hwcrypto: Match API completely to mbedTLS naming conventions

components/esp32/hwcrypto/aes.c

@@ -1,7 +1,6 @@
-
-/*
- *  ESP32 hardware accelerated AES implementation
- *  based on mbedTLS FIPS-197 compliant version.
+/**
+ * \brief AES block cipher, ESP32 hardware accelerated version
+ * Based on mbedTLS FIPS-197 compliant version.
  *
  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
  *  Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
@@ -48,18 +47,18 @@ void esp_aes_release_hardware( void )
     _lock_release(&aes_lock);
 }
 
-void esp_aes_init( AES_CTX *ctx )
+void esp_aes_init( esp_aes_context *ctx )
 {
-    bzero( ctx, sizeof( AES_CTX ) );
+    bzero( ctx, sizeof( esp_aes_context ) );
 }
 
-void esp_aes_free( AES_CTX *ctx )
+void esp_aes_free( esp_aes_context *ctx )
 {
     if ( ctx == NULL ) {
         return;
     }
 
-    bzero( ctx, sizeof( AES_CTX ) );
+    bzero( ctx, sizeof( esp_aes_context ) );
 }
 
 /* Translate number of bits to an AES_BITS enum */
@@ -74,7 +73,7 @@ static int keybits_to_aesbits(unsigned int keybits)
     case 256:
         return AES256;
     default:
-        return ( ERR_AES_INVALID_KEY_LENGTH );
+        return ( ERR_ESP_AES_INVALID_KEY_LENGTH );
     }
 }
 
@@ -82,7 +81,7 @@ static int keybits_to_aesbits(unsigned int keybits)
  * AES key schedule (encryption)
  *
  */
-int esp_aes_setkey_enc( AES_CTX *ctx, const unsigned char *key,
+int esp_aes_setkey_enc( esp_aes_context *ctx, const unsigned char *key,
                         unsigned int keybits )
 {
     uint16_t keybytes = keybits / 8;
@@ -100,7 +99,7 @@ int esp_aes_setkey_enc( AES_CTX *ctx, const unsigned char *key,
  * AES key schedule (decryption)
  *
  */
-int esp_aes_setkey_dec( AES_CTX *ctx, const unsigned char *key,
+int esp_aes_setkey_dec( esp_aes_context *ctx, const unsigned char *key,
                         unsigned int keybits )
 {
     uint16_t keybytes = keybits / 8;
@@ -120,12 +119,12 @@ int esp_aes_setkey_dec( AES_CTX *ctx, const unsigned char *key,
  * Optimisation to prevent overhead of locking each time when
  * encrypting many blocks in sequence.
  */
-static int esp_aes_crypt_ecb_inner( AES_CTX *ctx,
+static int esp_aes_crypt_ecb_inner( esp_aes_context *ctx,
                        int mode,
                        const unsigned char input[16],
                        unsigned char output[16] )
 {
-    if ( mode == AES_ENCRYPT ) {
+    if ( mode == ESP_AES_ENCRYPT ) {
         ets_aes_setkey_enc(ctx->enc.key, ctx->enc.aesbits);
         ets_aes_crypt(input, output);
     } else {
@@ -139,12 +138,12 @@ static int esp_aes_crypt_ecb_inner( AES_CTX *ctx,
 /*
  * AES-ECB block encryption
  */
-void esp_aes_encrypt( AES_CTX *ctx,
+void esp_aes_encrypt( esp_aes_context *ctx,
                       const unsigned char input[16],
                       unsigned char output[16] )
 {
     esp_aes_acquire_hardware();
-    esp_aes_crypt_ecb_inner(ctx, AES_ENCRYPT, input, output);
+    esp_aes_crypt_ecb_inner(ctx, ESP_AES_ENCRYPT, input, output);
     esp_aes_release_hardware();
 }
 
@@ -152,12 +151,12 @@ void esp_aes_encrypt( AES_CTX *ctx,
  * AES-ECB block decryption
  */
 
