[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Fri Jun 24 12:24:29 UTC 2016


The branch master has been updated
       via  827d17f0210e6721be9834220be1e31b75b0b272 (commit)
       via  a6211814c4c6f29358f29f639d468387b01518f8 (commit)
      from  d6079a87db58ad17550b5d00a74512464e6a029e (commit)


- Log -----------------------------------------------------------------
commit 827d17f0210e6721be9834220be1e31b75b0b272
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Jun 20 09:28:25 2016 +0100

    Add some documentation for missing HMAC functions
    
    This includes the newly added HMAC_CTX_get_md().
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

commit a6211814c4c6f29358f29f639d468387b01518f8
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Jun 20 09:08:10 2016 +0100

    Add a getter to obtain the HMAC_CTX md
    
    As a result of opaque HMAC_CTX apps need a getter for the HMAC_CTX md.
    
    GitHub Issue #1152
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/hmac/hmac.c     |  5 +++++
 doc/crypto/HMAC.pod    | 39 ++++++++++++++++++++++++++++++++-------
 include/openssl/hmac.h |  1 +
 test/hmactest.c        | 15 +++++++++++++++
 util/libcrypto.num     |  1 +
 5 files changed, 54 insertions(+), 7 deletions(-)

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index da7f586..3374105 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -233,3 +233,8 @@ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
     EVP_MD_CTX_set_flags(ctx->o_ctx, flags);
     EVP_MD_CTX_set_flags(ctx->md_ctx, flags);
 }
+
+const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx)
+{
+    return ctx->md;
+}
diff --git a/doc/crypto/HMAC.pod b/doc/crypto/HMAC.pod
index cabb493..fdafec8 100644
--- a/doc/crypto/HMAC.pod
+++ b/doc/crypto/HMAC.pod
@@ -2,7 +2,18 @@
 
 =head1 NAME
 
-HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final - HMAC message authentication code
+HMAC,
+HMAC_CTX_new,
+HMAC_CTX_reset,
+HMAC_CTX_free,
+HMAC_Init,
+HMAC_Init_ex,
+HMAC_Update,
+HMAC_Final,
+HMAC_CTX_copy,
+HMAC_CTX_set_flags,
+HMAC_CTX_get_md
+- HMAC message authentication code
 
 =head1 SYNOPSIS
 
@@ -22,6 +33,10 @@ HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC
 
  void HMAC_CTX_free(HMAC_CTX *ctx);
 
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
 Deprecated:
 
  #if OPENSSL_API_COMPAT < 0x10100000L
@@ -78,6 +93,14 @@ be authenticated (B<len> bytes at B<data>).
 HMAC_Final() places the message authentication code in B<md>, which
 must have space for the hash function output.
 
+HMAC_CTX_copy() copies all of the internal state from B<sctx> into B<dctx>.
+
+HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs.
+These flags have the same meaning as for L<EVP_MD_CTX_set_flags(3)>.
+
+HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the
+supplied HMAC_CTX.
+
 =head1 RETURN VALUES
 
 HMAC() returns a pointer to the message authentication code or NULL if
@@ -86,10 +109,11 @@ an error occurred.
 HMAC_CTX_new() returns a pointer to a new B<HMAC_CTX> on success or
 B<NULL> if an error occurred.
 
-HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1
-for success or 0 if an error occurred.
+HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and
+HMAC_CTX_copy() return 1 for success or 0 if an error occurred.
 
-HMAC_CTX_free() do not return values.
+HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or
+NULL if no EVP_MD has been set.
 
 =head1 CONFORMING TO
 
@@ -101,11 +125,12 @@ L<sha(3)>, L<evp(3)>
 
 =head1 HISTORY
 
-HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL versions 1.1.
+HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL versions 1.1.0.
 
-HMAC_CTX_cleanup() existed in OpenSSL versions before 1.1.
+HMAC_CTX_cleanup() existed in OpenSSL versions before 1.1.0.
 
-HMAC_CTX_new() and HMAC_CTX_free() are new in OpenSSL version 1.1.
+HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL version
+1.1.0.
 
 HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
 versions of OpenSSL before 1.0.0.
diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 809ca34..9f06896 100644
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@@ -40,6 +40,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 __owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
 
 void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
 
 #ifdef  __cplusplus
 }
diff --git a/test/hmactest.c b/test/hmactest.c
index 145c467..0f4348b 100644
--- a/test/hmactest.c
+++ b/test/hmactest.c
@@ -123,6 +123,11 @@ int main(int argc, char *argv[])
         err++;
         goto end;
     }
+    if (HMAC_CTX_get_md(ctx) != NULL) {
+        printf("Message digest not NULL for HMAC (test 4)\n");
+        err++;
+        goto test5;
+    }
     if (HMAC_Init_ex(ctx, NULL, 0, NULL, NULL)) {
         printf("Should fail to initialise HMAC with empty MD and key (test 4)\n");
         err++;
@@ -155,6 +160,11 @@ test5:
     }
 
     HMAC_CTX_reset(ctx);
+    if (HMAC_CTX_get_md(ctx) != NULL) {
+        printf("Message digest not NULL for HMAC (test 5)\n");
+        err++;
+        goto test6;
+    }
     if (HMAC_Init_ex(ctx, test[4].key, test[4].key_len, NULL, NULL)) {
         printf("Should fail to initialise HMAC with empty MD (test 5)\n");
         err++;
@@ -202,6 +212,11 @@ test5:
         err++;
         goto test6;
     }
+    if (HMAC_CTX_get_md(ctx) != EVP_sha256()) {
+        printf("Unexpected message digest for HMAC (test 5)\n");
+        err++;
+        goto test6;
+    }
     if (!HMAC_Update(ctx, test[5].data, test[5].data_len)) {
         printf("Error updating HMAC with data (sha256) (test 5)\n");
         err++;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index fa07ecf..fc118b1 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4149,3 +4149,4 @@ X509_get_pathlen                        4092	1_1_0	EXIST::FUNCTION:
 ECDSA_SIG_set0                          4093	1_1_0	EXIST::FUNCTION:EC
 DSA_SIG_set0                            4094	1_1_0	EXIST::FUNCTION:DSA
 EVP_PKEY_get0_hmac                      4095	1_1_0	EXIST::FUNCTION:
+HMAC_CTX_get_md                         4096	1_1_0	EXIST::FUNCTION:


More information about the openssl-commits mailing list