Merge pull request #6784 from valeriosetti/issue6702

Make SHA224_C/SHA384_C independent from SHA256_C/SHA512_C

ChangeLog.d/make_sha224_sha384_independent_from_sha256_sha512.txt

@@ -0,0 +1,4 @@
+Features
+   * SHA224_C/SHA384_C are now independent from SHA384_C/SHA512_C respectively.
+     This helps in saving code size when some of the above hashes are not
+     required.

configs/config-ccm-psk-dtls1_2.h

@@ -47,10 +47,6 @@
 #define MBEDTLS_ENTROPY_C
 #define MBEDTLS_MD_C
 #define MBEDTLS_NET_C
-/* The library does not currently support enabling SHA-224 without SHA-256.
- * A future version of the library will have this option disabled
- * by default. */
-#define MBEDTLS_SHA224_C
 #define MBEDTLS_SHA256_C
 #define MBEDTLS_SSL_CLI_C
 #define MBEDTLS_SSL_COOKIE_C

configs/config-ccm-psk-tls1_2.h

@@ -46,10 +46,6 @@
 #define MBEDTLS_ENTROPY_C
 #define MBEDTLS_MD_C
 #define MBEDTLS_NET_C
-/* The library does not currently support enabling SHA-224 without SHA-256.
- * A future version of the library will have this option disabled
- * by default. */
-#define MBEDTLS_SHA224_C
 #define MBEDTLS_SHA256_C
 #define MBEDTLS_SSL_CLI_C
 #define MBEDTLS_SSL_SRV_C

configs/config-suite-b.h

@@ -60,10 +60,6 @@
 #define MBEDTLS_OID_C
 #define MBEDTLS_PK_C
 #define MBEDTLS_PK_PARSE_C
-/* The library does not currently support enabling SHA-224 without SHA-256.
- * A future version of the library will have this option disabled
- * by default. */
-#define MBEDTLS_SHA224_C
 #define MBEDTLS_SHA256_C
 #define MBEDTLS_SHA384_C
 #define MBEDTLS_SHA512_C

configs/config-thread.h

@@ -63,10 +63,6 @@
 #define MBEDTLS_OID_C
 #define MBEDTLS_PK_C
 #define MBEDTLS_PK_PARSE_C
-/* The library does not currently support enabling SHA-224 without SHA-256.
- * A future version of the library will have this option disabled
- * by default. */
-#define MBEDTLS_SHA224_C
 #define MBEDTLS_SHA256_C
 #define MBEDTLS_SSL_COOKIE_C
 #define MBEDTLS_SSL_CLI_C

include/mbedtls/check_config.h

@@ -695,10 +695,6 @@
 #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_SHA384_C) && !defined(MBEDTLS_SHA512_C)
-#error "MBEDTLS_SHA384_C defined without MBEDTLS_SHA512_C"
-#endif
-
 #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \
     defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
 #error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*"
@@ -754,14 +750,6 @@
 #error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system"
 #endif
 
-#if defined(MBEDTLS_SHA224_C) && !defined(MBEDTLS_SHA256_C)
-#error "MBEDTLS_SHA224_C defined without MBEDTLS_SHA256_C"
-#endif
-
-#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA224_C)
-#error "MBEDTLS_SHA256_C defined without MBEDTLS_SHA224_C"
-#endif
-
 #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \
     defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)
 #error "Must only define one of MBEDTLS_SHA256_USE_A64_CRYPTO_*"

include/mbedtls/mbedtls_config.h

@@ -3046,9 +3046,6 @@
  *
  * Enable the SHA-224 cryptographic hash algorithm.
  *
- * Requires: MBEDTLS_SHA256_C. The library does not currently support enabling
- *           SHA-224 without SHA-256.
- *
  * Module:  library/sha256.c
  * Caller:  library/md.c
  *          library/ssl_cookie.c
@@ -3062,9 +3059,6 @@
  *
  * Enable the SHA-256 cryptographic hash algorithm.
  *
- * Requires: MBEDTLS_SHA224_C. The library does not currently support enabling
- *           SHA-256 without SHA-224.
- *
  * Module:  library/sha256.c
  * Caller:  library/entropy.c
  *          library/md.c
@@ -3132,8 +3126,6 @@
  *
  * Enable the SHA-384 cryptographic hash algorithm.
  *
- * Requires: MBEDTLS_SHA512_C
- *
  * Module:  library/sha512.c
  * Caller:  library/md.c
  *          library/psa_crypto_hash.c

include/mbedtls/md.h

@@ -65,8 +65,14 @@ typedef enum {
 
 #if defined(MBEDTLS_SHA512_C)
 #define MBEDTLS_MD_MAX_SIZE         64  /* longest known is SHA512 */
+#elif defined(MBEDTLS_SHA384_C)
+#define MBEDTLS_MD_MAX_SIZE         48  /* longest known is SHA384 */
+#elif defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_MD_MAX_SIZE         32  /* longest known is SHA256 */
+#elif defined(MBEDTLS_SHA224_C)
+#define MBEDTLS_MD_MAX_SIZE         28  /* longest known is SHA224 */
 #else
-#define MBEDTLS_MD_MAX_SIZE         32  /* longest known is SHA256 or less */
+#define MBEDTLS_MD_MAX_SIZE         20  /* longest known is SHA1 or RIPE MD-160 */
 #endif
 
 #if defined(MBEDTLS_SHA512_C)

include/mbedtls/sha256.h

@@ -96,6 +96,10 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
  * \param is224    This determines which function to use. This must be
  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
  *
+ * \note           is224 must be defined accordingly to the enabled
+ *                 MBEDTLS_SHA224_C/MBEDTLS_SHA256_C symbols otherwise the
+ *                 function will return #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.
+ *
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
@@ -178,13 +182,25 @@ int mbedtls_sha256( const unsigned char *input,
 
 #if defined(MBEDTLS_SELF_TEST)
 
+#if defined(MBEDTLS_SHA224_C)
 /**
- * \brief          The SHA-224 and SHA-256 checkup routine.
+ * \brief          The SHA-224 checkup routine.
+ *
+ * \return         \c 0 on success.
+ * \return         \c 1 on failure.
+ */
+int mbedtls_sha224_self_test( int verbose );
+#endif /* MBEDTLS_SHA224_C */
+
+#if defined(MBEDTLS_SHA256_C)
+/**
+ * \brief          The SHA-256 checkup routine.
  *
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
 int mbedtls_sha256_self_test( int verbose );
+#endif /* MBEDTLS_SHA256_C */
 
 #endif /* MBEDTLS_SELF_TEST */
 

include/mbedtls/sha512.h

@@ -99,9 +99,9 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
  * \param is384    Determines which function to use. This must be
  *                 either \c 0 for SHA-512, or \c 1 for SHA-384.
  *
- * \note           When \c MBEDTLS_SHA384_C is not defined,
+ * \note           is384 must be defined accordingly to the enabled
- *                 \p is384 must be \c 0, or the function will return
+ *                 MBEDTLS_SHA384_C/MBEDTLS_SHA512_C symbols otherwise the
- *                 #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.
+ *                 function will return #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.
  *
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
@@ -175,8 +175,11 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
  * \param is384    Determines which function to use. This must be either
  *                 \c 0 for SHA-512, or \c 1 for SHA-384.
  *
- * \note           When \c MBEDTLS_SHA384_C is not defined, \p is384 must
+ * \note           is384 must be defined accordingly with the supported
- *                 be \c 0, or the function will return
+ *                 symbols in the config file. If:
+ *                 - is384 is 0, but \c MBEDTLS_SHA384_C is not defined, or
+ *                 - is384 is 1, but \c MBEDTLS_SHA512_C is not defined
+ *                 then the function will return
  *                 #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.
  *
  * \return         \c 0 on success.
@@ -189,13 +192,26 @@ int mbedtls_sha512( const unsigned char *input,
 
 #if defined(MBEDTLS_SELF_TEST)
 
+#if defined(MBEDTLS_SHA384_C)
  /**
- * \brief          The SHA-384 or SHA-512 checkup routine.
+ * \brief          The SHA-384 checkup routine.
+ *
+ * \return         \c 0 on success.
+ * \return         \c 1 on failure.
+ */
+int mbedtls_sha384_self_test( int verbose );
+#endif /* MBEDTLS_SHA384_C */
+
+#if defined(MBEDTLS_SHA512_C)
+ /**
+ * \brief          The SHA-512 checkup routine.
  *
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
 int mbedtls_sha512_self_test( int verbose );
+#endif /* MBEDTLS_SHA512_C */
+
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus

library/sha256.c

@@ -24,7 +24,7 @@
 
 #include "common.h"
 
-#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C)
 
