Do HMAC.

diff --git a/apps/dgst.c b/apps/dgst.c
index be25dafef7047a5e445e37154bd9afd753961f1a..7d6acc65463730781a4acad6dfd7158682b1fb75 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -66,6 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/hmac.h>
 
 #undef BUFSIZE
 #define BUFSIZE        1024*8
@@ -73,9 +74,11 @@
 #undef PROG
 #define PROG   dgst_main
 
+static HMAC_CTX hmac_ctx;
+
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-         const char *file);
+         const char *file,const char *hmac_key);
 
 int MAIN(int, char **);
 
@@ -103,6 +106,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ENGINE
        char *engine=NULL;
 #endif
+       char *hmac_key=NULL;
 
        apps_startup();
 
@@ -181,6 +185,12 @@ int MAIN(int argc, char **argv)
                        out_bin = 1;
                else if (strcmp(*argv,"-d") == 0)
                        debug=1;
+               else if (!strcmp(*argv,"-hmac"))
+                       {
+                       if (--argc < 1)
+                               break;
+                       hmac_key=*++argv;
+                       }
                else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
                        md=m;
                else
@@ -235,7 +245,7 @@ int MAIN(int argc, char **argv)
                }
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+       e = setup_engine(bio_err, engine, 0);
 #endif
 
        in=BIO_new(BIO_s_file());
@@ -318,18 +328,18 @@ int MAIN(int argc, char **argv)
                        goto end;
                }
        }
-               
-
 
        /* we use md as a filter, reading from 'in' */
        BIO_set_md(bmd,md);
+       if (hmac_key)
+               HMAC_Init(&hmac_ctx,hmac_key,strlen(hmac_key),md);
        inp=BIO_push(bmd,in);
 
        if (argc == 0)
                {
                BIO_set_fp(in,stdin,BIO_NOCLOSE);
                err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-                         siglen,"","(stdin)");
+                         siglen,"","(stdin)",hmac_key);
                }
        else
                {
@@ -347,14 +357,15 @@ int MAIN(int argc, char **argv)
                                }
                        if(!out_bin)
                                {
-                               size_t len = strlen(name)+strlen(argv[i])+5;
+                               size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 4 : 0)+5;
                                tmp=tofree=OPENSSL_malloc(len);
-                               BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
+                               BIO_snprintf(tmp,len,"%s%s(%s)= ",
+                                                        hmac_key ? "HMAC_" : "",name,argv[i]);
                                }
                        else
                                tmp="";
                        r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-                               siglen,tmp,argv[i]);
+                               siglen,tmp,argv[i],hmac_key);
                        if(r)
                            err=r;
                        if(tofree)
@@ -379,7 +390,7 @@ end:
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-         const char *file)
+         const char *file,const char *hmac_key)
        {
        int len;
        int i;
@@ -426,6 +437,12 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
                        return 1;
                        }
                }
+       else if(hmac_key)
+               {
+               EVP_MD_CTX *ctx;
+               BIO_get_md_ctx(bp, &ctx);
+               HMAC_Final(&hmac_ctx,buf,&len);
+               }
        else
                len=BIO_gets(bp,(char *)buf,BUFSIZE);