Completely ignore is224 if SHA-224 is disabled
diff --git a/library/sha256.c b/library/sha256.c
index a141511..c576a03 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -113,12 +113,33 @@
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
{
SHA256_VALIDATE_RET( ctx != NULL );
+#if defined(MBEDTLS_SHA256_NO_SHA224)
+ SHA256_VALIDATE_RET( is224 == 0 );
+ (void) is224;
+#else
SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
+#endif
ctx->total[0] = 0;
ctx->total[1] = 0;
- if( is224 == 0 )
+#if !defined(MBEDTLS_SHA256_NO_SHA224)
+ ctx->is224 = is224;
+
+ if( is224 == 1 )
+ {
+ /* SHA-224 */
+ ctx->state[0] = 0xC1059ED8;
+ ctx->state[1] = 0x367CD507;
+ ctx->state[2] = 0x3070DD17;
+ ctx->state[3] = 0xF70E5939;
+ ctx->state[4] = 0xFFC00B31;
+ ctx->state[5] = 0x68581511;
+ ctx->state[6] = 0x64F98FA7;
+ ctx->state[7] = 0xBEFA4FA4;
+ }
+ else
+#endif
{
/* SHA-256 */
ctx->state[0] = 0x6A09E667;
@@ -130,26 +151,6 @@
ctx->state[6] = 0x1F83D9AB;
ctx->state[7] = 0x5BE0CD19;
}
- else
- {
-#if defined(MBEDTLS_SHA256_NO_SHA224)
- return( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA );
-#else
- /* SHA-224 */
- ctx->state[0] = 0xC1059ED8;
- ctx->state[1] = 0x367CD507;
- ctx->state[2] = 0x3070DD17;
- ctx->state[3] = 0xF70E5939;
- ctx->state[4] = 0xFFC00B31;
- ctx->state[5] = 0x68581511;
- ctx->state[6] = 0x64F98FA7;
- ctx->state[7] = 0xBEFA4FA4;
-#endif
- }
-
-#if !defined(MBEDTLS_SHA256_NO_SHA224)
- ctx->is224 = is224;
-#endif
return( 0 );
}