From 3f43aecc599a5a729609deca7d98a677334ab3b8 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Mon, 30 Nov 2015 13:34:20 +0100
Subject: Make the definition of HMAC_CTX opaque

This moves the definition to crypto/hmac/hmac_lcl.h.  Constructor and
destructor added, and the typedef moved to include/openssl/ossl_typ.h.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 crypto/hmac/hm_pmeth.c | 16 +++++------
 crypto/hmac/hmac.c     | 40 +++++++++++++++++++++-----
 crypto/hmac/hmac_lcl.h | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 118 insertions(+), 15 deletions(-)
 create mode 100644 crypto/hmac/hmac_lcl.h

(limited to 'crypto/hmac')

diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
index e603764582..41013bc732 100644
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@@ -69,7 +69,7 @@
 typedef struct {
     const EVP_MD *md;           /* MD for HMAC use */
     ASN1_OCTET_STRING ktmp;     /* Temp storage for key */
-    HMAC_CTX ctx;
+    HMAC_CTX *ctx;
 } HMAC_PKEY_CTX;
 
 static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
@@ -80,7 +80,7 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
     if (hctx == NULL)
         return 0;
     hctx->ktmp.type = V_ASN1_OCTET_STRING;
-    HMAC_CTX_init(&hctx->ctx);
+    hctx->ctx = HMAC_CTX_new();
 
     ctx->data = hctx;
     ctx->keygen_info_count = 0;
@@ -96,7 +96,7 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
     sctx = src->data;
     dctx = dst->data;
     dctx->md = sctx->md;
-    if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
+    if (!HMAC_CTX_copy(dctx->ctx, sctx->ctx))
         return 0;
     if (sctx->ktmp.data) {
         if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
@@ -111,7 +111,7 @@ static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
     HMAC_PKEY_CTX *hctx = ctx->data;
 
     if (hctx != NULL) {
-        HMAC_CTX_cleanup(&hctx->ctx);
+        HMAC_CTX_free(hctx->ctx);
         OPENSSL_clear_free(hctx->ktmp.data, hctx->ktmp.length);
         OPENSSL_free(hctx);
         ctx->data = NULL;
@@ -135,7 +135,7 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
 static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
 {
     HMAC_PKEY_CTX *hctx = EVP_MD_CTX_pkey_ctx(ctx)->data;
-    if (!HMAC_Update(&hctx->ctx, data, count))
+    if (!HMAC_Update(hctx->ctx, data, count))
         return 0;
     return 1;
 }
@@ -143,7 +143,7 @@ static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
 static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
 {
     HMAC_PKEY_CTX *hctx = ctx->data;
-    HMAC_CTX_set_flags(&hctx->ctx,
+    HMAC_CTX_set_flags(hctx->ctx,
                        EVP_MD_CTX_test_flags(mctx, ~EVP_MD_CTX_FLAG_NO_INIT));
     EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
     EVP_MD_CTX_set_update_fn(mctx, int_update);
@@ -163,7 +163,7 @@ static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
     if (!sig)
         return 1;
 
-    if (!HMAC_Final(&hctx->ctx, sig, &hlen))
+    if (!HMAC_Final(hctx->ctx, sig, &hlen))
         return 0;
     *siglen = (size_t)hlen;
     return 1;
@@ -188,7 +188,7 @@ static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 
     case EVP_PKEY_CTRL_DIGESTINIT:
         key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
-        if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
+        if (!HMAC_Init_ex(hctx->ctx, key->data, key->length, hctx->md,
                           ctx->engine))
             return 0;
         break;
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index e0bfbb1ee0..9b29861ddc 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -61,6 +61,7 @@
 #include <string.h>
 #include "internal/cryptlib.h"
 #include <openssl/hmac.h>
+#include "hmac_lcl.h"
 
 int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
                  const EVP_MD *md, ENGINE *impl)
@@ -163,6 +164,30 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
     return 0;
 }
 
+size_t HMAC_size(HMAC_CTX *ctx)
+{
+    return EVP_MD_size((ctx)->md);
+}
+
+HMAC_CTX *HMAC_CTX_new(void)
+{
+    HMAC_CTX *ctx = (HMAC_CTX *)OPENSSL_zalloc(sizeof(HMAC_CTX));
+    if (ctx)
+        if (!HMAC_CTX_init(ctx)) {
+            HMAC_CTX_free(ctx);
+            ctx = NULL;
+        }
+    return ctx;
+}
+
+void HMAC_CTX_free(HMAC_CTX *ctx)
+{
+    if (ctx != NULL) {
+        HMAC_CTX_cleanup(ctx);
+        OPENSSL_free(ctx);
+    }
+}
+
 int HMAC_CTX_init(HMAC_CTX *ctx)
 {
     if (ctx->i_ctx == NULL)
@@ -221,22 +246,23 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
                     const unsigned char *d, size_t n, unsigned char *md,
                     unsigned int *md_len)
 {
-    HMAC_CTX c = HMAC_CTX_EMPTY;
+    HMAC_CTX *c = NULL;
     static unsigned char m[EVP_MAX_MD_SIZE];
 
     if (md == NULL)
         md = m;
-    HMAC_CTX_init(&c);
-    if (!HMAC_Init_ex(&c, key, key_len, evp_md, NULL))
+    if ((c = HMAC_CTX_new()) == NULL)
+        goto err;
+    if (!HMAC_Init_ex(c, key, key_len, evp_md, NULL))
         goto err;
-    if (!HMAC_Update(&c, d, n))
+    if (!HMAC_Update(c, d, n))
         goto err;
-    if (!HMAC_Final(&c, md, md_len))
+    if (!HMAC_Final(c, md, md_len))
         goto err;
-    HMAC_CTX_cleanup(&c);
+    HMAC_CTX_free(c);
     return md;
  err:
-    HMAC_CTX_cleanup(&c);
+    HMAC_CTX_free(c);
     return NULL;
 }
 
diff --git a/crypto/hmac/hmac_lcl.h b/crypto/hmac/hmac_lcl.h
new file mode 100644
index 0000000000..b14607dba4
--- /dev/null
+++ b/crypto/hmac/hmac_lcl.h
@@ -0,0 +1,77 @@
+/* crypto/hmac/hmac.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#ifndef HEADER_HMAC_LCL_H
+# define HEADER_HMAC_LCL_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+#if 0                            /* emacs indentation fix */
+}
+#endif
+
+typedef struct hmac_ctx_st {
+    const EVP_MD *md;
+    EVP_MD_CTX *md_ctx;
+    EVP_MD_CTX *i_ctx;
+    EVP_MD_CTX *o_ctx;
+    unsigned int key_length;
+    unsigned char key[HMAC_MAX_MD_CBLOCK];
+} HMAC_CTX;
+
+#endif
-- 
cgit v1.2.3