Adapt HMAC to the EVP_MD_CTX changes

This change required some special treatment, as HMAC is intertwined with EVP_MD. For now, all local HMAC_CTX variables MUST be initialised with HMAC_CTX_EMPTY, or whatever happens to be on the stack will be mistaken for actual pointers to EVP_MD_CTX. This will change as soon as HMAC_CTX becomes opaque. Also, since HMAC_CTX_init() can fail now, its return type changes from void to int, and it will return 0 on failure, 1 on success. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Richard Levitte <levitte@openssl.org> 2015-11-27 14:10:15 +0100
committer: Richard Levitte <levitte@openssl.org> 2015-12-07 17:36:57 +0100
commit: fa0c23de83efaf92da17cffce12444adbca48c89 (patch)
tree: eabc5d551793512d436f4cecd34c24bd82c3505b
parent: 77a01145be26ceeefa6870e1e9dd7f99ac123fa3 (diff)
10 files changed, 70 insertions, 44 deletions
diff --git a/apps/speed.c b/apps/speed.c
index 68530b1634..c90729c805 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1298,7 +1298,7 @@ int speed_main(int argc, char **argv)
 
 #if !defined(OPENSSL_NO_MD5)
     if (doit[D_HMAC]) {
-        HMAC_CTX hctx;
+        HMAC_CTX hctx = HMAC_CTX_EMPTY;
 
         HMAC_CTX_init(&hctx);
         HMAC_Init_ex(&hctx, (unsigned char *)"This is a key...",
diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
index ba9adf0efa..8927ee190f 100644
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -448,7 +448,8 @@ static int ossl_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
     sctx = EVP_PKEY_CTX_get_data(src);
     dctx = EVP_PKEY_CTX_get_data(dst);
     dctx->md = sctx->md;
-    HMAC_CTX_init(&dctx->ctx);
+    /* Because HMAC_CTX_copy does HMAC_CTX_init */
+    HMAC_CTX_cleanup(&dctx->ctx);
     if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
         return 0;
     if (sctx->ktmp.data) {
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index 4986a21361..dcc04631bd 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -85,7 +85,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
     unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
     int cplen, j, k, tkeylen, mdlen;
     unsigned long i = 1;
-    HMAC_CTX hctx_tpl, hctx;
+    HMAC_CTX hctx_tpl = HMAC_CTX_EMPTY, hctx = HMAC_CTX_EMPTY;
 
     mdlen = EVP_MD_size(digest);
     if (mdlen < 0)
diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
index e06a1db0ea..e603764582 100644
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@@ -96,7 +96,6 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
     sctx = src->data;
     dctx = dst->data;
     dctx->md = sctx->md;
-    HMAC_CTX_init(&dctx->ctx);
     if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
         return 0;
     if (sctx->ktmp.data) {
@@ -111,9 +110,12 @@ static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
 {
     HMAC_PKEY_CTX *hctx = ctx->data;
 
-    HMAC_CTX_cleanup(&hctx->ctx);
-    OPENSSL_clear_free(hctx->ktmp.data, hctx->ktmp.length);
-    OPENSSL_free(hctx);
+    if (hctx != NULL) {
+        HMAC_CTX_cleanup(&hctx->ctx);
+        OPENSSL_clear_free(hctx->ktmp.data, hctx->ktmp.length);
+        OPENSSL_free(hctx);
+        ctx->data = NULL;
+    }
 }
 
 static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
@@ -132,7 +134,7 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
 
 static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
 {
-    HMAC_PKEY_CTX *hctx = ctx->pctx->data;
+    HMAC_PKEY_CTX *hctx = EVP_MD_CTX_pkey_ctx(ctx)->data;
     if (!HMAC_Update(&hctx->ctx, data, count))
         return 0;
     return 1;
@@ -141,9 +143,10 @@ static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
 static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
 {
     HMAC_PKEY_CTX *hctx = ctx->data;
-    HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
+    HMAC_CTX_set_flags(&hctx->ctx,
+                       EVP_MD_CTX_test_flags(mctx, ~EVP_MD_CTX_FLAG_NO_INIT));
     EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
-    mctx->update = int_update;
+    EVP_MD_CTX_set_update_fn(mctx, int_update);
     return 1;
 }
 
