The branch master has been updated via 819b94c0c0d338fbec0aee828f3b61d7878c3837 (commit) from 6d3f798cba8075e700003aaf34f1e72bb930086c (commit)
- Log ----------------------------------------------------------------- commit 819b94c0c0d338fbec0aee828f3b61d7878c3837 Author: Dmitry Belyavskiy <beld...@gmail.com> Date: Thu May 20 10:59:07 2021 +0200 HMAC doesn't work with a default digest Reviewed-by: Richard Levitte <levi...@openssl.org> Reviewed-by: Matt Caswell <m...@openssl.org> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15371) ----------------------------------------------------------------------- Summary of changes: apps/dgst.c | 2 ++ test/recipes/20-test_dgst.t | 16 +++++++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/apps/dgst.c b/apps/dgst.c index 15f9e2e685..7ac1013303 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -330,6 +330,8 @@ int dgst_main(int argc, char **argv) } if (hmac_key != NULL) { + if (md == NULL) + md = (EVP_MD *)EVP_sha256(); sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl, (unsigned char *)hmac_key, strlen(hmac_key)); diff --git a/test/recipes/20-test_dgst.t b/test/recipes/20-test_dgst.t index 1083da71b8..d64d810edd 100644 --- a/test/recipes/20-test_dgst.t +++ b/test/recipes/20-test_dgst.t @@ -17,7 +17,7 @@ use OpenSSL::Test::Utils; setup("test_dgst"); -plan tests => 7; +plan tests => 8; sub tsignverify { my $testtext = shift; @@ -117,6 +117,20 @@ subtest "HMAC generation with `dgst` CLI" => sub { "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)"); }; +subtest "HMAC generation with `dgst` CLI, default digest" => sub { + plan tests => 2; + + my $testdata = srctop_file('test', 'data.bin'); + #HMAC the data twice to check consistency + my @hmacdata = run(app(['openssl', 'dgst', '-hmac', '123456', + $testdata, $testdata]), capture => 1); + chomp(@hmacdata); + my $expected = qr/HMAC-SHA256\(\Q$testdata\E\)= 6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/; + ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)"); + ok($hmacdata[1] =~ $expected, + "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)"); +}; + subtest "Custom length XOF digest generation with `dgst` CLI" => sub { plan tests => 2;