From b452e706e3a1ed087f7a1b3619dc6d8aa9ce1424 Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@openssl.org>
Date: Sun, 4 Apr 2004 18:59:33 +0000
Subject: [PATCH] Do HMAC.

---
 apps/dgst.c | 35 ++++++++++++++++++++++++++---------
 1 file changed, 26 insertions(+), 9 deletions(-)

diff --git a/apps/dgst.c b/apps/dgst.c
index be25dafef7..7d6acc6546 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -66,6 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/hmac.h>
 
 #undef BUFSIZE
 #define BUFSIZE	1024*8
@@ -73,9 +74,11 @@
 #undef PROG
 #define PROG	dgst_main
 
+static HMAC_CTX hmac_ctx;
+
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file);
+	  const char *file,const char *hmac_key);
 
 int MAIN(int, char **);
 
@@ -103,6 +106,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ENGINE
 	char *engine=NULL;
 #endif
+	char *hmac_key=NULL;
 
 	apps_startup();
 
@@ -181,6 +185,12 @@ int MAIN(int argc, char **argv)
 			out_bin = 1;
 		else if (strcmp(*argv,"-d") == 0)
 			debug=1;
+		else if (!strcmp(*argv,"-hmac"))
+			{
+			if (--argc < 1)
+				break;
+			hmac_key=*++argv;
+			}
 		else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
 			md=m;
 		else
@@ -235,7 +245,7 @@ int MAIN(int argc, char **argv)
 		}
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+	e = setup_engine(bio_err, engine, 0);
 #endif
 
 	in=BIO_new(BIO_s_file());
@@ -318,18 +328,18 @@ int MAIN(int argc, char **argv)
 			goto end;
 		}
 	}
-		
-
 
 	/* we use md as a filter, reading from 'in' */
 	BIO_set_md(bmd,md);
+	if (hmac_key)
+		HMAC_Init(&hmac_ctx,hmac_key,strlen(hmac_key),md);
 	inp=BIO_push(bmd,in);
 
 	if (argc == 0)
 		{
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
 		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,"","(stdin)");
+			  siglen,"","(stdin)",hmac_key);
 		}
 	else
 		{
@@ -347,14 +357,15 @@ int MAIN(int argc, char **argv)
 				}
 			if(!out_bin)
 				{
-				size_t len = strlen(name)+strlen(argv[i])+5;
+				size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 4 : 0)+5;
 				tmp=tofree=OPENSSL_malloc(len);
-				BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
+				BIO_snprintf(tmp,len,"%s%s(%s)= ",
+							 hmac_key ? "HMAC_" : "",name,argv[i]);
 				}
 			else
 				tmp="";
 			r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-				siglen,tmp,argv[i]);
+				siglen,tmp,argv[i],hmac_key);
 			if(r)
 			    err=r;
 			if(tofree)
@@ -379,7 +390,7 @@ end:
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file)
+	  const char *file,const char *hmac_key)
 	{
 	int len;
 	int i;
@@ -426,6 +437,12 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 			return 1;
 			}
 		}
+	else if(hmac_key)
+		{
+		EVP_MD_CTX *ctx;
+		BIO_get_md_ctx(bp, &ctx);
+		HMAC_Final(&hmac_ctx,buf,&len);
+		}
 	else
 		len=BIO_gets(bp,(char *)buf,BUFSIZE);
 
-- 
2.25.1