Ability to force the Entropy module to use SHA-256 as its basis
By default the SHA-512 module is used if both are available. On some
systems, SHA-256 is the better choice.
Contributed by: Gergely Budai
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 5c36ae6..db34e6a 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -666,6 +666,22 @@
//#define POLARSSL_NO_PLATFORM_ENTROPY
/**
+ * \def POLARSSL_ENTROPY_FORCE_SHA256
+ *
+ * Force the entropy accumulator to use a SHA-256 accumulator instead of the
+ * default SHA-512 based one (if both are available).
+ *
+ * Requires: POLARSSL_SHA256_C
+ *
+ * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
+ * if you have performance concerns.
+ *
+ * This option is only useful if both POLARSSL_SHA256_C and
+ * POLARSSL_SHA512_C are defined. Otherwise the available hash module is used.
+ */
+//#define POLARSSL_ENTROPY_FORCE_SHA256
+
+/**
* \def POLARSSL_MEMORY_DEBUG
*
* Enable debugging of buffer allocator memory issues. Automatically prints
@@ -1334,7 +1350,7 @@
* Module: library/entropy.c
* Caller:
*
- * Requires: POLARSSL_SHA512_C
+ * Requires: POLARSSL_SHA512_C or POLARSSL_SHA256_C
*
* This module provides a generic entropy pool
*/
@@ -2103,6 +2119,10 @@
defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 32)
#error "CTR_DRBG_ENTROPY_LEN value too high"
#endif
+#if defined(POLARSSL_ENTROPY_C) && \
+ defined(POLARSSL_ENTROPY_FORCE_SHA256) && !defined(POLARSSL_SHA256_C)
+#error "POLARSSL_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
+#endif
#if defined(POLARSSL_GCM_C) && ( \
!defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) )