diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index b791344a6..f3dc11577 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -691,10 +691,6 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA384_C) && !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA384_C defined without MBEDTLS_SHA512_C" -#endif - #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) #error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 78c363543..5b7911c3b 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3102,8 +3102,6 @@ * * Enable the SHA-384 cryptographic hash algorithm. * - * Requires: MBEDTLS_SHA512_C - * * Module: library/sha512.c * Caller: library/md.c * library/psa_crypto_hash.c diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 48901cc39..545c81c4d 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -99,8 +99,11 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \param is384 Determines which function to use. This must be * either \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA384_C is not defined, - * \p is384 must be \c 0, or the function will return + * \note is384 must be defined accordingly with the supported + * symbols in the config file. If: + * - is384 is 0, but \c MBEDTLS_SHA384_C is not defined, or + * - is384 is 1, but \c MBEDTLS_SHA512_C is not defined + * then the function will return * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. @@ -175,8 +178,11 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA384_C is not defined, \p is384 must - * be \c 0, or the function will return + * \note is384 must be defined accordingly with the supported + * symbols in the config file. If: + * - is384 is 0, but \c MBEDTLS_SHA384_C is not defined, or + * - is384 is 1, but \c MBEDTLS_SHA512_C is not defined + * then the function will return * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. @@ -190,7 +196,15 @@ int mbedtls_sha512( const unsigned char *input, #if defined(MBEDTLS_SELF_TEST) /** - * \brief The SHA-384 or SHA-512 checkup routine. + * \brief The SHA-384 checkup routine. + * + * \return \c 0 on success. + * \return \c 1 on failure. + */ +int mbedtls_sha384_self_test( int verbose ); + + /** + * \brief The SHA-512 checkup routine. * * \return \c 0 on success. * \return \c 1 on failure. diff --git a/library/sha512.c b/library/sha512.c index 92ada8c35..fa24fb9c8 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -24,7 +24,7 @@ #include "common.h" -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C) #include "mbedtls/sha512.h" #include "mbedtls/platform_util.h" @@ -191,12 +191,15 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, */ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) { -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C) if( is384 != 0 && is384 != 1 ) return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; -#else +#elif defined(MBEDTLS_SHA512_C) if( is384 != 0 ) return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; +#else /* defined MBEDTLS_SHA384_C only */ + if( is384 == 0 ) + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; #endif ctx->total[0] = 0; @@ -204,7 +207,7 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) if( is384 == 0 ) { - /* SHA-512 */ +#if defined(MBEDTLS_SHA512_C) ctx->state[0] = UL64(0x6A09E667F3BCC908); ctx->state[1] = UL64(0xBB67AE8584CAA73B); ctx->state[2] = UL64(0x3C6EF372FE94F82B); @@ -213,13 +216,11 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) ctx->state[5] = UL64(0x9B05688C2B3E6C1F); ctx->state[6] = UL64(0x1F83D9ABFB41BD6B); ctx->state[7] = UL64(0x5BE0CD19137E2179); +#endif /* MBEDTLS_SHA512_C */ } else { -#if !defined(MBEDTLS_SHA384_C) - return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ); -#else - /* SHA-384 */ +#if defined(MBEDTLS_SHA384_C) ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); ctx->state[1] = UL64(0x629A292A367CD507); ctx->state[2] = UL64(0x9159015A3070DD17); @@ -836,12 +837,15 @@ int mbedtls_sha512( const unsigned char *input, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha512_context ctx; -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C) if( is384 != 0 && is384 != 1 ) return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; -#else +#elif