-void esp_aes_decrypt( AES_CTX *ctx,
+void esp_aes_decrypt( esp_aes_context *ctx,
                       const unsigned char input[16],
                       unsigned char output[16] )
 {
     esp_aes_acquire_hardware();
-    esp_aes_crypt_ecb_inner(ctx, AES_DECRYPT, input, output);
+    esp_aes_crypt_ecb_inner(ctx, ESP_AES_DECRYPT, input, output);
     esp_aes_release_hardware();
 }
 
@@ -165,7 +164,7 @@ void esp_aes_decrypt( AES_CTX *ctx,
 /*
  * AES-ECB block encryption/decryption
  */
-int esp_aes_crypt_ecb( AES_CTX *ctx,
+int esp_aes_crypt_ecb( esp_aes_context *ctx,
                        int mode,
                        const unsigned char input[16],
                        unsigned char output[16] )
@@ -180,7 +179,7 @@ int esp_aes_crypt_ecb( AES_CTX *ctx,
 /*
  * AES-CBC buffer encryption/decryption
  */
-int esp_aes_crypt_cbc( AES_CTX *ctx,
+int esp_aes_crypt_cbc( esp_aes_context *ctx,
                        int mode,
                        size_t length,
                        unsigned char iv[16],
@@ -191,12 +190,12 @@ int esp_aes_crypt_cbc( AES_CTX *ctx,
     unsigned char temp[16];
 
     if ( length % 16 ) {
-        return ( ERR_AES_INVALID_INPUT_LENGTH );
+        return ( ERR_ESP_AES_INVALID_INPUT_LENGTH );
     }
 
     esp_aes_acquire_hardware();
 
-    if ( mode == AES_DECRYPT ) {
+    if ( mode == ESP_AES_DECRYPT ) {
         while ( length > 0 ) {
             memcpy( temp, input, 16 );
             esp_aes_crypt_ecb_inner( ctx, mode, input, output );
@@ -234,7 +233,7 @@ int esp_aes_crypt_cbc( AES_CTX *ctx,
 /*
  * AES-CFB128 buffer encryption/decryption
  */
-int esp_aes_crypt_cfb128( AES_CTX *ctx,
+int esp_aes_crypt_cfb128( esp_aes_context *ctx,
                           int mode,
                           size_t length,
                           size_t *iv_off,
@@ -247,10 +246,10 @@ int esp_aes_crypt_cfb128( AES_CTX *ctx,
 
     esp_aes_acquire_hardware();
 
-    if ( mode == AES_DECRYPT ) {
+    if ( mode == ESP_AES_DECRYPT ) {
         while ( length-- ) {
             if ( n == 0 ) {
-                esp_aes_crypt_ecb_inner( ctx, AES_ENCRYPT, iv, iv );
+                esp_aes_crypt_ecb_inner( ctx, ESP_AES_ENCRYPT, iv, iv );
             }
 
             c = *input++;
@@ -262,7 +261,7 @@ int esp_aes_crypt_cfb128( AES_CTX *ctx,
     } else {
         while ( length-- ) {
             if ( n == 0 ) {
-                esp_aes_crypt_ecb_inner( ctx, AES_ENCRYPT, iv, iv );
+                esp_aes_crypt_ecb_inner( ctx, ESP_AES_ENCRYPT, iv, iv );
             }
 
             iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
@@ -281,7 +280,7 @@ int esp_aes_crypt_cfb128( AES_CTX *ctx,
 /*
  * AES-CFB8 buffer encryption/decryption
  */
-int esp_aes_crypt_cfb8( AES_CTX *ctx,
+int esp_aes_crypt_cfb8( esp_aes_context *ctx,
                         int mode,
                         size_t length,
                         unsigned char iv[16],
@@ -295,15 +294,15 @@ int esp_aes_crypt_cfb8( AES_CTX *ctx,
 
     while ( length-- ) {
         memcpy( ov, iv, 16 );
-        esp_aes_crypt_ecb_inner( ctx, AES_ENCRYPT, iv, iv );
+        esp_aes_crypt_ecb_inner( ctx, ESP_AES_ENCRYPT, iv, iv );
 
-        if ( mode == AES_DECRYPT ) {
+        if ( mode == ESP_AES_DECRYPT ) {
             ov[16] = *input;
         }
 
         c = *output++ = (unsigned char)( iv[0] ^ *input++ );
 