 #include "mbedtls/sha256.h"
 #include "mbedtls/platform_util.h"
@@ -167,12 +167,15 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
  */
 int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
 {
-#if defined(MBEDTLS_SHA224_C)
+#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C)
     if( is224 != 0 && is224 != 1 )
         return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
-#else
+#elif defined(MBEDTLS_SHA256_C)
     if( is224 != 0 )
         return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
+#else /* defined MBEDTLS_SHA224_C only */
+    if( is224 == 0 )
+        return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
 #endif
 
     ctx->total[0] = 0;
@@ -180,7 +183,7 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
 
     if( is224 == 0 )
     {
-        /* SHA-256 */
+#if defined(MBEDTLS_SHA256_C)
         ctx->state[0] = 0x6A09E667;
         ctx->state[1] = 0xBB67AE85;
         ctx->state[2] = 0x3C6EF372;
@@ -189,11 +192,11 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
         ctx->state[5] = 0x9B05688C;
         ctx->state[6] = 0x1F83D9AB;
         ctx->state[7] = 0x5BE0CD19;
+#endif
     }
     else
     {
 #if defined(MBEDTLS_SHA224_C)
-        /* SHA-224 */
         ctx->state[0] = 0xC1059ED8;
         ctx->state[1] = 0x367CD507;
         ctx->state[2] = 0x3070DD17;
@@ -205,7 +208,9 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
 #endif
     }
 
+#if defined(MBEDTLS_SHA224_C)
     ctx->is224 = is224;
+#endif
 
     return( 0 );
 }
@@ -678,12 +683,15 @@ int mbedtls_sha256( const unsigned char *input,
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     mbedtls_sha256_context ctx;
 
-#if defined(MBEDTLS_SHA224_C)
+#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C)
     if( is224 != 0 && is224 != 1 )
         return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
-#else
+#elif defined(MBEDTLS_SHA256_C)
     if( is224 != 0 )
         return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
+#else /* defined MBEDTLS_SHA224_C only */
+    if( is224 == 0 )
+        return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
 #endif
 
     mbedtls_sha256_init( &ctx );
@@ -707,23 +715,26 @@ exit:
 /*
  * FIPS-180-2 test vectors
  */
-static const unsigned char sha256_test_buf[3][57] =
+static const unsigned char sha_test_buf[3][57] =
 {
     { "abc" },
     { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
     { "" }
 };
 
-static const size_t sha256_test_buflen[3] =
+static const size_t sha_test_buflen[3] =
 {
     3, 56, 1000
 };
 
-static const unsigned char sha256_test_sum[6][32] =
+typedef const unsigned char (sha_test_sum_t)[32];
-{
+
-    /*
+/*
  * SHA-224 test vectors
  */
+#if defined(MBEDTLS_SHA224_C)
+static sha_test_sum_t sha224_test_sum[] =
+{
     { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
       0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
       0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
@@ -735,11 +746,16 @@ static const unsigned char sha256_test_sum[6][32] =
     { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
       0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
       0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
-      0x4E, 0xE7, 0xAD, 0x67 },
+      0x4E, 0xE7, 0xAD, 0x67 }
+};
+#endif
 
-    /*
+/*
  * SHA-256 test vectors
  */
+#if defined(MBEDTLS_SHA256_C)
+static sha_test_sum_t sha256_test_sum[] =
+{
     { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
       0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
       0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
@@ -753,17 +769,26 @@ static const unsigned char sha256_test_sum[6][32] =
       0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
       0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
 };
+#endif
 
 /*
  * Checkup routine
  */
-int mbedtls_sha256_self_test( int verbose )
+static int mbedtls_sha256_common_self_test( int verbose, int is224 )
 {
-    int i, j, k, buflen, ret = 0;
+    int i, buflen, ret = 0;
     unsigned char *buf;
     unsigned char sha256sum[32];
     mbedtls_sha256_context ctx;
 
+#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C)
+    sha_test_sum_t* sha_test_sum = ( is224 ) ? sha224_test_sum : sha256_test_sum;
+#elif defined(MBEDTLS_SHA256_C)
+    sha_test_sum_t* sha_test_sum = sha256_test_sum;
+#else
+    sha_test_sum_t* sha_test_sum = sha224_test_sum;
+#endif
+
     buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
     if( NULL == buf )
     {
@@ -775,22 +800,19 @@ int mbedtls_sha256_self_test( int verbose )
 
     mbedtls_sha256_init( &ctx );
 
-    for( i = 0; i < 6; i++ )
+    for( i = 0; i < 3; i++ )
     {
-        j = i % 3;
-        k = i < 3;
-
         if( verbose != 0 )
-            mbedtls_printf( "  SHA-%d test #%d: ", 256 - k * 32, j + 1 );
+            mbedtls_printf( "  SHA-%d test #%d: ", 256 - is224 * 32, i + 1 );
 
-        if( ( ret = mbedtls_sha256_starts( &ctx, k ) ) != 0 )
+        if( ( ret = mbedtls_sha256_starts( &ctx, is224 ) ) != 0 )
             goto fail;
 
-        if( j == 2 )
+        if( i == 2 )
         {
             memset( buf, 'a', buflen = 1000 );
 
