X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fdgst.c;h=96e72c6657e7e0ebc0f53b5531910f693a5ef899;hp=a20a5cba7c229fa0cd10e103d40968f4dd113535;hb=6cb9fca70d5878fde11b5f16fee259c49f936d1c;hpb=2022cfe07e331dc4b69829ca4dd45c295190d471

diff --git a/apps/dgst.c b/apps/dgst.c
index a20a5cba7c..96e72c6657 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -75,7 +75,8 @@
 #define PROG	dgst_main
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
+	  EVP_PKEY *key, unsigned char *sigin, int siglen,
+	  const char *sig_name, const char *md_name,
 	  const char *file,BIO *bmd);
 
 int MAIN(int, char **);
@@ -84,12 +85,11 @@ int MAIN(int argc, char **argv)
 	{
 	ENGINE *e = NULL;
 	unsigned char *buf=NULL;
-	int i,err=0;
+	int i,err=1;
 	const EVP_MD *md=NULL,*m;
 	BIO *in=NULL,*inp;
 	BIO *bmd=NULL;
 	BIO *out = NULL;
-	const char *name;
 #define PROG_NAME_SIZE  39
 	char pname[PROG_NAME_SIZE+1];
 	int separator=0;
@@ -107,7 +107,7 @@ int MAIN(int argc, char **argv)
 #endif
 	char *hmac_key=NULL;
 	char *mac_name=NULL;
-	STACK *sigopts = NULL, *macopts = NULL;
+	STACK_OF(STRING) *sigopts = NULL, *macopts = NULL;
 
 	apps_startup();
 
@@ -210,8 +210,8 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1)
 				break;
 			if (!sigopts)
-				sigopts = sk_new_null();
-			if (!sigopts || !sk_push(sigopts, *(++argv)))
+				sigopts = sk_STRING_new_null();
+			if (!sigopts || !sk_STRING_push(sigopts, *(++argv)))
 				break;
 			}
 		else if (strcmp(*argv,"-macopt") == 0)
@@ -219,8 +219,8 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1)
 				break;
 			if (!macopts)
-				macopts = sk_new_null();
-			if (!macopts || !sk_push(macopts, *(++argv)))
+				macopts = sk_STRING_new_null();
+			if (!macopts || !sk_STRING_push(macopts, *(++argv)))
 				break;
 			}
 		else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
@@ -231,12 +231,9 @@ int MAIN(int argc, char **argv)
 		argv++;
 		}
 
-	if (md == NULL)
-		md=EVP_md5();
 
 	if(do_verify && !sigfile) {
 		BIO_printf(bio_err, "No signature to verify: use the -signature option\n");
-		err = 1; 
 		goto end;
 	}
 
@@ -255,6 +252,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"-signature file signature to verify\n");
 		BIO_printf(bio_err,"-sigopt nm:v    signature parameter\n");
 		BIO_printf(bio_err,"-binary         output in binary form\n");
+		BIO_printf(bio_err,"-hmac key       create hashed MAC with key\n");
 #ifndef OPENSSL_NO_ENGINE
 		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
 #endif
@@ -289,7 +287,6 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			SN_whirlpool,SN_whirlpool);
 #endif
-		err=1;
 		goto end;
 		}
 
@@ -315,8 +312,10 @@ int MAIN(int argc, char **argv)
 		}
 
 	if(out_bin == -1) {
-		if(keyfile) out_bin = 1;
-		else out_bin = 0;
+		if(keyfile)
+			out_bin = 1;
+		else
+			out_bin = 0;
 	}
 
 	if(randfile)
@@ -373,9 +372,9 @@ int MAIN(int argc, char **argv)
 		if (macopts)
 			{
 			char *macopt;
-			for (i = 0; i < sk_num(macopts); i++)
+			for (i = 0; i < sk_STRING_num(macopts); i++)
 				{
-				macopt = sk_value(macopts, i);
+				macopt = sk_STRING_value(macopts, i);
 				if (pkey_ctrl_string(mac_ctx, macopt) <= 0)
 					{
 					BIO_printf(bio_err,
@@ -412,13 +411,18 @@ int MAIN(int argc, char **argv)
 		{
 		EVP_MD_CTX *mctx = NULL;
 		EVP_PKEY_CTX *pctx = NULL;
+		int r;
 		if (!BIO_get_md_ctx(bmd, &mctx))
 			{
 			BIO_printf(bio_err, "Error getting context\n");
 			ERR_print_errors(bio_err);
 			goto end;
 			}
-		if (!EVP_DigestSignInit(mctx, &pctx, md, e, sigkey))
+		if (do_verify)
+			r = EVP_DigestVerifyInit(mctx, &pctx, md, e, sigkey);
+		else
+			r = EVP_DigestSignInit(mctx, &pctx, md, e, sigkey);
+		if (!r)
 			{
 			BIO_printf(bio_err, "Error setting context\n");
 			ERR_print_errors(bio_err);
@@ -427,9 +431,9 @@ int MAIN(int argc, char **argv)
 		if (sigopts)
 			{
 			char *sigopt;
-			for (i = 0; i < sk_num(sigopts); i++)
+			for (i = 0; i < sk_STRING_num(sigopts); i++)
 				{
-				sigopt = sk_value(sigopts, i);
+				sigopt = sk_STRING_value(sigopts, i);
 				if (pkey_ctrl_string(pctx, sigopt) <= 0)
 					{
 					BIO_printf(bio_err,
@@ -442,11 +446,16 @@ int MAIN(int argc, char **argv)
 			}
 		}
 	/* we use md as a filter, reading from 'in' */
-	else if (!BIO_set_md(bmd,md))
+	else
 		{
-		BIO_printf(bio_err, "Error setting digest %s\n", pname);
-		ERR_print_errors(bio_err);
-		goto end;
+		if (md == NULL)
+			md = EVP_md5(); 
+		if (!BIO_set_md(bmd,md))
+			{
+			BIO_printf(bio_err, "Error setting digest %s\n", pname);
+			ERR_print_errors(bio_err);
+			goto end;
+			}
 		}
 