-        if ( mode == AES_ENCRYPT ) {
+        if ( mode == ESP_AES_ENCRYPT ) {
             ov[16] = c;
         }
 
@@ -318,7 +317,7 @@ int esp_aes_crypt_cfb8( AES_CTX *ctx,
 /*
  * AES-CTR buffer encryption/decryption
  */
-int esp_aes_crypt_ctr( AES_CTX *ctx,
+int esp_aes_crypt_ctr( esp_aes_context *ctx,
                        size_t length,
                        size_t *nc_off,
                        unsigned char nonce_counter[16],
@@ -333,7 +332,7 @@ int esp_aes_crypt_ctr( AES_CTX *ctx,
 
     while ( length-- ) {
         if ( n == 0 ) {
-            esp_aes_crypt_ecb_inner( ctx, AES_ENCRYPT, nonce_counter, stream_block );
+            esp_aes_crypt_ecb_inner( ctx, ESP_AES_ENCRYPT, nonce_counter, stream_block );
 
             for ( i = 16; i > 0; i-- )
                 if ( ++nonce_counter[i - 1] != 0 ) {

components/esp32/hwcrypto/bignum.c

@@ -1,4 +1,7 @@
-/*
+/**
+ * \brief  Multi-precision integer library, ESP32 hardware accelerated version
+ * Based on mbedTLS version.
+ *
  *  ESP32 hardware accelerated multi-precision integer functions
  *  based on mbedTLS implementation
  *

components/esp32/hwcrypto/sha.c

@@ -50,21 +50,21 @@ void esp_sha_release_hardware( void )
     _lock_release(&sha_lock);
 }
 
-void esp_sha1_init( SHA1_CTX *ctx )
+void esp_sha1_init( esp_sha_context *ctx )
 {
-    bzero( ctx, sizeof( SHA1_CTX ) );
+    bzero( ctx, sizeof( esp_sha_context ) );
 }
 
-void esp_sha1_free( SHA1_CTX *ctx )
+void esp_sha1_free( esp_sha_context *ctx )
 {
     if ( ctx == NULL ) {
         return;
     }
 
-    bzero( ctx, sizeof( SHA1_CTX ) );
+    bzero( ctx, sizeof( esp_sha_context ) );
 }
 
-void esp_sha1_clone( SHA1_CTX *dst, const SHA1_CTX *src )
+void esp_sha1_clone( esp_sha_context *dst, const esp_sha_context *src )
 {
     *dst = *src;
 }
@@ -72,7 +72,7 @@ void esp_sha1_clone( SHA1_CTX *dst, const SHA1_CTX *src )
 /*
  * SHA-1 context setup
  */
-void esp_sha1_start( SHA1_CTX *ctx )
+void esp_sha1_start( esp_sha_context *ctx )
 {
     esp_sha_acquire_hardware();
     ctx->context_type = SHA1;
@@ -81,7 +81,7 @@ void esp_sha1_start( SHA1_CTX *ctx )
 /*
  * SHA-1 process buffer
  */
-void esp_sha1_update( SHA1_CTX *ctx, const unsigned char *input, size_t ilen )
+void esp_sha1_update( esp_sha_context *ctx, const unsigned char *input, size_t ilen )
 {
     ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
 }
@@ -89,18 +89,16 @@ void esp_sha1_update( SHA1_CTX *ctx, const unsigned char *input, size_t ilen )
 /*
  * SHA-1 final digest
  */
-void esp_sha1_finish( SHA1_CTX *ctx, unsigned char output[20] )
+void esp_sha1_finish( esp_sha_context *ctx, unsigned char output[20] )
 {
     ets_sha_finish(&ctx->context, ctx->context_type, output);
     esp_sha_release_hardware();
 }
 
-/*
- * output = SHA-1( input buffer )
- */
-void esp_sha1_output( const unsigned char *input, size_t ilen, unsigned char output[20] )
+/* Full SHA-1 calculation */
+void esp_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
 {
-    SHA1_CTX ctx;
+    esp_sha_context ctx;
 
     esp_sha1_init( &ctx );
     esp_sha1_start( &ctx );
@@ -109,21 +107,21 @@ void esp_sha1_output( const unsigned char *input, size_t ilen, unsigned char out
     esp_sha1_free( &ctx );
 }
 
