Revert "Remove deprecated things from hashing modules"
This reverts commit c75d9f589bf392177dbeba7704693e53fe55cb19.
This was merged by mistake in development instead of development_3.0.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 2d08195..e4354ba 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -38,8 +38,6 @@
#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
-// TODO [TR] for #4029: can't remove it because it's still used in the code.
-// see the other TODOs
/* MBEDTLS_ERR_MD_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */
@@ -160,6 +158,33 @@
*/
void mbedtls_md_free( mbedtls_md_context_t *ctx );
+#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief This function selects the message digest algorithm to use,
+ * and allocates internal structures.
+ *
+ * It should be called after mbedtls_md_init() or mbedtls_md_free().
+ * Makes it necessary to call mbedtls_md_free() later.
+ *
+ * \deprecated Superseded by mbedtls_md_setup() in 2.0.0
+ *
+ * \param ctx The context to set up.
+ * \param md_info The information structure of the message-digest algorithm
+ * to use.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
+ * failure.
+ * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
+ */
+int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
+#undef MBEDTLS_DEPRECATED
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief This function selects the message digest algorithm to use,
diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h
index 950afa2..23c48f4 100644
--- a/include/mbedtls/md2.h
+++ b/include/mbedtls/md2.h
@@ -35,6 +35,9 @@
#include <stddef.h>
+/* MBEDTLS_ERR_MD2_HW_ACCEL_FAILED is deprecated and should not be used. */
+#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B /**< MD2 hardware accelerator failed */
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -164,6 +167,77 @@
*/
int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief MD2 context setup
+ *
+ * \deprecated Superseded by mbedtls_md2_starts_ret() in 2.7.0
+ *
+ * \param ctx context to be initialized
+ *
+ * \warning MD2 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx );
+
+/**
+ * \brief MD2 process buffer
+ *
+ * \deprecated Superseded by mbedtls_md2_update_ret() in 2.7.0
+ *
+ * \param ctx MD2 context
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ *
+ * \warning MD2 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief MD2 final digest
+ *
+ * \deprecated Superseded by mbedtls_md2_finish_ret() in 2.7.0
+ *
+ * \param ctx MD2 context
+ * \param output MD2 checksum result
+ *
+ * \warning MD2 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx,
+ unsigned char output[16] );
+
+/**
+ * \brief MD2 process data block (internal use only)
+ *
+ * \deprecated Superseded by mbedtls_internal_md2_process() in 2.7.0
+ *
+ * \param ctx MD2 context
+ *
+ * \warning MD2 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
/**
* \brief Output = MD2( input buffer )
*
@@ -180,6 +254,33 @@
size_t ilen,
unsigned char output[16] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief Output = MD2( input buffer )
+ *
+ * \deprecated Superseded by mbedtls_md2_ret() in 2.7.0
+ *
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ * \param output MD2 checksum result
+ *
+ * \warning MD2 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[16] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h
index f9e3987..eeb1670 100644
--- a/include/mbedtls/md4.h
+++ b/include/mbedtls/md4.h
@@ -36,6 +36,9 @@
#include <stddef.h>
#include <stdint.h>
+/* MBEDTLS_ERR_MD4_HW_ACCEL_FAILED is deprecated and should not be used. */
+#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D /**< MD4 hardware accelerator failed */
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -165,6 +168,79 @@
int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
const unsigned char data[64] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief MD4 context setup
+ *
+ * \deprecated Superseded by mbedtls_md4_starts_ret() in 2.7.0
+ *
+ * \param ctx context to be initialized
+ *
+ * \warning MD4 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx );
+
+/**
+ * \brief MD4 process buffer
+ *
+ * \deprecated Superseded by mbedtls_md4_update_ret() in 2.7.0
+ *
+ * \param ctx MD4 context
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ *
+ * \warning MD4 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief MD4 final digest
+ *
+ * \deprecated Superseded by mbedtls_md4_finish_ret() in 2.7.0
+ *
+ * \param ctx MD4 context
+ * \param output MD4 checksum result
+ *
+ * \warning MD4 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx,
+ unsigned char output[16] );
+
+/**
+ * \brief MD4 process data block (internal use only)
+ *
+ * \deprecated Superseded by mbedtls_internal_md4_process() in 2.7.0
+ *
+ * \param ctx MD4 context
+ * \param data buffer holding one block of data
+ *
+ * \warning MD4 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx,
+ const unsigned char data[64] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
/**
* \brief Output = MD4( input buffer )
*
@@ -183,6 +259,33 @@
size_t ilen,
unsigned char output[16] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief Output = MD4( input buffer )
