Add -hmac option to dgst from 0.9.7 stable branch.

diff --git a/apps/dgst.c b/apps/dgst.c
index 55ba869c696fc76802b69803c02c11f86281db1e..2e7b0792d8c6a5e8325c5aa5b04f05fc8881706d 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -66,6 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/hmac.h>
 
 #undef BUFSIZE
 #define BUFSIZE        1024*8
@@ -75,7 +76,7 @@
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-         const char *file);
+         const char *file,BIO *bmd,const char *hmac_key);
 
 int MAIN(int, char **);
 
@@ -104,6 +105,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ENGINE
        char *engine=NULL;
 #endif
+       char *hmac_key=NULL;
 
        apps_startup();
 
@@ -189,6 +191,12 @@ int MAIN(int argc, char **argv)
                        out_bin = 1;
                else if (strcmp(*argv,"-d") == 0)
                        debug=1;
+               else if (!strcmp(*argv,"-hmac"))
+                       {
+                       if (--argc < 1)
+                               break;
+                       hmac_key=*++argv;
+                       }
                else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
                        md=m;
                else
@@ -361,7 +369,7 @@ int MAIN(int argc, char **argv)
                {
                BIO_set_fp(in,stdin,BIO_NOCLOSE);
                err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-                         siglen,"","(stdin)");
+                         siglen,"","(stdin)",bmd,hmac_key);
                }
        else
                {
@@ -379,14 +387,15 @@ int MAIN(int argc, char **argv)
                                }
                        if(!out_bin)
                                {
-                               size_t len = strlen(name)+strlen(argv[i])+5;
+                               size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 5 : 0)+5;
                                tmp=tofree=OPENSSL_malloc(len);
-                               BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
+                               BIO_snprintf(tmp,len,"%s%s(%s)= ",
+                                                        hmac_key ? "HMAC-" : "",name,argv[i]);
                                }
                        else
                                tmp="";
                        r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-                               siglen,tmp,argv[i]);
+                               siglen,tmp,argv[i],bmd,hmac_key);
                        if(r)
                            err=r;
                        if(tofree)
@@ -413,11 +422,23 @@ end:
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-         const char *file)
+         const char *file,BIO *bmd,const char *hmac_key)
        {
-       int len;
+       unsigned int len;
        int i;
+       EVP_MD_CTX *md_ctx;
+       HMAC_CTX hmac_ctx;
+
+       if (hmac_key)
+               {
+               EVP_MD *md;
 
+               BIO_get_md(bmd,&md);
+               HMAC_CTX_init(&hmac_ctx);
+               HMAC_Init_ex(&hmac_ctx,hmac_key,strlen(hmac_key),md, NULL);
+               BIO_get_md_ctx(bmd,&md_ctx);
+               BIO_set_md_ctx(bmd,&hmac_ctx.md_ctx);
+               }
        for (;;)
                {
                i=BIO_read(bp,(char *)buf,BUFSIZE);
@@ -460,6 +481,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
                        return 1;
                        }
                }
+       else if(hmac_key)
+               {
+               HMAC_Final(&hmac_ctx,buf,&len);
+               HMAC_CTX_cleanup(&hmac_ctx);
+               }
        else
                len=BIO_gets(bp,(char *)buf,BUFSIZE);
 
@@ -475,6 +501,10 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
                        }
                BIO_printf(out, "\n");
                }
+       if (hmac_key)
+               {
+               BIO_set_md_ctx(bmd,md_ctx);
+               }
        return 0;
        }
 

diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
index 9a81ee0bd9fd09cafe329977f5890e02b18b88e8..26a17072f03169712929ed6657603a8317d11162 100644 (file)
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -378,14 +378,15 @@ typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
 #define BIO_C_NWRITE0                          145
 #define BIO_C_NWRITE                           146
 #define BIO_C_RESET_READ_REQUEST               147
+#define BIO_C_SET_MD_CTX                       148
 
-#define BIO_C_SET_PREFIX                       148
-#define BIO_C_GET_PREFIX                       149
-#define BIO_C_SET_SUFFIX                       150
-#define BIO_C_GET_SUFFIX                       151
+#define BIO_C_SET_PREFIX                       149
+#define BIO_C_GET_PREFIX                       150
+#define BIO_C_SET_SUFFIX                       151
+#define BIO_C_GET_SUFFIX                       152
 
-#define BIO_C_SET_EX_ARG                       152
-#define BIO_C_GET_EX_ARG                       153
+#define BIO_C_SET_EX_ARG                       153
+#define BIO_C_GET_EX_ARG                       154
 
 #define BIO_set_app_data(s,arg)                BIO_set_ex_data(s,0,arg)
 #define BIO_get_app_data(s)            BIO_get_ex_data(s,0)

diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
index a6d35d8bda3436659977eb58bea8dd574fdf8ae0..f4c0a7298101d0a3e4ab2aff67110ab2cc4c9c25 100644 (file)
--- a/crypto/evp/bio_md.c
+++ b/crypto/evp/bio_md.c
@@ -196,6 +196,12 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
                *pctx=ctx;
                b->init = 1;
                break;
+       case BIO_C_SET_MD_CTX:
+               if (b->init)
+                       b->ptr=ptr;
+               else
+                       ret=0;
+               break;
        case BIO_C_DO_STATE_MACHINE:
                BIO_clear_retry_flags(b);
                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 03259d0561189688161627e41876a84d44f6326e..8a7218fa09470757b2c164740cdde7e2dc8b9b13 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -463,6 +463,7 @@ void BIO_set_md(BIO *,const EVP_MD *md);
 #endif
 #define BIO_get_md(b,mdp)              BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
 #define BIO_get_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+#define BIO_set_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
 #define BIO_get_cipher_status(b)       BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
 #define BIO_get_cipher_ctx(b,c_pp)     BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)