Add convenience functions to malloc EVP_HPKE_CTX and EVP_HPKE_KEY.

Some callers want the value to be heap-allocated. It's a little annoying
that this returns an empty value (if we only supported heap-allocated
ones, I'd have merged init into new), but since we have multiple
constructor functions, this is probably the least fuss.

Change-Id: I42f586e39850954fb6743f8be50a7cfffa0755ba
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48526
Commit-Queue: David Benjamin <[email protected]>
Reviewed-by: Adam Langley <[email protected]>

Author: davidben

crypto/hpke/hpke.c

@@ -235,6 +235,23 @@ void EVP_HPKE_KEY_cleanup(EVP_HPKE_KEY *key) {
   // future.
 }
 
+EVP_HPKE_KEY *EVP_HPKE_KEY_new(void) {
+  EVP_HPKE_KEY *key = OPENSSL_malloc(sizeof(EVP_HPKE_KEY));
+  if (key == NULL) {
+    OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
+    return NULL;
+  }
+  EVP_HPKE_KEY_zero(key);
+  return key;
+}
+
+void EVP_HPKE_KEY_free(EVP_HPKE_KEY *key) {
+  if (key != NULL) {
+    EVP_HPKE_KEY_cleanup(key);
+    OPENSSL_free(key);
+  }
+}
+
 int EVP_HPKE_KEY_copy(EVP_HPKE_KEY *dst, const EVP_HPKE_KEY *src) {
   // For now, |EVP_HPKE_KEY| is trivially copyable.
   OPENSSL_memcpy(dst, src, sizeof(EVP_HPKE_KEY));
@@ -431,6 +448,23 @@ void EVP_HPKE_CTX_cleanup(EVP_HPKE_CTX *ctx) {
   EVP_AEAD_CTX_cleanup(&ctx->aead_ctx);
 }
 
+EVP_HPKE_CTX *EVP_HPKE_CTX_new(void) {
+  EVP_HPKE_CTX *ctx = OPENSSL_malloc(sizeof(EVP_HPKE_CTX));
+  if (ctx == NULL) {
+    OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
+    return NULL;
+  }
+  EVP_HPKE_CTX_zero(ctx);
+  return ctx;
+}
+
+void EVP_HPKE_CTX_free(EVP_HPKE_CTX *ctx) {
+  if (ctx != NULL) {
+    EVP_HPKE_CTX_cleanup(ctx);
+    OPENSSL_free(ctx);
+  }
+}
+
 int EVP_HPKE_CTX_setup_sender(EVP_HPKE_CTX *ctx, uint8_t *out_enc,
                               size_t *out_enc_len, size_t max_enc,
                               const EVP_HPKE_KEM *kem, const EVP_HPKE_KDF *kdf,

include/openssl/hpke.h

@@ -93,6 +93,17 @@ OPENSSL_EXPORT void EVP_HPKE_KEY_zero(EVP_HPKE_KEY *key);
 // EVP_HPKE_KEY_cleanup releases memory referenced by |key|.
 OPENSSL_EXPORT void EVP_HPKE_KEY_cleanup(EVP_HPKE_KEY *key);
 
+// EVP_HPKE_KEY_new returns a newly-allocated |EVP_HPKE_KEY|, or NULL on error.
+// The caller must call |EVP_HPKE_KEY_free| on the result to release it.
+//
+// This is a convenience function for callers that need a heap-allocated
+// |EVP_HPKE_KEY|.
+OPENSSL_EXPORT EVP_HPKE_KEY *EVP_HPKE_KEY_new(void);
+
+// EVP_HPKE_KEY_free releases memory associated with |key|, which must have been
+// created with |EVP_HPKE_KEY_new|.
+OPENSSL_EXPORT void EVP_HPKE_KEY_free(EVP_HPKE_KEY *key);
+
 // EVP_HPKE_KEY_copy sets |dst| to a copy of |src|. It returns one on success
 // and zero on error. On success, the caller must call |EVP_HPKE_KEY_cleanup| to
 // release |dst|. On failure, calling |EVP_HPKE_KEY_cleanup| is safe, but not
@@ -160,6 +171,17 @@ OPENSSL_EXPORT void EVP_HPKE_CTX_zero(EVP_HPKE_CTX *ctx);
 // |EVP_HPKE_CTX_setup_*| functions.
 OPENSSL_EXPORT void EVP_HPKE_CTX_cleanup(EVP_HPKE_CTX *ctx);
 
+// EVP_HPKE_CTX_new returns a newly-allocated |EVP_HPKE_CTX|, or NULL on error.
+// The caller must call |EVP_HPKE_CTX_free| on the result to release it.
+//
+// This is a convenience function for callers that need a heap-allocated
+// |EVP_HPKE_CTX|.
+OPENSSL_EXPORT EVP_HPKE_CTX *EVP_HPKE_CTX_new(void);
+
+// EVP_HPKE_CTX_free releases memory associated with |ctx|, which must have been
+// created with |EVP_HPKE_CTX_new|.
+OPENSSL_EXPORT void EVP_HPKE_CTX_free(EVP_HPKE_CTX *ctx);
+
 // EVP_HPKE_MAX_ENC_LENGTH is the maximum length of "enc", the encapsulated
 // shared secret, for all supported KEMs in this library.
 #define EVP_HPKE_MAX_ENC_LENGTH 32
@@ -317,6 +339,9 @@ using ScopedEVP_HPKE_KEY =
     internal::StackAllocated<EVP_HPKE_KEY, void, EVP_HPKE_KEY_zero,
                              EVP_HPKE_KEY_cleanup>;
 
+BORINGSSL_MAKE_DELETER(EVP_HPKE_CTX, EVP_HPKE_CTX_free)
+BORINGSSL_MAKE_DELETER(EVP_HPKE_KEY, EVP_HPKE_KEY_free)
+
 BSSL_NAMESPACE_END
 
 }  // extern C++