As of openssl 1.1.0, HMAC_CTX is an opaque structure and as such
cannot be allocated in the stack. One has to use HMAC_CTX_new()
that ultimately uses OPENSSL_zmalloc(), so the user has to free it
afterwards. Not something I want to do. What they where thinking?!
Richard Levitte, I am looking at you!