diff -up openssl-3.0.0-alpha16/apps/dgst.c.digest openssl-3.0.0-alpha16/apps/dgst.c --- openssl-3.0.0-alpha16/apps/dgst.c.digest 2021-06-04 10:21:03.153697643 +0200 +++ openssl-3.0.0-alpha16/apps/dgst.c 2021-06-04 10:22:26.737489944 +0200 @@ -330,6 +330,8 @@ int dgst_main(int argc, char **argv) } if (hmac_key != NULL) { + if (md == NULL) + md = (EVP_MD *)EVP_sha256(); sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl, (unsigned char *)hmac_key, strlen(hmac_key)); diff -up openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t.digest openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t --- openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t.digest 2021-06-04 10:21:18.871846631 +0200 +++ openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t 2021-06-04 10:23:56.862344245 +0200 @@ -17,7 +17,7 @@ use OpenSSL::Test::Utils; setup("test_dgst"); -plan tests => 7; +plan tests => 8; sub tsignverify { my $testtext = shift; @@ -115,6 +115,20 @@ subtest "HMAC generation with `dgst` CLI ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)"); ok($hmacdata[1] =~ $expected, "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)"); +}; + +subtest "HMAC generation with `dgst` CLI, default digest" => sub { + plan tests => 2; + + my $testdata = srctop_file('test', 'data.bin'); + #HMAC the data twice to check consistency + my @hmacdata = run(app(['openssl', 'dgst', '-hmac', '123456', + $testdata, $testdata]), capture => 1); + chomp(@hmacdata); + my $expected = qr/HMAC-SHA256\(\Q$testdata\E\)= 6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/; + ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)"); + ok($hmacdata[1] =~ $expected, + "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)"); }; subtest "Custom length XOF digest generation with `dgst` CLI" => sub {