Commit 9e36f047 authored by Paul Bakker's avatar Paul Bakker
Browse files

SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly

The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
parent 3866b9f4
......@@ -21,6 +21,7 @@ Changes
and maximum protocol version
* Renamed error_strerror() to the less conflicting polarssl_strerror()
(Ability to keep old as well with POLARSSL_ERROR_STRERROR_BC)
* SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly
Bugfix
* Fixed parse error in ssl_parse_certificate_request()
......
......@@ -129,8 +129,8 @@
#define POLARSSL_MD4_ALT
#define POLARSSL_MD5_ALT
#define POLARSSL_SHA1_ALT
#define POLARSSL_SHA2_ALT
#define POLARSSL_SHA4_ALT
#define POLARSSL_SHA256_ALT
#define POLARSSL_SHA512_ALT
*/
/**
......@@ -789,7 +789,7 @@
* Module: library/entropy.c
* Caller:
*
* Requires: POLARSSL_SHA4_C
* Requires: POLARSSL_SHA512_C
*
* This module provides a generic entropy pool
*/
......@@ -1043,31 +1043,33 @@
#define POLARSSL_SHA1_C
/**
* \def POLARSSL_SHA2_C
* \def POLARSSL_SHA256_C
*
* Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
* (Used to be POLARSSL_SHA2_C)
*
* Module: library/sha2.c
* Module: library/sha256.c
* Caller: library/md_wrap.c
* library/x509parse.c
*
* This module adds support for SHA-224 and SHA-256.
* This module is required for the SSL/TLS 1.2 PRF function.
*/
#define POLARSSL_SHA2_C
#define POLARSSL_SHA256_C
/**
* \def POLARSSL_SHA4_C
* \def POLARSSL_SHA512_C
*
* Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
* (Used to be POLARSSL_SHA4_C)
*
* Module: library/sha4.c
* Module: library/sha512.c
* Caller: library/md_wrap.c
* library/x509parse.c
*
* This module adds support for SHA-384 and SHA-512.
*/
#define POLARSSL_SHA4_C
#define POLARSSL_SHA512_C
/**
* \def POLARSSL_SSL_CACHE_C
......@@ -1265,7 +1267,7 @@
#error "POLARSSL_ECP_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ENTROPY_C) && !defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_ENTROPY_C) && !defined(POLARSSL_SHA512_C)
#error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
#endif
......
......@@ -81,9 +81,9 @@ source_state;
/**
* \brief Entropy context structure
*/
typedef struct
typedef struct
{
sha4_context accumulator;
sha512_context accumulator;
int source_count;
source_state source[ENTROPY_MAX_SOURCES];
#if defined(POLARSSL_HAVEGE_C)
......
......@@ -68,8 +68,8 @@
* MD4 1 0x0072-0x0072
* MD5 1 0x0074-0x0074
* SHA1 1 0x0076-0x0076
* SHA2 1 0x0078-0x0078
* SHA4 1 0x007A-0x007A
* SHA256 1 0x0078-0x0078
* SHA512 1 0x007A-0x007A
* PBKDF2 1 0x007C-0x007C
*
* High-level module nr (3 bits - 0x1...-0x8...)
......
......@@ -48,11 +48,11 @@ extern const md_info_t md5_info;
#if defined(POLARSSL_SHA1_C)
extern const md_info_t sha1_info;
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
extern const md_info_t sha224_info;
extern const md_info_t sha256_info;
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
extern const md_info_t sha384_info;
extern const md_info_t sha512_info;
#endif
......