-            for( j = 0; j < 1000; j++ )
+            for( int j = 0; j < 1000; j++ )
             {
                 ret = mbedtls_sha256_update( &ctx, buf, buflen );
                 if( ret != 0 )
@@ -800,8 +822,8 @@ int mbedtls_sha256_self_test( int verbose )
         }
         else
         {
-            ret = mbedtls_sha256_update( &ctx, sha256_test_buf[j],
+            ret = mbedtls_sha256_update( &ctx, sha_test_buf[i],
-                                             sha256_test_buflen[j] );
+                                             sha_test_buflen[i] );
             if( ret != 0 )
                  goto fail;
         }
@@ -810,7 +832,7 @@ int mbedtls_sha256_self_test( int verbose )
             goto fail;
 
 
-        if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
+        if( memcmp( sha256sum, sha_test_sum[i], 32 - is224 * 4 ) != 0 )
         {
             ret = 1;
             goto fail;
@@ -836,6 +858,20 @@ exit:
     return( ret );
 }
 
+#if defined(MBEDTLS_SHA256_C)
+int mbedtls_sha256_self_test( int verbose )
+{
+    return mbedtls_sha256_common_self_test( verbose, 0 );
+}
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA224_C)
+int mbedtls_sha224_self_test( int verbose )
+{
+    return mbedtls_sha256_common_self_test( verbose, 1 );
+}
+#endif /* MBEDTLS_SHA224_C */
+
 #endif /* MBEDTLS_SELF_TEST */
 
-#endif /* MBEDTLS_SHA256_C */
+#endif /* MBEDTLS_SHA256_C || MBEDTLS_SHA224_C */

library/sha512.c

@@ -24,7 +24,7 @@
 
 #include "common.h"
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C)
 
 #include "mbedtls/sha512.h"
 #include "mbedtls/platform_util.h"
@@ -191,12 +191,15 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
  */
 int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
 {
-#if defined(MBEDTLS_SHA384_C)
+#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C)
     if( is384 != 0 && is384 != 1 )
         return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
-#else
+#elif defined(MBEDTLS_SHA512_C)
     if( is384 != 0 )
         return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
+#else /* defined MBEDTLS_SHA384_C only */
+    if( is384 == 0 )
+        return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
 #endif
 
     ctx->total[0] = 0;
@@ -204,7 +207,7 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
 
     if( is384 == 0 )
     {
-        /* SHA-512 */
+#if defined(MBEDTLS_SHA512_C)
         ctx->state[0] = UL64(0x6A09E667F3BCC908);
         ctx->state[1] = UL64(0xBB67AE8584CAA73B);
         ctx->state[2] = UL64(0x3C6EF372FE94F82B);
@@ -213,13 +216,11 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
         ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
         ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
         ctx->state[7] = UL64(0x5BE0CD19137E2179);
+#endif /* MBEDTLS_SHA512_C */
     }
     else
     {
-#if !defined(MBEDTLS_SHA384_C)
+#if defined(MBEDTLS_SHA384_C)
-        return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA );
-#else
-        /* SHA-384 */
         ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
         ctx->state[1] = UL64(0x629A292A367CD507);
         ctx->state[2] = UL64(0x9159015A3070DD17);
@@ -836,12 +837,15 @@ int mbedtls_sha512( const unsigned char *input,
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     mbedtls_sha512_context ctx;
 
-#if defined(MBEDTLS_SHA384_C)
+#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C)
     if( is384 != 0 && is384 != 1 )
         return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
-#else
+#elif defined(MBEDTLS_SHA512_C)
     if( is384 != 0 )
         return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
+#else /* defined MBEDTLS_SHA384_C only */
+    if( is384 == 0 )
+        return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
 #endif
 
     mbedtls_sha512_init( &ctx );
@@ -866,24 +870,26 @@ exit:
 /*
  * FIPS-180-2 test vectors
  */
-static const unsigned char sha512_test_buf[3][113] =
+static const unsigned char sha_test_buf[3][113] =
 {
     { "abc" },
     { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
     { "" }
 };
 
-static const size_t sha512_test_buflen[3] =
+static const size_t sha_test_buflen[3] =
 {
     3, 112, 1000
 };
 
-static const unsigned char sha512_test_sum[][64] =
+typedef const unsigned char (sha_test_sum_t)[64];
-{
+
-#if defined(MBEDTLS_SHA384_C)
+/*
-    /*
  * SHA-384 test vectors
  */
+#if defined(MBEDTLS_SHA384_C)
+static sha_test_sum_t sha384_test_sum[] =
+{
     { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
       0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
       0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
@@ -901,12 +907,16 @@ static const unsigned char sha512_test_sum[][64] =
       0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52,
       0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B,
       0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB,
-      0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 },
+      0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }
+};
 #endif /* MBEDTLS_SHA384_C */
 