-void esp_sha256_init( SHA256_CTX *ctx )
+void esp_sha256_init( esp_sha_context *ctx )
 {
-    bzero( ctx, sizeof( SHA256_CTX ) );
+    bzero( ctx, sizeof( esp_sha_context ) );
 }
 
-void esp_sha256_free( SHA256_CTX *ctx )
+void esp_sha256_free( esp_sha_context *ctx )
 {
     if ( ctx == NULL ) {
         return;
     }
 
-    bzero( ctx, sizeof( SHA256_CTX ) );
+    bzero( ctx, sizeof( esp_sha_context ) );
 }
 
-void esp_sha256_clone( SHA256_CTX *dst, const SHA256_CTX *src )
+void esp_sha256_clone( esp_sha_context *dst, const esp_sha_context *src )
 {
     *dst = *src;
 }
@@ -131,7 +129,7 @@ void esp_sha256_clone( SHA256_CTX *dst, const SHA256_CTX *src )
 /*
  * SHA-256 context setup
  */
-void esp_sha256_start( SHA256_CTX *ctx, int is224 )
+void esp_sha256_start( esp_sha_context *ctx, int is224 )
 {
     esp_sha_acquire_hardware();
     ets_sha_init(&ctx->context);
@@ -148,7 +146,7 @@ void esp_sha256_start( SHA256_CTX *ctx, int is224 )
 /*
  * SHA-256 process buffer
  */
-void esp_sha256_update( SHA256_CTX *ctx, const unsigned char *input, size_t ilen )
+void esp_sha256_update( esp_sha_context *ctx, const unsigned char *input, size_t ilen )
 {
     ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
 }
@@ -156,7 +154,7 @@ void esp_sha256_update( SHA256_CTX *ctx, const unsigned char *input, size_t ilen
 /*
  * SHA-256 final digest
  */
-void esp_sha256_finish( SHA256_CTX *ctx, unsigned char output[32] )
+void esp_sha256_finish( esp_sha_context *ctx, unsigned char output[32] )
 {
     if ( ctx->context_type == SHA2_256 ) {
         ets_sha_finish(&ctx->context, ctx->context_type, output);
@@ -169,11 +167,11 @@ void esp_sha256_finish( SHA256_CTX *ctx, unsigned char output[32] )
 }
 
 /*
- * output = SHA-256( input buffer )
+ * Full SHA-256 calculation
  */
-void esp_sha256_output( const unsigned char *input, size_t ilen, unsigned char output[32], int is224 )
+void esp_sha256( const unsigned char *input, size_t ilen, unsigned char output[32], int is224 )
 {
-    SHA256_CTX ctx;
+    esp_sha_context ctx;
 
     esp_sha256_init( &ctx );
     esp_sha256_start( &ctx, is224 );
@@ -184,21 +182,21 @@ void esp_sha256_output( const unsigned char *input, size_t ilen, unsigned char o
 
 
 /////
-void esp_sha512_init( SHA512_CTX *ctx )
+void esp_sha512_init( esp_sha_context *ctx )
 {
-    memset( ctx, 0, sizeof( SHA512_CTX ) );
+    memset( ctx, 0, sizeof( esp_sha_context ) );
 }
 
-void esp_sha512_free( SHA512_CTX *ctx )
+void esp_sha512_free( esp_sha_context *ctx )
 {
     if ( ctx == NULL ) {
         return;
     }
 
-    bzero( ctx, sizeof( SHA512_CTX ) );
+    bzero( ctx, sizeof( esp_sha_context ) );
 }
 
