Add a getter to obtain the HMAC_CTX md

As a result of opaque HMAC_CTX apps need a getter for the HMAC_CTX md.

GitHub Issue #1152

Reviewed-by: Tim Hudson <tjh@openssl.org>

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index da7f58688f1e3037f37ca2e49ba4347368da5448..3374105cbb941209f89e01cc5ef028e57ab7526d 100644 (file)
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -233,3 +233,8 @@ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
     EVP_MD_CTX_set_flags(ctx->o_ctx, flags);
     EVP_MD_CTX_set_flags(ctx->md_ctx, flags);
 }
+
+const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx)
+{
+    return ctx->md;
+}

diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 809ca34227ad99fcc1812692de0c12bd3b8177e3..9f068960590e5de40ccbdf0acacabeca7cd7630f 100644 (file)
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@@ -40,6 +40,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 __owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
 
 void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
 
 #ifdef  __cplusplus
 }

diff --git a/test/hmactest.c b/test/hmactest.c
index 145c467e5022a9ffca85aad86c45ea3add274612..0f4348b73c5f10b628cd20e13e2cc75a8a1a4243 100644 (file)
--- a/test/hmactest.c
+++ b/test/hmactest.c
@@ -123,6 +123,11 @@ int main(int argc, char *argv[])
         err++;
         goto end;
     }
+    if (HMAC_CTX_get_md(ctx) != NULL) {
+        printf("Message digest not NULL for HMAC (test 4)\n");
+        err++;
+        goto test5;
+    }
     if (HMAC_Init_ex(ctx, NULL, 0, NULL, NULL)) {
         printf("Should fail to initialise HMAC with empty MD and key (test 4)\n");
         err++;
@@ -155,6 +160,11 @@ test5:
     }
 
     HMAC_CTX_reset(ctx);
+    if (HMAC_CTX_get_md(ctx) != NULL) {
+        printf("Message digest not NULL for HMAC (test 5)\n");
+        err++;
+        goto test6;
+    }
     if (HMAC_Init_ex(ctx, test[4].key, test[4].key_len, NULL, NULL)) {
         printf("Should fail to initialise HMAC with empty MD (test 5)\n");
         err++;
@@ -202,6 +212,11 @@ test5:
         err++;
         goto test6;
     }
+    if (HMAC_CTX_get_md(ctx) != EVP_sha256()) {
+        printf("Unexpected message digest for HMAC (test 5)\n");
+        err++;
+        goto test6;
+    }
     if (!HMAC_Update(ctx, test[5].data, test[5].data_len)) {
         printf("Error updating HMAC with data (sha256) (test 5)\n");
         err++;

diff --git a/util/libcrypto.num b/util/libcrypto.num
index fa07ecfef973196de83d21b28229fa6bf53fd075..fc118b19bbb5a8e6f778aca7cd755d8a71dd84a8 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4149,3 +4149,4 @@ X509_get_pathlen                        4092      1_1_0   EXIST::FUNCTION:
 ECDSA_SIG_set0                          4093   1_1_0   EXIST::FUNCTION:EC
 DSA_SIG_set0                            4094   1_1_0   EXIST::FUNCTION:DSA
 EVP_PKEY_get0_hmac                      4095   1_1_0   EXIST::FUNCTION:
+HMAC_CTX_get_md                         4096   1_1_0   EXIST::FUNCTION: