Extract SHA224/256 from bcm
Change-Id: I953441ccf99321184a5b664cc446551fa5e295b4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/70947
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
diff --git a/crypto/fipsmodule/ecdh/ecdh.c.inc b/crypto/fipsmodule/ecdh/ecdh.c.inc
index eeb591f..d16c3c1 100644
--- a/crypto/fipsmodule/ecdh/ecdh.c.inc
+++ b/crypto/fipsmodule/ecdh/ecdh.c.inc
@@ -105,12 +105,19 @@
}
FIPS_service_indicator_lock_state();
+ SHA256_CTX ctx;
switch (out_len) {
case SHA224_DIGEST_LENGTH:
- SHA224(buf, buflen, out);
+ BCM_sha224_init(&ctx);
+ BCM_sha224_update(&ctx, buf, buflen);
+ BCM_sha224_final(out, &ctx);
+ OPENSSL_cleanse(&ctx, sizeof(ctx));
break;
case SHA256_DIGEST_LENGTH:
- SHA256(buf, buflen, out);
+ BCM_sha256_init(&ctx);
+ BCM_sha256_update(&ctx, buf, buflen);
+ BCM_sha256_final(out, &ctx);
+ OPENSSL_cleanse(&ctx, sizeof(ctx));
break;
case SHA384_DIGEST_LENGTH:
SHA384(buf, buflen, out);