-void esp_sha512_clone( SHA512_CTX *dst, const SHA512_CTX *src )
+void esp_sha512_clone( esp_sha_context *dst, const esp_sha_context *src )
 {
     *dst = *src;
 }
@@ -206,7 +204,7 @@ void esp_sha512_clone( SHA512_CTX *dst, const SHA512_CTX *src )
 /*
  * SHA-512 context setup
  */
-void esp_sha512_start( SHA512_CTX *ctx, int is384 )
+void esp_sha512_start( esp_sha_context *ctx, int is384 )
 {
     esp_sha_acquire_hardware();
     ets_sha_init(&ctx->context);
@@ -223,7 +221,7 @@ void esp_sha512_start( SHA512_CTX *ctx, int is384 )
 /*
  * SHA-512 process buffer
  */
-void esp_sha512_update( SHA512_CTX *ctx, const unsigned char *input, size_t ilen )
+void esp_sha512_update( esp_sha_context *ctx, const unsigned char *input, size_t ilen )
 {
     ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
 }
@@ -231,18 +229,18 @@ void esp_sha512_update( SHA512_CTX *ctx, const unsigned char *input, size_t ilen
 /*
  * SHA-512 final digest
  */
-void esp_sha512_finish( SHA512_CTX *ctx, unsigned char output[64] )
+void esp_sha512_finish( esp_sha_context *ctx, unsigned char output[64] )
 {
     ets_sha_finish(&ctx->context, ctx->context_type, output);
     esp_sha_release_hardware();
 }
 
 /*
- * output = SHA-512( input buffer )
+ * Full SHA-512 calculation
  */
-void esp_sha512_output( const unsigned char *input, size_t ilen, unsigned char output[64], int is384 )
+void esp_sha512( const unsigned char *input, size_t ilen, unsigned char output[64], int is384 )
 {
-    SHA512_CTX ctx;
+    esp_sha_context ctx;
 
     esp_sha512_init( &ctx );
     esp_sha512_start( &ctx, is384 );

components/esp32/include/hwcrypto/aes.h

@@ -1,8 +1,6 @@
 /**
- * \file esp_aes.h
- *
  * \brief AES block cipher, ESP32 hardware accelerated version
- * Based on mbedTLS version.
+ * Based on mbedTLS FIPS-197 compliant version.
  *
  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
  *  Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
@@ -34,11 +32,11 @@ extern "C" {
 #endif
 
 /* padlock.c and aesni.c rely on these values! */
-#define AES_ENCRYPT     1
-#define AES_DECRYPT     0
+#define ESP_AES_ENCRYPT     1
+#define ESP_AES_DECRYPT     0
 
-#define ERR_AES_INVALID_KEY_LENGTH                -0x0020  /**< Invalid key length. */
-#define ERR_AES_INVALID_INPUT_LENGTH              -0x0022  /**< Invalid data input length. */
+#define ERR_ESP_AES_INVALID_KEY_LENGTH                -0x0020  /**< Invalid key length. */
+#define ERR_ESP_AES_INVALID_INPUT_LENGTH              -0x0022  /**< Invalid data input length. */
 
 typedef struct {
     enum AES_BITS aesbits;
@@ -58,7 +56,7 @@ typedef struct {
     uint32_t *rk;               /*!<  AES round keys    */
     KEY_CTX enc;
     KEY_CTX dec;
-} aes_context, AES_CTX;
+} esp_aes_context;
 
 /**
  * \brief Lock access to AES hardware unit
@@ -86,14 +84,14 @@ void esp_aes_release_hardware( void );
  *
  * \param ctx      AES context to be initialized
  */
-void esp_aes_init( AES_CTX *ctx );
+void esp_aes_init( esp_aes_context *ctx );
 
 /**
  * \brief          Clear AES context
  *
  * \param ctx      AES context to be cleared
  */
-void esp_aes_free( AES_CTX *ctx );
+void esp_aes_free( esp_aes_context *ctx );
 
 /**
  * \brief          AES key schedule (encryption)
@@ -104,7 +102,7 @@ void esp_aes_free( AES_CTX *ctx );
  *
  * \return         0 if successful, or ERR_AES_INVALID_KEY_LENGTH
  */
-int esp_aes_setkey_enc( AES_CTX *ctx, const unsigned char *key, unsigned int keybits );
+int esp_aes_setkey_enc( esp_aes_context *ctx, const unsigned char *key, unsigned int keybits );
 
 /**
  * \brief          AES key schedule (decryption)
@@ -115,7 +113,7 @@ int esp_aes_setkey_enc( AES_CTX *ctx, const unsigned char *key, unsigned int key
  *
  * \return         0 if successful, or ERR_AES_INVALID_KEY_LENGTH
  */
-int esp_aes_setkey_dec( AES_CTX *ctx, const unsigned char *key, unsigned int keybits );
+int esp_aes_setkey_dec( esp_aes_context *ctx, const unsigned char *key, unsigned int keybits );
 
