Modify config option for SHA384.
Although SHA512 is currently required to enable SHA384, this
is expected to change in the future. This commit is an
intermediate step towards fully separating SHA384 and SHA512.
check_config is the only module which enforces that SHA512 is
enabled together with SHA384.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 9cf626a..b802cd4 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1449,16 +1449,15 @@
//#define MBEDTLS_SHA512_SMALLER
/**
- * \def MBEDTLS_SHA512_NO_SHA384
+ * \def MBEDTLS_SHA384_C
*
- * Disable the SHA-384 option of the SHA-512 module. Use this to save some
- * code size on devices that don't use SHA-384.
+ * Enable the SHA-384 option of the SHA-512 module.
*
* Requires: MBEDTLS_SHA512_C
*
- * Uncomment to disable SHA-384
+ * Comment to disable SHA-384
*/
-//#define MBEDTLS_SHA512_NO_SHA384
+#define MBEDTLS_SHA384_C
/**
* \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
@@ -3125,7 +3124,7 @@
/**
* \def MBEDTLS_SHA512_C
*
- * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
+ * Enable SHA-512 cryptographic hash algorithms.
*
* Module: library/sha512.c
* Caller: library/entropy.c
@@ -3133,7 +3132,8 @@
* library/ssl_cli.c
* library/ssl_srv.c
*
- * This module adds support for SHA-384 and SHA-512.
+ * This module adds support for SHA-512.
+ * This module is required for SHA-384.
*/
#define MBEDTLS_SHA512_C