int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
- const char *file,BIO *bmd,const char *hmac_key);
+ const char *file,BIO *bmd);
int MAIN(int, char **);
char *engine=NULL;
#endif
char *hmac_key=NULL;
- STACK *sigopts = NULL;
+ char *mac_name=NULL;
+ STACK *sigopts = NULL, *macopts = NULL;
apps_startup();
break;
hmac_key=*++argv;
}
+ else if (!strcmp(*argv,"-mac"))
+ {
+ if (--argc < 1)
+ break;
+ mac_name=*++argv;
+ }
else if (strcmp(*argv,"-sigopt") == 0)
{
if (--argc < 1)
if (!sigopts || !sk_push(sigopts, *(++argv)))
break;
}
+ else if (strcmp(*argv,"-macopt") == 0)
+ {
+ if (--argc < 1)
+ break;
+ if (!macopts)
+ macopts = sk_new_null();
+ if (!macopts || !sk_push(macopts, *(++argv)))
+ break;
+ }
else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
md=m;
else
ERR_print_errors(bio_err);
goto end;
}
+ if ((!!mac_name + !!keyfile + !!hmac_key) > 1)
+ {
+ BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
+ goto end;
+ }
if(keyfile)
{
}
}
+ if (mac_name)
+ {
+ EVP_PKEY_CTX *mac_ctx = NULL;
+ int r = 0;
+ if (!init_gen_str(bio_err, &mac_ctx, mac_name,e, 0))
+ goto mac_end;
+ if (macopts)
+ {
+ char *macopt;
+ for (i = 0; i < sk_num(macopts); i++)
+ {
+ macopt = sk_value(macopts, i);
+ if (pkey_ctrl_string(mac_ctx, macopt) <= 0)
+ {
+ BIO_printf(bio_err,
+ "MAC parameter error \"%s\"\n",
+ macopt);
+ ERR_print_errors(bio_err);
+ goto mac_end;
+ }
+ }
+ }
+ if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0)
+ {
+ BIO_puts(bio_err, "Error generating key\n");
+ ERR_print_errors(bio_err);
+ goto mac_end;
+ }
+ r = 1;
+ mac_end:
+ if (mac_ctx)
+ EVP_PKEY_CTX_free(mac_ctx);
+ if (r == 0)
+ goto end;
+ }
+
+ if (hmac_key)
+ {
+ sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, e,
+ (unsigned char *)hmac_key, -1);
+ if (!sigkey)
+ goto end;
+ }
+
if (sigkey)
{
EVP_MD_CTX *mctx = NULL;
{
BIO_set_fp(in,stdin,BIO_NOCLOSE);
err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
- siglen,"","(stdin)",bmd,hmac_key);
+ siglen,"","(stdin)",bmd);
}
else
{
else
tmp="";
r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
- siglen,tmp,argv[i],bmd,hmac_key);
+ siglen,tmp,argv[i],bmd);
if(r)
err=r;
if(tofree)
EVP_PKEY_free(sigkey);
if (sigopts)
sk_free(sigopts);
+ if (macopts)
+ sk_free(macopts);
if(sigbuf) OPENSSL_free(sigbuf);
if (bmd != NULL) BIO_free(bmd);
apps_shutdown();
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
- const char *file,BIO *bmd,const char *hmac_key)
+ const char *file,BIO *bmd)
{
unsigned int len;
int i;
- EVP_MD_CTX *md_ctx;
- HMAC_CTX hmac_ctx;
- if (hmac_key)
- {
- EVP_MD *md;
-
- BIO_get_md(bmd,&md);
- HMAC_CTX_init(&hmac_ctx);
- HMAC_Init_ex(&hmac_ctx,hmac_key,strlen(hmac_key),md, NULL);
- BIO_get_md_ctx(bmd,&md_ctx);
- BIO_set_md_ctx(bmd,&hmac_ctx.md_ctx);
- }
for (;;)
{
i=BIO_read(bp,(char *)buf,BUFSIZE);
return 1;
}
}
- else if(hmac_key)
- {
- HMAC_Final(&hmac_ctx,buf,&len);
- HMAC_CTX_cleanup(&hmac_ctx);
- }
else
len=BIO_gets(bp,(char *)buf,BUFSIZE);
}
BIO_printf(out, "\n");
}
- if (hmac_key)
- {
- BIO_set_md_ctx(bmd,md_ctx);
- }
return 0;
}
projects / openssl.git / blobdiff