Separate SHA224 from SHA256 config options.
These options are still dependant on each other.
This is an intermediate step.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index bccbae7..3998ede 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -622,6 +622,14 @@
#error "MBEDTLS_SHA384_C defined without MBEDTLS_SHA512_C"
#endif
+#if defined(MBEDTLS_SHA224_C) && !defined(MBEDTLS_SHA256_C)
+#error "MBEDTLS_SHA224_C defined without MBEDTLS_SHA256_C"
+#endif
+
+#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA224_C)
+#error "MBEDTLS_SHA256_C defined without MBEDTLS_SHA224_C"
+#endif
+
#if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) || \
!defined(MBEDTLS_SHA1_C) )
#error "MBEDTLS_SSL_PROTO_TLS1 defined, but not all prerequisites"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index b802cd4..0787b5f 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -3107,7 +3107,7 @@
/**
* \def MBEDTLS_SHA256_C
*
- * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
+ * Enable the SHA-256 cryptographic hash algorithms.
*
* Module: library/sha256.c
* Caller: library/entropy.c
@@ -3116,12 +3116,31 @@
* library/ssl_srv.c
* library/ssl_tls.c
*
- * This module adds support for SHA-224 and SHA-256.
+ * This module adds support for SHA-256.
+ * This module is required for SHA-244.
* This module is required for the SSL/TLS 1.2 PRF function.
*/
#define MBEDTLS_SHA256_C
/**
+ * \def MBEDTLS_SHA224_C
+ *
+ * Enable the SHA-224 cryptographic hash algorithms.
+ *
+ * Module: library/sha256.c
+ * Caller: library/entropy.c
+ * library/md.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ *
+ * Requires: MBEDTLS_SHA256_C
+ * This module adds support for SHA-224.
+ * This module is required for the SSL/TLS 1.2 PRF function.
+ */
+#define MBEDTLS_SHA224_C
+
+/**
* \def MBEDTLS_SHA512_C
*
* Enable SHA-512 cryptographic hash algorithms.
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 89616c5..2032a36 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -149,7 +149,7 @@
#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
-#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA224_C
#endif
#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
@@ -604,10 +604,13 @@
#define PSA_WANT_ALG_SHA_1 1
#endif
-#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_SHA224_C)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
#define PSA_WANT_ALG_SHA_224 1
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
#define PSA_WANT_ALG_SHA_256 1
#endif
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index be3745c..75fcdac 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -136,9 +136,11 @@
case MBEDTLS_MD_SHA1:
return( PSA_ALG_SHA_1 );
#endif
-#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_SHA224_C)
case MBEDTLS_MD_SHA224:
return( PSA_ALG_SHA_224 );
+#endif
+#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA256:
return( PSA_ALG_SHA_256 );
#endif