_MD *)p2 == EVP_md_null())
             return 1;
         ECerr(EC_F_PKEY_ECD_CTRL, EC_R_INVALID_DIGEST_TYPE);
         return 0;
diff --git a/doc/man1/ca.pod b/doc/man1/ca.pod
index 9b25345859..ebd8a4386a 100644
--- a/doc/man1/ca.pod
+++ b/doc/man1/ca.pod
@@ -184,7 +184,8 @@ The number of days to certify the certificate for.
 =item B<-md alg>
 
 The message digest to use.
-Any digest supported by the OpenSSL B<dgst> command can be used.
+Any digest supported by the OpenSSL B<dgst> command can be used. If the signing
+key is using Ed25519 or Ed448 then you should specify "null" for the digest.
 This option also applies to CRLs.
 
 =item B<-policy arg>
-- 
2.25.1