-    /*
+/*
  * SHA-512 test vectors
  */
+#if defined(MBEDTLS_SHA512_C)
+static sha_test_sum_t sha512_test_sum[] =
+{
     { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
       0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
       0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
@@ -932,19 +942,25 @@ static const unsigned char sha512_test_sum[][64] =
       0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E,
       0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B }
 };
+#endif /* MBEDTLS_SHA512_C */
 
 #define ARRAY_LENGTH( a )   ( sizeof( a ) / sizeof( ( a )[0] ) )
 
-/*
+static int mbedtls_sha512_common_self_test( int verbose, int is384 )
- * Checkup routine
- */
-int mbedtls_sha512_self_test( int verbose )
 {
-    int i, j, k, buflen, ret = 0;
+    int i, buflen, ret = 0;
     unsigned char *buf;
     unsigned char sha512sum[64];
     mbedtls_sha512_context ctx;
 
+#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C)
+    sha_test_sum_t* sha_test_sum = ( is384 ) ? sha384_test_sum : sha512_test_sum;
+#elif defined(MBEDTLS_SHA512_C)
+    sha_test_sum_t* sha_test_sum = sha512_test_sum;
+#else
+    sha_test_sum_t* sha_test_sum = sha384_test_sum;
+#endif
+
     buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
     if( NULL == buf )
     {
@@ -956,26 +972,19 @@ int mbedtls_sha512_self_test( int verbose )
 
     mbedtls_sha512_init( &ctx );
 
-    for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ )
+    for( i = 0; i < 3; i++ )
     {
-        j = i % 3;
-#if defined(MBEDTLS_SHA384_C)
-        k = i < 3;
-#else
-        k = 0;
-#endif
-
         if( verbose != 0 )
-            mbedtls_printf( "  SHA-%d test #%d: ", 512 - k * 128, j + 1 );
+            mbedtls_printf( "  SHA-%d test #%d: ", 512 - is384 * 128, i + 1 );
 
-        if( ( ret = mbedtls_sha512_starts( &ctx, k ) ) != 0 )
+        if( ( ret = mbedtls_sha512_starts( &ctx, is384 ) ) != 0 )
             goto fail;
 
-        if( j == 2 )
+        if( i == 2 )
         {
             memset( buf, 'a', buflen = 1000 );
 
-            for( j = 0; j < 1000; j++ )
+            for( int j = 0; j < 1000; j++ )
             {
                 ret = mbedtls_sha512_update( &ctx, buf, buflen );
                 if( ret != 0 )
@@ -984,8 +993,8 @@ int mbedtls_sha512_self_test( int verbose )
         }
         else
         {
-            ret = mbedtls_sha512_update( &ctx, sha512_test_buf[j],
+            ret = mbedtls_sha512_update( &ctx, sha_test_buf[i],
-                                             sha512_test_buflen[j] );
+                                             sha_test_buflen[i] );
             if( ret != 0 )
                 goto fail;
         }
@@ -993,7 +1002,7 @@ int mbedtls_sha512_self_test( int verbose )
         if( ( ret = mbedtls_sha512_finish( &ctx, sha512sum ) ) != 0 )
             goto fail;
 
-        if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
+        if( memcmp( sha512sum, sha_test_sum[i], 64 - is384 * 16 ) != 0 )
         {
             ret = 1;
             goto fail;
@@ -1019,8 +1028,22 @@ exit:
     return( ret );
 }
 
+#if defined(MBEDTLS_SHA512_C)
+int mbedtls_sha512_self_test( int verbose )
+{
+    return mbedtls_sha512_common_self_test( verbose, 0 );
+}
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SHA384_C)
+int mbedtls_sha384_self_test( int verbose )
+{
+    return mbedtls_sha512_common_self_test( verbose, 1 );
+}
+#endif /* MBEDTLS_SHA384_C */
+
 #undef ARRAY_LENGTH
 
