diff --git a/ChangeLog b/ChangeLog
index cfa3b86e338c887b12ea79d96d2304e01db63bad..128f89838c35be79bbaf99931f95cf27cfe27480 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,12 @@
2014-03-20 Niels Möller <nisse@lysator.liu.se>
From Joachim Strömbergson:
- * sha512.c (K): Indentation fix.
+ * sha512.c (K): Indentation fix.
+ (sha512_224_init, sha512_224_digest, sha512_256_init)
+ (sha512_256_digest): New functions.
+ * sha2.h: Add prototypes.
+ (sha512_224_update, sha512_256_update): New aliases for
+ sha512_update.
2014-03-18 Niels Möller <nisse@lysator.liu.se>
diff --git a/sha2.h b/sha2.h
index f095dad10135e86286bde6cf53af0c652c74621c..3fa2d754e33de75d0f0e969f7b9887a49405f256 100644
--- a/sha2.h
+++ b/sha2.h
@@ -43,6 +43,10 @@ extern "C" {
#define sha512_init nettle_sha512_init
#define sha512_update nettle_sha512_update
#define sha512_digest nettle_sha512_digest
+#define sha512_224_init nettle_sha512_224_init
+#define sha512_224_digest nettle_sha512_224_digest
+#define sha512_256_init nettle_sha512_256_init
+#define sha512_256_digest nettle_sha512_256_digest
/* SHA256 */
@@ -149,6 +153,29 @@ sha384_digest(struct sha512_ctx *ctx,
size_t length,
uint8_t *digest);
+
+/* SHA512_224 and SHA512_256, two truncated versions of SHA512
+ with different initial states. */
+void
+sha512_224_init(struct sha512_ctx *ctx);
+
+#define sha512_224_update nettle_sha512_update
+
+void
+sha512_224_digest(struct sha512_ctx *ctx,
+ size_t length,
+ uint8_t *digest);
+
+void
+sha512_256_init(struct sha512_ctx *ctx);
+
+#define sha512_256_update nettle_sha512_update
+
+void
+sha512_256_digest(struct sha512_ctx *ctx,
+ size_t length,
+ uint8_t *digest);
+
#ifdef __cplusplus
}
#endif
diff --git a/sha512.c b/sha512.c
index 177501c8407e73ac672bb4290ae7bc1c790c3875..24547e0d04af7a773ae114241a8a6d65f6867470 100644
--- a/sha512.c
+++ b/sha512.c
@@ -8,6 +8,7 @@
/* nettle, low-level cryptographics library
*
* Copyright (C) 2001, 2010 Niels Möller
+ * Copyright (C) 2014 Joachim Strömbergson
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
@@ -237,3 +238,69 @@ sha384_digest(struct sha512_ctx *ctx,
sha512_write_digest(ctx, length, digest);
sha384_init(ctx);
}
+
+
+/* sha-512/224 variant. */
+void
+sha512_224_init(struct sha512_ctx *ctx)
+{
+ static const uint64_t H0[_SHA512_DIGEST_LENGTH] =
+ {
+ 0x8c3d37c819544da2ULL, 0x73e1996689dcd4d6ULL,
+ 0x1dfab7ae32ff9c82ULL, 0x679dd514582f9fcfULL,
+ 0x0f6d2b697bd44da8ULL, 0x77e36f7304c48942ULL,
+ 0x3f9d85a86a1d36c8ULL, 0x1112e6ad91d692a1ULL,
+ };
+
+ memcpy(ctx->state, H0, sizeof(H0));
+
+ /* Initialize bit count */
+ ctx->count_low = ctx->count_high = 0;
+
+ /* Initialize buffer */
+ ctx->index = 0;
+}
+
+void
+sha512_224_digest(struct sha512_ctx *ctx,
+ size_t length,
+ uint8_t *digest)
+{
+ assert(length <= SHA224_DIGEST_SIZE);
+
+ sha512_write_digest(ctx, length, digest);
+ sha512_224_init(ctx);
+}
+
+
+/* sha-512/256 variant. */
+void
+sha512_256_init(struct sha512_ctx *ctx)
+{
+ static const uint64_t H0[_SHA512_DIGEST_LENGTH] =
+ {
+ 0x22312194fc2bf72cULL, 0x9f555fa3c84c64c2ULL,
+ 0x2393b86b6f53b151ULL, 0x963877195940eabdULL,
+ 0x96283ee2a88effe3ULL, 0xbe5e1e2553863992ULL,
+ 0x2b0199fc2c85b8aaULL, 0x0eb72ddc81c52ca2ULL,
+ };
+
+ memcpy(ctx->state, H0, sizeof(H0));
+
+ /* Initialize bit count */
+ ctx->count_low = ctx->count_high = 0;
+
+ /* Initialize buffer */
+ ctx->index = 0;
+}
+
+void
+sha512_256_digest(struct sha512_ctx *ctx,
+ size_t length,
+ uint8_t *digest)
+{
+ assert(length <= SHA256_DIGEST_SIZE);
+
+ sha512_write_digest(ctx, length, digest);
+ sha512_224_init(ctx);
+}