Do not handle MAC and hash reset separately. It is implied by nettle's output functions.

7 files changed, 7 insertions, 122 deletions

diff --git a/lib/accelerated/x86/hmac-padlock.c b/lib/accelerated/x86/hmac-padlock.c
index f8720f5ad2..455bacb39c 100644
--- a/lib/accelerated/x86/hmac-padlock.c
+++ b/lib/accelerated/x86/hmac-padlock.c
@@ -54,17 +54,6 @@ struct padlock_hmac_ctx
         struct hmac_sha1_ctx sha1;
     } ctx;
 
-    /* this is the context just after
-     * the set_key. Used in reset().
-     */
-    union
-    {
-        struct hmac_sha224_ctx sha224;
-        struct hmac_sha256_ctx sha256;
-        struct hmac_sha384_ctx sha384;
-        struct hmac_sha512_ctx sha512;
-        struct hmac_sha1_ctx sha1;
-    } init_ctx;
     void *ctx_ptr;
     gnutls_mac_algorithm_t algo;
     size_t length;
@@ -244,19 +233,9 @@ wrap_padlock_hmac_setkey (void *_ctx, const void *key, size_t keylen)
 
     ctx->setkey (ctx->ctx_ptr, keylen, key);
 
-    memcpy (&ctx->init_ctx, &ctx->ctx, sizeof (ctx->ctx));
-
     return GNUTLS_E_SUCCESS;
 }
 
-static void
-wrap_padlock_hmac_reset (void *_ctx)
-{
-    struct padlock_hmac_ctx *ctx = _ctx;
-
-    memcpy (&ctx->ctx, &ctx->init_ctx, sizeof (ctx->ctx));
-}
-
 static int
 wrap_padlock_hmac_update (void *_ctx, const void *text, size_t textsize)
 {
@@ -355,7 +334,6 @@ const gnutls_crypto_mac_st hmac_sha_padlock_struct = {
     .init = NULL,
     .setkey = NULL,
     .hash = NULL,
-    .reset = NULL,
     .output = NULL,
     .deinit = NULL,
     .fast = wrap_padlock_hmac_fast
@@ -365,7 +343,6 @@ const gnutls_crypto_mac_st hmac_sha_padlock_nano_struct = {
     .init = wrap_padlock_hmac_init,
     .setkey = wrap_padlock_hmac_setkey,
     .hash = wrap_padlock_hmac_update,
-    .reset = wrap_padlock_hmac_reset,
     .output = wrap_padlock_hmac_output,
     .deinit = wrap_padlock_hmac_deinit,
     .fast = wrap_padlock_hmac_fast,
diff --git a/lib/accelerated/x86/sha-padlock.c b/lib/accelerated/x86/sha-padlock.c
index 80dbeaaa6d..968c8610c2 100644
--- a/lib/accelerated/x86/sha-padlock.c
+++ b/lib/accelerated/x86/sha-padlock.c
@@ -312,15 +312,6 @@ wrap_padlock_hash_output (void *src_ctx, void *digest, size_t digestsize)
   return 0;
 }
 
