Add convenience functions to malloc EVP_HPKE_CTX and EVP_HPKE_KEY.
Some callers want the value to be heap-allocated. It's a little annoying
that this returns an empty value (if we only supported heap-allocated
ones, I'd have merged init into new), but since we have multiple
constructor functions, this is probably the least fuss.
Change-Id: I42f586e39850954fb6743f8be50a7cfffa0755ba
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48526
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/hpke/hpke.c b/crypto/hpke/hpke.c
index 444494f..222e329 100644
--- a/crypto/hpke/hpke.c
+++ b/crypto/hpke/hpke.c
@@ -235,6 +235,23 @@
// future.
}
+EVP_HPKE_KEY *EVP_HPKE_KEY_new(void) {
+ EVP_HPKE_KEY *key = OPENSSL_malloc(sizeof(EVP_HPKE_KEY));
+ if (key == NULL) {
+ OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ EVP_HPKE_KEY_zero(key);
+ return key;
+}
+
+void EVP_HPKE_KEY_free(EVP_HPKE_KEY *key) {
+ if (key != NULL) {
+ EVP_HPKE_KEY_cleanup(key);
+ OPENSSL_free(key);
+ }
+}
+
int EVP_HPKE_KEY_copy(EVP_HPKE_KEY *dst, const EVP_HPKE_KEY *src) {
// For now, |EVP_HPKE_KEY| is trivially copyable.
OPENSSL_memcpy(dst, src, sizeof(EVP_HPKE_KEY));
@@ -431,6 +448,23 @@
EVP_AEAD_CTX_cleanup(&ctx->aead_ctx);
}
+EVP_HPKE_CTX *EVP_HPKE_CTX_new(void) {
+ EVP_HPKE_CTX *ctx = OPENSSL_malloc(sizeof(EVP_HPKE_CTX));
+ if (ctx == NULL) {
+ OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ EVP_HPKE_CTX_zero(ctx);
+ return ctx;
+}
+
+void EVP_HPKE_CTX_free(EVP_HPKE_CTX *ctx) {
+ if (ctx != NULL) {
+ EVP_HPKE_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+ }
+}
+
int EVP_HPKE_CTX_setup_sender(EVP_HPKE_CTX *ctx, uint8_t *out_enc,
size_t *out_enc_len, size_t max_enc,
const EVP_HPKE_KEM *kem, const EVP_HPKE_KDF *kdf,
diff --git a/include/openssl/hpke.h b/include/openssl/hpke.h
index 85a597d..6958ef6 100644
--- a/include/openssl/hpke.h
+++ b/include/openssl/hpke.h
@@ -93,6 +93,17 @@
// EVP_HPKE_KEY_cleanup releases memory referenced by |key|.
OPENSSL_EXPORT void EVP_HPKE_KEY_cleanup(EVP_HPKE_KEY *key);
+// EVP_HPKE_KEY_new returns a newly-allocated |EVP_HPKE_KEY|, or NULL on error.
+// The caller must call |EVP_HPKE_KEY_free| on the result to release it.
+//
+// This is a convenience function for callers that need a heap-allocated
+// |EVP_HPKE_KEY|.
+OPENSSL_EXPORT EVP_HPKE_KEY *EVP_HPKE_KEY_new(void);
+
+// EVP_HPKE_KEY_free releases memory associated with |key|, which must have been
+// created with |EVP_HPKE_KEY_new|.
+OPENSSL_EXPORT void EVP_HPKE_KEY_free(EVP_HPKE_KEY *key);
+
// EVP_HPKE_KEY_copy sets |dst| to a copy of |src|. It returns one on success
// and zero on error. On success, the caller must call |EVP_HPKE_KEY_cleanup| to
// release |dst|. On failure, calling |EVP_HPKE_KEY_cleanup| is safe, but not
@@ -160,6 +171,17 @@
// |EVP_HPKE_CTX_setup_*| functions.
OPENSSL_EXPORT void EVP_HPKE_CTX_cleanup(EVP_HPKE_CTX *ctx);
+// EVP_HPKE_CTX_new returns a newly-allocated |EVP_HPKE_CTX|, or NULL on error.
+// The caller must call |EVP_HPKE_CTX_free| on the result to release it.
+//
+// This is a convenience function for callers that need a heap-allocated
+// |EVP_HPKE_CTX|.
+OPENSSL_EXPORT EVP_HPKE_CTX *EVP_HPKE_CTX_new(void);
+
+// EVP_HPKE_CTX_free releases memory associated with |ctx|, which must have been
+// created with |EVP_HPKE_CTX_new|.
+OPENSSL_EXPORT void EVP_HPKE_CTX_free(EVP_HPKE_CTX *ctx);
+
// EVP_HPKE_MAX_ENC_LENGTH is the maximum length of "enc", the encapsulated
// shared secret, for all supported KEMs in this library.
#define EVP_HPKE_MAX_ENC_LENGTH 32
@@ -317,6 +339,9 @@
internal::StackAllocated<EVP_HPKE_KEY, void, EVP_HPKE_KEY_zero,
EVP_HPKE_KEY_cleanup>;
+BORINGSSL_MAKE_DELETER(EVP_HPKE_CTX, EVP_HPKE_CTX_free)
+BORINGSSL_MAKE_DELETER(EVP_HPKE_KEY, EVP_HPKE_KEY_free)
+
BSSL_NAMESPACE_END
} // extern C++