+ *
+ * \deprecated Superseded by mbedtls_md4_ret() in 2.7.0
+ *
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ * \param output MD4 checksum result
+ *
+ * \warning MD4 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[16] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h
index 71a41dc..aaca0f2 100644
--- a/include/mbedtls/md5.h
+++ b/include/mbedtls/md5.h
@@ -35,6 +35,9 @@
#include <stddef.h>
#include <stdint.h>
+/* MBEDTLS_ERR_MD5_HW_ACCEL_FAILED is deprecated and should not be used. */
+#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED -0x002F /**< MD5 hardware accelerator failed */
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -165,6 +168,79 @@
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
const unsigned char data[64] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief MD5 context setup
+ *
+ * \deprecated Superseded by mbedtls_md5_starts_ret() in 2.7.0
+ *
+ * \param ctx context to be initialized
+ *
+ * \warning MD5 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx );
+
+/**
+ * \brief MD5 process buffer
+ *
+ * \deprecated Superseded by mbedtls_md5_update_ret() in 2.7.0
+ *
+ * \param ctx MD5 context
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ *
+ * \warning MD5 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief MD5 final digest
+ *
+ * \deprecated Superseded by mbedtls_md5_finish_ret() in 2.7.0
+ *
+ * \param ctx MD5 context
+ * \param output MD5 checksum result
+ *
+ * \warning MD5 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx,
+ unsigned char output[16] );
+
+/**
+ * \brief MD5 process data block (internal use only)
+ *
+ * \deprecated Superseded by mbedtls_internal_md5_process() in 2.7.0
+ *
+ * \param ctx MD5 context
+ * \param data buffer holding one block of data
+ *
+ * \warning MD5 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx,
+ const unsigned char data[64] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
/**
* \brief Output = MD5( input buffer )
*
@@ -183,6 +259,33 @@
size_t ilen,
unsigned char output[16] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief Output = MD5( input buffer )
+ *
+ * \deprecated Superseded by mbedtls_md5_ret() in 2.7.0
+ *
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ * \param output MD5 checksum result
+ *
+ * \warning MD5 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[16] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h
index 1c72d60..381c725 100644
--- a/include/mbedtls/ripemd160.h
+++ b/include/mbedtls/ripemd160.h
@@ -31,6 +31,10 @@
#include <stddef.h>
#include <stdint.h>
+/* MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED is deprecated and should not be used.
+ */
+#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031 /**< RIPEMD160 hardware accelerator failed */
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -121,6 +125,63 @@
int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
const unsigned char data[64] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief RIPEMD-160 context setup
+ *
+ * \deprecated Superseded by mbedtls_ripemd160_starts_ret() in 2.7.0
+ *
+ * \param ctx context to be initialized
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts(
+ mbedtls_ripemd160_context *ctx );
+
+/**
+ * \brief RIPEMD-160 process buffer
+ *
+ * \deprecated Superseded by mbedtls_ripemd160_update_ret() in 2.7.0
+ *
+ * \param ctx RIPEMD-160 context
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160_update(
+ mbedtls_ripemd160_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief RIPEMD-160 final digest
+ *
+ * \deprecated Superseded by mbedtls_ripemd160_finish_ret() in 2.7.0
+ *
+ * \param ctx RIPEMD-160 context
+ * \param output RIPEMD-160 checksum result
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish(
+ mbedtls_ripemd160_context *ctx,
+ unsigned char output[20] );
+
+/**
+ * \brief RIPEMD-160 process data block (internal use only)
+ *
+ * \deprecated Superseded by mbedtls_internal_ripemd160_process() in 2.7.0
+ *
+ * \param ctx RIPEMD-160 context
+ * \param data buffer holding one block of data
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160_process(
+ mbedtls_ripemd160_context *ctx,
+ const unsigned char data[64] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
/**
* \brief Output = RIPEMD-160( input buffer )
*
@@ -134,6 +195,28 @@
size_t ilen,
unsigned char output[20] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief Output = RIPEMD-160( input buffer )
+ *
+ * \deprecated Superseded by mbedtls_ripemd160_ret() in 2.7.0
+ *
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ * \param output RIPEMD-160 checksum result
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[20] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h
index 56ff948..86a3d06 100644
--- a/include/mbedtls/sha1.h
+++ b/include/mbedtls/sha1.h
@@ -38,6 +38,8 @@
#include <stddef.h>
#include <stdint.h>
+/* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */
+#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< SHA-1 input data was malformed. */
#ifdef __cplusplus
@@ -183,6 +185,85 @@
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief This function starts a SHA-1 checksum calculation.
