Add hmac option to dgst from 0.9.7-stable.

diff --git a/apps/dgst.c b/apps/dgst.c
index 0b29fe4befe781632cad9f793b255dd9efe78ad9..4bb701551fe0172038d57175b508561a1ed1f6d5 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -66,6 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/hmac.h>
 
 #undef BUFSIZE
 #define BUFSIZE        1024*8
@@ -75,7 +76,7 @@
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-         const char *file);
+         const char *file,BIO *bmd,const char *hmac_key);
 
 int MAIN(int, char **);
 
@@ -104,6 +105,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ENGINE
        char *engine=NULL;
 #endif
+       char *hmac_key=NULL;
 
        apps_startup();
 
@@ -188,6 +190,12 @@ int MAIN(int argc, char **argv)
                        out_bin = 1;
                else if (strcmp(*argv,"-d") == 0)
                        debug=1;
+               else if (!strcmp(*argv,"-hmac"))
+                       {
+                       if (--argc < 1)
+                               break;
+                       hmac_key=*++argv;
+                       }
                else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
                        md=m;
                else
@@ -358,7 +366,7 @@ int MAIN(int argc, char **argv)
                {
                BIO_set_fp(in,stdin,BIO_NOCLOSE);
                err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-                         siglen,"","(stdin)");
+                         siglen,"","(stdin)",bmd,hmac_key);
                }
        else
                {
@@ -376,14 +384,15 @@ int MAIN(int argc, char **argv)
                                }
                        if(!out_bin)
                                {
-                               size_t len = strlen(name)+strlen(argv[i])+5;
+                               size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 5 : 0)+5;
                                tmp=tofree=OPENSSL_malloc(len);
-                               BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
+                               BIO_snprintf(tmp,len,"%s%s(%s)= ",
+                                                        hmac_key ? "HMAC-" : "",name,argv[i]);
                                }
                        else
                                tmp="";
                        r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-                               siglen,tmp,argv[i]);
+                               siglen,tmp,argv[i],bmd,hmac_key);
                        if(r)
                            err=r;
                        if(tofree)
@@ -410,11 +419,23 @@ end:
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-         const char *file)
+         const char *file,BIO *bmd,const char *hmac_key)
        {
-       int len;
+       unsigned int len;
        int i;
+       EVP_MD_CTX *md_ctx;
+       HMAC_CTX hmac_ctx;
+
+       if (hmac_key)
+               {
+               EVP_MD *md;
 
+               BIO_get_md(bmd,&md);
+               HMAC_CTX_init(&hmac_ctx);
+               HMAC_Init_ex(&hmac_ctx,hmac_key,strlen(hmac_key),md, NULL);
+               BIO_get_md_ctx(bmd,&md_ctx);
+               BIO_set_md_ctx(bmd,&hmac_ctx.md_ctx);
+               }
        for (;;)
                {
                i=BIO_read(bp,(char *)buf,BUFSIZE);
@@ -457,6 +478,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
                        return 1;
                        }
                }
+       else if(hmac_key)
+               {
+               HMAC_Final(&hmac_ctx,buf,&len);
+               HMAC_CTX_cleanup(&hmac_ctx);
+               }
        else
                len=BIO_gets(bp,(char *)buf,BUFSIZE);
 
@@ -472,6 +498,10 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
                        }
                BIO_printf(out, "\n");
                }
+       if (hmac_key)
+               {
+               BIO_set_md_ctx(bmd,md_ctx);
+               }
        return 0;
        }
 

diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
index a16abc7e31c71985bd30aae596a122e5fa8dea1c..2c9e8a7c804a7cc2e50d6005e74dc6bc80ca3634 100644 (file)
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -390,6 +390,7 @@ typedef struct bio_f_buffer_ctx_struct
 #define BIO_C_NWRITE0                          145
 #define BIO_C_NWRITE                           146
 #define BIO_C_RESET_READ_REQUEST               147
+#define BIO_C_SET_MD_CTX                       148
 
 
 #define BIO_set_app_data(s,arg)                BIO_set_ex_data(s,0,arg)

diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
index 76ff9fe815a0ff5366b77d34a2017adc866f8786..d648ac6da6badc63adf71607e312a7ac27ffdc4c 100644 (file)
--- a/crypto/evp/bio_md.c
+++ b/crypto/evp/bio_md.c
@@ -200,6 +200,12 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
                else
                        ret=0;
                break;
+       case BIO_C_SET_MD_CTX:
+               if (b->init)
+                       b->ptr=ptr;
+               else
+                       ret=0;
+               break;
        case BIO_C_DO_STATE_MACHINE:
                BIO_clear_retry_flags(b);
                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 7baa049d6ba393810ebbc8bc5990c6acaf5205bf..636f426c69967bc8624465ecc5f18ec46d91cde3 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -479,6 +479,7 @@ void BIO_set_md(BIO *,const EVP_MD *md);
 #endif
 #define BIO_get_md(b,mdp)              BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
 #define BIO_get_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+#define BIO_set_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
 #define BIO_get_cipher_status(b)       BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
 #define BIO_get_cipher_ctx(b,c_pp)     BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)