-static void
-wrap_padlock_hash_reset (void *src_ctx)
-{
-  struct padlock_hash_ctx *ctx;
-  ctx = src_ctx;
-
-  _ctx_init(ctx->algo, ctx->ctx_ptr);
-}
-
 int wrap_padlock_hash_fast(gnutls_digest_algorithm_t algo, 
   const void* text, size_t text_size, 
   void* digest)
@@ -384,7 +375,6 @@ const gnutls_crypto_digest_st sha_padlock_struct = {
 const gnutls_crypto_digest_st sha_padlock_nano_struct = {
   .init = wrap_padlock_hash_init,
   .hash = wrap_padlock_hash_update,
-  .reset = wrap_padlock_hash_reset,
   .output = wrap_padlock_hash_output,
   .deinit = wrap_padlock_hash_deinit,
   .fast = wrap_padlock_hash_fast,
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h
index 1044f00ea9..944f811932 100644
--- a/lib/crypto-backend.h
+++ b/lib/crypto-backend.h
@@ -51,7 +51,6 @@
   {
     int (*init) (gnutls_mac_algorithm_t, void **ctx);
     int (*setkey) (void *ctx, const void *key, size_t keysize);
-    void (*reset) (void *ctx);
     int (*hash) (void *ctx, const void *text, size_t textsize);
     int (*output) (void *src_ctx, void *digest, size_t digestsize);
     void (*deinit) (void *ctx);
@@ -65,7 +64,6 @@
   typedef struct
   {
     int (*init) (gnutls_digest_algorithm_t, void **ctx);
-    void (*reset) (void *ctx);
     int (*hash) (void *ctx, const void *src, size_t srcsize);
     int (*output) (void *src_ctx, void *digest, size_t digestsize);
     void (*deinit) (void *ctx);
diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c
index cbb6a401ae..e71cf40e75 100644
--- a/lib/gnutls_cipher_int.c
+++ b/lib/gnutls_cipher_int.c
@@ -276,13 +276,10 @@ int ret = 0;
           ret = _gnutls_mac_output_ssl3 (&handle->mac, tag);
           if (ret < 0)
             return gnutls_assert_val(ret);
-
-          _gnutls_mac_reset_ssl3 (&handle->mac);
         }
       else
         {
           _gnutls_hmac_output (&handle->mac, tag);
-          _gnutls_hmac_reset (&handle->mac);
         }
     }
   else if (_gnutls_cipher_is_aead(&handle->cipher))
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c
index 740e13b086..d8d73a2098 100644
--- a/lib/gnutls_hash_int.c
+++ b/lib/gnutls_hash_int.c
@@ -77,7 +77,6 @@ _gnutls_hash_init (digest_hd_st * dig, gnutls_digest_algorithm_t algorithm)
         }
 
       dig->hash = cc->hash;
-      dig->reset = cc->reset;
       dig->output = cc->output;
       dig->deinit = cc->deinit;
 
@@ -92,7 +91,6 @@ _gnutls_hash_init (digest_hd_st * dig, gnutls_digest_algorithm_t algorithm)
     }
 
   dig->hash = _gnutls_digest_ops.hash;
-  dig->reset = _gnutls_digest_ops.reset;
   dig->output = _gnutls_digest_ops.output;
   dig->deinit = _gnutls_digest_ops.deinit;
 
@@ -233,7 +231,6 @@ _gnutls_hmac_init (digest_hd_st * dig, gnutls_mac_algorithm_t algorithm,
       dig->hash = cc->hash;
       dig->output = cc->output;
       dig->deinit = cc->deinit;
-      dig->reset = cc->reset;
 
       return 0;
     }
@@ -248,7 +245,6 @@ _gnutls_hmac_init (digest_hd_st * dig, gnutls_mac_algorithm_t algorithm,
   dig->hash = _gnutls_mac_ops.hash;
   dig->output = _gnutls_mac_ops.output;
   dig->deinit = _gnutls_mac_ops.deinit;
-  dig->reset = _gnutls_mac_ops.reset;
 
   if (_gnutls_mac_ops.setkey (dig->handle, key, keylen) < 0)
     {
@@ -325,25 +321,6 @@ _gnutls_mac_init_ssl3 (digest_hd_st * ret, gnutls_mac_algorithm_t algorithm,
   return 0;
 }
 
-void
-_gnutls_mac_reset_ssl3 (digest_hd_st * handle)
-{
-  uint8_t ipad[48];
-  int padsize;
-
-  padsize = get_padsize (handle->algorithm);
-
-  memset (ipad, 0x36, padsize);
-
-  _gnutls_hash_reset(handle);
-
-  if (handle->keysize > 0)
-    _gnutls_hash (handle, handle->key, handle->keysize);
-  _gnutls_hash (handle, ipad, padsize);
-
-  return;
-}
-
 int 
 _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest)
 {
@@ -379,6 +356,13 @@ _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest)
 
   _gnutls_hash_deinit (&td, digest);
   
+  /* reset handle */
+  memset (opad, 0x36, padsize);
+
+  if (handle->keysize > 0)
+    _gnutls_hash (handle, handle->key, handle->keysize);
+  _gnutls_hash (handle, opad, padsize);
+  
   return 0;
 }
 
diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h
index b91671c9a3..b835aaca1e 100644
--- a/lib/gnutls_hash_int.h
+++ b/lib/gnutls_hash_int.h
@@ -37,7 +37,6 @@ extern int crypto_digest_prio;
 extern gnutls_crypto_digest_st _gnutls_digest_ops;
 
 typedef int (*hash_func) (void *handle, const void *text, size_t size);
-typedef void (*reset_func) (void *ctx);
 typedef int (*output_func) (void *src_ctx, void *digest, size_t digestsize);
 typedef void (*deinit_func) (void *handle);
 