 #endif /* MBEDTLS_SELF_TEST */
 
-#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SHA512_C || MBEDTLS_SHA384_C */

library/ssl_cookie.c

@@ -38,23 +38,19 @@
 #include <string.h>
 
 /*
- * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-384 is
+ * If DTLS is in use, then at least one of SHA-256 or SHA-384 is
- * available. Try SHA-256 first, 384 wastes resources
+ * available. Try SHA-256 first as 384 wastes resources
  */
-#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
+#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
-#define COOKIE_MD           MBEDTLS_MD_SHA224
+#define COOKIE_MD           MBEDTLS_MD_SHA256
 #define COOKIE_MD_OUTLEN    32
 #define COOKIE_HMAC_LEN     28
 #elif defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
 #define COOKIE_MD           MBEDTLS_MD_SHA384
 #define COOKIE_MD_OUTLEN    48
 #define COOKIE_HMAC_LEN     28
-#elif defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
-#define COOKIE_MD           MBEDTLS_MD_SHA1
-#define COOKIE_MD_OUTLEN    20
-#define COOKIE_HMAC_LEN     20
 #else
-#error "DTLS hello verify needs SHA-1 or SHA-2"
+#error "DTLS hello verify needs SHA-256 or SHA-384"
 #endif
 
 /*

programs/test/selftest.c

@@ -243,9 +243,15 @@ const selftest_t selftests[] =
 #if defined(MBEDTLS_SHA1_C)
     {"sha1", mbedtls_sha1_self_test},
 #endif
+#if defined(MBEDTLS_SHA224_C)
+    {"sha224", mbedtls_sha224_self_test},
+#endif
 #if defined(MBEDTLS_SHA256_C)
     {"sha256", mbedtls_sha256_self_test},
 #endif
+#if defined(MBEDTLS_SHA384_C)
+    {"sha384", mbedtls_sha384_self_test},
+#endif
 #if defined(MBEDTLS_SHA512_C)
     {"sha512", mbedtls_sha512_self_test},
 #endif

tests/include/test/drivers/config_test_driver.h

@@ -35,7 +35,6 @@
 /* PSA core mandatory configuration options */
 #define MBEDTLS_CIPHER_C
 #define MBEDTLS_AES_C
-#define MBEDTLS_SHA224_C
 #define MBEDTLS_SHA256_C
 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
 #define MBEDTLS_CTR_DRBG_C
@@ -46,6 +45,7 @@
  * purpose of a specific set of tests.
  */
 //#define MBEDTLS_SHA1_C
+//#define MBEDTLS_SHA224_C
 //#define MBEDTLS_SHA384_C
 //#define MBEDTLS_SHA512_C
 //#define MBEDTLS_MD_C

tests/scripts/all.sh

@@ -1969,7 +1969,8 @@ component_test_psa_crypto_config_accel_ecdsa () {
     scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
     scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
 
-    # SHA384 needed for some ECDSA signature tests.
+    # These hashes are needed for some ECDSA signature tests.
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA384_C
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C
 
@@ -1978,6 +1979,7 @@ component_test_psa_crypto_config_accel_ecdsa () {
     make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
 
     # Restore test driver base configuration
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA224_C
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA384_C
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C
 
@@ -2062,6 +2064,7 @@ component_test_psa_crypto_config_accel_rsa_signature () {
     scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C
 
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C
     # We need to define either MD_C or all of the PSA_WANT_ALG_SHAxxx.
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_MD_C
@@ -2076,6 +2079,7 @@ component_test_psa_crypto_config_accel_rsa_signature () {
 
     # Restore test driver base configuration
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA1_C
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA224_C
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_MD_C
     scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_PEM_PARSE_C