 	if(sigfile && sigkey) {
@@ -471,41 +480,49 @@ int MAIN(int argc, char **argv)
 	}
 	inp=BIO_push(bmd,in);
 
+	if (md == NULL)
+		{
+		EVP_MD_CTX *tctx;
+		BIO_get_md_ctx(bmd, &tctx);
+		md = EVP_MD_CTX_md(tctx);
+		}
+
 	if (argc == 0)
 		{
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
 		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,"","(stdin)",bmd);
+			  siglen,NULL,NULL,"stdin",bmd);
 		}
 	else
 		{
-		name=OBJ_nid2sn(md->type);
+		const char *md_name = NULL, *sig_name = NULL;
+		if(!out_bin)
+			{
+			if (sigkey)
+				{
+				const EVP_PKEY_ASN1_METHOD *ameth;
+				ameth = EVP_PKEY_get0_asn1(sigkey);
+				if (ameth)
+					EVP_PKEY_asn1_get0_info(NULL, NULL,
+						NULL, NULL, &sig_name, ameth);
+				}
+			md_name = EVP_MD_name(md);
+			}
+		err = 0;
 		for (i=0; i<argc; i++)
 			{
-			char *tmp,*tofree=NULL;
 			int r;
-
 			if (BIO_read_filename(in,argv[i]) <= 0)
 				{
 				perror(argv[i]);
 				err++;
 				continue;
 				}
-			if(!out_bin)
-				{
-				size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 5 : 0)+5;
-				tmp=tofree=OPENSSL_malloc(len);
-				BIO_snprintf(tmp,len,"%s%s(%s)= ",
-							 hmac_key ? "HMAC-" : "",name,argv[i]);
-				}
 			else
-				tmp="";
 			r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-				siglen,tmp,argv[i],bmd);
+				siglen,sig_name,md_name, argv[i],bmd);
 			if(r)
 			    err=r;
-			if(tofree)
-				OPENSSL_free(tofree);
 			(void)BIO_reset(bmd);
 			}
 		}
@@ -521,9 +538,9 @@ end:
 	BIO_free_all(out);
 	EVP_PKEY_free(sigkey);
 	if (sigopts)
-		sk_free(sigopts);
+		sk_STRING_free(sigopts);
 	if (macopts)
-		sk_free(macopts);
+		sk_STRING_free(macopts);
 	if(sigbuf) OPENSSL_free(sigbuf);
 	if (bmd != NULL) BIO_free(bmd);
 	apps_shutdown();
@@ -531,10 +548,11 @@ end:
 	}
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
+	  EVP_PKEY *key, unsigned char *sigin, int siglen,
+	  const char *sig_name, const char *md_name,
 	  const char *file,BIO *bmd)
 	{
-	unsigned int len;
+	size_t len;
 	int i;
 
 	for (;;)
@@ -572,7 +590,8 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 		{
 		EVP_MD_CTX *ctx;
 		BIO_get_md_ctx(bp, &ctx);
-		if(!EVP_DigestSignFinal(ctx, buf, (unsigned int *)&len)) 
+		len = BUFSIZE;
+		if(!EVP_DigestSignFinal(ctx, buf, &len)) 
 			{
 			BIO_printf(bio_err, "Error Signing Data\n");
 			ERR_print_errors(bio_err);
@@ -585,7 +604,12 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	if(binout) BIO_write(out, buf, len);
 	else 
 		{
-		BIO_write(out,title,strlen(title));
+		if (sig_name)
+			BIO_printf(out, "%s-%s(%s)= ", sig_name, md_name, file);
+		else if (md_name)
+			BIO_printf(out, "%s(%s)= ", md_name, file);
+		else
+			BIO_printf(out, "(%s)= ", file);
 		for (i=0; i<(int)len; i++)
 			{
 			if (sep && (i != 0))