[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Matt Caswell matt at openssl.org
Fri Jun 12 13:45:09 UTC 2015


The branch OpenSSL_1_0_2-stable has been updated
       via  1030f89f5ea238820645e3d34049eb1bd30e81c4 (commit)
      from  b6ed9917314145d1133a3d571daa06f7d2fb66d2 (commit)


- Log -----------------------------------------------------------------
commit 1030f89f5ea238820645e3d34049eb1bd30e81c4
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jun 12 13:08:04 2015 +0100

    Fix ABI break with HMAC
    
    Recent HMAC changes broke ABI compatibility due to a new field in HMAC_CTX.
    This backs that change out, and does it a different way.
    
    Thanks to Timo Teras for the concept.
    
    Conflicts:
    	crypto/hmac/hmac.c
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/hmac/hmac.c     | 19 +++++++------------
 crypto/hmac/hmac.h     |  1 -
 crypto/hmac/hmactest.c |  7 ++++++-
 3 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 15a9a21..51a0a3e 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -97,6 +97,9 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
             return FIPS_hmac_init_ex(ctx, key, len, md, NULL);
     }
 #endif
+    /* If we are changing MD then we must have a key */
+    if (md != NULL && md != ctx->md && (key == NULL || len < 0))
+        return 0;
 
     if (md != NULL) {
         reset = 1;
@@ -107,9 +110,6 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
         return 0;
     }
 
-    if (!ctx->key_init && key == NULL)
-        return 0;
-
     if (key != NULL) {
         reset = 1;
         j = EVP_MD_block_size(md);
@@ -131,7 +131,6 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
         if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
             memset(&ctx->key[ctx->key_length], 0,
                    HMAC_MAX_MD_CBLOCK - ctx->key_length);
-        ctx->key_init = 1;
     }
 
     if (reset) {
@@ -169,7 +168,7 @@ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
     if (FIPS_mode() && !ctx->i_ctx.engine)
         return FIPS_hmac_update(ctx, data, len);
 #endif
-    if (!ctx->key_init)
+    if (!ctx->md)
         return 0;
 
     return EVP_DigestUpdate(&ctx->md_ctx, data, len);
@@ -184,7 +183,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
         return FIPS_hmac_final(ctx, md, len);
 #endif
 
-    if (!ctx->key_init)
+    if (!ctx->md)
         goto err;
 
     if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
@@ -205,7 +204,6 @@ void HMAC_CTX_init(HMAC_CTX *ctx)
     EVP_MD_CTX_init(&ctx->i_ctx);
     EVP_MD_CTX_init(&ctx->o_ctx);
     EVP_MD_CTX_init(&ctx->md_ctx);
-    ctx->key_init = 0;
     ctx->md = NULL;
 }
 
@@ -217,11 +215,8 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
         goto err;
     if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
         goto err;
-    dctx->key_init = sctx->key_init;
-    if (sctx->key_init) {
-        memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
-        dctx->key_length = sctx->key_length;
-    }
+    memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
+    dctx->key_length = sctx->key_length;
     dctx->md = sctx->md;
     return 1;
  err:
diff --git a/crypto/hmac/hmac.h b/crypto/hmac/hmac.h
index f8e9f5e..b8b55cd 100644
--- a/crypto/hmac/hmac.h
+++ b/crypto/hmac/hmac.h
@@ -79,7 +79,6 @@ typedef struct hmac_ctx_st {
     EVP_MD_CTX o_ctx;
     unsigned int key_length;
     unsigned char key[HMAC_MAX_MD_CBLOCK];
-    int key_init;
 } HMAC_CTX;
 
 # define HMAC_size(e)    (EVP_MD_size((e)->md))
diff --git a/crypto/hmac/hmactest.c b/crypto/hmac/hmactest.c
index 86b6c25..271d0eb 100644
--- a/crypto/hmac/hmactest.c
+++ b/crypto/hmac/hmactest.c
@@ -233,7 +233,12 @@ test5:
         err++;
         goto test6;
     }
-    if (!HMAC_Init_ex(&ctx, NULL, 0, EVP_sha256(), NULL)) {
+    if (HMAC_Init_ex(&ctx, NULL, 0, EVP_sha256(), NULL)) {
+        printf("Should disallow changing MD without a new key (test 5)\n");
+        err++;
+        goto test6;
+    }
+    if (!HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, EVP_sha256(), NULL)) {
         printf("Failed to reinitialise HMAC (test 5)\n");
         err++;
         goto test6;


More information about the openssl-commits mailing list