@@ -48,7 +47,6 @@ typedef struct
   int keysize;
 
   hash_func hash;
-  reset_func reset;
   output_func output;
   deinit_func deinit;
 
@@ -91,18 +89,6 @@ _gnutls_hmac_output (digest_hd_st * handle, void *digest)
 void
 _gnutls_hmac_deinit (digest_hd_st * handle, void *digest);
 
-inline static void
-_gnutls_hmac_reset (digest_hd_st * handle)
-{
-  if (handle->handle == NULL)
-    {
-      return;
-    }
-
-  handle->reset (handle->handle);
-}
-
-
 /* Hash interface */
 int _gnutls_hash_init (digest_hd_st *, gnutls_digest_algorithm_t algorithm);
 
@@ -131,17 +117,6 @@ _gnutls_hash_output (digest_hd_st * handle, void *digest)
     }
 }
 
-inline static void
-_gnutls_hash_reset (digest_hd_st * handle)
-{
-  if (handle->handle == NULL)
-    {
-      return;
-    }
-
-  handle->reset (handle->handle);
-}
-
 void
 _gnutls_hash_deinit (digest_hd_st * handle, void *digest);
 
@@ -162,8 +137,6 @@ int _gnutls_ssl3_hash_md5 (const void *first, int first_len,
                            const void *second, int second_len,
                            int ret_len, uint8_t * ret);
 
-void _gnutls_mac_reset_ssl3 (digest_hd_st * handle);
-
 int _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, void *digest,
                                         uint8_t * key, uint32_t key_size);
 
diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c
index acaacf4a84..ac10fd7ccb 100644
--- a/lib/nettle/mac.c
+++ b/lib/nettle/mac.c
@@ -68,18 +68,6 @@ struct nettle_hmac_ctx
     struct hmac_sha1_ctx sha1;
   } ctx;
   
-  /* this is the context just after
-   * the set_key. Used in reset().
-   */
-  union
-  {
-    struct hmac_md5_ctx md5;
-    struct hmac_sha224_ctx sha224;
-    struct hmac_sha256_ctx sha256;
-    struct hmac_sha384_ctx sha384;
-    struct hmac_sha512_ctx sha512;
-    struct hmac_sha1_ctx sha1;
-  } init_ctx;
   void *ctx_ptr;
   gnutls_mac_algorithm_t algo;
   size_t length;
@@ -210,19 +198,9 @@ wrap_nettle_hmac_setkey (void *_ctx, const void *key, size_t keylen)
 
   ctx->setkey (ctx->ctx_ptr, keylen, key);
   
-  memcpy(&ctx->init_ctx, &ctx->ctx, sizeof(ctx->ctx));
-
   return GNUTLS_E_SUCCESS;
 }
 
-static void
-wrap_nettle_hmac_reset (void *_ctx)
-{
-  struct nettle_hmac_ctx *ctx = _ctx;
-
-  memcpy(&ctx->ctx, &ctx->init_ctx, sizeof(ctx->ctx));
-}
-
 static int
 wrap_nettle_hmac_update (void *_ctx, const void *text, size_t textsize)
 {
@@ -413,21 +391,10 @@ wrap_nettle_hash_output (void *src_ctx, void *digest, size_t digestsize)
   return 0;
 }
 
-static void
-wrap_nettle_hash_reset (void *src_ctx)
-{
-  struct nettle_hash_ctx *ctx;
-  ctx = src_ctx;
-
-  _ctx_init(ctx->algo, ctx->ctx_ptr);
-}
-
-
 gnutls_crypto_mac_st _gnutls_mac_ops = {
   .init = wrap_nettle_hmac_init,
   .setkey = wrap_nettle_hmac_setkey,
   .hash = wrap_nettle_hmac_update,
-  .reset = wrap_nettle_hmac_reset,
   .output = wrap_nettle_hmac_output,
   .deinit = wrap_nettle_hmac_deinit,
   .fast = wrap_nettle_hmac_fast,
@@ -437,7 +404,6 @@ gnutls_crypto_mac_st _gnutls_mac_ops = {
 gnutls_crypto_digest_st _gnutls_digest_ops = {
   .init = wrap_nettle_hash_init,
   .hash = wrap_nettle_hash_update,
-  .reset = wrap_nettle_hash_reset,
   .output = wrap_nettle_hash_output,
   .deinit = wrap_nettle_hash_deinit,
   .fast = wrap_nettle_hash_fast,