[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Fri Jun 24 12:24:29 UTC 2016
The branch master has been updated
via 827d17f0210e6721be9834220be1e31b75b0b272 (commit)
via a6211814c4c6f29358f29f639d468387b01518f8 (commit)
from d6079a87db58ad17550b5d00a74512464e6a029e (commit)
- Log -----------------------------------------------------------------
commit 827d17f0210e6721be9834220be1e31b75b0b272
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jun 20 09:28:25 2016 +0100
Add some documentation for missing HMAC functions
This includes the newly added HMAC_CTX_get_md().
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit a6211814c4c6f29358f29f639d468387b01518f8
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jun 20 09:08:10 2016 +0100
Add a getter to obtain the HMAC_CTX md
As a result of opaque HMAC_CTX apps need a getter for the HMAC_CTX md.
GitHub Issue #1152
Reviewed-by: Tim Hudson <tjh at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/hmac/hmac.c | 5 +++++
doc/crypto/HMAC.pod | 39 ++++++++++++++++++++++++++++++++-------
include/openssl/hmac.h | 1 +
test/hmactest.c | 15 +++++++++++++++
util/libcrypto.num | 1 +
5 files changed, 54 insertions(+), 7 deletions(-)
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index da7f586..3374105 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -233,3 +233,8 @@ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
EVP_MD_CTX_set_flags(ctx->o_ctx, flags);
EVP_MD_CTX_set_flags(ctx->md_ctx, flags);
}
+
+const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx)
+{
+ return ctx->md;
+}
diff --git a/doc/crypto/HMAC.pod b/doc/crypto/HMAC.pod
index cabb493..fdafec8 100644
--- a/doc/crypto/HMAC.pod
+++ b/doc/crypto/HMAC.pod
@@ -2,7 +2,18 @@
=head1 NAME
-HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final - HMAC message authentication code
+HMAC,
+HMAC_CTX_new,
+HMAC_CTX_reset,
+HMAC_CTX_free,
+HMAC_Init,
+HMAC_Init_ex,
+HMAC_Update,
+HMAC_Final,
+HMAC_CTX_copy,
+HMAC_CTX_set_flags,
+HMAC_CTX_get_md
+- HMAC message authentication code
=head1 SYNOPSIS
@@ -22,6 +33,10 @@ HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC
void HMAC_CTX_free(HMAC_CTX *ctx);
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
Deprecated:
#if OPENSSL_API_COMPAT < 0x10100000L
@@ -78,6 +93,14 @@ be authenticated (B<len> bytes at B<data>).
HMAC_Final() places the message authentication code in B<md>, which
must have space for the hash function output.
+HMAC_CTX_copy() copies all of the internal state from B<sctx> into B<dctx>.
+
+HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs.
+These flags have the same meaning as for L<EVP_MD_CTX_set_flags(3)>.
+
+HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the
+supplied HMAC_CTX.
+
=head1 RETURN VALUES
HMAC() returns a pointer to the message authentication code or NULL if
@@ -86,10 +109,11 @@ an error occurred.
HMAC_CTX_new() returns a pointer to a new B<HMAC_CTX> on success or
B<NULL> if an error occurred.
-HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1
-for success or 0 if an error occurred.
+HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and
+HMAC_CTX_copy() return 1 for success or 0 if an error occurred.
-HMAC_CTX_free() do not return values.
+HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or
+NULL if no EVP_MD has been set.
=head1 CONFORMING TO
@@ -101,11 +125,12 @@ L<sha(3)>, L<evp(3)>
=head1 HISTORY
-HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL versions 1.1.
+HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL versions 1.1.0.
-HMAC_CTX_cleanup() existed in OpenSSL versions before 1.1.
+HMAC_CTX_cleanup() existed in OpenSSL versions before 1.1.0.
-HMAC_CTX_new() and HMAC_CTX_free() are new in OpenSSL version 1.1.
+HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL version
+1.1.0.
HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
versions of OpenSSL before 1.0.0.
diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 809ca34..9f06896 100644
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@@ -40,6 +40,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
__owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
#ifdef __cplusplus
}
diff --git a/test/hmactest.c b/test/hmactest.c
index 145c467..0f4348b 100644
--- a/test/hmactest.c
+++ b/test/hmactest.c
@@ -123,6 +123,11 @@ int main(int argc, char *argv[])
err++;
goto end;
}
+ if (HMAC_CTX_get_md(ctx) != NULL) {
+ printf("Message digest not NULL for HMAC (test 4)\n");
+ err++;
+ goto test5;
+ }
if (HMAC_Init_ex(ctx, NULL, 0, NULL, NULL)) {
printf("Should fail to initialise HMAC with empty MD and key (test 4)\n");
err++;
@@ -155,6 +160,11 @@ test5:
}
HMAC_CTX_reset(ctx);
+ if (HMAC_CTX_get_md(ctx) != NULL) {
+ printf("Message digest not NULL for HMAC (test 5)\n");
+ err++;
+ goto test6;
+ }
if (HMAC_Init_ex(ctx, test[4].key, test[4].key_len, NULL, NULL)) {
printf("Should fail to initialise HMAC with empty MD (test 5)\n");
err++;
@@ -202,6 +212,11 @@ test5:
err++;
goto test6;
}
+ if (HMAC_CTX_get_md(ctx) != EVP_sha256()) {
+ printf("Unexpected message digest for HMAC (test 5)\n");
+ err++;
+ goto test6;
+ }
if (!HMAC_Update(ctx, test[5].data, test[5].data_len)) {
printf("Error updating HMAC with data (sha256) (test 5)\n");
err++;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index fa07ecf..fc118b1 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4149,3 +4149,4 @@ X509_get_pathlen 4092 1_1_0 EXIST::FUNCTION:
ECDSA_SIG_set0 4093 1_1_0 EXIST::FUNCTION:EC
DSA_SIG_set0 4094 1_1_0 EXIST::FUNCTION:DSA
EVP_PKEY_get0_hmac 4095 1_1_0 EXIST::FUNCTION:
+HMAC_CTX_get_md 4096 1_1_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list