Skip to content

Commit 87d5246

Browse files
snhensonsnhenson
committed
Update HMAC functions to return an error where relevant.
1 parent 70d71f6 commit 87d5246

4 files changed

Lines changed: 78 additions & 39 deletions

File tree

CHANGES

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@
44

55
Changes between 0.9.8j and 0.9.9 [xx XXX xxxx]
66

7+
*) Modify HMAC functions to return a value. Since these can be implemented
8+
in an ENGINE errors can occur.
9+
[Steve Henson]
10+
711
*) Type-checked OBJ_bsearch_ex.
812
[Ben Laurie]
913

crypto/hmac/hmac.c

Lines changed: 56 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@
6161
#include "cryptlib.h"
6262
#include <openssl/hmac.h>
6363

64-
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t len,
64+
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t len,
6565
const EVP_MD *md, ENGINE *impl)
6666
{
6767
int i,j,reset=0;
@@ -82,10 +82,13 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t len,
8282
OPENSSL_assert(j <= (int)sizeof(ctx->key));
8383
if (j < len)
8484
{
85-
EVP_DigestInit_ex(&ctx->md_ctx,md, impl);
86-
EVP_DigestUpdate(&ctx->md_ctx,key,len);
87-
EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,
88-
&ctx->key_length);
85+
if (!EVP_DigestInit_ex(&ctx->md_ctx,md, impl))
86+
goto err;
87+
if (!EVP_DigestUpdate(&ctx->md_ctx,key,len))
88+
goto err;
89+
if (!EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,
90+
&ctx->key_length))
91+
goto err;
8992
}
9093
else
9194
{
@@ -102,41 +105,56 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t len,
102105
{
103106
for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
104107
pad[i]=0x36^ctx->key[i];
105-
EVP_DigestInit_ex(&ctx->i_ctx,md, impl);
106-
EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
108+
if (!EVP_DigestInit_ex(&ctx->i_ctx,md, impl))
109+
goto err;
110+
if (!EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)))
111+
goto err;
107112

108113
for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
109114
pad[i]=0x5c^ctx->key[i];
110-
EVP_DigestInit_ex(&ctx->o_ctx,md, impl);
111-
EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
115+
if (!EVP_DigestInit_ex(&ctx->o_ctx,md, impl))
116+
goto err;
117+
if (!EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)))
118+
goto err;
112119
}
113-
EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx);
120+
if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx))
121+
goto err;
122+
return 1;
123+
err:
124+
return 0;
114125
}
115126

116-
void HMAC_Init(HMAC_CTX *ctx, const void *key, size_t len, const EVP_MD *md)
127+
int HMAC_Init(HMAC_CTX *ctx, const void *key, size_t len, const EVP_MD *md)
117128
{
118129
if(key && md)
119130
HMAC_CTX_init(ctx);
120-
HMAC_Init_ex(ctx,key,len,md, NULL);
131+
return HMAC_Init_ex(ctx,key,len,md, NULL);
121132
}
122133

123-
void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
134+
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
124135
{
125-
EVP_DigestUpdate(&ctx->md_ctx,data,len);
136+
return EVP_DigestUpdate(&ctx->md_ctx,data,len);
126137
}
127138

128-
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
139+
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
129140
{
130141
int j;
131142
unsigned int i;
132143
unsigned char buf[EVP_MAX_MD_SIZE];
133144

134145
j=EVP_MD_block_size(ctx->md);
135146

136-
EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i);
137-
EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx);
138-
EVP_DigestUpdate(&ctx->md_ctx,buf,i);
139-
EVP_DigestFinal_ex(&ctx->md_ctx,md,len);
147+
if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))
148+
goto err;
149+
if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))
150+
goto err;
151+
if (!EVP_DigestUpdate(&ctx->md_ctx,buf,i))
152+
goto err;
153+
if (!EVP_DigestFinal_ex(&ctx->md_ctx,md,len))
154+
goto err;
155+
return 1;
156+
err:
157+
return 0;
140158
}
141159

142160
void HMAC_CTX_init(HMAC_CTX *ctx)
@@ -146,14 +164,20 @@ void HMAC_CTX_init(HMAC_CTX *ctx)
146164
EVP_MD_CTX_init(&ctx->md_ctx);
147165
}
148166

149-
void HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
167+
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
150168
{
151-
EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx);
152-
EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx);
153-
EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx);
169+
if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
170+
goto err;
171+
if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
172+
goto err;
173+
if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
174+
goto err;
154175
memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
155176
dctx->key_length = sctx->key_length;
156177
dctx->md = sctx->md;
178+
return 1;
179+
err:
180+
return 0;
157181
}
158182

159183
void HMAC_CTX_cleanup(HMAC_CTX *ctx)
@@ -173,10 +197,15 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
173197

174198
if (md == NULL) md=m;
175199
HMAC_CTX_init(&c);
176-
HMAC_Init(&c,key,key_len,evp_md);
177-
HMAC_Update(&c,d,n);
178-
HMAC_Final(&c,md,md_len);
200+
if (!HMAC_Init(&c,key,key_len,evp_md))
201+
goto err;
202+
if (!HMAC_Update(&c,d,n))
203+
goto err;
204+
if (!HMAC_Final(&c,md,md_len))
205+
goto err;
179206
HMAC_CTX_cleanup(&c);
180-
return(md);
207+
return md;
208+
err:
209+
return NULL;
181210
}
182211

crypto/hmac/hmac.h

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -90,16 +90,16 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
9090

9191
#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */
9292

93-
void HMAC_Init(HMAC_CTX *ctx, const void *key, size_t len,
93+
int HMAC_Init(HMAC_CTX *ctx, const void *key, size_t len,
9494
const EVP_MD *md); /* deprecated */
95-
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t len,
95+
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t len,
9696
const EVP_MD *md, ENGINE *impl);
97-
void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
98-
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
97+
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
98+
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
9999
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
100100
const unsigned char *d, size_t n, unsigned char *md,
101101
unsigned int *md_len);
102-
void HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
102+
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
103103

104104

105105
#ifdef __cplusplus

doc/crypto/hmac.pod

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -15,12 +15,12 @@ authentication code
1515

1616
void HMAC_CTX_init(HMAC_CTX *ctx);
1717

18-
void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
18+
int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
1919
const EVP_MD *md);
20-
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
20+
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
2121
const EVP_MD *md, ENGINE *impl);
22-
void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
23-
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
22+
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
23+
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
2424

2525
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
2626
void HMAC_cleanup(HMAC_CTX *ctx);
@@ -78,10 +78,13 @@ must have space for the hash function output.
7878

7979
=head1 RETURN VALUES
8080

81-
HMAC() returns a pointer to the message authentication code.
81+
HMAC() returns a pointer to the message authentication code or NULL if
82+
an error occurred.
8283

83-
HMAC_CTX_init(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and
84-
HMAC_CTX_cleanup() do not return values.
84+
HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1 for success or 0 if
85+
an error occurred.
86+
87+
HMAC_CTX_init() and HMAC_CTX_cleanup() do not return values.
8588

8689
=head1 CONFORMING TO
8790

@@ -99,4 +102,7 @@ are available since SSLeay 0.9.0.
99102
HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
100103
since OpenSSL 0.9.7.
101104

105+
HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
106+
versions of OpenSSL before 0.9.9.
107+
102108
=cut

0 commit comments

Comments
 (0)