......@@ -38,9 +38,9 @@ typedef UINT32 uint32_t;
#include <inttypes.h>
#endif
#define POLARSSL_ERR_SHA2_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */
#define POLARSSL_ERR_SHA256_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */
#if !defined(POLARSSL_SHA2_ALT)
#if !defined(POLARSSL_SHA256_ALT)
// Regular implementation
//
......@@ -61,7 +61,7 @@ typedef struct
unsigned char opad[64]; /*!< HMAC: outer padding */
int is224; /*!< 0 => SHA-256, else SHA-224 */
}
sha2_context;
sha256_context;
/**
* \brief SHA-256 context setup
......@@ -69,7 +69,7 @@ sha2_context;
* \param ctx context to be initialized
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha2_starts( sha2_context *ctx, int is224 );
void sha256_starts( sha256_context *ctx, int is224 );
/**
* \brief SHA-256 process buffer
......@@ -78,7 +78,7 @@ void sha2_starts( sha2_context *ctx, int is224 );
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
void sha256_update( sha256_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-256 final digest
......@@ -86,18 +86,18 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
* \param ctx SHA-256 context
* \param output SHA-224/256 checksum result
*/
void sha2_finish( sha2_context *ctx, unsigned char output[32] );
void sha256_finish( sha256_context *ctx, unsigned char output[32] );
/* Internal use */
void sha2_process( sha2_context *ctx, const unsigned char data[64] );
void sha256_process( sha256_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_SHA2_ALT */
#else /* POLARSSL_SHA256_ALT */
#include "sha2_alt.h"
#endif /* POLARSSL_SHA2_ALT */
#endif /* POLARSSL_SHA256_ALT */
#ifdef __cplusplus
extern "C" {
......@@ -111,7 +111,7 @@ extern "C" {
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha2( const unsigned char *input, size_t ilen,
void sha256( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
/**
......@@ -121,9 +121,9 @@ void sha2( const unsigned char *input, size_t ilen,
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*
* \return 0 if successful, or POLARSSL_ERR_SHA2_FILE_IO_ERROR
* \return 0 if successful, or POLARSSL_ERR_SHA256_FILE_IO_ERROR
*/
int sha2_file( const char *path, unsigned char output[32], int is224 );
int sha256_file( const char *path, unsigned char output[32], int is224 );
/**
* \brief SHA-256 HMAC context setup
......@@ -133,8 +133,8 @@ int sha2_file( const char *path, unsigned char output[32], int is224 );
* \param keylen length of the HMAC key
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen,
int is224 );
void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key,
size_t keylen, int is224 );
/**
* \brief SHA-256 HMAC process buffer
......@@ -143,7 +143,7 @@ void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keyle
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
void sha256_hmac_update( sha256_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-256 HMAC final digest
......@@ -151,14 +151,14 @@ void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ile
* \param ctx HMAC context
* \param output SHA-224/256 HMAC checksum result
*/
void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] );
void sha256_hmac_finish( sha256_context *ctx, unsigned char output[32] );
/**
* \brief SHA-256 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void sha2_hmac_reset( sha2_context *ctx );
void sha256_hmac_reset( sha256_context *ctx );
/**
* \brief Output = HMAC-SHA-256( hmac key, input buffer )
......@@ -170,16 +170,16 @@ void sha2_hmac_reset( sha2_context *ctx );
* \param output HMAC-SHA-224/256 result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha2_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
void sha256_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int sha2_self_test( int verbose );
int sha256_self_test( int verbose );
#ifdef __cplusplus
}
......
......@@ -39,9 +39,9 @@
#define UL64(x) x##ULL
#endif
#define POLARSSL_ERR_SHA4_FILE_IO_ERROR -0x007A /**< Read/write error in file. */
#define POLARSSL_ERR_SHA512_FILE_IO_ERROR -0x007A /**< Read/write error in file. */
#if !defined(POLARSSL_SHA1_ALT)
#if !defined(POLARSSL_SHA512_ALT)
// Regular implementation
//
......@@ -62,7 +62,7 @@ typedef struct
unsigned char opad[128]; /*!< HMAC: outer padding */
int is384; /*!< 0 => SHA-512, else SHA-384 */
}
sha4_context;
sha512_context;
/**
* \brief SHA-512 context setup
......@@ -70,7 +70,7 @@ sha4_context;
* \param ctx context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha4_starts( sha4_context *ctx, int is384 );
void sha512_starts( sha512_context *ctx, int is384 );
/**
* \brief SHA-512 process buffer
......@@ -79,7 +79,7 @@ void sha4_starts( sha4_context *ctx, int is384 );
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
void sha512_update( sha512_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-512 final digest
......@@ -87,15 +87,15 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
* \param ctx SHA-512 context
* \param output SHA-384/512 checksum result
*/
void sha4_finish( sha4_context *ctx, unsigned char output[64] );
void sha512_finish( sha512_context *ctx, unsigned char output[64] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_SHA4_ALT */
#else /* POLARSSL_SHA512_ALT */
#include "sha4_alt.h"
#endif /* POLARSSL_SHA4_ALT */
#endif /* POLARSSL_SHA512_ALT */
#ifdef __cplusplus
extern "C" {
......@@ -109,8 +109,8 @@ extern "C" {
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha4( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
void sha512( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
/**
* \brief Output = SHA-512( file contents )
......@@ -119,9 +119,9 @@ void sha4( const unsigned char *input, size_t ilen,
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*
* \return 0 if successful, or POLARSSL_ERR_SHA4_FILE_IO_ERROR
* \return 0 if successful, or POLARSSL_ERR_SHA512_FILE_IO_ERROR
*/
int sha4_file( const char *path, unsigned char output[64], int is384 );
int sha512_file( const char *path, unsigned char output[64], int is384 );
/**
* \brief SHA-512 HMAC context setup
......@@ -131,8 +131,8 @@ int sha4_file( const char *path, unsigned char output[64], int is384 );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
int is384 );
void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key,
size_t keylen, int is384 );
/**
* \brief SHA-512 HMAC process buffer
......@@ -141,7 +141,7 @@ void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keyle
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
void sha512_hmac_update( sha512_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-512 HMAC final digest
......@@ -149,14 +149,14 @@ void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ile
* \param ctx HMAC context
* \param output SHA-384/512 HMAC checksum result
*/
void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] );
void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] );
/**
* \brief SHA-512 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void sha4_hmac_reset( sha4_context *ctx );
void sha512_hmac_reset( sha512_context *ctx );
/**
* \brief Output = HMAC-SHA-512( hmac key, input buffer )
......@@ -168,7 +168,7 @@ void sha4_hmac_reset( sha4_context *ctx );
* \param output HMAC-SHA-384/512 result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha4_hmac( const unsigned char *key, size_t keylen,
void sha512_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
......@@ -177,10 +177,10 @@ void sha4_hmac( const unsigned char *key, size_t keylen,
*
* \return 0 if successful, or 1 if the test failed
*/
int sha4_self_test( int verbose );
int sha512_self_test( int verbose );
/* Internal use */
void sha4_process( sha4_context *ctx, const unsigned char data[128] );
void sha512_process( sha512_context *ctx, const unsigned char data[128] );
#ifdef __cplusplus
}
......
......@@ -382,10 +382,10 @@ struct _ssl_handshake_params
/*
* Checksum contexts
*/
md5_context fin_md5;
sha1_context fin_sha1;
sha2_context fin_sha2;
sha4_context fin_sha4;
md5_context fin_md5;
sha1_context fin_sha1;
sha256_context fin_sha256;
sha512_context fin_sha512;
void (*update_checksum)(ssl_context *, const unsigned char *, size_t);
void (*calc_verify)(ssl_context *, unsigned char *);
......
......@@ -40,7 +40,7 @@ void entropy_init( entropy_context *ctx )
{
memset( ctx, 0, sizeof(entropy_context) );
sha4_starts( &ctx->accumulator, 0 );
sha512_starts( &ctx->accumulator, 0 );
#if defined(POLARSSL_HAVEGE_C)
havege_init( &ctx->havege_data );
#endif
......@@ -91,7 +91,7 @@ static int entropy_update( entropy_context *ctx, unsigned char source_id,
if( use_len > ENTROPY_BLOCK_SIZE )
{
sha4( data, len, tmp, 0 );
sha512( data, len, tmp, 0 );
p = tmp;
use_len = ENTROPY_BLOCK_SIZE;
......@@ -100,8 +100,8 @@ static int entropy_update( entropy_context *ctx, unsigned char source_id,
header[0] = source_id;
header[1] = use_len & 0xFF;
sha4_update( &ctx->accumulator, header, 2 );
sha4_update( &ctx->accumulator, p, use_len );
sha512_update( &ctx->accumulator, header, 2 );
sha512_update( &ctx->accumulator, p, use_len );
return( 0 );
}
......@@ -179,19 +179,19 @@ int entropy_func( void *data, unsigned char *output, size_t len )
memset( buf, 0, ENTROPY_BLOCK_SIZE );
sha4_finish( &ctx->accumulator, buf );
sha512_finish( &ctx->accumulator, buf );
/*
* Perform second SHA-512 on entropy
*/
sha4( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
sha512( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( sha4_context ) );
sha4_starts( &ctx->accumulator, 0 );
sha4_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
memset( &ctx->accumulator, 0, sizeof( sha512_context ) );
sha512_starts( &ctx->accumulator, 0 );
sha512_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
for( i = 0; i < ctx->source_count; i++ )
ctx->source[i].size = 0;
......
......@@ -129,11 +129,11 @@
#include "polarssl/sha1.h"
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
#include "polarssl/sha2.h"
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
#include "polarssl/sha4.h"
#endif
......@@ -594,15 +594,15 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "SHA1 - Read/write error in file" );
#endif /* POLARSSL_SHA1_C */
#if defined(POLARSSL_SHA2_C)
if( use_ret == -(POLARSSL_ERR_SHA2_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA2 - Read/write error in file" );
#endif /* POLARSSL_SHA2_C */
#if defined(POLARSSL_SHA256_C)
if( use_ret == -(POLARSSL_ERR_SHA256_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA256 - Read/write error in file" );
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA4_C)
if( use_ret == -(POLARSSL_ERR_SHA4_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA4 - Read/write error in file" );
#endif /* POLARSSL_SHA4_C */
#if defined(POLARSSL_SHA512_C)
if( use_ret == -(POLARSSL_ERR_SHA512_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA512 - Read/write error in file" );
#endif /* POLARSSL_SHA512_C */
#if defined(POLARSSL_XTEA_C)
if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) )
......
......@@ -58,12 +58,12 @@ static const int supported_digests[] = {
POLARSSL_MD_SHA1,
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
POLARSSL_MD_SHA224,
POLARSSL_MD_SHA256,
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
POLARSSL_MD_SHA384,
POLARSSL_MD_SHA512,
#endif
......@@ -98,13 +98,13 @@ const md_info_t *md_info_from_string( const char *md_name )
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA1 );
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
if( !strcasecmp( "SHA224", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA224 );
if( !strcasecmp( "SHA256", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA256 );
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
if( !strcasecmp( "SHA384", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA384 );
if( !strcasecmp( "SHA512", md_name ) )
......@@ -133,13 +133,13 @@ const md_info_t *md_info_from_type( md_type_t md_type )
case POLARSSL_MD_SHA1:
return &sha1_info;
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
case POLARSSL_MD_SHA224:
return &sha224_info;
case POLARSSL_MD_SHA256:
return &sha256_info;
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
case POLARSSL_MD_SHA384:
return &sha384_info;
case POLARSSL_MD_SHA512:
......
......@@ -49,11 +49,11 @@
#include "polarssl/sha1.h"
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
#include "polarssl/sha2.h"
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
#include "polarssl/sha4.h"
#endif
......@@ -400,33 +400,33 @@ const md_info_t sha1_info = {
/*
* Wrappers for generic message digests
*/
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
static void sha224_starts_wrap( void *ctx )
{
sha2_starts( (sha2_context *) ctx, 1 );
sha256_starts( (sha256_context *) ctx, 1 );
}
static void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
sha256_update( (sha256_context *) ctx, input, ilen );
}
static void sha224_finish_wrap( void *ctx, unsigned char *output )
{
sha2_finish( (sha2_context *) ctx, output );
sha256_finish( (sha256_context *) ctx, output );
}
static void sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 1 );
sha256( input, ilen, output, 1 );
}
static int sha224_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha2_file( path, output, 1 );
return sha256_file( path, output, 1 );
#else
((void) path);
((void) output);
......@@ -436,34 +436,34 @@ static int sha224_file_wrap( const char *path, unsigned char *output )
static void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 );
sha256_hmac_starts( (sha256_context *) ctx, key, keylen, 1 );
}
static void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
sha256_hmac_update( (sha256_context *) ctx, input, ilen );
}
static void sha224_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha2_hmac_finish( (sha2_context *) ctx, output );
sha256_hmac_finish( (sha256_context *) ctx, output );
}
static void sha224_hmac_reset_wrap( void *ctx )
{
sha2_hmac_reset( (sha2_context *) ctx );
sha256_hmac_reset( (sha256_context *) ctx );
}
static void sha224_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,