diff --git a/library/oid.c b/library/oid.c index 5d2613364a..eb15a41b20 100644 --- a/library/oid.c +++ b/library/oid.c @@ -410,11 +410,13 @@ static const oid_sig_alg_t oid_sig_alg[] = MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384" ), MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, }, +#endif /* MBEDTLS_SHA384_C */ +#if defined(MBEDTLS_SHA512_C) { OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512" ), MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, @@ -639,11 +641,13 @@ static const oid_md_alg_t oid_md_alg[] = MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA384, "id-sha384", "SHA-384" ), MBEDTLS_MD_SHA384, }, +#endif /* MBEDTLS_SHA384_C */ +#if defined(MBEDTLS_SHA512_C) { OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA512, "id-sha512", "SHA-512" ), MBEDTLS_MD_SHA512, diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 9ac48c757c..22149dd37b 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -154,7 +154,7 @@ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) /* Ciphersuites using HMAC */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ #elif defined(MBEDTLS_SHA256_C) #define MBEDTLS_SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ @@ -550,7 +550,7 @@ struct mbedtls_ssl_handshake_params mbedtls_sha256_context fin_sha256; #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_operation_t fin_sha384_psa; #else diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a690889191..cec38f70e0 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -653,7 +653,7 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen, } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) static int tls_prf_sha384( const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, @@ -662,7 +662,7 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen, return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen, label, random, rlen, dstbuf, dlen ) ); } -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t ); @@ -683,7 +683,7 @@ static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned cha static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int ); #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t ); static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char*, size_t * ); static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int ); @@ -723,7 +723,7 @@ static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf ) else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) if( tls_prf == tls_prf_sha384 ) { return( MBEDTLS_SSL_TLS_PRF_SHA384 ); @@ -759,11 +759,11 @@ int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf, #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_SSL_TLS_PRF_SHA384: tls_prf = tls_prf_sha384; break; -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA256_C) case MBEDTLS_SSL_TLS_PRF_SHA256: tls_prf = tls_prf_sha256; @@ -1293,7 +1293,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, int minor_ver, mbedtls_md_type_t hash ) { -#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || !defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || !defined(MBEDTLS_SHA384_C) (void) hash; #endif @@ -1307,7 +1307,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && hash == MBEDTLS_MD_SHA384 ) { @@ -1627,7 +1627,7 @@ void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, unsigned char *hash, size_t *hlen ) @@ -1674,7 +1674,7 @@ void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, #endif /* MBEDTLS_USE_PSA_CRYPTO */ return; } -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) @@ -2656,7 +2656,7 @@ void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) ssl->handshake->update_checksum = ssl_update_checksum_sha384; else @@ -2688,7 +2688,7 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 ); #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_abort( &ssl->handshake->fin_sha384_psa ); psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); @@ -2714,7 +2714,7 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); #else @@ -2746,7 +2746,7 @@ static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, } #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -2895,7 +2895,7 @@ static void ssl_calc_finished_tls_sha256( } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*); @@ -2977,7 +2977,7 @@ static void ssl_calc_finished_tls_sha384( MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); } -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ) @@ -3269,7 +3269,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 ); #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) handshake->fin_sha384_psa = psa_hash_operation_init(); psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); @@ -5599,7 +5599,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) mbedtls_sha256_free( &handshake->fin_sha256 ); #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_abort( &handshake->fin_sha384_psa ); #else @@ -6041,7 +6041,7 @@ typedef int (*tls_prf_fn)( const unsigned char *secret, size_t slen, unsigned char *dstbuf, size_t dlen ); static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id ) { -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); @@ -7000,7 +7000,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) break; #endif #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_SSL_HASH_SHA384: ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; break; diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index a2028fba8d..1d4cf7192b 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -205,7 +205,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SHA384_C */ void sha384( data_t * src_str, data_t * hash ) { unsigned char output[97];