HMAC doesn't work with a default digest

Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15371)
2024-11-21 01:15:20 +08:00 · 2021-05-20 10:59:07 +02:00 · 2021-05-20 10:59:07 +02:00 · 819b94c0c0
commit 819b94c0c0
parent 6d3f798cba
2 changed files with 17 additions and 1 deletions
--- a/apps/dgst.c
+++ b/apps/dgst.c
@ -330,6 +330,8 @@ int dgst_main(int argc, char **argv)
    }

    if (hmac_key != NULL) {
+        if (md == NULL)
+            md = (EVP_MD *)EVP_sha256();
        sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl,
                                              (unsigned char *)hmac_key,
                                              strlen(hmac_key));
--- a/test/recipes/20-test_dgst.t
+++ b/test/recipes/20-test_dgst.t
@ -17,7 +17,7 @@ use OpenSSL::Test::Utils;

 setup("test_dgst");

-plan tests => 7;
+plan tests => 8;

 sub tsignverify {
    my $testtext = shift;
@ -117,6 +117,20 @@ subtest "HMAC generation with `dgst` CLI" => sub {
       "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)");
 };

+subtest "HMAC generation with `dgst` CLI, default digest" => sub {
+    plan tests => 2;
+
+    my $testdata = srctop_file('test', 'data.bin');
+    #HMAC the data twice to check consistency
+    my @hmacdata = run(app(['openssl', 'dgst', '-hmac', '123456',
+                            $testdata, $testdata]), capture => 1);
+    chomp(@hmacdata);
+    my $expected = qr/HMAC-SHA256\(\Q$testdata\E\)= 6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/;
+    ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)");
+    ok($hmacdata[1] =~ $expected,
+       "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)");
+};
+
 subtest "Custom length XOF digest generation with `dgst` CLI" => sub {
    plan tests => 2;