EdDSA is not supported

[daa]

While one can construct Ed25519 key pair with pkey.new {type = "ED25519"} it requires message digest context as its sign() input but EdDSA supports only one-shot api (https://www.openssl.org/docs/man1.1.1/man7/Ed25519.html) and consequently sign() method must accept only plain data and giving it a digest results in an error. Note that lua-resty-openssl gets this aspect right: https://github.com/fffonion/lua-resty-openssl#pkeysign .

> pkey = require "openssl.pkey"
> k = pkey.new {type = "ED25519"}
> k:sign("abcd")
bad argument #1 to 'sign' (EVP_MD_CTX* expected, got string)
> digest = require "openssl.digest"
> h = digest.new("sha256")
> h:update("abcd")
> k:sign(h)
pkey:sign: pmeth_fn.c:39:error:0608D096:digital envelope routines:EVP_PKEY_sign_init:operation not supported for this keytype

[daurnimator]

Had a look at this today.... and gee OpenSSL have really made a mess of things :( They seem to want us to go via EVP_DigestSignInit and have the key upfront rather than only at signing time. Apparently they consider this a "bug" rather than a feature:

Since the private key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().

It is not possible to change the signing parameters using these function.

The previous two bugs are fixed in the newer EVP_SignDigest*() function.

This indicates we might need a larger overhaul that I hoped for.