+ *
+ * \warning SHA-1 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ * \deprecated Superseded by mbedtls_sha1_starts_ret() in 2.7.0.
+ *
+ * \param ctx The SHA-1 context to initialize. This must be initialized.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
+
+/**
+ * \brief This function feeds an input buffer into an ongoing SHA-1
+ * checksum calculation.
+ *
+ * \warning SHA-1 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ * \deprecated Superseded by mbedtls_sha1_update_ret() in 2.7.0.
+ *
+ * \param ctx The SHA-1 context. This must be initialized and
+ * have a hash operation started.
+ * \param input The buffer holding the input data.
+ * This must be a readable buffer of length \p ilen Bytes.
+ * \param ilen The length of the input data \p input in Bytes.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief This function finishes the SHA-1 operation, and writes
+ * the result to the output buffer.
+ *
+ * \warning SHA-1 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ * \deprecated Superseded by mbedtls_sha1_finish_ret() in 2.7.0.
+ *
+ * \param ctx The SHA-1 context. This must be initialized and
+ * have a hash operation started.
+ * \param output The SHA-1 checksum result.
+ * This must be a writable buffer of length \c 20 Bytes.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
+ unsigned char output[20] );
+
+/**
+ * \brief SHA-1 process data block (internal use only).
+ *
+ * \warning SHA-1 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ * \deprecated Superseded by mbedtls_internal_sha1_process() in 2.7.0.
+ *
+ * \param ctx The SHA-1 context. This must be initialized.
+ * \param data The data block being processed.
+ * This must be a readable buffer of length \c 64 bytes.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
+ const unsigned char data[64] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
/**
* \brief This function calculates the SHA-1 checksum of a buffer.
*
@@ -210,6 +291,41 @@
size_t ilen,
unsigned char output[20] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief This function calculates the SHA-1 checksum of a buffer.
+ *
+ * The function allocates the context, performs the
+ * calculation, and frees the context.
+ *
+ * The SHA-1 result is calculated as
+ * output = SHA-1(input buffer).
+ *
+ * \warning SHA-1 is considered a weak message digest and its use
+ * constitutes a security risk. We recommend considering
+ * stronger message digests instead.
+ *
+ * \deprecated Superseded by mbedtls_sha1_ret() in 2.7.0
+ *
+ * \param input The buffer holding the input data.
+ * This must be a readable buffer of length \p ilen Bytes.
+ * \param ilen The length of the input data \p input in Bytes.
+ * \param output The SHA-1 checksum result. This must be a writable
+ * buffer of size \c 20 Bytes.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[20] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index 9b8d91d..73d9544 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h
@@ -34,6 +34,8 @@
#include <stddef.h>
#include <stdint.h>
+/* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */
+#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */
#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 /**< SHA-256 input data was malformed. */
#ifdef __cplusplus
@@ -150,6 +152,72 @@
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief This function starts a SHA-224 or SHA-256 checksum
+ * calculation.
+ *
+ * \deprecated Superseded by mbedtls_sha256_starts_ret() in 2.7.0.
+ *
+ * \param ctx The context to use. This must be initialized.
+ * \param is224 Determines which function to use. This must be
+ * either \c 0 for SHA-256, or \c 1 for SHA-224.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
+ int is224 );
+
+/**
+ * \brief This function feeds an input buffer into an ongoing
+ * SHA-256 checksum calculation.
+ *
+ * \deprecated Superseded by mbedtls_sha256_update_ret() in 2.7.0.
+ *
+ * \param ctx The SHA-256 context to use. This must be
+ * initialized and have a hash operation started.
+ * \param input The buffer holding the data. This must be a readable
+ * buffer of length \p ilen Bytes.
+ * \param ilen The length of the input data in Bytes.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief This function finishes the SHA-256 operation, and writes
+ * the result to the output buffer.
+ *
+ * \deprecated Superseded by mbedtls_sha256_finish_ret() in 2.7.0.
+ *
+ * \param ctx The SHA-256 context. This must be initialized and
+ * have a hash operation started.
+ * \param output The SHA-224 or SHA-256 checksum result. This must be
+ * a writable buffer of length \c 32 Bytes.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
+ unsigned char output[32] );
+
+/**
+ * \brief This function processes a single data block within
+ * the ongoing SHA-256 computation. This function is for
+ * internal use only.
+ *
+ * \deprecated Superseded by mbedtls_internal_sha256_process() in 2.7.0.
+ *
+ * \param ctx The SHA-256 context. This must be initialized.