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 7699b0b1fe..e0bfbb1ee0 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -83,14 +83,14 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
 
     if (key != NULL) {
         reset = 1;
-        j = M_EVP_MD_block_size(md);
+        j = EVP_MD_block_size(md);
         OPENSSL_assert(j <= (int)sizeof(ctx->key));
         if (j < len) {
-            if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
+            if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl))
                 goto err;
-            if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
+            if (!EVP_DigestUpdate(ctx->md_ctx, key, len))
                 goto err;
-            if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key,
+            if (!EVP_DigestFinal_ex(ctx->md_ctx, ctx->key,
                                     &ctx->key_length))
                 goto err;
         } else {
@@ -107,19 +107,19 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
     if (reset) {
         for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
             pad[i] = 0x36 ^ ctx->key[i];
-        if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
+        if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl))
             goto err;
-        if (!EVP_DigestUpdate(&ctx->i_ctx, pad, M_EVP_MD_block_size(md)))
+        if (!EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md)))
             goto err;
 
         for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
             pad[i] = 0x5c ^ ctx->key[i];
-        if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
+        if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl))
             goto err;
-        if (!EVP_DigestUpdate(&ctx->o_ctx, pad, M_EVP_MD_block_size(md)))
+        if (!EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md)))
             goto err;
     }
-    if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
+    if (!EVP_MD_CTX_copy_ex(ctx->md_ctx, ctx->i_ctx))
         goto err;
     return 1;
  err:
@@ -139,7 +139,7 @@ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
 {
     if (!ctx->md)
         return 0;
-    return EVP_DigestUpdate(&ctx->md_ctx, data, len);
+    return EVP_DigestUpdate(ctx->md_ctx, data, len);
 }
 
 int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
@@ -150,49 +150,70 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
     if (!ctx->md)
         goto err;
 
-    if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
+    if (!EVP_DigestFinal_ex(ctx->md_ctx, buf, &i))
         goto err;
-    if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
+    if (!EVP_MD_CTX_copy_ex(ctx->md_ctx, ctx->o_ctx))
         goto err;
-    if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
+    if (!EVP_DigestUpdate(ctx->md_ctx, buf, i))
         goto err;
-    if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
+    if (!EVP_DigestFinal_ex(ctx->md_ctx, md, len))
         goto err;
     return 1;
  err:
     return 0;
 }
 
-void HMAC_CTX_init(HMAC_CTX *ctx)
+int HMAC_CTX_init(HMAC_CTX *ctx)
 {
-    EVP_MD_CTX_init(&ctx->i_ctx);
-    EVP_MD_CTX_init(&ctx->o_ctx);
-    EVP_MD_CTX_init(&ctx->md_ctx);
+    if (ctx->i_ctx == NULL)
+        ctx->i_ctx = EVP_MD_CTX_create();
+    else
+        EVP_MD_CTX_init(ctx->i_ctx);
+    if (ctx->i_ctx == NULL)
+        goto err;
+    if (ctx->o_ctx == NULL)
+        ctx->o_ctx = EVP_MD_CTX_create();
+    else
+        EVP_MD_CTX_init(ctx->o_ctx);
+    if (ctx->o_ctx == NULL)
+        goto err;
+    if (ctx->md_ctx == NULL)
+        ctx->md_ctx = EVP_MD_CTX_create();
+    else
+        EVP_MD_CTX_init(ctx->md_ctx);
+    if (ctx->md_ctx == NULL)
+        goto err;
     ctx->md = NULL;
+    return 1;
+ err:
+    HMAC_CTX_cleanup(ctx);
+    return 0;
 }
 
 int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
 {
-    HMAC_CTX_init(dctx);
-    if (!EVP_MD_CTX_copy_ex(&dctx->i_ctx, &sctx->i_ctx))
+    if (!HMAC_CTX_init(dctx))
+        goto err;
+    if (!EVP_MD_CTX_copy_ex(dctx->i_ctx, sctx->i_ctx))
         goto err;
-    if (!EVP_MD_CTX_copy_ex(&dctx->o_ctx, &sctx->o_ctx))
+    if (!EVP_MD_CTX_copy_ex(dctx->o_ctx, sctx->o_ctx))
         goto err;
-    if (!EVP_MD_CTX_copy_ex(&dctx->md_ctx, &sctx->md_ctx))
+    if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx))
         goto err;
     memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
     dctx->key_length = sctx->key_length;
     dctx->md = sctx->md;
     return 1;
  err:
+    HMAC_CTX_cleanup(dctx);
     return 0;
 }
 
 void HMAC_CTX_cleanup(HMAC_CTX *ctx)
 {
-    EVP_MD_CTX_cleanup(&ctx->i_ctx);
-    EVP_MD_CTX_cleanup(&ctx->o_ctx);
-    EVP_MD_CTX_cleanup(&ctx->md_ctx);
+    EVP_MD_CTX_destroy(ctx->i_ctx);
+    EVP_MD_CTX_destroy(ctx->o_ctx);
+    EVP_MD_CTX_destroy(ctx->md_ctx);
     memset(ctx, 0, sizeof(*ctx));
 }
 