tests/scripts/depends.py

@@ -44,12 +44,6 @@ The configuration building method can be one of the three following:
   direct dependencies, but rather non-trivial results of other configs missing. Then
   look for any unset symbols and handle their reverse dependencies.
   Examples of EXCLUSIVE_GROUPS usage:
-  - MBEDTLS_SHA256 job turns off all hashes except SHA256, however, when investigating
-    reverse dependencies, SHA224 is found to depend on SHA256, so it is disabled,
-    and then SHA256 is found to depend on SHA224, so it is also disabled. To handle
-    this, there's a field in EXCLUSIVE_GROUPS that states that in a SHA256 test SHA224
-    should also be enabled before processing reverse dependencies:
-    'MBEDTLS_SHA256_C': ['+MBEDTLS_SHA224_C']
   - MBEDTLS_SHA512_C job turns off all hashes except SHA512. MBEDTLS_SSL_COOKIE_C
     requires either SHA256 or SHA384 to work, so it also has to be disabled.
     This is not a dependency on SHA512_C, but a result of an exclusive domain
@@ -257,17 +251,14 @@ REVERSE_DEPENDENCIES = {
                       'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED'],
     'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
                          'MBEDTLS_ENTROPY_FORCE_SHA256',
-                         'MBEDTLS_SHA224_C',
                          'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT',
                          'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY',
                          'MBEDTLS_LMS_C',
                          'MBEDTLS_LMS_PRIVATE'],
-    'MBEDTLS_SHA512_C': ['MBEDTLS_SHA384_C',
+    'MBEDTLS_SHA512_C': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT',
-                         'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT',
                          'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY'],
     'MBEDTLS_SHA224_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
                          'MBEDTLS_ENTROPY_FORCE_SHA256',
-                         'MBEDTLS_SHA256_C',
                          'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT',
                          'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY'],
     'MBEDTLS_X509_RSASSA_PSS_SUPPORT': []
@@ -277,8 +268,6 @@ REVERSE_DEPENDENCIES = {
 # These are not necessarily dependencies, but just minimal required changes
 # if a given define is the only one enabled from an exclusive group.
 EXCLUSIVE_GROUPS = {
-    'MBEDTLS_SHA256_C': ['+MBEDTLS_SHA224_C'],
-    'MBEDTLS_SHA384_C': ['+MBEDTLS_SHA512_C'],
     'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C',
                          '-MBEDTLS_SSL_PROTO_TLS1_3'],
     'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C',
@@ -421,15 +410,15 @@ class DomainData:
                                               build_and_test),
             # Elliptic curves. Run the test suites.
             'curves': ExclusiveDomain(curve_symbols, build_and_test),
-            # Hash algorithms. Exclude three groups:
+            # Hash algorithms. Excluding exclusive domains of MD, RIPEMD, SHA1,
-            # - Exclusive domain of MD, RIPEMD, SHA1 (obsolete);
+            # SHA224 and SHA384 because MBEDTLS_ENTROPY_C is extensively used
-            # - Exclusive domain of SHA224 (tested with and depends on SHA256);
+            # across various modules, but it depends on either SHA256 or SHA512.
-            # - Complementary domain of SHA224 and SHA384 - tested with and depend
+            # As a consequence an "exclusive" test of anything other than SHA256
-            #       on SHA256 and SHA512, respectively.
+            # or SHA512 with MBEDTLS_ENTROPY_C enabled is not possible.
             'hashes': DualDomain(hash_symbols, build_and_test,
                                  exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)' \
-                                          '|MBEDTLS_SHA224_'\
+                                          '|MBEDTLS_SHA224_' \
-                                          '|!MBEDTLS_(SHA224_|SHA384_)'),
+                                          '|MBEDTLS_SHA384_'),
             # Key exchange types. Only build the library and the sample
             # programs.
             'kex': ExclusiveDomain(key_exchange_symbols,

tests/suites/test_suite_shax.data

@@ -169,10 +169,18 @@ SHA-1 Selftest
 depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA1_C
 sha1_selftest:
 
+SHA-224 Selftest
+depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA224_C
+sha224_selftest:
+
 SHA-256 Selftest
 depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA256_C
 sha256_selftest:
 
+SHA-384 Selftest
+depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA384_C
+sha384_selftest:
+
 SHA-512 Selftest
 depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA512_C
 sha512_selftest:

tests/suites/test_suite_shax.function

@@ -46,9 +46,9 @@ void sha224( data_t * src_str, data_t * hash )
     memset(output, 0x00, 57);
 
 
-    TEST_ASSERT( mbedtls_sha256( src_str->x, src_str->len, output, 1 ) == 0 );
+    TEST_EQUAL( mbedtls_sha256( src_str->x, src_str->len, output, 1 ), 0 );
 
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ) == 0 );
+    TEST_EQUAL( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ), 0 );
 }
 /* END_CASE */
 
@@ -60,9 +60,9 @@ void mbedtls_sha256( data_t * src_str, data_t * hash )
     memset(output, 0x00, 65);
 
 
-    TEST_ASSERT( mbedtls_sha256( src_str->x, src_str->len, output, 0 ) == 0 );
+    TEST_EQUAL( mbedtls_sha256( src_str->x, src_str->len, output, 0 ), 0 );
 
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ) == 0 );
+    TEST_EQUAL( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ), 0 );
 }
 /* END_CASE */
 
@@ -94,9 +94,9 @@ void sha384( data_t * src_str, data_t * hash )
     memset(output, 0x00, 97);
 
 
-    TEST_ASSERT( mbedtls_sha512( src_str->x, src_str->len, output, 1 ) == 0 );
+    TEST_EQUAL( mbedtls_sha512( src_str->x, src_str->len, output, 1 ), 0 );
 
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ) == 0 );
+    TEST_EQUAL( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ), 0 );
 }
 /* END_CASE */
 
@@ -108,9 +108,9 @@ void mbedtls_sha512( data_t * src_str, data_t * hash )
     memset(output, 0x00, 129);
 
