From d602084cde718019249e1754613951c1b0a259a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 16:28:21 +0200 Subject: [PATCH] Implement NO_SHA384 in MD layer and PSA --- include/mbedtls/md_internal.h | 2 ++ library/md.c | 24 ++++++++++++++++++++++++ library/psa_crypto.c | 2 ++ 3 files changed, 28 insertions(+) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index bb876efc5..0922dff9d 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -79,7 +79,9 @@ extern const mbedtls_md_info_t mbedtls_sha224_info; extern const mbedtls_md_info_t mbedtls_sha256_info; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) extern const mbedtls_md_info_t mbedtls_sha384_info; +#endif extern const mbedtls_md_info_t mbedtls_sha512_info; #endif diff --git a/library/md.c b/library/md.c index b2352034b..e235bc8da 100644 --- a/library/md.c +++ b/library/md.c @@ -120,12 +120,14 @@ const mbedtls_md_info_t mbedtls_sha256_info = { #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) const mbedtls_md_info_t mbedtls_sha384_info = { "SHA384", MBEDTLS_MD_SHA384, 48, 128, }; +#endif const mbedtls_md_info_t mbedtls_sha512_info = { "SHA512", @@ -142,8 +144,10 @@ static const int supported_digests[] = { #if defined(MBEDTLS_SHA512_C) MBEDTLS_MD_SHA512, +#if !defined(MBEDTLS_SHA512_NO_SHA384) MBEDTLS_MD_SHA384, #endif +#endif #if defined(MBEDTLS_SHA256_C) MBEDTLS_MD_SHA256, @@ -211,8 +215,10 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) if( !strcmp( "SHA384", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 ); +#endif if( !strcmp( "SHA512", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); #endif @@ -250,8 +256,10 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) return( &mbedtls_sha256_info ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( &mbedtls_sha384_info ); +#endif case MBEDTLS_MD_SHA512: return( &mbedtls_sha512_info ); #endif @@ -306,7 +314,9 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: +#endif case MBEDTLS_MD_SHA512: mbedtls_sha512_free( ctx->md_ctx ); break; @@ -372,7 +382,9 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: +#endif case MBEDTLS_MD_SHA512: mbedtls_sha512_clone( dst->md_ctx, src->md_ctx ); break; @@ -439,7 +451,9 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: +#endif case MBEDTLS_MD_SHA512: ALLOC( sha512 ); break; @@ -498,8 +512,10 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) ); #endif @@ -542,8 +558,10 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); #endif @@ -586,8 +604,10 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); #endif @@ -631,8 +651,10 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); #endif @@ -839,8 +861,10 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); #endif diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4450fdb56..2785eace5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2037,8 +2037,10 @@ static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) return( &mbedtls_sha256_info ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: return( &mbedtls_sha384_info ); +#endif case PSA_ALG_SHA_512: return( &mbedtls_sha512_info ); #endif