[openssl] master update

beldmit at gmail.com beldmit at gmail.com
Fri May 21 11:08:13 UTC 2021 

The branch master has been updated
       via  819b94c0c0d338fbec0aee828f3b61d7878c3837 (commit)
      from  6d3f798cba8075e700003aaf34f1e72bb930086c (commit)


- Log -----------------------------------------------------------------
commit 819b94c0c0d338fbec0aee828f3b61d7878c3837
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Thu May 20 10:59:07 2021 +0200

    HMAC doesn't work with a default digest
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/15371)

-----------------------------------------------------------------------

Summary of changes:
 apps/dgst.c                 |  2 ++
 test/recipes/20-test_dgst.t | 16 +++++++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/apps/dgst.c b/apps/dgst.c
index 15f9e2e685..7ac1013303 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -330,6 +330,8 @@ int dgst_main(int argc, char **argv)
     }
 
     if (hmac_key != NULL) {
+        if (md == NULL)
+            md = (EVP_MD *)EVP_sha256();
         sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl,
                                               (unsigned char *)hmac_key,
                                               strlen(hmac_key));
diff --git a/test/recipes/20-test_dgst.t b/test/recipes/20-test_dgst.t
index 1083da71b8..d64d810edd 100644
--- a/test/recipes/20-test_dgst.t
+++ b/test/recipes/20-test_dgst.t
@@ -17,7 +17,7 @@ use OpenSSL::Test::Utils;
 
 setup("test_dgst");
 
-plan tests => 7;
+plan tests => 8;
 
 sub tsignverify {
     my $testtext = shift;
@@ -117,6 +117,20 @@ subtest "HMAC generation with `dgst` CLI" => sub {
        "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)");
 };
 
+subtest "HMAC generation with `dgst` CLI, default digest" => sub {
+    plan tests => 2;
+
+    my $testdata = srctop_file('test', 'data.bin');
+    #HMAC the data twice to check consistency
+    my @hmacdata = run(app(['openssl', 'dgst', '-hmac', '123456',
+                            $testdata, $testdata]), capture => 1);
+    chomp(@hmacdata);
+    my $expected = qr/HMAC-SHA256\(\Q$testdata\E\)= 6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/;
+    ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)");
+    ok($hmacdata[1] =~ $expected,
+       "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)");
+};
+
 subtest "Custom length XOF digest generation with `dgst` CLI" => sub {
     plan tests => 2;

More information about the openssl-commits mailing list