 /**
  * \brief          AES-ECB block encryption/decryption
@@ -127,7 +125,7 @@ int esp_aes_setkey_dec( AES_CTX *ctx, const unsigned char *key, unsigned int key
  *
  * \return         0 if successful
  */
-int esp_aes_crypt_ecb( AES_CTX *ctx, int mode, const unsigned char input[16], unsigned char output[16] );
+int esp_aes_crypt_ecb( esp_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] );
 
 /**
  * \brief          AES-CBC buffer encryption/decryption
@@ -151,7 +149,7 @@ int esp_aes_crypt_ecb( AES_CTX *ctx, int mode, const unsigned char input[16], un
  *
  * \return         0 if successful, or ERR_AES_INVALID_INPUT_LENGTH
  */
-int esp_aes_crypt_cbc( AES_CTX *ctx,
+int esp_aes_crypt_cbc( esp_aes_context *ctx,
                        int mode,
                        size_t length,
                        unsigned char iv[16],
@@ -184,7 +182,7 @@ int esp_aes_crypt_cbc( AES_CTX *ctx,
  *
  * \return         0 if successful
  */
-int esp_aes_crypt_cfb128( AES_CTX *ctx,
+int esp_aes_crypt_cfb128( esp_aes_context *ctx,
                           int mode,
                           size_t length,
                           size_t *iv_off,
@@ -216,7 +214,7 @@ int esp_aes_crypt_cfb128( AES_CTX *ctx,
  *
  * \return         0 if successful
  */
-int esp_aes_crypt_cfb8( AES_CTX *ctx,
+int esp_aes_crypt_cfb8( esp_aes_context *ctx,
                         int mode,
                         size_t length,
                         unsigned char iv[16],
@@ -245,7 +243,7 @@ int esp_aes_crypt_cfb8( AES_CTX *ctx,
  *
  * \return         0 if successful
  */
-int esp_aes_crypt_ctr( AES_CTX *ctx,
+int esp_aes_crypt_ctr( esp_aes_context *ctx,
                        size_t length,
                        size_t *nc_off,
                        unsigned char nonce_counter[16],
@@ -263,7 +261,7 @@ int esp_aes_crypt_ctr( AES_CTX *ctx,
  * \param input     Plaintext block
  * \param output    Output (ciphertext) block
  */
-void esp_aes_encrypt( AES_CTX *ctx, const unsigned char input[16], unsigned char output[16] );
+void esp_aes_encrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] );
 
 /**
  * \brief           Internal AES block decryption function
@@ -274,7 +272,7 @@ void esp_aes_encrypt( AES_CTX *ctx, const unsigned char input[16], unsigned char
  * \param input     Ciphertext block
  * \param output    Output (plaintext) block
  */
-void esp_aes_decrypt( AES_CTX *ctx, const unsigned char input[16], unsigned char output[16] );
+void esp_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] );
 
 #ifdef __cplusplus
 }

components/esp32/include/hwcrypto/sha.h

@@ -1,16 +1,24 @@
-// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
+/*
+ *  ESP32 hardware accelerated SHA1/256/512 implementation
+ *  based on mbedTLS FIPS-197 compliant version.
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
 
 #ifndef _ESP_SHA_H_
 #define _ESP_SHA_H_
@@ -27,11 +35,10 @@ extern "C" {
  * \brief          SHA-1 context structure
  */
 typedef struct {
+    /* both types defined in rom/sha.h */
     SHA_CTX context;
-    enum SHA_TYPE context_type; /* defined in rom/sha.h */
-} sha_context;
-
-typedef sha_context SHA1_CTX;
+    enum SHA_TYPE context_type;
+} esp_sha_context;
 
 /**
  * \brief Lock access to SHA hardware unit
@@ -59,14 +66,14 @@ void esp_sha_release_hardware( void );
  *
  * \param ctx      SHA-1 context to be initialized
  */
-void esp_sha1_init( SHA1_CTX *ctx );
+void esp_sha1_init( esp_sha_context *ctx );
 
 /**
  * \brief          Clear SHA-1 context
  *
  * \param ctx      SHA-1 context to be cleared
  */
-void esp_sha1_free( SHA1_CTX *ctx );
+void esp_sha1_free( esp_sha_context *ctx );
 
 /**
  * \brief          Clone (the state of) a SHA-1 context
@@ -74,14 +81,14 @@ void esp_sha1_free( SHA1_CTX *ctx );
  * \param dst      The destination context
  * \param src      The context to be cloned
  */
-void esp_sha1_clone( SHA1_CTX *dst, const SHA1_CTX *src );
+void esp_sha1_clone( esp_sha_context *dst, const esp_sha_context *src );
 
 /**
  * \brief          SHA-1 context setup
  *
  * \param ctx      context to be initialized
  */
-void esp_sha1_start( SHA1_CTX *ctx );
+void esp_sha1_start( esp_sha_context *ctx );
 
 /**
  * \brief          SHA-1 process buffer
@@ -90,7 +97,7 @@ void esp_sha1_start( SHA1_CTX *ctx );
  * \param input    buffer holding the  data
  * \param ilen     length of the input data
  */
-void esp_sha1_update( SHA1_CTX *ctx, const unsigned char *input, size_t ilen );
+void esp_sha1_update( esp_sha_context *ctx, const unsigned char *input, size_t ilen );
 
 /**
  * \brief          SHA-1 final digest
@@ -98,36 +105,34 @@ void esp_sha1_update( SHA1_CTX *ctx, const unsigned char *input, size_t ilen );
  * \param ctx      SHA-1 context
  * \param output   SHA-1 checksum result
  */
-void esp_sha1_finish( SHA1_CTX *ctx, unsigned char output[20] );
+void esp_sha1_finish( esp_sha_context *ctx, unsigned char output[20] );
 
 /**
- * \brief          Output = SHA-1( input buffer )
+ * \brief          Calculate SHA-1 of input buffer
  *
- * \param input    buffer holding the  data
+ * \param input    buffer holding the data
  * \param ilen     length of the input data
  * \param output   SHA-1 checksum result
  */
-void esp_sha1_output( const unsigned char *input, size_t ilen, unsigned char output[20] );
+void esp_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] );
 
 /**
  * \brief          SHA-256 context structure
  */
 
-typedef sha_context SHA256_CTX;
-
 /**
  * \brief          Initialize SHA-256 context
  *
  * \param ctx      SHA-256 context to be initialized
  */
-void esp_sha256_init( SHA256_CTX *ctx );
+void esp_sha256_init( esp_sha_context *ctx );
 
 /**
  * \brief          Clear SHA-256 context
  *
  * \param ctx      SHA-256 context to be cleared
  */
-void esp_sha256_free( SHA256_CTX *ctx );
+void esp_sha256_free( esp_sha_context *ctx );
 
 /**
  * \brief          Clone (the state of) a SHA-256 context
@@ -135,7 +140,7 @@ void esp_sha256_free( SHA256_CTX *ctx );
  * \param dst      The destination context
  * \param src      The context to be cloned
  */
-void esp_sha256_clone( SHA256_CTX *dst, const SHA256_CTX *src );
+void esp_sha256_clone( esp_sha_context *dst, const esp_sha_context *src );
 
 /**
  * \brief          SHA-256 context setup
@@ -143,7 +148,7 @@ void esp_sha256_clone( SHA256_CTX *dst, const SHA256_CTX *src );
  * \param ctx      context to be initialized
  * \param is224    0 = use SHA256, 1 = use SHA224
  */
-void esp_sha256_start( SHA256_CTX *ctx, int is224 );
+void esp_sha256_start( esp_sha_context *ctx, int is224 );
 
 /**
  * \brief          SHA-256 process buffer
@@ -152,7 +157,7 @@ void esp_sha256_start( SHA256_CTX *ctx, int is224 );
  * \param input    buffer holding the  data
  * \param ilen     length of the input data
  */
-void esp_sha256_update( SHA256_CTX *ctx, const unsigned char *input, size_t ilen );
+void esp_sha256_update( esp_sha_context *ctx, const unsigned char *input, size_t ilen );
 
 /**
  * \brief          SHA-256 final digest
@@ -160,17 +165,17 @@ void esp_sha256_update( SHA256_CTX *ctx, const unsigned char *input, size_t ilen
  * \param ctx      SHA-256 context
  * \param output   SHA-224/256 checksum result
  */
-void esp_sha256_finish( SHA256_CTX *ctx, unsigned char output[32] );
+void esp_sha256_finish( esp_sha_context *ctx, unsigned char output[32] );
 
 /**
- * \brief          Output = SHA-256( input buffer )
+ * \brief          Calculate SHA-256 of input buffer
  *
- * \param input    buffer holding the  data
+ * \param input    buffer holding the data
  * \param ilen     length of the input data
  * \param output   SHA-224/256 checksum result
  * \param is224    0 = use SHA256, 1 = use SHA224
  */
-void esp_sha256_output( const unsigned char *input, size_t ilen, unsigned char output[32], int is224 );
+void esp_sha256( const unsigned char *input, size_t ilen, unsigned char output[32], int is224 );
 
 //
 
@@ -178,21 +183,19 @@ void esp_sha256_output( const unsigned char *input, size_t ilen, unsigned char o
  * \brief          SHA-512 context structure
  */
 
-typedef sha_context SHA512_CTX;
-
 /**
  * \brief          Initialize SHA-512 context
  *
  * \param ctx      SHA-512 context to be initialized
  */
-void esp_sha512_init( SHA512_CTX *ctx );
+void esp_sha512_init( esp_sha_context *ctx );
 
 /**
  * \brief          Clear SHA-512 context
  *
  * \param ctx      SHA-512 context to be cleared
  */
-void esp_sha512_free( SHA512_CTX *ctx );
+void esp_sha512_free( esp_sha_context *ctx );
 
 /**
  * \brief          Clone (the state of) a SHA-512 context
@@ -200,7 +203,7 @@ void esp_sha512_free( SHA512_CTX *ctx );
  * \param dst      The destination context
  * \param src      The context to be cloned
  */
-void esp_sha512_clone( SHA512_CTX *dst, const SHA512_CTX *src );
+void esp_sha512_clone( esp_sha_context *dst, const esp_sha_context *src );
 
 /**
  * \brief          SHA-512 context setup
@@ -208,7 +211,7 @@ void esp_sha512_clone( SHA512_CTX *dst, const SHA512_CTX *src );
  * \param ctx      context to be initialized
  * \param is384    0 = use SHA512, 1 = use SHA384
  */
-void esp_sha512_start( SHA512_CTX *ctx, int is384 );
+void esp_sha512_start( esp_sha_context *ctx, int is384 );
 
 /**
  * \brief          SHA-512 process buffer
@@ -217,7 +220,7 @@ void esp_sha512_start( SHA512_CTX *ctx, int is384 );
  * \param input    buffer holding the  data
  * \param ilen     length of the input data
  */
-void esp_sha512_update( SHA512_CTX *ctx, const unsigned char *input, size_t ilen );
+void esp_sha512_update( esp_sha_context *ctx, const unsigned char *input, size_t ilen );
 
 /**
  * \brief          SHA-512 final digest
@@ -225,17 +228,17 @@ void esp_sha512_update( SHA512_CTX *ctx, const unsigned char *input, size_t ilen
  * \param ctx      SHA-512 context
  * \param output   SHA-384/512 checksum result
  */
-void esp_sha512_finish( SHA512_CTX *ctx, unsigned char output[64] );
+void esp_sha512_finish( esp_sha_context *ctx, unsigned char output[64] );
 
 /**
- * \brief          Output = SHA-512( input buffer )
+ * \brief          Calculate SHA-512 of input buffer.
  *
- * \param input    buffer holding the  data
+ * \param input    buffer holding the data
  * \param ilen     length of the input data
  * \param output   SHA-384/512 checksum result
  * \param is384    0 = use SHA512, 1 = use SHA384
  */
-void esp_sha512_output( const unsigned char *input, size_t ilen, unsigned char output[64], int is384 );
+void esp_sha512( const unsigned char *input, size_t ilen, unsigned char output[64], int is384 );
 
 //