@@ -200,7 +221,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
                     const unsigned char *d, size_t n, unsigned char *md,
                     unsigned int *md_len)
 {
-    HMAC_CTX c;
+    HMAC_CTX c = HMAC_CTX_EMPTY;
     static unsigned char m[EVP_MAX_MD_SIZE];
 
     if (md == NULL)
@@ -221,7 +242,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 
 void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
 {
-    M_EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
-    M_EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
-    M_EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
+    EVP_MD_CTX_set_flags(ctx->i_ctx, flags);
+    EVP_MD_CTX_set_flags(ctx->o_ctx, flags);
+    EVP_MD_CTX_set_flags(ctx->md_ctx, flags);
 }
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 4cf68e17ed..46a04b4944 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -91,7 +91,7 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
                    unsigned char *mac, unsigned int *maclen)
 {
     const EVP_MD *md_type;
-    HMAC_CTX hmac;
+    HMAC_CTX hmac = HMAC_CTX_EMPTY;
     unsigned char key[EVP_MAX_MD_SIZE], *salt;
     int saltlen, iter;
     int md_size = 0;
diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 011e2ae333..7962087ec6 100644
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@@ -77,9 +77,10 @@ typedef struct hmac_ctx_st {
     unsigned char key[HMAC_MAX_MD_CBLOCK];
 } HMAC_CTX;
 
+# define HMAC_CTX_EMPTY      { NULL, NULL, NULL, NULL, 0, "" }
 # define HMAC_size(e)    (EVP_MD_size((e)->md))
 
-void HMAC_CTX_init(HMAC_CTX *ctx);
+int HMAC_CTX_init(HMAC_CTX *ctx);
 void HMAC_CTX_cleanup(HMAC_CTX *ctx);
 
 #ifdef OPENSSL_USE_DEPRECATED
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index a39e288bda..09718c5080 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3151,7 +3151,7 @@ int tls_construct_new_session_ticket(SSL *s)
 {
     unsigned char *senc = NULL;
     EVP_CIPHER_CTX ctx;
-    HMAC_CTX hctx;
+    HMAC_CTX hctx = HMAC_CTX_EMPTY;
     unsigned char *p, *macstart;
     const unsigned char *const_p;
     int len, slen_full, slen;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 971aad381a..622bdd9833 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3041,7 +3041,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
     const unsigned char *p;
     int slen, mlen, renew_ticket = 0;
     unsigned char tick_hmac[EVP_MAX_MD_SIZE];
-    HMAC_CTX hctx;
+    HMAC_CTX hctx = HMAC_CTX_EMPTY;
     EVP_CIPHER_CTX ctx;
     SSL_CTX *tctx = s->initial_ctx;
     /* Need at least keyname + iv + some encrypted data */
diff --git a/test/hmactest.c b/test/hmactest.c
index f8d535063f..20c7a8fc00 100644
--- a/test/hmactest.c
+++ b/test/hmactest.c
@@ -134,7 +134,7 @@ int main(int argc, char *argv[])
     char *p;
 # endif
     int err = 0;
-    HMAC_CTX ctx, ctx2;
+    HMAC_CTX ctx = HMAC_CTX_EMPTY, ctx2 = HMAC_CTX_EMPTY;
     unsigned char buf[EVP_MAX_MD_SIZE];
     unsigned int len;
author	Richard Levitte <levitte@openssl.org>	2015-11-27 14:10:15 +0100
committer	Richard Levitte <levitte@openssl.org>	2015-12-07 17:36:57 +0100
commit	fa0c23de83efaf92da17cffce12444adbca48c89 (patch)
tree	eabc5d551793512d436f4cecd34c24bd82c3505b
parent	77a01145be26ceeefa6870e1e9dd7f99ac123fa3 (diff)