Harden HMAC error paths: fix resource leaks, state bugs, and missing cleansing

[justsmth]

Description of changes:

Tightens up error handling across the HMAC implementation:

• p_hmac.c: hmac_copy error paths were leaking the HMAC context and key, and left dst->data as a dangling pointer. hmac_cleanup didn't guard against NULL and wasn't cleansing the embedded HMAC_CTX.
• hmac.c (HMAC_Init_ex): Re-initializing a context that was in the IN_PROGRESS state (same key/md, no-op path) reset md_ctx but forgot to transition the state back to INIT_NO_DATA.
• hmac.c (HMAC_Final): Sensitive intermediate inner hash (tmp) wasn't being cleansed on exit. On error, the context was left in a partially-modified state instead of being cleaned up.
• hmac.c (HMAC_get_precomputed_key): Invariant checks relied solely on assert(), meaning they silently disappeared in release builds. Replaced with real error returns + OPENSSL_cleanse of partial output.
• hmac.c (HMAC_Init): Negative key_len (legacy int API) would implicitly convert to a huge size_t, causing a buffer over-read. Added a bounds check and explicit cast.
• HMAC_with_precompute: Added the same out == NULL early-return that HMAC() already had.

Call-outs:

• The HMAC_Init_ex state fix is the subtlest change — the no-op re-init path was missing the state transition, which could cause downstream logic that checks state to misbehave.
• HMAC_Final now calls HMAC_CTX_cleanup(ctx) on error, which zeros the entire context. This is more aggressive than before (caller must re-init to reuse), but the success path already required re-init (READY_NEEDS_INIT), so this should be fine in practice.
• The HMAC_get_precomputed_key change turns debug-only asserts into real error returns. Worth confirming we're comfortable returning 0 here even though "this should never happen."

Testing:

Existing HMAC test suite. No new tests added — all changes are hardening of error/edge-case paths that existing tests exercise implicitly through the normal Init → Update → Final flow.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

[codecov-commenter]

Codecov Report

❌ Patch coverage is 40.90909% with 13 lines in your changes missing coverage. Please review.
✅ Project coverage is 78.15%. Comparing base (e5747bd) to head (243ead0).

Files with missing lines	Patch %	Lines
crypto/fipsmodule/hmac/hmac.c	46.15%	7 Missing ⚠️
crypto/fipsmodule/evp/p_hmac.c	33.33%	6 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3081      +/-   ##
==========================================
- Coverage   78.16%   78.15%   -0.01%     
==========================================
  Files         689      689              
  Lines      121628   121644      +16     
  Branches    16981    16987       +6     
==========================================
+ Hits        95070    95072       +2     
- Misses      25675    25688      +13     
- Partials      883      884       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.