Replace MAC flags OSSL_MAC_PARAM_FLAGS with separate param fields.

Fixes #12992
Reviewed-by: NPaul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13830)

doc/man3/EVP_MAC.pod

@@ -225,10 +225,19 @@ It's a simple flag, the value 0 or 1 are expected.
 
 This option is used by KMAC.
 
-=item "flags" (B<OSSL_MAC_PARAM_FLAGS>) <integer>
+=item "digest-noinit" (B<OSSL_MAC_PARAM_DIGEST_NOINIT>) <integer>
 
-These will set the MAC flags to the given numbers.
-Some MACs do not support this option.
+A simple flag to set the MAC digest to not initialise the
+implementation specific data. The value 0 or 1 is expected.
+
+This option is used by HMAC.
+
+=item "digest-oneshot" (B<OSSL_MAC_PARAM_DIGEST_ONESHOT>) <integer>
+
+A simple flag to set the MAC digest to be a oneshot operation.
+The value 0 or 1 is expected.
+
+This option is used by HMAC.
 
 =item "properties" (B<OSSL_MAC_PARAM_PROPERTIES>) <UTF8 string>
 

doc/man7/EVP_MAC-HMAC.pod

@@ -30,10 +30,12 @@ The following parameter can be set with EVP_MAC_CTX_set_params():
 
 =item "key" (B<OSSL_MAC_PARAM_KEY>) <octet string>
 
-=item "flags" (B<OSSL_MAC_PARAM_FLAGS>) <octet string>
-
 =item "digest" (B<OSSL_MAC_PARAM_DIGEST>) <UTF8 string>
 
+=item "digest-noinit" (B<OSSL_MAC_PARAM_DIGEST_NOINIT>) <integer>
+
+=item "digest-oneshot" (B<OSSL_MAC_PARAM_DIGEST_ONESHOT>) <integer>
+
 =item "properties" (B<OSSL_MAC_PARAM_PROPERTIES>) <UTF8 string>
 
 =item "tls-data-size" (B<OSSL_MAC_PARAM_TLS_DATA_SIZE>) <unsigned integer>

doc/man7/provider-mac.pod

@@ -172,9 +172,16 @@ Sets the salt of the underlying cipher, when applicable.
 Sets XOF mode in the associated MAC ctx.
 0 means no XOF mode, 1 means XOF mode.
 
-=item "flags" (B<OSSL_MAC_PARAM_FLAGS>) <integer>
+=item "digest-noinit" (B<OSSL_MAC_PARAM_DIGEST_NOINIT>) <integer>
+
+A simple flag to set the MAC digest to not initialise the
+implementation specific data. The value 0 or 1 is expected.
+
+=item "digest-oneshot" (B<OSSL_MAC_PARAM_DIGEST_ONESHOT>) <integer>
+
+A simple flag to set the MAC digest to be a oneshot operation.
+The value 0 or 1 is expected.
 
-Gets flags associated with the MAC.
 
 =for comment We need to investigate if this is the right approach
 

include/openssl/core_names.h

@@ -146,12 +146,14 @@ extern "C" {
 #define OSSL_DIGEST_NAME_SM3            "SM3"
 
 /* MAC parameters */
-#define OSSL_MAC_PARAM_KEY          "key"        /* octet string */
-#define OSSL_MAC_PARAM_IV           "iv"         /* octet string */
-#define OSSL_MAC_PARAM_CUSTOM       "custom"     /* utf8 string */
-#define OSSL_MAC_PARAM_SALT         "salt"       /* octet string */
-#define OSSL_MAC_PARAM_XOF          "xof"        /* int, 0 or 1 */
-#define OSSL_MAC_PARAM_FLAGS        "flags"      /* int */
+#define OSSL_MAC_PARAM_KEY            "key"            /* octet string */
+#define OSSL_MAC_PARAM_IV             "iv"             /* octet string */
+#define OSSL_MAC_PARAM_CUSTOM         "custom"         /* utf8 string */
+#define OSSL_MAC_PARAM_SALT           "salt"           /* octet string */
+#define OSSL_MAC_PARAM_XOF            "xof"            /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_DIGEST_NOINIT  "digest-noinit"  /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_DIGEST_ONESHOT "digest-oneshot" /* int, 0 or 1 */
+
 /*
  * If "engine" or "properties" are specified, they should always be paired
  * with "cipher" or "digest".

providers/implementations/macs/hmac_prov.c

@@ -83,7 +83,6 @@ static void *hmac_new(void *provctx)
         OPENSSL_free(macctx);
         return NULL;
     }
-    /* TODO(3.0) Should we do something more with that context? */
     macctx->provctx = provctx;
 
     return macctx;
@@ -239,7 +238,8 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_DIGEST, NULL, 0),
     OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0),
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
-    OSSL_PARAM_int(OSSL_MAC_PARAM_FLAGS, NULL),
+    OSSL_PARAM_int(OSSL_MAC_PARAM_DIGEST_NOINIT, NULL),
+    OSSL_PARAM_int(OSSL_MAC_PARAM_DIGEST_ONESHOT, NULL),
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_TLS_DATA_SIZE, NULL),
     OSSL_PARAM_END
 };
@@ -248,6 +248,23 @@ static const OSSL_PARAM *hmac_settable_ctx_params(ossl_unused void *provctx)
     return known_settable_ctx_params;
 }
 
+static int set_flag(const OSSL_PARAM params[], const char *key, int mask,
+                    int *flags)
+{
+    const OSSL_PARAM *p = OSSL_PARAM_locate_const(params, key);
+    int flag = 0;
+
+    if (p != NULL) {
+        if (!OSSL_PARAM_get_int(p, &flag))
+            return 0;
+        if (flag == 0)
+            *flags &= ~mask;
+        else
+            *flags |= mask;
+    }
+    return 1;
+}
+
 /*
  * ALL parameters should be set before init().
  */
@@ -256,19 +273,20 @@ static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
     struct hmac_data_st *macctx = vmacctx;
     OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(macctx->provctx);
     const OSSL_PARAM *p;
+    int flags = 0;
 
     if (!ossl_prov_digest_load_from_params(&macctx->digest, params, ctx))
         return 0;
 
-    /* TODO(3.0) formalize the meaning of "flags", perhaps as other params */
-    if ((p = OSSL_PARAM_locate_const(params,
-                                     OSSL_MAC_PARAM_FLAGS)) != NULL) {
-        int flags = 0;
-
-        if (!OSSL_PARAM_get_int(p, &flags))
-            return 0;
+    if (!set_flag(params, OSSL_MAC_PARAM_DIGEST_NOINIT, EVP_MD_CTX_FLAG_NO_INIT,
+                  &flags))
+        return 0;
+    if (!set_flag(params, OSSL_MAC_PARAM_DIGEST_ONESHOT, EVP_MD_CTX_FLAG_ONESHOT,
+                  &flags))
+        return 0;
+    if (flags)
         HMAC_CTX_set_flags(macctx->ctx, flags);
-    }
+
     if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
         if (p->data_type != OSSL_PARAM_OCTET_STRING)
             return 0;