Merge pull request #4941 from gilles-peskine-arm/muladdc-amd64-memory-2.x
Backport 2.x: Fix x86_64 assembly for bignum multiplication
diff --git a/.github/issue_template.md b/.github/issue_template.md
index 18b87fc..370066f 100644
--- a/.github/issue_template.md
+++ b/.github/issue_template.md
@@ -1,7 +1,17 @@
-Note: This is just a template, so feel free to use/remove the unnecessary things
+_Note:_ this is a template, please remove the parts that are not
+applicable (these initial notes, and the "Bug" section for a Feature request
+and vice-versa).
+**Note:** to report a security vulnerability, see
+[SECURITY.md](../SECURITY.md). Please do not use github issues for
+vulnerabilities.
+
+_Note:_ to get support, see [SUPPORT.md](../SUPPORT.md). Please do not use
+github issues for questions.
+
+---------------------------------------------------------------
### Description
-- Type: Bug | Enhancement\Feature Request
+- Type: Bug | Enhancement / Feature Request
- Priority: Blocker | Major | Minor
---------------------------------------------------------------
@@ -28,14 +38,9 @@
**Steps to reproduce**
----------------------------------------------------------------
-## Enhancement\Feature Request
-
-**Justification - why does the library need this feature?**
+## Enhancement / Feature Request
**Suggested enhancement**
------------------------------------------------------------------
+**Justification - why does the library need this feature?**
-## Question
-
-**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb). If you can't find the answer you're looking for then please use the [Mbed TLS mailing list](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls)**
diff --git a/.gitignore b/.gitignore
index 39cdc4e..5a58609 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,6 +18,7 @@
Coverage
*.gcno
*.gcda
+coverage-summary.txt
# generated by scripts/memory.sh
massif-*
diff --git a/.mypy.ini b/.mypy.ini
new file mode 100644
index 0000000..6b831dd
--- /dev/null
+++ b/.mypy.ini
@@ -0,0 +1,4 @@
+[mypy]
+mypy_path = scripts
+namespace_packages = True
+warn_unused_configs = True
diff --git a/.pylintrc b/.pylintrc
index ad25a7c..d217ff6 100644
--- a/.pylintrc
+++ b/.pylintrc
@@ -1,3 +1,6 @@
+[MASTER]
+init-hook='import sys; sys.path.append("scripts")'
+
[BASIC]
# We're ok with short funtion argument names.
# [invalid-name]
@@ -12,9 +15,9 @@
# [missing-docstring]
docstring-min-length=10
-# Allow longer methods than the default.
+# No upper limit on method names. Pylint <2.1.0 has an upper limit of 30.
# [invalid-name]
-method-rgx=[a-z_][a-z0-9_]{2,35}$
+method-rgx=[a-z_][a-z0-9_]{2,}$
# Allow module names containing a dash (but no underscore or uppercase letter).
# They are whole programs, not meant to be included by another module.
diff --git a/.travis.yml b/.travis.yml
index 76cb1c5..56e1456 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -14,38 +14,25 @@
- graphviz
- gcc-arm-none-eabi
- libnewlib-arm-none-eabi
+ - gcc-arm-linux-gnueabi
+ - libc6-dev-armel-cross
language: python # Needed to get pip for Python 3
python: 3.5 # version from Ubuntu 16.04
install:
- - pip install pylint==2.4.4
+ - pip install mypy==0.780 pylint==2.4.4
script:
- tests/scripts/all.sh -k 'check_*'
- tests/scripts/all.sh -k test_default_out_of_box
- - tests/scripts/test-ref-configs.pl
- - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus
+ - tests/scripts/all.sh -k test_ref_configs
+ - tests/scripts/all.sh -k build_arm_linux_gnueabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus
- name: full configuration
script:
- tests/scripts/all.sh -k test_full_cmake_gcc_asan
- - name: macOS
- os: osx
- compiler: clang
- script:
- - tests/scripts/all.sh -k test_default_out_of_box
-
- name: Windows
os: windows
- before_install:
- - choco install python --version=3.5.4
- env:
- # Add the directory where the Choco package goes
- - PATH=/c/Python35:/c/Python35/Scripts:$PATH
script:
- - type python; python --version
- - python scripts/generate_psa_constants.py
- # Logs appear out of sequence on Windows. Give time to catch up.
- - sleep 5
- scripts/windows_msbuild.bat v141 # Visual Studio 2017
after_failure:
diff --git a/BRANCHES.md b/BRANCHES.md
new file mode 100644
index 0000000..d514418
--- /dev/null
+++ b/BRANCHES.md
@@ -0,0 +1,55 @@
+# Maintained branches
+
+At any point in time, we have a number of maintained branches consisting of:
+
+- The [`master`](https://github.com/ARMmbed/mbedtls/tree/master) branch:
+ this always contains the latest release, including all publicly available
+ security fixes.
+- The [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch:
+ this is where new features land,
+ as well as bug fixes and security fixes.
+- One or more long-time support (LTS) branches:
+ these only get bug fixes and security fixes.
+
+We use [Semantic Versioning](https://semver.org/). In particular, we maintain
+API compatibility in the `master` branch between major version changes. We
+also maintain ABI compatibility within LTS branches; see the next section for
+details.
+
+## Backwards Compatibility
+
+We maintain API compatibility in released versions of Mbed TLS. If you have
+code that's working and secure with Mbed TLS x.y.z and does not rely on
+undocumented features, then you should be able to re-compile it without
+modification with any later release x.y'.z' with the same major version
+number, and your code will still build, be secure, and work.
+
+There are rare exceptions: code that was relying on something that became
+insecure in the meantime (for example, crypto that was found to be weak) may
+need to be changed. In case security comes in conflict with backwards
+compatibility, we will put security first, but always attempt to provide a
+compatibility option.
+
+For the LTS branches, additionally we try very hard to also maintain ABI
+compatibility (same definition as API except with re-linking instead of
+re-compiling) and to avoid any increase in code size or RAM usage, or in the
+minimum version of tools needed to build the code. The only exception, as
+before, is in case those goals would conflict with fixing a security issue, we
+will put security first but provide a compatibility option. (So far we never
+had to break ABI compatibility in an LTS branch, but we occasionally had to
+increase code size for a security fix.)
+
+For contributors, see the [Backwards Compatibility section of
+CONTRIBUTING](CONTRIBUTING.md#cackwords-compatibility).
+
+## Current Branches
+
+The following branches are currently maintained:
+
+- [master](https://github.com/ARMmbed/mbedtls/tree/master)
+- [`development`](https://github.com/ARMmbed/mbedtls/)
+- [`mbedtls-2.16`](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16)
+ maintained until at least the end of 2021, see
+ <https://tls.mbed.org/tech-updates/blog/announcing-lts-branch-mbedtls-2.16>
+
+Users are urged to always use the latest version of a maintained branch.
diff --git a/BUGS.md b/BUGS.md
new file mode 100644
index 0000000..e8705ff
--- /dev/null
+++ b/BUGS.md
@@ -0,0 +1,20 @@
+## Known issues
+
+Known issues in Mbed TLS are [tracked on GitHub](https://github.com/ARMmbed/mbedtls/issues).
+
+## Reporting a bug
+
+If you think you've found a bug in Mbed TLS, please follow these steps:
+
+1. Make sure you're using the latest version of a
+ [maintained branch](BRANCHES.md): `master`, `development`,
+ or a long-time support branch.
+2. Check [GitHub](https://github.com/ARMmbed/mbedtls/issues) to see if
+ your issue has already been reported. If not, …
+3. If the issue is a security risk (for example: buffer overflow,
+ data leak), please report it confidentially as described in
+ [`SECURITY.md`](SECURITY.md). If not, …
+4. Please [create an issue on on GitHub](https://github.com/ARMmbed/mbedtls/issues).
+
+Please do not use GitHub for support questions. If you want to know
+how to do something with Mbed TLS, please see [`SUPPORT.md`](SUPPORT.md) for available documentation and support channels.
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ac24bf4..14ca7b6 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -21,6 +21,18 @@
#
cmake_minimum_required(VERSION 2.8.12)
+
+# https://cmake.org/cmake/help/latest/policy/CMP0011.html
+# Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD
+# policy setting is deprecated, and will be removed in future versions.
+cmake_policy(SET CMP0011 NEW)
+# https://cmake.org/cmake/help/latest/policy/CMP0012.html
+# Setting the CMP0012 policy to NEW is required for FindPython3 to work with CMake 3.18.2
+# (there is a bug in this particular version), otherwise, setting the CMP0012 policy is required
+# for CMake versions >= 3.18.3 otherwise a deprecated warning is generated. The OLD policy setting
+# is deprecated and will be removed in future versions.
+cmake_policy(SET CMP0012 NEW)
+
if(TEST_CPP)
project("mbed TLS" C CXX)
else()
@@ -167,6 +179,9 @@
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
OUTPUT_VARIABLE GCC_VERSION)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings")
+ if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat=2 -Wno-format-nonliteral")
+ endif()
if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wvla")
endif()
@@ -182,6 +197,9 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-signedness")
endif()
endif()
+ if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation")
+ endif()
set(CMAKE_C_FLAGS_RELEASE "-O2")
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
@@ -192,7 +210,7 @@
endif(CMAKE_COMPILER_IS_GNU)
if(CMAKE_COMPILER_IS_CLANG)
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral")
set(CMAKE_C_FLAGS_RELEASE "-O2")
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 9b02ba5..b3a9547 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -22,9 +22,10 @@
1. All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible.
1. Ensure that each commit has at least one `Signed-off-by:` line from the committer. If anyone else contributes to the commit, they should also add their own `Signed-off-by:` line. By adding this line, contributor(s) certify that the contribution is made under the terms of the [Developer Certificate of Origin](dco.txt). The contribution licensing is described in the [License section of the README](README.md#License).
-API/ABI Compatibility
----------------------
-The project aims to minimise the impact on users upgrading to newer versions of the library and it should not be necessary for a user to make any changes to their own code to work with a newer version of the library. Unless the user has made an active decision to use newer features, a newer generation of the library or a change has been necessary due to a security issue or other significant software defect, no modifications to their own code should be necessary. To achieve this, API compatibility is maintained between different versions of Mbed TLS on the main development branch and in LTS (Long Term Support) branches.
+Backwards Compatibility
+-----------------------
+
+The project aims to minimise the impact on users upgrading to newer versions of the library and it should not be necessary for a user to make any changes to their own code to work with a newer version of the library. Unless the user has made an active decision to use newer features, a newer generation of the library or a change has been necessary due to a security issue or other significant software defect, no modifications to their own code should be necessary. To achieve this, API compatibility is maintained between different versions of Mbed TLS on the main development branch and in LTS (Long Term Support) branches, as described in [BRANCHES.md](BRANCHES.md).
To minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change.
@@ -48,6 +49,9 @@
It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors.
+The list of maintained branches can be found in the [Current Branches section
+of BRANCHES.md](BRANCHES.md#current-branches).
+
Currently maintained LTS branches are:
1. [mbedtls-2.7](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.7)
1. [mbedtls-2.16](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16)
diff --git a/ChangeLog b/ChangeLog
index 594c3cf..89572ca 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,482 @@
mbed TLS ChangeLog (Sorted per branch, date)
+= mbed TLS 2.27.0 branch released 2021-07-07
+
+API changes
+ * Update AEAD output size macros to bring them in line with the PSA Crypto
+ API version 1.0 spec. This version of the spec parameterizes them on the
+ key type used, as well as the key bit-size in the case of
+ PSA_AEAD_TAG_LENGTH.
+ The old versions of these macros were renamed and deprecated as follows:
+ - PSA_AEAD_TAG_LENGTH -> PSA_AEAD_TAG_LENGTH_1_ARG
+ - PSA_AEAD_ENCRYPT_OUTPUT_SIZE -> PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG
+ - PSA_AEAD_DECRYPT_OUTPUT_SIZE -> PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG
+ - PSA_AEAD_UPDATE_OUTPUT_SIZE -> PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG
+ - PSA_AEAD_FINISH_OUTPUT_SIZE -> PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG
+ - PSA_AEAD_VERIFY_OUTPUT_SIZE -> PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG
+ * Implement one-shot cipher functions, psa_cipher_encrypt and
+ psa_cipher_decrypt, according to the PSA Crypto API 1.0.0
+ specification.
+
+Requirement changes
+ * The library now uses the %zu format specifier with the printf() family of
+ functions, so requires a toolchain that supports it. This change does not
+ affect the maintained LTS branches, so when contributing changes please
+ bear this in mind and do not add them to backported code.
+
+Features
+ * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a
+ signature with a specific salt length. This function allows to validate
+ test cases provided in the NIST's CAVP test suite. Contributed by Cédric
+ Meuter in PR #3183.
+ * Added support for built-in driver keys through the PSA opaque crypto
+ driver interface. Refer to the documentation of
+ MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for more information.
+ * Implement psa_sign_message() and psa_verify_message().
+ * The new function mbedtls_mpi_random() generates a random value in a
+ given range uniformly.
+ * Implement psa_mac_compute() and psa_mac_verify() as defined in the
+ PSA Cryptograpy API 1.0.0 specification.
+ * MBEDTLS_ECP_MAX_BITS is now determined automatically from the configured
+ curves and no longer needs to be configured explicitly to save RAM.
+
+Security
+ * Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
+ private keys and of blinding values for DHM and elliptic curves (ECP)
+ computations. Reported by FlorianF89 in #4245.
+ * Fix a potential side channel vulnerability in ECDSA ephemeral key generation.
+ An adversary who is capable of very precise timing measurements could
+ learn partial information about the leading bits of the nonce used for the
+ signature, allowing the recovery of the private key after observing a
+ large number of signature operations. This completes a partial fix in
+ Mbed TLS 2.20.0.
+ * It was possible to configure MBEDTLS_ECP_MAX_BITS to a value that is
+ too small, leading to buffer overflows in ECC operations. Fail the build
+ in such a case.
+ * An adversary with access to precise enough information about memory
+ accesses (typically, an untrusted operating system attacking a secure
+ enclave) could recover an RSA private key after observing the victim
+ performing a single private-key operation. Found and reported by
+ Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG.
+ * An adversary with access to precise enough timing information (typically, a
+ co-located process) could recover a Curve25519 or Curve448 static ECDH key
+ after inputting a chosen public key and observing the victim performing the
+ corresponding private-key operation. Found and reported by Leila Batina,
+ Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe.
+
+Bugfix
+ * Add printf function attributes to mbedtls_debug_print_msg to ensure we
+ get printf format specifier warnings.
+ * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may
+ lead to seed file corruption in the case where the path to the seed file is
+ equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor
+ Krasnoshchok in #3616.
+ * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE
+ rather than PSA_ERROR_DOES_NOT_EXIST for an invalid handle, bringing them
+ in line with version 1.0.0 of the specification. Fix #4162.
+ * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather
+ than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key
+ to create is not valid, bringing them in line with version 1.0.0 of the
+ specification. Fix #4271.
+ * Fix some cases in the bignum module where the library constructed an
+ unintended representation of the value 0 which was not processed
+ correctly by some bignum operations. This could happen when
+ mbedtls_mpi_read_string() was called on "-0", or when
+ mbedtls_mpi_mul_mpi() and mbedtls_mpi_mul_int() was called with one of
+ the arguments being negative and the other being 0. Fixes #4643.
+ * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits
+ zero. Fixes #1792
+ * Fix a compilation error when MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is
+ defined. Fixes #4217.
+ * Fix an incorrect error code when parsing a PKCS#8 private key.
+ * In a TLS client, enforce the Diffie-Hellman minimum parameter size
+ set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the
+ minimum size was rounded down to the nearest multiple of 8.
+ * In library/net_sockets.c, _POSIX_C_SOURCE and _XOPEN_SOURCE are
+ defined to specific values. If the code is used in a context
+ where these are already defined, this can result in a compilation
+ error. Instead, assume that if they are defined, the values will
+ be adequate to build Mbed TLS.
+ * The cipher suite TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 was not available
+ when SHA-1 was disabled and was offered when SHA-1 was enabled but SHA-384
+ was disabled. Fix the dependency. Fixes #4472.
+ * Do not offer SHA384 cipher suites when SHA-384 is disabled. Fixes #4499.
+ * With MBEDTLS_PSA_CRYPTO_C disabled, some functions were getting built
+ nonetheless, resulting in undefined reference errors when building a
+ shared library. Reported by Guillermo Garcia M. in #4411.
+ * Fix test suite code on platforms where int32_t is not int, such as
+ Arm Cortex-M. Fixes #4530.
+ * Fix some issues affecting MBEDTLS_ARIA_ALT implementations: a misplaced
+ directive in a header and a missing initialization in the self-test.
+ * Fix a missing initialization in the Camellia self-test, affecting
+ MBEDTLS_CAMELLIA_ALT implementations.
+ * Restore the ability to configure PSA via Mbed TLS options to support RSA
+ key pair operations but exclude RSA key generation. When MBEDTLS_GENPRIME
+ is not defined PSA will no longer attempt to use mbedtls_rsa_gen_key().
+ Fixes #4512.
+ * Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites
+ (when the encrypt-then-MAC extension is not in use) with some ALT
+ implementations of the underlying hash (SHA-1, SHA-256, SHA-384), causing
+ the affected side to wrongly reject valid messages. Fixes #4118.
+ * Remove outdated check-config.h check that prevented implementing the
+ timing module on Mbed OS. Fixes #4633.
+ * Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
+ about missing inputs.
+ * Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with
+ MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465.
+ * Fix a resource leak in a test suite with an alternative AES
+ implementation. Fixes #4176.
+ * Fix a crash in mbedtls_mpi_debug_mpi on a bignum having 0 limbs. This
+ could notably be triggered by setting the TLS debug level to 3 or above
+ and using a Montgomery curve for the key exchange. Reported by lhuang04
+ in #4578. Fixes #4608.
+ * psa_verify_hash() was relying on implementation-specific behavior of
+ mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT
+ implementations. This reliance is now removed. Fixes #3990.
+ * Disallow inputs of length different from the corresponding hash when
+ signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates
+ that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.)
+ * Fix a null pointer dereference when mbedtls_mpi_exp_mod() was called with
+ A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug
+ could not be triggered by code that constructed A with one of the
+ mbedtls_mpi_read_xxx functions (including in particular TLS code) since
+ those always built an mpi object with at least one limb.
+ Credit to OSS-Fuzz. Fixes #4641.
+ * Fix mbedtls_mpi_gcd(G,A,B) when the value of B is zero. This had no
+ effect on Mbed TLS's internal use of mbedtls_mpi_gcd(), but may affect
+ applications that call mbedtls_mpi_gcd() directly. Fixes #4642.
+ * The PSA API no longer allows the creation or destruction of keys with a
+ read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY
+ can now only be used as intended, for keys that cannot be modified through
+ normal use of the API.
+ * When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included
+ in all the right places. Include it from crypto_platform.h, which is
+ the natural place. Fixes #4649.
+ * mbedtls_pk_sign() and mbedtls_pk_verify() and their extended and
+ restartable variants now always honor the specified hash length if
+ nonzero. Before, for RSA, hash_len was ignored in favor of the length of
+ the specified hash algorithm.
+ * Fix which alert is sent in some cases to conform to the
+ applicable RFC: on an invalid Finished message value, an
+ invalid max_fragment_length extension, or an
+ unsupported extension used by the server.
+ * Correct (change from 12 to 13 bytes) the value of the macro describing the
+ maximum nonce length returned by psa_aead_generate_nonce().
+
+Changes
+ * Add extra printf compiler warning flags to builds.
+ * Fix memsan build false positive in x509_crt.c with Clang 11
+ * Fix the setting of the read timeout in the DTLS sample programs.
+ * Remove the AES sample application programs/aes/aescrypt2 which shows
+ bad cryptographic practice. Fix #1906.
+ * Alternative implementations of CMAC may now opt to not support 3DES as a
+ CMAC block cipher, and still pass the CMAC self test.
+ * Remove configs/config-psa-crypto.h, which was identical to the default
+ configuration except for having some extra cryptographic mechanisms
+ enabled and for unintended differences. This configuration was primarily
+ intended to demonstrate the PSA API, and lost most of its usefulness when
+ MBEDTLS_PSA_CRYPTO_C became enabled by default.
+ * When building the test suites with GNU make, invoke python3 or python, not
+ python2, which is no longer supported upstream.
+ * When using session cache based session resumption on the server,
+ double-check that custom session cache implementations return
+ sessions which are consistent with the negotiated ciphersuite
+ and compression method.
+ * Fix build failure on MinGW toolchain when __USE_MING_ANSI_STDIO is on.
+ When that flag is on, standard GNU C printf format specifiers
+ should be used.
+ * Reduce the default value of MBEDTLS_ECP_WINDOW_SIZE. This reduces RAM usage
+ during ECC operations at a negligible performance cost.
+ * mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and
+ mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs
+ when their input has length 0. Note that this is an implementation detail
+ and can change at any time, so this change should be transparent, but it
+ may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string()
+ now writing an empty string where it previously wrote one or more
+ zero digits when operating from values constructed with an mpi_read
+ function and some mpi operations.
+ * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when
+ PSA_KEY_USAGE_SIGN_HASH flag is set and PSA_KEY_USAGE_VERIFY_MESSAGE flag
+ when PSA_KEY_USAGE_VERIFY_HASH flag is set. This usage flag extension
+ is also applied when loading a key from storage.
+
+= mbed TLS 2.26.0 branch released 2021-03-08
+
+API changes
+ * Renamed the PSA Crypto API output buffer size macros to bring them in line
+ with version 1.0.0 of the specification.
+ * The API glue function mbedtls_ecc_group_of_psa() now takes the curve size
+ in bits rather than bytes, with an additional flag to indicate if the
+ size may have been rounded up to a whole number of bytes.
+ * Renamed the PSA Crypto API AEAD tag length macros to bring them in line
+ with version 1.0.0 of the specification.
+
+Default behavior changes
+ * In mbedtls_rsa_context objects, the ver field was formerly documented
+ as always 0. It is now reserved for internal purposes and may take
+ different values.
+
+New deprecations
+ * PSA_KEY_EXPORT_MAX_SIZE, PSA_HASH_SIZE, PSA_MAC_FINAL_SIZE,
+ PSA_BLOCK_CIPHER_BLOCK_SIZE, PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE and
+ PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN have been renamed, and the old names
+ deprecated.
+ * PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH and PSA_ALG_AEAD_WITH_TAG_LENGTH
+ have been renamed, and the old names deprecated.
+
+Features
+ * The PSA crypto subsystem can now use HMAC_DRBG instead of CTR_DRBG.
+ CTR_DRBG is used by default if it is available, but you can override
+ this choice by setting MBEDTLS_PSA_HMAC_DRBG_MD_TYPE at compile time.
+ Fix #3354.
+ * Automatic fallback to a software implementation of ECP when
+ MBEDTLS_ECP_xxx_ALT accelerator hooks are in use can now be turned off
+ through setting the new configuration flag MBEDTLS_ECP_NO_FALLBACK.
+ * The PSA crypto subsystem can now be configured to use less static RAM by
+ tweaking the setting for the maximum amount of keys simultaneously in RAM.
+ MBEDTLS_PSA_KEY_SLOT_COUNT sets the maximum number of volatile keys that
+ can exist simultaneously. It has a sensible default if not overridden.
+ * Partial implementation of the PSA crypto driver interface: Mbed TLS can
+ now use an external random generator instead of the library's own
+ entropy collection and DRBG code. Enable MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+ and see the documentation of mbedtls_psa_external_get_random() for details.
+ * Applications using both mbedtls_xxx and psa_xxx functions (for example,
+ applications using TLS and MBEDTLS_USE_PSA_CRYPTO) can now use the PSA
+ random generator with mbedtls_xxx functions. See the documentation of
+ mbedtls_psa_get_random() for details.
+ * In the PSA API, the policy for a MAC or AEAD algorithm can specify a
+ minimum MAC or tag length thanks to the new wildcards
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC and
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG.
+
+Security
+ * Fix a security reduction in CTR_DRBG when the initial seeding obtained a
+ nonce from entropy. Applications were affected if they called
+ mbedtls_ctr_drbg_set_nonce_len(), if they called
+ mbedtls_ctr_drbg_set_entropy_len() with a size that was 3/2 times the key
+ length, or when the entropy module uses SHA-256 and CTR_DRBG uses AES-256.
+ In such cases, a random nonce was necessary to achieve the advertised
+ security strength, but the code incorrectly used a constant instead of
+ entropy from the nonce.
+ Found by John Stroebel in #3819 and fixed in #3973.
+ * Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
+ |A| - |B| where |B| is larger than |A| and has more limbs (so the
+ function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
+ applications calling mbedtls_mpi_sub_abs() directly are affected:
+ all calls inside the library were safe since this function is
+ only called with |A| >= |B|. Reported by Guido Vranken in #4042.
+ * Fix an errorneous estimation for an internal buffer in
+ mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd
+ value the function might fail to write a private RSA keys of the largest
+ supported size.
+ Found by Daniel Otte, reported in #4093 and fixed in #4094.
+ * Fix a stack buffer overflow with mbedtls_net_poll() and
+ mbedtls_net_recv_timeout() when given a file descriptor that is
+ beyond FD_SETSIZE. Reported by FigBug in #4169.
+ * Guard against strong local side channel attack against base64 tables by
+ making access aceess to them use constant flow code.
+
+Bugfix
+ * Fix use-after-scope error in programs/ssl/ssl_client2.c and ssl_server2.c
+ * Fix memory leak that occured when calling psa_close_key() on a
+ wrapped key with MBEDTLS_PSA_CRYPTO_SE_C defined.
+ * Fix an incorrect error code if an RSA private operation glitched.
+ * Fix a memory leak in an error case in psa_generate_derived_key_internal().
+ * Fix a resource leak in CTR_DRBG and HMAC_DRBG when MBEDTLS_THREADING_C
+ is enabled, on platforms where initializing a mutex allocates resources.
+ This was a regression introduced in the previous release. Reported in
+ #4017, #4045 and #4071.
+ * Ensure that calling mbedtls_rsa_free() or mbedtls_entropy_free()
+ twice is safe. This happens for RSA when some Mbed TLS library functions
+ fail. Such a double-free was not safe when MBEDTLS_THREADING_C was
+ enabled on platforms where freeing a mutex twice is not safe.
+ * Fix a resource leak in a bad-arguments case of mbedtls_rsa_gen_key()
+ when MBEDTLS_THREADING_C is enabled on platforms where initializing
+ a mutex allocates resources.
+ * Fixes a bug where, if the library was configured to include support for
+ both the old SE interface and the new PSA driver interface, external keys were
+ not loaded from storage. This was fixed by #3996.
+ * This change makes 'mbedtls_x509write_crt_set_basic_constraints'
+ consistent with RFC 5280 4.2.1.9 which says: "Conforming CAs MUST
+ include this extension in all CA certificates that contain public keys
+ used to validate digital signatures on certificates and MUST mark the
+ extension as critical in such certificates." Previous to this change,
+ the extension was always marked as non-critical. This was fixed by
+ #3698.
+
+Changes
+ * A new library C file psa_crypto_client.c has been created to contain
+ the PSA code needed by a PSA crypto client when the PSA crypto
+ implementation is not included into the library.
+ * On recent enough versions of FreeBSD and DragonFlyBSD, the entropy module
+ now uses the getrandom syscall instead of reading from /dev/urandom.
+
+= mbed TLS 2.25.0 branch released 2020-12-11
+
+API changes
+ * The numerical values of the PSA Crypto API macros have been updated to
+ conform to version 1.0.0 of the specification.
+ * PSA_ALG_STREAM_CIPHER replaces PSA_ALG_CHACHA20 and PSA_ALG_ARC4.
+ The underlying stream cipher is determined by the key type
+ (PSA_KEY_TYPE_CHACHA20 or PSA_KEY_TYPE_ARC4).
+ * The functions mbedtls_cipher_auth_encrypt() and
+ mbedtls_cipher_auth_decrypt() no longer accept NIST_KW contexts,
+ as they have no way to check if the output buffer is large enough.
+ Please use mbedtls_cipher_auth_encrypt_ext() and
+ mbedtls_cipher_auth_decrypt_ext() instead. Credit to OSS-Fuzz and
+ Cryptofuzz. Fixes #3665.
+
+Requirement changes
+ * Update the minimum required CMake version to 2.8.12. This silences a
+ warning on CMake 3.19.0. #3801
+
+New deprecations
+ * PSA_ALG_CHACHA20 and PSA_ALG_ARC4 have been deprecated.
+ Use PSA_ALG_STREAM_CIPHER instead.
+ * The functions mbedtls_cipher_auth_encrypt() and
+ mbedtls_cipher_auth_decrypt() are deprecated in favour of the new
+ functions mbedtls_cipher_auth_encrypt_ext() and
+ mbedtls_cipher_auth_decrypt_ext(). Please note that with AEAD ciphers,
+ these new functions always append the tag to the ciphertext, and include
+ the tag in the ciphertext length.
+
+Features
+ * Partial implementation of the new PSA Crypto accelerator APIs. (Symmetric
+ ciphers, asymmetric signing/verification and key generation, validate_key
+ entry point, and export_public_key interface.)
+ * Add support for ECB to the PSA cipher API.
+ * In PSA, allow using a key declared with a base key agreement algorithm
+ in combined key agreement and derivation operations, as long as the key
+ agreement algorithm in use matches the algorithm the key was declared with.
+ This is currently non-standard behaviour, but expected to make it into a
+ future revision of the PSA Crypto standard.
+ * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls,
+ mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by
+ external CMake projects that include this one to avoid CMake target name
+ clashes. The default value of this variable is "", so default target names
+ are unchanged.
+ * Add support for DTLS-SRTP as defined in RFC 5764. Contributed by Johan
+ Pascal, improved by Ron Eldor.
+ * In the PSA API, it is no longer necessary to open persistent keys:
+ operations now accept the key identifier. The type psa_key_handle_t is now
+ identical to psa_key_id_t instead of being platform-defined. This bridges
+ the last major gap to compliance with the PSA Cryptography specification
+ version 1.0.0. Opening persistent keys is still supported for backward
+ compatibility, but will be deprecated and later removed in future
+ releases.
+ * PSA_AEAD_NONCE_LENGTH, PSA_AEAD_NONCE_MAX_SIZE, PSA_CIPHER_IV_LENGTH and
+ PSA_CIPHER_IV_MAX_SIZE macros have been added as defined in version
+ 1.0.0 of the PSA Crypto API specification.
+
+Security
+ * The functions mbedtls_cipher_auth_encrypt() and
+ mbedtls_cipher_auth_decrypt() would write past the minimum documented
+ size of the output buffer when used with NIST_KW. As a result, code using
+ those functions as documented with NIST_KW could have a buffer overwrite
+ of up to 15 bytes, with consequences ranging up to arbitrary code
+ execution depending on the location of the output buffer.
+ * Limit the size of calculations performed by mbedtls_mpi_exp_mod to
+ MBEDTLS_MPI_MAX_SIZE to prevent a potential denial of service when
+ generating Diffie-Hellman key pairs. Credit to OSS-Fuzz.
+ * A failure of the random generator was ignored in mbedtls_mpi_fill_random(),
+ which is how most uses of randomization in asymmetric cryptography
+ (including key generation, intermediate value randomization and blinding)
+ are implemented. This could cause failures or the silent use of non-random
+ values. A random generator can fail if it needs reseeding and cannot not
+ obtain entropy, or due to an internal failure (which, for Mbed TLS's own
+ CTR_DRBG or HMAC_DRBG, can only happen due to a misconfiguration).
+ * Fix a compliance issue whereby we were not checking the tag on the
+ algorithm parameters (only the size) when comparing the signature in the
+ description part of the cert to the real signature. This meant that a
+ NULL algorithm parameters entry would look identical to an array of REAL
+ (size zero) to the library and thus the certificate would be considered
+ valid. However, if the parameters do not match in *any* way then the
+ certificate should be considered invalid, and indeed OpenSSL marks these
+ certs as invalid when mbedtls did not.
+ Many thanks to guidovranken who found this issue via differential fuzzing
+ and reported it in #3629.
+ * Zeroising of local buffers and variables which are used for calculations
+ in mbedtls_pkcs5_pbkdf2_hmac(), mbedtls_internal_sha*_process(),
+ mbedtls_internal_md*_process() and mbedtls_internal_ripemd160_process()
+ functions to erase sensitive data from memory. Reported by
+ Johan Malmgren and Johan Uppman Bruce from Sectra.
+
+Bugfix
+ * Fix an invalid (but non-zero) return code from mbedtls_pk_parse_subpubkey()
+ when the input has trailing garbage. Fixes #2512.
+ * Fix build failure in configurations where MBEDTLS_USE_PSA_CRYPTO is
+ enabled but ECDSA is disabled. Contributed by jdurkop. Fixes #3294.
+ * Include the psa_constant_names generated source code in the source tree
+ instead of generating it at build time. Fixes #3524.
+ * Fix rsa_prepare_blinding() to retry when the blinding value is not
+ invertible (mod N), instead of returning MBEDTLS_ERR_RSA_RNG_FAILED. This
+ addresses a regression but is rare in practice (approx. 1 in 2/sqrt(N)).
+ Found by Synopsys Coverity, fix contributed by Peter Kolbus (Garmin).
+ Fixes #3647.
+ * Use socklen_t on Android and other POSIX-compliant system
+ * Fix the build when the macro _GNU_SOURCE is defined to a non-empty value.
+ Fix #3432.
+ * Consistently return PSA_ERROR_INVALID_ARGUMENT on invalid cipher input
+ sizes (instead of PSA_ERROR_BAD_STATE in some cases) to make the
+ psa_cipher_* functions compliant with the PSA Crypto API specification.
+ * mbedtls_ecp_curve_list() now lists Curve25519 and Curve448 under the names
+ "x25519" and "x448". These curves support ECDH but not ECDSA. If you need
+ only the curves that support ECDSA, filter the list with
+ mbedtls_ecdsa_can_do().
+ * Fix psa_generate_key() returning an error when asked to generate
+ an ECC key pair on Curve25519 or secp244k1.
+ * Fix psa_key_derivation_output_key() to allow the output of a combined key
+ agreement and subsequent key derivation operation to be used as a key
+ inside of the PSA Crypto core.
+ * Fix handling of EOF against 0xff bytes and on platforms with unsigned
+ chars. Fixes a build failure on platforms where char is unsigned. Fixes
+ #3794.
+ * Fix an off-by-one error in the additional data length check for
+ CCM, which allowed encryption with a non-standard length field.
+ Fixes #3719.
+ * Correct the default IV size for mbedtls_cipher_info_t structures using
+ MBEDTLS_MODE_ECB to 0, since ECB mode ciphers don't use IVs.
+ * Make arc4random_buf available on NetBSD and OpenBSD when _POSIX_C_SOURCE is
+ defined. Fix contributed in #3571.
+ * Fix conditions for including string.h in error.c. Fixes #3866.
+ * psa_set_key_id() now also sets the lifetime to persistent for keys located
+ in a secure element.
+ * Attempting to create a volatile key with a non-zero key identifier now
+ fails. Previously the key identifier was just ignored when creating a
+ volatile key.
+ * Attempting to create or register a key with a key identifier in the vendor
+ range now fails.
+ * Fix build failures on GCC 11. Fixes #3782.
+ * Add missing arguments of debug message in mbedtls_ssl_decrypt_buf.
+ * Fix a memory leak in mbedtls_mpi_sub_abs() when the result was negative
+ (an error condition) and the second operand was aliased to the result.
+ * Fix a case in elliptic curve arithmetic where an out-of-memory condition
+ could go undetected, resulting in an incorrect result.
+ * In CTR_DRBG and HMAC_DRBG, don't reset the reseed interval in seed().
+ Fixes #2927.
+ * In PEM writing functions, fill the trailing part of the buffer with null
+ bytes. This guarantees that the corresponding parsing function can read
+ the buffer back, which was the case for mbedtls_x509write_{crt,csr}_pem
+ until this property was inadvertently broken in Mbed TLS 2.19.0.
+ Fixes #3682.
+ * Fix a build failure that occurred with the MBEDTLS_AES_SETKEY_DEC_ALT
+ option on. In this configuration key management methods that are required
+ for MBEDTLS_CIPHER_MODE_XTS were excluded from the build and made it fail.
+ Fixes #3818. Reported by John Stroebel.
+
+Changes
+ * Reduce stack usage significantly during sliding window exponentiation.
+ Reported in #3591 and fix contributed in #3592 by Daniel Otte.
+ * The PSA persistent storage format is updated to always store the key bits
+ attribute. No automatic upgrade path is provided. Previously stored keys
+ must be erased, or manually upgraded based on the key storage format
+ specification (docs/architecture/mbed-crypto-storage-specification.md).
+ Fixes #3740.
+ * Remove the zeroization of a pointer variable in AES rounds. It was valid
+ but spurious and misleading since it looked like a mistaken attempt to
+ zeroize the pointed-to buffer. Reported by Antonio de la Piedra, CEA
+ Leti, France.
+
= mbed TLS 2.24.0 branch released 2020-09-01
API changes
diff --git a/ChangeLog.d/_GNU_SOURCE-redefined.txt b/ChangeLog.d/_GNU_SOURCE-redefined.txt
deleted file mode 100644
index 59c8a15..0000000
--- a/ChangeLog.d/_GNU_SOURCE-redefined.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix the build when the macro _GNU_SOURCE is defined to a non-empty value.
- Fix #3432.
diff --git a/ChangeLog.d/add-aes-ecb-to-psa.txt b/ChangeLog.d/add-aes-ecb-to-psa.txt
deleted file mode 100644
index b0de67c..0000000
--- a/ChangeLog.d/add-aes-ecb-to-psa.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Features
- * Add support for ECB to the PSA cipher API.
diff --git a/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt b/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt
deleted file mode 100644
index 533f309..0000000
--- a/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Features
- * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls,
- mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by
- external CMake projects that include this one to avoid CMake target name
- clashes. The default value of this variable is "", so default target names
- are unchanged.
diff --git a/ChangeLog.d/add_cipher_transparent_driver.txt b/ChangeLog.d/add_cipher_transparent_driver.txt
deleted file mode 100644
index ce6f33d..0000000
--- a/ChangeLog.d/add_cipher_transparent_driver.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Features
- * Partial implementation of the new PSA Crypto accelerator APIs for
- enabling symmetric cipher acceleration through crypto accelerators.
- Contributed by Steven Cooreman in #3644.
diff --git a/ChangeLog.d/add_export_public_key_driver.txt b/ChangeLog.d/add_export_public_key_driver.txt
deleted file mode 100644
index a9bffbc..0000000
--- a/ChangeLog.d/add_export_public_key_driver.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Features
- * Implementation of the export_public_key interface for PSA Crypto
- accelerator drivers, as defined in #3493. Contributed in #3786.
diff --git a/ChangeLog.d/add_sign_verify_keygen_transparent_driver.txt b/ChangeLog.d/add_sign_verify_keygen_transparent_driver.txt
deleted file mode 100644
index fe43899..0000000
--- a/ChangeLog.d/add_sign_verify_keygen_transparent_driver.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Features
- * Partial implementation of the new PSA Crypto accelerator APIs for
- enabling key generation and asymmetric signing/verification through crypto
- accelerators. Contributed by Steven Cooreman in #3501.
diff --git a/ChangeLog.d/adjusting sliding_window_size_PR3592.txt b/ChangeLog.d/adjusting sliding_window_size_PR3592.txt
deleted file mode 100644
index 6089565..0000000
--- a/ChangeLog.d/adjusting sliding_window_size_PR3592.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Changes
- * Reduce stack usage significantly during sliding window exponentiation.
- Reported in #3591 and fix contributed in #3592 by Daniel Otte.
diff --git a/ChangeLog.d/aes-zeroize-pointer.txt b/ChangeLog.d/aes-zeroize-pointer.txt
deleted file mode 100644
index ccc6dc1..0000000
--- a/ChangeLog.d/aes-zeroize-pointer.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Changes
- * Remove the zeroization of a pointer variable in AES rounds. It was valid
- but spurious and misleading since it looked like a mistaken attempt to
- zeroize the pointed-to buffer. Reported by Antonio de la Piedra, CEA
- Leti, France.
diff --git a/ChangeLog.d/android-socklen_t.txt b/ChangeLog.d/android-socklen_t.txt
deleted file mode 100644
index d795a52..0000000
--- a/ChangeLog.d/android-socklen_t.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Use socklen_t on Android and other POSIX-compliant system
-
diff --git a/ChangeLog.d/arc4random_buf-implicit.txt b/ChangeLog.d/arc4random_buf-implicit.txt
deleted file mode 100644
index 81c245e..0000000
--- a/ChangeLog.d/arc4random_buf-implicit.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Make arc4random_buf available on NetBSD and OpenBSD when _POSIX_C_SOURCE is
- defined. Fix contributed in #3571.
diff --git a/ChangeLog.d/bugfix-2927.txt b/ChangeLog.d/bugfix-2927.txt
deleted file mode 100644
index 2213c6e..0000000
--- a/ChangeLog.d/bugfix-2927.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * In CTR_DRBG and HMAC_DRBG, don't reset the reseed interval in seed().
- Fixes #2927.
diff --git a/ChangeLog.d/bugfix_3524.txt b/ChangeLog.d/bugfix_3524.txt
deleted file mode 100644
index e038340..0000000
--- a/ChangeLog.d/bugfix_3524.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Include the psa_constant_names generated source code in the source tree
- instead of generating it at build time. Fixes #3524.
diff --git a/ChangeLog.d/bugfix_3782.txt b/ChangeLog.d/bugfix_3782.txt
deleted file mode 100644
index 25e18cb..0000000
--- a/ChangeLog.d/bugfix_3782.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
- * Fix build failures on GCC 11. Fixes #3782.
diff --git a/ChangeLog.d/bugfix_3794.txt b/ChangeLog.d/bugfix_3794.txt
deleted file mode 100644
index a483ea7..0000000
--- a/ChangeLog.d/bugfix_3794.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix handling of EOF against 0xff bytes and on platforms with
- unsigned chars. Fixes a build failure on platforms where char is
- unsigned. Fixes #3794.
diff --git a/ChangeLog.d/bugfix_PR3294.txt b/ChangeLog.d/bugfix_PR3294.txt
deleted file mode 100644
index a6ea75e..0000000
--- a/ChangeLog.d/bugfix_PR3294.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix build failure in configurations where MBEDTLS_USE_PSA_CRYPTO is
- enabled but ECDSA is disabled. Contributed by jdurkop. Fixes #3294.
-
diff --git a/ChangeLog.d/ecb_iv_fix.txt b/ChangeLog.d/ecb_iv_fix.txt
deleted file mode 100644
index ae2ae25..0000000
--- a/ChangeLog.d/ecb_iv_fix.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Correct the default IV size for mbedtls_cipher_info_t structures using
- MBEDTLS_MODE_ECB to 0, since ECB mode ciphers don't use IVs.
diff --git a/ChangeLog.d/ecp-bignum-error-checks.txt b/ChangeLog.d/ecp-bignum-error-checks.txt
deleted file mode 100644
index 8cad08e..0000000
--- a/ChangeLog.d/ecp-bignum-error-checks.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix a memory leak in mbedtls_mpi_sub_abs() when the result was negative
- (an error condition) and the second operand was aliased to the result.
- * Fix a case in elliptic curve arithmetic where an out-of-memory condition
- could go undetected, resulting in an incorrect result.
diff --git a/ChangeLog.d/ecp_curve_list.txt b/ChangeLog.d/ecp_curve_list.txt
deleted file mode 100644
index 55745d3..0000000
--- a/ChangeLog.d/ecp_curve_list.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * mbedtls_ecp_curve_list() now lists Curve25519 and Curve448 under the names
- "x25519" and "x448". These curves support ECDH but not ECDSA. If you need
- only the curves that support ECDSA, filter the list with
- mbedtls_ecdsa_can_do().
diff --git a/ChangeLog.d/error-include-string.txt b/ChangeLog.d/error-include-string.txt
deleted file mode 100644
index 0a12c7b..0000000
--- a/ChangeLog.d/error-include-string.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
- * Fix conditions for including string.h in error.c. Fixes #3866.
diff --git a/ChangeLog.d/feature-dtls-srtp.txt b/ChangeLog.d/feature-dtls-srtp.txt
deleted file mode 100644
index 8b9186b..0000000
--- a/ChangeLog.d/feature-dtls-srtp.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Features
-* Add support for DTLS-SRTP as defined in RFC 5764. Contributed by Johan Pascal, improved by Ron Eldor.
diff --git a/ChangeLog.d/fix-cipher-output-size-macros.txt b/ChangeLog.d/fix-cipher-output-size-macros.txt
new file mode 100644
index 0000000..4a4b971
--- /dev/null
+++ b/ChangeLog.d/fix-cipher-output-size-macros.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * Prevent divide by zero if either of PSA_CIPHER_ENCRYPT_OUTPUT_SIZE() or
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE() were called using an asymmetric key type.
+
diff --git a/ChangeLog.d/fix-rsa-blinding.txt b/ChangeLog.d/fix-rsa-blinding.txt
deleted file mode 100644
index a13572c..0000000
--- a/ChangeLog.d/fix-rsa-blinding.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Bugfix
- * Fix rsa_prepare_blinding() to retry when the blinding value is not
- invertible (mod N), instead of returning MBEDTLS_ERR_RSA_RNG_FAILED. This
- addresses a regression but is rare in practice (approx. 1 in 2/sqrt(N)).
- Found by Synopsys Coverity, fix contributed by Peter Kolbus (Garmin).
- Fixes #3647.
diff --git a/ChangeLog.d/fix_ccm_add_length_check.txt b/ChangeLog.d/fix_ccm_add_length_check.txt
deleted file mode 100644
index 259399f..0000000
--- a/ChangeLog.d/fix_ccm_add_length_check.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix an off-by-one error in the additional data length check for
- CCM, which allowed encryption with a non-standard length field.
- Fixes #3719.
-
diff --git a/ChangeLog.d/issue4630.txt b/ChangeLog.d/issue4630.txt
new file mode 100644
index 0000000..0bc4b99
--- /dev/null
+++ b/ChangeLog.d/issue4630.txt
@@ -0,0 +1,2 @@
+Bugfix
+ * Stop using reserved identifiers as local variables. Fixes #4630.
diff --git a/ChangeLog.d/makefile-python-windows.txt b/ChangeLog.d/makefile-python-windows.txt
new file mode 100644
index 0000000..57ccc1a
--- /dev/null
+++ b/ChangeLog.d/makefile-python-windows.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * The GNU makefiles invoke python3 in preference to python except on Windows.
+ The check was accidentally not performed when cross-compiling for Windows
+ on Linux. Fix this. Fixes #4774.
diff --git a/ChangeLog.d/minimum_cmake_version_PR3802.txt b/ChangeLog.d/minimum_cmake_version_PR3802.txt
deleted file mode 100644
index 549f9b1..0000000
--- a/ChangeLog.d/minimum_cmake_version_PR3802.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Requirement changes
-* Update the minimum required CMake version to 2.8.12.
-* This silences a warning on CMake 3.19.0. #3801
diff --git a/ChangeLog.d/missing-debug-message-arguments_mbedtls_ssl_decrypt_buf.txt b/ChangeLog.d/missing-debug-message-arguments_mbedtls_ssl_decrypt_buf.txt
deleted file mode 100644
index e03178f..0000000
--- a/ChangeLog.d/missing-debug-message-arguments_mbedtls_ssl_decrypt_buf.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
- * Add missing arguments of debug message in mbedtls_ssl_decrypt_buf.
diff --git a/ChangeLog.d/psa-openless.txt b/ChangeLog.d/psa-openless.txt
deleted file mode 100644
index 2e40cdf..0000000
--- a/ChangeLog.d/psa-openless.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-Features
- * In the PSA API, it is no longer necessary to open persistent keys:
- operations now accept the key identifier. The type psa_key_handle_t is now
- identical to psa_key_id_t instead of being platform-defined. This bridges
- the last major gap to compliance with the PSA Cryptography specification
- version 1.0.0. Opening persistent keys is still supported for backward
- compatibility, but will be deprecated and later removed in future
- releases.
-
-Bugfix
- * psa_set_key_id() now also sets the lifetime to persistent for keys located
- in a secure element.
- * Attempting to create a volatile key with a non-zero key identifier now
- fails. Previously the key identifier was just ignored when creating a
- volatile key.
- * Attempting to create or register a key with a key identifier in the vendor
- range now fails.
diff --git a/ChangeLog.d/psa_cipher_update_ecp.txt b/ChangeLog.d/psa_cipher_update_ecp.txt
new file mode 100644
index 0000000..1c3fbc6
--- /dev/null
+++ b/ChangeLog.d/psa_cipher_update_ecp.txt
@@ -0,0 +1,2 @@
+Bugfix
+ * Fix a parameter set but unused in psa_crypto_cipher.c. Fixes #4935.
diff --git a/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt b/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt
deleted file mode 100644
index 85c363b..0000000
--- a/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Consistently return PSA_ERROR_INVALID_ARGUMENT on invalid cipher input
- sizes (instead of PSA_ERROR_BAD_STATE in some cases) to make the
- psa_cipher_* functions compliant with the PSA Crypto API specification.
diff --git a/ChangeLog.d/psa_generate_key-curve25519.txt b/ChangeLog.d/psa_generate_key-curve25519.txt
deleted file mode 100644
index 24b6fcf..0000000
--- a/ChangeLog.d/psa_generate_key-curve25519.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix psa_generate_key() returning an error when asked to generate
- an ECC key pair on Curve25519 or secp244k1.
diff --git a/ChangeLog.d/remove_default_alllow_sha1.txt b/ChangeLog.d/remove_default_alllow_sha1.txt
new file mode 100644
index 0000000..9ec10cf
--- /dev/null
+++ b/ChangeLog.d/remove_default_alllow_sha1.txt
@@ -0,0 +1,10 @@
+Removals
+ * Remove config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES,
+ which allowed SHA-1 in the default TLS configuration for certificate
+ signing. It was intended to facilitate the transition in environments
+ with SHA-1 certificates. SHA-1 is considered a weak message digest and
+ its use constitutes a security risk.
+
+Changes
+ * Set config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE to be
+ disabled by default.
diff --git a/ChangeLog.d/support-ecdh-kdf-with-ecdh-key.txt b/ChangeLog.d/support-ecdh-kdf-with-ecdh-key.txt
deleted file mode 100644
index 6660dc3..0000000
--- a/ChangeLog.d/support-ecdh-kdf-with-ecdh-key.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Features
- * In PSA, allow using a key declared with a base key agreement algorithm
- in combined key agreement and derivation operations, as long as the key
- agreement algorithm in use matches the algorithm the key was declared with.
- This is currently non-standard behaviour, but expected to make it into a
- future revision of the PSA Crypto standard.
diff --git a/ChangeLog.d/support-key-agreement-and-derivation-output-as-key.txt b/ChangeLog.d/support-key-agreement-and-derivation-output-as-key.txt
deleted file mode 100644
index 3f61481..0000000
--- a/ChangeLog.d/support-key-agreement-and-derivation-output-as-key.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix psa_key_derivation_output_key() to allow the output of a combined key
- agreement and subsequent key derivation operation to be used as a key
- inside of the PSA Crypto core.
diff --git a/ChangeLog.d/systematically_store_bit_size_3740.txt b/ChangeLog.d/systematically_store_bit_size_3740.txt
deleted file mode 100644
index 9e63bbc..0000000
--- a/ChangeLog.d/systematically_store_bit_size_3740.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Changes
- * The PSA persistent storage format is updated to always store the key bits
- attribute. No automatic upgrade path is provided. Previously stored keys
- must be erased, or manually upgraded based on the key storage format
- specification (docs/architecture/mbed-crypto-storage-specification.md). #3740
diff --git a/ChangeLog.d/tls_ext_cid-config.txt b/ChangeLog.d/tls_ext_cid-config.txt
new file mode 100644
index 0000000..b7b1e72
--- /dev/null
+++ b/ChangeLog.d/tls_ext_cid-config.txt
@@ -0,0 +1,3 @@
+Features
+ * The identifier of the CID TLS extension can be configured by defining
+ MBEDTLS_TLS_EXT_CID at compile time.
diff --git a/Makefile b/Makefile
index 9344e71..6a8b230 100644
--- a/Makefile
+++ b/Makefile
@@ -138,11 +138,11 @@
tests/suites/*.function \
)
# Exuberant-ctags invocation. Other ctags implementations may require different options.
-CTAGS = ctags --langmap=c:+.h.function -o
+CTAGS = ctags --langmap=c:+.h.function --line-directives=no -o
tags: $(C_SOURCE_FILES)
$(CTAGS) $@ $(C_SOURCE_FILES)
TAGS: $(C_SOURCE_FILES)
- etags -o $@ $(C_SOURCE_FILES)
+ etags --no-line-directive -o $@ $(C_SOURCE_FILES)
global: GPATH GRTAGS GSYMS GTAGS
GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES)
ls $(C_SOURCE_FILES) | gtags -f - --gtagsconf .globalrc
diff --git a/README.md b/README.md
index ac2a6ab..759ffb5 100644
--- a/README.md
+++ b/README.md
@@ -25,6 +25,8 @@
1. Run `make apidoc`.
1. Browse `apidoc/index.html` or `apidoc/modules.html`.
+For other sources of documentation, see the [SUPPORT](SUPPORT.md) document.
+
Compiling
---------
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..bd18f6c
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,20 @@
+## Reporting Vulneratibilities
+
+If you think you have found an Mbed TLS security vulnerability, then please
+send an email to the security team at
+<mbed-tls-security@lists.trustedfirmware.org>.
+
+## Security Incident Handling Process
+
+Our security process is detailled in our
+[security
+center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/).
+
+Its primary goal is to ensure fixes are ready to be deployed when the issue
+goes public.
+
+## Maintained branches
+
+Only the maintained branches, as listed in [`BRANCHES.md`](BRANCHES.md),
+get security fixes.
+Users are urged to always use the latest version of a maintained branch.
diff --git a/SUPPORT.md b/SUPPORT.md
new file mode 100644
index 0000000..1bc0695
--- /dev/null
+++ b/SUPPORT.md
@@ -0,0 +1,15 @@
+## Documentation
+
+Here are some useful sources of information about using Mbed TLS:
+
+- API documentation, see the [Documentation section of the
+ README](README.md#License);
+- the `docs` directory in the source tree;
+- the [Mbed TLS knowledge Base](https://tls.mbed.org/kb);
+- the [Mbed TLS mailing-list
+ archives](https://lists.trustedfirmware.org/pipermail/mbed-tls/).
+
+## Asking Questions
+
+If you can't find your answer in the above sources, please use the [Mbed TLS
+mailing list](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls).
diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
deleted file mode 100644
index b98fc9c..0000000
--- a/configs/config-psa-crypto.h
+++ /dev/null
@@ -1,3371 +0,0 @@
-/**
- * \file config.h
- *
- * \brief Configuration options (set of defines)
- *
- * This set of compile-time options may be used to enable
- * or disable features selectively, and reduce the global
- * memory footprint.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef MBEDTLS_CONFIG_H
-#define MBEDTLS_CONFIG_H
-
-#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
-#define _CRT_SECURE_NO_DEPRECATE 1
-#endif
-
-/**
- * \name SECTION: System support
- *
- * This section sets system specific settings.
- * \{
- */
-
-/**
- * \def MBEDTLS_HAVE_ASM
- *
- * The compiler has support for asm().
- *
- * Requires support for asm() in compiler.
- *
- * Used in:
- * library/aria.c
- * library/timing.c
- * include/mbedtls/bn_mul.h
- *
- * Required by:
- * MBEDTLS_AESNI_C
- * MBEDTLS_PADLOCK_C
- *
- * Comment to disable the use of assembly code.
- */
-#define MBEDTLS_HAVE_ASM
-
-/**
- * \def MBEDTLS_NO_UDBL_DIVISION
- *
- * The platform lacks support for double-width integer division (64-bit
- * division on a 32-bit platform, 128-bit division on a 64-bit platform).
- *
- * Used in:
- * include/mbedtls/bignum.h
- * library/bignum.c
- *
- * The bignum code uses double-width division to speed up some operations.
- * Double-width division is often implemented in software that needs to
- * be linked with the program. The presence of a double-width integer
- * type is usually detected automatically through preprocessor macros,
- * but the automatic detection cannot know whether the code needs to
- * and can be linked with an implementation of division for that type.
- * By default division is assumed to be usable if the type is present.
- * Uncomment this option to prevent the use of double-width division.
- *
- * Note that division for the native integer type is always required.
- * Furthermore, a 64-bit type is always required even on a 32-bit
- * platform, but it need not support multiplication or division. In some
- * cases it is also desirable to disable some double-width operations. For
- * example, if double-width division is implemented in software, disabling
- * it can reduce code size in some embedded targets.
- */
-//#define MBEDTLS_NO_UDBL_DIVISION
-
-/**
- * \def MBEDTLS_NO_64BIT_MULTIPLICATION
- *
- * The platform lacks support for 32x32 -> 64-bit multiplication.
- *
- * Used in:
- * library/poly1305.c
- *
- * Some parts of the library may use multiplication of two unsigned 32-bit
- * operands with a 64-bit result in order to speed up computations. On some
- * platforms, this is not available in hardware and has to be implemented in
- * software, usually in a library provided by the toolchain.
- *
- * Sometimes it is not desirable to have to link to that library. This option
- * removes the dependency of that library on platforms that lack a hardware
- * 64-bit multiplier by embedding a software implementation in Mbed TLS.
- *
- * Note that depending on the compiler, this may decrease performance compared
- * to using the library function provided by the toolchain.
- */
-//#define MBEDTLS_NO_64BIT_MULTIPLICATION
-
-/**
- * \def MBEDTLS_HAVE_SSE2
- *
- * CPU supports SSE2 instruction set.
- *
- * Uncomment if the CPU supports SSE2 (IA-32 specific).
- */
-//#define MBEDTLS_HAVE_SSE2
-
-/**
- * \def MBEDTLS_HAVE_TIME
- *
- * System has time.h and time().
- * The time does not need to be correct, only time differences are used,
- * by contrast with MBEDTLS_HAVE_TIME_DATE
- *
- * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
- * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
- * MBEDTLS_PLATFORM_STD_TIME.
- *
- * Comment if your system does not support time functions
- */
-#define MBEDTLS_HAVE_TIME
-
-/**
- * \def MBEDTLS_HAVE_TIME_DATE
- *
- * System has time.h, time(), and an implementation for
- * mbedtls_platform_gmtime_r() (see below).
- * The time needs to be correct (not necessarily very accurate, but at least
- * the date should be correct). This is used to verify the validity period of
- * X.509 certificates.
- *
- * Comment if your system does not have a correct clock.
- *
- * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
- * behaves similarly to the gmtime_r() function from the C standard. Refer to
- * the documentation for mbedtls_platform_gmtime_r() for more information.
- *
- * \note It is possible to configure an implementation for
- * mbedtls_platform_gmtime_r() at compile-time by using the macro
- * MBEDTLS_PLATFORM_GMTIME_R_ALT.
- */
-#define MBEDTLS_HAVE_TIME_DATE
-
-/**
- * \def MBEDTLS_PLATFORM_MEMORY
- *
- * Enable the memory allocation layer.
- *
- * By default mbed TLS uses the system-provided calloc() and free().
- * This allows different allocators (self-implemented or provided) to be
- * provided to the platform abstraction layer.
- *
- * Enabling MBEDTLS_PLATFORM_MEMORY without the
- * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
- * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
- * free() function pointer at runtime.
- *
- * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
- * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
- * alternate function at compile time.
- *
- * Requires: MBEDTLS_PLATFORM_C
- *
- * Enable this layer to allow use of alternative memory allocators.
- */
-//#define MBEDTLS_PLATFORM_MEMORY
-
-/**
- * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
- *
- * Do not assign standard functions in the platform layer (e.g. calloc() to
- * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
- *
- * This makes sure there are no linking errors on platforms that do not support
- * these functions. You will HAVE to provide alternatives, either at runtime
- * via the platform_set_xxx() functions or at compile time by setting
- * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
- * MBEDTLS_PLATFORM_XXX_MACRO.
- *
- * Requires: MBEDTLS_PLATFORM_C
- *
- * Uncomment to prevent default assignment of standard functions in the
- * platform layer.
- */
-//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
-
-/**
- * \def MBEDTLS_PLATFORM_EXIT_ALT
- *
- * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
- * function in the platform abstraction layer.
- *
- * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
- * provide a function "mbedtls_platform_set_printf()" that allows you to set an
- * alternative printf function pointer.
- *
- * All these define require MBEDTLS_PLATFORM_C to be defined!
- *
- * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
- * it will be enabled automatically by check_config.h
- *
- * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
- * MBEDTLS_PLATFORM_XXX_MACRO!
- *
- * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
- *
- * Uncomment a macro to enable alternate implementation of specific base
- * platform function
- */
-//#define MBEDTLS_PLATFORM_EXIT_ALT
-//#define MBEDTLS_PLATFORM_TIME_ALT
-//#define MBEDTLS_PLATFORM_FPRINTF_ALT
-//#define MBEDTLS_PLATFORM_PRINTF_ALT
-//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
-//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
-//#define MBEDTLS_PLATFORM_NV_SEED_ALT
-//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
-
-/**
- * \def MBEDTLS_DEPRECATED_WARNING
- *
- * Mark deprecated functions so that they generate a warning if used.
- * Functions deprecated in one version will usually be removed in the next
- * version. You can enable this to help you prepare the transition to a new
- * major version by making sure your code is not using these functions.
- *
- * This only works with GCC and Clang. With other compilers, you may want to
- * use MBEDTLS_DEPRECATED_REMOVED
- *
- * Uncomment to get warnings on using deprecated functions.
- */
-//#define MBEDTLS_DEPRECATED_WARNING
-
-/**
- * \def MBEDTLS_DEPRECATED_REMOVED
- *
- * Remove deprecated functions so that they generate an error if used.
- * Functions deprecated in one version will usually be removed in the next
- * version. You can enable this to help you prepare the transition to a new
- * major version by making sure your code is not using these functions.
- *
- * Uncomment to get errors on using deprecated functions.
- */
-//#define MBEDTLS_DEPRECATED_REMOVED
-
-/**
- * \def MBEDTLS_CHECK_PARAMS
- *
- * This configuration option controls whether the library validates more of
- * the parameters passed to it.
- *
- * When this flag is not defined, the library only attempts to validate an
- * input parameter if: (1) they may come from the outside world (such as the
- * network, the filesystem, etc.) or (2) not validating them could result in
- * internal memory errors such as overflowing a buffer controlled by the
- * library. On the other hand, it doesn't attempt to validate parameters whose
- * values are fully controlled by the application (such as pointers).
- *
- * When this flag is defined, the library additionally attempts to validate
- * parameters that are fully controlled by the application, and should always
- * be valid if the application code is fully correct and trusted.
- *
- * For example, when a function accepts as input a pointer to a buffer that may
- * contain untrusted data, and its documentation mentions that this pointer
- * must not be NULL:
- * - the pointer is checked to be non-NULL only if this option is enabled
- * - the content of the buffer is always validated
- *
- * When this flag is defined, if a library function receives a parameter that
- * is invalid, it will:
- * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a
- * call to the function mbedtls_param_failed()
- * - immediately return (with a specific error code unless the function
- * returns void and can't communicate an error).
- *
- * When defining this flag, you also need to:
- * - either provide a definition of the function mbedtls_param_failed() in
- * your application (see platform_util.h for its prototype) as the library
- * calls that function, but does not provide a default definition for it,
- * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED()
- * below if the above mechanism is not flexible enough to suit your needs.
- * See the documentation of this macro later in this file.
- *
- * Uncomment to enable validation of application-controlled parameters.
- */
-//#define MBEDTLS_CHECK_PARAMS
-
-/* \} name SECTION: System support */
-
-/**
- * \name SECTION: mbed TLS feature support
- *
- * This section sets support for features that are or are not needed
- * within the modules that are enabled.
- * \{
- */
-
-/**
- * \def MBEDTLS_TIMING_ALT
- *
- * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
- * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
- *
- * Only works if you have MBEDTLS_TIMING_C enabled.
- *
- * You will need to provide a header "timing_alt.h" and an implementation at
- * compile time.
- */
-//#define MBEDTLS_TIMING_ALT
-
-/**
- * \def MBEDTLS_AES_ALT
- *
- * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
- * alternate core implementation of a symmetric crypto, an arithmetic or hash
- * module (e.g. platform specific assembly optimized implementations). Keep
- * in mind that the function prototypes should remain the same.
- *
- * This replaces the whole module. If you only want to replace one of the
- * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
- *
- * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
- * provide the "struct mbedtls_aes_context" definition and omit the base
- * function declarations and implementations. "aes_alt.h" will be included from
- * "aes.h" to include the new function definitions.
- *
- * Uncomment a macro to enable alternate implementation of the corresponding
- * module.
- *
- * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
- * use constitutes a security risk. If possible, we recommend
- * avoiding dependencies on them, and considering stronger message
- * digests and ciphers instead.
- *
- */
-//#define MBEDTLS_AES_ALT
-//#define MBEDTLS_ARC4_ALT
-//#define MBEDTLS_ARIA_ALT
-//#define MBEDTLS_BLOWFISH_ALT
-//#define MBEDTLS_CAMELLIA_ALT
-//#define MBEDTLS_CCM_ALT
-//#define MBEDTLS_CHACHA20_ALT
-//#define MBEDTLS_CHACHAPOLY_ALT
-//#define MBEDTLS_CMAC_ALT
-//#define MBEDTLS_DES_ALT
-//#define MBEDTLS_DHM_ALT
-//#define MBEDTLS_ECJPAKE_ALT
-//#define MBEDTLS_GCM_ALT
-//#define MBEDTLS_NIST_KW_ALT
-//#define MBEDTLS_MD2_ALT
-//#define MBEDTLS_MD4_ALT
-//#define MBEDTLS_MD5_ALT
-//#define MBEDTLS_POLY1305_ALT
-//#define MBEDTLS_RIPEMD160_ALT
-//#define MBEDTLS_RSA_ALT
-//#define MBEDTLS_SHA1_ALT
-//#define MBEDTLS_SHA256_ALT
-//#define MBEDTLS_SHA512_ALT
-//#define MBEDTLS_XTEA_ALT
-
-/*
- * When replacing the elliptic curve module, pleace consider, that it is
- * implemented with two .c files:
- * - ecp.c
- * - ecp_curves.c
- * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
- * macros as described above. The only difference is that you have to make sure
- * that you provide functionality for both .c files.
- */
-//#define MBEDTLS_ECP_ALT
-
-/**
- * \def MBEDTLS_MD2_PROCESS_ALT
- *
- * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
- * alternate core implementation of symmetric crypto or hash function. Keep in
- * mind that function prototypes should remain the same.
- *
- * This replaces only one function. The header file from mbed TLS is still
- * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
- *
- * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
- * no longer provide the mbedtls_sha1_process() function, but it will still provide
- * the other function (using your mbedtls_sha1_process() function) and the definition
- * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
- * with this definition.
- *
- * \note Because of a signature change, the core AES encryption and decryption routines are
- * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
- * respectively. When setting up alternative implementations, these functions should
- * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
- * must stay untouched.
- *
- * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
- * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
- * tables.
- *
- * Uncomment a macro to enable alternate implementation of the corresponding
- * function.
- *
- * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
- * constitutes a security risk. If possible, we recommend avoiding
- * dependencies on them, and considering stronger message digests
- * and ciphers instead.
- *
- */
-//#define MBEDTLS_MD2_PROCESS_ALT
-//#define MBEDTLS_MD4_PROCESS_ALT
-//#define MBEDTLS_MD5_PROCESS_ALT
-//#define MBEDTLS_RIPEMD160_PROCESS_ALT
-//#define MBEDTLS_SHA1_PROCESS_ALT
-//#define MBEDTLS_SHA256_PROCESS_ALT
-//#define MBEDTLS_SHA512_PROCESS_ALT
-//#define MBEDTLS_DES_SETKEY_ALT
-//#define MBEDTLS_DES_CRYPT_ECB_ALT
-//#define MBEDTLS_DES3_CRYPT_ECB_ALT
-//#define MBEDTLS_AES_SETKEY_ENC_ALT
-//#define MBEDTLS_AES_SETKEY_DEC_ALT
-//#define MBEDTLS_AES_ENCRYPT_ALT
-//#define MBEDTLS_AES_DECRYPT_ALT
-//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
-//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
-//#define MBEDTLS_ECDSA_VERIFY_ALT
-//#define MBEDTLS_ECDSA_SIGN_ALT
-//#define MBEDTLS_ECDSA_GENKEY_ALT
-
-/**
- * \def MBEDTLS_ECP_INTERNAL_ALT
- *
- * Expose a part of the internal interface of the Elliptic Curve Point module.
- *
- * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
- * alternative core implementation of elliptic curve arithmetic. Keep in mind
- * that function prototypes should remain the same.
- *
- * This partially replaces one function. The header file from mbed TLS is still
- * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
- * is still present and it is used for group structures not supported by the
- * alternative.
- *
- * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
- * and implementing the following functions:
- * unsigned char mbedtls_internal_ecp_grp_capable(
- * const mbedtls_ecp_group *grp )
- * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
- * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
- * The mbedtls_internal_ecp_grp_capable function should return 1 if the
- * replacement functions implement arithmetic for the given group and 0
- * otherwise.
- * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
- * called before and after each point operation and provide an opportunity to
- * implement optimized set up and tear down instructions.
- *
- * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
- * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
- * function, but will use your mbedtls_internal_ecp_double_jac if the group is
- * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
- * receives it as an argument). If the group is not supported then the original
- * implementation is used. The other functions and the definition of
- * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
- * implementation of mbedtls_internal_ecp_double_jac and
- * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
- *
- * Uncomment a macro to enable alternate implementation of the corresponding
- * function.
- */
-/* Required for all the functions in this section */
-//#define MBEDTLS_ECP_INTERNAL_ALT
-/* Support for Weierstrass curves with Jacobi representation */
-//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
-//#define MBEDTLS_ECP_ADD_MIXED_ALT
-//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
-//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
-//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
-/* Support for curves with Montgomery arithmetic */
-//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
-//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
-//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
-
-/**
- * \def MBEDTLS_TEST_NULL_ENTROPY
- *
- * Enables testing and use of mbed TLS without any configured entropy sources.
- * This permits use of the library on platforms before an entropy source has
- * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
- * MBEDTLS_ENTROPY_NV_SEED switches).
- *
- * WARNING! This switch MUST be disabled in production builds, and is suitable
- * only for development.
- * Enabling the switch negates any security provided by the library.
- *
- * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
- *
- */
-//#define MBEDTLS_TEST_NULL_ENTROPY
-
-/**
- * \def MBEDTLS_ENTROPY_HARDWARE_ALT
- *
- * Uncomment this macro to let mbed TLS use your own implementation of a
- * hardware entropy collector.
- *
- * Your function must be called \c mbedtls_hardware_poll(), have the same
- * prototype as declared in entropy_poll.h, and accept NULL as first argument.
- *
- * Uncomment to use your own hardware entropy collector.
- */
-//#define MBEDTLS_ENTROPY_HARDWARE_ALT
-
-/**
- * \def MBEDTLS_AES_ROM_TABLES
- *
- * Use precomputed AES tables stored in ROM.
- *
- * Uncomment this macro to use precomputed AES tables stored in ROM.
- * Comment this macro to generate AES tables in RAM at runtime.
- *
- * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
- * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
- * initialization time before the first AES operation can be performed.
- * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
- * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
- * performance if ROM access is slower than RAM access.
- *
- * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
- *
- */
-//#define MBEDTLS_AES_ROM_TABLES
-
-/**
- * \def MBEDTLS_AES_FEWER_TABLES
- *
- * Use less ROM/RAM for AES tables.
- *
- * Uncommenting this macro omits 75% of the AES tables from
- * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
- * by computing their values on the fly during operations
- * (the tables are entry-wise rotations of one another).
- *
- * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
- * by ~6kb but at the cost of more arithmetic operations during
- * runtime. Specifically, one has to compare 4 accesses within
- * different tables to 4 accesses with additional arithmetic
- * operations within the same table. The performance gain/loss
- * depends on the system and memory details.
- *
- * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
- *
- */
-//#define MBEDTLS_AES_FEWER_TABLES
-
-/**
- * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
- *
- * Use less ROM for the Camellia implementation (saves about 768 bytes).
- *
- * Uncomment this macro to use less memory for Camellia.
- */
-//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
-
-/**
- * \def MBEDTLS_CIPHER_MODE_CBC
- *
- * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
- */
-#define MBEDTLS_CIPHER_MODE_CBC
-
-/**
- * \def MBEDTLS_CIPHER_MODE_CFB
- *
- * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
- */
-#define MBEDTLS_CIPHER_MODE_CFB
-
-/**
- * \def MBEDTLS_CIPHER_MODE_CTR
- *
- * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
- */
-#define MBEDTLS_CIPHER_MODE_CTR
-
-/**
- * \def MBEDTLS_CIPHER_MODE_OFB
- *
- * Enable Output Feedback mode (OFB) for symmetric ciphers.
- */
-#define MBEDTLS_CIPHER_MODE_OFB
-
-/**
- * \def MBEDTLS_CIPHER_MODE_XTS
- *
- * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
- */
-#define MBEDTLS_CIPHER_MODE_XTS
-
-/**
- * \def MBEDTLS_CIPHER_NULL_CIPHER
- *
- * Enable NULL cipher.
- * Warning: Only do so when you know what you are doing. This allows for
- * encryption or channels without any security!
- *
- * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
- * the following ciphersuites:
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
- * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
- * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
- * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
- * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
- * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
- * MBEDTLS_TLS_RSA_WITH_NULL_SHA
- * MBEDTLS_TLS_RSA_WITH_NULL_MD5
- * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
- * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
- * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
- * MBEDTLS_TLS_PSK_WITH_NULL_SHA
- *
- * Uncomment this macro to enable the NULL cipher and ciphersuites
- */
-//#define MBEDTLS_CIPHER_NULL_CIPHER
-
-/**
- * \def MBEDTLS_CIPHER_PADDING_PKCS7
- *
- * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
- * specific padding modes in the cipher layer with cipher modes that support
- * padding (e.g. CBC)
- *
- * If you disable all padding modes, only full blocks can be used with CBC.
- *
- * Enable padding modes in the cipher layer.
- */
-#define MBEDTLS_CIPHER_PADDING_PKCS7
-#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
-#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
-#define MBEDTLS_CIPHER_PADDING_ZEROS
-
-/**
- * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
- *
- * Enable weak ciphersuites in SSL / TLS.
- * Warning: Only do so when you know what you are doing. This allows for
- * channels with virtually no security at all!
- *
- * This enables the following ciphersuites:
- * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
- * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
- *
- * Uncomment this macro to enable weak ciphersuites
- *
- * \warning DES is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers instead.
- */
-//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
-
-/**
- * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
- *
- * Remove RC4 ciphersuites by default in SSL / TLS.
- * This flag removes the ciphersuites based on RC4 from the default list as
- * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
- * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
- * explicitly.
- *
- * Uncomment this macro to remove RC4 ciphersuites by default.
- */
-#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
-
-/**
- * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
- *
- * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
- * module. By default all supported curves are enabled.
- *
- * Comment macros to disable the curve and functions for it
- */
-#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
-#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
-#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
-#define MBEDTLS_ECP_DP_BP256R1_ENABLED
-#define MBEDTLS_ECP_DP_BP384R1_ENABLED
-#define MBEDTLS_ECP_DP_BP512R1_ENABLED
-#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
-#define MBEDTLS_ECP_DP_CURVE448_ENABLED
-
-/**
- * \def MBEDTLS_ECP_NIST_OPTIM
- *
- * Enable specific 'modulo p' routines for each NIST prime.
- * Depending on the prime and architecture, makes operations 4 to 8 times
- * faster on the corresponding curve.
- *
- * Comment this macro to disable NIST curves optimisation.
- */
-#define MBEDTLS_ECP_NIST_OPTIM
-
-/**
- * \def MBEDTLS_ECP_RESTARTABLE
- *
- * Enable "non-blocking" ECC operations that can return early and be resumed.
- *
- * This allows various functions to pause by returning
- * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
- * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
- * order to further progress and eventually complete their operation. This is
- * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
- * number of ECC operations a function may perform before pausing; see
- * mbedtls_ecp_set_max_ops() for more information.
- *
- * This is useful in non-threaded environments if you want to avoid blocking
- * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
- *
- * Uncomment this macro to enable restartable ECC computations.
- *
- * \note This option only works with the default software implementation of
- * elliptic curve functionality. It is incompatible with
- * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
- */
-//#define MBEDTLS_ECP_RESTARTABLE
-
-/**
- * \def MBEDTLS_ECDSA_DETERMINISTIC
- *
- * Enable deterministic ECDSA (RFC 6979).
- * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
- * may result in a compromise of the long-term signing key. This is avoided by
- * the deterministic variant.
- *
- * Requires: MBEDTLS_HMAC_DRBG_C
- *
- * Comment this macro to disable deterministic ECDSA.
- */
-#define MBEDTLS_ECDSA_DETERMINISTIC
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
- *
- * Enable the PSK based ciphersuite modes in SSL / TLS.
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
- *
- * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_DHM_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
- *
- * \warning Using DHE constitutes a security risk as it
- * is not possible to validate custom DH parameters.
- * If possible, it is recommended users should consider
- * preferring other methods of key exchange.
- * See dhm.h for more details.
- *
- */
-#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
- *
- * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
- *
- * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- * MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
- *
- * Enable the RSA-only based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- * MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
- * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
- */
-#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
- *
- * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- * MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- *
- * \warning Using DHE constitutes a security risk as it
- * is not possible to validate custom DH parameters.
- * If possible, it is recommended users should consider
- * preferring other methods of key exchange.
- * See dhm.h for more details.
- *
- */
-#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
- *
- * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- * MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
- *
- * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
- *
- * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
- *
- * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
- *
- * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
- *
- * \warning This is currently experimental. EC J-PAKE support is based on the
- * Thread v1.0.0 specification; incompatible changes to the specification
- * might still happen. For this reason, this is disabled by default.
- *
- * Requires: MBEDTLS_ECJPAKE_C
- * MBEDTLS_SHA256_C
- * MBEDTLS_ECP_DP_SECP256R1_ENABLED
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
- */
-//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
-
-/**
- * \def MBEDTLS_PK_PARSE_EC_EXTENDED
- *
- * Enhance support for reading EC keys using variants of SEC1 not allowed by
- * RFC 5915 and RFC 5480.
- *
- * Currently this means parsing the SpecifiedECDomain choice of EC
- * parameters (only known groups are supported, not arbitrary domains, to
- * avoid validation issues).
- *
- * Disable if you only need to support RFC 5915 + 5480 key formats.
- */
-#define MBEDTLS_PK_PARSE_EC_EXTENDED
-
-/**
- * \def MBEDTLS_ERROR_STRERROR_DUMMY
- *
- * Enable a dummy error function to make use of mbedtls_strerror() in
- * third party libraries easier when MBEDTLS_ERROR_C is disabled
- * (no effect when MBEDTLS_ERROR_C is enabled).
- *
- * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
- * not using mbedtls_strerror() or error_strerror() in your application.
- *
- * Disable if you run into name conflicts and want to really remove the
- * mbedtls_strerror()
- */
-#define MBEDTLS_ERROR_STRERROR_DUMMY
-
-/**
- * \def MBEDTLS_GENPRIME
- *
- * Enable the prime-number generation code.
- *
- * Requires: MBEDTLS_BIGNUM_C
- */
-#define MBEDTLS_GENPRIME
-
-/**
- * \def MBEDTLS_FS_IO
- *
- * Enable functions that use the filesystem.
- */
-#define MBEDTLS_FS_IO
-
-/**
- * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
- *
- * Do not add default entropy sources. These are the platform specific,
- * mbedtls_timing_hardclock and HAVEGE based poll functions.
- *
- * This is useful to have more control over the added entropy sources in an
- * application.
- *
- * Uncomment this macro to prevent loading of default entropy functions.
- */
-//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
-
-/**
- * \def MBEDTLS_NO_PLATFORM_ENTROPY
- *
- * Do not use built-in platform entropy functions.
- * This is useful if your platform does not support
- * standards like the /dev/urandom or Windows CryptoAPI.
- *
- * Uncomment this macro to disable the built-in platform entropy functions.
- */
-//#define MBEDTLS_NO_PLATFORM_ENTROPY
-
-/**
- * \def MBEDTLS_ENTROPY_FORCE_SHA256
- *
- * Force the entropy accumulator to use a SHA-256 accumulator instead of the
- * default SHA-512 based one (if both are available).
- *
- * Requires: MBEDTLS_SHA256_C
- *
- * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
- * if you have performance concerns.
- *
- * This option is only useful if both MBEDTLS_SHA256_C and
- * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
- */
-//#define MBEDTLS_ENTROPY_FORCE_SHA256
-
-/**
- * \def MBEDTLS_ENTROPY_NV_SEED
- *
- * Enable the non-volatile (NV) seed file-based entropy source.
- * (Also enables the NV seed read/write functions in the platform layer)
- *
- * This is crucial (if not required) on systems that do not have a
- * cryptographic entropy source (in hardware or kernel) available.
- *
- * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
- *
- * \note The read/write functions that are used by the entropy source are
- * determined in the platform layer, and can be modified at runtime and/or
- * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
- *
- * \note If you use the default implementation functions that read a seedfile
- * with regular fopen(), please make sure you make a seedfile with the
- * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
- * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
- * and written to or you will get an entropy source error! The default
- * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
- * bytes from the file.
- *
- * \note The entropy collector will write to the seed file before entropy is
- * given to an external source, to update it.
- */
-//#define MBEDTLS_ENTROPY_NV_SEED
-
-/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- *
- * Enable key identifiers that encode a key owner identifier.
- *
- * This is only meaningful when building the library as part of a
- * multi-client service. When you activate this option, you must provide an
- * implementation of the type mbedtls_key_owner_id_t and a translation from
- * mbedtls_svc_key_id_t to file name in all the storage backends that you
- * you wish to support.
- *
- * Note that this option is meant for internal use only and may be removed
- * without notice.
- */
-//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-
-/**
- * \def MBEDTLS_MEMORY_DEBUG
- *
- * Enable debugging of buffer allocator memory issues. Automatically prints
- * (to stderr) all (fatal) messages on memory allocation issues. Enables
- * function for 'debug output' of allocated memory.
- *
- * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
- *
- * Uncomment this macro to let the buffer allocator print out error messages.
- */
-//#define MBEDTLS_MEMORY_DEBUG
-
-/**
- * \def MBEDTLS_MEMORY_BACKTRACE
- *
- * Include backtrace information with each allocated block.
- *
- * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
- * GLIBC-compatible backtrace() an backtrace_symbols() support
- *
- * Uncomment this macro to include backtrace information
- */
-//#define MBEDTLS_MEMORY_BACKTRACE
-
-/**
- * \def MBEDTLS_PK_RSA_ALT_SUPPORT
- *
- * Support external private RSA keys (eg from a HSM) in the PK layer.
- *
- * Comment this macro to disable support for external private RSA keys.
- */
-#define MBEDTLS_PK_RSA_ALT_SUPPORT
-
-/**
- * \def MBEDTLS_PKCS1_V15
- *
- * Enable support for PKCS#1 v1.5 encoding.
- *
- * Requires: MBEDTLS_RSA_C
- *
- * This enables support for PKCS#1 v1.5 operations.
- */
-#define MBEDTLS_PKCS1_V15
-
-/**
- * \def MBEDTLS_PKCS1_V21
- *
- * Enable support for PKCS#1 v2.1 encoding.
- *
- * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
- *
- * This enables support for RSAES-OAEP and RSASSA-PSS operations.
- */
-#define MBEDTLS_PKCS1_V21
-
-/**
- * \def MBEDTLS_PSA_CRYPTO_SPM
- *
- * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
- * Partition Manager) integration which separates the code into two parts: a
- * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
- * Environment).
- *
- * Module: library/psa_crypto.c
- * Requires: MBEDTLS_PSA_CRYPTO_C
- *
- */
-//#define MBEDTLS_PSA_CRYPTO_SPM
-
-/**
- * \def MBEDTLS_PSA_INJECT_ENTROPY
- *
- * Enable support for entropy injection at first boot. This feature is
- * required on systems that do not have a built-in entropy source (TRNG).
- * This feature is currently not supported on systems that have a built-in
- * entropy source.
- *
- * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED
- *
- */
-//#define MBEDTLS_PSA_INJECT_ENTROPY
-
-/**
- * \def MBEDTLS_RSA_NO_CRT
- *
- * Do not use the Chinese Remainder Theorem
- * for the RSA private operation.
- *
- * Uncomment this macro to disable the use of CRT in RSA.
- *
- */
-//#define MBEDTLS_RSA_NO_CRT
-
-/**
- * \def MBEDTLS_SELF_TEST
- *
- * Enable the checkup functions (*_self_test).
- */
-#define MBEDTLS_SELF_TEST
-
-/**
- * \def MBEDTLS_SHA256_SMALLER
- *
- * Enable an implementation of SHA-256 that has lower ROM footprint but also
- * lower performance.
- *
- * The default implementation is meant to be a reasonnable compromise between
- * performance and size. This version optimizes more aggressively for size at
- * the expense of performance. Eg on Cortex-M4 it reduces the size of
- * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
- * 30%.
- *
- * Uncomment to enable the smaller implementation of SHA256.
- */
-//#define MBEDTLS_SHA256_SMALLER
-
-/**
- * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
- *
- * Enable sending of alert messages in case of encountered errors as per RFC.
- * If you choose not to send the alert messages, mbed TLS can still communicate
- * with other servers, only debugging of failures is harder.
- *
- * The advantage of not sending alert messages, is that no information is given
- * about reasons for failures thus preventing adversaries of gaining intel.
- *
- * Enable sending of all alert messages
- */
-#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
-
-/**
- * \def MBEDTLS_SSL_ASYNC_PRIVATE
- *
- * Enable asynchronous external private key operations in SSL. This allows
- * you to configure an SSL connection to call an external cryptographic
- * module to perform private key operations instead of performing the
- * operation inside the library.
- *
- */
-//#define MBEDTLS_SSL_ASYNC_PRIVATE
-
-/**
- * \def MBEDTLS_SSL_DEBUG_ALL
- *
- * Enable the debug messages in SSL module for all issues.
- * Debug messages have been disabled in some places to prevent timing
- * attacks due to (unbalanced) debugging function calls.
- *
- * If you need all error reporting you should enable this during debugging,
- * but remove this for production servers that should log as well.
- *
- * Uncomment this macro to report all debug messages on errors introducing
- * a timing side-channel.
- *
- */
-//#define MBEDTLS_SSL_DEBUG_ALL
-
-/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
- *
- * Enable support for Encrypt-then-MAC, RFC 7366.
- *
- * This allows peers that both support it to use a more robust protection for
- * ciphersuites using CBC, providing deep resistance against timing attacks
- * on the padding or underlying cipher.
- *
- * This only affects CBC ciphersuites, and is useless if none is defined.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1 or
- * MBEDTLS_SSL_PROTO_TLS1_1 or
- * MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for Encrypt-then-MAC
- */
-#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
-
-/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
- *
- * Enable support for Extended Master Secret, aka Session Hash
- * (draft-ietf-tls-session-hash-02).
- *
- * This was introduced as "the proper fix" to the Triple Handshake familiy of
- * attacks, but it is recommended to always use it (even if you disable
- * renegotiation), since it actually fixes a more fundamental issue in the
- * original SSL/TLS design, and has implications beyond Triple Handshake.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1 or
- * MBEDTLS_SSL_PROTO_TLS1_1 or
- * MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for Extended Master Secret.
- */
-#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
-
-/**
- * \def MBEDTLS_SSL_FALLBACK_SCSV
- *
- * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
- *
- * For servers, it is recommended to always enable this, unless you support
- * only one version of TLS, or know for sure that none of your clients
- * implements a fallback strategy.
- *
- * For clients, you only need this if you're using a fallback strategy, which
- * is not recommended in the first place, unless you absolutely need it to
- * interoperate with buggy (version-intolerant) servers.
- *
- * Comment this macro to disable support for FALLBACK_SCSV
- */
-#define MBEDTLS_SSL_FALLBACK_SCSV
-
-/**
- * \def MBEDTLS_SSL_HW_RECORD_ACCEL
- *
- * Enable hooking functions in SSL module for hardware acceleration of
- * individual records.
- *
- * Uncomment this macro to enable hooking functions.
- */
-//#define MBEDTLS_SSL_HW_RECORD_ACCEL
-
-/**
- * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
- *
- * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
- *
- * This is a countermeasure to the BEAST attack, which also minimizes the risk
- * of interoperability issues compared to sending 0-length records.
- *
- * Comment this macro to disable 1/n-1 record splitting.
- */
-#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
-
-/**
- * \def MBEDTLS_SSL_RENEGOTIATION
- *
- * Enable support for TLS renegotiation.
- *
- * The two main uses of renegotiation are (1) refresh keys on long-lived
- * connections and (2) client authentication after the initial handshake.
- * If you don't need renegotiation, it's probably better to disable it, since
- * it has been associated with security issues in the past and is easy to
- * misuse/misunderstand.
- *
- * Comment this to disable support for renegotiation.
- *
- * \note Even if this option is disabled, both client and server are aware
- * of the Renegotiation Indication Extension (RFC 5746) used to
- * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
- * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
- * configuration of this extension).
- *
- */
-#define MBEDTLS_SSL_RENEGOTIATION
-
-/**
- * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
- *
- * Enable support for receiving and parsing SSLv2 Client Hello messages for the
- * SSL Server module (MBEDTLS_SSL_SRV_C).
- *
- * Uncomment this macro to enable support for SSLv2 Client Hello messages.
- */
-//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
-
-/**
- * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
- *
- * Pick the ciphersuite according to the client's preferences rather than ours
- * in the SSL Server module (MBEDTLS_SSL_SRV_C).
- *
- * Uncomment this macro to respect client's ciphersuite order
- */
-//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
-
-/**
- * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
- *
- * Enable support for RFC 6066 max_fragment_length extension in SSL.
- *
- * Comment this macro to disable support for the max_fragment_length extension
- */
-#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-
-/**
- * \def MBEDTLS_SSL_PROTO_SSL3
- *
- * Enable support for SSL 3.0.
- *
- * Requires: MBEDTLS_MD5_C
- * MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for SSL 3.0
- */
-//#define MBEDTLS_SSL_PROTO_SSL3
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1
- *
- * Enable support for TLS 1.0.
- *
- * Requires: MBEDTLS_MD5_C
- * MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for TLS 1.0
- */
-#define MBEDTLS_SSL_PROTO_TLS1
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1_1
- *
- * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
- *
- * Requires: MBEDTLS_MD5_C
- * MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
- */
-#define MBEDTLS_SSL_PROTO_TLS1_1
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
- *
- * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
- * (Depends on ciphersuites)
- *
- * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
- */
-#define MBEDTLS_SSL_PROTO_TLS1_2
-
-/**
- * \def MBEDTLS_SSL_PROTO_DTLS
- *
- * Enable support for DTLS (all available versions).
- *
- * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
- * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1_1
- * or MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for DTLS
- */
-#define MBEDTLS_SSL_PROTO_DTLS
-
-/**
- * \def MBEDTLS_SSL_ALPN
- *
- * Enable support for RFC 7301 Application Layer Protocol Negotiation.
- *
- * Comment this macro to disable support for ALPN.
- */
-#define MBEDTLS_SSL_ALPN
-
-/**
- * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
- *
- * Enable support for the anti-replay mechanism in DTLS.
- *
- * Requires: MBEDTLS_SSL_TLS_C
- * MBEDTLS_SSL_PROTO_DTLS
- *
- * \warning Disabling this is often a security risk!
- * See mbedtls_ssl_conf_dtls_anti_replay() for details.
- *
- * Comment this to disable anti-replay in DTLS.
- */
-#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
-
-/**
- * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
- *
- * Enable support for HelloVerifyRequest on DTLS servers.
- *
- * This feature is highly recommended to prevent DTLS servers being used as
- * amplifiers in DoS attacks against other hosts. It should always be enabled
- * unless you know for sure amplification cannot be a problem in the
- * environment in which your server operates.
- *
- * \warning Disabling this can ba a security risk! (see above)
- *
- * Requires: MBEDTLS_SSL_PROTO_DTLS
- *
- * Comment this to disable support for HelloVerifyRequest.
- */
-#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
-
-/**
- * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
- *
- * Enable server-side support for clients that reconnect from the same port.
- *
- * Some clients unexpectedly close the connection and try to reconnect using the
- * same source port. This needs special support from the server to handle the
- * new connection securely, as described in section 4.2.8 of RFC 6347. This
- * flag enables that support.
- *
- * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
- *
- * Comment this to disable support for clients reusing the source port.
- */
-#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
-
-/**
- * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
- *
- * Enable support for a limit of records with bad MAC.
- *
- * See mbedtls_ssl_conf_dtls_badmac_limit().
- *
- * Requires: MBEDTLS_SSL_PROTO_DTLS
- */
-#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
-
-/**
- * \def MBEDTLS_SSL_SESSION_TICKETS
- *
- * Enable support for RFC 5077 session tickets in SSL.
- * Client-side, provides full support for session tickets (maintenance of a
- * session store remains the responsibility of the application, though).
- * Server-side, you also need to provide callbacks for writing and parsing
- * tickets, including authenticated encryption and key management. Example
- * callbacks are provided by MBEDTLS_SSL_TICKET_C.
- *
- * Comment this macro to disable support for SSL session tickets
- */
-#define MBEDTLS_SSL_SESSION_TICKETS
-
-/**
- * \def MBEDTLS_SSL_EXPORT_KEYS
- *
- * Enable support for exporting key block and master secret.
- * This is required for certain users of TLS, e.g. EAP-TLS.
- *
- * Comment this macro to disable support for key export
- */
-#define MBEDTLS_SSL_EXPORT_KEYS
-
-/**
- * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
- *
- * Enable support for RFC 6066 server name indication (SNI) in SSL.
- *
- * Requires: MBEDTLS_X509_CRT_PARSE_C
- *
- * Comment this macro to disable support for server name indication in SSL
- */
-#define MBEDTLS_SSL_SERVER_NAME_INDICATION
-
-/**
- * \def MBEDTLS_SSL_TRUNCATED_HMAC
- *
- * Enable support for RFC 6066 truncated HMAC in SSL.
- *
- * Comment this macro to disable support for truncated HMAC in SSL
- */
-#define MBEDTLS_SSL_TRUNCATED_HMAC
-
-/**
- * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
- *
- * Fallback to old (pre-2.7), non-conforming implementation of the truncated
- * HMAC extension which also truncates the HMAC key. Note that this option is
- * only meant for a transitory upgrade period and is likely to be removed in
- * a future version of the library.
- *
- * \warning The old implementation is non-compliant and has a security weakness
- * (2^80 brute force attack on the HMAC key used for a single,
- * uninterrupted connection). This should only be enabled temporarily
- * when (1) the use of truncated HMAC is essential in order to save
- * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
- * the fixed implementation yet (pre-2.7).
- *
- * \deprecated This option is deprecated and will likely be removed in a
- * future version of Mbed TLS.
- *
- * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
- *
- * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
- */
-//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
-
-/**
- * \def MBEDTLS_THREADING_ALT
- *
- * Provide your own alternate threading implementation.
- *
- * Requires: MBEDTLS_THREADING_C
- *
- * Uncomment this to allow your own alternate threading implementation.
- */
-//#define MBEDTLS_THREADING_ALT
-
-/**
- * \def MBEDTLS_THREADING_PTHREAD
- *
- * Enable the pthread wrapper layer for the threading layer.
- *
- * Requires: MBEDTLS_THREADING_C
- *
- * Uncomment this to enable pthread mutexes.
- */
-//#define MBEDTLS_THREADING_PTHREAD
-
-/**
- * \def MBEDTLS_USE_PSA_CRYPTO
- *
- * Make the X.509 and TLS library use PSA for cryptographic operations, see
- * #MBEDTLS_PSA_CRYPTO_C.
- *
- * Note: this option is still in progress, the full X.509 and TLS modules are
- * not covered yet, but parts that are not ported to PSA yet will still work
- * as usual, so enabling this option should not break backwards compatibility.
- *
- * \warning Support for PSA is still an experimental feature.
- * Any public API that depends on this option may change
- * at any time until this warning is removed.
- *
- * Requires: MBEDTLS_PSA_CRYPTO_C.
- */
-//#define MBEDTLS_USE_PSA_CRYPTO
-
-/**
- * \def MBEDTLS_VERSION_FEATURES
- *
- * Allow run-time checking of compile-time enabled features. Thus allowing users
- * to check at run-time if the library is for instance compiled with threading
- * support via mbedtls_version_check_feature().
- *
- * Requires: MBEDTLS_VERSION_C
- *
- * Comment this to disable run-time checking and save ROM space
- */
-#define MBEDTLS_VERSION_FEATURES
-
-/**
- * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
- *
- * If set, the X509 parser will not break-off when parsing an X509 certificate
- * and encountering an extension in a v1 or v2 certificate.
- *
- * Uncomment to prevent an error.
- */
-//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
-
-/**
- * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
- *
- * If set, the X509 parser will not break-off when parsing an X509 certificate
- * and encountering an unknown critical extension.
- *
- * \warning Depending on your PKI use, enabling this can be a security risk!
- *
- * Uncomment to prevent an error.
- */
-//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
-
-/**
- * \def MBEDTLS_X509_CHECK_KEY_USAGE
- *
- * Enable verification of the keyUsage extension (CA and leaf certificates).
- *
- * Disabling this avoids problems with mis-issued and/or misused
- * (intermediate) CA and leaf certificates.
- *
- * \warning Depending on your PKI use, disabling this can be a security risk!
- *
- * Comment to skip keyUsage checking for both CA and leaf certificates.
- */
-#define MBEDTLS_X509_CHECK_KEY_USAGE
-
-/**
- * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
- *
- * Enable verification of the extendedKeyUsage extension (leaf certificates).
- *
- * Disabling this avoids problems with mis-issued and/or misused certificates.
- *
- * \warning Depending on your PKI use, disabling this can be a security risk!
- *
- * Comment to skip extendedKeyUsage checking for certificates.
- */
-#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
-
-/**
- * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
- *
- * Enable parsing and verification of X.509 certificates, CRLs and CSRS
- * signed with RSASSA-PSS (aka PKCS#1 v2.1).
- *
- * Comment this macro to disallow using RSASSA-PSS in certificates.
- */
-#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
-
-/**
- * \def MBEDTLS_ZLIB_SUPPORT
- *
- * If set, the SSL/TLS module uses ZLIB to support compression and
- * decompression of packet data.
- *
- * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
- * CRIME attack. Before enabling this option, you should examine with care if
- * CRIME or similar exploits may be applicable to your use case.
- *
- * \note Currently compression can't be used with DTLS.
- *
- * \deprecated This feature is deprecated and will be removed
- * in the next major revision of the library.
- *
- * Used in: library/ssl_tls.c
- * library/ssl_cli.c
- * library/ssl_srv.c
- *
- * This feature requires zlib library and headers to be present.
- *
- * Uncomment to enable use of ZLIB
- */
-//#define MBEDTLS_ZLIB_SUPPORT
-/* \} name SECTION: mbed TLS feature support */
-
-/**
- * \name SECTION: mbed TLS modules
- *
- * This section enables or disables entire modules in mbed TLS
- * \{
- */
-
-/**
- * \def MBEDTLS_AESNI_C
- *
- * Enable AES-NI support on x86-64.
- *
- * Module: library/aesni.c
- * Caller: library/aes.c
- *
- * Requires: MBEDTLS_HAVE_ASM
- *
- * This modules adds support for the AES-NI instructions on x86-64
- */
-#define MBEDTLS_AESNI_C
-
-/**
- * \def MBEDTLS_AES_C
- *
- * Enable the AES block cipher.
- *
- * Module: library/aes.c
- * Caller: library/cipher.c
- * library/pem.c
- * library/ctr_drbg.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
- *
- * PEM_PARSE uses AES for decrypting encrypted keys.
- */
-#define MBEDTLS_AES_C
-
-/**
- * \def MBEDTLS_ARC4_C
- *
- * Enable the ARCFOUR stream cipher.
- *
- * Module: library/arc4.c
- * Caller: library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
- * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
- * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
- * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
- * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
- * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. If possible, we recommend avoidng dependencies on
- * it, and considering stronger ciphers instead.
- *
- */
-#define MBEDTLS_ARC4_C
-
-/**
- * \def MBEDTLS_ASN1_PARSE_C
- *
- * Enable the generic ASN1 parser.
- *
- * Module: library/asn1.c
- * Caller: library/x509.c
- * library/dhm.c
- * library/pkcs12.c
- * library/pkcs5.c
- * library/pkparse.c
- */
-#define MBEDTLS_ASN1_PARSE_C
-
-/**
- * \def MBEDTLS_ASN1_WRITE_C
- *
- * Enable the generic ASN1 writer.
- *
- * Module: library/asn1write.c
- * Caller: library/ecdsa.c
- * library/pkwrite.c
- * library/x509_create.c
- * library/x509write_crt.c
- * library/x509write_csr.c
- */
-#define MBEDTLS_ASN1_WRITE_C
-
-/**
- * \def MBEDTLS_BASE64_C
- *
- * Enable the Base64 module.
- *
- * Module: library/base64.c
- * Caller: library/pem.c
- *
- * This module is required for PEM support (required by X.509).
- */
-#define MBEDTLS_BASE64_C
-
-/**
- * \def MBEDTLS_BIGNUM_C
- *
- * Enable the multi-precision integer library.
- *
- * Module: library/bignum.c
- * Caller: library/dhm.c
- * library/ecp.c
- * library/ecdsa.c
- * library/rsa.c
- * library/rsa_internal.c
- * library/ssl_tls.c
- *
- * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
- */
-#define MBEDTLS_BIGNUM_C
-
-/**
- * \def MBEDTLS_BLOWFISH_C
- *
- * Enable the Blowfish block cipher.
- *
- * Module: library/blowfish.c
- */
-#define MBEDTLS_BLOWFISH_C
-
-/**
- * \def MBEDTLS_CAMELLIA_C
- *
- * Enable the Camellia block cipher.
- *
- * Module: library/camellia.c
- * Caller: library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
- */
-#define MBEDTLS_CAMELLIA_C
-
-/**
- * \def MBEDTLS_ARIA_C
- *
- * Enable the ARIA block cipher.
- *
- * Module: library/aria.c
- * Caller: library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- *
- * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
- */
-//#define MBEDTLS_ARIA_C
-
-/**
- * \def MBEDTLS_CCM_C
- *
- * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
- *
- * Module: library/ccm.c
- *
- * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
- *
- * This module enables the AES-CCM ciphersuites, if other requisites are
- * enabled as well.
- */
-#define MBEDTLS_CCM_C
-
-/**
- * \def MBEDTLS_CERTS_C
- *
- * Enable the test certificates.
- *
- * Module: library/certs.c
- * Caller:
- *
- * This module is used for testing (ssl_client/server).
- */
-#define MBEDTLS_CERTS_C
-
-/**
- * \def MBEDTLS_CHACHA20_C
- *
- * Enable the ChaCha20 stream cipher.
- *
- * Module: library/chacha20.c
- */
-#define MBEDTLS_CHACHA20_C
-
-/**
- * \def MBEDTLS_CHACHAPOLY_C
- *
- * Enable the ChaCha20-Poly1305 AEAD algorithm.
- *
- * Module: library/chachapoly.c
- *
- * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
- */
-#define MBEDTLS_CHACHAPOLY_C
-
-/**
- * \def MBEDTLS_CIPHER_C
- *
- * Enable the generic cipher layer.
- *
- * Module: library/cipher.c
- * Caller: library/ssl_tls.c
- *
- * Uncomment to enable generic cipher wrappers.
- */
-#define MBEDTLS_CIPHER_C
-
-/**
- * \def MBEDTLS_CMAC_C
- *
- * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
- * ciphers.
- *
- * Module: library/cmac.c
- *
- * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
- *
- */
-#define MBEDTLS_CMAC_C
-
-/**
- * \def MBEDTLS_CTR_DRBG_C
- *
- * Enable the CTR_DRBG AES-based random generator.
- * The CTR_DRBG generator uses AES-256 by default.
- * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below.
- *
- * Module: library/ctr_drbg.c
- * Caller:
- *
- * Requires: MBEDTLS_AES_C
- *
- * This module provides the CTR_DRBG AES random number generator.
- */
-#define MBEDTLS_CTR_DRBG_C
-
-/**
- * \def MBEDTLS_DEBUG_C
- *
- * Enable the debug functions.
- *
- * Module: library/debug.c
- * Caller: library/ssl_cli.c
- * library/ssl_srv.c
- * library/ssl_tls.c
- *
- * This module provides debugging functions.
- */
-#define MBEDTLS_DEBUG_C
-
-/**
- * \def MBEDTLS_DES_C
- *
- * Enable the DES block cipher.
- *
- * Module: library/des.c
- * Caller: library/pem.c
- * library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
- *
- * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
- *
- * \warning DES is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers instead.
- */
-#define MBEDTLS_DES_C
-
-/**
- * \def MBEDTLS_DHM_C
- *
- * Enable the Diffie-Hellman-Merkle module.
- *
- * Module: library/dhm.c
- * Caller: library/ssl_cli.c
- * library/ssl_srv.c
- *
- * This module is used by the following key exchanges:
- * DHE-RSA, DHE-PSK
- *
- * \warning Using DHE constitutes a security risk as it
- * is not possible to validate custom DH parameters.
- * If possible, it is recommended users should consider
- * preferring other methods of key exchange.
- * See dhm.h for more details.
- *
- */
-#define MBEDTLS_DHM_C
-
-/**
- * \def MBEDTLS_ECDH_C
- *
- * Enable the elliptic curve Diffie-Hellman library.
- *
- * Module: library/ecdh.c
- * Caller: library/ssl_cli.c
- * library/ssl_srv.c
- *
- * This module is used by the following key exchanges:
- * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
- *
- * Requires: MBEDTLS_ECP_C
- */
-#define MBEDTLS_ECDH_C
-
-/**
- * \def MBEDTLS_ECDSA_C
- *
- * Enable the elliptic curve DSA library.
- *
- * Module: library/ecdsa.c
- * Caller:
- *
- * This module is used by the following key exchanges:
- * ECDHE-ECDSA
- *
- * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
- */
-#define MBEDTLS_ECDSA_C
-
-/**
- * \def MBEDTLS_ECJPAKE_C
- *
- * Enable the elliptic curve J-PAKE library.
- *
- * \warning This is currently experimental. EC J-PAKE support is based on the
- * Thread v1.0.0 specification; incompatible changes to the specification
- * might still happen. For this reason, this is disabled by default.
- *
- * Module: library/ecjpake.c
- * Caller:
- *
- * This module is used by the following key exchanges:
- * ECJPAKE
- *
- * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
- */
-//#define MBEDTLS_ECJPAKE_C
-
-/**
- * \def MBEDTLS_ECP_C
- *
- * Enable the elliptic curve over GF(p) library.
- *
- * Module: library/ecp.c
- * Caller: library/ecdh.c
- * library/ecdsa.c
- * library/ecjpake.c
- *
- * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
- */
-#define MBEDTLS_ECP_C
-
-/**
- * \def MBEDTLS_ENTROPY_C
- *
- * Enable the platform-specific entropy code.
- *
- * Module: library/entropy.c
- * Caller:
- *
- * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
- *
- * This module provides a generic entropy pool
- */
-#define MBEDTLS_ENTROPY_C
-
-/**
- * \def MBEDTLS_ERROR_C
- *
- * Enable error code to error string conversion.
- *
- * Module: library/error.c
- * Caller:
- *
- * This module enables mbedtls_strerror().
- */
-#define MBEDTLS_ERROR_C
-
-/**
- * \def MBEDTLS_GCM_C
- *
- * Enable the Galois/Counter Mode (GCM) for AES.
- *
- * Module: library/gcm.c
- *
- * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
- *
- * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
- * requisites are enabled as well.
- */
-#define MBEDTLS_GCM_C
-
-/**
- * \def MBEDTLS_HAVEGE_C
- *
- * Enable the HAVEGE random generator.
- *
- * Warning: the HAVEGE random generator is not suitable for virtualized
- * environments
- *
- * Warning: the HAVEGE random generator is dependent on timing and specific
- * processor traits. It is therefore not advised to use HAVEGE as
- * your applications primary random generator or primary entropy pool
- * input. As a secondary input to your entropy pool, it IS able add
- * the (limited) extra entropy it provides.
- *
- * Module: library/havege.c
- * Caller:
- *
- * Requires: MBEDTLS_TIMING_C
- *
- * Uncomment to enable the HAVEGE random generator.
- */
-//#define MBEDTLS_HAVEGE_C
-
-/**
- * \def MBEDTLS_HKDF_C
- *
- * Enable the HKDF algorithm (RFC 5869).
- *
- * Module: library/hkdf.c
- * Caller:
- *
- * Requires: MBEDTLS_MD_C
- *
- * This module adds support for the Hashed Message Authentication Code
- * (HMAC)-based key derivation function (HKDF).
- */
-#define MBEDTLS_HKDF_C
-
-/**
- * \def MBEDTLS_HMAC_DRBG_C
- *
- * Enable the HMAC_DRBG random generator.
- *
- * Module: library/hmac_drbg.c
- * Caller:
- *
- * Requires: MBEDTLS_MD_C
- *
- * Uncomment to enable the HMAC_DRBG random number geerator.
- */
-#define MBEDTLS_HMAC_DRBG_C
-
-/**
- * \def MBEDTLS_NIST_KW_C
- *
- * Enable the Key Wrapping mode for 128-bit block ciphers,
- * as defined in NIST SP 800-38F. Only KW and KWP modes
- * are supported. At the moment, only AES is approved by NIST.
- *
- * Module: library/nist_kw.c
- *
- * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
- */
-//#define MBEDTLS_NIST_KW_C
-
-/**
- * \def MBEDTLS_MD_C
- *
- * Enable the generic message digest layer.
- *
- * Module: library/md.c
- * Caller:
- *
- * Uncomment to enable generic message digest wrappers.
- */
-#define MBEDTLS_MD_C
-
-/**
- * \def MBEDTLS_MD2_C
- *
- * Enable the MD2 hash algorithm.
- *
- * Module: library/md2.c
- * Caller:
- *
- * Uncomment to enable support for (rare) MD2-signed X.509 certs.
- *
- * \warning MD2 is considered a weak message digest and its use constitutes a
- * security risk. If possible, we recommend avoiding dependencies on
- * it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_MD2_C
-
-/**
- * \def MBEDTLS_MD4_C
- *
- * Enable the MD4 hash algorithm.
- *
- * Module: library/md4.c
- * Caller:
- *
- * Uncomment to enable support for (rare) MD4-signed X.509 certs.
- *
- * \warning MD4 is considered a weak message digest and its use constitutes a
- * security risk. If possible, we recommend avoiding dependencies on
- * it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_MD4_C
-
-/**
- * \def MBEDTLS_MD5_C
- *
- * Enable the MD5 hash algorithm.
- *
- * Module: library/md5.c
- * Caller: library/md.c
- * library/pem.c
- * library/ssl_tls.c
- *
- * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
- * depending on the handshake parameters. Further, it is used for checking
- * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
- * encrypted keys.
- *
- * \warning MD5 is considered a weak message digest and its use constitutes a
- * security risk. If possible, we recommend avoiding dependencies on
- * it, and considering stronger message digests instead.
- *
- */
-#define MBEDTLS_MD5_C
-
-/**
- * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
- *
- * Enable the buffer allocator implementation that makes use of a (stack)
- * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
- * calls)
- *
- * Module: library/memory_buffer_alloc.c
- *
- * Requires: MBEDTLS_PLATFORM_C
- * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
- *
- * Enable this module to enable the buffer memory allocator.
- */
-//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
-
-/**
- * \def MBEDTLS_NET_C
- *
- * Enable the TCP and UDP over IPv6/IPv4 networking routines.
- *
- * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
- * and Windows. For other platforms, you'll want to disable it, and write your
- * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
- *
- * \note See also our Knowledge Base article about porting to a new
- * environment:
- * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
- *
- * Module: library/net_sockets.c
- *
- * This module provides networking routines.
- */
-#define MBEDTLS_NET_C
-
-/**
- * \def MBEDTLS_OID_C
- *
- * Enable the OID database.
- *
- * Module: library/oid.c
- * Caller: library/asn1write.c
- * library/pkcs5.c
- * library/pkparse.c
- * library/pkwrite.c
- * library/rsa.c
- * library/x509.c
- * library/x509_create.c
- * library/x509_crl.c
- * library/x509_crt.c
- * library/x509_csr.c
- * library/x509write_crt.c
- * library/x509write_csr.c
- *
- * This modules translates between OIDs and internal values.
- */
-#define MBEDTLS_OID_C
-
-/**
- * \def MBEDTLS_PADLOCK_C
- *
- * Enable VIA Padlock support on x86.
- *
- * Module: library/padlock.c
- * Caller: library/aes.c
- *
- * Requires: MBEDTLS_HAVE_ASM
- *
- * This modules adds support for the VIA PadLock on x86.
- */
-#define MBEDTLS_PADLOCK_C
-
-/**
- * \def MBEDTLS_PEM_PARSE_C
- *
- * Enable PEM decoding / parsing.
- *
- * Module: library/pem.c
- * Caller: library/dhm.c
- * library/pkparse.c
- * library/x509_crl.c
- * library/x509_crt.c
- * library/x509_csr.c
- *
- * Requires: MBEDTLS_BASE64_C
- *
- * This modules adds support for decoding / parsing PEM files.
- */
-#define MBEDTLS_PEM_PARSE_C
-
-/**
- * \def MBEDTLS_PEM_WRITE_C
- *
- * Enable PEM encoding / writing.
- *
- * Module: library/pem.c
- * Caller: library/pkwrite.c
- * library/x509write_crt.c
- * library/x509write_csr.c
- *
- * Requires: MBEDTLS_BASE64_C
- *
- * This modules adds support for encoding / writing PEM files.
- */
-#define MBEDTLS_PEM_WRITE_C
-
-/**
- * \def MBEDTLS_PK_C
- *
- * Enable the generic public (asymetric) key layer.
- *
- * Module: library/pk.c
- * Caller: library/ssl_tls.c
- * library/ssl_cli.c
- * library/ssl_srv.c
- *
- * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
- *
- * Uncomment to enable generic public key wrappers.
- */
-#define MBEDTLS_PK_C
-
-/**
- * \def MBEDTLS_PK_PARSE_C
- *
- * Enable the generic public (asymetric) key parser.
- *
- * Module: library/pkparse.c
- * Caller: library/x509_crt.c
- * library/x509_csr.c
- *
- * Requires: MBEDTLS_PK_C
- *
- * Uncomment to enable generic public key parse functions.
- */
-#define MBEDTLS_PK_PARSE_C
-
-/**
- * \def MBEDTLS_PK_WRITE_C
- *
- * Enable the generic public (asymetric) key writer.
- *
- * Module: library/pkwrite.c
- * Caller: library/x509write.c
- *
- * Requires: MBEDTLS_PK_C
- *
- * Uncomment to enable generic public key write functions.
- */
-#define MBEDTLS_PK_WRITE_C
-
-/**
- * \def MBEDTLS_PKCS5_C
- *
- * Enable PKCS#5 functions.
- *
- * Module: library/pkcs5.c
- *
- * Requires: MBEDTLS_MD_C
- *
- * This module adds support for the PKCS#5 functions.
- */
-#define MBEDTLS_PKCS5_C
-
-/**
- * \def MBEDTLS_PKCS11_C
- *
- * Enable wrapper for PKCS#11 smartcard support.
- *
- * Module: library/pkcs11.c
- * Caller: library/pk.c
- *
- * Requires: MBEDTLS_PK_C
- *
- * This module enables SSL/TLS PKCS #11 smartcard support.
- * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
- */
-//#define MBEDTLS_PKCS11_C
-
-/**
- * \def MBEDTLS_PKCS12_C
- *
- * Enable PKCS#12 PBE functions.
- * Adds algorithms for parsing PKCS#8 encrypted private keys
- *
- * Module: library/pkcs12.c
- * Caller: library/pkparse.c
- *
- * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
- * Can use: MBEDTLS_ARC4_C
- *
- * This module enables PKCS#12 functions.
- */
-#define MBEDTLS_PKCS12_C
-
-/**
- * \def MBEDTLS_PLATFORM_C
- *
- * Enable the platform abstraction layer that allows you to re-assign
- * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
- *
- * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
- * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
- * above to be specified at runtime or compile time respectively.
- *
- * \note This abstraction layer must be enabled on Windows (including MSYS2)
- * as other module rely on it for a fixed snprintf implementation.
- *
- * Module: library/platform.c
- * Caller: Most other .c files
- *
- * This module enables abstraction of common (libc) functions.
- */
-#define MBEDTLS_PLATFORM_C
-
-/**
- * \def MBEDTLS_POLY1305_C
- *
- * Enable the Poly1305 MAC algorithm.
- *
- * Module: library/poly1305.c
- * Caller: library/chachapoly.c
- */
-#define MBEDTLS_POLY1305_C
-
-/**
- * \def MBEDTLS_PSA_CRYPTO_C
- *
- * Enable the Platform Security Architecture cryptography API.
- *
- * Module: library/psa_crypto.c
- *
- * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
- *
- */
-#define MBEDTLS_PSA_CRYPTO_C
-
-/**
- * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
- *
- * Enable the Platform Security Architecture persistent key storage.
- *
- * Module: library/psa_crypto_storage.c
- *
- * Requires: MBEDTLS_PSA_CRYPTO_C,
- * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of
- * the PSA ITS interface
- */
-#define MBEDTLS_PSA_CRYPTO_STORAGE_C
-
-/**
- * \def MBEDTLS_PSA_ITS_FILE_C
- *
- * Enable the emulation of the Platform Security Architecture
- * Internal Trusted Storage (PSA ITS) over files.
- *
- * Module: library/psa_its_file.c
- *
- * Requires: MBEDTLS_FS_IO
- */
-#define MBEDTLS_PSA_ITS_FILE_C
-
-/**
- * \def MBEDTLS_RIPEMD160_C
- *
- * Enable the RIPEMD-160 hash algorithm.
- *
- * Module: library/ripemd160.c
- * Caller: library/md.c
- *
- */
-#define MBEDTLS_RIPEMD160_C
-
-/**
- * \def MBEDTLS_RSA_C
- *
- * Enable the RSA public-key cryptosystem.
- *
- * Module: library/rsa.c
- * library/rsa_internal.c
- * Caller: library/ssl_cli.c
- * library/ssl_srv.c
- * library/ssl_tls.c
- * library/x509.c
- *
- * This module is used by the following key exchanges:
- * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
- *
- * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
- */
-#define MBEDTLS_RSA_C
-
-/**
- * \def MBEDTLS_SHA1_C
- *
- * Enable the SHA1 cryptographic hash algorithm.
- *
- * Module: library/sha1.c
- * Caller: library/md.c
- * library/ssl_cli.c
- * library/ssl_srv.c
- * library/ssl_tls.c
- * library/x509write_crt.c
- *
- * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
- * depending on the handshake parameters, and for SHA1-signed certificates.
- *
- * \warning SHA-1 is considered a weak message digest and its use constitutes
- * a security risk. If possible, we recommend avoiding dependencies
- * on it, and considering stronger message digests instead.
- *
- */
-#define MBEDTLS_SHA1_C
-
-/**
- * \def MBEDTLS_SHA256_C
- *
- * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
- *
- * Module: library/sha256.c
- * Caller: library/entropy.c
- * library/md.c
- * library/ssl_cli.c
- * library/ssl_srv.c
- * library/ssl_tls.c
- *
- * This module adds support for SHA-224 and SHA-256.
- * This module is required for the SSL/TLS 1.2 PRF function.
- */
-#define MBEDTLS_SHA256_C
-
-/**
- * \def MBEDTLS_SHA512_C
- *
- * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
- *
- * Module: library/sha512.c
- * Caller: library/entropy.c
- * library/md.c
- * library/ssl_cli.c
- * library/ssl_srv.c
- *
- * This module adds support for SHA-384 and SHA-512.
- */
-#define MBEDTLS_SHA512_C
-
-/**
- * \def MBEDTLS_SSL_CACHE_C
- *
- * Enable simple SSL cache implementation.
- *
- * Module: library/ssl_cache.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_CACHE_C
- */
-#define MBEDTLS_SSL_CACHE_C
-
-/**
- * \def MBEDTLS_SSL_COOKIE_C
- *
- * Enable basic implementation of DTLS cookies for hello verification.
- *
- * Module: library/ssl_cookie.c
- * Caller:
- */
-#define MBEDTLS_SSL_COOKIE_C
-
-/**
- * \def MBEDTLS_SSL_TICKET_C
- *
- * Enable an implementation of TLS server-side callbacks for session tickets.
- *
- * Module: library/ssl_ticket.c
- * Caller:
- *
- * Requires: MBEDTLS_CIPHER_C
- */
-#define MBEDTLS_SSL_TICKET_C
-
-/**
- * \def MBEDTLS_SSL_CLI_C
- *
- * Enable the SSL/TLS client code.
- *
- * Module: library/ssl_cli.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_TLS_C
- *
- * This module is required for SSL/TLS client support.
- */
-#define MBEDTLS_SSL_CLI_C
-
-/**
- * \def MBEDTLS_SSL_SRV_C
- *
- * Enable the SSL/TLS server code.
- *
- * Module: library/ssl_srv.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_TLS_C
- *
- * This module is required for SSL/TLS server support.
- */
-#define MBEDTLS_SSL_SRV_C
-
-/**
- * \def MBEDTLS_SSL_TLS_C
- *
- * Enable the generic SSL/TLS code.
- *
- * Module: library/ssl_tls.c
- * Caller: library/ssl_cli.c
- * library/ssl_srv.c
- *
- * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
- * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
- *
- * This module is required for SSL/TLS.
- */
-#define MBEDTLS_SSL_TLS_C
-
-/**
- * \def MBEDTLS_THREADING_C
- *
- * Enable the threading abstraction layer.
- * By default mbed TLS assumes it is used in a non-threaded environment or that
- * contexts are not shared between threads. If you do intend to use contexts
- * between threads, you will need to enable this layer to prevent race
- * conditions. See also our Knowledge Base article about threading:
- * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
- *
- * Module: library/threading.c
- *
- * This allows different threading implementations (self-implemented or
- * provided).
- *
- * You will have to enable either MBEDTLS_THREADING_ALT or
- * MBEDTLS_THREADING_PTHREAD.
- *
- * Enable this layer to allow use of mutexes within mbed TLS
- */
-//#define MBEDTLS_THREADING_C
-
-/**
- * \def MBEDTLS_TIMING_C
- *
- * Enable the semi-portable timing interface.
- *
- * \note The provided implementation only works on POSIX/Unix (including Linux,
- * BSD and OS X) and Windows. On other platforms, you can either disable that
- * module and provide your own implementations of the callbacks needed by
- * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
- * your own implementation of the whole module by setting
- * \c MBEDTLS_TIMING_ALT in the current file.
- *
- * \note See also our Knowledge Base article about porting to a new
- * environment:
- * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
- *
- * Module: library/timing.c
- * Caller: library/havege.c
- *
- * This module is used by the HAVEGE random number generator.
- */
-#define MBEDTLS_TIMING_C
-
-/**
- * \def MBEDTLS_VERSION_C
- *
- * Enable run-time version information.
- *
- * Module: library/version.c
- *
- * This module provides run-time version information.
- */
-#define MBEDTLS_VERSION_C
-
-/**
- * \def MBEDTLS_X509_USE_C
- *
- * Enable X.509 core for using certificates.
- *
- * Module: library/x509.c
- * Caller: library/x509_crl.c
- * library/x509_crt.c
- * library/x509_csr.c
- *
- * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
- * MBEDTLS_PK_PARSE_C
- *
- * This module is required for the X.509 parsing modules.
- */
-#define MBEDTLS_X509_USE_C
-
-/**
- * \def MBEDTLS_X509_CRT_PARSE_C
- *
- * Enable X.509 certificate parsing.
- *
- * Module: library/x509_crt.c
- * Caller: library/ssl_cli.c
- * library/ssl_srv.c
- * library/ssl_tls.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is required for X.509 certificate parsing.
- */
-#define MBEDTLS_X509_CRT_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CRL_PARSE_C
- *
- * Enable X.509 CRL parsing.
- *
- * Module: library/x509_crl.c
- * Caller: library/x509_crt.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is required for X.509 CRL parsing.
- */
-#define MBEDTLS_X509_CRL_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CSR_PARSE_C
- *
- * Enable X.509 Certificate Signing Request (CSR) parsing.
- *
- * Module: library/x509_csr.c
- * Caller: library/x509_crt_write.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is used for reading X.509 certificate request.
- */
-#define MBEDTLS_X509_CSR_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CREATE_C
- *
- * Enable X.509 core for creating certificates.
- *
- * Module: library/x509_create.c
- *
- * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
- *
- * This module is the basis for creating X.509 certificates and CSRs.
- */
-#define MBEDTLS_X509_CREATE_C
-
-/**
- * \def MBEDTLS_X509_CRT_WRITE_C
- *
- * Enable creating X.509 certificates.
- *
- * Module: library/x509_crt_write.c
- *
- * Requires: MBEDTLS_X509_CREATE_C
- *
- * This module is required for X.509 certificate creation.
- */
-#define MBEDTLS_X509_CRT_WRITE_C
-
-/**
- * \def MBEDTLS_X509_CSR_WRITE_C
- *
- * Enable creating X.509 Certificate Signing Requests (CSR).
- *
- * Module: library/x509_csr_write.c
- *
- * Requires: MBEDTLS_X509_CREATE_C
- *
- * This module is required for X.509 certificate request writing.
- */
-#define MBEDTLS_X509_CSR_WRITE_C
-
-/**
- * \def MBEDTLS_XTEA_C
- *
- * Enable the XTEA block cipher.
- *
- * Module: library/xtea.c
- * Caller:
- */
-#define MBEDTLS_XTEA_C
-
-/* \} name SECTION: mbed TLS modules */
-
-/**
- * \name SECTION: Module configuration options
- *
- * This section allows for the setting of module specific sizes and
- * configuration options. The default values are already present in the
- * relevant header files and should suffice for the regular use cases.
- *
- * Our advice is to enable options and change their values here
- * only if you have a good reason and know the consequences.
- *
- * Please check the respective header file for documentation on these
- * parameters (to prevent duplicate documentation).
- * \{
- */
-
-/* MPI / BIGNUM options */
-//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
-//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
-
-/* CTR_DRBG options */
-//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
-//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
-//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
-//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
-//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
-//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */
-
-/* HMAC_DRBG options */
-//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
-//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
-//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
-//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
-
-/* ECP options */
-//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
-//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
-//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
-
-/* Entropy options */
-//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
-//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
-//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
-
-/* Memory buffer allocator options */
-//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
-
-/* Platform options */
-//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
-//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
-//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
-/* Note: your snprintf must correctly zero-terminate the buffer! */
-//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
-
-/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
-/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
-//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
-//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
-//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
-/* Note: your snprintf must correctly zero-terminate the buffer! */
-//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
-//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
-
-/**
- * \brief This macro is invoked by the library when an invalid parameter
- * is detected that is only checked with MBEDTLS_CHECK_PARAMS
- * (see the documentation of that option for context).
- *
- * When you leave this undefined here, a default definition is
- * provided that invokes the function mbedtls_param_failed(),
- * which is declared in platform_util.h for the benefit of the
- * library, but that you need to define in your application.
- *
- * When you define this here, this replaces the default
- * definition in platform_util.h (which no longer declares the
- * function mbedtls_param_failed()) and it is your responsibility
- * to make sure this macro expands to something suitable (in
- * particular, that all the necessary declarations are visible
- * from within the library - you can ensure that by providing
- * them in this file next to the macro definition).
- *
- * Note that you may define this macro to expand to nothing, in
- * which case you don't have to worry about declarations or
- * definitions. However, you will then be notified about invalid
- * parameters only in non-void functions, and void function will
- * just silently return early on invalid parameters, which
- * partially negates the benefits of enabling
- * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
- *
- * \param cond The expression that should evaluate to true, but doesn't.
- */
-//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
-
-/* SSL Cache options */
-//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
-//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
-
-/* SSL options */
-
-/** \def MBEDTLS_SSL_MAX_CONTENT_LEN
- *
- * Maximum length (in bytes) of incoming and outgoing plaintext fragments.
- *
- * This determines the size of both the incoming and outgoing TLS I/O buffers
- * in such a way that both are capable of holding the specified amount of
- * plaintext data, regardless of the protection mechanism used.
- *
- * To configure incoming and outgoing I/O buffers separately, use
- * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN,
- * which overwrite the value set by this option.
- *
- * \note When using a value less than the default of 16KB on the client, it is
- * recommended to use the Maximum Fragment Length (MFL) extension to
- * inform the server about this limitation. On the server, there
- * is no supported, standardized way of informing the client about
- * restriction on the maximum size of incoming messages, and unless
- * the limitation has been communicated by other means, it is recommended
- * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
- * while keeping the default value of 16KB for the incoming buffer.
- *
- * Uncomment to set the maximum plaintext size of both
- * incoming and outgoing I/O buffers.
- */
-//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
-
-/** \def MBEDTLS_SSL_IN_CONTENT_LEN
- *
- * Maximum length (in bytes) of incoming plaintext fragments.
- *
- * This determines the size of the incoming TLS I/O buffer in such a way
- * that it is capable of holding the specified amount of plaintext data,
- * regardless of the protection mechanism used.
- *
- * If this option is undefined, it inherits its value from
- * #MBEDTLS_SSL_MAX_CONTENT_LEN.
- *
- * \note When using a value less than the default of 16KB on the client, it is
- * recommended to use the Maximum Fragment Length (MFL) extension to
- * inform the server about this limitation. On the server, there
- * is no supported, standardized way of informing the client about
- * restriction on the maximum size of incoming messages, and unless
- * the limitation has been communicated by other means, it is recommended
- * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
- * while keeping the default value of 16KB for the incoming buffer.
- *
- * Uncomment to set the maximum plaintext size of the incoming I/O buffer
- * independently of the outgoing I/O buffer.
- */
-//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
-
-/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
- *
- * Maximum length (in bytes) of outgoing plaintext fragments.
- *
- * This determines the size of the outgoing TLS I/O buffer in such a way
- * that it is capable of holding the specified amount of plaintext data,
- * regardless of the protection mechanism used.
- *
- * If this option undefined, it inherits its value from
- * #MBEDTLS_SSL_MAX_CONTENT_LEN.
- *
- * It is possible to save RAM by setting a smaller outward buffer, while keeping
- * the default inward 16384 byte buffer to conform to the TLS specification.
- *
- * The minimum required outward buffer size is determined by the handshake
- * protocol's usage. Handshaking will fail if the outward buffer is too small.
- * The specific size requirement depends on the configured ciphers and any
- * certificate data which is sent during the handshake.
- *
- * Uncomment to set the maximum plaintext size of the outgoing I/O buffer
- * independently of the incoming I/O buffer.
- */
-//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
-
-/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
- *
- * Maximum number of heap-allocated bytes for the purpose of
- * DTLS handshake message reassembly and future message buffering.
- *
- * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
- * to account for a reassembled handshake message of maximum size,
- * together with its reassembly bitmap.
- *
- * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
- * should be sufficient for all practical situations as it allows
- * to reassembly a large handshake message (such as a certificate)
- * while buffering multiple smaller handshake messages.
- *
- */
-//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
-
-//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
-//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
-//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
-
-/**
- * Complete list of ciphersuites to use, in order of preference.
- *
- * \warning No dependency checking is done on that field! This option can only
- * be used to restrict the set of available ciphersuites. It is your
- * responsibility to make sure the needed modules are active.
- *
- * Use this to save a few hundred bytes of ROM (default ordering of all
- * available ciphersuites) and a few to a few hundred bytes of RAM.
- *
- * The value below is only an example, not the default.
- */
-//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
-
-/* X509 options */
-//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
-//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
-
-/**
- * Allow SHA-1 in the default TLS configuration for certificate signing.
- * Without this build-time option, SHA-1 support must be activated explicitly
- * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
- * recommended because of it is possible to generate SHA-1 collisions, however
- * this may be safe for legacy infrastructure where additional controls apply.
- *
- * \warning SHA-1 is considered a weak message digest and its use constitutes
- * a security risk. If possible, we recommend avoiding dependencies
- * on it, and considering stronger message digests instead.
- *
- */
-// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-
-/**
- * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
- * signature and ciphersuite selection. Without this build-time option, SHA-1
- * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
- * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
- * default. At the time of writing, there is no practical attack on the use
- * of SHA-1 in handshake signatures, hence this option is turned on by default
- * to preserve compatibility with existing peers, but the general
- * warning applies nonetheless:
- *
- * \warning SHA-1 is considered a weak message digest and its use constitutes
- * a security risk. If possible, we recommend avoiding dependencies
- * on it, and considering stronger message digests instead.
- *
- */
-#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
-
-/**
- * Uncomment the macro to let mbed TLS use your alternate implementation of
- * mbedtls_platform_zeroize(). This replaces the default implementation in
- * platform_util.c.
- *
- * mbedtls_platform_zeroize() is a widely used function across the library to
- * zero a block of memory. The implementation is expected to be secure in the
- * sense that it has been written to prevent the compiler from removing calls
- * to mbedtls_platform_zeroize() as part of redundant code elimination
- * optimizations. However, it is difficult to guarantee that calls to
- * mbedtls_platform_zeroize() will not be optimized by the compiler as older
- * versions of the C language standards do not provide a secure implementation
- * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
- * configure their own implementation of mbedtls_platform_zeroize(), for
- * example by using directives specific to their compiler, features from newer
- * C standards (e.g using memset_s() in C11) or calling a secure memset() from
- * their system (e.g explicit_bzero() in BSD).
- */
-//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
-
-/**
- * Uncomment the macro to let Mbed TLS use your alternate implementation of
- * mbedtls_platform_gmtime_r(). This replaces the default implementation in
- * platform_util.c.
- *
- * gmtime() is not a thread-safe function as defined in the C standard. The
- * library will try to use safer implementations of this function, such as
- * gmtime_r() when available. However, if Mbed TLS cannot identify the target
- * system, the implementation of mbedtls_platform_gmtime_r() will default to
- * using the standard gmtime(). In this case, calls from the library to
- * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
- * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
- * library are also guarded with this mutex to avoid race conditions. However,
- * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
- * unconditionally use the implementation for mbedtls_platform_gmtime_r()
- * supplied at compile time.
- */
-//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
-
-/* \} name SECTION: Customisation configuration options */
-
-/* Target and application specific configurations
- *
- * Allow user to override any previous default.
- *
- */
-#if defined(MBEDTLS_USER_CONFIG_FILE)
-#include MBEDTLS_USER_CONFIG_FILE
-#endif
-
-#include "mbedtls/check_config.h"
-
-#endif /* MBEDTLS_CONFIG_H */
diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h
index 6eb03a9..9cad382 100644
--- a/configs/config-suite-b.h
+++ b/configs/config-suite-b.h
@@ -80,8 +80,7 @@
#define MBEDTLS_AES_ROM_TABLES
/* Save RAM by adjusting to our exact needs */
-#define MBEDTLS_ECP_MAX_BITS 384
-#define MBEDTLS_MPI_MAX_SIZE 48 // 384 bits is 48 bytes
+#define MBEDTLS_MPI_MAX_SIZE 48 // 48 bytes for a 384-bit elliptic curve
/* Save RAM at the expense of speed, see ecp.h */
#define MBEDTLS_ECP_WINDOW_SIZE 2
diff --git a/configs/config-thread.h b/configs/config-thread.h
index 47dd5e2..8464fcb 100644
--- a/configs/config-thread.h
+++ b/configs/config-thread.h
@@ -81,8 +81,7 @@
#define MBEDTLS_AES_ROM_TABLES
/* Save RAM by adjusting to our exact needs */
-#define MBEDTLS_ECP_MAX_BITS 256
-#define MBEDTLS_MPI_MAX_SIZE 32 // 256 bits is 32 bytes
+#define MBEDTLS_MPI_MAX_SIZE 32 // 32 bytes for a 256-bit elliptic curve
/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
diff --git a/docs/architecture/psa-crypto-implementation-structure.md b/docs/architecture/psa-crypto-implementation-structure.md
new file mode 100644
index 0000000..cd4d427
--- /dev/null
+++ b/docs/architecture/psa-crypto-implementation-structure.md
@@ -0,0 +1,73 @@
+PSA Cryptograpy API implementation and PSA driver interface
+===========================================================
+
+## Introduction
+
+The [PSA Cryptography API specification](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface) defines an interface to cryptographic operations for which the Mbed TLS library provides a reference implementation. The PSA Cryptography API specification is complemented by the PSA driver interface specification which defines an interface for cryptoprocessor drivers.
+
+This document describes the high level organization of the Mbed TLS PSA Cryptography API implementation which is tightly related to the PSA driver interface.
+
+## High level organization of the Mbed TLS PSA Cryptography API implementation
+In one sentence, the Mbed TLS PSA Cryptography API implementation is made of a core and PSA drivers as defined in the PSA driver interface. The key point is that software cryptographic operations are organized as PSA drivers: they interact with the core through the PSA driver interface.
+
+### Rationale
+
+* Addressing software and hardware cryptographic implementations through the same C interface reduces the core code size and its call graph complexity. The core and its dispatching to software and hardware implementations are consequently easier to test and validate.
+* The organization of the software cryptographic implementations in drivers promotes modularization of those implementations.
+* As hardware capabilities, software cryptographic functionalities can be described by a JSON driver description file as defined in the PSA driver interface.
+* Along with JSON driver description files, the PSA driver specification defines the deliverables for a driver to be included into the Mbed TLS PSA Cryptography implementation. This provides a natural framework to integrate third party or alternative software implementations of cryptographic operations.
+
+## The Mbed TLS PSA Cryptography API implementation core
+
+The core implements all the APIs as defined in the PSA Cryptography API specification but does not perform on its own any cryptographic operation. The core relies on PSA drivers to actually
+perform the cryptographic operations. The core is responsible for:
+
+* the key store.
+* checking PSA API arguments and translating them into valid arguments for the necessary calls to the PSA driver interface.
+* dispatching the cryptographic operations to the appropriate PSA drivers.
+
+The sketch of an Mbed TLS PSA cryptographic API implementation is thus:
+```C
+psa_status_t psa_api( ... )
+{
+ psa_status_t status;
+
+ /* Pre driver interface call processing: validation of arguments, building
+ * of arguments for the call to the driver interface, ... */
+
+ ...
+
+ /* Call to the driver interface */
+ status = psa_driver_wrapper_<entry_point>( ... );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ /* Post driver interface call processing: validation of the values returned
+ * by the driver, finalization of the values to return to the caller,
+ * clean-up in case of error ... */
+}
+```
+The code of most PSA APIs is expected to match precisely the above layout. However, it is likely that the code structure of some APIs will be more complicated with several calls to the driver interface, mainly to encompass a larger variety of hardware designs. For example, to encompass hardware accelerators that are capable of verifying a MAC and those that are only capable of computing a MAC, the psa_mac_verify() API could call first psa_driver_wrapper_mac_verify() and then fallback to psa_driver_wrapper_mac_compute().
+
+The implementations of `psa_driver_wrapper_<entry_point>` functions are generated by the build system based on the JSON driver description files of the various PSA drivers making up the Mbed TLS PSA Cryptography API implementation. The implementations are generated in a psa_crypto_driver_wrappers.c C file and the function prototypes declared in a psa_crypto_driver_wrappers.h header file.
+
+The psa_driver_wrapper_<entry_point>() functions dispatch cryptographic operations to accelerator drivers, secure element drivers as well as to the software implementations of cryptographic operations.
+
+Note that the implementation allows to build the library with only a C compiler by shipping a generated file corresponding to a pure software implementation. The driver entry points and their code in this generated file are guarded by pre-processor directives based on PSA_WANT_xyz macros (see [Conditional inclusion of cryptographic mechanism through the PSA API in Mbed TLS](psa-conditional-inclusion-c.html). That way, it is possible to compile and include in the library only the desired cryptographic operations.
+
+### Key creation
+
+Key creation implementation in Mbed TLS PSA core is articulated around three internal functions: psa_start_key_creation(), psa_finish_key_creation() and psa_fail_key_creation(). Implementations of key creation PSA APIs, namely psa_import_key(), psa_generate_key(), psa_key_derivation_output_key() and psa_copy_key() go by the following sequence:
+ 1. Check the input parameters.
+ 2. Call psa_start_key_creation() that allocates a key slot, prepares it with the specified key attributes, and in case of a volatile key assign it a volatile key identifier.
+ 3. Generate or copy the key material into the key slot. This entails the allocation of the buffer to store the key material.
+ 4. Call psa_finish_key_creation() that mostly saves persistent keys into persistent storage.
+
+In case of any error occurring at step 3 or 4, psa_fail_key_creation() is called. It wipes and cleans the slot especially the key material: reset to zero of the RAM memory that contained the key material, free the allocated buffer.
+
+
+## Mbed TLS PSA Cryptography API implementation drivers
+
+A driver of the Mbed TLS PSA Cryptography API implementation (Mbed TLS PSA driver in the following) is a driver in the sense that it is compliant with the PSA driver interface specification. But it is not an actual driver that drives some hardware. It implements cryptographic operations purely in software.
+
+An Mbed TLS PSA driver C file is named psa_crypto_<driver_name>.c and its associated header file psa_crypto_<driver_name>.h. The functions implementing a driver entry point as defined in the PSA driver interface specification are named as mbedtls_psa_<driver name>_<entry point>(). As an example, the psa_crypto_rsa.c and psa_crypto_rsa.h are the files containing the Mbed TLS PSA driver implementing RSA cryptographic operations. This RSA driver implements among other entry points the "import_key" entry point. The function implementing this entry point is named mbedtls_psa_rsa_import_key().
diff --git a/docs/architecture/testing/driver-interface-test-strategy.md b/docs/architecture/testing/driver-interface-test-strategy.md
index d6769da..086fc1a 100644
--- a/docs/architecture/testing/driver-interface-test-strategy.md
+++ b/docs/architecture/testing/driver-interface-test-strategy.md
@@ -4,9 +4,19 @@
The driver interfaces are standardized through PSA Cryptography functional specifications.
-## Secure element driver interface
+## Secure element driver interface testing
-The secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed Crypto and one or more third-party drivers.
+### Secure element driver interfaces
+
+#### Opaque driver interface
+
+The [unified driver interface](../../proposed/psa-driver-interface.md) supports both transparent drivers (for accelerators) and opaque drivers (for secure elements).
+
+Drivers exposing this interface need to be registered at compile time by declaring their JSON description file.
+
+#### Dynamic secure element driver interface
+
+The dynamic secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed Crypto and one or more third-party drivers.
The SE interface consists of one function provided by Mbed Crypto (`psa_register_se_driver`) and many functions that drivers must implement. To make a driver usable by Mbed Crypto, the initialization code must call `psa_register_se_driver` with a structure that describes the driver. The structure mostly contains function pointers, pointing to the driver's methods. All calls to a driver function are triggered by a call to a PSA crypto API function.
@@ -18,6 +28,8 @@
#### SE driver registration
+This applies to dynamic drivers only.
+
* Test `psa_register_se_driver` with valid and with invalid arguments.
* Make at least one failing call to `psa_register_se_driver` followed by a successful call.
* Make at least one test that successfully registers the maximum number of drivers and fails to register one more.
@@ -102,14 +114,20 @@
A PKCS#11 driver would be a good candidate. It would be useful as part of our product offering.
-## Accelerator driver interface
+## Transparent driver interface testing
-The accelerator driver interface is defined by [`psa/crypto_accel_driver.h`](../../../include/psa/crypto_accel_driver.h).
+The [unified driver interface](../../proposed/psa-driver-interface.md) defines interfaces for accelerators.
-TODO
+### Test requirements
-## Entropy driver interface
+#### Requirements for transparent driver testing
-The entropy driver interface is defined by [`psa/crypto_entropy_driver.h`](../../../include/psa/crypto_entropy_driver.h).
+Every cryptographic mechanism for which a transparent driver interface exists (key creation, cryptographic operations, …) must be exercised in at least one build. The test must verify that the driver code is called.
+
+#### Requirements for fallback
+
+The driver interface includes a fallback mechanism so that a driver can reject a request at runtime and let another driver handle the request. For each entry point, there must be at least three test runs with two or more drivers available with driver A configured to fall back to driver B, with one run where A returns `PSA_SUCCESS`, one where A returns `PSA_ERROR_NOT_SUPPORTED` and B is invoked, and one where A returns a different error and B is not invoked.
+
+## Entropy and randomness interface testing
TODO
diff --git a/docs/architecture/testing/psa-storage-format-testing.md b/docs/architecture/testing/psa-storage-format-testing.md
new file mode 100644
index 0000000..e293985
--- /dev/null
+++ b/docs/architecture/testing/psa-storage-format-testing.md
@@ -0,0 +1,127 @@
+# Mbed TLS PSA keystore format stability testing strategy
+
+## Introduction
+
+The PSA crypto subsystem includes a persistent key store. It is possible to create a persistent key and read it back later. This must work even if Mbed TLS has been upgraded in the meantime (except for deliberate breaks in the backward compatibility of the storage).
+
+The goal of this document is to define a test strategy for the key store that not only validates that it's possible to load a key that was saved with the version of Mbed TLS under test, but also that it's possible to load a key that was saved with previous versions of Mbed TLS.
+
+Interoperability is not a goal: PSA crypto implementations are not intended to have compatible storage formats. Downgrading is not required to work.
+
+## General approach
+
+### Limitations of a direct approach
+
+The goal of storage format stability testing is: as a user of Mbed TLS, I want to store a key under version V and read it back under version W, with W ≥ V.
+
+Doing the testing this way would be difficult because we'd need to have version V of Mbed TLS available when testing version W.
+
+An alternative, semi-direct approach consists of generating test data under version V, and reading it back under version W. Done naively, this would require keeping a large amount of test data (full test coverage multiplied by the number of versions that we want to preserve backward compatibility with).
+
+### Save-and-compare approach
+
+Importing and saving a key is deterministic. Therefore we can ensure the stability of the storage format by creating test cases under a version V of Mbed TLS, where the test case parameters include both the parameters to pass to key creation and the expected state of the storage after the key is created. The test case creates a key as indicated by the parameters, then compares the actual state of the storage with the expected state.
+
+In addition, the test case also loads the key and checks that it has the expected data and metadata. Import-and-save testing and load-and-check testing can be split into separate test functions with the same payloads.
+
+If the test passes with version V, this means that the test data is consistent with what the implementation does. When the test later runs under version W ≥ V, it creates and reads back a storage state which is known to be identical to the state that V would have produced. Thus, this approach validates that W can read storage states created by V.
+
+Note that it is the combination of import-and-save passing on version V and load-and-check passing on version W with the same data that proves that version W can read back what version V wrote. From the perspective of a particular version of the library, the import-and-save tests guarantee forward compatibility while the load-and-check tests guarantee backward compatibility.
+
+Use a similar approach for files other than keys where possible and relevant.
+
+### Keeping up with storage format evolution
+
+Test cases should normally not be removed from the code base: if something has worked before, it should keep working in future versions, so we should keep testing it.
+
+This cannot be enforced solely by looking at a single version of Mbed TLS, since there would be no indication that more test cases used to exist. It can only be enforced through review of library changes. The review may be assisted by a tool that compares the old and the new version, in the same way that `abi-check.py` compares the library's API and ABI.
+
+If the way certain keys are stored changes, and we don't deliberately decide to stop supporting old keys (which should only be done by retiring a version of the storage format), then we should keep the corresponding test cases in load-only mode: create a file with the expected content, load it and check the data that it contains.
+
+## Storage architecture overview
+
+The PSA subsystem provides storage on top of the PSA trusted storage interface. The state of the storage is a mapping from file identifer (a 64-bit number) to file content (a byte array). These files include:
+
+* [Key files](#key-storage) (files containing one key's metadata and, except for some secure element keys, key material).
+* The [random generator injected seed or state file](#random-generator-state) (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`).
+* [Storage transaction file](#storage-transaction-resumption).
+* [Driver state files](#driver-state-files).
+
+For a more detailed description, refer to the [Mbed Crypto storage specification](../mbed-crypto-storage-specification.md).
+
+In addition, Mbed TLS includes an implementation of the PSA trusted storage interface on top of C stdio. This document addresses the test strategy for [PSA ITS over file](#psa-its-over-file) in a separate section below.
+
+## Key storage testing
+
+This section describes the desired test cases for keys created with the current storage format version. When the storage format changes, if backward compatibility is desired, old test data should be kept as described under [“Keeping up with storage format evolution”](#keeping-up-with-storage-format-evolution).
+
+### Keystore layout
+
+Objective: test that the key file name corresponds to the key identifier.
+
+Method: Create a key with a given identifier (using `psa_import_key`) and verify that a file with the expected name is created, and no other. Repeat for different identifiers.
+
+### General key format
+
+Objective: test the format of the key file: which field goes where and how big it is.
+
+Method: Create a key with certain metadata with `psa_import_key`. Read the file content and validate that it has the expected layout, deduced from the storage specification. Repeat with different metadata. Ensure that there are test cases covering all fields.
+
+### Enumeration of test cases for keys
+
+Objective: ensure that the coverage is sufficient to have assurance that all keys are stored correctly. This requires a sufficient selection of key types, sizes, policies, etc.
+
+In particular, the tests must validate that each `PSA_xxx` constant that is stored in a key is covered by at least one test case:
+
+* Lifetimes: `PSA_KEY_LIFETIME_xxx`, `PSA_KEY_PERSISTENCE_xxx`, `PSA_KEY_LOCATION_xxx`.
+* Usage flags: `PSA_KEY_USAGE_xxx`.
+* Algorithms in policies: `PSA_ALG_xxx`.
+* Key types: `PSA_KEY_TYPE_xxx`, `PSA_ECC_FAMILY_xxx`, `PSA_DH_FAMILY_xxx`.
+
+In addition, the coverage of key material must ensure that any variation in key representation is detected. See [“Considerations on key material representations”](#Considerations-on-key-material-representations) for considerations regarding key types.
+
+Method: Each test case creates a key with `psa_import_key`, purges it from memory, then reads it back and exercises it.
+
+Generate test cases automatically based on an enumeration of available constants and some knowledge of what attributes (sizes, algorithms, …) and content to use for keys of a certain type.
+
+### Testing with alternative lifetime values
+
+Objective: have test coverage for lifetimes other than the default persistent lifetime (`PSA_KEY_LIFETIME_PERSISTENT`).
+
+Method:
+
+* For alternative locations: have tests conditional on the presence of a driver for that location.
+* For alternative persistence levels: have load-and-check tests for supported persistence levels. We may also want to have negative tests ensuring that keys with a not-supported persistence level are not accidentally created.
+
+### Considerations on key material representations
+
+The risks of incompatibilities in key representations depends on the key type and on the presence of drivers. Compatibility of and with drivers is currently out of scope of this document.
+
+Some types only have one plausible representation. Others admit alternative plausible representations (different encodings, or non-canonical representations).
+Here are some areas to watch for, with an identified risk of incompatibilities.
+
+* HMAC keys longer than the block size: pre-hashed or not?
+* DES keys: was parity enforced?
+* RSA keys: can invalid DER encodings (e.g. leading zeros, ignored sign bit) have been stored?
+* RSA private keys: can invalid CRT parameters have been stored?
+* Montgomery private keys: were they stored in masked form?
+
+## Random generator state
+
+TODO
+
+## Driver state files
+
+Not yet implemented.
+
+TODO
+
+## Storage transaction resumption
+
+Only relevant for secure element support. Not yet fully implemented.
+
+TODO
+
+## PSA ITS over file
+
+TODO
diff --git a/docs/architecture/tls13-experimental.md b/docs/architecture/tls13-experimental.md
index 3db16e0..10cbfa1 100644
--- a/docs/architecture/tls13-experimental.md
+++ b/docs/architecture/tls13-experimental.md
@@ -47,3 +47,22 @@
Those functions are implemented in `library/ssl_tls13_keys.c` and
tested in `test_suite_ssl` using test vectors from RFC 8448 and
https://tls13.ulfheim.net/.
+
+- New TLS Message Processing Stack (MPS)
+
+ The TLS 1.3 prototype is developed alongside a rewrite of the TLS messaging layer,
+ encompassing low-level details such as record parsing, handshake reassembly, and
+ DTLS retransmission state machine.
+
+ MPS has the following components:
+ - Layer 1 (Datagram handling)
+ - Layer 2 (Record handling)
+ - Layer 3 (Message handling)
+ - Layer 4 (Retransmission State Machine)
+ - Reader (Abstracted pointer arithmetic and reassembly logic for incoming data)
+ - Writer (Abstracted pointer arithmetic and fragmentation logic for outgoing data)
+
+ Of those components, the following have been upstreamed
+ as part of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`:
+
+ - Reader ([`library/mps_reader.h`](../../library/mps_reader.h))
diff --git a/docs/getting_started.md b/docs/getting_started.md
index 15d5a31..70c5ff4 100644
--- a/docs/getting_started.md
+++ b/docs/getting_started.md
@@ -203,7 +203,7 @@
void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len)
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES),
};
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -288,7 +288,7 @@
void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len)
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES),
};
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -445,7 +445,7 @@
0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
};
- size_t expected_hash_len = PSA_HASH_SIZE(alg);
+ size_t expected_hash_len = PSA_HASH_LENGTH(alg);
printf("Verify a hash...\t");
fflush(stdout);
@@ -482,7 +482,7 @@
mbedtls_psa_crypto_free();
```
-The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash length (in bytes) for the specified algorithm.
+The API provides the macro `PSA_HASH_LENGTH`, which returns the expected hash length (in bytes) for the specified algorithm.
#### Handling hash operation contexts
diff --git a/docs/proposed/psa-conditional-inclusion-c.md b/docs/proposed/psa-conditional-inclusion-c.md
index 52138b1..2ddba7f 100644
--- a/docs/proposed/psa-conditional-inclusion-c.md
+++ b/docs/proposed/psa-conditional-inclusion-c.md
@@ -5,8 +5,6 @@
This is currently a proposal for Mbed TLS. It is not currently on track for standardization in PSA.
-Time-stamp: "2020/11/26 09:30:50 GMT"
-
## Introduction
### Purpose of this specification
@@ -86,9 +84,17 @@
For asymmetric cryptography, `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR` determines whether private-key operations are desired, and `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY` determines whether public-key operations are desired. `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR` implicitly enables `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY`: there is no way to only include private-key operations (which typically saves little code).
-#### Configuration symbols for curves
+#### Configuration symbols for elliptic curves
-For elliptic curve key types, only the specified curves are included. To include a curve, include a symbol of the form **`PSA_WANT_ECC_family_size`**. For example: `PSA_WANT_ECC_SECP_R1_256` for secp256r1, `PSA_WANT_ECC_MONTGOMERY_CURVE25519`. It is an error to require an ECC key type but no curve, and Mbed TLS will reject this at compile time.
+For elliptic curve key types, only the specified curves are included. To include a curve, include a symbol of the form **`PSA_WANT_ECC_family_size`**. For example: `PSA_WANT_ECC_SECP_R1_256` for secp256r1, `PSA_WANT_ECC_MONTGOMERY_255` for Curve25519. It is an error to require an ECC key type but no curve, and Mbed TLS will reject this at compile time.
+
+Rationale: this is a deviation of the general principle that `PSA_ECC_FAMILY_xxx` would have a corresponding symbol `PSA_WANT_ECC_FAMILY_xxx`. This deviation is justified by the fact that it is very common to wish to include only certain curves in a family, and that can lead to a significant gain in code size.
+
+#### Configuration symbols for Diffie-Hellman groups
+
+There are no configuration symbols for Diffie-Hellman groups (`PSA_DH_GROUP_xxx`).
+
+Rationale: Finite-field Diffie-Hellman code is usually not specialized for any particular group, so reducing the number of available groups at compile time only saves a little code space. Constrained implementations tend to omit FFDH anyway, so the small code size gain is not important.
#### Configuration symbols for algorithms
@@ -195,7 +201,7 @@
#### Naming of symbols
-The names of [elliptic curve symbols](#configuration-symbols-for-curves) are a bit weird: `SECP_R1_256` instead of `SECP256R1`. Should we make them more classical, but less systematic?
+The names of [elliptic curve symbols](#configuration-symbols-for-elliptic-curves) are a bit weird: `SECP_R1_256` instead of `SECP256R1`, `MONTGOMERY_255` instead of `CURVE25519`. Should we make them more classical, but less systematic?
#### Impossible combinations
diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md
index d825794..23274c7 100644
--- a/docs/proposed/psa-driver-interface.md
+++ b/docs/proposed/psa-driver-interface.md
@@ -5,8 +5,6 @@
This specification is work in progress and should be considered to be in a beta stage. There is ongoing work to implement this interface in Mbed TLS, which is the reference implementation of the PSA Cryptography API. At this stage, Arm does not expect major changes, but minor changes are expected based on experience from the first implementation and on external feedback.
-Time-stamp: "2020/11/24 11:03:32 GMT"
-
## Introduction
### Purpose of the driver interface
@@ -136,7 +134,7 @@
"entry_points": ["sign_hash"],
"algorithms": ["PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)",
"PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384)"],
- "key_types": ["PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1)"],
+ "key_types": ["PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)"],
"key_sizes": [256, 384]
}
```
@@ -166,7 +164,7 @@
Valid examples:
```
PSA_KEY_TYPE_AES
-PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1)
+PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)
PSA_KEY_TYPE_ECC_KEY_PAIR(_)
```
@@ -196,6 +194,8 @@
Some entry points are grouped in families that must be implemented as a whole. If a driver supports an entry point family, it must provide all the entry points in the family.
+Drivers can also have entry points related to random generation. A transparent driver can provide a [random generation interface](#random-generation-entry-points). Separately, transparent and opaque drivers can have [entropy collection entry points](#entropy-collection-entry-point).
+
#### General considerations on driver entry point parameters
Buffer parameters for driver entry points obey the following conventions:
@@ -375,6 +375,49 @@
* For elliptic curve private keys (`PSA_KEY_TYPE_ECC_KEY_PAIR`), check the size and range. TODO: what else?
* For elliptic curve public keys (`PSA_KEY_TYPE_ECC_PUBLIC_KEY`), check the size and range, and that the point is on the curve. TODO: what else?
+### Entropy collection entry point
+
+A driver can declare an entropy source by providing a `"get_entropy"` entry point. This entry point has the following prototype for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_get_entropy(uint32_t flags,
+ size_t *estimate_bits,
+ uint8_t *output,
+ size_t output_size);
+```
+
+The semantics of the parameters is as follows:
+
+* `flags`: a bit-mask of [entropy collection flags](#entropy-collection-flags).
+* `estimate_bits`: on success, an estimate of the amount of entropy that is present in the `output` buffer, in bits. This must be at least `1` on success. The value is ignored on failure. Drivers should return a conservative estimate, even in circumstances where the quality of the entropy source is degraded due to environmental conditions (e.g. undervolting, low temperature, etc.).
+* `output`: on success, this buffer contains non-deterministic data with an estimated entropy of at least `*estimate_bits` bits. When the entropy is coming from a hardware peripheral, this should preferably be raw or lightly conditioned measurements from a physical process, such that statistical tests run over a sufficiently large amount of output can confirm the entropy estimates. But this specification also permits entropy sources that are fully conditioned, for example when the PSA Cryptography system is running as an application in an operating system and `"get_entropy"` returns data from the random generator in the operating system's kernel.
+* `output_size`: the size of the `output` buffer in bytes. This size should be large enough to allow a driver to pass unconditioned data with a low density of entropy; for example a peripheral that returns eight bytes of data with an estimated one bit of entropy cannot provide meaningful output in less than 8 bytes.
+
+Note that there is no output parameter indicating how many bytes the driver wrote to the buffer. Such an output length indication is not necessary because the entropy may be located anywhere in the buffer, so the driver may write less than `output_size` bytes but the core does not need to know this. The output parameter `estimate_bits` contains the amount of entropy, expressed in bits, which may be significantly less than `output_size * 8`.
+
+The entry point may return the following statuses:
+
+* `PSA_SUCCESS`: success. The output buffer contains some entropy.
+* `PSA_ERROR_INSUFFICIENT_ENTROPY`: no entropy is available without blocking. This is only permitted if the `PSA_DRIVER_GET_ENTROPY_BLOCK` flag is clear. The core may call `get_entropy` again later, giving time for entropy to be gathered or for adverse environmental conditions to be rectified.
+* Other error codes indicate a transient or permanent failure of the entropy source.
+
+Unlike most other entry points, if multiple transparent drivers include a `"get_entropy"` point, the core will call all of them (as well as the entry points from opaque drivers). Fallback is not applicable to `"get_entropy"`.
+
+#### Entropy collection flags
+
+* `PSA_DRIVER_GET_ENTROPY_BLOCK`: If this flag is set, the driver should block until it has at least one bit of entropy. If this flag is clear, the driver should avoid blocking if no entropy is readily available.
+* `PSA_DRIVER_GET_ENTROPY_KEEPALIVE`: This flag is intended to help with energy management for entropy-generating peripherals. If this flag is set, the driver should expect another call to `acme_get_entropy` after a short time. If this flag is clear, the core is not expecting to call the `"get_entropy"` entry point again within a short amount of time (but it may do so nonetheless).
+
+#### Entropy collection and blocking
+
+The intent of the `BLOCK` and `KEEPALIVE` [flags](#entropy-collection-flags) is to support drivers for TRNG (True Random Number Generator, i.e. an entropy source peripheral) that have a long ramp-up time, especially on platforms with multiple entropy sources.
+
+Here is a suggested call sequence for entropy collection that leverages these flags:
+
+1. The core makes a first round of calls to `"get_entropy"` on every source with the `BLOCK` flag clear and the `KEEPALIVE` flag set, so that drivers can prepare the TRNG peripheral.
+2. The core makes a second round of calls with the `BLOCK` flag set and the `KEEPALIVE` flag clear to gather needed entropy.
+3. If the second round does not collect enough entropy, the core makes more similar rounds, until the total amount of collected entropy is sufficient.
+
### Miscellaneous driver entry points
#### Driver initialization
@@ -428,6 +471,109 @@
3. [Determine the key size](#key-size-determination-on-import) and output it through `*bits`.
4. Copy the validated key data from `data` to `key_buffer`. The output must be in the canonical format documented for [`psa_export_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) or [`psa_export_public_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_public_key), so if the input is not in this format, the entry point must convert it.
+### Random generation entry points
+
+A transparent driver may provide an operation family that can be used as a cryptographic random number generator. The random generation mechanism must obey the following requirements:
+
+* The random output must be of cryptographic quality, with a uniform distribution. Therefore, if the random generator includes an entropy source, this entropy source must be fed through a CSPRNG (cryptographically secure pseudo-random number generator).
+* Random generation is expected to be fast. (If a device can provide entropy but is slow at generating random data, declare it as an [entropy driver](#entropy-collection-entry-point) instead.)
+* The random generator should be able to incorporate entropy provided by an outside source. If it isn't, the random generator can only be used if it's the only entropy source on the platform. (A random generator peripheral can be declared as an [entropy source](#entropy-collection-entry-point) instead of a random generator; this way the core will combine it with other entropy sources.)
+* The random generator may either be deterministic (in the sense that it always returns the same data when given the same entropy inputs) or non-deterministic (including its own entropy source). In other words, this interface is suitable both for PRNG (pseudo-random number generator, also known as DRBG (deterministic random bit generator)) and for NRBG (non-deterministic random bit generator).
+
+If no driver implements the random generation entry point family, the core provides an unspecified random generation mechanism.
+
+This operation family requires the following type, entry points and parameters (TODO: where exactly are the parameters in the JSON structure?):
+
+* Type `"random_context_t"`: the type of a random generation context.
+* `"init_random"` (entry point, optional): if this function is present, [the core calls it once](#random-generator-initialization) after allocating a `"random_context_t"` object.
+* `"add_entropy"` (entry point, optional): the core calls this function to [inject entropy](#entropy-injection). This entry point is optional if the driver is for a peripheral that includes an entropy source of its own, however [random generator drivers without entropy injection](#random-generator-drivers-without-entropy-injection) have limited portability since they can only be used on platforms with no other entropy source. This entry point is mandatory if `"initial_entropy_size"` is nonzero.
+* `"get_random"` (entry point, mandatory): the core calls this function whenever it needs to [obtain random data](#the-get_random-entry-point).
+* `"initial_entropy_size"` (integer, mandatory): the minimum number of bytes of entropy that the core must supply before the driver can output random data. This can be `0` if the driver is for a peripheral that includes an entropy source of its own.
+* `"reseed_entropy_size"` (integer, optional): the minimum number of bytes of entropy that the core should supply via [`"add_entropy"`](#entropy-injection) when the driver runs out of entropy. This value is also a hint for the size to supply if the core makes additional calls to `"add_entropy"`, for example to enforce prediction resistance. If omitted, the core should pass an amount of entropy corresponding to the expected security strength of the device (for example, pass 32 bytes of entropy when reseeding to achieve a security strength of 256 bits). If specified, the core should pass the larger of `"reseed_entropy_size"` and the amount corresponding to the security strength.
+
+Random generation is not parametrized by an algorithm. The choice of algorithm is up to the driver.
+
+#### Random generator initialization
+
+The `"init_random"` entry point has the following prototype for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_init_random(acme_random_context_t *context);
+```
+
+The core calls this entry point once after allocating a random generation context. Initially, the context object is all-bits-zero.
+
+If a driver does not have an `"init_random"` entry point, the context object passed to the first call to `"add_entropy"` or `"get_random"` will be all-bits-zero.
+
+#### Entropy injection
+
+The `"add_entropy"` entry point has the following prototype for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_add_entropy(acme_random_context_t *context,
+ const uint8_t *entropy,
+ size_t entropy_size);
+```
+
+The semantics of the parameters is as follows:
+
+* `context`: a random generation context. On the first call to `"add_entropy"`, this object has been initialized by a call to the driver's `"init_random"` entry point if one is present, and to all-bits-zero otherwise.
+* `entropy`: a buffer containing full-entropy data to seed the random generator. “Full-entropy” means that the data is uniformly distributed and independent of any other observable quantity.
+* `entropy_size`: the size of the `entropy` buffer in bytes. It is guaranteed to be at least `1`, but it may be smaller than the amount of entropy that the driver needs to deliver random data, in which case the core will call the `"add_entropy"` entry point again to supply more entropy.
+
+The core calls this function to supply entropy to the driver. The driver must mix this entropy into its internal state. The driver must mix the whole supplied entropy, even if there is more than what the driver requires, to ensure that all entropy sources are mixed into the random generator state. The driver may mix additional entropy of its own.
+
+The core may call this function at any time. For example, to enforce prediction resistance, the core can call `"add_entropy"` immediately after each call to `"get_random"`. The core must call this function in two circumstances:
+
+* Before the first call to the `"get_random"` entry point, to supply `"initial_entropy_size"` bytes of entropy.
+* After a call to the `"get_random"` entry point returns less than the required amount of random data, to supply at least `"reseed_entropy_size"` bytes of entropy.
+
+When the driver requires entropy, the core can supply it with one or more successive calls to the `"add_entropy"` entry point. If the required entropy size is zero, the core does not need to call `"add_entropy"`.
+
+#### Combining entropy sources with a random generation driver
+
+This section provides guidance on combining one or more [entropy sources](#entropy-collection-entry-point) (each having a `"get_entropy"` entry point) with a random generation driver (with an `"add_entropy"` entry point).
+
+Note that `"get_entropy"` returns data with an estimated amount of entropy that is in general less than the buffer size. The core must apply a mixing algorithm to the output of `"get_entropy"` to obtain full-entropy data.
+
+For example, the core may use a simple mixing scheme based on a pseudorandom function family $(F_k)$ with an $E$-bit output where $E = 8 \cdot \mathtt{entropy_size}$ and $\mathtt{entropy_size}$ is the desired amount of entropy in bytes (typically the random driver's `"initial_entropy_size"` property for the initial seeding and the `"reseed_entropy_size"` property for subsequent reseeding). The core calls the `"get_entropy"` points of the available entropy drivers, outputting a string $s_i$ and an entropy estimate $e_i$ on the $i$th call. It does so until the total entropy estimate $e_1 + e_2 + \ldots + e_n$ is at least $E$. The core then calculates $F_k(0)$ where $k = s_1 || s_2 || \ldots || s_n$. This value is a string of $\mathtt{entropy_size}$, and since $(F_k)$ is a pseudorandom function family, $F_k(0)$ is uniformly distributed over strings of $\mathtt{entropy_size}$ bytes. Therefore $F_k(0)$ is a suitable value to pass to `"add_entropy"`.
+
+Note that the mechanism above is only given as an example. Implementations may choose a different mechanism, for example involving multiple pools or intermediate compression functions.
+
+#### Random generator drivers without entropy injection
+
+Random generator drivers should have the capability to inject additional entropy through the `"add_entropy"` entry point. This ensures that the random generator depends on all the entropy sources that are available on the platform. A driver where a call to `"add_entropy"` does not affect the state of the random generator is not compliant with this specification.
+
+However, a driver may omit the `"add_entropy"` entry point. This limits the driver's portability: implementations of the PSA Cryptography specification may reject drivers without an `"add_entropy"` entry point, or only accept such drivers in certain configurations. In particular, the `"add_entropy"` entry point is required if:
+
+* the integration of PSA Cryptography includes an entropy source that is outside the driver; or
+* the core saves random data in persistent storage to be preserved across platform resets.
+
+#### The `"get_random"` entry point
+
+The `"get_random"` entry point has the following prototype for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_get_random(acme_random_context_t *context,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length);
+```
+
+The semantics of the parameters is as follows:
+
+* `context`: a random generation context. If the driver's `"initial_entropy_size"` property is nonzero, the core must have called `"add_entropy"` at least once with a total of at least `"initial_entropy_size"` bytes of entropy before it calls `"get_random"`. Alternatively, if the driver's `"initial_entropy_size"` property is zero and the core did not call `"add_entropy"`, or if the driver has no `"add_entropy"` entry point, the core must have called `"init_random"` if present, and otherwise the context is all-bits zero.
+* `output`: on success (including partial success), the first `*output_length` bytes of this buffer contain cryptographic-quality random data. The output is not used on error.
+* `output_size`: the size of the `output` buffer in bytes.
+* `*output_length`: on success (including partial success), the number of bytes of random data that the driver has written to the `output` buffer. This is preferably `output_size`, but the driver is allowed to return less data if it runs out of entropy as described below. The core sets this value to 0 on entry. The value is not used on error.
+
+The driver may return the following status codes:
+
+* `PSA_SUCCESS`: the `output` buffer contains `*output_length` bytes of cryptographic-quality random data. Note that this may be less than `output_size`; in this case the core should call the driver's `"add_entropy"` method to supply at least `"reseed_entropy_size"` bytes of entropy before calling `"get_random"` again.
+* `PSA_ERROR_INSUFFICIENT_ENTROPY`: the core must supply additional entropy by calling the `"add_entropy"` entry point with at least `"reseed_entropy_size"` bytes.
+* `PSA_ERROR_NOT_SUPPORTED`: the random generator is not available. This is only permitted if the driver specification for random generation has the [fallback property](#fallback) enabled.
+* Other error codes such as `PSA_ERROR_COMMUNICATION_FAILURE` or `PSA_ERROR_HARDWARE_FAILURE` indicate a transient or permanent error.
+
### Fallback
Sometimes cryptographic accelerators only support certain cryptographic mechanisms partially. The capability description language allows specifying some restrictions, including restrictions on key sizes, but it cannot cover all the possibilities that may arise in practice. Furthermore, it may be desirable to deploy the same binary image on different devices, only some of which have a cryptographic accelerators.
@@ -460,7 +606,8 @@
* `"public_key_size"` (integer or string, optional): this many bytes are included in every key context for a public key. If omitted, this value defaults to 0.
* `"symmetric_factor"` (integer or string, optional): every key context for a symmetric key includes this many times the key size. If omitted, this value defaults to 0.
* `"store_public_key"` (boolean, optional): If specified and true, for a key pair, the key context includes space for the public key. If omitted or false, no additional space is added for the public key.
-* `"size_function"` (string, optional): the name of a function that returns the number of bytes that the driver needs in a key context for a key. This may be a pointer to function. This must be a C identifier; more complex expressions are not permitted. If the core uses this function, it supersedes all the other properties.
+* `"size_function"` (string, optional): the name of a function that returns the number of bytes that the driver needs in a key context for a key. This may be a pointer to function. This must be a C identifier; more complex expressions are not permitted. If the core uses this function, it supersedes all the other properties except for `"builtin_key_size"` (where applicable, if present).
+* `"builtin_key_size"` (integer or string, optional): If specified, this overrides all other methods (including the `"size_function"` entry point) to determine the size of the key context for [built-in keys](#built-in-keys). This allows drivers to efficiently represent application keys as wrapped key material, but built-in keys by an internal identifier that takes up less space.
The integer properties must be C language constants. A typical value for `"base_size"` is `sizeof(acme_key_context_t)` where `acme_key_context_t` is a type defined in a driver header file.
@@ -516,6 +663,7 @@
* `"generate_key"`: called by `psa_generate_key()`.
* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()`.
* `"copy_key"`: called by `psa_copy_key()` when copying a key within the same [location](#lifetimes-and-locations).
+* `"get_builtin_key"`: called by functions that access a key to retrieve information about a [built-in key](#built-in-keys).
In addition, secure elements that store the key material internally must provide the following two entry points:
@@ -646,6 +794,37 @@
In a multithreaded environment, the driver may only call these two functions from the thread that is executing the entry point.
+#### Built-in keys
+
+Opaque drivers may declare built-in keys. Built-in keys can be accessed, but not created, through the PSA Cryptography API.
+
+A built-in key is identified by its location and its **slot number**. Drivers that support built-in keys must provide a `"get_builtin_key"` entry point to retrieve the key data and metadata. The core calls this entry point when it needs to access the key, typically because the application requested an operation on the key. The core may keep information about the key in cache, and successive calls to access the same slot number should return the same data. This entry point has the following prototype:
+
+```
+psa_status_t acme_get_builtin_key(psa_drv_slot_number_t slot_number,
+ psa_key_attributes_t *attributes,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length);
+```
+
+If this function returns `PSA_SUCCESS` or `PSA_ERROR_BUFFER_TOO_SMALL`, it must fill `attributes` with the attributes of the key (except for the key identifier). On success, this function must also fill `key_buffer` with the key context.
+
+On entry, `psa_get_key_lifetime(attributes)` is the location at which the driver was declared and a persistence level with which the platform is attempting to register the key. The driver entry point may choose to change the lifetime (`psa_set_key_lifetime(attributes, lifetime)`) of the reported key attributes to one with the same location but a different persistence level, in case the driver has more specific knowledge about the actual persistence level of the key which is being retrieved. For example, if a driver knows it cannot delete a key, it may override the persistence level in the lifetime to `PSA_KEY_PERSISTENCE_READ_ONLY`. The standard attributes other than the key identifier and lifetime have the value conveyed by `PSA_KEY_ATTRIBUTES_INIT`.
+
+The output parameter `key_buffer` points to a writable buffer of `key_buffer_size` bytes. If the driver has a [`"builtin_key_size"` property](#key-format-for-opaque-drivers) property, `key_buffer_size` has this value, otherwise `key_buffer_size` has the value determined from the key type and size.
+
+Typically, for a built-in key, the key context is a reference to key material that is kept inside the secure element, similar to the format returned by [`"allocate_key"`](#key-management-in-a-secure-element-with-storage). A driver may have built-in keys even if it doesn't have an `"allocate_key"` entry point.
+
+This entry point may return the following status values:
+
+* `PSA_SUCCESS`: the requested key exists, and the output parameters `attributes` and `key_buffer` contain the key metadata and key context respectively, and `*key_buffer_length` contains the length of the data written to `key_buffer`.
+* `PSA_ERROR_BUFFER_TOO_SMALL`: `key_buffer_size` is insufficient. In this case, the driver must pass the key's attributes in `*attributes`. In particular, `get_builtin_key(slot_number, &attributes, NULL, 0)` is a way for the core to obtain the key's attributes.
+* `PSA_ERROR_DOES_NOT_EXIST`: the requested key does not exist.
+* Other error codes such as `PSA_ERROR_COMMUNICATION_FAILURE` or `PSA_ERROR_HARDWARE_FAILURE` indicate a transient or permanent error.
+
+The core will pass authorized requests to destroy a built-in key to the [`"destroy_key"`](#key-management-in-a-secure-element-with-storage) entry point if there is one. If built-in keys must not be destroyed, it is up to the driver to reject such requests.
+
## How to use drivers from an application
### Using transparent drivers
@@ -661,7 +840,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_acme));
-psa_set_key_identifer(&attributes, 42);
+psa_set_key_identifier(&attributes, 42);
psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
psa_set_key_size(&attributes, 128);
psa_set_key_algorithm(&attributes, PSA_ALG_GCM);
@@ -704,6 +883,19 @@
## Open questions
+### Value representation
+
+#### Integers
+
+It would be better if there was a uniform requirement on integer values. Do they have to be JSON integers? C preprocessor integers (which could be e.g. a macro defined in some header file)? C compile-time constants (allowing `sizeof`)?
+
+This choice is partly driven by the use of the values, so they might not be uniform. Note that if the value can be zero and it's plausible that the core would want to statically allocate an array of the given size, the core needs to know whether the value is 0 so that it could use code like
+```
+#if ACME_FOO_SIZE != 0
+ uint8_t foo[ACME_FOO_SIZE];
+#endif
+```
+
### Driver declarations
#### Declaring driver entry points
@@ -779,6 +971,26 @@
`psa_crypto_driver_get_persistent_state` does not identify the calling driver, so the driver needs to remember which driver it's calling. This may require a thread-local variable in a multithreaded core. Is this ok?
+### Randomness
+
+#### Input to `"add_entropy"`
+
+Should the input to the [`"add_entropy"` entry point](#entropy-injection) be a full-entropy buffer (with data from all entropy sources already mixed), raw entropy direct from the entropy sources, or give the core a choice?
+
+* Raw data: drivers must implement entropy mixing. `"add_entropy"` needs an extra parameter to indicate the amount of entropy in the data. The core must not do any conditioning.
+* Choice: drivers must implement entropy mixing. `"add_entropy"` needs an extra parameter to indicate the amount of entropy in the data. The core may do conditioning if it wants, but doesn't have to.
+* Full entropy: drivers don't need to do entropy mixing.
+
+#### Flags for `"get_entropy"`
+
+Are the [entropy collection flags](#entropy-collection-flags) well-chosen?
+
+#### Random generator instantiations
+
+May the core instantiate a random generation context more than once? In other words, can there be multiple objects of type `acme_random_context_t`?
+
+Functionally, one RNG is as good as any. If the core wants some parts of the system to use a deterministic generator for reproducibility, it can't use this interface anyway, since the RNG is not necessarily deterministic. However, for performance on multiprocessor systems, a multithreaded core could prefer to use one RNG instance per thread.
+
<!--
Local Variables:
time-stamp-line-limit: 40
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index c13b279..4ff63ce 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -22,7 +22,7 @@
*/
/**
- * @mainpage mbed TLS v2.24.0 source code documentation
+ * @mainpage mbed TLS v2.27.0 source code documentation
*
* This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index bf33dab..186c148 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -28,7 +28,7 @@
# identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces.
-PROJECT_NAME = "mbed TLS v2.24.0"
+PROJECT_NAME = "mbed TLS v2.27.0"
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 052f47c..ab8793c 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -54,17 +54,22 @@
#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */
/* Error codes in range 0x0020-0x0022 */
-#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
-#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
+/** Invalid key length. */
+#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020
+/** Invalid data input length. */
+#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022
/* Error codes in range 0x0021-0x0025 */
-#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */
+/** Invalid input data. */
+#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021
/* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */
-#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */
+/** Feature not available. For example, an unsupported AES key size. */
+#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023
/* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */
+/** AES hardware accelerator failed. */
+#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h
index 17728f4..f4b0f9f 100644
--- a/include/mbedtls/arc4.h
+++ b/include/mbedtls/arc4.h
@@ -35,7 +35,8 @@
#include <stddef.h>
/* MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED -0x0019 /**< ARC4 hardware accelerator failed. */
+/** ARC4 hardware accelerator failed. */
+#define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED -0x0019
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h
index a4b27b3..226e2db 100644
--- a/include/mbedtls/aria.h
+++ b/include/mbedtls/aria.h
@@ -50,25 +50,29 @@
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x005C )
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C /**< Bad input data. */
+/** Bad input data. */
+#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C
-#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */
+/** Invalid data input length. */
+#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E
/* MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE is deprecated and should not be used.
*/
-#define MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE -0x005A /**< Feature not available. For example, an unsupported ARIA key size. */
+/** Feature not available. For example, an unsupported ARIA key size. */
+#define MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE -0x005A
/* MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED -0x0058 /**< ARIA hardware accelerator failed. */
-
-#if !defined(MBEDTLS_ARIA_ALT)
-// Regular implementation
-//
+/** ARIA hardware accelerator failed. */
+#define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED -0x0058
#ifdef __cplusplus
extern "C" {
#endif
+#if !defined(MBEDTLS_ARIA_ALT)
+// Regular implementation
+//
+
/**
* \brief The ARIA context-type definition.
*/
diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h
index 6b79196..10f7905 100644
--- a/include/mbedtls/asn1.h
+++ b/include/mbedtls/asn1.h
@@ -46,13 +46,20 @@
* ASN1 is a standard to specify data structures.
* \{
*/
-#define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */
-#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */
-#define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */
-#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */
-#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. */
-#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A /**< Memory allocation failed */
-#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */
+/** Out of data when parsing an ASN1 data structure. */
+#define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060
+/** ASN1 tag was of an unexpected value. */
+#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062
+/** Error when trying to determine the length or invalid length. */
+#define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064
+/** Actual length differs from expected length. */
+#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066
+/** Data is invalid. */
+#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068
+/** Memory allocation failed */
+#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A
+/** Buffer too small when writing ASN.1 data structure. */
+#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C
/* \} name */
diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h
index 7e73a8b..cf4149e 100644
--- a/include/mbedtls/base64.h
+++ b/include/mbedtls/base64.h
@@ -30,8 +30,10 @@
#include <stddef.h>
-#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */
-#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */
+/** Output buffer too small. */
+#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A
+/** Invalid character in input. */
+#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index 637360e..9d2cff3 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -35,14 +35,22 @@
#include <stdio.h>
#endif
-#define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */
-#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */
-#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */
-#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */
-#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */
-#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */
-#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */
+/** An error occurred while reading from or writing to a file. */
+#define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004
+/** There is an invalid character in the digit string. */
+#define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006
+/** The buffer is too small to write to. */
+#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008
+/** The input arguments are negative or result in illegal output. */
+#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A
+/** The input argument for division is zero, which is not allowed. */
+#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C
+/** The input arguments are not acceptable. */
+#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010
#define MBEDTLS_MPI_CHK(f) \
do \
@@ -829,14 +837,14 @@
* \param E The exponent MPI. This must point to an initialized MPI.
* \param N The base for the modular reduction. This must point to an
* initialized MPI.
- * \param _RR A helper MPI depending solely on \p N which can be used to
+ * \param prec_RR A helper MPI depending solely on \p N which can be used to
* speed-up multiple modular exponentiations for the same value
* of \p N. This may be \c NULL. If it is not \c NULL, it must
* point to an initialized MPI. If it hasn't been used after
* the call to mbedtls_mpi_init(), this function will compute
- * the helper value and store it in \p _RR for reuse on
+ * the helper value and store it in \p prec_RR for reuse on
* subsequent calls to this function. Otherwise, the function
- * will assume that \p _RR holds the helper value set by a
+ * will assume that \p prec_RR holds the helper value set by a
* previous call to mbedtls_mpi_exp_mod(), and reuse it.
*
* \return \c 0 if successful.
@@ -848,7 +856,7 @@
*/
int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *E, const mbedtls_mpi *N,
- mbedtls_mpi *_RR );
+ mbedtls_mpi *prec_RR );
/**
* \brief Fill an MPI with a number of random bytes.
@@ -871,6 +879,44 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
+/** Generate a random number uniformly in a range.
+ *
+ * This function generates a random number between \p min inclusive and
+ * \p N exclusive.
+ *
+ * The procedure complies with RFC 6979 §3.3 (deterministic ECDSA)
+ * when the RNG is a suitably parametrized instance of HMAC_DRBG
+ * and \p min is \c 1.
+ *
+ * \note There are `N - min` possible outputs. The lower bound
+ * \p min can be reached, but the upper bound \p N cannot.
+ *
+ * \param X The destination MPI. This must point to an initialized MPI.
+ * \param min The minimum value to return.
+ * It must be nonnegative.
+ * \param N The upper bound of the range, exclusive.
+ * In other words, this is one plus the maximum value to return.
+ * \p N must be strictly larger than \p min.
+ * \param f_rng The RNG function to use. This must not be \c NULL.
+ * \param p_rng The RNG parameter to be passed to \p f_rng.
+ *
+ * \return \c 0 if successful.
+ * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p min or \p N is invalid
+ * or if they are incompatible.
+ * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if the implementation was
+ * unable to find a suitable value within a limited number
+ * of attempts. This has a negligible probability if \p N
+ * is significantly larger than \p min, which is the case
+ * for all usual cryptographic applications.
+ * \return Another negative error code on failure.
+ */
+int mbedtls_mpi_random( mbedtls_mpi *X,
+ mbedtls_mpi_sint min,
+ const mbedtls_mpi *N,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng );
+
/**
* \brief Compute the greatest common divisor: G = gcd(A, B)
*
diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h
index c2a6ff9..77dca70 100644
--- a/include/mbedtls/blowfish.h
+++ b/include/mbedtls/blowfish.h
@@ -43,13 +43,16 @@
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0016 )
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 /**< Bad input data. */
+/** Bad input data. */
+#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016
-#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */
+/** Invalid data input length. */
+#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018
/* MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED is deprecated and should not be used.
*/
-#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED -0x0017 /**< Blowfish hardware accelerator failed. */
+/** Blowfish hardware accelerator failed. */
+#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED -0x0017
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h
index 1dea22b..716bd3b 100644
--- a/include/mbedtls/bn_mul.h
+++ b/include/mbedtls/bn_mul.h
@@ -44,6 +44,46 @@
#include "mbedtls/bignum.h"
+
+/*
+ * Conversion macros for embedded constants:
+ * build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2
+ */
+#if defined(MBEDTLS_HAVE_INT32)
+
+#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \
+ ( (mbedtls_mpi_uint) (a) << 0 ) | \
+ ( (mbedtls_mpi_uint) (b) << 8 ) | \
+ ( (mbedtls_mpi_uint) (c) << 16 ) | \
+ ( (mbedtls_mpi_uint) (d) << 24 )
+
+#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \
+ MBEDTLS_BYTES_TO_T_UINT_4( a, b, 0, 0 )
+
+#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
+ MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ), \
+ MBEDTLS_BYTES_TO_T_UINT_4( e, f, g, h )
+
+#else /* 64-bits */
+
+#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
+ ( (mbedtls_mpi_uint) (a) << 0 ) | \
+ ( (mbedtls_mpi_uint) (b) << 8 ) | \
+ ( (mbedtls_mpi_uint) (c) << 16 ) | \
+ ( (mbedtls_mpi_uint) (d) << 24 ) | \
+ ( (mbedtls_mpi_uint) (e) << 32 ) | \
+ ( (mbedtls_mpi_uint) (f) << 40 ) | \
+ ( (mbedtls_mpi_uint) (g) << 48 ) | \
+ ( (mbedtls_mpi_uint) (h) << 56 )
+
+#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \
+ MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 )
+
+#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \
+ MBEDTLS_BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 )
+
+#endif /* bits in mbedtls_mpi_uint */
+
#if defined(MBEDTLS_HAVE_ASM)
#ifndef asm
diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h
index f7d2b23..925a623 100644
--- a/include/mbedtls/camellia.h
+++ b/include/mbedtls/camellia.h
@@ -39,13 +39,16 @@
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0024 )
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 /**< Bad input data. */
+/** Bad input data. */
+#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024
-#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */
+/** Invalid data input length. */
+#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026
/* MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED is deprecated and should not be used.
*/
-#define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED -0x0027 /**< Camellia hardware accelerator failed. */
+/** Camellia hardware accelerator failed. */
+#define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED -0x0027
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index 7193863..ece5a90 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -55,11 +55,14 @@
#include "mbedtls/cipher.h"
-#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */
-#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
+/** Bad input parameters to the function. */
+#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D
+/** Authenticated decryption failed. */
+#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F
/* MBEDTLS_ERR_CCM_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 /**< CCM hardware accelerator failed. */
+/** CCM hardware accelerator failed. */
+#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h
index e59dd1f..03b4871 100644
--- a/include/mbedtls/chacha20.h
+++ b/include/mbedtls/chacha20.h
@@ -41,15 +41,18 @@
#include <stdint.h>
#include <stddef.h>
-#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051 /**< Invalid input parameter(s). */
+/** Invalid input parameter(s). */
+#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051
/* MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE is deprecated and should not be
* used. */
-#define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE -0x0053 /**< Feature not available. For example, s part of the API is not implemented. */
+/** Feature not available. For example, s part of the API is not implemented. */
+#define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE -0x0053
/* MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED is deprecated and should not be used.
*/
-#define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED -0x0055 /**< Chacha20 hardware accelerator failed. */
+/** Chacha20 hardware accelerator failed. */
+#define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED -0x0055
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h
index 1007f95..c4ec7b5 100644
--- a/include/mbedtls/chachapoly.h
+++ b/include/mbedtls/chachapoly.h
@@ -41,8 +41,10 @@
/* for shared error codes */
#include "mbedtls/poly1305.h"
-#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054 /**< The requested operation is not permitted in the current state. */
-#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056 /**< Authenticated decryption failed: data was not authentic. */
+/** The requested operation is not permitted in the current state. */
+#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054
+/** Authenticated decryption failed: data was not authentic. */
+#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 1ebb706..396fe7d 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -55,9 +55,8 @@
#endif
#endif /* _WIN32 */
-#if defined(TARGET_LIKE_MBED) && \
- ( defined(MBEDTLS_NET_C) || defined(MBEDTLS_TIMING_C) )
-#error "The NET and TIMING modules are not available for mbed OS - please use the network and timing functions provided by mbed OS"
+#if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C)
+#error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS"
#endif
#if defined(MBEDTLS_DEPRECATED_WARNING) && \
@@ -252,6 +251,10 @@
#error "MBEDTLS_ECP_NORMALIZE_MXZ_ALT defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_NO_FALLBACK defined, but no alternative implementation enabled"
+#endif
+
#if defined(MBEDTLS_HAVEGE_C) && !defined(MBEDTLS_TIMING_C)
#error "MBEDTLS_HAVEGE_C defined, but not all prerequisites"
#endif
@@ -506,10 +509,6 @@
#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
-#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
-#endif
-
#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
#endif
@@ -572,10 +571,11 @@
#error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously"
#endif
-#if defined(MBEDTLS_PSA_CRYPTO_C) && \
- !( defined(MBEDTLS_CTR_DRBG_C) && \
- defined(MBEDTLS_ENTROPY_C) )
-#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
+#if defined(MBEDTLS_PSA_CRYPTO_C) && \
+ !( ( ( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) ) && \
+ defined(MBEDTLS_ENTROPY_C) ) || \
+ defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) )
+#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C)
@@ -604,6 +604,11 @@
#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with actual entropy sources"
#endif
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
+ defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG"
+#endif
+
#if defined(MBEDTLS_PSA_ITS_FILE_C) && \
!defined(MBEDTLS_FS_IO)
#error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites"
@@ -880,6 +885,10 @@
#error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) && ( !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) )
+#error "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined, but not all prerequisites"
+#endif
+
/*
* Avoid warning from -pedantic. This is a convenient place for this
* workaround since this is included by every single file before the
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 8827e0b..6d83da8 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -54,16 +54,24 @@
#define inline __inline
#endif
-#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */
-#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters. */
-#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */
-#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */
-#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */
-#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 /**< The context is invalid. For example, because it was freed. */
+/** The selected feature is not available. */
+#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
+/** Bad input parameters. */
+#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
+/** Input data contains invalid padding and is rejected. */
+#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
+/** Decryption of block requires a full block. */
+#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
+/** Authentication failed (for AEAD modes). */
+#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
+/** The context is invalid. For example, because it was freed. */
+#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
/* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400 /**< Cipher hardware accelerator failed. */
+/** Cipher hardware accelerator failed. */
+#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
#define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */
#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */
@@ -857,30 +865,52 @@
unsigned char *output, size_t *olen );
#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif /* MBEDTLS_DEPRECATED_WARNING */
/**
- * \brief The generic autenticated encryption (AEAD) function.
+ * \brief The generic authenticated encryption (AEAD) function.
+ *
+ * \deprecated Superseded by mbedtls_cipher_auth_encrypt_ext().
+ *
+ * \note This function only supports AEAD algorithms, not key
+ * wrapping algorithms such as NIST_KW; for this, see
+ * mbedtls_cipher_auth_encrypt_ext().
*
* \param ctx The generic cipher context. This must be initialized and
- * bound to a key.
- * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
- * This must be a readable buffer of at least \p iv_len
- * Bytes.
- * \param iv_len The IV length for ciphers with variable-size IV.
- * This parameter is discarded by ciphers with fixed-size IV.
+ * bound to a key associated with an AEAD algorithm.
+ * \param iv The nonce to use. This must be a readable buffer of
+ * at least \p iv_len Bytes and must not be \c NULL.
+ * \param iv_len The length of the nonce. This must satisfy the
+ * constraints imposed by the AEAD cipher used.
* \param ad The additional data to authenticate. This must be a
- * readable buffer of at least \p ad_len Bytes.
+ * readable buffer of at least \p ad_len Bytes, and may
+ * be \c NULL is \p ad_len is \c 0.
* \param ad_len The length of \p ad.
* \param input The buffer holding the input data. This must be a
- * readable buffer of at least \p ilen Bytes.
+ * readable buffer of at least \p ilen Bytes, and may be
+ * \c NULL if \p ilen is \c 0.
* \param ilen The length of the input data.
- * \param output The buffer for the output data. This must be able to
- * hold at least \p ilen Bytes.
- * \param olen The length of the output data, to be updated with the
- * actual number of Bytes written. This must not be
- * \c NULL.
+ * \param output The buffer for the output data. This must be a
+ * writable buffer of at least \p ilen Bytes, and must
+ * not be \c NULL.
+ * \param olen This will be filled with the actual number of Bytes
+ * written to the \p output buffer. This must point to a
+ * writable object of type \c size_t.
* \param tag The buffer for the authentication tag. This must be a
- * writable buffer of at least \p tag_len Bytes.
- * \param tag_len The desired length of the authentication tag.
+ * writable buffer of at least \p tag_len Bytes. See note
+ * below regarding restrictions with PSA-based contexts.
+ * \param tag_len The desired length of the authentication tag. This
+ * must match the constraints imposed by the AEAD cipher
+ * used, and in particular must not be \c 0.
+ *
+ * \note If the context is based on PSA (that is, it was set up
+ * with mbedtls_cipher_setup_psa()), then it is required
+ * that \c tag == output + ilen. That is, the tag must be
+ * appended to the ciphertext as recommended by RFC 5116.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
@@ -892,36 +922,53 @@
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
- unsigned char *tag, size_t tag_len );
+ unsigned char *tag, size_t tag_len )
+ MBEDTLS_DEPRECATED;
/**
- * \brief The generic autenticated decryption (AEAD) function.
+ * \brief The generic authenticated decryption (AEAD) function.
+ *
+ * \deprecated Superseded by mbedtls_cipher_auth_decrypt_ext().
+ *
+ * \note This function only supports AEAD algorithms, not key
+ * wrapping algorithms such as NIST_KW; for this, see
+ * mbedtls_cipher_auth_decrypt_ext().
*
* \note If the data is not authentic, then the output buffer
* is zeroed out to prevent the unauthentic plaintext being
* used, making this interface safer.
*
* \param ctx The generic cipher context. This must be initialized and
- * and bound to a key.
- * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
- * This must be a readable buffer of at least \p iv_len
- * Bytes.
- * \param iv_len The IV length for ciphers with variable-size IV.
- * This parameter is discarded by ciphers with fixed-size IV.
- * \param ad The additional data to be authenticated. This must be a
- * readable buffer of at least \p ad_len Bytes.
+ * bound to a key associated with an AEAD algorithm.
+ * \param iv The nonce to use. This must be a readable buffer of
+ * at least \p iv_len Bytes and must not be \c NULL.
+ * \param iv_len The length of the nonce. This must satisfy the
+ * constraints imposed by the AEAD cipher used.
+ * \param ad The additional data to authenticate. This must be a
+ * readable buffer of at least \p ad_len Bytes, and may
+ * be \c NULL is \p ad_len is \c 0.
* \param ad_len The length of \p ad.
* \param input The buffer holding the input data. This must be a
- * readable buffer of at least \p ilen Bytes.
+ * readable buffer of at least \p ilen Bytes, and may be
+ * \c NULL if \p ilen is \c 0.
* \param ilen The length of the input data.
- * \param output The buffer for the output data.
- * This must be able to hold at least \p ilen Bytes.
- * \param olen The length of the output data, to be updated with the
- * actual number of Bytes written. This must not be
- * \c NULL.
- * \param tag The buffer holding the authentication tag. This must be
- * a readable buffer of at least \p tag_len Bytes.
- * \param tag_len The length of the authentication tag.
+ * \param output The buffer for the output data. This must be a
+ * writable buffer of at least \p ilen Bytes, and must
+ * not be \c NULL.
+ * \param olen This will be filled with the actual number of Bytes
+ * written to the \p output buffer. This must point to a
+ * writable object of type \c size_t.
+ * \param tag The buffer for the authentication tag. This must be a
+ * readable buffer of at least \p tag_len Bytes. See note
+ * below regarding restrictions with PSA-based contexts.
+ * \param tag_len The length of the authentication tag. This must match
+ * the constraints imposed by the AEAD cipher used, and in
+ * particular must not be \c 0.
+ *
+ * \note If the context is based on PSA (that is, it was set up
+ * with mbedtls_cipher_setup_psa()), then it is required
+ * that \c tag == input + len. That is, the tag must be
+ * appended to the ciphertext as recommended by RFC 5116.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
@@ -934,9 +981,120 @@
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
- const unsigned char *tag, size_t tag_len );
+ const unsigned char *tag, size_t tag_len )
+ MBEDTLS_DEPRECATED;
+#undef MBEDTLS_DEPRECATED
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+/**
+ * \brief The authenticated encryption (AEAD/NIST_KW) function.
+ *
+ * \note For AEAD modes, the tag will be appended to the
+ * ciphertext, as recommended by RFC 5116.
+ * (NIST_KW doesn't have a separate tag.)
+ *
+ * \param ctx The generic cipher context. This must be initialized and
+ * bound to a key, with an AEAD algorithm or NIST_KW.
+ * \param iv The nonce to use. This must be a readable buffer of
+ * at least \p iv_len Bytes and may be \c NULL if \p
+ * iv_len is \c 0.
+ * \param iv_len The length of the nonce. For AEAD ciphers, this must
+ * satisfy the constraints imposed by the cipher used.
+ * For NIST_KW, this must be \c 0.
+ * \param ad The additional data to authenticate. This must be a
+ * readable buffer of at least \p ad_len Bytes, and may
+ * be \c NULL is \p ad_len is \c 0.
+ * \param ad_len The length of \p ad. For NIST_KW, this must be \c 0.
+ * \param input The buffer holding the input data. This must be a
+ * readable buffer of at least \p ilen Bytes, and may be
+ * \c NULL if \p ilen is \c 0.
+ * \param ilen The length of the input data.
+ * \param output The buffer for the output data. This must be a
+ * writable buffer of at least \p output_len Bytes, and
+ * must not be \c NULL.
+ * \param output_len The length of the \p output buffer in Bytes. For AEAD
+ * ciphers, this must be at least \p ilen + \p tag_len.
+ * For NIST_KW, this must be at least \p ilen + 8
+ * (rounded up to a multiple of 8 if KWP is used);
+ * \p ilen + 15 is always a safe value.
+ * \param olen This will be filled with the actual number of Bytes
+ * written to the \p output buffer. This must point to a
+ * writable object of type \c size_t.
+ * \param tag_len The desired length of the authentication tag. For AEAD
+ * ciphers, this must match the constraints imposed by
+ * the cipher used, and in particular must not be \c 0.
+ * For NIST_KW, this must be \c 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ * parameter-verification failure.
+ * \return A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t output_len,
+ size_t *olen, size_t tag_len );
+
+/**
+ * \brief The authenticated encryption (AEAD/NIST_KW) function.
+ *
+ * \note If the data is not authentic, then the output buffer
+ * is zeroed out to prevent the unauthentic plaintext being
+ * used, making this interface safer.
+ *
+ * \note For AEAD modes, the tag must be appended to the
+ * ciphertext, as recommended by RFC 5116.
+ * (NIST_KW doesn't have a separate tag.)
+ *
+ * \param ctx The generic cipher context. This must be initialized and
+ * bound to a key, with an AEAD algorithm or NIST_KW.
+ * \param iv The nonce to use. This must be a readable buffer of
+ * at least \p iv_len Bytes and may be \c NULL if \p
+ * iv_len is \c 0.
+ * \param iv_len The length of the nonce. For AEAD ciphers, this must
+ * satisfy the constraints imposed by the cipher used.
+ * For NIST_KW, this must be \c 0.
+ * \param ad The additional data to authenticate. This must be a
+ * readable buffer of at least \p ad_len Bytes, and may
+ * be \c NULL is \p ad_len is \c 0.
+ * \param ad_len The length of \p ad. For NIST_KW, this must be \c 0.
+ * \param input The buffer holding the input data. This must be a
+ * readable buffer of at least \p ilen Bytes, and may be
+ * \c NULL if \p ilen is \c 0.
+ * \param ilen The length of the input data. For AEAD ciphers this
+ * must be at least \p tag_len. For NIST_KW this must be
+ * at least \c 8.
+ * \param output The buffer for the output data. This must be a
+ * writable buffer of at least \p output_len Bytes, and
+ * may be \c NULL if \p output_len is \c 0.
+ * \param output_len The length of the \p output buffer in Bytes. For AEAD
+ * ciphers, this must be at least \p ilen - \p tag_len.
+ * For NIST_KW, this must be at least \p ilen - 8.
+ * \param olen This will be filled with the actual number of Bytes
+ * written to the \p output buffer. This must point to a
+ * writable object of type \c size_t.
+ * \param tag_len The actual length of the authentication tag. For AEAD
+ * ciphers, this must match the constraints imposed by
+ * the cipher used, and in particular must not be \c 0.
+ * For NIST_KW, this must be \c 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ * parameter-verification failure.
+ * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
+ * \return A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t output_len,
+ size_t *olen, size_t tag_len );
+#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index cb538d0..94139d5 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -39,7 +39,8 @@
#endif
/* MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A /**< CMAC hardware accelerator failed. */
+/** CMAC hardware accelerator failed. */
+#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A
#define MBEDTLS_AES_BLOCK_SIZE 16
#define MBEDTLS_DES3_BLOCK_SIZE 8
@@ -77,6 +78,12 @@
* the input data.
* Must be called with an initialized cipher context.
*
+ * \note When the CMAC implementation is supplied by an alternate
+ * implementation (through #MBEDTLS_CMAC_ALT), some ciphers
+ * may not be supported by that implementation, and thus
+ * return an error. Alternate implementations must support
+ * AES-128 and AES-256, and may support AES-192 and 3DES.
+ *
* \param ctx The cipher context used for the CMAC operation, initialized
* as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
* MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB,
@@ -154,6 +161,11 @@
* The CMAC result is calculated as
* output = generic CMAC(cmac key, input buffer).
*
+ * \note When the CMAC implementation is supplied by an alternate
+ * implementation (through #MBEDTLS_CMAC_ALT), some ciphers
+ * may not be supported by that implementation, and thus
+ * return an error. Alternate implementations must support
+ * AES-128 and AES-256, and may support AES-192 and 3DES.
*
* \param cipher_info The cipher information.
* \param key The CMAC key.
@@ -198,6 +210,13 @@
/**
* \brief The CMAC checkup routine.
*
+ * \note In case the CMAC routines are provided by an alternative
+ * implementation (i.e. #MBEDTLS_CMAC_ALT is defined), the
+ * checkup routine will succeed even if the implementation does
+ * not support the less widely used AES-192 or 3DES primitives.
+ * The self-test requires at least AES-128 and AES-256 to be
+ * supported by the underlying implementation.
+ *
* \return \c 0 on success.
* \return \c 1 on failure.
*/
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 464b61e..2c7bed2 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -427,7 +427,7 @@
* be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
* must stay untouched.
*
- * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
+ * \note If you use the AES_xxx_ALT macros, then it is recommended to also set
* MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
* tables.
*
@@ -484,6 +484,11 @@
* is still present and it is used for group structures not supported by the
* alternative.
*
+ * The original implementation can in addition be removed by setting the
+ * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the
+ * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be
+ * able to fallback to curves not supported by the alternative implementation.
+ *
* Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
* and implementing the following functions:
* unsigned char mbedtls_internal_ecp_grp_capable(
@@ -497,21 +502,28 @@
* called before and after each point operation and provide an opportunity to
* implement optimized set up and tear down instructions.
*
- * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
- * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
- * function, but will use your mbedtls_internal_ecp_double_jac if the group is
- * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
- * receives it as an argument). If the group is not supported then the original
- * implementation is used. The other functions and the definition of
- * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
- * implementation of mbedtls_internal_ecp_double_jac and
- * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
+ * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and
+ * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac()
+ * function, but will use your mbedtls_internal_ecp_double_jac() if the group
+ * for the operation is supported by your implementation (i.e. your
+ * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the
+ * group is not supported by your implementation, then the original mbed TLS
+ * implementation of ecp_double_jac() is used instead, unless this fallback
+ * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case
+ * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE).
+ *
+ * The function prototypes and the definition of mbedtls_ecp_group and
+ * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your
+ * implementation of mbedtls_internal_ecp__function_name__ must be compatible
+ * with their definitions.
*
* Uncomment a macro to enable alternate implementation of the corresponding
* function.
*/
/* Required for all the functions in this section */
//#define MBEDTLS_ECP_INTERNAL_ALT
+/* Turn off software fallback for curves not supported in hardware */
+//#define MBEDTLS_ECP_NO_FALLBACK
/* Support for Weierstrass curves with Jacobi representation */
//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
//#define MBEDTLS_ECP_ADD_MIXED_ALT
@@ -1326,6 +1338,38 @@
*/
#define MBEDTLS_PKCS1_V21
+/** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+ *
+ * Enable support for platform built-in keys. If you enable this feature,
+ * you must implement the function mbedtls_psa_platform_get_builtin_key().
+ * See the documentation of that function for more information.
+ *
+ * Built-in keys are typically derived from a hardware unique key or
+ * stored in a secure element.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C.
+ *
+ * \warning This interface is experimental and may change or be removed
+ * without notice.
+ */
+//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+
+/** \def MBEDTLS_PSA_CRYPTO_CLIENT
+ *
+ * Enable support for PSA crypto client.
+ *
+ * \note This option allows to include the code necessary for a PSA
+ * crypto client when the PSA crypto implementation is not included in
+ * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the
+ * code to set and get PSA key attributes.
+ * The development of PSA drivers partially relying on the library to
+ * fulfill the hardware gaps is another possible usage of this option.
+ *
+ * \warning This interface is experimental and may change or be removed
+ * without notice.
+ */
+//#define MBEDTLS_PSA_CRYPTO_CLIENT
+
/** \def MBEDTLS_PSA_CRYPTO_DRIVERS
*
* Enable support for the experimental PSA crypto driver interface.
@@ -1337,6 +1381,44 @@
*/
//#define MBEDTLS_PSA_CRYPTO_DRIVERS
+/** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+ *
+ * Make the PSA Crypto module use an external random generator provided
+ * by a driver, instead of Mbed TLS's entropy and DRBG modules.
+ *
+ * \note This random generator must deliver random numbers with cryptographic
+ * quality and high performance. It must supply unpredictable numbers
+ * with a uniform distribution. The implementation of this function
+ * is responsible for ensuring that the random generator is seeded
+ * with sufficient entropy. If you have a hardware TRNG which is slow
+ * or delivers non-uniform output, declare it as an entropy source
+ * with mbedtls_entropy_add_source() instead of enabling this option.
+ *
+ * If you enable this option, you must configure the type
+ * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h
+ * and define a function called mbedtls_psa_external_get_random()
+ * with the following prototype:
+ * ```
+ * psa_status_t mbedtls_psa_external_get_random(
+ * mbedtls_psa_external_random_context_t *context,
+ * uint8_t *output, size_t output_size, size_t *output_length);
+ * );
+ * ```
+ * The \c context value is initialized to 0 before the first call.
+ * The function must fill the \c output buffer with \p output_size bytes
+ * of random data and set \c *output_length to \p output_size.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ * \warning If you enable this option, code that uses the PSA cryptography
+ * interface will not use any of the entropy sources set up for
+ * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED
+ * enables.
+ *
+ * \note This option is experimental and may be removed without notice.
+ */
+//#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+
/**
* \def MBEDTLS_PSA_CRYPTO_SPM
*
@@ -1815,7 +1897,7 @@
/**
* \def MBEDTLS_SSL_DTLS_SRTP
*
- * Enable support for negotation of DTLS-SRTP (RFC 5764)
+ * Enable support for negotiation of DTLS-SRTP (RFC 5764)
* through the use_srtp extension.
*
* \note This feature provides the minimum functionality required
@@ -1941,7 +2023,10 @@
/**
* \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
*
- * Enable modifying the maximum I/O buffer size.
+ * When this option is enabled, the SSL buffer will be resized automatically
+ * based on the negotiated maximum fragment length in each direction.
+ *
+ * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
*/
//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
@@ -2546,6 +2631,11 @@
* Enable the CMAC (Cipher-based Message Authentication Code) mode for block
* ciphers.
*
+ * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying
+ * implementation of the CMAC algorithm is provided by an alternate
+ * implementation, that alternate implementation may opt to not support
+ * AES-192 or 3DES as underlying block ciphers for the CMAC operation.
+ *
* Module: library/cmac.c
*
* Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
@@ -3115,7 +3205,9 @@
*
* Module: library/psa_crypto.c
*
- * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C,
+ * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C,
+ * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG.
*
*/
#define MBEDTLS_PSA_CRYPTO_C
@@ -3524,8 +3616,8 @@
//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
/* ECP options */
-//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
-//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
+//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
/* Entropy options */
@@ -3603,6 +3695,30 @@
*/
//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
+/* PSA options */
+/**
+ * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the
+ * PSA crypto subsystem.
+ *
+ * If this option is unset:
+ * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG.
+ * - Otherwise, the PSA subsystem uses HMAC_DRBG with either
+ * #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and
+ * on unspecified heuristics.
+ */
+//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
+
+/** \def MBEDTLS_PSA_KEY_SLOT_COUNT
+ * Restrict the PSA library to supporting a maximum amount of simultaneously
+ * loaded keys. A loaded key is a key stored by the PSA Crypto core as a
+ * volatile key, or a persistent key which is loaded temporarily by the
+ * library as part of a crypto operation in flight.
+ *
+ * If this option is unset, the library will fall back to a default value of
+ * 32 keys.
+ */
+//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
+
/* SSL Cache options */
//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
@@ -3752,6 +3868,17 @@
//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
+/** \def MBEDTLS_TLS_EXT_CID
+ *
+ * At the time of writing, the CID extension has not been assigned its
+ * final value. Set this configuration option to make Mbed TLS use a
+ * different value.
+ *
+ * A future minor revision of Mbed TLS may change the default value of
+ * this option to match evolving standards and usage.
+ */
+//#define MBEDTLS_TLS_EXT_CID 254
+
/**
* Complete list of ciphersuites to use, in order of preference.
*
@@ -3771,20 +3898,6 @@
//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
/**
- * Allow SHA-1 in the default TLS configuration for certificate signing.
- * Without this build-time option, SHA-1 support must be activated explicitly
- * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
- * recommended because of it is possible to generate SHA-1 collisions, however
- * this may be safe for legacy infrastructure where additional controls apply.
- *
- * \warning SHA-1 is considered a weak message digest and its use constitutes
- * a security risk. If possible, we recommend avoiding dependencies
- * on it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-
-/**
* Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
* signature and ciphersuite selection. Without this build-time option, SHA-1
* support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
@@ -3799,7 +3912,7 @@
* on it, and considering stronger message digests instead.
*
*/
-#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
+//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
/**
* Uncomment the macro to let mbed TLS use your alternate implementation of
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 2b4c498..c2a4422 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -38,6 +38,30 @@
extern "C" {
#endif
+
+
+/****************************************************************/
+/* De facto synonyms */
+/****************************************************************/
+
+#if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA)
+#define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY
+#elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA)
+#define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW
+#elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+#endif
+
+
+
+/****************************************************************/
+/* Require built-in implementations based on PSA requirements */
+/****************************************************************/
+
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
@@ -220,6 +244,289 @@
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
+/* If any of the block modes are requested that don't have an
+ * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
+ * in the block cipher key types. */
+#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
+ (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
+ (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
+ (defined(PSA_WANT_ALG_XTS) && !defined(MBEDTLS_PSA_ACCEL_ALG_XTS)) || \
+ defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
+ (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
+ !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
+ (defined(PSA_WANT_ALG_CBC_PKCS7) && \
+ !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
+ (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
+#define PSA_HAVE_SOFT_BLOCK_MODE 1
+#endif
+
+#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \
+ (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM))
+#define PSA_HAVE_SOFT_BLOCK_AEAD 1
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_AES)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#define PSA_HAVE_SOFT_KEY_TYPE_AES 1
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
+ defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
+ defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
+#define MBEDTLS_AES_C
+#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
+#endif /* PSA_WANT_KEY_TYPE_AES */
+
+#if defined(PSA_WANT_KEY_TYPE_ARC4)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
+#define MBEDTLS_ARC4_C
+#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 */
+#endif /* PSA_WANT_KEY_TYPE_ARC4 */
+
+#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
+#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
+ defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
+ defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
+#define MBEDTLS_CAMELLIA_C
+#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
+#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
+
+#if defined(PSA_WANT_KEY_TYPE_DES)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
+#define PSA_HAVE_SOFT_KEY_TYPE_DES 1
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
+ defined(PSA_HAVE_SOFT_BLOCK_MODE)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
+#define MBEDTLS_DES_C
+#endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
+#endif /* PSA_WANT_KEY_TYPE_DES */
+
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
+#define MBEDTLS_CHACHA20_C
+#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */
+#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
+
+/* If any of the software block ciphers are selected, define
+ * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
+ * situations. */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
+ defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
+ defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
+#define PSA_HAVE_SOFT_BLOCK_CIPHER 1
+#endif
+
+#if defined(PSA_WANT_ALG_STREAM_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
+#endif /* PSA_WANT_ALG_STREAM_CIPHER */
+
+#if defined(PSA_WANT_ALG_CBC_MAC)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
+#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
+#endif /* PSA_WANT_ALG_CBC_MAC */
+
+#if defined(PSA_WANT_ALG_CMAC)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
+ defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
+#define MBEDTLS_CMAC_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
+#endif /* PSA_WANT_ALG_CMAC */
+
+#if defined(PSA_WANT_ALG_CTR)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
+ defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
+#define MBEDTLS_CIPHER_MODE_CTR
+#endif
+#endif /* PSA_WANT_ALG_CTR */
+
+#if defined(PSA_WANT_ALG_CFB)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
+ defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
+#define MBEDTLS_CIPHER_MODE_CFB
+#endif
+#endif /* PSA_WANT_ALG_CFB */
+
+#if defined(PSA_WANT_ALG_OFB)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
+ defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
+#define MBEDTLS_CIPHER_MODE_OFB
+#endif
+#endif /* PSA_WANT_ALG_OFB */
+
+#if defined(PSA_WANT_ALG_XTS)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_XTS) || \
+ defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_XTS 1
+#define MBEDTLS_CIPHER_MODE_XTS
+#endif
+#endif /* PSA_WANT_ALG_XTS */
+
+#if defined(PSA_WANT_ALG_ECB_NO_PADDING)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
+#endif
+
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
+ defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
+#endif
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
+
+#if defined(PSA_WANT_ALG_CBC_PKCS7)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
+ defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#endif
+#endif /* PSA_WANT_ALG_CBC_PKCS7 */
+
+#if defined(PSA_WANT_ALG_CCM)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
+ defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
+ defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
+#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
+#define MBEDTLS_CCM_C
+#endif
+#endif /* PSA_WANT_ALG_CCM */
+
+#if defined(PSA_WANT_ALG_GCM)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
+ defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
+ defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
+#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
+#define MBEDTLS_GCM_C
+#endif
+#endif /* PSA_WANT_ALG_GCM */
+
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
+#define MBEDTLS_CHACHAPOLY_C
+#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
+#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
+#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */
+#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */
+#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */
+#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
+
+#if defined(PSA_WANT_ECC_MONTGOMERY_255)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */
+#endif /* PSA_WANT_ECC_MONTGOMERY_255 */
+
+#if defined(PSA_WANT_ECC_MONTGOMERY_448)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)
+/*
+ * Curve448 is not yet supported via the PSA API in Mbed TLS
+ * (https://github.com/ARMmbed/mbedtls/issues/4249).
+ */
+#error "Curve448 is not yet supported via the PSA API in Mbed TLS."
+#define MBEDTLS_ECP_DP_CURVE448_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */
+#endif /* PSA_WANT_ECC_MONTGOMERY_448 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_192)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */
+#endif /* PSA_WANT_ECC_SECP_R1_192 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_224)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */
+#endif /* PSA_WANT_ECC_SECP_R1_224 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_256)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */
+#endif /* PSA_WANT_ECC_SECP_R1_256 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_384)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */
+#endif /* PSA_WANT_ECC_SECP_R1_384 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_521)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */
+#endif /* PSA_WANT_ECC_SECP_R1_521 */
+
+#if defined(PSA_WANT_ECC_SECP_K1_192)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */
+#endif /* PSA_WANT_ECC_SECP_K1_192 */
+
+#if defined(PSA_WANT_ECC_SECP_K1_224)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)
+/*
+ * SECP224K1 is buggy via the PSA API in Mbed TLS
+ * (https://github.com/ARMmbed/mbedtls/issues/3541).
+ */
+#error "SECP224K1 is buggy via the PSA API in Mbed TLS."
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */
+#endif /* PSA_WANT_ECC_SECP_K1_224 */
+
+#if defined(PSA_WANT_ECC_SECP_K1_256)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */
+#endif /* PSA_WANT_ECC_SECP_K1_256 */
+
+
+
+/****************************************************************/
+/* Infer PSA requirements from Mbed TLS capabilities */
+/****************************************************************/
+
#else /* MBEDTLS_PSA_CRYPTO_CONFIG */
/*
@@ -227,6 +534,16 @@
* is not defined
*/
+#if defined(MBEDTLS_CCM_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
+#define PSA_WANT_ALG_CCM 1
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_CMAC_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
+#define PSA_WANT_ALG_CMAC 1
+#endif /* MBEDTLS_CMAC_C */
+
#if defined(MBEDTLS_ECDH_C)
#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
#define PSA_WANT_ALG_ECDH 1
@@ -235,6 +552,7 @@
#if defined(MBEDTLS_ECDSA_C)
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
#define PSA_WANT_ALG_ECDSA 1
+#define PSA_WANT_ALG_ECDSA_ANY 1
// Only add in DETERMINISTIC support if ECDSA is also enabled
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
@@ -251,6 +569,11 @@
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
#endif /* MBEDTLS_ECP_C */
+#if defined(MBEDTLS_GCM_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
+#define PSA_WANT_ALG_GCM 1
+#endif /* MBEDTLS_GCM_C */
+
#if defined(MBEDTLS_HKDF_C)
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define PSA_WANT_ALG_HMAC 1
@@ -261,6 +584,7 @@
#if defined(MBEDTLS_MD_C)
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define PSA_WANT_ALG_HMAC 1
+#define PSA_WANT_KEY_TYPE_HMAC
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
#define PSA_WANT_ALG_TLS12_PRF 1
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
@@ -293,6 +617,7 @@
#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1
#endif /* MBEDTLSS_PKCS1_V15 */
#if defined(MBEDTLS_PKCS1_V21)
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
@@ -314,6 +639,7 @@
#if defined(MBEDTLS_SHA256_C)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
+#define PSA_WANT_ALG_SHA_224 1
#define PSA_WANT_ALG_SHA_256 1
#endif
@@ -326,8 +652,147 @@
#define PSA_WANT_ALG_SHA_512 1
#endif
+#if defined(MBEDTLS_AES_C)
+#define PSA_WANT_KEY_TYPE_AES 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+#define PSA_WANT_KEY_TYPE_ARC4 1
+#define PSA_WANT_ALG_STREAM_CIPHER 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
+#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#define PSA_WANT_KEY_TYPE_CAMELLIA 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
+#endif
+
+#if defined(MBEDTLS_DES_C)
+#define PSA_WANT_KEY_TYPE_DES 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
+#endif
+
+#if defined(MBEDTLS_CHACHA20_C)
+#define PSA_WANT_KEY_TYPE_CHACHA20 1
+#define PSA_WANT_ALG_STREAM_CIPHER 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
+#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#define PSA_WANT_ALG_CHACHA20_POLY1305 1
+#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
+#endif
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
+#define PSA_WANT_ALG_CBC_NO_PADDING 1
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
+#define PSA_WANT_ALG_CBC_PKCS7 1
+#endif
+#endif
+
+#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
+ defined(MBEDTLS_CAMELLIA_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
+#define PSA_WANT_ALG_ECB_NO_PADDING 1
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
+#define PSA_WANT_ALG_CFB 1
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
+#define PSA_WANT_ALG_CTR 1
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
+#define PSA_WANT_ALG_OFB 1
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+#define MBEDTLS_PSA_BUILTIN_ALG_XTS 1
+#define PSA_WANT_ALG_XTS 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_256
+#endif
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_384
+#endif
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_512
+#endif
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
+#define PSA_WANT_ECC_MONTGOMERY_255
+#endif
+
+/* Curve448 is not yet supported via the PSA API (https://github.com/ARMmbed/mbedtls/issues/4249) */
+#if 0 && defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
+#define PSA_WANT_ECC_MONTGOMERY_448
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
+#define PSA_WANT_ECC_SECP_R1_192
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
+#define PSA_WANT_ECC_SECP_R1_224
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
+#define PSA_WANT_ECC_SECP_R1_256
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
+#define PSA_WANT_ECC_SECP_R1_384
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
+#define PSA_WANT_ECC_SECP_R1_521
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
+#define PSA_WANT_ECC_SECP_K1_192
+#endif
+
+/* SECP224K1 is buggy via the PSA API (https://github.com/ARMmbed/mbedtls/issues/3541) */
+#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
+#define PSA_WANT_ECC_SECP_K1_224
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
+#define PSA_WANT_ECC_SECP_K1_256
+#endif
+
#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
+/* These features are always enabled. */
+#define PSA_WANT_KEY_TYPE_DERIVE 1
+#define PSA_WANT_KEY_TYPE_RAW_DATA 1
+
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index 7f1d232..dc4adc8 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -53,10 +53,14 @@
#include "mbedtls/threading.h"
#endif
-#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */
-#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< The requested random buffer length is too big. */
-#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< The input (entropy + additional data) is too large. */
-#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read or write error in file. */
+/** The entropy source failed. */
+#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
+/** The requested random buffer length is too big. */
+#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
+/** The input (entropy + additional data) is too large. */
+#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
+/** Read or write error in file. */
+#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< The block size used by the cipher. */
@@ -200,6 +204,13 @@
void *p_entropy; /*!< The context for the entropy function. */
#if defined(MBEDTLS_THREADING_C)
+ /* Invariant: the mutex is initialized if and only if f_entropy != NULL.
+ * This means that the mutex is initialized during the initial seeding
+ * in mbedtls_ctr_drbg_seed() and freed in mbedtls_ctr_drbg_free().
+ *
+ * Note that this invariant may change without notice. Do not rely on it
+ * and do not access the mutex directly in application code.
+ */
mbedtls_threading_mutex_t mutex;
#endif
}
@@ -264,6 +275,15 @@
* make a second call to \p f_entropy.
*/
#endif
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note When Mbed TLS is built with threading support,
+ * after this function returns successfully,
+ * it is safe to call mbedtls_ctr_drbg_random()
+ * from multiple threads. Other operations, including
+ * reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
/**
* - The \p custom string.
*
@@ -290,6 +310,8 @@
* the same context unless you call
* mbedtls_ctr_drbg_free() and mbedtls_ctr_drbg_init()
* again first.
+ * After a failed call to mbedtls_ctr_drbg_seed(),
+ * you must call mbedtls_ctr_drbg_free().
* \param f_entropy The entropy callback, taking as arguments the
* \p p_entropy context, the buffer to fill, and the
* length of the buffer.
@@ -405,6 +427,11 @@
* \brief This function reseeds the CTR_DRBG context, that is
* extracts data from the entropy source.
*
+ * \note This function is not thread-safe. It is not safe
+ * to call this function if another thread might be
+ * concurrently obtaining random numbers from the same
+ * context or updating or reseeding the same context.
+ *
* \param ctx The CTR_DRBG context.
* \param additional Additional data to add to the state. Can be \c NULL.
* \param len The length of the additional data.
@@ -422,6 +449,11 @@
/**
* \brief This function updates the state of the CTR_DRBG context.
*
+ * \note This function is not thread-safe. It is not safe
+ * to call this function if another thread might be
+ * concurrently obtaining random numbers from the same
+ * context or updating or reseeding the same context.
+ *
* \param ctx The CTR_DRBG context.
* \param additional The data to update the state with. This must not be
* \c NULL unless \p add_len is \c 0.
@@ -445,6 +477,11 @@
* This function automatically reseeds if the reseed counter is exceeded
* or prediction resistance is enabled.
*
+ * \note This function is not thread-safe. It is not safe
+ * to call this function if another thread might be
+ * concurrently obtaining random numbers from the same
+ * context or updating or reseeding the same context.
+ *
* \param p_rng The CTR_DRBG context. This must be a pointer to a
* #mbedtls_ctr_drbg_context structure.
* \param output The buffer to fill.
@@ -473,8 +510,16 @@
*
* This function automatically reseeds if the reseed counter is exceeded
* or prediction resistance is enabled.
- *
- *
+ */
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note When Mbed TLS is built with threading support,
+ * it is safe to call mbedtls_ctr_drbg_random()
+ * from multiple threads. Other operations, including
+ * reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
+/**
* \param p_rng The CTR_DRBG context. This must be a pointer to a
* #mbedtls_ctr_drbg_context structure.
* \param output The buffer to fill.
diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index ab5b037..3c08244 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -80,6 +80,55 @@
#endif /* MBEDTLS_DEBUG_C */
+/**
+ * \def MBEDTLS_PRINTF_ATTRIBUTE
+ *
+ * Mark a function as having printf attributes, and thus enable checking
+ * via -wFormat and other flags. This does nothing on builds with compilers
+ * that do not support the format attribute
+ *
+ * Module: library/debug.c
+ * Caller:
+ *
+ * This module provides debugging functions.
+ */
+#if defined(__has_attribute)
+#if __has_attribute(format)
+#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1
+#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
+ __attribute__((__format__ (gnu_printf, string_index, first_to_check)))
+#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */
+#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
+ __attribute__((format(printf, string_index, first_to_check)))
+#endif
+#else /* __has_attribute(format) */
+#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)
+#endif /* __has_attribute(format) */
+#else /* defined(__has_attribute) */
+#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)
+#endif
+
+/**
+ * \def MBEDTLS_PRINTF_SIZET
+ *
+ * MBEDTLS_PRINTF_xxx: Due to issues with older window compilers
+ * and MinGW we need to define the printf specifier for size_t
+ * and long long per platform.
+ *
+ * Module: library/debug.c
+ * Caller:
+ *
+ * This module provides debugging functions.
+ */
+#if (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800)
+ #include <inttypes.h>
+ #define MBEDTLS_PRINTF_SIZET PRIuPTR
+ #define MBEDTLS_PRINTF_LONGLONG "I64d"
+#else /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+ #define MBEDTLS_PRINTF_SIZET "zu"
+ #define MBEDTLS_PRINTF_LONGLONG "lld"
+#endif /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -118,7 +167,7 @@
*/
void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
- const char *format, ... );
+ const char *format, ... ) MBEDTLS_PRINTF_ATTRIBUTE(5, 6);
/**
* \brief Print the return value of a function to the debug output. This
diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h
index 549d19b..6bfe654 100644
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@@ -39,10 +39,12 @@
#define MBEDTLS_DES_ENCRYPT 1
#define MBEDTLS_DES_DECRYPT 0
-#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */
+/** The data input has an invalid length. */
+#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032
/* MBEDTLS_ERR_DES_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED -0x0033 /**< DES hardware accelerator failed. */
+/** DES hardware accelerator failed. */
+#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED -0x0033
#define MBEDTLS_DES_KEY_SIZE 8
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index c7830b9..c4b15a2 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -73,20 +73,31 @@
/*
* DHM Error codes
*/
-#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters. */
-#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
-#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
-#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
-#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
-#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
-#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
-#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
-#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */
+/** Bad input parameters. */
+#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080
+/** Reading of the DHM parameters failed. */
+#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100
+/** Making of the DHM parameters failed. */
+#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180
+/** Reading of the public values failed. */
+#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200
+/** Making of the public value failed. */
+#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280
+/** Calculation of the DHM secret failed. */
+#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300
+/** The ASN.1 data is not formatted correctly. */
+#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380
+/** Allocation of memory failed. */
+#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400
+/** Read or write of file failed. */
+#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480
/* MBEDTLS_ERR_DHM_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500 /**< DHM hardware accelerator failed. */
+/** DHM hardware accelerator failed. */
+#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500
-#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /**< Setting the modulus and generator failed. */
+/** Setting the modulus and generator failed. */
+#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 34dd0ea..0924341 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -45,19 +45,29 @@
/*
* ECP error codes
*/
-#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */
-#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< The requested feature is not available, for example, the requested curve is not supported. */
-#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */
-#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
-#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as ephemeral key, failed. */
-#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
-#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< The buffer contains a valid signature followed by more data. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80
+/** The buffer is too small to write to. */
+#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00
+/** The requested feature is not available, for example, the requested curve is not supported. */
+#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80
+/** The signature is not valid. */
+#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80
+/** Generation of random value, such as ephemeral key, failed. */
+#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00
+/** Invalid private or public key. */
+#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80
+/** The buffer contains a valid signature followed by more data. */
+#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00
/* MBEDTLS_ERR_ECP_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80 /**< The ECP hardware accelerator failed. */
+/** The ECP hardware accelerator failed. */
+#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80
-#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00 /**< Operation in progress, call again with the same parameters to continue. */
+/** Operation in progress, call again with the same parameters to continue. */
+#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00
/* Flags indicating whether to include code that is specific to certain
* types of curves. These flags are for internal library use only. */
@@ -96,6 +106,7 @@
* - Add it at the end of this enum, otherwise you'll break the ABI by
* changing the numerical value for existing curves.
* - Increment MBEDTLS_ECP_DP_MAX below if needed.
+ * - Update the calculation of MBEDTLS_ECP_MAX_BITS_MIN below.
* - Add the corresponding MBEDTLS_ECP_DP_xxx_ENABLED macro definition to
* config.h.
* - List the curve as a dependency of MBEDTLS_ECP_C and
@@ -171,6 +182,40 @@
}
mbedtls_ecp_point;
+/* Determine the minimum safe value of MBEDTLS_ECP_MAX_BITS. */
+#if !defined(MBEDTLS_ECP_C)
+#define MBEDTLS_ECP_MAX_BITS_MIN 0
+/* Note: the curves must be listed in DECREASING size! */
+#elif defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 521
+#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 512
+#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 448
+#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 384
+#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 384
+#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 256
+#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 256
+#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 256
+#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 255
+#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 225 // n is slightly above 2^224
+#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 224
+#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 192
+#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 192
+#else
+#error "MBEDTLS_ECP_C enabled, but no curve?"
+#endif
+
#if !defined(MBEDTLS_ECP_ALT)
/*
* default mbed TLS elliptic curve arithmetic implementation
@@ -245,11 +290,23 @@
* \{
*/
-#if !defined(MBEDTLS_ECP_MAX_BITS)
+#if defined(MBEDTLS_ECP_MAX_BITS)
+
+#if MBEDTLS_ECP_MAX_BITS < MBEDTLS_ECP_MAX_BITS_MIN
+#error "MBEDTLS_ECP_MAX_BITS is smaller than the largest supported curve"
+#endif
+
+#elif defined(MBEDTLS_ECP_C)
/**
* The maximum size of the groups, that is, of \c N and \c P.
*/
-#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */
+#define MBEDTLS_ECP_MAX_BITS MBEDTLS_ECP_MAX_BITS_MIN
+
+#else
+/* MBEDTLS_ECP_MAX_BITS is not relevant without MBEDTLS_ECP_C, but set it
+ * to a nonzero value so that code that unconditionally allocates an array
+ * of a size based on it keeps working if built without ECC support. */
+#define MBEDTLS_ECP_MAX_BITS 1
#endif
#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
@@ -258,7 +315,8 @@
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
- * Default: 6.
+ * Default: a point where higher memory usage yields disminishing performance
+ * returns.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
@@ -275,7 +333,7 @@
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
-#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
+#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< The maximum window size used. */
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
@@ -466,8 +524,7 @@
/**
* \brief This function retrieves the information defined in
- * mbedtls_ecp_curve_info() for all supported curves in order
- * of preference.
+ * mbedtls_ecp_curve_info() for all supported curves.
*
* \note This function returns information about all curves
* supported by the library. Some curves may not be
@@ -1180,7 +1237,7 @@
*
* \param grp_id The ECP group identifier.
* \param key The destination key.
- * \param buf The the buffer containing the binary representation of the
+ * \param buf The buffer containing the binary representation of the
* key. (Big endian integer for Weierstrass curves, byte
* string for Montgomery curves.)
* \param buflen The length of the buffer in bytes.
diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 5a9c11c..d6ad8e7 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -48,11 +48,16 @@
#include "mbedtls/havege.h"
#endif
-#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */
-#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
-#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */
-#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D /**< No strong sources have been added to poll. */
-#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F /**< Read/write error in file. */
+/** Critical entropy source failure. */
+#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C
+/** No more sources can be added. */
+#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E
+/** No sources have been added to poll. */
+#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040
+/** No strong sources have been added to poll. */
+#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D
+/** Read/write error in file. */
+#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F
/**
* \name SECTION: Module settings
@@ -120,13 +125,15 @@
*/
typedef struct mbedtls_entropy_context
{
- int accumulator_started;
+ int accumulator_started; /* 0 after init.
+ * 1 after the first update.
+ * -1 after free. */
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_context accumulator;
#else
mbedtls_sha256_context accumulator;
#endif
- int source_count;
+ int source_count; /* Number of entries used in source. */
mbedtls_entropy_source_state source[MBEDTLS_ENTROPY_MAX_SOURCES];
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_state havege_data;
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index cd7731e..50f2538 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -30,6 +30,11 @@
#include <stddef.h>
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+ !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
/**
* Error code layout.
*
@@ -111,8 +116,58 @@
extern "C" {
#endif
-#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */
-#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */
+/** Generic error */
+#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001
+/** This is a bug in the library */
+#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E
+
+/**
+ * \brief Combines a high-level and low-level error code together.
+ *
+ * Wrapper macro for mbedtls_error_add(). See that function for
+ * more details.
+ */
+#define MBEDTLS_ERROR_ADD( high, low ) \
+ mbedtls_error_add( high, low, __FILE__, __LINE__ )
+
+#if defined(MBEDTLS_TEST_HOOKS)
+/**
+ * \brief Testing hook called before adding/combining two error codes together.
+ * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS.
+ */
+extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
+#endif
+
+/**
+ * \brief Combines a high-level and low-level error code together.
+ *
+ * This function can be called directly however it is usually
+ * called via the #MBEDTLS_ERROR_ADD macro.
+ *
+ * While a value of zero is not a negative error code, it is still an
+ * error code (that denotes success) and can be combined with both a
+ * negative error code or another value of zero.
+ *
+ * \note When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to
+ * call \link mbedtls_test_hook_error_add \endlink.
+ *
+ * \param high high-level error code. See error.h for more details.
+ * \param low low-level error code. See error.h for more details.
+ * \param file file where this error code addition occurred.
+ * \param line line where this error code addition occurred.
+ */
+static inline int mbedtls_error_add( int high, int low,
+ const char *file, int line )
+{
+#if defined(MBEDTLS_TEST_HOOKS)
+ if( *mbedtls_test_hook_error_add != NULL )
+ ( *mbedtls_test_hook_error_add )( high, low, file, line );
+#endif
+ (void)file;
+ (void)line;
+
+ return( high + low );
+}
/**
* \brief Translate a mbed TLS error code into a string representation,
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index 6b67361..9723a17 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -44,12 +44,15 @@
#define MBEDTLS_GCM_ENCRYPT 1
#define MBEDTLS_GCM_DECRYPT 0
-#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */
+/** Authenticated decryption failed. */
+#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012
/* MBEDTLS_ERR_GCM_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED -0x0013 /**< GCM hardware accelerator failed. */
+/** GCM hardware accelerator failed. */
+#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED -0x0013
-#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h
index 2e6b363..223004b 100644
--- a/include/mbedtls/hkdf.h
+++ b/include/mbedtls/hkdf.h
@@ -37,7 +37,8 @@
* \name HKDF Error codes
* \{
*/
-#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80 /**< Bad input parameters to function. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80
/* \} name */
#ifdef __cplusplus
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index 9116541..79132d4 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -41,10 +41,14 @@
/*
* Error codes
*/
-#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */
-#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */
-#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */
-#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */
+/** Too many random requested in single call. */
+#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003
+/** Input too large (Entropy + additional). */
+#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005
+/** Read/write error in file. */
+#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007
+/** The entropy source failed. */
+#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009
/**
* \name SECTION: Module settings
@@ -101,6 +105,14 @@
void *p_entropy; /*!< context for the entropy function */
#if defined(MBEDTLS_THREADING_C)
+ /* Invariant: the mutex is initialized if and only if
+ * md_ctx->md_info != NULL. This means that the mutex is initialized
+ * during the initial seeding in mbedtls_hmac_drbg_seed() or
+ * mbedtls_hmac_drbg_seed_buf() and freed in mbedtls_ctr_drbg_free().
+ *
+ * Note that this invariant may change without notice. Do not rely on it
+ * and do not access the mutex directly in application code.
+ */
mbedtls_threading_mutex_t mutex;
#endif
} mbedtls_hmac_drbg_context;
@@ -150,7 +162,17 @@
* \note During the initial seeding, this function calls
* the entropy source to obtain a nonce
* whose length is half the entropy length.
- *
+ */
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note When Mbed TLS is built with threading support,
+ * after this function returns successfully,
+ * it is safe to call mbedtls_hmac_drbg_random()
+ * from multiple threads. Other operations, including
+ * reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
+/**
* \param ctx HMAC_DRBG context to be seeded.
* \param md_info MD algorithm to use for HMAC_DRBG.
* \param f_entropy The entropy callback, taking as arguments the
@@ -189,7 +211,17 @@
*
* This function is meant for use in algorithms that need a pseudorandom
* input such as deterministic ECDSA.
- *
+ */
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note When Mbed TLS is built with threading support,
+ * after this function returns successfully,
+ * it is safe to call mbedtls_hmac_drbg_random()
+ * from multiple threads. Other operations, including
+ * reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
+/**
* \param ctx HMAC_DRBG context to be initialised.
* \param md_info MD algorithm to use for HMAC_DRBG.
* \param data Concatenation of the initial entropy string and
@@ -252,6 +284,11 @@
/**
* \brief This function updates the state of the HMAC_DRBG context.
*
+ * \note This function is not thread-safe. It is not safe
+ * to call this function if another thread might be
+ * concurrently obtaining random numbers from the same
+ * context or updating or reseeding the same context.
+ *
* \param ctx The HMAC_DRBG context.
* \param additional The data to update the state with.
* If this is \c NULL, there is no additional data.
@@ -268,6 +305,11 @@
* \brief This function reseeds the HMAC_DRBG context, that is
* extracts data from the entropy source.
*
+ * \note This function is not thread-safe. It is not safe
+ * to call this function if another thread might be
+ * concurrently obtaining random numbers from the same
+ * context or updating or reseeding the same context.
+ *
* \param ctx The HMAC_DRBG context.
* \param additional Additional data to add to the state.
* If this is \c NULL, there is no additional data
@@ -293,6 +335,11 @@
* This function automatically reseeds if the reseed counter is exceeded
* or prediction resistance is enabled.
*
+ * \note This function is not thread-safe. It is not safe
+ * to call this function if another thread might be
+ * concurrently obtaining random numbers from the same
+ * context or updating or reseeding the same context.
+ *
* \param p_rng The HMAC_DRBG context. This must be a pointer to a
* #mbedtls_hmac_drbg_context structure.
* \param output The buffer to fill.
@@ -322,7 +369,16 @@
*
* This function automatically reseeds if the reseed counter is exceeded
* or prediction resistance is enabled.
- *
+ */
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note When Mbed TLS is built with threading support,
+ * it is safe to call mbedtls_ctr_drbg_random()
+ * from multiple threads. Other operations, including
+ * reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
+/**
* \param p_rng The HMAC_DRBG context. This must be a pointer to a
* #mbedtls_hmac_drbg_context structure.
* \param output The buffer to fill.
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index e4354ba..ee24321 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -33,13 +33,18 @@
#include MBEDTLS_CONFIG_FILE
#endif
-#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
-#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
+/** The selected feature is not available. */
+#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180
+/** Opening or reading of file failed. */
+#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200
/* MBEDTLS_ERR_MD_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */
+/** MD hardware accelerator failed. */
+#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h
index 23c48f4..7f3d5cf 100644
--- a/include/mbedtls/md2.h
+++ b/include/mbedtls/md2.h
@@ -36,7 +36,8 @@
#include <stddef.h>
/* MBEDTLS_ERR_MD2_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B /**< MD2 hardware accelerator failed */
+/** MD2 hardware accelerator failed */
+#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h
index eeb1670..0238c67 100644
--- a/include/mbedtls/md4.h
+++ b/include/mbedtls/md4.h
@@ -37,7 +37,8 @@
#include <stdint.h>
/* MBEDTLS_ERR_MD4_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D /**< MD4 hardware accelerator failed */
+/** MD4 hardware accelerator failed */
+#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h
index aaca0f2..73e4dd2 100644
--- a/include/mbedtls/md5.h
+++ b/include/mbedtls/md5.h
@@ -36,7 +36,8 @@
#include <stdint.h>
/* MBEDTLS_ERR_MD5_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED -0x002F /**< MD5 hardware accelerator failed */
+/** MD5 hardware accelerator failed */
+#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED -0x002F
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index 55fd18b..ceb7d5f 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -49,19 +49,32 @@
#include <stddef.h>
#include <stdint.h>
-#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */
-#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */
-#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */
-#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */
-#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */
-#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */
-#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */
-#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */
-#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */
-#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */
-#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */
-#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047 /**< Polling the net context failed. */
-#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049 /**< Input invalid. */
+/** Failed to open a socket. */
+#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042
+/** The connection to the given server / port failed. */
+#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044
+/** Binding of the socket failed. */
+#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046
+/** Could not listen on the socket. */
+#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048
+/** Could not accept the incoming connection. */
+#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A
+/** Reading information from the socket failed. */
+#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C
+/** Sending information through the socket failed. */
+#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E
+/** Connection was reset by peer. */
+#define MBEDTLS_ERR_NET_CONN_RESET -0x0050
+/** Failed to get an IP address for the given hostname. */
+#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052
+/** Buffer is too small to hold the data. */
+#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043
+/** The context is invalid, eg because it was free()ed. */
+#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045
+/** Polling the net context failed. */
+#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047
+/** Input invalid. */
+#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049
#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */
@@ -124,6 +137,7 @@
*
* \return 0 if successful, or one of:
* MBEDTLS_ERR_NET_SOCKET_FAILED,
+ * MBEDTLS_ERR_NET_UNKNOWN_HOST,
* MBEDTLS_ERR_NET_BIND_FAILED,
* MBEDTLS_ERR_NET_LISTEN_FAILED
*
@@ -143,6 +157,8 @@
* can be NULL if client_ip is null
*
* \return 0 if successful, or
+ * MBEDTLS_ERR_NET_SOCKET_FAILED,
+ * MBEDTLS_ERR_NET_BIND_FAILED,
* MBEDTLS_ERR_NET_ACCEPT_FAILED, or
* MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small,
* MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
@@ -155,6 +171,10 @@
/**
* \brief Check and wait for the context to be ready for read/write
*
+ * \note The current implementation of this function uses
+ * select() and returns an error if the file descriptor
+ * is \c FD_SETSIZE or greater.
+ *
* \param ctx Socket to check
* \param rw Bitflag composed of MBEDTLS_NET_POLL_READ and
* MBEDTLS_NET_POLL_WRITE specifying the events
@@ -236,16 +256,21 @@
* 'timeout' seconds. If no error occurs, the actual amount
* read is returned.
*
+ * \note The current implementation of this function uses
+ * select() and returns an error if the file descriptor
+ * is \c FD_SETSIZE or greater.
+ *
* \param ctx Socket
* \param buf The buffer to write to
* \param len Maximum length of the buffer
* \param timeout Maximum number of milliseconds to wait for data
* 0 means no timeout (wait forever)
*
- * \return the number of bytes received,
- * or a non-zero error code:
- * MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out,
+ * \return The number of bytes received if successful.
+ * MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out.
* MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal.
+ * Another negative error code (MBEDTLS_ERR_NET_xxx)
+ * for other failures.
*
* \note This function will block (until data becomes available or
* timeout is reached) even if the socket is set to
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index e4c697b..1c39186 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -41,8 +41,10 @@
#include "mbedtls/md.h"
#endif
-#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
-#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */
+/** OID is not found. */
+#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E
+/** output buffer is too small */
+#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B
/* This is for the benefit of X.509, but defined here in order to avoid
* having a "backwards" include of x.509.h here */
diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h
index 78dbeb6..624d02d 100644
--- a/include/mbedtls/padlock.h
+++ b/include/mbedtls/padlock.h
@@ -34,7 +34,8 @@
#include "mbedtls/aes.h"
-#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
+/** Input data should be aligned. */
+#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030
#if defined(__has_feature)
#if __has_feature(address_sanitizer)
@@ -71,7 +72,7 @@
*
* \param feature The feature to detect
*
- * \return 1 if CPU has support for the feature, 0 otherwise
+ * \return non-zero if CPU has support for the feature, 0 otherwise
*/
int mbedtls_padlock_has_support( int feature );
diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h
index 4769bec..dfb4ff2 100644
--- a/include/mbedtls/pem.h
+++ b/include/mbedtls/pem.h
@@ -36,15 +36,24 @@
* PEM data.
* \{
*/
-#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */
-#define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */
-#define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180 /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */
-#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */
-#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */
-#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */
-#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */
-#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */
+/** No PEM header or footer found. */
+#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080
+/** PEM string is not as expected. */
+#define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180
+/** RSA IV is not in hex-format. */
+#define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200
+/** Unsupported key encryption algorithm. */
+#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280
+/** Private key password can't be empty. */
+#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380
+/** Unavailable feature, e.g. hashing/encryption combination. */
+#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480
/* \} name */
#ifdef __cplusplus
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 7d0f977..8f2abf2 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -52,23 +52,38 @@
#define inline __inline
#endif
-#define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 /**< Memory allocation failed. */
-#define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */
-#define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 /**< Read/write of file failed. */
-#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 /**< Unsupported key version */
-#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 /**< Invalid key tag or value. */
-#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */
-#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00 /**< Private key password can't be empty. */
-#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80 /**< Given private key password does not allow for correct decryption. */
-#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */
-#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */
-#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */
-#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */
-#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80
+/** Type mismatch, eg attempt to encrypt with an ECDSA key */
+#define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80
+/** Read/write of file failed. */
+#define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00
+/** Unsupported key version */
+#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80
+/** Invalid key tag or value. */
+#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00
+/** Key algorithm is unsupported (only RSA and EC are supported). */
+#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80
+/** Private key password can't be empty. */
+#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80
+/** The pubkey tag or value is invalid (only RSA and EC are supported). */
+#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00
+/** The algorithm tag or value is invalid. */
+#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80
+/** Elliptic curve is unsupported (only NIST curves are supported). */
+#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00
+/** Unavailable feature, e.g. RSA disabled for RSA key. */
+#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980
+/** The buffer contains a valid signature followed by more data. */
+#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900
/* MBEDTLS_ERR_PK_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880 /**< PK hardware accelerator failed. */
+/** PK hardware accelerator failed. */
+#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index 4b8ce7e..ba9180b 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -34,10 +34,14 @@
#include <stddef.h>
-#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
-#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
-#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80
+/** Feature not available, e.g. unsupported encryption scheme. */
+#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00
+/** PBE ASN.1 data not as expected. */
+#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00
#define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
#define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */
diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h
index 8f348ce..696930f 100644
--- a/include/mbedtls/pkcs5.h
+++ b/include/mbedtls/pkcs5.h
@@ -36,10 +36,14 @@
#include <stddef.h>
#include <stdint.h>
-#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00 /**< Unexpected ASN.1 data. */
-#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80 /**< Requested encryption or digest alg not available. */
-#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 /**< Given private key password does not allow for correct decryption. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80
+/** Unexpected ASN.1 data. */
+#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00
+/** Requested encryption or digest alg not available. */
+#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00
#define MBEDTLS_PKCS5_DECRYPT 0
#define MBEDTLS_PKCS5_ENCRYPT 1
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index fde5ee8..bdef074 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -41,8 +41,10 @@
#include "mbedtls/platform_time.h"
#endif
-#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */
-#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */
+/** Hardware accelerator failed */
+#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070
+/** The requested feature is not supported by the platform */
+#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h
index 905c145..a69ede9 100644
--- a/include/mbedtls/poly1305.h
+++ b/include/mbedtls/poly1305.h
@@ -41,15 +41,18 @@
#include <stdint.h>
#include <stddef.h>
-#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057 /**< Invalid input parameter(s). */
+/** Invalid input parameter(s). */
+#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057
/* MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE is deprecated and should not be
* used. */
-#define MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE -0x0059 /**< Feature not available. For example, s part of the API is not implemented. */
+/** Feature not available. For example, s part of the API is not implemented. */
+#define MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE -0x0059
/* MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED is deprecated and should not be used.
*/
-#define MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED -0x005B /**< Poly1305 hardware accelerator failed. */
+/** Poly1305 hardware accelerator failed. */
+#define MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED -0x005B
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index d8a32c5..691ff3c 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -86,14 +86,14 @@
case MBEDTLS_MODE_ECB:
return( PSA_ALG_ECB_NO_PADDING );
case MBEDTLS_MODE_GCM:
- return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) );
+ return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) );
case MBEDTLS_MODE_CCM:
- return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, taglen ) );
+ return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) );
case MBEDTLS_MODE_CBC:
if( taglen == 0 )
return( PSA_ALG_CBC_NO_PADDING );
- /* Intentional fallthrough for taglen != 0 */
- /* fallthrough */
+ else
+ return( 0 );
default:
return( 0 );
}
@@ -151,7 +151,8 @@
case MBEDTLS_MD_RIPEMD160:
return( PSA_ALG_RIPEMD160 );
#endif
- case MBEDTLS_MD_NONE: /* Intentional fallthrough */
+ case MBEDTLS_MD_NONE:
+ return( 0 );
default:
return( 0 );
}
@@ -419,4 +420,90 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+/* Expose whatever RNG the PSA subsystem uses to applications using the
+ * mbedtls_xxx API. The declarations and definitions here need to be
+ * consistent with the implementation in library/psa_crypto_random_impl.h.
+ * See that file for implementation documentation. */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+/* The type of a `f_rng` random generator function that many library functions
+ * take.
+ *
+ * This type name is not part of the Mbed TLS stable API. It may be renamed
+ * or moved without warning.
+ */
+typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size );
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+
+/** The random generator function for the PSA subsystem.
+ *
+ * This function is suitable as the `f_rng` random generator function
+ * parameter of many `mbedtls_xxx` functions. Use #MBEDTLS_PSA_RANDOM_STATE
+ * to obtain the \p p_rng parameter.
+ *
+ * The implementation of this function depends on the configuration of the
+ * library.
+ *
+ * \note Depending on the configuration, this may be a function or
+ * a pointer to a function.
+ *
+ * \note This function may only be used if the PSA crypto subsystem is active.
+ * This means that you must call psa_crypto_init() before any call to
+ * this function, and you must not call this function after calling
+ * mbedtls_psa_crypto_free().
+ *
+ * \param p_rng The random generator context. This must be
+ * #MBEDTLS_PSA_RANDOM_STATE. No other state is
+ * supported.
+ * \param output The buffer to fill. It must have room for
+ * \c output_size bytes.
+ * \param output_size The number of bytes to write to \p output.
+ * This function may fail if \p output_size is too
+ * large. It is guaranteed to accept any output size
+ * requested by Mbed TLS library functions. The
+ * maximum request size depends on the library
+ * configuration.
+ *
+ * \return \c 0 on success.
+ * \return An `MBEDTLS_ERR_ENTROPY_xxx`,
+ * `MBEDTLS_ERR_PLATFORM_xxx,
+ * `MBEDTLS_ERR_CTR_DRBG_xxx` or
+ * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
+ */
+int mbedtls_psa_get_random( void *p_rng,
+ unsigned char *output,
+ size_t output_size );
+
+/** The random generator state for the PSA subsystem.
+ *
+ * This macro expands to an expression which is suitable as the `p_rng`
+ * random generator state parameter of many `mbedtls_xxx` functions.
+ * It must be used in combination with the random generator function
+ * mbedtls_psa_get_random().
+ *
+ * The implementation of this macro depends on the configuration of the
+ * library. Do not make any assumption on its nature.
+ */
+#define MBEDTLS_PSA_RANDOM_STATE NULL
+
+#else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/ctr_drbg.h"
+typedef mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t;
+static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_ctr_drbg_random;
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+#include "mbedtls/hmac_drbg.h"
+typedef mbedtls_hmac_drbg_context mbedtls_psa_drbg_context_t;
+static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_hmac_drbg_random;
+#endif
+extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
+
+#define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
+
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
#endif /* MBEDTLS_PSA_UTIL_H */
diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h
index 381c725..63270d1 100644
--- a/include/mbedtls/ripemd160.h
+++ b/include/mbedtls/ripemd160.h
@@ -33,7 +33,8 @@
/* MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED is deprecated and should not be used.
*/
-#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031 /**< RIPEMD160 hardware accelerator failed */
+/** RIPEMD160 hardware accelerator failed */
+#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 6a31514..3c481e1 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -44,22 +44,33 @@
/*
* RSA Error codes
*/
-#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */
-#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */
-#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the validity check of the library. */
-#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */
-#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */
-#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */
-#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */
-#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
+/** Input data contains invalid padding and is rejected. */
+#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
+/** Something failed during generation of a key. */
+#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
+/** Key failed to pass the validity check of the library. */
+#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
+/** The public key operation failed. */
+#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
+/** The private key operation failed. */
+#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
+/** The PKCS#1 verification failed. */
+#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
+/** The output buffer for decryption is not large enough. */
+#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
+/** The random generator failed to generate non-zeros. */
+#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
/* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used.
*/
-#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500 /**< The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */
+/** The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */
+#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500
/* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580 /**< RSA hardware accelerator failed. */
+/** RSA hardware accelerator failed. */
+#define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580
/*
* RSA constants
@@ -97,7 +108,10 @@
*/
typedef struct mbedtls_rsa_context
{
- int ver; /*!< Always 0.*/
+ int ver; /*!< Reserved for internal purposes.
+ * Do not set this field in application
+ * code. Its meaning might change without
+ * notice. */
size_t len; /*!< The size of \p N in Bytes. */
mbedtls_mpi N; /*!< The public modulus. */
@@ -127,6 +141,7 @@
mask generating function used in the
EME-OAEP and EMSA-PSS encodings. */
#if defined(MBEDTLS_THREADING_C)
+ /* Invariant: the mutex is initialized iff ver != 0. */
mbedtls_threading_mutex_t mutex; /*!< Thread-safety mutex. */
#endif
}
@@ -972,12 +987,69 @@
* \brief This function performs a PKCS#1 v2.1 PSS signature
* operation (RSASSA-PSS-SIGN).
*
- * \note The \p hash_id in the RSA context is the one used for the
- * encoding. \p md_alg in the function call is the type of hash
- * that is encoded. According to <em>RFC-3447: Public-Key
+ * \note The \c hash_id set in \p ctx (when calling
+ * mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ * afterwards) selects the hash used for the
+ * encoding operation and for the mask generation function
+ * (MGF1). For more details on the encoding operation and the
+ * mask generation function, consult <em>RFC-3447: Public-Key
* Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
- * Specifications</em> it is advised to keep both hashes the
- * same.
+ * Specifications</em>.
+ *
+ * \note This function enforces that the provided salt length complies
+ * with FIPS 186-4 §5.5 (e) and RFC 8017 (PKCS#1 v2.2) §9.1.1
+ * step 3. The constraint is that the hash length plus the salt
+ * length plus 2 bytes must be at most the key length. If this
+ * constraint is not met, this function returns
+ * #MBEDTLS_ERR_RSA_BAD_INPUT_DATA.
+ *
+ * \param ctx The initialized RSA context to use.
+ * \param f_rng The RNG function. It must not be \c NULL.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL
+ * if \p f_rng doesn't need a context argument.
+ * \param md_alg The message-digest algorithm used to hash the original data.
+ * Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen The length of the message digest.
+ * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash The buffer holding the message digest or raw data.
+ * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable
+ * buffer of length \p hashlen Bytes. If \p md_alg is not
+ * #MBEDTLS_MD_NONE, it must be a readable buffer of length
+ * the size of the hash corresponding to \p md_alg.
+ * \param saltlen The length of the salt that should be used.
+ * If passed #MBEDTLS_RSA_SALT_LEN_ANY, the function will use
+ * the largest possible salt length up to the hash length,
+ * which is the largest permitted by some standards including
+ * FIPS 186-4 §5.5.
+ * \param sig The buffer to hold the signature. This must be a writable
+ * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
+ * for an 2048-bit RSA modulus. A buffer length of
+ * #MBEDTLS_MPI_MAX_SIZE is always safe.
+ *
+ * \return \c 0 if the signing operation was successful.
+ * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
+ */
+int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ int saltlen,
+ unsigned char *sig );
+
+/**
+ * \brief This function performs a PKCS#1 v2.1 PSS signature
+ * operation (RSASSA-PSS-SIGN).
+ *
+ * \note The \c hash_id set in \p ctx (when calling
+ * mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ * afterwards) selects the hash used for the
+ * encoding operation and for the mask generation function
+ * (MGF1). For more details on the encoding operation and the
+ * mask generation function, consult <em>RFC-3447: Public-Key
+ * Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
+ * Specifications</em>.
*
* \note This function always uses the maximum possible salt size,
* up to the length of the payload hash. This choice of salt
@@ -1007,7 +1079,7 @@
* \param md_alg The message-digest algorithm used to hash the original data.
* Use #MBEDTLS_MD_NONE for signing raw data.
* \param hashlen The length of the message digest.
- * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * This is only used if \p md_alg is #MBEDTLS_MD_NONE.
* \param hash The buffer holding the message digest or raw data.
* If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable
* buffer of length \p hashlen Bytes. If \p md_alg is not
@@ -1133,16 +1205,15 @@
* \brief This function performs a PKCS#1 v2.1 PSS verification
* operation (RSASSA-PSS-VERIFY).
*
- * The hash function for the MGF mask generating function
- * is that specified in the RSA context.
- *
- * \note The \p hash_id in the RSA context is the one used for the
- * verification. \p md_alg in the function call is the type of
- * hash that is verified. According to <em>RFC-3447: Public-Key
+ * \note The \c hash_id set in \p ctx (when calling
+ * mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ * afterwards) selects the hash used for the
+ * encoding operation and for the mask generation function
+ * (MGF1). For more details on the encoding operation and the
+ * mask generation function, consult <em>RFC-3447: Public-Key
* Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
- * Specifications</em> it is advised to keep both hashes the
- * same. If \p hash_id in the RSA context is unset,
- * the \p md_alg from the function call is used.
+ * Specifications</em>. If the \c hash_id set in \p ctx is
+ * #MBEDTLS_MD_NONE, the \p md_alg parameter is used.
*
* \deprecated It is deprecated and discouraged to call this function
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
@@ -1190,13 +1261,12 @@
* \brief This function performs a PKCS#1 v2.1 PSS verification
* operation (RSASSA-PSS-VERIFY).
*
- * The hash function for the MGF mask generating function
- * is that specified in \p mgf1_hash_id.
- *
* \note The \p sig buffer must be as large as the size
* of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
*
- * \note The \p hash_id in the RSA context is ignored.
+ * \note The \c hash_id set in \p ctx (when calling
+ * mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ * afterwards) is ignored.
*
* \param ctx The initialized RSA public key context to use.
* \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE,
@@ -1215,7 +1285,13 @@
* buffer of length \p hashlen Bytes. If \p md_alg is not
* #MBEDTLS_MD_NONE, it must be a readable buffer of length
* the size of the hash corresponding to \p md_alg.
- * \param mgf1_hash_id The message digest used for mask generation.
+ * \param mgf1_hash_id The message digest algorithm used for the
+ * verification operation and the mask generation
+ * function (MGF1). For more details on the encoding
+ * operation and the mask generation function, consult
+ * <em>RFC-3447: Public-Key Cryptography Standards
+ * (PKCS) #1 v2.1: RSA Cryptography
+ * Specifications</em>.
* \param expected_salt_len The length of the salt used in padding. Use
* #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length.
* \param sig The buffer holding the signature. This must be a readable
diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h
index 86a3d06..4c3251b 100644
--- a/include/mbedtls/sha1.h
+++ b/include/mbedtls/sha1.h
@@ -39,8 +39,10 @@
#include <stdint.h>
/* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
-#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< SHA-1 input data was malformed. */
+/** SHA-1 hardware accelerator failed */
+#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035
+/** SHA-1 input data was malformed. */
+#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index 73d9544..cccd5c4 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h
@@ -35,8 +35,10 @@
#include <stdint.h>
/* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */
-#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 /**< SHA-256 input data was malformed. */
+/** SHA-256 hardware accelerator failed */
+#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037
+/** SHA-256 input data was malformed. */
+#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h
index 4a8ab42..cca47c2 100644
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@@ -34,8 +34,10 @@
#include <stdint.h>
/* MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039 /**< SHA-512 hardware accelerator failed */
-#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075 /**< SHA-512 input data was malformed. */
+/** SHA-512 hardware accelerator failed */
+#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039
+/** SHA-512 input data was malformed. */
+#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 7815ad9..2ed295a 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -75,64 +75,122 @@
/*
* SSL Error codes
*/
-#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */
-#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */
-#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */
-#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */
-#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */
-#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */
-#define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */
-#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */
-#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */
-#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */
-#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */
-#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */
-#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */
-#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */
-#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */
-#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */
-#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */
-#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */
-#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */
-#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */
-#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */
-#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */
-#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
-#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */
-#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */
-#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */
-#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */
-#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */
-#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */
-#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */
-#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< No data of requested type currently available on underlying transport. */
-#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */
-#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */
-#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */
-#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */
-#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600 /**< Couldn't set the hash for verifying CertificateVerify */
-#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */
-#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */
-#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000 /**< An encrypted DTLS-frame with an unexpected CID was received. */
-#define MBEDTLS_ERR_SSL_VERSION_MISMATCH -0x5F00 /**< An operation failed due to an unexpected version or configuration. */
-#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */
-#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 /**< Invalid value in SSL config */
+/** The requested feature is not available. */
+#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100
+/** Verification of the message MAC failed. */
+#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180
+/** An invalid SSL record was received. */
+#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200
+/** The connection indicated an EOF. */
+#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280
+/** An unknown cipher was received. */
+#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300
+/** The server has no ciphersuites in common with the client. */
+#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380
+/** No RNG was provided to the SSL module. */
+#define MBEDTLS_ERR_SSL_NO_RNG -0x7400
+/** No client certification received from the client, but required by the authentication mode. */
+#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480
+/** Our own certificate(s) is/are too large to send in an SSL message. */
+#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500
+/** The own certificate is not set, but needed by the server. */
+#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580
+/** The own private key or pre-shared key is not set, but needed. */
+#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600
+/** No CA Chain is set, but required to operate. */
+#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680
+/** An unexpected message was received from our peer. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700
+/** A fatal alert message was received from our peer. */
+#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780
+/** Verification of our peer failed. */
+#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800
+/** The peer notified us that the connection is going to be closed. */
+#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880
+/** Processing of the ClientHello handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900
+/** Processing of the ServerHello handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980
+/** Processing of the Certificate handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00
+/** Processing of the CertificateRequest handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80
+/** Processing of the ServerKeyExchange handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00
+/** Processing of the ServerHelloDone handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80
+/** Processing of the ClientKeyExchange handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00
+/** Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80
+/** Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00
+/** Processing of the CertificateVerify handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80
+/** Processing of the ChangeCipherSpec handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00
+/** Processing of the Finished handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80
+/** Memory allocation failed */
+#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00
+/** Hardware acceleration function returned with error */
+#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80
+/** Hardware acceleration function skipped / left alone data */
+#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80
+/** Processing of the compression / decompression failed */
+#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00
+/** Handshake protocol not within min/max boundaries */
+#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80
+/** Processing of the NewSessionTicket handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00
+/** Session ticket has expired. */
+#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80
+/** Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
+#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00
+/** Unknown identity received (eg, PSK identity) */
+#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80
+/** Internal error (eg, unexpected failure in lower-level module) */
+#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00
+/** A counter would wrap (eg, too many messages exchanged). */
+#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80
+/** Unexpected message at ServerHello in renegotiation. */
+#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00
+/** DTLS client must retry for hello verification */
+#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80
+/** A buffer is too small to receive or write a message */
+#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00
+/** None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */
+#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980
+/** No data of requested type currently available on underlying transport. */
+#define MBEDTLS_ERR_SSL_WANT_READ -0x6900
+/** Connection requires a write call. */
+#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880
+/** The operation timed out. */
+#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800
+/** The client initiated a reconnect from the same port. */
+#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780
+/** Record header looks valid but is not expected. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700
+/** The alert message received indicates a non-fatal error. */
+#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680
+/** Couldn't set the hash for verifying CertificateVerify */
+#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600
+/** Internal-only message signaling that further message-processing should be done */
+#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580
+/** The asynchronous operation is not completed yet. */
+#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500
+/** Internal-only message signaling that a message arrived early. */
+#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480
+/** An encrypted DTLS-frame with an unexpected CID was received. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000
+/** An operation failed due to an unexpected version or configuration. */
+#define MBEDTLS_ERR_SSL_VERSION_MISMATCH -0x5F00
+/** A cryptographic operation is in progress. Try again later. */
+#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000
+/** Invalid value in SSL config */
+#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80
/*
* Various constants
@@ -412,8 +470,14 @@
/* The value of the CID extension is still TBD as of
* draft-ietf-tls-dtls-connection-id-05
- * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) */
+ * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05).
+ *
+ * A future minor revision of Mbed TLS may change the default value of
+ * this option to match evolving standards and usage.
+ */
+#if !defined(MBEDTLS_TLS_EXT_CID)
#define MBEDTLS_TLS_EXT_CID 254 /* TBD */
+#endif
#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */
@@ -536,10 +600,11 @@
* \param buf Buffer to write the received data to
* \param len Length of the receive buffer
*
- * \return The callback must return the number of bytes received,
- * or a non-zero error code.
- * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ
+ * \returns If data has been received, the positive number of bytes received.
+ * \returns \c 0 if the connection has been closed.
+ * \returns If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ
* must be returned when the operation would block.
+ * \returns Another negative error code on other kinds of failures.
*
* \note The callback may receive fewer bytes than the length of the
* buffer. It must always return the number of bytes actually
@@ -2987,7 +3052,9 @@
#if defined(MBEDTLS_ECP_C)
/**
* \brief Set the allowed curves in order of preference.
- * (Default: all defined curves.)
+ * (Default: all defined curves in order of decreasing size,
+ * except that Montgomery curves come last. This order
+ * is likely to change in a future version.)
*
* On server: this only affects selection of the ECDHE curve;
* the curves used for ECDH and ECDSA are determined by the
@@ -3019,7 +3086,9 @@
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/**
* \brief Set the allowed hashes for signatures during the handshake.
- * (Default: all available hashes except MD5.)
+ * (Default: all SHA-2 hashes, largest first. Also SHA-1 if
+ * the compile-time option
+ * `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is enabled.)
*
* \note This only affects which hashes are offered and can be used
* for signatures during the handshake. Hashes for message
@@ -4327,7 +4396,7 @@
/**
* \brief TLS-PRF function for key derivation.
*
- * \param prf The tls_prf type funtion type to be used.
+ * \param prf The tls_prf type function type to be used.
* \param secret Secret for the key derivation function.
* \param slen Length of the secret.
* \param label String label for the key derivation function,
@@ -4337,7 +4406,7 @@
* \param dstbuf The buffer holding the derived key.
* \param dlen Length of the output buffer.
*
- * \return 0 on sucess. An SSL specific error on failure.
+ * \return 0 on success. An SSL specific error on failure.
*/
int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf,
const unsigned char *secret, size_t slen,
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 577c959..2097a6d 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -275,26 +275,26 @@
#endif
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-static inline uint32_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx )
+static inline size_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx )
{
#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID)
- return (uint32_t) mbedtls_ssl_get_output_max_frag_len( ctx )
+ return mbedtls_ssl_get_output_max_frag_len( ctx )
+ MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
+ MBEDTLS_SSL_CID_OUT_LEN_MAX;
#else
- return (uint32_t) mbedtls_ssl_get_output_max_frag_len( ctx )
+ return mbedtls_ssl_get_output_max_frag_len( ctx )
+ MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
#endif
}
-static inline uint32_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ctx )
+static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ctx )
{
#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID)
- return (uint32_t) mbedtls_ssl_get_input_max_frag_len( ctx )
+ return mbedtls_ssl_get_input_max_frag_len( ctx )
+ MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
+ MBEDTLS_SSL_CID_IN_LEN_MAX;
#else
- return (uint32_t) mbedtls_ssl_get_input_max_frag_len( ctx )
+ return mbedtls_ssl_get_input_max_frag_len( ctx )
+ MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
#endif
}
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index bf5fc97..a882eed 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -97,7 +97,7 @@
* Recommended value: 86400 (one day).
*
* \note It is highly recommended to select a cipher that is at
- * least as strong as the the strongest ciphersuite
+ * least as strong as the strongest ciphersuite
* supported. Usually that means a 256-bit key.
*
* \note The lifetime of the keys is twice the lifetime of tickets.
diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h
index 8baf15a..d147c73 100644
--- a/include/mbedtls/threading.h
+++ b/include/mbedtls/threading.h
@@ -36,16 +36,22 @@
/* MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE is deprecated and should not be
* used. */
-#define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A /**< The selected feature is not available. */
+/** The selected feature is not available. */
+#define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A
-#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C
+/** Locking / unlocking / free failed with error code. */
+#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E
#if defined(MBEDTLS_THREADING_PTHREAD)
#include <pthread.h>
typedef struct mbedtls_threading_mutex_t
{
pthread_mutex_t mutex;
+ /* is_valid is 0 after a failed init or a free, and nonzero after a
+ * successful init. This field is not considered part of the public
+ * API of Mbed TLS and may change without notice. */
char is_valid;
} mbedtls_threading_mutex_t;
#endif
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index 665a283..2740479 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -37,7 +37,7 @@
* Major, Minor, Patchlevel
*/
#define MBEDTLS_VERSION_MAJOR 2
-#define MBEDTLS_VERSION_MINOR 24
+#define MBEDTLS_VERSION_MINOR 27
#define MBEDTLS_VERSION_PATCH 0
/**
@@ -45,9 +45,9 @@
* MMNNPP00
* Major version | Minor version | Patch version
*/
-#define MBEDTLS_VERSION_NUMBER 0x02180000
-#define MBEDTLS_VERSION_STRING "2.24.0"
-#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.24.0"
+#define MBEDTLS_VERSION_NUMBER 0x021B0000
+#define MBEDTLS_VERSION_STRING "2.27.0"
+#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.27.0"
#if defined(MBEDTLS_VERSION_C)
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 08525e2..c177501 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -56,26 +56,46 @@
* \name X509 Error codes
* \{
*/
-#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
-#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */
-#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */
-#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */
-#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */
-#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */
-#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */
-#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
-#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
-#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */
-#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */
-#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */
-#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */
-#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */
-#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
+/** Unavailable feature, e.g. RSA hashing/encryption combination. */
+#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080
+/** Requested OID is unknown. */
+#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100
+/** The CRT/CRL/CSR format is invalid, e.g. different type expected. */
+#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180
+/** The CRT/CRL/CSR version element is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200
+/** The serial tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280
+/** The algorithm tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300
+/** The name tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380
+/** The date tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400
+/** The signature tag or value invalid. */
+#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480
+/** The extension tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500
+/** CRT/CRL/CSR has an unsupported version number. */
+#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580
+/** Signature algorithm (oid) is unsupported. */
+#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600
+/** Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
+#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680
+/** Certificate verification failed, e.g. CRL, CA or signature check failed. */
+#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700
+/** Format not recognized as DER or PEM. */
+#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780
+/** Input invalid. */
+#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800
+/** Allocation of memory failed. */
+#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880
+/** Read/write of file failed. */
+#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900
+/** Destination buffer is too small. */
+#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980
+/** A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
+#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000
/* \} name */
/**
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 8e389f8..64ccb43 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -263,12 +263,21 @@
/**
* Default security profile. Should provide a good balance between security
* and compatibility with current deployments.
+ *
+ * This profile permits:
+ * - SHA2 hashes.
+ * - All supported elliptic curves.
+ * - RSA with 2048 bits and above.
+ *
+ * New minor versions of Mbed TLS may extend this profile, for example if
+ * new curves are added to the library. New minor versions of Mbed TLS will
+ * not reduce this profile unless serious security concerns require it.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;
/**
* Expected next default profile. Recommended for new deployments.
- * Currently targets a 128-bit security level, except for RSA-2048.
+ * Currently targets a 128-bit security level, except for allowing RSA-2048.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next;
diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h
index 473dd4b..4bdc711 100644
--- a/include/mbedtls/xtea.h
+++ b/include/mbedtls/xtea.h
@@ -34,10 +34,12 @@
#define MBEDTLS_XTEA_ENCRYPT 1
#define MBEDTLS_XTEA_DECRYPT 0
-#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */
+/** The data input has an invalid length. */
+#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028
/* MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED -0x0029 /**< XTEA hardware accelerator failed. */
+/** XTEA hardware accelerator failed. */
+#define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED -0x0029
#ifdef __cplusplus
extern "C" {
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b41a20b..17bebf3 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -90,10 +90,14 @@
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
*/
psa_status_t psa_crypto_init(void);
@@ -260,6 +264,14 @@
* - An algorithm value permits this particular algorithm.
* - An algorithm wildcard built from #PSA_ALG_ANY_HASH allows the specified
* signature scheme with any hash algorithm.
+ * - An algorithm built from #PSA_ALG_AT_LEAST_THIS_LENGTH_MAC allows
+ * any MAC algorithm from the same base class (e.g. CMAC) which
+ * generates/verifies a MAC length greater than or equal to the length
+ * encoded in the wildcard algorithm.
+ * - An algorithm built from #PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG
+ * allows any AEAD algorithm from the same base class (e.g. CCM) which
+ * generates/verifies a tag length greater than or equal to the length
+ * encoded in the wildcard algorithm.
*
* This function overwrites any algorithm policy
* previously set in \p attributes.
@@ -368,6 +380,8 @@
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_CORRUPT
+ * \retval #PSA_ERROR_DATA_INVALID
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@@ -501,6 +515,8 @@
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
* \retval #PSA_ERROR_STORAGE_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
@@ -540,6 +556,10 @@
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* There was an failure in communication with the cryptoprocessor.
* The key material may still be present in the cryptoprocessor.
+ * \retval #PSA_ERROR_DATA_INVALID
+ * This error is typically a result of either storage corruption on a
+ * cleartext storage backend, or an attempt to read data that was
+ * written by an incompatible version of the library.
* \retval #PSA_ERROR_STORAGE_FAILURE
* The storage is corrupted. Implementations shall make a best effort
* to erase key material even in this stage, however applications
@@ -625,6 +645,8 @@
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_DATA_CORRUPT
+ * \retval #PSA_ERROR_DATA_INVALID
* \retval #PSA_ERROR_STORAGE_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
@@ -687,6 +709,8 @@
* For Weierstrass curves, this is the content of the `privateKey` field of
* the `ECPrivateKey` format defined by RFC 5915. For Montgomery curves,
* the format is defined by RFC 7748, and output is masked according to §5.
+ * For twisted Edwards curves, the private key is as defined by RFC 8032
+ * (a 32-byte string for Edwards25519, a 57-byte string for Edwards448).
* - For Diffie-Hellman key exchange key pairs (key types for which
* #PSA_KEY_TYPE_IS_DH_KEY_PAIR is true), the
* format is the representation of the private key `x` as a big-endian byte
@@ -713,7 +737,7 @@
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p data buffer is too small. You can determine a
* sufficient buffer size by calling
- * #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits)
+ * #PSA_EXPORT_KEY_OUTPUT_SIZE(\c type, \c bits)
* where \c type is the key type
* and \c bits is the key size in bits.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -752,7 +776,12 @@
* modulus INTEGER, -- n
* publicExponent INTEGER } -- e
* ```
- * - For elliptic curve public keys (key types for which
+ * - For elliptic curve keys on a twisted Edwards curve (key types for which
+ * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true and #PSA_KEY_TYPE_ECC_GET_FAMILY
+ * returns #PSA_ECC_FAMILY_TWISTED_EDWARDS), the public key is as defined
+ * by RFC 8032
+ * (a 32-byte string for Edwards25519, a 57-byte string for Edwards448).
+ * - For other elliptic curve public keys (key types for which
* #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed
* representation defined by SEC1 §2.3.3 as the content of an ECPoint.
* Let `m` be the bit size associated with the curve, i.e. the bit size of
@@ -783,7 +812,7 @@
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p data buffer is too small. You can determine a
* sufficient buffer size by calling
- * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits)
+ * #PSA_EXPORT_KEY_OUTPUT_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits)
* where \c type is the key type
* and \c bits is the key size in bits.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -822,7 +851,7 @@
* \param hash_size Size of the \p hash buffer in bytes.
* \param[out] hash_length On success, the number of bytes
* that make up the hash value. This is always
- * #PSA_HASH_SIZE(\p alg).
+ * #PSA_HASH_LENGTH(\p alg).
*
* \retval #PSA_SUCCESS
* Success.
@@ -1032,7 +1061,7 @@
* \param hash_size Size of the \p hash buffer in bytes.
* \param[out] hash_length On success, the number of bytes
* that make up the hash value. This is always
- * #PSA_HASH_SIZE(\c alg) where \c alg is the
+ * #PSA_HASH_LENGTH(\c alg) where \c alg is the
* hash algorithm that is calculated.
*
* \retval #PSA_SUCCESS
@@ -1041,7 +1070,7 @@
* The operation state is not valid (it must be active).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p hash buffer is too small. You can determine a
- * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg)
+ * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg)
* where \c alg is the hash algorithm that is calculated.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -1479,7 +1508,7 @@
* \param mac_size Size of the \p mac buffer in bytes.
* \param[out] mac_length On success, the number of bytes
* that make up the MAC value. This is always
- * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg)
+ * #PSA_MAC_LENGTH(\c key_type, \c key_bits, \c alg)
* where \c key_type and \c key_bits are the type and
* bit-size respectively of the key and \c alg is the
* MAC algorithm that is calculated.
@@ -1491,7 +1520,7 @@
* operation).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p mac buffer is too small. You can determine a
- * sufficient buffer size by calling PSA_MAC_FINAL_SIZE().
+ * sufficient buffer size by calling PSA_MAC_LENGTH().
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -2084,9 +2113,16 @@
* authentication tag is appended to the
* encrypted data.
* \param ciphertext_size Size of the \p ciphertext buffer in bytes.
- * This must be at least
- * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg,
- * \p plaintext_length).
+ * This must be appropriate for the selected
+ * algorithm and key:
+ * - A sufficient output size is
+ * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type,
+ * \p alg, \p plaintext_length) where
+ * \c key_type is the type of \p key.
+ * - #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p
+ * plaintext_length) evaluates to the maximum
+ * ciphertext size of any supported AEAD
+ * encryption.
* \param[out] ciphertext_length On success, the size of the output
* in the \p ciphertext buffer.
*
@@ -2100,7 +2136,11 @@
* \p alg is not supported or is not an AEAD algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
- * \p ciphertext_size is too small
+ * \p ciphertext_size is too small.
+ * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type, \p alg,
+ * \p plaintext_length) or
+ * #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length) can be used to
+ * determine the required buffer size.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
@@ -2144,9 +2184,16 @@
* \param ciphertext_length Size of \p ciphertext in bytes.
* \param[out] plaintext Output buffer for the decrypted data.
* \param plaintext_size Size of the \p plaintext buffer in bytes.
- * This must be at least
- * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg,
- * \p ciphertext_length).
+ * This must be appropriate for the selected
+ * algorithm and key:
+ * - A sufficient output size is
+ * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type,
+ * \p alg, \p ciphertext_length) where
+ * \c key_type is the type of \p key.
+ * - #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p
+ * ciphertext_length) evaluates to the maximum
+ * plaintext size of any supported AEAD
+ * decryption.
* \param[out] plaintext_length On success, the size of the output
* in the \p plaintext buffer.
*
@@ -2162,7 +2209,11 @@
* \p alg is not supported or is not an AEAD algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
- * \p plaintext_size or \p nonce_length is too small
+ * \p plaintext_size is too small.
+ * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type, \p alg,
+ * \p ciphertext_length) or
+ * #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length) can be used
+ * to determine the required buffer size.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
@@ -2583,10 +2634,18 @@
* \param input_length Size of the \p input buffer in bytes.
* \param[out] output Buffer where the output is to be written.
* \param output_size Size of the \p output buffer in bytes.
- * This must be at least
- * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg,
- * \p input_length) where \c alg is the
- * algorithm that is being calculated.
+ * This must be appropriate for the selected
+ * algorithm and key:
+ * - A sufficient output size is
+ * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type,
+ * \c alg, \p input_length) where
+ * \c key_type is the type of key and \c alg is
+ * the algorithm that were used to set up the
+ * operation.
+ * - #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p
+ * input_length) evaluates to the maximum
+ * output size of any supported AEAD
+ * algorithm.
* \param[out] output_length On success, the number of bytes
* that make up the returned output.
*
@@ -2597,9 +2656,9 @@
* set, and have lengths set if required by the algorithm).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p output buffer is too small.
- * You can determine a sufficient buffer size by calling
- * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, \p input_length)
- * where \c alg is the algorithm that is being calculated.
+ * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type, \c alg, \p input_length) or
+ * #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length) can be used to
+ * determine the required buffer size.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The total length of input to psa_aead_update_ad() so far is
* less than the additional data length that was previously
@@ -2636,9 +2695,7 @@
* This function has two output buffers:
* - \p ciphertext contains trailing ciphertext that was buffered from
* preceding calls to psa_aead_update().
- * - \p tag contains the authentication tag. Its length is always
- * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm
- * that the operation performs.
+ * - \p tag contains the authentication tag.
*
* When this function returns successfuly, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
@@ -2648,18 +2705,32 @@
* \param[out] ciphertext Buffer where the last part of the ciphertext
* is to be written.
* \param ciphertext_size Size of the \p ciphertext buffer in bytes.
- * This must be at least
- * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) where
- * \c alg is the algorithm that is being
- * calculated.
+ * This must be appropriate for the selected
+ * algorithm and key:
+ * - A sufficient output size is
+ * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type,
+ * \c alg) where \c key_type is the type of key
+ * and \c alg is the algorithm that were used to
+ * set up the operation.
+ * - #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE evaluates to
+ * the maximum output size of any supported AEAD
+ * algorithm.
* \param[out] ciphertext_length On success, the number of bytes of
* returned ciphertext.
* \param[out] tag Buffer where the authentication tag is
* to be written.
* \param tag_size Size of the \p tag buffer in bytes.
- * This must be at least
- * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is
- * the algorithm that is being calculated.
+ * This must be appropriate for the selected
+ * algorithm and key:
+ * - The exact tag size is #PSA_AEAD_TAG_LENGTH(\c
+ * key_type, \c key_bits, \c alg) where
+ * \c key_type and \c key_bits are the type and
+ * bit-size of the key, and \c alg is the
+ * algorithm that were used in the call to
+ * psa_aead_encrypt_setup().
+ * - #PSA_AEAD_TAG_MAX_SIZE evaluates to the
+ * maximum tag size of any supported AEAD
+ * algorithm.
* \param[out] tag_length On success, the number of bytes
* that make up the returned tag.
*
@@ -2670,11 +2741,11 @@
* operation with a nonce set).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p ciphertext or \p tag buffer is too small.
- * You can determine a sufficient buffer size for \p ciphertext by
- * calling #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg)
- * where \c alg is the algorithm that is being calculated.
- * You can determine a sufficient buffer size for \p tag by
- * calling #PSA_AEAD_TAG_LENGTH(\c alg).
+ * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type, \c alg) or
+ * #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE can be used to determine the
+ * required \p ciphertext buffer size. #PSA_AEAD_TAG_LENGTH(\c key_type,
+ * \c key_bits, \c alg) or #PSA_AEAD_TAG_MAX_SIZE can be used to
+ * determine the required \p tag buffer size.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The total length of input to psa_aead_update_ad() so far is
* less than the additional data length that was previously
@@ -2733,10 +2804,15 @@
* that could not be processed until the end
* of the input.
* \param plaintext_size Size of the \p plaintext buffer in bytes.
- * This must be at least
- * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) where
- * \c alg is the algorithm that is being
- * calculated.
+ * This must be appropriate for the selected algorithm and key:
+ * - A sufficient output size is
+ * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type,
+ * \c alg) where \c key_type is the type of key
+ * and \c alg is the algorithm that were used to
+ * set up the operation.
+ * - #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE evaluates to
+ * the maximum output size of any supported AEAD
+ * algorithm.
* \param[out] plaintext_length On success, the number of bytes of
* returned plaintext.
* \param[in] tag Buffer containing the authentication tag.
@@ -2752,9 +2828,9 @@
* operation with a nonce set).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p plaintext buffer is too small.
- * You can determine a sufficient buffer size for \p plaintext by
- * calling #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg)
- * where \c alg is the algorithm that is being calculated.
+ * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type, \c alg) or
+ * #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE can be used to determine the
+ * required buffer size.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The total length of input to psa_aead_update_ad() so far is
* less than the additional data length that was previously
@@ -2814,11 +2890,129 @@
*/
/**
+ * \brief Sign a message with a private key. For hash-and-sign algorithms,
+ * this includes the hashing step.
+ *
+ * \note To perform a multi-part hash-and-sign signature algorithm, first use
+ * a multi-part hash operation and then pass the resulting hash to
+ * psa_sign_hash(). PSA_ALG_GET_HASH(\p alg) can be used to determine the
+ * hash algorithm to use.
+ *
+ * \param[in] key Identifier of the key to use for the operation.
+ * It must be an asymmetric key pair. The key must
+ * allow the usage #PSA_KEY_USAGE_SIGN_MESSAGE.
+ * \param[in] alg An asymmetric signature algorithm (PSA_ALG_XXX
+ * value such that #PSA_ALG_IS_SIGN_MESSAGE(\p alg)
+ * is true), that is compatible with the type of
+ * \p key.
+ * \param[in] input The input message to sign.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[out] signature Buffer where the signature is to be written.
+ * \param[in] signature_size Size of the \p signature buffer in bytes. This
+ * must be appropriate for the selected
+ * algorithm and key:
+ * - The required signature size is
+ * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ * where \c key_type and \c key_bits are the type and
+ * bit-size respectively of key.
+ * - #PSA_SIGNATURE_MAX_SIZE evaluates to the
+ * maximum signature size of any supported
+ * signature algorithm.
+ * \param[out] signature_length On success, the number of bytes that make up
+ * the returned signature value.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag,
+ * or it does not permit the requested algorithm.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p signature buffer is too small. You can
+ * determine a sufficient buffer size by calling
+ * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ * where \c key_type and \c key_bits are the type and bit-size
+ * respectively of \p key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_CORRUPT
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_sign_message( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * signature,
+ size_t signature_size,
+ size_t * signature_length );
+
+/** \brief Verify the signature of a message with a public key, using
+ * a hash-and-sign verification algorithm.
+ *
+ * \note To perform a multi-part hash-and-sign signature verification
+ * algorithm, first use a multi-part hash operation to hash the message
+ * and then pass the resulting hash to psa_verify_hash().
+ * PSA_ALG_GET_HASH(\p alg) can be used to determine the hash algorithm
+ * to use.
+ *
+ * \param[in] key Identifier of the key to use for the operation.
+ * It must be a public key or an asymmetric key
+ * pair. The key must allow the usage
+ * #PSA_KEY_USAGE_VERIFY_MESSAGE.
+ * \param[in] alg An asymmetric signature algorithm (PSA_ALG_XXX
+ * value such that #PSA_ALG_IS_SIGN_MESSAGE(\p alg)
+ * is true), that is compatible with the type of
+ * \p key.
+ * \param[in] input The message whose signature is to be verified.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[out] signature Buffer containing the signature to verify.
+ * \param[in] signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag,
+ * or it does not permit the requested algorithm.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The calculation was performed successfully, but the passed signature
+ * is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_CORRUPT
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_verify_message( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * signature,
+ size_t signature_length );
+
+/**
* \brief Sign a hash or short message with a private key.
*
* Note that to perform a hash-and-sign signature algorithm, you must
* first calculate the hash by calling psa_hash_setup(), psa_hash_update()
- * and psa_hash_finish(). Then pass the resulting hash as the \p hash
+ * and psa_hash_finish(), or alternatively by calling psa_hash_compute().
+ * Then pass the resulting hash as the \p hash
* parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
* to determine the hash algorithm to use.
*
@@ -2865,11 +3059,12 @@
size_t *signature_length);
/**
- * \brief Verify the signature a hash or short message using a public key.
+ * \brief Verify the signature of a hash or short message using a public key.
*
* Note that to perform a hash-and-sign signature algorithm, you must
* first calculate the hash by calling psa_hash_setup(), psa_hash_update()
- * and psa_hash_finish(). Then pass the resulting hash as the \p hash
+ * and psa_hash_finish(), or alternatively by calling psa_hash_compute().
+ * Then pass the resulting hash as the \p hash
* parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
* to determine the hash algorithm to use.
*
@@ -3443,7 +3638,8 @@
* state and must be aborted by calling psa_key_derivation_abort().
*
* How much output is produced and consumed from the operation, and how
- * the key is derived, depends on the key type:
+ * the key is derived, depends on the key type and on the key size
+ * (denoted \c bits below):
*
* - For key types for which the key is an arbitrary sequence of bytes
* of a given size, this function is functionally equivalent to
@@ -3453,7 +3649,7 @@
* if the implementation provides an isolation boundary then
* the key material is not exposed outside the isolation boundary.
* As a consequence, for these key types, this function always consumes
- * exactly (\p bits / 8) bytes from the operation.
+ * exactly (\c bits / 8) bytes from the operation.
* The following key types defined in this specification follow this scheme:
*
* - #PSA_KEY_TYPE_AES;
@@ -3474,8 +3670,8 @@
* string and process it as specified in RFC 7748 §5.
*
* - For key types for which the key is represented by a single sequence of
- * \p bits bits with constraints as to which bit sequences are acceptable,
- * this function draws a byte string of length (\p bits / 8) bytes rounded
+ * \c bits bits with constraints as to which bit sequences are acceptable,
+ * this function draws a byte string of length (\c bits / 8) bytes rounded
* up to the nearest whole number of bytes. If the resulting byte string
* is acceptable, it becomes the key, otherwise the drawn bytes are discarded.
* This process is repeated until an acceptable byte string is drawn.
@@ -3556,6 +3752,8 @@
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
* \retval #PSA_ERROR_STORAGE_FAILURE
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
@@ -3721,6 +3919,8 @@
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
* \retval #PSA_ERROR_STORAGE_FAILURE
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h
deleted file mode 100644
index 4488ea8..0000000
--- a/include/psa/crypto_accel_driver.h
+++ /dev/null
@@ -1,823 +0,0 @@
-/**
- * \file psa/crypto_accel_driver.h
- * \brief PSA cryptography accelerator driver module
- *
- * This header declares types and function signatures for cryptography
- * drivers that access key material directly. This is meant for
- * on-chip cryptography accelerators.
- *
- * This file is part of the PSA Crypto Driver Model, containing functions for
- * driver developers to implement to enable hardware to be called in a
- * standardized way by a PSA Cryptographic API implementation. The functions
- * comprising the driver model, which driver authors implement, are not
- * intended to be called by application developers.
- */
-
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef PSA_CRYPTO_ACCEL_DRIVER_H
-#define PSA_CRYPTO_ACCEL_DRIVER_H
-
-#include "crypto_driver_common.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/** \defgroup driver_digest Hardware-Accelerated Message Digests
- *
- * Generation and authentication of Message Digests (aka hashes) must be done
- * in parts using the following sequence:
- * - `psa_drv_hash_setup_t`
- * - `psa_drv_hash_update_t`
- * - `psa_drv_hash_update_t`
- * - ...
- * - `psa_drv_hash_finish_t`
- *
- * If a previously started Message Digest operation needs to be terminated
- * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted
- * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated
- * resources not being freed or in other undefined behavior.
- */
-/**@{*/
-
-/** \brief The hardware-specific hash context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here
- */
-typedef struct psa_drv_hash_context_s psa_drv_hash_context_t;
-
-/** \brief The function prototype for the start operation of a hash (message
- * digest) operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_setup
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying hash function
- *
- * \param[in,out] p_context A structure that will contain the
- * hardware-specific hash context
- *
- * \retval #PSA_SUCCESS Success.
- */
-typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context);
-
-/** \brief The function prototype for the update operation of a hash (message
- * digest) operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_update
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously-established hash operation to be
- * continued
- * \param[in] p_input A buffer containing the message to be appended
- * to the hash operation
- * \param[in] input_length The size in bytes of the input message buffer
- */
-typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context,
- const uint8_t *p_input,
- size_t input_length);
-
-/** \brief The function prototype for the finish operation of a hash (message
- * digest) operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_finish
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously started hash operation to be
- * fiinished
- * \param[out] p_output A buffer where the generated digest will be
- * placed
- * \param[in] output_size The size in bytes of the buffer that has been
- * allocated for the `p_output` buffer
- * \param[out] p_output_length The number of bytes placed in `p_output` after
- * success
- *
- * \retval #PSA_SUCCESS
- * Success.
- */
-typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context,
- uint8_t *p_output,
- size_t output_size,
- size_t *p_output_length);
-
-/** \brief The function prototype for the abort operation of a hash (message
- * digest) operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_abort
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context A hardware-specific structure for the previously
- * started hash operation to be aborted
- */
-typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context);
-
-/**@}*/
-
-/** \defgroup accel_mac Hardware-Accelerated Message Authentication Code
- * Generation and authentication of Message Authentication Codes (MACs) using
- * cryptographic accelerators can be done either as a single function call (via the
- * `psa_drv_accel_mac_generate_t` or `psa_drv_accel_mac_verify_t`
- * functions), or in parts using the following sequence:
- * - `psa_drv_accel_mac_setup_t`
- * - `psa_drv_accel_mac_update_t`
- * - `psa_drv_accel_mac_update_t`
- * - ...
- * - `psa_drv_accel_mac_finish_t` or `psa_drv_accel_mac_finish_verify_t`
- *
- * If a previously started MAC operation needs to be terminated, it
- * should be done so by the `psa_drv_accel_mac_abort_t`. Failure to do so may
- * result in allocated resources not being freed or in other undefined
- * behavior.
- *
- */
-/**@{*/
-
-/** \brief The hardware-accelerator-specific MAC context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here.
- */
-typedef struct psa_drv_accel_mac_context_s psa_drv_accel_mac_context_t;
-
-/** \brief The function prototype for the setup operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_setup
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
- * is the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context A structure that will contain the
- * hardware-specific MAC context
- * \param[in] p_key A buffer containing the cleartext key material
- * to be used in the operation
- * \param[in] key_length The size in bytes of the key material
- *
- * \retval #PSA_SUCCESS
- * Success.
- */
-typedef psa_status_t (*psa_drv_accel_mac_setup_t)(psa_drv_accel_mac_context_t *p_context,
- const uint8_t *p_key,
- size_t key_length);
-
-/** \brief The function prototype for the update operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_update
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
- * is the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously-established MAC operation to be
- * continued
- * \param[in] p_input A buffer containing the message to be appended
- * to the MAC operation
- * \param[in] input_length The size in bytes of the input message buffer
- */
-typedef psa_status_t (*psa_drv_accel_mac_update_t)(psa_drv_accel_mac_context_t *p_context,
- const uint8_t *p_input,
- size_t input_length);
-
-/** \brief The function prototype for the finish operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_finish
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously started MAC operation to be
- * finished
- * \param[out] p_mac A buffer where the generated MAC will be placed
- * \param[in] mac_length The size in bytes of the buffer that has been
- * allocated for the `p_mac` buffer
- *
- * \retval #PSA_SUCCESS
- * Success.
- */
-typedef psa_status_t (*psa_drv_accel_mac_finish_t)(psa_drv_accel_mac_context_t *p_context,
- uint8_t *p_mac,
- size_t mac_length);
-
-/** \brief The function prototype for the finish and verify operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_finish_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously started MAC operation to be
- * verified and finished
- * \param[in] p_mac A buffer containing the MAC that will be used
- * for verification
- * \param[in] mac_length The size in bytes of the data in the `p_mac`
- * buffer
- *
- * \retval #PSA_SUCCESS
- * The operation completed successfully and the comparison matched
- */
-typedef psa_status_t (*psa_drv_accel_mac_finish_verify_t)(psa_drv_accel_mac_context_t *p_context,
- const uint8_t *p_mac,
- size_t mac_length);
-
-/** \brief The function prototype for the abort operation for a previously
- * started hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_abort
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously started MAC operation to be
- * aborted
- *
- */
-typedef psa_status_t (*psa_drv_accel_mac_abort_t)(psa_drv_accel_mac_context_t *p_context);
-
-/** \brief The function prototype for the one-shot operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in] p_input A buffer containing the data to be MACed
- * \param[in] input_length The length in bytes of the `p_input` data
- * \param[in] p_key A buffer containing the key material to be used
- * for the MAC operation
- * \param[in] key_length The length in bytes of the `p_key` data
- * \param[in] alg The algorithm to be performed
- * \param[out] p_mac The buffer where the resulting MAC will be placed
- * upon success
- * \param[in] mac_length The length in bytes of the `p_mac` buffer
- */
-typedef psa_status_t (*psa_drv_accel_mac_t)(const uint8_t *p_input,
- size_t input_length,
- const uint8_t *p_key,
- size_t key_length,
- psa_algorithm_t alg,
- uint8_t *p_mac,
- size_t mac_length);
-
-/** \brief The function prototype for the one-shot hardware-accelerated MAC
- * Verify operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in] p_input A buffer containing the data to be MACed
- * \param[in] input_length The length in bytes of the `p_input` data
- * \param[in] p_key A buffer containing the key material to be used
- * for the MAC operation
- * \param[in] key_length The length in bytes of the `p_key` data
- * \param[in] alg The algorithm to be performed
- * \param[in] p_mac The MAC data to be compared
- * \param[in] mac_length The length in bytes of the `p_mac` buffer
- *
- * \retval #PSA_SUCCESS
- * The operation completed successfully and the comparison matched
- */
-typedef psa_status_t (*psa_drv_accel_mac_verify_t)(const uint8_t *p_input,
- size_t input_length,
- const uint8_t *p_key,
- size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *p_mac,
- size_t mac_length);
-/**@}*/
-
-/** \defgroup accel_cipher Hardware-Accelerated Block Ciphers
- * Encryption and Decryption using hardware-acceleration in block modes other
- * than ECB must be done in multiple parts, using the following flow:
- * - `psa_drv_accel_ciphersetup_t`
- * - `psa_drv_accel_cipher_set_iv_t` (optional depending upon block mode)
- * - `psa_drv_accel_cipher_update_t`
- * - `psa_drv_accel_cipher_update_t`
- * - ...
- * - `psa_drv_accel_cipher_finish_t`
- *
- * If a previously started hardware-accelerated Cipher operation needs to be
- * terminated, it should be done so by the `psa_drv_accel_cipher_abort_t`.
- * Failure to do so may result in allocated resources not being freed or in
- * other undefined behavior.
- */
-/**@{*/
-
-/** \brief The hardware-accelerator-specific cipher context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here.
- */
-typedef struct psa_drv_accel_cipher_context_s psa_drv_accel_cipher_context_t;
-
-/** \brief The function prototype for the setup operation of
- * hardware-accelerated block cipher operations.
- * Functions that implement this prototype should be named in the following
- * conventions:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_setup_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * For stream ciphers:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_setup_<CIPHER_NAME>
- * ~~~~~~~~~~~~~
- * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
- *
- * \param[in,out] p_context A structure that will contain the
- * hardware-specific cipher context
- * \param[in] direction Indicates if the operation is an encrypt or a
- * decrypt
- * \param[in] p_key_data A buffer containing the cleartext key material
- * to be used in the operation
- * \param[in] key_data_size The size in bytes of the key material
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_setup_t)(psa_drv_accel_cipher_context_t *p_context,
- psa_encrypt_or_decrypt_t direction,
- const uint8_t *p_key_data,
- size_t key_data_size);
-
-/** \brief The function prototype for the set initialization vector operation
- * of hardware-accelerated block cipher operations
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_set_iv_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context A structure that contains the previously setup
- * hardware-specific cipher context
- * \param[in] p_iv A buffer containing the initialization vecotr
- * \param[in] iv_length The size in bytes of the contents of `p_iv`
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_set_iv_t)(psa_drv_accel_cipher_context_t *p_context,
- const uint8_t *p_iv,
- size_t iv_length);
-
-/** \brief The function prototype for the update operation of
- * hardware-accelerated block cipher operations.
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_update_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously started cipher operation
- * \param[in] p_input A buffer containing the data to be
- * encrypted or decrypted
- * \param[in] input_size The size in bytes of the `p_input` buffer
- * \param[out] p_output A caller-allocated buffer where the
- * generated output will be placed
- * \param[in] output_size The size in bytes of the `p_output` buffer
- * \param[out] p_output_length After completion, will contain the number
- * of bytes placed in the `p_output` buffer
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_update_t)(psa_drv_accel_cipher_context_t *p_context,
- const uint8_t *p_input,
- size_t input_size,
- uint8_t *p_output,
- size_t output_size,
- size_t *p_output_length);
-
-/** \brief The function prototype for the finish operation of
- * hardware-accelerated block cipher operations.
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_finish_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously started cipher operation
- * \param[out] p_output A caller-allocated buffer where the generated
- * output will be placed
- * \param[in] output_size The size in bytes of the `p_output` buffer
- * \param[out] p_output_length After completion, will contain the number of
- * bytes placed in the `p_output` buffer
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_finish_t)(psa_drv_accel_cipher_context_t *p_context,
- uint8_t *p_output,
- size_t output_size,
- size_t *p_output_length);
-
-/** \brief The function prototype for the abort operation of
- * hardware-accelerated block cipher operations.
- *
- * Functions that implement the following prototype should be named in the
- * following convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_abort_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context A hardware-specific structure for the
- * previously started cipher operation
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_abort_t)(psa_drv_accel_cipher_context_t *p_context);
-
-/**@}*/
-
-/** \defgroup accel_aead Hardware-Accelerated Authenticated Encryption with Additional Data
- *
- * Hardware-accelerated Authenticated Encryption with Additional Data (AEAD)
- * operations must be done in one function call. While this creates a burden
- * for implementers as there must be sufficient space in memory for the entire
- * message, it prevents decrypted data from being made available before the
- * authentication operation is complete and the data is known to be authentic.
- */
-/**@{*/
-
-/** \brief The function prototype for the hardware-accelerated authenticated
- * encryption operation.
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_aead_<ALGO>_encrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the AEAD algorithm
- *
- * \param[in] p_key A pointer to the key material
- * \param[in] key_length The size in bytes of the key material
- * \param[in] alg The AEAD algorithm to compute
- * (\c PSA_ALG_XXX value such that
- * #PSA_ALG_IS_AEAD(`alg`) is true)
- * \param[in] nonce Nonce or IV to use
- * \param[in] nonce_length Size of the `nonce` buffer in bytes
- * \param[in] additional_data Additional data that will be MACed
- * but not encrypted.
- * \param[in] additional_data_length Size of `additional_data` in bytes
- * \param[in] plaintext Data that will be MACed and
- * encrypted.
- * \param[in] plaintext_length Size of `plaintext` in bytes
- * \param[out] ciphertext Output buffer for the authenticated and
- * encrypted data. The additional data is
- * not part of this output. For algorithms
- * where the encrypted data and the
- * authentication tag are defined as
- * separate outputs, the authentication
- * tag is appended to the encrypted data.
- * \param[in] ciphertext_size Size of the `ciphertext` buffer in
- * bytes
- * This must be at least
- * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`,
- * `plaintext_length`).
- * \param[out] ciphertext_length On success, the size of the output in
- * the `ciphertext` buffer
- *
- * \retval #PSA_SUCCESS
- *
- */
-typedef psa_status_t (*psa_drv_accel_aead_encrypt_t)(const uint8_t *p_key,
- size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *nonce,
- size_t nonce_length,
- const uint8_t *additional_data,
- size_t additional_data_length,
- const uint8_t *plaintext,
- size_t plaintext_length,
- uint8_t *ciphertext,
- size_t ciphertext_size,
- size_t *ciphertext_length);
-
-/** \brief The function prototype for the hardware-accelerated authenticated
- * decryption operation.
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_aead_<ALGO>_decrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the AEAD algorithm
- * \param[in] p_key A pointer to the key material
- * \param[in] key_length The size in bytes of the key material
- * \param[in] alg The AEAD algorithm to compute
- * (\c PSA_ALG_XXX value such that
- * #PSA_ALG_IS_AEAD(`alg`) is true)
- * \param[in] nonce Nonce or IV to use
- * \param[in] nonce_length Size of the `nonce` buffer in bytes
- * \param[in] additional_data Additional data that has been MACed
- * but not encrypted
- * \param[in] additional_data_length Size of `additional_data` in bytes
- * \param[in] ciphertext Data that has been MACed and
- * encrypted
- * For algorithms where the encrypted data
- * and the authentication tag are defined
- * as separate inputs, the buffer must
- * contain the encrypted data followed by
- * the authentication tag.
- * \param[in] ciphertext_length Size of `ciphertext` in bytes
- * \param[out] plaintext Output buffer for the decrypted data
- * \param[in] plaintext_size Size of the `plaintext` buffer in
- * bytes
- * This must be at least
- * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`,
- * `ciphertext_length`).
- * \param[out] plaintext_length On success, the size of the output
- * in the \b plaintext buffer
- *
- * \retval #PSA_SUCCESS
- * Success.
- */
-typedef psa_status_t (*psa_drv_accel_aead_decrypt_t)(const uint8_t *p_key,
- size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *nonce,
- size_t nonce_length,
- const uint8_t *additional_data,
- size_t additional_data_length,
- const uint8_t *ciphertext,
- size_t ciphertext_length,
- uint8_t *plaintext,
- size_t plaintext_size,
- size_t *plaintext_length);
-
-/**@}*/
-
-/** \defgroup accel_asymmetric Hardware-Accelerated Asymmetric Cryptography
- *
- * Since the amount of data that can (or should) be encrypted or signed using
- * asymmetric keys is limited by the key size, hardware-accelerated asymmetric
- * key operations must be done in single function calls.
- */
-/**@{*/
-
-
-/**
- * \brief The function prototype for the hardware-accelerated asymmetric sign
- * operation.
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_asymmetric_<ALGO>_sign
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the signing algorithm
- *
- * This function supports any asymmetric-key output from psa_export_key() as
- * the buffer in \p p_key. Refer to the documentation of \ref
- * psa_export_key() for the formats.
- *
- * \param[in] p_key A buffer containing the private key
- * material
- * \param[in] key_size The size in bytes of the `p_key` data
- * \param[in] alg A signature algorithm that is compatible
- * with the type of `p_key`
- * \param[in] p_hash The hash or message to sign
- * \param[in] hash_length Size of the `p_hash` buffer in bytes
- * \param[out] p_signature Buffer where the signature is to be written
- * \param[in] signature_size Size of the `p_signature` buffer in bytes
- * \param[out] p_signature_length On success, the number of bytes
- * that make up the returned signature value
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key,
- size_t key_size,
- psa_algorithm_t alg,
- psa_key_type_t key_type,
- const uint8_t *p_hash,
- size_t hash_length,
- uint8_t *p_signature,
- size_t signature_size,
- size_t *p_signature_length);
-
-/**
- * \brief The function prototype for the hardware-accelerated signature verify
- * operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_asymmetric_<ALGO>_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the signing algorithm
- *
- * This function supports any output from \ref psa_export_public_key() as the
- * buffer in \p p_key. Refer to the documentation of \ref
- * psa_export_public_key() for the format of public keys and to the
- * documentation of \ref psa_export_key() for the format for other key types.
- *
- * \param[in] p_key A buffer containing the public key material
- * \param[in] key_size The size in bytes of the `p_key` data
- * \param[in] alg A signature algorithm that is compatible with
- * the type of `key`
- * \param[in] p_hash The hash or message whose signature is to be
- * verified
- * \param[in] hash_length Size of the `p_hash` buffer in bytes
- * \param[in] p_signature Buffer containing the signature to verify
- * \param[in] signature_length Size of the `p_signature` buffer in bytes
- *
- * \retval #PSA_SUCCESS
- * The signature is valid.
- */
-typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key,
- size_t key_size,
- psa_algorithm_t alg,
- psa_key_type_t key_type,
- const uint8_t *p_hash,
- size_t hash_length,
- const uint8_t *p_signature,
- size_t signature_length);
-
-/**
- * \brief The function prototype for the hardware-accelerated asymmetric
- * encrypt operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_asymmetric_<ALGO>_encrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the encryption algorithm
- *
- * This function supports any output from \ref psa_export_public_key() as the
- * buffer in \p p_key. Refer to the documentation of \ref
- * psa_export_public_key() for the format of public keys and to the
- * documentation of \ref psa_export_key() for the format for other key types.
- *
- * \param[in] p_key A buffer containing the public key material
- * \param[in] key_size The size in bytes of the `p_key` data
- * \param[in] alg An asymmetric encryption algorithm that is
- * compatible with the type of `key`
- * \param[in] p_input The message to encrypt
- * \param[in] input_length Size of the `p_input` buffer in bytes
- * \param[in] p_salt A salt or label, if supported by the
- * encryption algorithm
- * If the algorithm does not support a
- * salt, pass `NULL`
- * If the algorithm supports an optional
- * salt and you do not want to pass a salt,
- * pass `NULL`.
- * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- * supported.
- * \param[in] salt_length Size of the `p_salt` buffer in bytes
- * If `p_salt` is `NULL`, pass 0.
- * \param[out] p_output Buffer where the encrypted message is to
- * be written
- * \param[in] output_size Size of the `p_output` buffer in bytes
- * \param[out] p_output_length On success, the number of bytes
- * that make up the returned output
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key,
- size_t key_size,
- psa_algorithm_t alg,
- psa_key_type_t key_type,
- const uint8_t *p_input,
- size_t input_length,
- const uint8_t *p_salt,
- size_t salt_length,
- uint8_t *p_output,
- size_t output_size,
- size_t *p_output_length);
-
-/**
- * \brief The function prototype for the hardware=acce;erated asymmetric
- * decrypt operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_asymmetric_<ALGO>_decrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the encryption algorithm
- *
- * This function supports any asymmetric-key output from psa_export_key() as
- * the buffer in \p p_key. Refer to the documentation of \ref
- * psa_export_key() for the formats.
- *
- * \param[in] p_key A buffer containing the private key material
- * \param[in] key_size The size in bytes of the `p_key` data
- * \param[in] alg An asymmetric encryption algorithm that is
- * compatible with the type of `key`
- * \param[in] p_input The message to decrypt
- * \param[in] input_length Size of the `p_input` buffer in bytes
- * \param[in] p_salt A salt or label, if supported by the
- * encryption algorithm
- * If the algorithm does not support a
- * salt, pass `NULL`.
- * If the algorithm supports an optional
- * salt and you do not want to pass a salt,
- * pass `NULL`.
- * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- * supported
- * \param[in] salt_length Size of the `p_salt` buffer in bytes
- * If `p_salt` is `NULL`, pass 0
- * \param[out] p_output Buffer where the decrypted message is to
- * be written
- * \param[in] output_size Size of the `p_output` buffer in bytes
- * \param[out] p_output_length On success, the number of bytes
- * that make up the returned output
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_asymmetric_decrypt_t)(const uint8_t *p_key,
- size_t key_size,
- psa_algorithm_t alg,
- psa_key_type_t key_type,
- const uint8_t *p_input,
- size_t input_length,
- const uint8_t *p_salt,
- size_t salt_length,
- uint8_t *p_output,
- size_t output_size,
- size_t *p_output_length);
-
-/**@}*/
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_ACCEL_DRIVER_H */
diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h
new file mode 100644
index 0000000..1d11b00
--- /dev/null
+++ b/include/psa/crypto_builtin_composites.h
@@ -0,0 +1,92 @@
+/*
+ * Context structure declaration of the Mbed TLS software-based PSA drivers
+ * called through the PSA Crypto driver dispatch layer.
+ * This file contains the context structures of those algorithms which need to
+ * rely on other algorithms, i.e. are 'composite' algorithms.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the Mbed TLS software-based PSA drivers. The
+ * definition of these objects are then used by crypto_struct.h to define the
+ * implementation-defined types of PSA multi-part state objects.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H
+#define PSA_CRYPTO_BUILTIN_COMPOSITES_H
+
+#include <psa/crypto_driver_common.h>
+
+/*
+ * MAC multi-part operation definitions.
+ */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
+#define MBEDTLS_PSA_BUILTIN_MAC
+#endif
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
+typedef struct
+{
+ /** The HMAC algorithm in use */
+ psa_algorithm_t alg;
+ /** The hash context. */
+ struct psa_hash_operation_s hash_ctx;
+ /** The HMAC part of the context. */
+ uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
+} mbedtls_psa_hmac_operation_t;
+
+#define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+
+#include "mbedtls/cmac.h"
+
+typedef struct
+{
+ psa_algorithm_t alg;
+ union
+ {
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
+ mbedtls_psa_hmac_operation_t hmac;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
+ mbedtls_cipher_context_t cmac;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+ } ctx;
+} mbedtls_psa_mac_operation_t;
+
+#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}}
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
+ */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+typedef mbedtls_psa_mac_operation_t mbedtls_transparent_test_driver_mac_operation_t;
+typedef mbedtls_psa_mac_operation_t mbedtls_opaque_test_driver_mac_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
+#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
new file mode 100644
index 0000000..d7a69e5
--- /dev/null
+++ b/include/psa/crypto_builtin_primitives.h
@@ -0,0 +1,149 @@
+/*
+ * Context structure declaration of the Mbed TLS software-based PSA drivers
+ * called through the PSA Crypto driver dispatch layer.
+ * This file contains the context structures of those algorithms which do not
+ * rely on other algorithms, i.e. are 'primitive' algorithms.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the Mbed TLS software-based PSA drivers. The
+ * definition of these objects are then used by crypto_struct.h to define the
+ * implementation-defined types of PSA multi-part state objects.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_BUILTIN_PRIMITIVES_H
+#define PSA_CRYPTO_BUILTIN_PRIMITIVES_H
+
+#include <psa/crypto_driver_common.h>
+
+/*
+ * Hash multi-part operation definitions.
+ */
+
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+#define MBEDTLS_PSA_BUILTIN_HASH
+#endif
+
+typedef struct
+{
+ psa_algorithm_t alg;
+ union
+ {
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_MD2_C)
+ mbedtls_md2_context md2;
+#endif
+#if defined(MBEDTLS_MD4_C)
+ mbedtls_md4_context md4;
+#endif
+#if defined(MBEDTLS_MD5_C)
+ mbedtls_md5_context md5;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ mbedtls_ripemd160_context ripemd160;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ mbedtls_sha1_context sha1;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ mbedtls_sha256_context sha256;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ mbedtls_sha512_context sha512;
+#endif
+ } ctx;
+} mbedtls_psa_hash_operation_t;
+
+#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}}
+
+/*
+ * Cipher multi-part operation definitions.
+ */
+
+#include "mbedtls/cipher.h"
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_XTS) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
+#define MBEDTLS_PSA_BUILTIN_CIPHER 1
+#endif
+
+typedef struct {
+ /* Context structure for the Mbed TLS cipher implementation. */
+ psa_algorithm_t alg;
+ uint8_t iv_length;
+ uint8_t block_length;
+ union {
+ unsigned int dummy;
+ mbedtls_cipher_context_t cipher;
+ } ctx;
+} mbedtls_psa_cipher_operation_t;
+
+#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
+ */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT
+
+typedef mbedtls_psa_cipher_operation_t
+ mbedtls_transparent_test_driver_cipher_operation_t;
+
+typedef struct {
+ unsigned int initialised : 1;
+ mbedtls_transparent_test_driver_cipher_operation_t ctx;
+} mbedtls_opaque_test_driver_cipher_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
+ MBEDTLS_PSA_CIPHER_OPERATION_INIT
+
+#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
+ { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */
diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h
index 86aa271..09ac488 100644
--- a/include/psa/crypto_compat.h
+++ b/include/psa/crypto_compat.h
@@ -44,7 +44,7 @@
#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT
-/** Check wether an handle is null.
+/** Check whether an handle is null.
*
* \param handle Handle
*
@@ -73,6 +73,7 @@
typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t mbedtls_deprecated_psa_dh_family_t;
typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t psa_ecc_curve_t;
typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t psa_dh_group_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_algorithm_t mbedtls_deprecated_psa_algorithm_t;
#define PSA_KEY_TYPE_GET_CURVE PSA_KEY_TYPE_ECC_GET_FAMILY
#define PSA_KEY_TYPE_GET_GROUP PSA_KEY_TYPE_DH_GET_FAMILY
@@ -109,6 +110,18 @@
MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE )
#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \
MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) )
+#define PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) )
+#define PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ) )
+#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE )
+#define PSA_HASH_SIZE( alg ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_HASH_LENGTH( alg ) )
+#define PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_MAC_LENGTH( key_type, key_bits, alg ) )
+#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE )
/*
* Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3)
@@ -240,6 +253,169 @@
#define PSA_DH_GROUP_CUSTOM \
MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_CUSTOM )
+/*
+ * Deprecated PSA Crypto stream cipher algorithms (PSA Crypto API <= 1.0 beta3)
+ */
+#define PSA_ALG_ARC4 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_STREAM_CIPHER )
+#define PSA_ALG_CHACHA20 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_STREAM_CIPHER )
+
+/*
+ * Renamed AEAD tag length macros (PSA Crypto API <= 1.0 beta3)
+ */
+#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( aead_alg ) \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( aead_alg ) )
+#define PSA_ALG_AEAD_WITH_TAG_LENGTH( aead_alg, tag_length ) \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_SHORTENED_TAG( aead_alg, tag_length ) )
+
+/*
+ * Deprecated PSA AEAD output size macros (PSA Crypto API <= 1.0 beta3)
+ */
+
+/** The tag size for an AEAD algorithm, in bytes.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return The tag size for the specified algorithm.
+ * If the AEAD algorithm does not have an identified
+ * tag that can be distinguished from the rest of
+ * the ciphertext, return 0.
+ * If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_TAG_LENGTH_1_ARG( alg ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, \
+ PSA_ALG_IS_AEAD( alg ) ? \
+ PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \
+ 0 )
+
+/** The maximum size of the output of psa_aead_encrypt(), in bytes.
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_encrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the ciphertext may be smaller.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param plaintext_length Size of the plaintext in bytes.
+ *
+ * \return The AEAD ciphertext size for the specified
+ * algorithm.
+ * If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG( alg, plaintext_length ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, \
+ PSA_ALG_IS_AEAD( alg ) ? \
+ (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \
+ 0 )
+
+/** The maximum size of the output of psa_aead_decrypt(), in bytes.
+ *
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_decrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the plaintext may be smaller.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param ciphertext_length Size of the plaintext in bytes.
+ *
+ * \return The AEAD ciphertext size for the specified
+ * algorithm.
+ * If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, \
+ PSA_ALG_IS_AEAD( alg ) && \
+ (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) ? \
+ (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \
+ 0 )
+
+/** A sufficient output buffer size for psa_aead_update().
+ *
+ * If the size of the output buffer is at least this large, it is
+ * guaranteed that psa_aead_update() will not fail due to an
+ * insufficient buffer size. The actual size of the output may be smaller
+ * in any given call.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param input_length Size of the input in bytes.
+ *
+ * \return A sufficient output buffer size for the specified
+ * algorithm.
+ * If the AEAD algorithm is not recognized, return 0.
+ */
+/* For all the AEAD modes defined in this specification, it is possible
+ * to emit output without delay. However, hardware may not always be
+ * capable of this. So for modes based on a block cipher, allow the
+ * implementation to delay the output until it has a full block. */
+#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG( alg, input_length ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \
+ PSA_ROUND_UP_TO_MULTIPLE( PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length) ) : \
+ (input_length) )
+
+/** A sufficient ciphertext buffer size for psa_aead_finish().
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_finish() will not fail due to an
+ * insufficient ciphertext buffer size. The actual size of the output may
+ * be smaller in any given call.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return A sufficient ciphertext buffer size for the
+ * specified algorithm.
+ * If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG( alg ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \
+ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
+ 0 )
+
+/** A sufficient plaintext buffer size for psa_aead_verify().
+ *
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_verify() will not fail due to an
+ * insufficient plaintext buffer size. The actual size of the output may
+ * be smaller in any given call.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return A sufficient plaintext buffer size for the
+ * specified algorithm.
+ * If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG( alg ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \
+ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
+ 0 )
+
#endif /* MBEDTLS_DEPRECATED_REMOVED */
/** Open a handle to an existing persistent key.
@@ -284,9 +460,9 @@
* number of open keys, the number of open key handles, or available
* memory.
* \retval #PSA_ERROR_DOES_NOT_EXIST
- * There is no persistent key with key identifier \p id.
+ * There is no persistent key with key identifier \p key.
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p id is not a valid persistent key identifier.
+ * \p key is not a valid persistent key identifier.
* \retval #PSA_ERROR_NOT_PERMITTED
* The specified key exists, but the application does not have the
* permission to access it. Note that this specification does not
@@ -295,6 +471,8 @@
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index cf7f63a..246e894 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -50,14 +50,29 @@
#ifndef PSA_CRYPTO_CONFIG_H
#define PSA_CRYPTO_CONFIG_H
+/*
+ * CBC-MAC is not yet supported via the PSA API in Mbed TLS.
+ */
+//#define PSA_WANT_ALG_CBC_MAC 1
+#define PSA_WANT_ALG_CBC_NO_PADDING 1
+#define PSA_WANT_ALG_CBC_PKCS7 1
+#define PSA_WANT_ALG_CCM 1
+#define PSA_WANT_ALG_CMAC 1
+#define PSA_WANT_ALG_CFB 1
+#define PSA_WANT_ALG_CHACHA20_POLY1305 1
+#define PSA_WANT_ALG_CMAC 1
+#define PSA_WANT_ALG_CTR 1
#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
+#define PSA_WANT_ALG_ECB_NO_PADDING 1
#define PSA_WANT_ALG_ECDH 1
#define PSA_WANT_ALG_ECDSA 1
+#define PSA_WANT_ALG_GCM 1
#define PSA_WANT_ALG_HKDF 1
#define PSA_WANT_ALG_HMAC 1
#define PSA_WANT_ALG_MD2 1
#define PSA_WANT_ALG_MD4 1
#define PSA_WANT_ALG_MD5 1
+#define PSA_WANT_ALG_OFB 1
#define PSA_WANT_ALG_RIPEMD160 1
#define PSA_WANT_ALG_RSA_OAEP 1
#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
@@ -68,10 +83,45 @@
#define PSA_WANT_ALG_SHA_256 1
#define PSA_WANT_ALG_SHA_384 1
#define PSA_WANT_ALG_SHA_512 1
+#define PSA_WANT_ALG_STREAM_CIPHER 1
#define PSA_WANT_ALG_TLS12_PRF 1
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
+#define PSA_WANT_ALG_XTS 1
+
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
+#define PSA_WANT_ECC_MONTGOMERY_255 1
+/*
+ * Curve448 is not yet supported via the PSA API in Mbed TLS
+ * (https://github.com/ARMmbed/mbedtls/issues/4249). Thus, do not enable it by
+ * default.
+ */
+//#define PSA_WANT_ECC_MONTGOMERY_448 1
+#define PSA_WANT_ECC_SECP_K1_192 1
+/*
+ * SECP224K1 is buggy via the PSA API in Mbed TLS
+ * (https://github.com/ARMmbed/mbedtls/issues/3541). Thus, do not enable it by
+ * default.
+ */
+//#define PSA_WANT_ECC_SECP_K1_224 1
+#define PSA_WANT_ECC_SECP_K1_256 1
+#define PSA_WANT_ECC_SECP_R1_192 1
+#define PSA_WANT_ECC_SECP_R1_224 1
+#define PSA_WANT_ECC_SECP_R1_256 1
+#define PSA_WANT_ECC_SECP_R1_384 1
+#define PSA_WANT_ECC_SECP_R1_521 1
+
+#define PSA_WANT_KEY_TYPE_DERIVE 1
+#define PSA_WANT_KEY_TYPE_HMAC 1
+#define PSA_WANT_KEY_TYPE_AES 1
+#define PSA_WANT_KEY_TYPE_ARC4 1
+#define PSA_WANT_KEY_TYPE_CAMELLIA 1
+#define PSA_WANT_KEY_TYPE_CHACHA20 1
+#define PSA_WANT_KEY_TYPE_DES 1
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
+#define PSA_WANT_KEY_TYPE_RAW_DATA 1
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h
index 2ce75d2..1b6f322 100644
--- a/include/psa/crypto_driver_common.h
+++ b/include/psa/crypto_driver_common.h
@@ -5,9 +5,8 @@
* This file contains common definitions shared by all PSA crypto drivers.
* Do not include it directly: instead, include the header file(s) for
* the type(s) of driver that you are implementing. For example, if
- * you are writing a driver for a chip that provides both a hardware
- * random generator and an accelerator for some cryptographic algorithms,
- * include `psa/crypto_entropy_driver.h` and `psa/crypto_accel_driver.h`.
+ * you are writing a dynamically registered driver for a secure element,
+ * include `psa/crypto_se_driver.h`.
*
* This file is part of the PSA Crypto Driver Model, containing functions for
* driver developers to implement to enable hardware to be called in a
diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h
new file mode 100644
index 0000000..239fdcb
--- /dev/null
+++ b/include/psa/crypto_driver_contexts_composites.h
@@ -0,0 +1,62 @@
+/*
+ * Declaration of context structures for use with the PSA driver wrapper
+ * interface. This file contains the context structures for 'composite'
+ * operations, i.e. those operations which need to make use of other operations
+ * from the primitives (crypto_driver_contexts_primitives.h)
+ *
+ * Warning: This file will be auto-generated in the future.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the PSA drivers included in the cryptographic
+ * library. The definition of these objects are then used by crypto_struct.h
+ * to define the implementation-defined types of PSA multi-part state objects.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H
+#define PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H
+
+#include "psa/crypto_driver_common.h"
+
+/* Include the context structure definitions for those drivers that were
+ * declared during the autogeneration process. */
+
+/* Include the context structure definitions for the Mbed TLS software drivers */
+#include "psa/crypto_builtin_composites.h"
+
+/* Define the context to be used for an operation that is executed through the
+ * PSA Driver wrapper layer as the union of all possible driver's contexts.
+ *
+ * The union members are the driver's context structures, and the member names
+ * are formatted as `'drivername'_ctx`. This allows for procedural generation
+ * of both this file and the content of psa_crypto_driver_wrappers.c */
+
+typedef union {
+ unsigned dummy; /* Make sure this union is always non-empty */
+ mbedtls_psa_mac_operation_t mbedtls_ctx;
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ mbedtls_transparent_test_driver_mac_operation_t transparent_test_driver_ctx;
+ mbedtls_opaque_test_driver_mac_operation_t opaque_test_driver_ctx;
+#endif
+} psa_driver_mac_context_t;
+
+#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H */
+/* End of automatically generated file. */
diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h
new file mode 100644
index 0000000..104d4bd
--- /dev/null
+++ b/include/psa/crypto_driver_contexts_primitives.h
@@ -0,0 +1,69 @@
+/*
+ * Declaration of context structures for use with the PSA driver wrapper
+ * interface. This file contains the context structures for 'primitive'
+ * operations, i.e. those operations which do not rely on other contexts.
+ *
+ * Warning: This file will be auto-generated in the future.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the PSA drivers included in the cryptographic
+ * library. The definition of these objects are then used by crypto_struct.h
+ * to define the implementation-defined types of PSA multi-part state objects.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H
+#define PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H
+
+#include "psa/crypto_driver_common.h"
+
+/* Include the context structure definitions for those drivers that were
+ * declared during the autogeneration process. */
+
+/* Include the context structure definitions for the Mbed TLS software drivers */
+#include "psa/crypto_builtin_primitives.h"
+
+/* Define the context to be used for an operation that is executed through the
+ * PSA Driver wrapper layer as the union of all possible driver's contexts.
+ *
+ * The union members are the driver's context structures, and the member names
+ * are formatted as `'drivername'_ctx`. This allows for procedural generation
+ * of both this file and the content of psa_crypto_driver_wrappers.c */
+
+typedef union {
+ unsigned dummy; /* Make sure this union is always non-empty */
+ mbedtls_psa_hash_operation_t mbedtls_ctx;
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ mbedtls_transparent_test_driver_hash_operation_t test_driver_ctx;
+#endif
+} psa_driver_hash_context_t;
+
+typedef union {
+ unsigned dummy; /* Make sure this union is always non-empty */
+ mbedtls_psa_cipher_operation_t mbedtls_ctx;
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ mbedtls_transparent_test_driver_cipher_operation_t transparent_test_driver_ctx;
+ mbedtls_opaque_test_driver_cipher_operation_t opaque_test_driver_ctx;
+#endif
+} psa_driver_cipher_context_t;
+
+#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H */
+/* End of automatically generated file. */
diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h
deleted file mode 100644
index 9b6546e..0000000
--- a/include/psa/crypto_entropy_driver.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/**
- * \file psa/crypto_entropy_driver.h
- * \brief PSA entropy source driver module
- *
- * This header declares types and function signatures for entropy sources.
- *
- * This file is part of the PSA Crypto Driver Model, containing functions for
- * driver developers to implement to enable hardware to be called in a
- * standardized way by a PSA Cryptographic API implementation. The functions
- * comprising the driver model, which driver authors implement, are not
- * intended to be called by application developers.
- */
-
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef PSA_CRYPTO_ENTROPY_DRIVER_H
-#define PSA_CRYPTO_ENTROPY_DRIVER_H
-
-#include "crypto_driver_common.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/** \defgroup driver_rng Entropy Generation
- */
-/**@{*/
-
-/** \brief Initialize an entropy driver
- *
- *
- * \param[in,out] p_context A hardware-specific structure
- * containing any context information for
- * the implementation
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_entropy_init_t)(void *p_context);
-
-/** \brief Get a specified number of bits from the entropy source
- *
- * It retrives `buffer_size` bytes of data from the entropy source. The entropy
- * source will always fill the provided buffer to its full size, however, most
- * entropy sources have biases, and the actual amount of entropy contained in
- * the buffer will be less than the number of bytes.
- * The driver will return the actual number of bytes of entropy placed in the
- * buffer in `p_received_entropy_bytes`.
- * A PSA Crypto API implementation will likely feed the output of this function
- * into a Digital Random Bit Generator (DRBG), and typically has a minimum
- * amount of entropy that it needs.
- * To accomplish this, the PSA Crypto implementation should be designed to call
- * this function multiple times until it has received the required amount of
- * entropy from the entropy source.
- *
- * \param[in,out] p_context A hardware-specific structure
- * containing any context information
- * for the implementation
- * \param[out] p_buffer A caller-allocated buffer for the
- * retrieved entropy to be placed in
- * \param[in] buffer_size The allocated size of `p_buffer`
- * \param[out] p_received_entropy_bits The amount of entropy (in bits)
- * actually provided in `p_buffer`
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_entropy_get_bits_t)(void *p_context,
- uint8_t *p_buffer,
- uint32_t buffer_size,
- uint32_t *p_received_entropy_bits);
-
-/**
- * \brief A struct containing all of the function pointers needed to interface
- * to an entropy source
- *
- * PSA Crypto API implementations should populate instances of the table as
- * appropriate upon startup.
- *
- * If one of the functions is not implemented, it should be set to NULL.
- */
-typedef struct {
- /** The driver-specific size of the entropy context */
- const size_t context_size;
- /** Function that performs initialization for the entropy source */
- psa_drv_entropy_init_t p_init;
- /** Function that performs the get_bits operation for the entropy source */
- psa_drv_entropy_get_bits_t p_get_bits;
-} psa_drv_entropy_t;
-/**@}*/
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_ENTROPY_DRIVER_H */
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index b25addc..1310bb5 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -39,6 +39,10 @@
/* UID for secure storage seed */
#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
+/* See config.h for definition */
+#if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
+#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
+#endif
/** \addtogroup attributes
* @{
@@ -175,6 +179,9 @@
* The secure element driver for the specified lifetime does not
* support registering a key.
* \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The identifier in \p attributes is invalid, namely the identifier is
+ * not in the user range.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
* \p attributes specifies a lifetime which is not located
* in a secure element.
* \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -183,8 +190,10 @@
* \retval #PSA_ERROR_NOT_PERMITTED
* The caller is not authorized to register the specified key slot.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
@@ -353,7 +362,7 @@
#define PSA_KEY_TYPE_IS_DSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
-#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000)
+#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400)
/** DSA signature with hashing.
*
* This is the signature scheme defined by FIPS 186-4,
@@ -370,7 +379,7 @@
*/
#define PSA_ALG_DSA(hash_alg) \
(PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000)
+#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500)
#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
/** Deterministic DSA signature with hashing.
*
@@ -401,10 +410,9 @@
/* We need to expand the sample definition of this macro from
* the API definition. */
-#undef PSA_ALG_IS_HASH_AND_SIGN
-#define PSA_ALG_IS_HASH_AND_SIGN(alg) \
- (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
- PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
+#undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
+#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
+ PSA_ALG_IS_DSA(alg)
/**@}*/
@@ -635,20 +643,174 @@
*
* \param curve A PSA elliptic curve identifier
* (`PSA_ECC_FAMILY_xxx`).
- * \param byte_length The byte-length of a private key on \p curve.
+ * \param bits The bit-length of a private key on \p curve.
+ * \param bits_is_sloppy If true, \p bits may be the bit-length rounded up
+ * to the nearest multiple of 8. This allows the caller
+ * to infer the exact curve from the length of a key
+ * which is supplied as a byte string.
*
* \return The corresponding Mbed TLS elliptic curve identifier
* (`MBEDTLS_ECP_DP_xxx`).
* \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized.
- * \return #MBEDTLS_ECP_DP_NONE if \p byte_length is not
+ * \return #MBEDTLS_ECP_DP_NONE if \p bits is not
* correct for \p curve.
*/
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
- size_t byte_length );
+ size_t bits,
+ int bits_is_sloppy );
#endif /* MBEDTLS_ECP_C */
/**@}*/
+/** \defgroup psa_external_rng External random generator
+ * @{
+ */
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** External random generator function, implemented by the platform.
+ *
+ * When the compile-time option #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled,
+ * this function replaces Mbed TLS's entropy and DRBG modules for all
+ * random generation triggered via PSA crypto interfaces.
+ *
+ * \note This random generator must deliver random numbers with cryptographic
+ * quality and high performance. It must supply unpredictable numbers
+ * with a uniform distribution. The implementation of this function
+ * is responsible for ensuring that the random generator is seeded
+ * with sufficient entropy. If you have a hardware TRNG which is slow
+ * or delivers non-uniform output, declare it as an entropy source
+ * with mbedtls_entropy_add_source() instead of enabling this option.
+ *
+ * \param[in,out] context Pointer to the random generator context.
+ * This is all-bits-zero on the first call
+ * and preserved between successive calls.
+ * \param[out] output Output buffer. On success, this buffer
+ * contains random data with a uniform
+ * distribution.
+ * \param output_size The size of the \p output buffer in bytes.
+ * \param[out] output_length On success, set this value to \p output_size.
+ *
+ * \retval #PSA_SUCCESS
+ * Success. The output buffer contains \p output_size bytes of
+ * cryptographic-quality random data, and \c *output_length is
+ * set to \p output_size.
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * The random generator requires extra entropy and there is no
+ * way to obtain entropy under current environment conditions.
+ * This error should not happen under normal circumstances since
+ * this function is responsible for obtaining as much entropy as
+ * it needs. However implementations of this function may return
+ * #PSA_ERROR_INSUFFICIENT_ENTROPY if there is no way to obtain
+ * entropy without blocking indefinitely.
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * A failure of the random generator hardware that isn't covered
+ * by #PSA_ERROR_INSUFFICIENT_ENTROPY.
+ */
+psa_status_t mbedtls_psa_external_get_random(
+ mbedtls_psa_external_random_context_t *context,
+ uint8_t *output, size_t output_size, size_t *output_length );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+/**@}*/
+
+/** \defgroup psa_builtin_keys Built-in keys
+ * @{
+ */
+
+/** The minimum value for a key identifier that is built into the
+ * implementation.
+ *
+ * The range of key identifiers from #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
+ * to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX within the range from
+ * #PSA_KEY_ID_VENDOR_MIN and #PSA_KEY_ID_VENDOR_MAX and must not intersect
+ * with any other set of implementation-chosen key identifiers.
+ *
+ * This value is part of the library's ABI since changing it would invalidate
+ * the values of built-in key identifiers in applications.
+ */
+#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000)
+
+/** The maximum value for a key identifier that is built into the
+ * implementation.
+ *
+ * See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information.
+ */
+#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff)
+
+/** A slot number identifying a key in a driver.
+ *
+ * Values of this type are used to identify built-in keys.
+ */
+typedef uint64_t psa_drv_slot_number_t;
+
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+/** Test whether a key identifier belongs to the builtin key range.
+ *
+ * \param key_id Key identifier to test.
+ *
+ * \retval 1
+ * The key identifier is a builtin key identifier.
+ * \retval 0
+ * The key identifier is not a builtin key identifier.
+ */
+static inline int psa_key_id_is_builtin( psa_key_id_t key_id )
+{
+ return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) &&
+ ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) );
+}
+
+/** Platform function to obtain the location and slot number of a built-in key.
+ *
+ * An application-specific implementation of this function must be provided if
+ * #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically be provided
+ * as part of a platform's system image.
+ *
+ * #MBEDTLS_SVC_KEY_ID_GET_KEY_ID(\p key_id) needs to be in the range from
+ * #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX.
+ *
+ * In a multi-application configuration
+ * (\c MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is defined),
+ * this function should check that #MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(\p key_id)
+ * is allowed to use the given key.
+ *
+ * \param key_id The key ID for which to retrieve the
+ * location and slot attributes.
+ * \param[out] lifetime On success, the lifetime associated with the key
+ * corresponding to \p key_id. Lifetime is a
+ * combination of which driver contains the key,
+ * and with what persistence level the key is
+ * intended to be used. If the platform
+ * implementation does not contain specific
+ * information about the intended key persistence
+ * level, the persistence level may be reported as
+ * #PSA_KEY_PERSISTENCE_DEFAULT.
+ * \param[out] slot_number On success, the slot number known to the driver
+ * registered at the lifetime location reported
+ * through \p lifetime which corresponds to the
+ * requested built-in key.
+ *
+ * \retval #PSA_SUCCESS
+ * The requested key identifier designates a built-in key.
+ * In a multi-application configuration, the requested owner
+ * is allowed to access it.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * The requested key identifier is not a built-in key which is known
+ * to this function. If a key exists in the key storage with this
+ * identifier, the data from the storage will be used.
+ * \return (any other error)
+ * Any other error is propagated to the function that requested the key.
+ * Common errors include:
+ * - #PSA_ERROR_NOT_PERMITTED: the key exists but the requested owner
+ * is not allowed to access it.
+ */
+psa_status_t mbedtls_psa_platform_get_builtin_key(
+ mbedtls_svc_key_id_t key_id,
+ psa_key_lifetime_t *lifetime,
+ psa_drv_slot_number_t *slot_number );
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+
+/** @} */
+
#ifdef __cplusplus
}
#endif
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index 567398d..66f4687 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -81,4 +81,31 @@
#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+/*
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
+ * (Secure Partition Manager) integration which separates the code into two
+ * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
+ * Environment). When building for the SPE, an additional header file should be
+ * included.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#define PSA_CRYPTO_SECURE 1
+#include "crypto_spe.h"
+#endif // MBEDTLS_PSA_CRYPTO_SPM
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** The type of the context passed to mbedtls_psa_external_get_random().
+ *
+ * Mbed TLS initializes the context to all-bits-zero before calling
+ * mbedtls_psa_external_get_random() for the first time.
+ *
+ * The definition of this type in the Mbed TLS source code is for
+ * demonstration purposes. Implementers of mbedtls_psa_external_get_random()
+ * are expected to replace it with a custom definition.
+ */
+typedef struct {
+ uintptr_t opaque[2];
+} mbedtls_psa_external_random_context_t;
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
#endif /* PSA_CRYPTO_PLATFORM_H */
diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h
index 1fae575..1dc8f9b 100644
--- a/include/psa/crypto_se_driver.h
+++ b/include/psa/crypto_se_driver.h
@@ -1061,7 +1061,8 @@
* \brief A function that generates a symmetric or asymmetric key on a secure
* element
*
- * If \p type is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) = 1),
+ * If the key type \c type recorded in \p attributes
+ * is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\c type) = 1),
* the driver may export the public key at the time of generation,
* in the format documented for psa_export_public_key() by writing it
* to the \p pubkey buffer.
@@ -1158,7 +1159,7 @@
* can be problemmatic to manage on embedded platforms, the inputs are passed
* to the driver via a function, `psa_drv_se_key_derivation_collateral`, that
* is called multiple times with different `collateral_id`s. Thus, for a key
- * derivation algorithm that required 3 paramter inputs, the flow would look
+ * derivation algorithm that required 3 parameter inputs, the flow would look
* something like:
* ~~~~~~~~~~~~~{.c}
* psa_drv_se_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
@@ -1206,7 +1207,7 @@
* element key derivation or key agreement operation
*
* Since many key derivation algorithms require multiple parameters, it is
- * expeced that this function may be called multiple times for the same
+ * expected that this function may be called multiple times for the same
* operation, each with a different algorithm-specific `collateral_id`
*
* \param[in,out] op_context A hardware-specific structure containing any
@@ -1364,20 +1365,22 @@
*
* \return #PSA_SUCCESS
* The driver was successfully registered. Applications can now
- * use \p lifetime to access keys through the methods passed to
+ * use \p location to access keys through the methods passed to
* this function.
* \return #PSA_ERROR_BAD_STATE
* This function was called after the initialization of the
* cryptography module, and this implementation does not support
* driver registration at this stage.
* \return #PSA_ERROR_ALREADY_EXISTS
- * There is already a registered driver for this value of \p lifetime.
+ * There is already a registered driver for this value of \p location.
* \return #PSA_ERROR_INVALID_ARGUMENT
- * \p lifetime is a reserved value.
+ * \p location is a reserved value.
* \return #PSA_ERROR_NOT_SUPPORTED
* `methods->hal_version` is not supported by this implementation.
* \return #PSA_ERROR_INSUFFICIENT_MEMORY
* \return #PSA_ERROR_NOT_PERMITTED
+ * \return #PSA_ERROR_STORAGE_FAILURE
+ * \return #PSA_ERROR_DATA_CORRUPT
*/
psa_status_t psa_register_se_driver(
psa_key_location_t location,
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 4dc8ad4..f51ec87 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -65,11 +65,9 @@
*
* \return The hash size for the specified hash algorithm.
* If the hash algorithm is not recognized, return 0.
- * An implementation may return either 0 or the correct size
- * for a hash algorithm that it recognizes, but does not support.
*/
-#define PSA_HASH_SIZE(alg) \
- ( \
+#define PSA_HASH_LENGTH(alg) \
+ ( \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \
@@ -91,9 +89,8 @@
*
* Maximum size of a hash.
*
- * This macro must expand to a compile-time constant integer. This value
- * should be the maximum size of a hash supported by the implementation,
- * in bytes, and must be no smaller than this maximum.
+ * This macro expands to a compile-time constant integer. This value
+ * is the maximum size of a hash in bytes.
*/
/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
* 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
@@ -110,9 +107,8 @@
*
* Maximum size of a MAC.
*
- * This macro must expand to a compile-time constant integer. This value
- * should be the maximum size of a MAC supported by the implementation,
- * in bytes, and must be no smaller than this maximum.
+ * This macro expands to a compile-time constant integer. This value
+ * is the maximum size of a MAC in bytes.
*/
/* All non-HMAC MACs have a maximum size that's smaller than the
* minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */
@@ -121,25 +117,37 @@
*/
#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE
-/** The tag size for an AEAD algorithm, in bytes.
+/** The length of a tag for an AEAD algorithm, in bytes.
*
+ * This macro can be used to allocate a buffer of sufficient size to store the
+ * tag output from psa_aead_finish().
+ *
+ * See also #PSA_AEAD_TAG_MAX_SIZE.
+ *
+ * \param key_type The type of the AEAD key.
+ * \param key_bits The size of the AEAD key in bits.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
- * \return The tag size for the specified algorithm.
+ * \return The tag length for the specified algorithm and key.
* If the AEAD algorithm does not have an identified
* tag that can be distinguished from the rest of
* the ciphertext, return 0.
- * If the AEAD algorithm is not recognized, return 0.
- * An implementation may return either 0 or a
- * correct size for an AEAD algorithm that it
- * recognizes, but does not support.
+ * If the key type or AEAD algorithm is not
+ * recognized, or the parameters are incompatible,
+ * return 0.
*/
-#define PSA_AEAD_TAG_LENGTH(alg) \
- (PSA_ALG_IS_AEAD(alg) ? \
- (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \
- 0)
+#define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \
+ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
+ PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
+ ((void) (key_bits), 0))
+
+/** The maximum tag size for all supported AEAD algorithms, in bytes.
+ *
+ * See also #PSA_AEAD_TAG_LENGTH(\p key_type, \p key_bits, \p alg).
+ */
+#define PSA_AEAD_TAG_MAX_SIZE 16
/* The maximum size of an RSA key on this implementation, in bits.
* This is a vendor-specific macro.
@@ -188,10 +196,11 @@
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0
#endif
-/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN
+/** This macro returns the maximum supported length of the PSK for the
+ * TLS-1.2 PSK-to-MS key derivation
+ * (#PSA_ALG_TLS12_PSK_TO_MS(\c hash_alg)).
*
- * This macro returns the maximum length of the PSK supported
- * by the TLS-1.2 PSK-to-MS key derivation.
+ * The maximum supported length does not depend on the chosen hash algorithm.
*
* Quoting RFC 4279, Sect 5.3:
* TLS implementations supporting these ciphersuites MUST support
@@ -200,17 +209,21 @@
* keys is RECOMMENDED.
*
* Therefore, no implementation should define a value smaller than 64
- * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN.
+ * for #PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE.
*/
-#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128
+#define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE 128
-/** The maximum size of a block cipher supported by the implementation. */
-#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16
+/** The maximum size of a block cipher. */
+#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16
/** The size of the output of psa_mac_sign_finish(), in bytes.
*
* This is also the MAC size that psa_mac_verify_finish() expects.
*
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
* \param key_type The type of the MAC key.
* \param key_bits The size of the MAC key in bits.
* \param alg A MAC algorithm (\c PSA_ALG_XXX value such that
@@ -224,10 +237,10 @@
* \return Unspecified if the key parameters are not consistent
* with the algorithm.
*/
-#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \
- ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
- PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
- PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
+#define PSA_MAC_LENGTH(key_type, key_bits, alg) \
+ ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
+ PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \
+ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
((void)(key_type), (void)(key_bits), 0))
/** The maximum size of the output of psa_aead_encrypt(), in bytes.
@@ -237,6 +250,14 @@
* insufficient buffer size. Depending on the algorithm, the actual size of
* the ciphertext may be smaller.
*
+ * See also #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length).
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type A symmetric key type that is
+ * compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -244,16 +265,37 @@
*
* \return The AEAD ciphertext size for the specified
* algorithm.
- * If the AEAD algorithm is not recognized, return 0.
- * An implementation may return either 0 or a
- * correct size for an AEAD algorithm that it
- * recognizes, but does not support.
+ * If the key type or AEAD algorithm is not
+ * recognized, or the parameters are incompatible,
+ * return 0.
*/
-#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \
- (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \
- (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \
+#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \
+ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
+ (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
0)
+/** A sufficient output buffer size for psa_aead_encrypt(), for any of the
+ * supported key types and AEAD algorithms.
+ *
+ * If the size of the ciphertext buffer is at least this large, it is guaranteed
+ * that psa_aead_encrypt() will not fail due to an insufficient buffer size.
+ *
+ * \note This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p key_type, \p alg,
+ * \p plaintext_length).
+ *
+ * \param plaintext_length Size of the plaintext in bytes.
+ *
+ * \return A sufficient output buffer size for any of the
+ * supported key types and AEAD algorithms.
+ *
+ */
+#define PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(plaintext_length) \
+ ((plaintext_length) + PSA_AEAD_TAG_MAX_SIZE)
+
+
/** The maximum size of the output of psa_aead_decrypt(), in bytes.
*
* If the size of the plaintext buffer is at least this large, it is
@@ -261,6 +303,14 @@
* insufficient buffer size. Depending on the algorithm, the actual size of
* the plaintext may be smaller.
*
+ * See also #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length).
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type A symmetric key type that is
+ * compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -268,16 +318,84 @@
*
* \return The AEAD ciphertext size for the specified
* algorithm.
- * If the AEAD algorithm is not recognized, return 0.
- * An implementation may return either 0 or a
- * correct size for an AEAD algorithm that it
- * recognizes, but does not support.
+ * If the key type or AEAD algorithm is not
+ * recognized, or the parameters are incompatible,
+ * return 0.
*/
-#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \
- (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \
- (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \
+ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
+ (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
+ (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
0)
+/** A sufficient output buffer size for psa_aead_decrypt(), for any of the
+ * supported key types and AEAD algorithms.
+ *
+ * If the size of the plaintext buffer is at least this large, it is guaranteed
+ * that psa_aead_decrypt() will not fail due to an insufficient buffer size.
+ *
+ * \note This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * See also #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p key_type, \p alg,
+ * \p ciphertext_length).
+ *
+ * \param ciphertext_length Size of the ciphertext in bytes.
+ *
+ * \return A sufficient output buffer size for any of the
+ * supported key types and AEAD algorithms.
+ *
+ */
+#define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length) \
+ (ciphertext_length)
+
+/** The default nonce size for an AEAD algorithm, in bytes.
+ *
+ * This macro can be used to allocate a buffer of sufficient size to
+ * store the nonce output from #psa_aead_generate_nonce().
+ *
+ * See also #PSA_AEAD_NONCE_MAX_SIZE.
+ *
+ * \note This is not the maximum size of nonce supported as input to
+ * #psa_aead_set_nonce(), #psa_aead_encrypt() or #psa_aead_decrypt(),
+ * just the default size that is generated by #psa_aead_generate_nonce().
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type A symmetric key type that is compatible with
+ * algorithm \p alg.
+ *
+ * \param alg An AEAD algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return The default nonce size for the specified key type and algorithm.
+ * If the key type or AEAD algorithm is not recognized,
+ * or the parameters are incompatible, return 0.
+ */
+#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
+ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \
+ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \
+ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \
+ 0 : \
+ (key_type) == PSA_KEY_TYPE_CHACHA20 && \
+ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \
+ 0)
+
+/** The maximum default nonce size among all supported pairs of key types and
+ * AEAD algorithms, in bytes.
+ *
+ * This is equal to or greater than any value that #PSA_AEAD_NONCE_LENGTH()
+ * may return.
+ *
+ * \note This is not the maximum size of nonce supported as input to
+ * #psa_aead_set_nonce(), #psa_aead_encrypt() or #psa_aead_decrypt(),
+ * just the largest size that may be generated by
+ * #psa_aead_generate_nonce().
+ */
+#define PSA_AEAD_NONCE_MAX_SIZE 13
+
/** A sufficient output buffer size for psa_aead_update().
*
* If the size of the output buffer is at least this large, it is
@@ -285,6 +403,14 @@
* insufficient buffer size. The actual size of the output may be smaller
* in any given call.
*
+ * See also #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length).
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type A symmetric key type that is
+ * compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -292,19 +418,33 @@
*
* \return A sufficient output buffer size for the specified
* algorithm.
- * If the AEAD algorithm is not recognized, return 0.
- * An implementation may return either 0 or a
- * correct size for an AEAD algorithm that it
- * recognizes, but does not support.
+ * If the key type or AEAD algorithm is not
+ * recognized, or the parameters are incompatible,
+ * return 0.
*/
/* For all the AEAD modes defined in this specification, it is possible
* to emit output without delay. However, hardware may not always be
* capable of this. So for modes based on a block cipher, allow the
* implementation to delay the output until it has a full block. */
-#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \
- (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_ROUND_UP_TO_MULTIPLE(PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE, (input_length)) : \
- (input_length))
+#define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
+ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
+ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \
+ (input_length) : \
+ 0)
+
+/** A sufficient output buffer size for psa_aead_update(), for any of the
+ * supported key types and AEAD algorithms.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_aead_update() will not fail due to an insufficient buffer size.
+ *
+ * See also #PSA_AEAD_UPDATE_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
+ *
+ * \param input_length Size of the input in bytes.
+ */
+#define PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(input_length) \
+ (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)))
/** A sufficient ciphertext buffer size for psa_aead_finish().
*
@@ -313,22 +453,33 @@
* insufficient ciphertext buffer size. The actual size of the output may
* be smaller in any given call.
*
+ * See also #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE.
+ *
+ * \param key_type A symmetric key type that is
+ compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
* \return A sufficient ciphertext buffer size for the
* specified algorithm.
- * If the AEAD algorithm is not recognized, return 0.
- * An implementation may return either 0 or a
- * correct size for an AEAD algorithm that it
- * recognizes, but does not support.
+ * If the key type or AEAD algorithm is not
+ * recognized, or the parameters are incompatible,
+ * return 0.
*/
-#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \
- (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \
+#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \
+ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0)
+/** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the
+ * supported key types and AEAD algorithms.
+ *
+ * See also #PSA_AEAD_FINISH_OUTPUT_SIZE(\p key_type, \p alg).
+ */
+#define PSA_AEAD_FINISH_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
+
/** A sufficient plaintext buffer size for psa_aead_verify().
*
* If the size of the plaintext buffer is at least this large, it is
@@ -336,25 +487,36 @@
* insufficient plaintext buffer size. The actual size of the output may
* be smaller in any given call.
*
+ * See also #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE.
+ *
+ * \param key_type A symmetric key type that is
+ * compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
* \return A sufficient plaintext buffer size for the
* specified algorithm.
- * If the AEAD algorithm is not recognized, return 0.
- * An implementation may return either 0 or a
- * correct size for an AEAD algorithm that it
- * recognizes, but does not support.
+ * If the key type or AEAD algorithm is not
+ * recognized, or the parameters are incompatible,
+ * return 0.
*/
-#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \
- (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \
+#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \
+ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0)
+/** A sufficient plaintext buffer size for psa_aead_verify(), for any of the
+ * supported key types and AEAD algorithms.
+ *
+ * See also #PSA_AEAD_VERIFY_OUTPUT_SIZE(\p key_type, \p alg).
+ */
+#define PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
+
#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \
(PSA_ALG_IS_RSA_OAEP(alg) ? \
- 2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \
+ 2 * PSA_HASH_LENGTH(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \
11 /*PKCS#1v1.5*/)
/**
@@ -388,9 +550,8 @@
* a buffer size in bytes that guarantees that
* psa_sign_hash() will not fail with
* #PSA_ERROR_BUFFER_TOO_SMALL.
- * If the parameters are a valid combination that is not supported
- * by the implementation, this macro shall return either a
- * sensible size or 0.
+ * If the parameters are a valid combination that is not supported,
+ * return either a sensible size or 0.
* If the parameters are not valid, the
* return value is unspecified.
*/
@@ -406,9 +567,8 @@
*
* Maximum size of an asymmetric signature.
*
- * This macro must expand to a compile-time constant integer. This value
- * should be the maximum size of a signature supported by the implementation,
- * in bytes, and must be no smaller than this maximum.
+ * This macro expands to a compile-time constant integer. This value
+ * is the maximum size of a signature in bytes.
*/
#define PSA_SIGNATURE_MAX_SIZE \
(PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \
@@ -435,9 +595,8 @@
* a buffer size in bytes that guarantees that
* psa_asymmetric_encrypt() will not fail with
* #PSA_ERROR_BUFFER_TOO_SMALL.
- * If the parameters are a valid combination that is not supported
- * by the implementation, this macro shall return either a
- * sensible size or 0.
+ * If the parameters are a valid combination that is not supported,
+ * return either a sensible size or 0.
* If the parameters are not valid, the
* return value is unspecified.
*/
@@ -446,6 +605,15 @@
((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
0)
+/** A sufficient output buffer size for psa_asymmetric_encrypt(), for any
+ * supported asymmetric encryption.
+ *
+ * See also #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\p key_type, \p key_bits, \p alg).
+ */
+/* This macro assumes that RSA is the only supported asymmetric encryption. */
+#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE \
+ (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
+
/** Sufficient output buffer size for psa_asymmetric_decrypt().
*
* This macro returns a sufficient buffer size for a plaintext produced using
@@ -466,9 +634,8 @@
* a buffer size in bytes that guarantees that
* psa_asymmetric_decrypt() will not fail with
* #PSA_ERROR_BUFFER_TOO_SMALL.
- * If the parameters are a valid combination that is not supported
- * by the implementation, this macro shall return either a
- * sensible size or 0.
+ * If the parameters are a valid combination that is not supported,
+ * return either a sensible size or 0.
* If the parameters are not valid, the
* return value is unspecified.
*/
@@ -477,6 +644,16 @@
PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \
0)
+/** A sufficient output buffer size for psa_asymmetric_decrypt(), for any
+ * supported asymmetric decryption.
+ *
+ * This macro assumes that RSA is the only supported asymmetric encryption.
+ *
+ * See also #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\p key_type, \p key_bits, \p alg).
+ */
+#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE \
+ (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
+
/* Maximum size of the ASN.1 encoding of an INTEGER with the specified
* number of bits.
*
@@ -587,12 +764,13 @@
#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \
(PSA_BITS_TO_BYTES(key_bits))
-/** Sufficient output buffer size for psa_export_key() or psa_export_public_key().
+/** Sufficient output buffer size for psa_export_key() or
+ * psa_export_public_key().
*
* This macro returns a compile-time constant if its arguments are
* compile-time constants.
*
- * \warning This function may call its arguments multiple times or
+ * \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
@@ -605,7 +783,7 @@
* if (status != PSA_SUCCESS) handle_error(...);
* psa_key_type_t key_type = psa_get_key_type(&attributes);
* size_t key_bits = psa_get_key_bits(&attributes);
- * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits);
+ * size_t buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits);
* psa_reset_key_attributes(&attributes);
* uint8_t *buffer = malloc(buffer_size);
* if (buffer == NULL) handle_error(...);
@@ -614,18 +792,46 @@
* if (status != PSA_SUCCESS) handle_error(...);
* \endcode
*
- * For psa_export_public_key(), calculate the buffer size from the
- * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR
- * to convert a key pair type to the corresponding public key type.
+ * \param key_type A supported key type.
+ * \param key_bits The size of the key in bits.
+ *
+ * \return If the parameters are valid and supported, return
+ * a buffer size in bytes that guarantees that
+ * psa_export_key() or psa_export_public_key() will not fail with
+ * #PSA_ERROR_BUFFER_TOO_SMALL.
+ * If the parameters are a valid combination that is not supported,
+ * return either a sensible size or 0.
+ * If the parameters are not valid, the return value is unspecified.
+ */
+#define PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits) \
+ (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+ PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \
+ PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+ 0)
+
+/** Sufficient output buffer size for psa_export_public_key().
+ *
+ * This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * The following code illustrates how to allocate enough memory to export
+ * a public key by querying the key type and size at runtime.
* \code{c}
* psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
* psa_status_t status;
* status = psa_get_key_attributes(key, &attributes);
* if (status != PSA_SUCCESS) handle_error(...);
* psa_key_type_t key_type = psa_get_key_type(&attributes);
- * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type);
* size_t key_bits = psa_get_key_bits(&attributes);
- * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits);
+ * size_t buffer_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits);
* psa_reset_key_attributes(&attributes);
* uint8_t *buffer = malloc(buffer_size);
* if (buffer == NULL) handle_error(...);
@@ -634,71 +840,96 @@
* if (status != PSA_SUCCESS) handle_error(...);
* \endcode
*
- * \param key_type A supported key type.
- * \param key_bits The size of the key in bits.
+ * \param key_type A public key or key pair key type.
+ * \param key_bits The size of the key in bits.
*
- * \return If the parameters are valid and supported, return
- * a buffer size in bytes that guarantees that
- * psa_sign_hash() will not fail with
- * #PSA_ERROR_BUFFER_TOO_SMALL.
- * If the parameters are a valid combination that is not supported
- * by the implementation, this macro shall return either a
- * sensible size or 0.
- * If the parameters are not valid, the
- * return value is unspecified.
+ * \return If the parameters are valid and supported, return
+ * a buffer size in bytes that guarantees that
+ * psa_export_public_key() will not fail with
+ * #PSA_ERROR_BUFFER_TOO_SMALL.
+ * If the parameters are a valid combination that is not
+ * supported, return either a sensible size or 0.
+ * If the parameters are not valid,
+ * the return value is unspecified.
+ *
+ * If the parameters are valid and supported,
+ * return the same result as
+ * #PSA_EXPORT_KEY_OUTPUT_SIZE(
+ * \p #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\p key_type),
+ * \p key_bits).
*/
-#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \
- (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
- (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \
- (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
- (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \
- (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
- PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \
- PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+#define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits) \
+ (PSA_KEY_TYPE_IS_RSA(key_type) ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
0)
-/** The default nonce size for an AEAD algorithm, in bytes.
+/** Sufficient buffer size for exporting any asymmetric key pair.
*
- * This macro can be used to allocate a buffer of sufficient size to
- * store the nonce output from #psa_aead_generate_nonce().
+ * This macro expands to a compile-time constant integer. This value is
+ * a sufficient buffer size when calling psa_export_key() to export any
+ * asymmetric key pair, regardless of the exact key type and key size.
*
- * See also #PSA_AEAD_NONCE_MAX_SIZE.
+ * See also #PSA_EXPORT_KEY_OUTPUT_SIZE(\p key_type, \p key_bits).
+ */
+#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \
+ (PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \
+ PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) ? \
+ PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) : \
+ PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS))
+
+/** Sufficient buffer size for exporting any asymmetric public key.
*
- * \note This is not the maximum size of nonce supported as input to #psa_aead_set_nonce(),
- * #psa_aead_encrypt() or #psa_aead_decrypt(), just the default size that is generated by
- * #psa_aead_generate_nonce().
+ * This macro expands to a compile-time constant integer. This value is
+ * a sufficient buffer size when calling psa_export_key() or
+ * psa_export_public_key() to export any asymmetric public key,
+ * regardless of the exact key type and key size.
+ *
+ * See also #PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(\p key_type, \p key_bits).
+ */
+#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \
+ (PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \
+ PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) ? \
+ PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) : \
+ PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS))
+
+/** Sufficient output buffer size for psa_raw_key_agreement().
+ *
+ * This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
*
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
- * \param key_type A symmetric key type that is compatible with algorithm \p alg.
+ * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE.
*
- * \param alg An AEAD algorithm (\c PSA_ALG_XXX value such that #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param key_type A supported key type.
+ * \param key_bits The size of the key in bits.
*
- * \return The default nonce size for the specified key type and algorithm.
- * If the key type or AEAD algorithm is not recognized,
- * or the parameters are incompatible, return 0.
- * An implementation can return either 0 or a correct size for a key type
- * and AEAD algorithm that it recognizes, but does not support.
+ * \return If the parameters are valid and supported, return
+ * a buffer size in bytes that guarantees that
+ * psa_raw_key_agreement() will not fail with
+ * #PSA_ERROR_BUFFER_TOO_SMALL.
+ * If the parameters are a valid combination that
+ * is not supported, return either a sensible size or 0.
+ * If the parameters are not valid,
+ * the return value is unspecified.
*/
-#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
- (PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) == 16 && \
- (PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_CCM || \
- PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_GCM) ? 12 : \
- (key_type) == PSA_KEY_TYPE_CHACHA20 && \
- PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_CHACHA20_POLY1305 ? 12 : \
+/* FFDH is not yet supported in PSA. */
+#define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits) \
+ (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? \
+ PSA_BITS_TO_BYTES(key_bits) : \
0)
-/** The maximum default nonce size among all supported pairs of key types and AEAD algorithms, in bytes.
+/** Maximum size of the output from psa_raw_key_agreement().
*
- * This is equal to or greater than any value that #PSA_AEAD_NONCE_LENGTH() may return.
+ * This macro expands to a compile-time constant integer. This value is the
+ * maximum size of the output any raw key agreement algorithm, in bytes.
*
- * \note This is not the maximum size of nonce supported as input to #psa_aead_set_nonce(),
- * #psa_aead_encrypt() or #psa_aead_decrypt(), just the largest size that may be generated by
- * #psa_aead_generate_nonce().
+ * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(\p key_type, \p key_bits).
*/
-#define PSA_AEAD_NONCE_MAX_SIZE 12
+#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE \
+ (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS))
/** The default IV size for a cipher algorithm, in bytes.
*
@@ -723,19 +954,17 @@
* If the algorithm does not use an IV, return 0.
* If the key type or cipher algorithm is not recognized,
* or the parameters are incompatible, return 0.
- * An implementation can return either 0 or a correct size for a key type
- * and cipher algorithm that it recognizes, but does not support.
*/
#define PSA_CIPHER_IV_LENGTH(key_type, alg) \
- (PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) > 1 && \
+ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \
((alg) == PSA_ALG_CTR || \
(alg) == PSA_ALG_CFB || \
(alg) == PSA_ALG_OFB || \
(alg) == PSA_ALG_XTS || \
(alg) == PSA_ALG_CBC_NO_PADDING || \
- (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
+ (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \
- (alg) == PSA_ALG_CHACHA20 ? 12 : \
+ (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \
0)
/** The maximum IV size for all supported cipher algorithms, in bytes.
@@ -744,4 +973,165 @@
*/
#define PSA_CIPHER_IV_MAX_SIZE 16
+/** The maximum size of the output of psa_cipher_encrypt(), in bytes.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_encrypt() will not fail due to an insufficient buffer size.
+ * Depending on the algorithm, the actual size of the output might be smaller.
+ *
+ * See also #PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(\p input_length).
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type A symmetric key type that is compatible with algorithm
+ * alg.
+ * \param alg A cipher algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param input_length Size of the input in bytes.
+ *
+ * \return A sufficient output size for the specified key type and
+ * algorithm. If the key type or cipher algorithm is not
+ * recognized, or the parameters are incompatible,
+ * return 0.
+ */
+#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \
+ (alg == PSA_ALG_CBC_PKCS7 ? \
+ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
+ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
+ (input_length) + 1) + \
+ PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \
+ (PSA_ALG_IS_CIPHER(alg) ? \
+ (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \
+ 0))
+
+/** A sufficient output buffer size for psa_cipher_encrypt(), for any of the
+ * supported key types and cipher algorithms.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_encrypt() will not fail due to an insufficient buffer size.
+ *
+ * See also #PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
+ *
+ * \param input_length Size of the input in bytes.
+ *
+ */
+#define PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input_length) \
+ (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, \
+ (input_length) + 1) + \
+ PSA_CIPHER_IV_MAX_SIZE)
+
+/** The maximum size of the output of psa_cipher_decrypt(), in bytes.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_decrypt() will not fail due to an insufficient buffer size.
+ * Depending on the algorithm, the actual size of the output might be smaller.
+ *
+ * See also #PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(\p input_length).
+ *
+ * \param key_type A symmetric key type that is compatible with algorithm
+ * alg.
+ * \param alg A cipher algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param input_length Size of the input in bytes.
+ *
+ * \return A sufficient output size for the specified key type and
+ * algorithm. If the key type or cipher algorithm is not
+ * recognized, or the parameters are incompatible,
+ * return 0.
+ */
+#define PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_length) \
+ (PSA_ALG_IS_CIPHER(alg) && \
+ ((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
+ (input_length) : \
+ 0)
+
+/** A sufficient output buffer size for psa_cipher_decrypt(), for any of the
+ * supported key types and cipher algorithms.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_decrypt() will not fail due to an insufficient buffer size.
+ *
+ * See also #PSA_CIPHER_DECRYPT_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
+ *
+ * \param input_length Size of the input in bytes.
+ */
+#define PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_length) \
+ (input_length)
+
+/** A sufficient output buffer size for psa_cipher_update().
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_update() will not fail due to an insufficient buffer size.
+ * The actual size of the output might be smaller in any given call.
+ *
+ * See also #PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(\p input_length).
+ *
+ * \param key_type A symmetric key type that is compatible with algorithm
+ * alg.
+ * \param alg A cipher algorithm (PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param input_length Size of the input in bytes.
+ *
+ * \return A sufficient output size for the specified key type and
+ * algorithm. If the key type or cipher algorithm is not
+ * recognized, or the parameters are incompatible, return 0.
+ */
+#define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
+ (PSA_ALG_IS_CIPHER(alg) ? \
+ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
+ (((alg) == PSA_ALG_CBC_PKCS7 || \
+ (alg) == PSA_ALG_CBC_NO_PADDING || \
+ (alg) == PSA_ALG_ECB_NO_PADDING) ? \
+ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
+ input_length) : \
+ (input_length)) : 0) : \
+ 0)
+
+/** A sufficient output buffer size for psa_cipher_update(), for any of the
+ * supported key types and cipher algorithms.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_update() will not fail due to an insufficient buffer size.
+ *
+ * See also #PSA_CIPHER_UPDATE_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
+ *
+ * \param input_length Size of the input in bytes.
+ */
+#define PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input_length) \
+ (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, input_length))
+
+/** A sufficient ciphertext buffer size for psa_cipher_finish().
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_cipher_finish() will not fail due to an insufficient
+ * ciphertext buffer size. The actual size of the output might be smaller in
+ * any given call.
+ *
+ * See also #PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE().
+ *
+ * \param key_type A symmetric key type that is compatible with algorithm
+ * alg.
+ * \param alg A cipher algorithm (PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \return A sufficient output size for the specified key type and
+ * algorithm. If the key type or cipher algorithm is not
+ * recognized, or the parameters are incompatible, return 0.
+ */
+#define PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg) \
+ (PSA_ALG_IS_CIPHER(alg) ? \
+ (alg == PSA_ALG_CBC_PKCS7 ? \
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
+ 0) : \
+ 0)
+
+/** A sufficient ciphertext buffer size for psa_cipher_finish(), for any of the
+ * supported key types and cipher algorithms.
+ *
+ * See also #PSA_CIPHER_FINISH_OUTPUT_SIZE(\p key_type, \p alg).
+ */
+#define PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE \
+ (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
+
#endif /* PSA_CRYPTO_SIZES_H */
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 6a018e1..94242f8 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -15,12 +15,20 @@
*
* <h3>Design notes about multipart operation structures</h3>
*
- * Each multipart operation structure contains a `psa_algorithm_t alg`
- * field which indicates which specific algorithm the structure is for.
- * When the structure is not in use, `alg` is 0. Most of the structure
- * consists of a union which is discriminated by `alg`.
+ * For multipart operations without driver delegation support, each multipart
+ * operation structure contains a `psa_algorithm_t alg` field which indicates
+ * which specific algorithm the structure is for. When the structure is not in
+ * use, `alg` is 0. Most of the structure consists of a union which is
+ * discriminated by `alg`.
*
- * Note that when `alg` is 0, the content of other fields is undefined.
+ * For multipart operations with driver delegation support, each multipart
+ * operation structure contains an `unsigned int id` field indicating which
+ * driver got assigned to do the operation. When the structure is not in use,
+ * 'id' is 0. The structure contains also a driver context which is the union
+ * of the contexts of all drivers able to handle the type of multipart
+ * operation.
+ *
+ * Note that when `alg` or `id` is 0, the content of other fields is undefined.
* In particular, it is not guaranteed that a freshly-initialized structure
* is all-zero: we initialize structures to something like `{0, 0}`, which
* is only guaranteed to initializes the first member of the union;
@@ -65,56 +73,23 @@
#include MBEDTLS_CONFIG_FILE
#endif
-#include "mbedtls/cipher.h"
#include "mbedtls/cmac.h"
#include "mbedtls/gcm.h"
-#include "mbedtls/md.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-typedef struct {
- /** Unique ID indicating which driver got assigned to do the
- * operation. Since driver contexts are driver-specific, swapping
- * drivers halfway through the operation is not supported.
- * ID values are auto-generated in psa_driver_wrappers.h */
- unsigned int id;
- /** Context structure for the assigned driver, when id is not zero. */
- void* ctx;
-} psa_operation_driver_context_t;
+/* Include the context definition for the compiled-in drivers for the primitive
+ * algorithms. */
+#include "psa/crypto_driver_contexts_primitives.h"
struct psa_hash_operation_s
{
- psa_algorithm_t alg;
- union
- {
- unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD2_C)
- mbedtls_md2_context md2;
-#endif
-#if defined(MBEDTLS_MD4_C)
- mbedtls_md4_context md4;
-#endif
-#if defined(MBEDTLS_MD5_C)
- mbedtls_md5_context md5;
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
- mbedtls_ripemd160_context ripemd160;
-#endif
-#if defined(MBEDTLS_SHA1_C)
- mbedtls_sha1_context sha1;
-#endif
-#if defined(MBEDTLS_SHA256_C)
- mbedtls_sha256_context sha256;
-#endif
-#if defined(MBEDTLS_SHA512_C)
- mbedtls_sha512_context sha512;
-#endif
- } ctx;
+ /** Unique ID indicating which driver got assigned to do the
+ * operation. Since driver contexts are driver-specific, swapping
+ * drivers halfway through the operation is not supported.
+ * ID values are auto-generated in psa_driver_wrappers.h.
+ * ID value zero means the context is not valid or not assigned to
+ * any driver (i.e. the driver context is not active, in use). */
+ unsigned int id;
+ psa_driver_hash_context_t ctx;
};
#define PSA_HASH_OPERATION_INIT {0, {0}}
@@ -124,68 +99,56 @@
return( v );
}
-#if defined(MBEDTLS_MD_C)
-typedef struct
-{
- /** The hash context. */
- struct psa_hash_operation_s hash_ctx;
- /** The HMAC part of the context. */
- uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
-} psa_hmac_internal_data;
-#endif /* MBEDTLS_MD_C */
-
-struct psa_mac_operation_s
-{
- psa_algorithm_t alg;
- unsigned int key_set : 1;
- unsigned int iv_required : 1;
- unsigned int iv_set : 1;
- unsigned int has_input : 1;
- unsigned int is_sign : 1;
- uint8_t mac_size;
- union
- {
- unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD_C)
- psa_hmac_internal_data hmac;
-#endif
-#if defined(MBEDTLS_CMAC_C)
- mbedtls_cipher_context_t cmac;
-#endif
- } ctx;
-};
-
-#define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}}
-static inline struct psa_mac_operation_s psa_mac_operation_init( void )
-{
- const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
- return( v );
-}
-
struct psa_cipher_operation_s
{
- psa_algorithm_t alg;
- unsigned int key_set : 1;
+ /** Unique ID indicating which driver got assigned to do the
+ * operation. Since driver contexts are driver-specific, swapping
+ * drivers halfway through the operation is not supported.
+ * ID values are auto-generated in psa_crypto_driver_wrappers.h
+ * ID value zero means the context is not valid or not assigned to
+ * any driver (i.e. none of the driver contexts are active). */
+ unsigned int id;
+
unsigned int iv_required : 1;
unsigned int iv_set : 1;
- unsigned int mbedtls_in_use : 1; /* Indicates mbed TLS is handling the operation. */
- uint8_t iv_size;
- uint8_t block_size;
- union
- {
- unsigned dummy; /* Enable easier initializing of the union. */
- mbedtls_cipher_context_t cipher;
- psa_operation_driver_context_t driver;
- } ctx;
+
+ uint8_t default_iv_length;
+
+ psa_driver_cipher_context_t ctx;
};
-#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}}
+#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, {0}}
static inline struct psa_cipher_operation_s psa_cipher_operation_init( void )
{
const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
return( v );
}
+/* Include the context definition for the compiled-in drivers for the composite
+ * algorithms. */
+#include "psa/crypto_driver_contexts_composites.h"
+
+struct psa_mac_operation_s
+{
+ /** Unique ID indicating which driver got assigned to do the
+ * operation. Since driver contexts are driver-specific, swapping
+ * drivers halfway through the operation is not supported.
+ * ID values are auto-generated in psa_driver_wrappers.h
+ * ID value zero means the context is not valid or not assigned to
+ * any driver (i.e. none of the driver contexts are active). */
+ unsigned int id;
+ uint8_t mac_size;
+ unsigned int is_sign : 1;
+ psa_driver_mac_context_t ctx;
+};
+
+#define PSA_MAC_OPERATION_INIT {0, 0, 0, {0}}
+static inline struct psa_mac_operation_s psa_mac_operation_init( void )
+{
+ const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
+ return( v );
+}
+
struct psa_aead_operation_s
{
psa_algorithm_t alg;
@@ -207,12 +170,12 @@
return( v );
}
-#if defined(MBEDTLS_MD_C)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
typedef struct
{
uint8_t *info;
size_t info_length;
- psa_hmac_internal_data hmac;
+ psa_mac_operation_t hmac;
uint8_t prk[PSA_HASH_MAX_SIZE];
uint8_t output_block[PSA_HASH_MAX_SIZE];
#if PSA_HASH_MAX_SIZE > 0xff
@@ -223,16 +186,17 @@
unsigned int state : 2;
unsigned int info_set : 1;
} psa_hkdf_key_derivation_t;
-#endif /* MBEDTLS_MD_C */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
-#if defined(MBEDTLS_MD_C)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
typedef enum
{
- TLS12_PRF_STATE_INIT, /* no input provided */
- TLS12_PRF_STATE_SEED_SET, /* seed has been set */
- TLS12_PRF_STATE_KEY_SET, /* key has been set */
- TLS12_PRF_STATE_LABEL_SET, /* label has been set */
- TLS12_PRF_STATE_OUTPUT /* output has been started */
+ PSA_TLS12_PRF_STATE_INIT, /* no input provided */
+ PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
+ PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */
+ PSA_TLS12_PRF_STATE_LABEL_SET, /* label has been set */
+ PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
} psa_tls12_prf_key_derivation_state_t;
typedef struct psa_tls12_prf_key_derivation_s
@@ -250,17 +214,20 @@
psa_tls12_prf_key_derivation_state_t state;
+ uint8_t *secret;
+ size_t secret_length;
uint8_t *seed;
size_t seed_length;
uint8_t *label;
size_t label_length;
- psa_hmac_internal_data hmac;
+
uint8_t Ai[PSA_HASH_MAX_SIZE];
/* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */
uint8_t output_block[PSA_HASH_MAX_SIZE];
} psa_tls12_prf_key_derivation_t;
-#endif /* MBEDTLS_MD_C */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
+ * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
struct psa_key_derivation_s
{
@@ -271,8 +238,11 @@
{
/* Make the union non-empty even with no supported algorithms. */
uint8_t dummy;
-#if defined(MBEDTLS_MD_C)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
psa_hkdf_key_derivation_t hkdf;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
psa_tls12_prf_key_derivation_t tls12_prf;
#endif
} ctx;
@@ -421,9 +391,19 @@
return( attributes->core.lifetime );
}
+static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags )
+{
+ if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH )
+ *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
+
+ if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
+ *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+}
+
static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
psa_key_usage_t usage_flags)
{
+ psa_extend_key_usage_flags( &usage_flags );
attributes->core.policy.usage = usage_flags;
}
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index 0a2ae54..386c7d7 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -35,6 +35,13 @@
#include "crypto_platform.h"
+/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT
+ * is defined as well to include all PSA code.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#define MBEDTLS_PSA_CRYPTO_CLIENT
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
#include <stdint.h>
/** \defgroup error Error codes
@@ -115,14 +122,14 @@
* whether the key is _volatile_ or _persistent_.
