Topic: [SOLVED] SHA384 question
Hello,
I compile wolfSSL directly to my project, my defines in user_settings.h give me three ciphers to work with:
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
So far it works good, without any issues.
Now I want to use SHA384, thus I added two more defines to my user_settings.h:
#define NO_SHA256 //I don't need any more this option in my ciphers
#define WOLFSSL_SHA384 //I want only SHA384 in my ciphers
And, of cause, I removed sha256.o and added sha512.o to the build.
But it seems I cannot do it this way, the errors I receive:
Compiling file: ../wolfssl-3.9.10/src/ssl.c ..................
In file included from ../wolfssl-3.9.10/wolfssl/internal.h:33:0,
from ../wolfssl-3.9.10/src/ssl.c:35:
../wolfssl-3.9.10/wolfssl/wolfcrypt/random.h:63:10: error: #error "Hash DRBG requires SHA-256."
#error "Hash DRBG requires SHA-256."
^
In file included from ../wolfssl-3.9.10/wolfssl/internal.h:47:0,
from ../wolfssl-3.9.10/src/ssl.c:35:
../wolfssl-3.9.10/wolfssl/wolfcrypt/asn.h:143:27: error: 'SHA256_DIGEST_SIZE' undeclared here (not in a function)
KEYID_SIZE = SHA256_DIGEST_SIZE,
^
In file included from ../wolfssl-3.9.10/wolfssl/internal.h:66:0,
from ../wolfssl-3.9.10/src/ssl.c:35:
../wolfssl-3.9.10/wolfssl/wolfcrypt/hmac.h:100:23: error: 'SHA384_DIGEST_SIZE' undeclared here (not in a function)
MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE,
^
../wolfssl-3.9.10/wolfssl/wolfcrypt/hmac.h:101:23: error: 'SHA384_BLOCK_SIZE' undeclared here (not in a function)
HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
^
../wolfssl-3.9.10/wolfssl/wolfcrypt/hmac.h:129:9: error: unknown type name 'Sha384'
Sha384 sha384;
^
In file included from ../wolfssl-3.9.10/src/ssl.c:35:0:
../wolfssl-3.9.10/wolfssl/internal.h:2654:5: error: unknown type name 'Sha384'
Sha384 hashSha384; /* sha384 hash of handshake msgs */
^
Makefile:72: recipe for target '_output/ssl.o' failed
make: *** [_output/ssl.o] Error 1
In order to make it work I have to remove NO_SHA256 define, add WOLFSSL_SHA512 define and add sha256.o to the build.
Is there a possibility to have SHA384 without SHA256 and SHA512 as it adds unwanted ciphers and more code.
Thanks for the help.