defined(MBEDTLS_SHA512_C) if( is384 != 0 ) return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; +#else /* defined MBEDTLS_SHA384_C only */ + if( is384 == 0 ) + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; #endif mbedtls_sha512_init( &ctx ); @@ -866,24 +870,26 @@ exit: /* * FIPS-180-2 test vectors */ -static const unsigned char sha512_test_buf[3][113] = +static const unsigned char sha_test_buf[3][113] = { { "abc" }, { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" }, { "" } }; -static const size_t sha512_test_buflen[3] = +static const size_t sha_test_buflen[3] = { 3, 112, 1000 }; -static const unsigned char sha512_test_sum[][64] = -{ +typedef const unsigned char (sha_test_sum_t)[64]; + +/* + * SHA-384 test vectors + */ #if defined(MBEDTLS_SHA384_C) - /* - * SHA-384 test vectors - */ +static sha_test_sum_t sha384_test_sum[] = +{ { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B, 0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07, 0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63, @@ -901,12 +907,16 @@ static const unsigned char sha512_test_sum[][64] = 0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52, 0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B, 0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB, - 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }, + 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 } +}; #endif /* MBEDTLS_SHA384_C */ - /* - * SHA-512 test vectors - */ +/* + * SHA-512 test vectors + */ +#if defined(MBEDTLS_SHA512_C) +static sha_test_sum_t sha512_test_sum[] = +{ { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2, @@ -932,19 +942,28 @@ static const unsigned char sha512_test_sum[][64] = 0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E, 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; +#endif /* MBEDTLS_SHA512_C */ #define ARRAY_LENGTH( a ) ( sizeof( a ) / sizeof( ( a )[0] ) ) -/* - * Checkup routine - */ -int mbedtls_sha512_self_test( int verbose ) +static int mbedtls_sha512_common_self_test( int verbose, int is384 ) { - int i, j, k, buflen, ret = 0; + int i, buflen, ret = 0; unsigned char *buf; unsigned char sha512sum[64]; mbedtls_sha512_context ctx; + sha_test_sum_t* sha_test_sum; + + sha_test_sum = +#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C) + ( is384 ) ? sha384_test_sum : sha512_test_sum; +#elif defined(MBEDTLS_SHA512_C) + sha512_test_sum; +#else + sha384_test_sum; +#endif + buf = mbedtls_calloc( 1024, sizeof(unsigned char) ); if( NULL == buf ) { @@ -956,26 +975,19 @@ int mbedtls_sha512_self_test( int verbose ) mbedtls_sha512_init( &ctx ); - for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ ) + for( i = 0; i < 3; i++ ) { - j = i % 3; -#if defined(MBEDTLS_SHA384_C) - k = i < 3; -#else - k = 0; -#endif - if( verbose != 0 ) - mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); + mbedtls_printf( " SHA-%d test #%d: ", 512 - is384 * 128, i + 1 ); - if( ( ret = mbedtls_sha512_starts( &ctx, k ) ) != 0 ) + if( ( ret = mbedtls_sha512_starts( &ctx, is384 ) ) != 0 ) goto fail; - if( j == 2 ) + if( i == 2 ) { memset( buf, 'a', buflen = 1000 ); - for( j = 0; j < 1000; j++ ) + for( int j = 0; j < 1000; j++ ) { ret = mbedtls_sha512_update( &ctx, buf, buflen ); if( ret != 0 ) @@ -984,8 +996,8 @@ int mbedtls_sha512_self_test( int verbose ) } else { - ret = mbedtls_sha512_update( &ctx, sha512_test_buf[j], - sha512_test_buflen[j] ); + ret = mbedtls_sha512_update( &ctx, sha_test_buf[i], + sha_test_buflen[i] ); if( ret != 0 ) goto fail; } @@ -993,7 +1005,7 @@ int mbedtls_sha512_self_test( int verbose ) if( ( ret = mbedtls_sha512_finish( &ctx, sha512sum ) ) != 0 ) goto fail; - if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) + if( memcmp( sha512sum, sha_test_sum[i], 64 - is384 * 16 ) != 0 ) { ret = 1; goto fail; @@ -1019,8 +1031,18 @@ exit: return( ret ); } +int mbedtls_sha512_self_test( int verbose ) +{ + return mbedtls_sha512_common_self_test( verbose, 0 ); +} + +int mbedtls_sha384_self_test( int verbose ) +{ + return mbedtls_sha512_common_self_test( verbose, 1 ); +} + #undef ARRAY_LENGTH #endif /* MBEDTLS_SELF_TEST */ -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA512_C || MBEDTLS_SHA384_C */