Make hmac_ctx optional
Note from future self: actually md_init_ctx will be re-introduced with the
same signature later, and a new function with the additional argument will be
added.
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 2e4b682..295da3a 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -97,7 +97,7 @@
md_init( &ctx->md_ctx );
- if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
+ if( ( ret = md_init_ctx( &ctx->md_ctx, md_info, 1 ) ) != 0 )
return( ret );
/*
@@ -171,7 +171,7 @@
md_init( &ctx->md_ctx );
- if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
+ if( ( ret = md_init_ctx( &ctx->md_ctx, md_info, 1 ) ) != 0 )
return( ret );
md_size = md_get_size( md_info );
diff --git a/library/md.c b/library/md.c
index cb6364e..eef9d73 100644
--- a/library/md.c
+++ b/library/md.c
@@ -199,7 +199,7 @@
polarssl_zeroize( ctx, sizeof( md_context_t ) );
}
-int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
+int md_init_ctx( md_context_t *ctx, const md_info_t *md_info, int hmac )
{
if( md_info == NULL || ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
@@ -209,11 +209,14 @@
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
return( POLARSSL_ERR_MD_ALLOC_FAILED );
- ctx->hmac_ctx = polarssl_malloc( 2 * md_info->block_size );
- if( ctx->hmac_ctx == NULL )
+ if( hmac != 0 )
{
- md_info->ctx_free_func( ctx->md_ctx );
- return( POLARSSL_ERR_MD_ALLOC_FAILED );
+ ctx->hmac_ctx = polarssl_malloc( 2 * md_info->block_size );
+ if( ctx->hmac_ctx == NULL )
+ {
+ md_info->ctx_free_func( ctx->md_ctx );
+ return( POLARSSL_ERR_MD_ALLOC_FAILED );
+ }
}
ctx->md_info = md_info;
@@ -382,7 +385,7 @@
md_init( &ctx );
- if( ( ret = md_init_ctx( &ctx, md_info ) ) != 0 )
+ if( ( ret = md_init_ctx( &ctx, md_info, 1 ) ) != 0 )
return( ret );
md_hmac_starts( &ctx, key, keylen );
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 66b29c1..1f442e6 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -268,7 +268,7 @@
md_init( &md_ctx );
- if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 )
+ if( ( ret = md_init_ctx( &md_ctx, md_info, 0 ) ) != 0 )
return( ret );
hlen = md_get_size( md_info );
diff --git a/library/pkcs5.c b/library/pkcs5.c
index 280453a..9cc8b7d 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -189,7 +189,7 @@
memcpy( iv, enc_scheme_params.p, enc_scheme_params.len );
- if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 )
+ if( ( ret = md_init_ctx( &md_ctx, md_info, 1 ) ) != 0 )
goto exit;
if( ( ret = pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len,
@@ -365,7 +365,7 @@
goto exit;
}
- if( ( ret = md_init_ctx( &sha1_ctx, info_sha1 ) ) != 0 )
+ if( ( ret = md_init_ctx( &sha1_ctx, info_sha1, 1 ) ) != 0 )
{
ret = 1;
goto exit;
diff --git a/library/rsa.c b/library/rsa.c
index d3ab4ed..afa1c72 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -556,7 +556,7 @@
memcpy( p, input, ilen );
md_init( &md_ctx );
- md_init_ctx( &md_ctx, md_info );
+ md_init_ctx( &md_ctx, md_info, 0 );
// maskedDB: Apply dbMask to DB
//
@@ -725,7 +725,7 @@
hlen = md_get_size( md_info );
md_init( &md_ctx );
- md_init_ctx( &md_ctx, md_info );
+ md_init_ctx( &md_ctx, md_info, 0 );
/* Generate lHash */
md( md_info, label, label_len, lhash );
@@ -969,7 +969,7 @@
p += slen;
md_init( &md_ctx );
- md_init_ctx( &md_ctx, md_info );
+ md_init_ctx( &md_ctx, md_info, 0 );
// Generate H = Hash( M' )
//
@@ -1201,7 +1201,7 @@
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
md_init( &md_ctx );
- md_init_ctx( &md_ctx, md_info );
+ md_init_ctx( &md_ctx, md_info, 0 );
mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx );
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 4fe767b..b6fe21f 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -2173,7 +2173,7 @@
* };
*/
if( ( ret = md_init_ctx( &ctx,
- md_info_from_type( md_alg ) ) ) != 0 )
+ md_info_from_type( md_alg ), 0 ) ) != 0 )
{
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
return( ret );
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index c2fde82..2b6bdc5 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -104,7 +104,7 @@
if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 )
return( ret );
- ret = md_init_ctx( &ctx->hmac_ctx, md_info_from_type( COOKIE_MD ) );
+ ret = md_init_ctx( &ctx->hmac_ctx, md_info_from_type( COOKIE_MD ), 1 );
if( ret != 0 )
return( ret );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 250f95f..49e9b5c 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -3073,7 +3073,7 @@
* ServerDHParams params;
* };
*/
- if( ( ret = md_init_ctx( &ctx, md_info ) ) != 0 )
+ if( ( ret = md_init_ctx( &ctx, md_info, 0 ) ) != 0 )
{
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
return( ret );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2a61a51..ded226e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -658,8 +658,8 @@
int ret;
/* Initialize HMAC contexts */
- if( ( ret = md_init_ctx( &transform->md_ctx_enc, md_info ) ) != 0 ||
- ( ret = md_init_ctx( &transform->md_ctx_dec, md_info ) ) != 0 )
+ if( ( ret = md_init_ctx( &transform->md_ctx_enc, md_info, 1 ) ) != 0 ||
+ ( ret = md_init_ctx( &transform->md_ctx_dec, md_info, 1 ) ) != 0 )
{
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
return( ret );