+ * \param data The buffer holding one block of data. This must be
+ * a readable buffer of size \c 64 Bytes.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
+ const unsigned char data[64] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
/**
* \brief This function calculates the SHA-224 or SHA-256
* checksum of a buffer.
@@ -173,6 +241,41 @@
unsigned char output[32],
int is224 );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+
+/**
+ * \brief This function calculates the SHA-224 or SHA-256 checksum
+ * of a buffer.
+ *
+ * The function allocates the context, performs the
+ * calculation, and frees the context.
+ *
+ * The SHA-256 result is calculated as
+ * output = SHA-256(input buffer).
+ *
+ * \deprecated Superseded by mbedtls_sha256_ret() in 2.7.0.
+ *
+ * \param input The buffer holding the data. This must be a readable
+ * buffer of length \p ilen Bytes.
+ * \param ilen The length of the input data in Bytes.
+ * \param output The SHA-224 or SHA-256 checksum result. This must be
+ * a writable buffer of length \c 32 Bytes.
+ * \param is224 Determines which function to use. This must be either
+ * \c 0 for SHA-256, or \c 1 for SHA-224.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[32],
+ int is224 );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h
index 56cefe1..4a8ab42 100644
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@@ -33,6 +33,8 @@
#include <stddef.h>
#include <stdint.h>
+/* MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED is deprecated and should not be used. */
+#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039 /**< SHA-512 hardware accelerator failed */
#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075 /**< SHA-512 input data was malformed. */
#ifdef __cplusplus
@@ -156,6 +158,75 @@
*/
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
const unsigned char data[128] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief This function starts a SHA-384 or SHA-512 checksum
+ * calculation.
+ *
+ * \deprecated Superseded by mbedtls_sha512_starts_ret() in 2.7.0
+ *
+ * \param ctx The SHA-512 context to use. This must be initialized.
+ * \param is384 Determines which function to use. This must be either
+ * \c 0 for SHA-512 or \c 1 for SHA-384.
+ *
+ * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must
+ * be \c 0, or the function will fail to work.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
+ int is384 );
+
+/**
+ * \brief This function feeds an input buffer into an ongoing
+ * SHA-512 checksum calculation.
+ *
+ * \deprecated Superseded by mbedtls_sha512_update_ret() in 2.7.0.
+ *
+ * \param ctx The SHA-512 context. This must be initialized
+ * and have a hash operation started.
+ * \param input The buffer holding the data. This must be a readable
+ * buffer of length \p ilen Bytes.
+ * \param ilen The length of the input data in Bytes.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief This function finishes the SHA-512 operation, and writes
+ * the result to the output buffer.
+ *
+ * \deprecated Superseded by mbedtls_sha512_finish_ret() in 2.7.0.
+ *
+ * \param ctx The SHA-512 context. This must be initialized
+ * and have a hash operation started.
+ * \param output The SHA-384 or SHA-512 checksum result. This must
+ * be a writable buffer of size \c 64 Bytes.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
+ unsigned char output[64] );
+
+/**
+ * \brief This function processes a single data block within
+ * the ongoing SHA-512 computation. This function is for
+ * internal use only.
+ *
+ * \deprecated Superseded by mbedtls_internal_sha512_process() in 2.7.0.
+ *
+ * \param ctx The SHA-512 context. This must be initialized.
+ * \param data The buffer holding one block of data. This must be
+ * a readable buffer of length \c 128 Bytes.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha512_process(
+ mbedtls_sha512_context *ctx,
+ const unsigned char data[128] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief This function calculates the SHA-512 or SHA-384
@@ -187,6 +258,44 @@
unsigned char output[64],
int is384 );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+
+/**
+ * \brief This function calculates the SHA-512 or SHA-384
+ * checksum of a buffer.
+ *
+ * The function allocates the context, performs the
+ * calculation, and frees the context.
+ *
+ * The SHA-512 result is calculated as
+ * output = SHA-512(input buffer).
+ *
+ * \deprecated Superseded by mbedtls_sha512_ret() in 2.7.0
+ *
+ * \param input The buffer holding the data. This must be a
+ * readable buffer of length \p ilen Bytes.
+ * \param ilen The length of the input data in Bytes.
+ * \param output The SHA-384 or SHA-512 checksum result. This must
+ * be a writable buffer of length \c 64 Bytes.
+ * \param is384 Determines which function to use. This must be either
+ * \c 0 for SHA-512, or \c 1 for SHA-384.
+ *
+ * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must
+ * be \c 0, or the function will fail to work.
+ */
+MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[64],
+ int is384 );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
#if defined(MBEDTLS_SELF_TEST)
/**