 
-    TEST_ASSERT( mbedtls_sha512( src_str->x, src_str->len, output, 0 ) == 0 );
+    TEST_EQUAL( mbedtls_sha512( src_str->x, src_str->len, output, 0 ), 0 );
 
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ) == 0 );
+    TEST_EQUAL( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ), 0 );
 }
 /* END_CASE */
 
@@ -121,16 +121,30 @@ void sha1_selftest(  )
 }
 /* END_CASE */
 
+/* BEGIN_CASE depends_on:MBEDTLS_SHA224_C:MBEDTLS_SELF_TEST */
+void sha224_selftest(  )
+{
+    TEST_EQUAL( mbedtls_sha224_self_test( 1 ), 0 );
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_SELF_TEST */
 void sha256_selftest(  )
 {
-    TEST_ASSERT( mbedtls_sha256_self_test( 1 ) == 0 );
+    TEST_EQUAL( mbedtls_sha256_self_test( 1 ), 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA384_C:MBEDTLS_SELF_TEST */
+void sha384_selftest(  )
+{
+    TEST_EQUAL( mbedtls_sha384_self_test( 1 ), 0 );
 }
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_SELF_TEST */
 void sha512_selftest(  )
 {
-    TEST_ASSERT( mbedtls_sha512_self_test( 1 ) == 0 );
+    TEST_EQUAL( mbedtls_sha512_self_test( 1 ), 0 );
 }
 /* END_CASE */

tests/suites/test_suite_ssl.function

@@ -4532,7 +4532,7 @@ void ssl_tls13_create_psk_binder( int hash_alg,
                                   data_t *transcript,
                                   data_t *binder_expected )
 {
-    unsigned char binder[ MBEDTLS_MD_MAX_SIZE ];
+    unsigned char binder[ MBEDTLS_HASH_MAX_SIZE ];
 
     /* Double-check that we've passed sane parameters. */
     psa_algorithm_t alg = (psa_algorithm_t) hash_alg;
@@ -4664,7 +4664,7 @@ void ssl_tls13_key_evolution( int hash_alg,
                               data_t *input,
                               data_t *expected )
 {
-    unsigned char secret_new[ MBEDTLS_MD_MAX_SIZE ];
+    unsigned char secret_new[ MBEDTLS_HASH_MAX_SIZE ];
 
     PSA_INIT();
 

tests/suites/test_suite_x509parse.data

@@ -704,7 +704,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR
 x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL"
 
 X509 CRT verification #37 (Valid, EC CA, SHA224 Digest)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL"
 
 X509 CRT verification #38 (Valid, EC CA, SHA384 Digest)
@@ -840,7 +840,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_S
 x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL"
 
 X509 CRT verification #69 (RSASSA-PSS, wrong mgf_hash)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509_verify:"data_files/server9-bad-mgfhash.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL"
 
 X509 CRT verification #70 (v1 trusted CA)
@@ -2117,35 +2117,35 @@ X509 CRL ASN1 (TBSCertList, sig_oid1 id unknown)
 x509parse_crl:"30143012020100300d06092a864886f70d01010f0500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG
 
 X509 CRL ASN1 (TBSCertList, sig_oid1 correct, issuer missing)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"30143012020100300d06092a864886f70d01010e0500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, issuer set missing)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"30163014020100300d06092a864886f70d01010e05003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, correct issuer, thisUpdate missing)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, correct thisUpdate, nextUpdate missing, entries length missing)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030":"":MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, entries present, invalid sig_alg)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
 
 X509 CRL ASN1 (TBSCertList, entries present, date in entry invalid)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
 
 X509 CRL ASN1 (TBSCertList, sig_alg present, sig_alg does not match)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500":"":MBEDTLS_ERR_X509_SIG_MISMATCH
 
 X509 CRL ASN1 (TBSCertList, sig present, len mismatch)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
 
 # 305c
@@ -2171,35 +2171,35 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:
 x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version   \: 1\nissuer name   \: CN=ABCD\nthis update   \: 2009-01-01 00\:00\:00\nnext update   \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using  \: RSA with SHA-224\n":0
 
 X509 CRL ASN1 (TBSCertList, signatureValue missing)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e0500":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, signatureAlgorithm missing)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"30493047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, single empty entry at end)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"30373035020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030023000":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, good entry then empty entry at end)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"304b3049020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301630128202abcd170c3038313233313233353935393000":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, missing time in entry)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"304e3039020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300630048202abcd300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, missing time in entry at end)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"303b3039020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300630048202abcd":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 
 X509 CRL ASN1 (TBSCertList, invalid tag for time in entry)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
 
 X509 CRL ASN1 (TBSCertList, invalid tag for serial)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128402abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
 
 X509 CRL ASN1 (TBSCertList, no entries)