Security framework.

[openssl.git] / apps / dgst.c

diff --git a/apps/dgst.c b/apps/dgst.c
index 191bc25ee82bbdc96c0cd17a1d1112c4e0d8dfa0..d471dbdabda49e244f5ad13be5a059731fb46b44 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -128,6 +128,7 @@ int MAIN(int argc, char **argv)
 #endif
        char *hmac_key=NULL;
        char *mac_name=NULL;
+       int non_fips_allow = 0;
        STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;
 
        apps_startup();
@@ -218,6 +219,10 @@ int MAIN(int argc, char **argv)
                        out_bin = 1;
                else if (strcmp(*argv,"-d") == 0)
                        debug=1;
+               else if (!strcmp(*argv,"-fips-fingerprint"))
+                       hmac_key = "etaonrishdlcupfm";
+               else if (strcmp(*argv,"-non-fips-allow") == 0)
+                       non_fips_allow=1;
                else if (!strcmp(*argv,"-hmac"))
                        {
                        if (--argc < 1)
@@ -403,6 +408,13 @@ int MAIN(int argc, char **argv)
                        goto end;
                }
 
+       if (non_fips_allow)
+               {
+               EVP_MD_CTX *md_ctx;
+               BIO_get_md_ctx(bmd,&md_ctx);
+               EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+               }
+
        if (hmac_key)
                {
                sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, impl,