Add a getter to obtain the HMAC_CTX md

As a result of opaque HMAC_CTX apps need a getter for the HMAC_CTX md. GitHub Issue #1152 Reviewed-by: Tim Hudson <tjh@openssl.org>
2025-04-06 20:20:50 +08:00 · 2016-06-20 09:08:10 +01:00 · 2016-06-20 09:08:10 +01:00 · a6211814c4
commit a6211814c4
parent d6079a87db
4 changed files with 22 additions and 0 deletions
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@ -233,3 +233,8 @@ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
    EVP_MD_CTX_set_flags(ctx->o_ctx, flags);
    EVP_MD_CTX_set_flags(ctx->md_ctx, flags);
 }
+
+const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx)
+{
+    return ctx->md;
+}
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@ -40,6 +40,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 __owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);

 void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);

 #ifdef  __cplusplus
 }
--- a/test/hmactest.c
+++ b/test/hmactest.c
@ -123,6 +123,11 @@ int main(int argc, char *argv[])
        err++;
        goto end;
    }
+    if (HMAC_CTX_get_md(ctx) != NULL) {
+        printf("Message digest not NULL for HMAC (test 4)\n");
+        err++;
+        goto test5;
+    }
    if (HMAC_Init_ex(ctx, NULL, 0, NULL, NULL)) {
        printf("Should fail to initialise HMAC with empty MD and key (test 4)\n");
        err++;
@ -155,6 +160,11 @@ test5:
    }

    HMAC_CTX_reset(ctx);
+    if (HMAC_CTX_get_md(ctx) != NULL) {
+        printf("Message digest not NULL for HMAC (test 5)\n");
+        err++;
+        goto test6;
+    }
    if (HMAC_Init_ex(ctx, test[4].key, test[4].key_len, NULL, NULL)) {
        printf("Should fail to initialise HMAC with empty MD (test 5)\n");
        err++;
@ -202,6 +212,11 @@ test5:
        err++;
        goto test6;
    }
+    if (HMAC_CTX_get_md(ctx) != EVP_sha256()) {
+        printf("Unexpected message digest for HMAC (test 5)\n");
+        err++;
+        goto test6;
+    }
    if (!HMAC_Update(ctx, test[5].data, test[5].data_len)) {
        printf("Error updating HMAC with data (sha256) (test 5)\n");
        err++;
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@ -4149,3 +4149,4 @@ X509_get_pathlen                        4092	1_1_0	EXIST::FUNCTION:
 ECDSA_SIG_set0                          4093	1_1_0	EXIST::FUNCTION:EC
 DSA_SIG_set0                            4094	1_1_0	EXIST::FUNCTION:DSA
 EVP_PKEY_get0_hmac                      4095	1_1_0	EXIST::FUNCTION:
+HMAC_CTX_get_md                         4096	1_1_0	EXIST::FUNCTION: