diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 04de48291..698477b35 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -100,7 +100,9 @@ extern const mbedtls_md_info_t mbedtls_ripemd160_info; extern const mbedtls_md_info_t mbedtls_sha1_info; #endif #if defined(MBEDTLS_SHA256_C) +#if !defined(MBEDTLS_SHA256_NO_SHA224) extern const mbedtls_md_info_t mbedtls_sha224_info; +#endif extern const mbedtls_md_info_t mbedtls_sha256_info; #endif #if defined(MBEDTLS_SHA512_C) diff --git a/library/md.c b/library/md.c index 303cdcbee..b3525be3f 100644 --- a/library/md.c +++ b/library/md.c @@ -61,8 +61,10 @@ static const int supported_digests[] = { #if defined(MBEDTLS_SHA256_C) MBEDTLS_MD_SHA256, +#if !defined(MBEDTLS_SHA256_NO_SHA224) MBEDTLS_MD_SHA224, #endif +#endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA1_C) MBEDTLS_MD_SHA1, @@ -119,11 +121,13 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); #endif #if defined(MBEDTLS_SHA256_C) +#if !defined(MBEDTLS_SHA256_NO_SHA224) if( !strcmp( "SHA224", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 ); +#endif if( !strcmp( "SHA256", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); -#endif +#endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) if( !strcmp( "SHA384", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 ); @@ -158,11 +162,13 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) return( &mbedtls_sha1_info ); #endif #if defined(MBEDTLS_SHA256_C) +#if !defined(MBEDTLS_SHA256_NO_SHA224) case MBEDTLS_MD_SHA224: return( &mbedtls_sha224_info ); +#endif case MBEDTLS_MD_SHA256: return( &mbedtls_sha256_info ); -#endif +#endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA384: return( &mbedtls_sha384_info ); diff --git a/library/md_wrap.c b/library/md_wrap.c index 32f087197..0f8132fbf 100644 --- a/library/md_wrap.c +++ b/library/md_wrap.c @@ -391,10 +391,12 @@ const mbedtls_md_info_t mbedtls_sha1_info = { */ #if defined(MBEDTLS_SHA256_C) +#if !defined(MBEDTLS_SHA256_NO_SHA224) static int sha224_starts_wrap( void *ctx ) { return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); } +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ static int sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) @@ -409,11 +411,13 @@ static int sha224_finish_wrap( void *ctx, unsigned char *output ) output ) ); } +#if !defined(MBEDTLS_SHA256_NO_SHA224) static int sha224_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); } +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ static void *sha224_ctx_alloc( void ) { @@ -443,6 +447,7 @@ static int sha224_process_wrap( void *ctx, const unsigned char *data ) data ) ); } +#if !defined(MBEDTLS_SHA256_NO_SHA224) const mbedtls_md_info_t mbedtls_sha224_info = { MBEDTLS_MD_SHA224, "SHA224", @@ -457,6 +462,7 @@ const mbedtls_md_info_t mbedtls_sha224_info = { sha224_clone_wrap, sha224_process_wrap, }; +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ static int sha256_starts_wrap( void *ctx ) { diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 47a23dce8..454244089 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -291,7 +291,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!M mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO:!MBEDTLS_SHA256_NO_SHA224 mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA256