SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly

The SHA4 name was not clear with regards to the new SHA-3 standard. So SHA2 and SHA4 have been renamed to better represent what they are: SHA256 and SHA512 modules.
2025-12-29 10:46:52 +01:00 · 2013-06-30 14:34:05 +02:00 · 2013-06-30 14:34:05 +02:00 · 9e36f0475f
commit 9e36f0475f
parent 3866b9f4b5
32 changed files with 700 additions and 697 deletions
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@ -129,8 +129,8 @@
 #define POLARSSL_MD4_ALT
 #define POLARSSL_MD5_ALT
 #define POLARSSL_SHA1_ALT
-#define POLARSSL_SHA2_ALT
-#define POLARSSL_SHA4_ALT
+#define POLARSSL_SHA256_ALT
+#define POLARSSL_SHA512_ALT
 */

 /**
@ -789,7 +789,7 @@
 * Module:  library/entropy.c
 * Caller:
 *
- * Requires: POLARSSL_SHA4_C
+ * Requires: POLARSSL_SHA512_C
 *
 * This module provides a generic entropy pool
 */
@ -1043,31 +1043,33 @@
 #define POLARSSL_SHA1_C

 /**
- * \def POLARSSL_SHA2_C
+ * \def POLARSSL_SHA256_C
 *
 * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
+ * (Used to be POLARSSL_SHA2_C)
 *
- * Module:  library/sha2.c
+ * Module:  library/sha256.c
 * Caller:  library/md_wrap.c
 *          library/x509parse.c
 *
 * This module adds support for SHA-224 and SHA-256.
 * This module is required for the SSL/TLS 1.2 PRF function.
 */
-#define POLARSSL_SHA2_C
+#define POLARSSL_SHA256_C

 /**
- * \def POLARSSL_SHA4_C
+ * \def POLARSSL_SHA512_C
 *
 * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
+ * (Used to be POLARSSL_SHA4_C)
 *
- * Module:  library/sha4.c
+ * Module:  library/sha512.c
 * Caller:  library/md_wrap.c
 *          library/x509parse.c
 *
 * This module adds support for SHA-384 and SHA-512.
 */
-#define POLARSSL_SHA4_C
+#define POLARSSL_SHA512_C

 /**
 * \def POLARSSL_SSL_CACHE_C
@ -1265,7 +1267,7 @@
 #error "POLARSSL_ECP_C defined, but not all prerequisites"
 #endif

-#if defined(POLARSSL_ENTROPY_C) && !defined(POLARSSL_SHA4_C)
+#if defined(POLARSSL_ENTROPY_C) && !defined(POLARSSL_SHA512_C)
 #error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
 #endif

--- a/include/polarssl/entropy.h
+++ b/include/polarssl/entropy.h
@ -81,9 +81,9 @@ source_state;
 /**
 * \brief           Entropy context structure
 */
-typedef struct 
+typedef struct
 {
-    sha4_context    accumulator;
+    sha512_context  accumulator;
    int             source_count;
    source_state    source[ENTROPY_MAX_SOURCES];
 #if defined(POLARSSL_HAVEGE_C)
--- a/include/polarssl/error.h
+++ b/include/polarssl/error.h
@ -68,8 +68,8 @@
 * MD4       1  0x0072-0x0072
 * MD5       1  0x0074-0x0074
 * SHA1      1  0x0076-0x0076
- * SHA2      1  0x0078-0x0078
- * SHA4      1  0x007A-0x007A
+ * SHA256    1  0x0078-0x0078
+ * SHA512    1  0x007A-0x007A
 * PBKDF2    1  0x007C-0x007C
 *
 * High-level module nr (3 bits - 0x1...-0x8...)
--- a/include/polarssl/md_wrap.h
+++ b/include/polarssl/md_wrap.h
@ -48,11 +48,11 @@ extern const md_info_t md5_info;
 #if defined(POLARSSL_SHA1_C)
 extern const md_info_t sha1_info;
 #endif
-#if defined(POLARSSL_SHA2_C)
+#if defined(POLARSSL_SHA256_C)
 extern const md_info_t sha224_info;
 extern const md_info_t sha256_info;
 #endif
-#if defined(POLARSSL_SHA4_C)
+#if defined(POLARSSL_SHA512_C)
 extern const md_info_t sha384_info;
 extern const md_info_t sha512_info;
 #endif
--- a/include/polarssl/sha2.h
+++ b/include/polarssl/sha2.h
@ -38,9 +38,9 @@ typedef UINT32 uint32_t;
 #include <inttypes.h>
 #endif

-#define POLARSSL_ERR_SHA2_FILE_IO_ERROR                -0x0078  /**< Read/write error in file. */
+#define POLARSSL_ERR_SHA256_FILE_IO_ERROR              -0x0078  /**< Read/write error in file. */

-#if !defined(POLARSSL_SHA2_ALT)
+#if !defined(POLARSSL_SHA256_ALT)
 // Regular implementation
 //

@ -61,7 +61,7 @@ typedef struct
    unsigned char opad[64];     /*!< HMAC: outer padding        */
    int is224;                  /*!< 0 => SHA-256, else SHA-224 */
 }
-sha2_context;
+sha256_context;

 /**
 * \brief          SHA-256 context setup
@ -69,7 +69,7 @@ sha2_context;
 * \param ctx      context to be initialized
 * \param is224    0 = use SHA256, 1 = use SHA224
 */
-void sha2_starts( sha2_context *ctx, int is224 );
+void sha256_starts( sha256_context *ctx, int is224 );

 /**
 * \brief          SHA-256 process buffer
@ -78,7 +78,7 @@ void sha2_starts( sha2_context *ctx, int is224 );
 * \param input    buffer holding the  data
 * \param ilen     length of the input data
 */
-void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
+void sha256_update( sha256_context *ctx, const unsigned char *input, size_t ilen );

 /**
 * \brief          SHA-256 final digest
@ -86,18 +86,18 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
 * \param ctx      SHA-256 context
 * \param output   SHA-224/256 checksum result
 */
-void sha2_finish( sha2_context *ctx, unsigned char output[32] );
+void sha256_finish( sha256_context *ctx, unsigned char output[32] );

 /* Internal use */
-void sha2_process( sha2_context *ctx, const unsigned char data[64] );
+void sha256_process( sha256_context *ctx, const unsigned char data[64] );

 #ifdef __cplusplus
 }
 #endif

-#else  /* POLARSSL_SHA2_ALT */
+#else  /* POLARSSL_SHA256_ALT */
 #include "sha2_alt.h"
-#endif /* POLARSSL_SHA2_ALT */
+#endif /* POLARSSL_SHA256_ALT */

 #ifdef __cplusplus
 extern "C" {
@ -111,7 +111,7 @@ extern "C" {
 * \param output   SHA-224/256 checksum result
 * \param is224    0 = use SHA256, 1 = use SHA224
 */
-void sha2( const unsigned char *input, size_t ilen,
+void sha256( const unsigned char *input, size_t ilen,
           unsigned char output[32], int is224 );

 /**
@ -121,9 +121,9 @@ void sha2( const unsigned char *input, size_t ilen,
 * \param output   SHA-224/256 checksum result
 * \param is224    0 = use SHA256, 1 = use SHA224
 *
- * \return         0 if successful, or POLARSSL_ERR_SHA2_FILE_IO_ERROR
+ * \return         0 if successful, or POLARSSL_ERR_SHA256_FILE_IO_ERROR
 */
-int sha2_file( const char *path, unsigned char output[32], int is224 );
+int sha256_file( const char *path, unsigned char output[32], int is224 );

 /**
 * \brief          SHA-256 HMAC context setup
@ -133,8 +133,8 @@ int sha2_file( const char *path, unsigned char output[32], int is224 );
 * \param keylen   length of the HMAC key
 * \param is224    0 = use SHA256, 1 = use SHA224
 */
-void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen,
-                       int is224 );
+void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key,
+                         size_t keylen, int is224 );

 /**
 * \brief          SHA-256 HMAC process buffer
@ -143,7 +143,7 @@ void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keyle
 * \param input    buffer holding the  data
 * \param ilen     length of the input data
 */
-void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
+void sha256_hmac_update( sha256_context *ctx, const unsigned char *input, size_t ilen );

 /**
 * \brief          SHA-256 HMAC final digest
@ -151,14 +151,14 @@ void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ile
 * \param ctx      HMAC context
 * \param output   SHA-224/256 HMAC checksum result
 */
-void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] );
+void sha256_hmac_finish( sha256_context *ctx, unsigned char output[32] );

 /**
 * \brief          SHA-256 HMAC context reset
 *
 * \param ctx      HMAC context to be reset
 */
-void sha2_hmac_reset( sha2_context *ctx );
+void sha256_hmac_reset( sha256_context *ctx );

 /**
 * \brief          Output = HMAC-SHA-256( hmac key, input buffer )
@ -170,16 +170,16 @@ void sha2_hmac_reset( sha2_context *ctx );
 * \param output   HMAC-SHA-224/256 result
 * \param is224    0 = use SHA256, 1 = use SHA224
 */
-void sha2_hmac( const unsigned char *key, size_t keylen,
-                const unsigned char *input, size_t ilen,
-                unsigned char output[32], int is224 );
+void sha256_hmac( const unsigned char *key, size_t keylen,
+                  const unsigned char *input, size_t ilen,
+                  unsigned char output[32], int is224 );

 /**
 * \brief          Checkup routine
 *
 * \return         0 if successful, or 1 if the test failed
 */
-int sha2_self_test( int verbose );
+int sha256_self_test( int verbose );

 #ifdef __cplusplus
 }
--- a/include/polarssl/sha4.h
+++ b/include/polarssl/sha4.h
@ -39,9 +39,9 @@
  #define UL64(x) x##ULL
 #endif

-#define POLARSSL_ERR_SHA4_FILE_IO_ERROR                -0x007A  /**< Read/write error in file. */
+#define POLARSSL_ERR_SHA512_FILE_IO_ERROR              -0x007A  /**< Read/write error in file. */

-#if !defined(POLARSSL_SHA1_ALT)
+#if !defined(POLARSSL_SHA512_ALT)
 // Regular implementation
 //

@ -62,7 +62,7 @@ typedef struct
    unsigned char opad[128];    /*!< HMAC: outer padding        */
    int is384;                  /*!< 0 => SHA-512, else SHA-384 */
 }
-sha4_context;
+sha512_context;

 /**
 * \brief          SHA-512 context setup
@ -70,7 +70,7 @@ sha4_context;
 * \param ctx      context to be initialized
 * \param is384    0 = use SHA512, 1 = use SHA384
 */
-void sha4_starts( sha4_context *ctx, int is384 );
+void sha512_starts( sha512_context *ctx, int is384 );

 /**
 * \brief          SHA-512 process buffer
@ -79,7 +79,7 @@ void sha4_starts( sha4_context *ctx, int is384 );
 * \param input    buffer holding the  data
 * \param ilen     length of the input data
 */
-void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
+void sha512_update( sha512_context *ctx, const unsigned char *input, size_t ilen );

 /**
 * \brief          SHA-512 final digest
@ -87,15 +87,15 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
 * \param ctx      SHA-512 context
 * \param output   SHA-384/512 checksum result
 */
-void sha4_finish( sha4_context *ctx, unsigned char output[64] );
+void sha512_finish( sha512_context *ctx, unsigned char output[64] );

 #ifdef __cplusplus
 }
 #endif

-#else  /* POLARSSL_SHA4_ALT */
+#else  /* POLARSSL_SHA512_ALT */
 #include "sha4_alt.h"
-#endif /* POLARSSL_SHA4_ALT */
+#endif /* POLARSSL_SHA512_ALT */

 #ifdef __cplusplus
 extern "C" {
@ -109,8 +109,8 @@ extern "C" {
 * \param output   SHA-384/512 checksum result
 * \param is384    0 = use SHA512, 1 = use SHA384
 */
-void sha4( const unsigned char *input, size_t ilen,
-           unsigned char output[64], int is384 );
+void sha512( const unsigned char *input, size_t ilen,
+             unsigned char output[64], int is384 );

 /**
 * \brief          Output = SHA-512( file contents )
@ -119,9 +119,9 @@ void sha4( const unsigned char *input, size_t ilen,
 * \param output   SHA-384/512 checksum result
 * \param is384    0 = use SHA512, 1 = use SHA384
 *
- * \return         0 if successful, or POLARSSL_ERR_SHA4_FILE_IO_ERROR
+ * \return         0 if successful, or POLARSSL_ERR_SHA512_FILE_IO_ERROR
 */
-int sha4_file( const char *path, unsigned char output[64], int is384 );
+int sha512_file( const char *path, unsigned char output[64], int is384 );

 /**
 * \brief          SHA-512 HMAC context setup
@ -131,8 +131,8 @@ int sha4_file( const char *path, unsigned char output[64], int is384 );
 * \param key      HMAC secret key
 * \param keylen   length of the HMAC key
 */
-void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
-                       int is384 );
+void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key,
+                         size_t keylen, int is384 );

 /**
 * \brief          SHA-512 HMAC process buffer
@ -141,7 +141,7 @@ void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keyle
 * \param input    buffer holding the  data
 * \param ilen     length of the input data
 */
-void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
+void sha512_hmac_update( sha512_context *ctx, const unsigned char *input, size_t ilen );

 /**
 * \brief          SHA-512 HMAC final digest
@ -149,14 +149,14 @@ void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ile
 * \param ctx      HMAC context
 * \param output   SHA-384/512 HMAC checksum result
 */
-void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] );
+void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] );

 /**
 * \brief          SHA-512 HMAC context reset
 *
 * \param ctx      HMAC context to be reset
 */
-void sha4_hmac_reset( sha4_context *ctx );
+void sha512_hmac_reset( sha512_context *ctx );

 /**
 * \brief          Output = HMAC-SHA-512( hmac key, input buffer )
@ -168,7 +168,7 @@ void sha4_hmac_reset( sha4_context *ctx );
 * \param output   HMAC-SHA-384/512 result
 * \param is384    0 = use SHA512, 1 = use SHA384
 */
-void sha4_hmac( const unsigned char *key, size_t keylen,
+void sha512_hmac( const unsigned char *key, size_t keylen,
                const unsigned char *input, size_t ilen,
                unsigned char output[64], int is384 );

@ -177,10 +177,10 @@ void sha4_hmac( const unsigned char *key, size_t keylen,
 *
 * \return         0 if successful, or 1 if the test failed
 */
-int sha4_self_test( int verbose );
+int sha512_self_test( int verbose );

 /* Internal use */
-void sha4_process( sha4_context *ctx, const unsigned char data[128] );
+void sha512_process( sha512_context *ctx, const unsigned char data[128] );

 #ifdef __cplusplus
 }
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@ -382,10 +382,10 @@ struct _ssl_handshake_params
    /*
     * Checksum contexts
     */
-     md5_context fin_md5;
-    sha1_context fin_sha1;
-    sha2_context fin_sha2;
-    sha4_context fin_sha4;
+       md5_context fin_md5;
+      sha1_context fin_sha1;
+    sha256_context fin_sha256;
+    sha512_context fin_sha512;

    void (*update_checksum)(ssl_context *, const unsigned char *, size_t);
    void (*calc_verify)(ssl_context *, unsigned char *);