* See ::psa_key_persistence_t for more information.
* - Bits 8-31 (#PSA_KEY_LIFETIME_GET_LOCATION(\c lifetime)):
- * location indicator. This value indicates where the key is stored
- * and where operations on the key are performed.
+ * location indicator. This value indicates which part of the system
+ * has access to the key material and can perform operations using the key.
* See ::psa_key_location_t for more information.
*
* Volatile keys are automatically destroyed when the application instance
* terminates or on a power reset of the device. Persistent keys are
* preserved until the application explicitly destroys them or until an
- * implementation-specific device management event occurs (for example,
+ * integration-specific device management event occurs (for example,
* a factory reset).
*
* Persistent keys have a key identifier of type #mbedtls_svc_key_id_t.
@@ -131,12 +138,10 @@
* The application can call psa_open_key() to open a persistent key that
* it created previously.
*
- * This specification defines two basic lifetime values:
- * - Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are volatile.
- * All implementations should support this lifetime.
- * - Keys with the lifetime #PSA_KEY_LIFETIME_PERSISTENT are persistent.
- * All implementations that have access to persistent storage with
- * appropriate security guarantees should support this lifetime.
+ * The default lifetime of a key is #PSA_KEY_LIFETIME_VOLATILE. The lifetime
+ * #PSA_KEY_LIFETIME_PERSISTENT is supported if persistent storage is
+ * available. Other lifetime values may be supported depending on the
+ * library configuration.
*/
typedef uint32_t psa_key_lifetime_t;
@@ -149,35 +154,21 @@
* actually affect persistent keys at different levels is outside the
* scope of the PSA Cryptography specification.
*
- * This specification defines the following values of persistence levels:
+ * The PSA Cryptography specification defines the following values of
+ * persistence levels:
* - \c 0 = #PSA_KEY_PERSISTENCE_VOLATILE: volatile key.
* A volatile key is automatically destroyed by the implementation when
* the application instance terminates. In particular, a volatile key
* is automatically destroyed on a power reset of the device.
* - \c 1 = #PSA_KEY_PERSISTENCE_DEFAULT:
* persistent key with a default lifetime.
- * Implementations should support this value if they support persistent
- * keys at all.
- * Applications should use this value if they have no specific needs that
- * are only met by implementation-specific features.
- * - \c 2-127: persistent key with a PSA-specified lifetime.
- * The PSA Cryptography specification does not define the meaning of these
- * values, but other PSA specifications may do so.
- * - \c 128-254: persistent key with a vendor-specified lifetime.
- * No PSA specification will define the meaning of these values, so
- * implementations may choose the meaning freely.
- * As a guideline, higher persistence levels should cause a key to survive
- * more management events than lower levels.
+ * - \c 2-254: currently not supported by Mbed TLS.
* - \c 255 = #PSA_KEY_PERSISTENCE_READ_ONLY:
* read-only or write-once key.
* A key with this persistence level cannot be destroyed.
- * Implementations that support such keys may either allow their creation
- * through the PSA Cryptography API, preferably only to applications with
- * the appropriate privilege, or only expose keys created through
- * implementation-specific means such as a factory ROM engraving process.
- * Note that keys that are read-only due to policy restrictions
- * rather than due to physical limitations should not have this
- * persistence levels.
+ * Mbed TLS does not currently offer a way to create such keys, but
+ * integrations of Mbed TLS can use it for built-in keys that the
+ * application cannot modify (for example, a hardware unique key (HUK)).
*
* \note Key persistence levels are 8-bit values. Key management
* interfaces operate on lifetimes (type ::psa_key_lifetime_t) which
@@ -187,28 +178,30 @@
/** Encoding of key location indicators.
*
- * If an implementation of this API can make calls to external
+ * If an integration of Mbed TLS can make calls to external
* cryptoprocessors such as secure elements, the location of a key
* indicates which secure element performs the operations on the key.
- * If an implementation offers multiple physical locations for persistent
- * storage, the location indicator reflects at which physical location
- * the key is stored.
+ * Depending on the design of the secure element, the key
+ * material may be stored either in the secure element, or
+ * in wrapped (encrypted) form alongside the key metadata in the
+ * primary local storage.
*
- * This specification defines the following values of location indicators:
+ * The PSA Cryptography API specification defines the following values of
+ * location indicators:
* - \c 0: primary local storage.
- * All implementations should support this value.
+ * This location is always available.
* The primary local storage is typically the same storage area that
* contains the key metadata.
* - \c 1: primary secure element.
- * Implementations should support this value if there is a secure element
- * attached to the operating environment.
+ * Integrations of Mbed TLS should support this value if there is a secure
+ * element attached to the operating environment.
* As a guideline, secure elements may provide higher resistance against
* side channel and physical attacks than the primary local storage, but may
* have restrictions on supported key types, sizes, policies and operations
* and may have different performance characteristics.
* - \c 2-0x7fffff: other locations defined by a PSA specification.
* The PSA Cryptography API does not currently assign any meaning to these
- * locations, but future versions of this specification or other PSA
+ * locations, but future versions of that specification or other PSA
* specifications may do so.
* - \c 0x800000-0xffffff: vendor-defined locations.
* No PSA specification will assign a meaning to locations in this range.
@@ -223,7 +216,7 @@
*
* - Applications may freely choose key identifiers in the range
* #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX.
- * - Implementations may define additional key identifiers in the range
+ * - The implementation may define additional key identifiers in the range
* #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX.
* - 0 is reserved as an invalid key identifier.
* - Key identifiers outside these ranges are reserved for future use.
@@ -271,23 +264,18 @@
* - The key's policy, comprising usage flags and a specification of
* the permitted algorithm(s).
* - Information about the key itself: the key type and its size.
- * - Implementations may define additional attributes.
+ * - Additional implementation-defined attributes.
*
* The actual key material is not considered an attribute of a key.
* Key attributes do not contain information that is generally considered
* highly confidential.
*
- * An attribute structure can be a simple data structure where each function
+ * An attribute structure works like a simple data structure where each function
* `psa_set_key_xxx` sets a field and the corresponding function
* `psa_get_key_xxx` retrieves the value of the corresponding field.
- * However, implementations may report values that are equivalent to the
- * original one, but have a different encoding. For example, an
- * implementation may use a more compact representation for types where
- * many bit-patterns are invalid or not supported, and store all values
- * that it does not support as a special marker value. In such an
- * implementation, after setting an invalid value, the corresponding
- * get function returns an invalid value which may not be the one that
- * was originally stored.
+ * However, a future version of the library may report values that are
+ * equivalent to the original one, but have a different encoding. Invalid
+ * values may be mapped to different, also invalid values.
*
* An attribute structure may contain references to auxiliary resources,
* for example pointers to allocated memory or indirect references to
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 580b89e..3c82f2a 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -270,6 +270,46 @@
*/
#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
+/** Stored data has been corrupted.
+ *
+ * This error indicates that some persistent storage has suffered corruption.
+ * It does not indicate the following situations, which have specific error
+ * codes:
+ *
+ * - A corruption of volatile memory - use #PSA_ERROR_CORRUPTION_DETECTED.
+ * - A communication error between the cryptoprocessor and its external
+ * storage - use #PSA_ERROR_COMMUNICATION_FAILURE.
+ * - When the storage is in a valid state but is full - use
+ * #PSA_ERROR_INSUFFICIENT_STORAGE.
+ * - When the storage fails for other reasons - use
+ * #PSA_ERROR_STORAGE_FAILURE.
+ * - When the stored data is not valid - use #PSA_ERROR_DATA_INVALID.
+ *
+ * \note A storage corruption does not indicate that any data that was
+ * previously read is invalid. However this previously read data might no
+ * longer be readable from storage.
+ *
+ * When a storage failure occurs, it is no longer possible to ensure the
+ * global integrity of the keystore.
+ */
+#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
+
+/** Data read from storage is not valid for the implementation.
+ *
+ * This error indicates that some data read from storage does not have a valid
+ * format. It does not indicate the following situations, which have specific
+ * error codes:
+ *
+ * - When the storage or stored data is corrupted - use #PSA_ERROR_DATA_CORRUPT
+ * - When the storage fails for other reasons - use #PSA_ERROR_STORAGE_FAILURE
+ * - An invalid argument to the API - use #PSA_ERROR_INVALID_ARGUMENT
+ *
+ * This error is typically a result of either storage corruption on a
+ * cleartext storage backend, or an attempt to read data that was
+ * written by an incompatible version of the library.
+ */
+#define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
+
/**@}*/
/** \defgroup crypto_types Key and algorithm types
@@ -363,7 +403,7 @@
* used for.
*
* HMAC keys should generally have the same size as the underlying hash.
- * This size can be calculated with #PSA_HASH_SIZE(\c alg) where
+ * This size can be calculated with #PSA_HASH_LENGTH(\c alg) where
* \c alg is the HMAC algorithm or the underlying hash algorithm. */
#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100)
@@ -383,8 +423,8 @@
/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
*
- * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or
- * 24 bytes (3-key 3DES).
+ * The size of the key can be 64 bits (single DES), 128 bits (2-key 3DES) or
+ * 192 bits (3-key 3DES).
*
* Note that single DES and 2-key 3DES are weak and strongly
* deprecated and should only be used to decrypt legacy data. 3-key 3DES
@@ -411,9 +451,15 @@
*/
#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004)
-/** RSA public key. */
+/** RSA public key.
+ *
+ * The size of an RSA key is the bit size of the modulus.
+ */
#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001)
-/** RSA key pair (private and public key). */
+/** RSA key pair (private and public key).
+ *
+ * The size of an RSA key is the bit size of the modulus.
+ */
#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001)
/** Whether a key type is an RSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_RSA(type) \
@@ -424,6 +470,10 @@
#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff)
/** Elliptic curve key pair.
*
+ * The size of an elliptic curve key is the bit size associated with the curve,
+ * i.e. the bit size of *q* for a curve over a field *F<sub>q</sub>*.
+ * See the documentation of `PSA_ECC_FAMILY_xxx` curve families for details.
+ *
* \param curve A value of type ::psa_ecc_family_t that
* identifies the ECC curve to be used.
*/
@@ -431,6 +481,10 @@
(PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
/** Elliptic curve public key.
*
+ * The size of an elliptic curve public key is the same as the corresponding
+ * private key (see #PSA_KEY_TYPE_ECC_KEY_PAIR and the documentation of
+ * `PSA_ECC_FAMILY_xxx` curve families).
+ *
* \param curve A value of type ::psa_ecc_family_t that
* identifies the ECC curve to be used.
*/
@@ -529,6 +583,22 @@
*/
#define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
+/** The twisted Edwards curves Ed25519 and Ed448.
+ *
+ * These curves are suitable for EdDSA (#PSA_ALG_PURE_EDDSA for both curves,
+ * #PSA_ALG_ED25519PH for the 255-bit curve,
+ * #PSA_ALG_ED448PH for the 448-bit curve).
+ *
+ * This family comprises the following twisted Edwards curves:
+ * - 255-bit: Edwards25519, the twisted Edwards curve birationally equivalent
+ * to Curve25519.
+ * Bernstein et al., _Twisted Edwards curves_, Africacrypt 2008.
+ * - 448-bit: Edwards448, the twisted Edwards curve birationally equivalent
+ * to Curve448.
+ * Hamburg, _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015.
+ */
+#define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
+
#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200)
#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200)
#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff)
@@ -594,9 +664,9 @@
*
* \warning This macro may evaluate its argument multiple times.
*/
-#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
+#define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
(((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
- 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
+ 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
0u)
/** Vendor-defined algorithm flag.
@@ -609,14 +679,14 @@
#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
-#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000)
-#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000)
+#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000)
+#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000)
#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
-#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000)
-#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000)
-#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000)
-#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000)
-#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000)
+#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000)
+#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000)
+#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000)
+#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000)
+#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000)
/** Whether an algorithm is vendor-defined.
*
@@ -718,35 +788,42 @@
#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
/** MD2 */
-#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001)
+#define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001)
/** MD4 */
-#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002)
+#define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002)
/** MD5 */
-#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003)
+#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
/** PSA_ALG_RIPEMD160 */
-#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004)
+#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004)
/** SHA1 */
-#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005)
+#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005)
/** SHA2-224 */
-#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008)
+#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008)
/** SHA2-256 */
-#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009)
+#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009)
/** SHA2-384 */
-#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a)
+#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a)
/** SHA2-512 */
-#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b)
+#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b)
/** SHA2-512/224 */
-#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c)
+#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c)
/** SHA2-512/256 */
-#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d)
+#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d)
/** SHA3-224 */
-#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010)
+#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010)
/** SHA3-256 */
-#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011)
+#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011)
/** SHA3-384 */
-#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012)
+#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012)
/** SHA3-512 */
-#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013)
+#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013)
+/** The first 512 bits (64 bytes) of the SHAKE256 output.
+ *
+ * This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other
+ * scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512
+ * has the same output size and a (theoretically) higher security strength.
+ */
+#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t)0x02000015)
/** In a hash-and-sign algorithm policy, allow any hash algorithm.
*
@@ -781,10 +858,10 @@
* This value may not be used to build an algorithm specification to
* perform an operation. It is only valid to build policies.
*/
-#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff)
+#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff)
#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
-#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000)
+#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000)
/** Macro to build an HMAC algorithm.
*
* For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
@@ -823,8 +900,16 @@
* reach up to 63; the largest MAC is 64 bytes so its trivial truncation
* to full length is correctly encoded as 0 and any non-trivial truncation
* is correctly encoded as a value between 1 and 63. */
-#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00)
-#define PSA_MAC_TRUNCATION_OFFSET 8
+#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000)
+#define PSA_MAC_TRUNCATION_OFFSET 16
+
+/* In the encoding of a MAC algorithm, the bit corresponding to
+ * #PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
+ * is a wildcard algorithm. A key with such wildcard algorithm as permitted
+ * algorithm policy can be used with any algorithm corresponding to the
+ * same base class and having a (potentially truncated) MAC length greater or
+ * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
+#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
/** Macro to build a truncated MAC algorithm.
*
@@ -844,7 +929,7 @@
* for policy comparison purposes.
*
* \param mac_alg A MAC algorithm identifier (value of type
- * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p mac_alg)
* is true). This may be a truncated or untruncated
* MAC algorithm.
* \param mac_length Desired length of the truncated MAC in bytes.
@@ -855,52 +940,82 @@
*
* \return The corresponding MAC algorithm with the specified
* length.
- * \return Unspecified if \p alg is not a supported
+ * \return Unspecified if \p mac_alg is not a supported
* MAC algorithm or if \p mac_length is too small or
* too large for the specified MAC algorithm.
*/
-#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
- (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \
+#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
+ (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
+ PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
/** Macro to build the base MAC algorithm corresponding to a truncated
* MAC algorithm.
*
* \param mac_alg A MAC algorithm identifier (value of type
- * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p mac_alg)
* is true). This may be a truncated or untruncated
* MAC algorithm.
*
* \return The corresponding base MAC algorithm.
- * \return Unspecified if \p alg is not a supported
+ * \return Unspecified if \p mac_alg is not a supported
* MAC algorithm.
*/
-#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
- ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
+#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
+ ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
+ PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
/** Length to which a MAC algorithm is truncated.
*
* \param mac_alg A MAC algorithm identifier (value of type
- * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p mac_alg)
* is true).
*
* \return Length of the truncated MAC in bytes.
- * \return 0 if \p alg is a non-truncated MAC algorithm.
- * \return Unspecified if \p alg is not a supported
+ * \return 0 if \p mac_alg is a non-truncated MAC algorithm.
+ * \return Unspecified if \p mac_alg is not a supported
* MAC algorithm.
*/
#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
(((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
-#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000)
+/** Macro to build a MAC minimum-MAC-length wildcard algorithm.
+ *
+ * A minimum-MAC-length MAC wildcard algorithm permits all MAC algorithms
+ * sharing the same base algorithm, and where the (potentially truncated) MAC
+ * length of the specific algorithm is equal to or larger then the wildcard
+ * algorithm's minimum MAC length.
+ *
+ * \note When setting the minimum required MAC length to less than the
+ * smallest MAC length allowed by the base algorithm, this effectively
+ * becomes an 'any-MAC-length-allowed' policy for that base algorithm.
+ *
+ * \param mac_alg A MAC algorithm identifier (value of type
+ * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p mac_alg)
+ * is true).
+ * \param min_mac_length Desired minimum length of the message authentication
+ * code in bytes. This must be at most the untruncated
+ * length of the MAC and must be at least 1.
+ *
+ * \return The corresponding MAC wildcard algorithm with the
+ * specified minimum length.
+ * \return Unspecified if \p mac_alg is not a supported MAC
+ * algorithm or if \p min_mac_length is less than 1 or
+ * too large for the specified MAC algorithm.
+ */
+#define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
+ ( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
+ PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG )
+
+#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000)
/** The CBC-MAC construction over a block cipher
*
* \warning CBC-MAC is insecure in many cases.
* A more secure mode, such as #PSA_ALG_CMAC, is recommended.
*/
-#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001)
+#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)
/** The CMAC construction over a block cipher */
-#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002)
+#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)
/** Whether the specified algorithm is a MAC algorithm based on a block cipher.
*
@@ -933,21 +1048,13 @@
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
(PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
-/** The ARC4 stream cipher algorithm.
+/** The stream cipher mode of a stream cipher algorithm.
+ *
+ * The underlying stream cipher is determined by the key type.
+ * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20.
+ * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4.
*/
-#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001)
-
-/** The ChaCha20 stream cipher.
- *
- * ChaCha20 is defined in RFC 7539.
- *
- * The nonce size for psa_cipher_set_iv() or psa_cipher_generate_iv()
- * must be 12.
- *
- * The initial block counter is always 0.
- *
- */
-#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005)
+#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100)
/** The CTR stream cipher mode.
*
@@ -956,19 +1063,19 @@
* For example, to use AES-128-CTR, use this algorithm with
* a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
*/
-#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001)
+#define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000)
/** The CFB stream cipher mode.
*
* The underlying block cipher is determined by the key type.
*/
-#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002)
+#define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100)
/** The OFB stream cipher mode.
*
* The underlying block cipher is determined by the key type.
*/
-#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003)
+#define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200)
/** The XTS cipher mode.
*
@@ -976,7 +1083,7 @@
* least one full block of input, but beyond this minimum the input
* does not need to be a whole number of blocks.
*/
-#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff)
+#define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00)
/** The Electronic Code Book (ECB) mode of a block cipher, with no padding.
*
@@ -1005,7 +1112,7 @@
* This symmetric cipher mode can only be used with messages whose lengths
* are whole number of blocks for the chosen block cipher.
*/
-#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100)
+#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000)
/** The CBC block cipher chaining mode with PKCS#7 padding.
*
@@ -1013,7 +1120,7 @@
*
* This is the padding method defined by PKCS#7 (RFC 2315) §10.3.
*/
-#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101)
+#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100)
#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
@@ -1034,13 +1141,13 @@
*
* The underlying block cipher is determined by the key type.
*/
-#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001)
+#define PSA_ALG_CCM ((psa_algorithm_t)0x05500100)
/** The GCM authenticated encryption algorithm.
*
* The underlying block cipher is determined by the key type.
*/
-#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002)
+#define PSA_ALG_GCM ((psa_algorithm_t)0x05500200)
/** The Chacha20-Poly1305 AEAD algorithm.
*
@@ -1051,14 +1158,22 @@
*
* Implementations must support 16-byte tags and should reject other sizes.
*/
-#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005)
+#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
/* In the encoding of a AEAD algorithm, the bits corresponding to
* PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
* The constants for default lengths follow this encoding.
*/
-#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00)
-#define PSA_AEAD_TAG_LENGTH_OFFSET 8
+#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000)
+#define PSA_AEAD_TAG_LENGTH_OFFSET 16
+
+/* In the encoding of an AEAD algorithm, the bit corresponding to
+ * #PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
+ * is a wildcard algorithm. A key with such wildcard algorithm as permitted
+ * algorithm policy can be used with any algorithm corresponding to the
+ * same base class and having a tag length greater than or equal to the one
+ * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
+#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
/** Macro to build a shortened AEAD algorithm.
*
@@ -1068,41 +1183,84 @@
* of the ciphertext.
*
* \param aead_alg An AEAD algorithm identifier (value of type
- * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
+ * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p aead_alg)
* is true).
* \param tag_length Desired length of the authentication tag in bytes.
*
* \return The corresponding AEAD algorithm with the specified
* length.
- * \return Unspecified if \p alg is not a supported
+ * \return Unspecified if \p aead_alg is not a supported
* AEAD algorithm or if \p tag_length is not valid
* for the specified AEAD algorithm.
*/
-#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \
- (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \
+#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
+ (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
+ PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
PSA_ALG_AEAD_TAG_LENGTH_MASK))
+/** Retrieve the tag length of a specified AEAD algorithm
+ *
+ * \param aead_alg An AEAD algorithm identifier (value of type
+ * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p aead_alg)
+ * is true).
+ *
+ * \return The tag length specified by the input algorithm.
+ * \return Unspecified if \p aead_alg is not a supported
+ * AEAD algorithm.
+ */
+#define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
+ (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
+ PSA_AEAD_TAG_LENGTH_OFFSET )
+
/** Calculate the corresponding AEAD algorithm with the default tag length.
*
* \param aead_alg An AEAD algorithm (\c PSA_ALG_XXX value such that
- * #PSA_ALG_IS_AEAD(\p alg) is true).
+ * #PSA_ALG_IS_AEAD(\p aead_alg) is true).
*
* \return The corresponding AEAD algorithm with the default
* tag length for that algorithm.
*/
-#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \
+#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
( \
- PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CCM) \
- PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_GCM) \
- PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
+ PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
+ PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
+ PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
0)
-#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, ref) \
- PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \
- PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \
+#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
ref :
-#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000)
+/** Macro to build an AEAD minimum-tag-length wildcard algorithm.
+ *
+ * A minimum-tag-length AEAD wildcard algorithm permits all AEAD algorithms
+ * sharing the same base algorithm, and where the tag length of the specific
+ * algorithm is equal to or larger then the minimum tag length specified by the
+ * wildcard algorithm.
+ *
+ * \note When setting the minimum required tag length to less than the
+ * smallest tag length allowed by the base algorithm, this effectively
+ * becomes an 'any-tag-length-allowed' policy for that base algorithm.
+ *
+ * \param aead_alg An AEAD algorithm identifier (value of type
+ * #psa_algorithm_t such that
+ * #PSA_ALG_IS_AEAD(\p aead_alg) is true).
+ * \param min_tag_length Desired minimum length of the authentication tag in
+ * bytes. This must be at least 1 and at most the largest
+ * allowed tag length of the algorithm.
+ *
+ * \return The corresponding AEAD wildcard algorithm with the
+ * specified minimum length.
+ * \return Unspecified if \p aead_alg is not a supported
+ * AEAD algorithm or if \p min_tag_length is less than 1
+ * or too large for the specified AEAD algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
+ ( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
+ PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG )
+
+#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200)
/** RSA PKCS#1 v1.5 signature with hashing.
*
* This is the signature scheme defined by RFC 8017
@@ -1130,7 +1288,7 @@
#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
-#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000)
+#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300)
/** RSA PSS signature with hashing.
*
* This is the signature scheme defined by RFC 8017
@@ -1154,7 +1312,7 @@
#define PSA_ALG_IS_RSA_PSS(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
-#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000)
+#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600)
/** ECDSA signature with hashing.
*
* This is the ECDSA signature scheme defined by ANSI X9.62,
@@ -1187,7 +1345,7 @@
* the curve size.
*/
#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
-#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000)
+#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700)
/** Deterministic ECDSA signature with hashing.
*
* This is the deterministic ECDSA signature scheme defined by RFC 6979.
@@ -1212,7 +1370,7 @@
*/
#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
(PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000)
+#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100)
#define PSA_ALG_IS_ECDSA(alg) \
(((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
PSA_ALG_ECDSA_BASE)
@@ -1223,6 +1381,94 @@
#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
(PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
+/** Edwards-curve digital signature algorithm without prehashing (PureEdDSA),
+ * using standard parameters.
+ *
+ * Contexts are not supported in the current version of this specification
+ * because there is no suitable signature interface that can take the
+ * context as a parameter. A future version of this specification may add
+ * suitable functions and extend this algorithm to support contexts.
+ *
+ * PureEdDSA requires an elliptic curve key on a twisted Edwards curve.
+ * In this specification, the following curves are supported:
+ * - #PSA_ECC_FAMILY_TWISTED_EDWARDS, 255-bit: Ed25519 as specified
+ * in RFC 8032.
+ * The curve is Edwards25519.
+ * The hash function used internally is SHA-512.
+ * - #PSA_ECC_FAMILY_TWISTED_EDWARDS, 448-bit: Ed448 as specified
+ * in RFC 8032.
+ * The curve is Edwards448.
+ * The hash function used internally is the first 114 bytes of the
+ * SHAKE256 output.
+ *
+ * This algorithm can be used with psa_sign_message() and
+ * psa_verify_message(). Since there is no prehashing, it cannot be used
+ * with psa_sign_hash() or psa_verify_hash().
+ *
+ * The signature format is the concatenation of R and S as defined by
+ * RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte
+ * string for Ed448).
+ */
+#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t)0x06000800)
+
+#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t)0x06000900)
+#define PSA_ALG_IS_HASH_EDDSA(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
+
+/** Edwards-curve digital signature algorithm with prehashing (HashEdDSA),
+ * using SHA-512 and the Edwards25519 curve.
+ *
+ * See #PSA_ALG_PURE_EDDSA regarding context support and the signature format.
+ *
+ * This algorithm is Ed25519 as specified in RFC 8032.
+ * The curve is Edwards25519.
+ * The prehash is SHA-512.
+ * The hash function used internally is SHA-512.
+ *
+ * This is a hash-and-sign algorithm: to calculate a signature,
+ * you can either:
+ * - call psa_sign_message() on the message;
+ * - or calculate the SHA-512 hash of the message
+ * with psa_hash_compute()
+ * or with a multi-part hash operation started with psa_hash_setup(),
+ * using the hash algorithm #PSA_ALG_SHA_512,
+ * then sign the calculated hash with psa_sign_hash().
+ * Verifying a signature is similar, using psa_verify_message() or
+ * psa_verify_hash() instead of the signature function.
+ */
+#define PSA_ALG_ED25519PH \
+ (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHA_512 & PSA_ALG_HASH_MASK))
+
+/** Edwards-curve digital signature algorithm with prehashing (HashEdDSA),
+ * using SHAKE256 and the Edwards448 curve.
+ *
+ * See #PSA_ALG_PURE_EDDSA regarding context support and the signature format.
+ *
+ * This algorithm is Ed448 as specified in RFC 8032.
+ * The curve is Edwards448.
+ * The prehash is the first 64 bytes of the SHAKE256 output.
+ * The hash function used internally is the first 114 bytes of the
+ * SHAKE256 output.
+ *
+ * This is a hash-and-sign algorithm: to calculate a signature,
+ * you can either:
+ * - call psa_sign_message() on the message;
+ * - or calculate the first 64 bytes of the SHAKE256 output of the message
+ * with psa_hash_compute()
+ * or with a multi-part hash operation started with psa_hash_setup(),
+ * using the hash algorithm #PSA_ALG_SHAKE256_512,
+ * then sign the calculated hash with psa_sign_hash().
+ * Verifying a signature is similar, using psa_verify_message() or
+ * psa_verify_hash() instead of the signature function.
+ */
+#define PSA_ALG_ED448PH \
+ (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHAKE256_512 & PSA_ALG_HASH_MASK))
+
+/* Default definition, to be overridden if the library is extended with
+ * more hash-and-sign algorithms that we want to keep out of this header
+ * file. */
+#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) 0
+
/** Whether the specified algorithm is a hash-and-sign algorithm.
*
* Hash-and-sign algorithms are asymmetric (public-key) signature algorithms
@@ -1238,7 +1484,22 @@
*/
#define PSA_ALG_IS_HASH_AND_SIGN(alg) \
(PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
- PSA_ALG_IS_ECDSA(alg))
+ PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \
+ PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg))
+
+/** Whether the specified algorithm is a signature algorithm that can be used
+ * with psa_sign_message() and psa_verify_message().
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if alg is a signature algorithm that can be used to sign a
+ * message. 0 if \p alg is a signature algorithm that can only be used
+ * to sign an already-calculated hash. 0 if \p alg is not a signature
+ * algorithm. This macro can return either 0 or 1 if \p alg is not a
+ * supported algorithm identifier.
+ */
+#define PSA_ALG_IS_SIGN_MESSAGE(alg) \
+ (PSA_ALG_IS_HASH_AND_SIGN(alg) || (alg) == PSA_ALG_PURE_EDDSA )
/** Get the hash used by a hash-and-sign signature algorithm.
*
@@ -1266,9 +1527,9 @@
/** RSA PKCS#1 v1.5 encryption.
*/
-#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000)
+#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200)
-#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000)
+#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300)
/** RSA OAEP encryption.
*
* This is the encryption scheme defined by RFC 8017
@@ -1292,7 +1553,7 @@
((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
0)
-#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x20000100)
+#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100)
/** Macro to build an HKDF algorithm.
*
* For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
@@ -1331,7 +1592,7 @@
#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200)
+#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200)
/** Macro to build a TLS-1.2 PRF algorithm.
*
* TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
@@ -1374,7 +1635,7 @@
#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300)
+#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300)
/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
*
* In a pure-PSK handshake in TLS 1.2, the master secret is derived
@@ -1420,8 +1681,8 @@
#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff)
-#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000)
+#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff)
+#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000)
/** Macro to build a combined algorithm that chains a key agreement with
* a key derivation.
@@ -1474,7 +1735,7 @@
* It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
* in bits.
*/
-#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000)
+#define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000)
/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
*
@@ -1516,7 +1777,7 @@
* in big-endian byte order.
* The bit size is `m` for the field `F_{2^m}`.
*/
-#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000)
+#define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000)
/** Whether the specified algorithm is an elliptic curve Diffie-Hellman
* algorithm.
@@ -1548,9 +1809,13 @@
* \return This macro may return either 0 or 1 if \c alg is not a supported
* algorithm identifier.
*/
-#define PSA_ALG_IS_WILDCARD(alg) \
- (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
- PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
+#define PSA_ALG_IS_WILDCARD(alg) \
+ (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
+ PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
+ PSA_ALG_IS_MAC(alg) ? \
+ (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
+ PSA_ALG_IS_AEAD(alg) ? \
+ (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
(alg) == PSA_ALG_ANY_HASH)
/**@}*/
@@ -1576,13 +1841,12 @@
*
* A persistent key remains in storage until it is explicitly destroyed or
* until the corresponding storage area is wiped. This specification does
- * not define any mechanism to wipe a storage area, but implementations may
+ * not define any mechanism to wipe a storage area, but integrations may
* provide their own mechanism (for example to perform a factory reset,
* to prepare for device refurbishment, or to uninstall an application).
*
* This lifetime value is the default storage area for the calling
- * application. Implementations may offer other storage areas designated
- * by other lifetime values as implementation-specific extensions.
+ * application. Integrations of Mbed TLS may support other persistent lifetimes.
* See ::psa_key_lifetime_t for more information.
*/
#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
@@ -1631,6 +1895,27 @@
(PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
PSA_KEY_PERSISTENCE_VOLATILE)
+/** Whether a key lifetime indicates that the key is read-only.
+ *
+ * Read-only keys cannot be created or destroyed through the PSA Crypto API.
+ * They must be created through platform-specific means that bypass the API.
+ *
+ * Some platforms may offer ways to destroy read-only keys. For example,
+ * consider a platform with multiple levels of privilege, where a
+ * low-privilege application can use a key but is not allowed to destroy
+ * it, and the platform exposes the key to the application with a read-only
+ * lifetime. High-privilege code can destroy the key even though the
+ * application sees the key as read-only.
+ *
+ * \param lifetime The lifetime value to query (value of type
+ * ::psa_key_lifetime_t).
+ *
+ * \return \c 1 if the key is read-only, otherwise \c 0.
+ */
+#define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
+ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
+ PSA_KEY_PERSISTENCE_READ_ONLY)
+
/** Construct a lifetime from a persistence level and a location.
*
* \param persistence The persistence level
@@ -1751,7 +2036,7 @@
*/
static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
{
- return( ( key.key_id == 0 ) && ( key.owner == 0 ) );
+ return( key.key_id == 0 );
}
#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
@@ -1815,13 +2100,33 @@
/** Whether the key may be used to sign a message.
*
+ * This flag allows the key to be used for a MAC calculation operation or for
+ * an asymmetric message signature operation, if otherwise permitted by the
+ * key’s type and policy.
+ *
+ * For a key pair, this concerns the private key.
+ */
+#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400)
+
+/** Whether the key may be used to verify a message.
+ *
+ * This flag allows the key to be used for a MAC verification operation or for
+ * an asymmetric message signature verification operation, if otherwise
+ * permitted by the key’s type and policy.
+ *
+ * For a key pair, this concerns the public key.
+ */
+#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800)
+
+/** Whether the key may be used to sign a message.
+ *
* This flag allows the key to be used for a MAC calculation operation
* or for an asymmetric signature operation,
* if otherwise permitted by the key's type and policy.
*
* For a key pair, this concerns the private key.
*/
-#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00000400)
+#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000)
/** Whether the key may be used to verify a message signature.
*
@@ -1831,11 +2136,11 @@
*
* For a key pair, this concerns the public key.
*/
-#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00000800)
+#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000)
/** Whether the key may be used to derive other keys.
*/
-#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000)
+#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000)
/**@}*/
@@ -1887,4 +2192,27 @@
/**@}*/
+/** \defgroup helper_macros Helper macros
+ * @{
+ */
+
+/* Helper macros */
+
+/** Check if two AEAD algorithm identifiers refer to the same AEAD algorithm
+ * regardless of the tag length they encode.
+ *
+ * \param aead_alg_1 An AEAD algorithm identifier.
+ * \param aead_alg_2 An AEAD algorithm identifier.
+ *
+ * \return 1 if both identifiers refer to the same AEAD algorithm,
+ * 0 otherwise.
+ * Unspecified if neither \p aead_alg_1 nor \p aead_alg_2 are
+ * a supported AEAD algorithm.
+ */
+#define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \
+ (!(((aead_alg_1) ^ (aead_alg_2)) & \
+ ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)))
+
+/**@}*/
+
#endif /* PSA_CRYPTO_VALUES_H */
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 8962555..a69e733 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -47,6 +47,8 @@
md4.c
md5.c
memory_buffer_alloc.c
+ mps_reader.c
+ mps_trace.c
nist_kw.c
oid.c
padlock.c
@@ -61,7 +63,14 @@
platform_util.c
poly1305.c
psa_crypto.c
+ psa_crypto_aead.c
+ psa_crypto_cipher.c
+ psa_crypto_client.c
psa_crypto_driver_wrappers.c
+ psa_crypto_ecp.c
+ psa_crypto_hash.c
+ psa_crypto_mac.c
+ psa_crypto_rsa.c
psa_crypto_se.c
psa_crypto_slot_management.c
psa_crypto_storage.c
@@ -193,15 +202,15 @@
if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(${mbedcrypto_target} SHARED ${src_crypto})
- set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.24.0 SOVERSION 5)
+ set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.27.0 SOVERSION 7)
target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
add_library(${mbedx509_target} SHARED ${src_x509})
- set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.24.0 SOVERSION 1)
+ set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.27.0 SOVERSION 1)
target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
add_library(${mbedtls_target} SHARED ${src_tls})
- set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.24.0 SOVERSION 13)
+ set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.27.0 SOVERSION 13)
target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
endif(USE_SHARED_MBEDTLS_LIBRARY)
diff --git a/library/Makefile b/library/Makefile
index a6db9b3..6fdc927 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -2,7 +2,7 @@
# Also see "include/mbedtls/config.h"
CFLAGS ?= -O2
-WARNING_CFLAGS ?= -Wall -Wextra
+WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
LDFLAGS ?=
# Include ../include for public headers and . for private headers.
@@ -41,7 +41,7 @@
SOEXT_TLS=so.13
SOEXT_X509=so.1
-SOEXT_CRYPTO=so.5
+SOEXT_CRYPTO=so.7
# Set AR_DASH= (empty string) to use an ar implementation that does not accept
# the - prefix for command line options (e.g. llvm-ar)
@@ -104,6 +104,8 @@
md4.o \
md5.o \
memory_buffer_alloc.o \
+ mps_reader.o \
+ mps_trace.o \
nist_kw.o \
oid.o \
padlock.o \
@@ -118,7 +120,14 @@
platform_util.o \
poly1305.o \
psa_crypto.o \
+ psa_crypto_aead.o \
+ psa_crypto_cipher.o \
+ psa_crypto_client.o \
psa_crypto_driver_wrappers.o \
+ psa_crypto_ecp.o \
+ psa_crypto_hash.o \
+ psa_crypto_mac.o \
+ psa_crypto_rsa.o \
psa_crypto_se.o \
psa_crypto_slot_management.o \
psa_crypto_storage.o \
diff --git a/library/aes.c b/library/aes.c
index 3f61642..544b583 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -57,29 +57,6 @@
#define AES_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] ) \
- | ( (uint32_t) (b)[(i) + 1] << 8 ) \
- | ( (uint32_t) (b)[(i) + 2] << 16 ) \
- | ( (uint32_t) (b)[(i) + 3] << 24 ); \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
- (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
- (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
-}
-#endif
-
#if defined(MBEDTLS_PADLOCK_C) && \
( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) )
static int aes_padlock_ace = -1;
@@ -409,7 +386,7 @@
{
pow[i] = x;
log[x] = i;
- x = ( x ^ XTIME( x ) ) & 0xFF;
+ x = MBEDTLS_BYTE_0( x ^ XTIME( x ) );
}
/*
@@ -418,7 +395,7 @@
for( i = 0, x = 1; i < 10; i++ )
{
RCON[i] = (uint32_t) x;
- x = XTIME( x ) & 0xFF;
+ x = MBEDTLS_BYTE_0( XTIME( x ) );
}
/*
@@ -431,10 +408,10 @@
{
x = pow[255 - log[i]];
- y = x; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
- x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
- x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
- x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
+ y = x; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) );
+ x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) );
+ x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) );
+ x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) );
x ^= y ^ 0x63;
FSb[i] = (unsigned char) x;
@@ -447,8 +424,8 @@
for( i = 0; i < 256; i++ )
{
x = FSb[i];
- y = XTIME( x ) & 0xFF;
- z = ( y ^ x ) & 0xFF;
+ y = MBEDTLS_BYTE_0( XTIME( x ) );
+ z = MBEDTLS_BYTE_0( y ^ x );
FT0[i] = ( (uint32_t) y ) ^
( (uint32_t) x << 8 ) ^
@@ -590,7 +567,7 @@
for( i = 0; i < ( keybits >> 5 ); i++ )
{
- GET_UINT32_LE( RK[i], key, i << 2 );
+ RK[i] = MBEDTLS_GET_UINT32_LE( key, i << 2 );
}
switch( ctx->nr )
@@ -600,10 +577,10 @@
for( i = 0; i < 10; i++, RK += 4 )
{
RK[4] = RK[0] ^ RCON[i] ^
- ( (uint32_t) FSb[ ( RK[3] >> 8 ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( RK[3] ) & 0xFF ] << 24 );
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[3] ) ] ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[3] ) ] << 8 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[3] ) ] << 16 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[3] ) ] << 24 );
RK[5] = RK[1] ^ RK[4];
RK[6] = RK[2] ^ RK[5];
@@ -616,10 +593,10 @@
for( i = 0; i < 8; i++, RK += 6 )
{
RK[6] = RK[0] ^ RCON[i] ^
- ( (uint32_t) FSb[ ( RK[5] >> 8 ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( RK[5] ) & 0xFF ] << 24 );
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[5] ) ] ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[5] ) ] << 8 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[5] ) ] << 16 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[5] ) ] << 24 );
RK[7] = RK[1] ^ RK[6];
RK[8] = RK[2] ^ RK[7];
@@ -634,20 +611,20 @@
for( i = 0; i < 7; i++, RK += 8 )
{
RK[8] = RK[0] ^ RCON[i] ^
- ( (uint32_t) FSb[ ( RK[7] >> 8 ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( RK[7] ) & 0xFF ] << 24 );
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[7] ) ] ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[7] ) ] << 8 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[7] ) ] << 16 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[7] ) ] << 24 );
RK[9] = RK[1] ^ RK[8];
RK[10] = RK[2] ^ RK[9];
RK[11] = RK[3] ^ RK[10];
RK[12] = RK[4] ^
- ( (uint32_t) FSb[ ( RK[11] ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( RK[11] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[11] ) ] ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[11] ) ] << 8 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[11] ) ] << 16 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[11] ) ] << 24 );
RK[13] = RK[5] ^ RK[12];
RK[14] = RK[6] ^ RK[13];
@@ -713,10 +690,10 @@
{
for( j = 0; j < 4; j++, SK++ )
{
- *RK++ = AES_RT0( FSb[ ( *SK ) & 0xFF ] ) ^
- AES_RT1( FSb[ ( *SK >> 8 ) & 0xFF ] ) ^
- AES_RT2( FSb[ ( *SK >> 16 ) & 0xFF ] ) ^
- AES_RT3( FSb[ ( *SK >> 24 ) & 0xFF ] );
+ *RK++ = AES_RT0( FSb[ MBEDTLS_BYTE_0( *SK ) ] ) ^
+ AES_RT1( FSb[ MBEDTLS_BYTE_1( *SK ) ] ) ^
+ AES_RT2( FSb[ MBEDTLS_BYTE_2( *SK ) ] ) ^
+ AES_RT3( FSb[ MBEDTLS_BYTE_3( *SK ) ] );
}
}
@@ -809,52 +786,52 @@
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
-#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
- do \
- { \
- (X0) = *RK++ ^ AES_FT0( ( (Y0) ) & 0xFF ) ^ \
- AES_FT1( ( (Y1) >> 8 ) & 0xFF ) ^ \
- AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^ \
- AES_FT3( ( (Y3) >> 24 ) & 0xFF ); \
- \
- (X1) = *RK++ ^ AES_FT0( ( (Y1) ) & 0xFF ) ^ \
- AES_FT1( ( (Y2) >> 8 ) & 0xFF ) ^ \
- AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^ \
- AES_FT3( ( (Y0) >> 24 ) & 0xFF ); \
- \
- (X2) = *RK++ ^ AES_FT0( ( (Y2) ) & 0xFF ) ^ \
- AES_FT1( ( (Y3) >> 8 ) & 0xFF ) ^ \
- AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^ \
- AES_FT3( ( (Y1) >> 24 ) & 0xFF ); \
- \
- (X3) = *RK++ ^ AES_FT0( ( (Y3) ) & 0xFF ) ^ \
- AES_FT1( ( (Y0) >> 8 ) & 0xFF ) ^ \
- AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^ \
- AES_FT3( ( (Y2) >> 24 ) & 0xFF ); \
+#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
+ do \
+ { \
+ (X0) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \
+ AES_FT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \
+ AES_FT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \
+ AES_FT3( MBEDTLS_BYTE_3( Y3 ) ); \
+ \
+ (X1) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \
+ AES_FT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \
+ AES_FT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \
+ AES_FT3( MBEDTLS_BYTE_3( Y0 ) ); \
+ \
+ (X2) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \
+ AES_FT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \
+ AES_FT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \
+ AES_FT3( MBEDTLS_BYTE_3( Y1 ) ); \
+ \
+ (X3) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \
+ AES_FT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \
+ AES_FT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \
+ AES_FT3( MBEDTLS_BYTE_3( Y2 ) ); \
} while( 0 )
#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
do \
{ \
- (X0) = *RK++ ^ AES_RT0( ( (Y0) ) & 0xFF ) ^ \
- AES_RT1( ( (Y3) >> 8 ) & 0xFF ) ^ \
- AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^ \
- AES_RT3( ( (Y1) >> 24 ) & 0xFF ); \
+ (X0) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \
+ AES_RT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \
+ AES_RT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \
+ AES_RT3( MBEDTLS_BYTE_3( Y1 ) ); \
\
- (X1) = *RK++ ^ AES_RT0( ( (Y1) ) & 0xFF ) ^ \
- AES_RT1( ( (Y0) >> 8 ) & 0xFF ) ^ \
- AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^ \
- AES_RT3( ( (Y2) >> 24 ) & 0xFF ); \
+ (X1) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \
+ AES_RT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \
+ AES_RT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \
+ AES_RT3( MBEDTLS_BYTE_3( Y2 ) ); \
\
- (X2) = *RK++ ^ AES_RT0( ( (Y2) ) & 0xFF ) ^ \
- AES_RT1( ( (Y1) >> 8 ) & 0xFF ) ^ \
- AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^ \
- AES_RT3( ( (Y3) >> 24 ) & 0xFF ); \
+ (X2) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \
+ AES_RT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \
+ AES_RT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \
+ AES_RT3( MBEDTLS_BYTE_3( Y3 ) ); \
\
- (X3) = *RK++ ^ AES_RT0( ( (Y3) ) & 0xFF ) ^ \
- AES_RT1( ( (Y2) >> 8 ) & 0xFF ) ^ \
- AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^ \
- AES_RT3( ( (Y0) >> 24 ) & 0xFF ); \
+ (X3) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \
+ AES_RT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \
+ AES_RT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \
+ AES_RT3( MBEDTLS_BYTE_3( Y0 ) ); \
} while( 0 )
/*
@@ -873,10 +850,10 @@
uint32_t Y[4];
} t;
- GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++;
- GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++;
- GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++;
- GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++;
+ t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++;
+ t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++;
+ t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++;
+ t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++;
for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
{
@@ -887,33 +864,33 @@
AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
t.X[0] = *RK++ ^ \
- ( (uint32_t) FSb[ ( t.Y[0] ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 );
t.X[1] = *RK++ ^ \
- ( (uint32_t) FSb[ ( t.Y[1] ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 );
t.X[2] = *RK++ ^ \
- ( (uint32_t) FSb[ ( t.Y[2] ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 );
t.X[3] = *RK++ ^ \
- ( (uint32_t) FSb[ ( t.Y[3] ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^
+ ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 );
- PUT_UINT32_LE( t.X[0], output, 0 );
- PUT_UINT32_LE( t.X[1], output, 4 );
- PUT_UINT32_LE( t.X[2], output, 8 );
- PUT_UINT32_LE( t.X[3], output, 12 );
+ MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 );
+ MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 );
+ MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 );
+ MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 );
mbedtls_platform_zeroize( &t, sizeof( t ) );
@@ -946,10 +923,10 @@
uint32_t Y[4];
} t;
- GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++;
- GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++;
- GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++;
- GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++;
+ t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++;
+ t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++;
+ t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++;
+ t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++;
for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
{
@@ -960,33 +937,33 @@
AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
t.X[0] = *RK++ ^ \
- ( (uint32_t) RSb[ ( t.Y[0] ) & 0xFF ] ) ^
- ( (uint32_t) RSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) RSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) RSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 );
t.X[1] = *RK++ ^ \
- ( (uint32_t) RSb[ ( t.Y[1] ) & 0xFF ] ) ^
- ( (uint32_t) RSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) RSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) RSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 );
t.X[2] = *RK++ ^ \
- ( (uint32_t) RSb[ ( t.Y[2] ) & 0xFF ] ) ^
- ( (uint32_t) RSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) RSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) RSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 );
t.X[3] = *RK++ ^ \
- ( (uint32_t) RSb[ ( t.Y[3] ) & 0xFF ] ) ^
- ( (uint32_t) RSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 );
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^
+ ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 );
- PUT_UINT32_LE( t.X[0], output, 0 );
- PUT_UINT32_LE( t.X[1], output, 4 );
- PUT_UINT32_LE( t.X[2], output, 8 );
- PUT_UINT32_LE( t.X[3], output, 12 );
+ MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 );
+ MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 );
+ MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 );
+ MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 );
mbedtls_platform_zeroize( &t, sizeof( t ) );
@@ -1115,35 +1092,6 @@
#if defined(MBEDTLS_CIPHER_MODE_XTS)
-/* Endianess with 64 bits values */
-#ifndef GET_UINT64_LE
-#define GET_UINT64_LE(n,b,i) \
-{ \
- (n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \
- | ( (uint64_t) (b)[(i) + 6] << 48 ) \
- | ( (uint64_t) (b)[(i) + 5] << 40 ) \
- | ( (uint64_t) (b)[(i) + 4] << 32 ) \
- | ( (uint64_t) (b)[(i) + 3] << 24 ) \
- | ( (uint64_t) (b)[(i) + 2] << 16 ) \
- | ( (uint64_t) (b)[(i) + 1] << 8 ) \
- | ( (uint64_t) (b)[(i) ] ); \
-}
-#endif
-
-#ifndef PUT_UINT64_LE
-#define PUT_UINT64_LE(n,b,i) \
-{ \
- (b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \
- (b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \
- (b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \
- (b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) ] = (unsigned char) ( (n) ); \
-}
-#endif
-
typedef unsigned char mbedtls_be128[16];
/*
@@ -1159,14 +1107,14 @@
{
uint64_t a, b, ra, rb;
- GET_UINT64_LE( a, x, 0 );
- GET_UINT64_LE( b, x, 8 );
+ a = MBEDTLS_GET_UINT64_LE( x, 0 );
+ b = MBEDTLS_GET_UINT64_LE( x, 8 );
ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) );
rb = ( a >> 63 ) | ( b << 1 );
- PUT_UINT64_LE( ra, r, 0 );
- PUT_UINT64_LE( rb, r, 8 );
+ MBEDTLS_PUT_UINT64_LE( ra, r, 0 );
+ MBEDTLS_PUT_UINT64_LE( rb, r, 8 );
}
/*
diff --git a/library/aria.c b/library/aria.c
index 1875635..bc05c4a 100644
--- a/library/aria.c
+++ b/library/aria.c
@@ -56,29 +56,6 @@
MBEDTLS_INTERNAL_VALIDATE( cond )
/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE( n, b, i ) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] ) \
- | ( (uint32_t) (b)[(i) + 1] << 8 ) \
- | ( (uint32_t) (b)[(i) + 2] << 16 ) \
- | ( (uint32_t) (b)[(i) + 3] << 24 ); \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE( n, b, i ) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
- (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
- (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
-}
-#endif
-
-/*
* modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes
*
* This is submatrix P1 in [1] Appendix B.1
@@ -235,22 +212,22 @@
const uint8_t sa[256], const uint8_t sb[256],
const uint8_t sc[256], const uint8_t sd[256] )
{
- *a = ( (uint32_t) sa[ *a & 0xFF] ) ^
- (((uint32_t) sb[(*a >> 8) & 0xFF]) << 8) ^
- (((uint32_t) sc[(*a >> 16) & 0xFF]) << 16) ^
- (((uint32_t) sd[ *a >> 24 ]) << 24);
- *b = ( (uint32_t) sa[ *b & 0xFF] ) ^
- (((uint32_t) sb[(*b >> 8) & 0xFF]) << 8) ^
- (((uint32_t) sc[(*b >> 16) & 0xFF]) << 16) ^
- (((uint32_t) sd[ *b >> 24 ]) << 24);
- *c = ( (uint32_t) sa[ *c & 0xFF] ) ^
- (((uint32_t) sb[(*c >> 8) & 0xFF]) << 8) ^
- (((uint32_t) sc[(*c >> 16) & 0xFF]) << 16) ^
- (((uint32_t) sd[ *c >> 24 ]) << 24);
- *d = ( (uint32_t) sa[ *d & 0xFF] ) ^
- (((uint32_t) sb[(*d >> 8) & 0xFF]) << 8) ^
- (((uint32_t) sc[(*d >> 16) & 0xFF]) << 16) ^
- (((uint32_t) sd[ *d >> 24 ]) << 24);
+ *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^
+ (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^
+ (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^
+ (((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24);
+ *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^
+ (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^
+ (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^
+ (((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24);
+ *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^
+ (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^
+ (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^
+ (((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24);
+ *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^
+ (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^
+ (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^
+ (((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24);
}
/*
@@ -408,7 +385,8 @@
* Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup.
*
* We chose to store bytes into 32-bit words in little-endian format (see
- * GET/PUT_UINT32_LE) so we need to reverse bytes here.
+ * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse
+ * bytes here.
*/
static void aria_rot128( uint32_t r[4], const uint32_t a[4],
const uint32_t b[4], uint8_t n )
@@ -456,21 +434,21 @@
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
/* Copy key to W0 (and potential remainder to W1) */
- GET_UINT32_LE( w[0][0], key, 0 );
- GET_UINT32_LE( w[0][1], key, 4 );
- GET_UINT32_LE( w[0][2], key, 8 );
- GET_UINT32_LE( w[0][3], key, 12 );
+ w[0][0] = MBEDTLS_GET_UINT32_LE( key, 0 );
+ w[0][1] = MBEDTLS_GET_UINT32_LE( key, 4 );
+ w[0][2] = MBEDTLS_GET_UINT32_LE( key, 8 );
+ w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 );
memset( w[1], 0, 16 );
if( keybits >= 192 )
{
- GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key
- GET_UINT32_LE( w[1][1], key, 20 );
+ w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 ); // 192 bit key
+ w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 );
}
if( keybits == 256 )
{
- GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key
- GET_UINT32_LE( w[1][3], key, 28 );
+ w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 ); // 256 bit key
+ w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 );
}
i = ( keybits - 128 ) >> 6; // index: 0, 1, 2
@@ -547,10 +525,10 @@
ARIA_VALIDATE_RET( input != NULL );
ARIA_VALIDATE_RET( output != NULL );
- GET_UINT32_LE( a, input, 0 );
- GET_UINT32_LE( b, input, 4 );
- GET_UINT32_LE( c, input, 8 );
- GET_UINT32_LE( d, input, 12 );
+ a = MBEDTLS_GET_UINT32_LE( input, 0 );
+ b = MBEDTLS_GET_UINT32_LE( input, 4 );
+ c = MBEDTLS_GET_UINT32_LE( input, 8 );
+ d = MBEDTLS_GET_UINT32_LE( input, 12 );
i = 0;
while( 1 )
@@ -582,10 +560,10 @@
c ^= ctx->rk[i][2];
d ^= ctx->rk[i][3];
- PUT_UINT32_LE( a, output, 0 );
- PUT_UINT32_LE( b, output, 4 );
- PUT_UINT32_LE( c, output, 8 );
- PUT_UINT32_LE( d, output, 12 );
+ MBEDTLS_PUT_UINT32_LE( a, output, 0 );
+ MBEDTLS_PUT_UINT32_LE( b, output, 4 );
+ MBEDTLS_PUT_UINT32_LE( c, output, 8 );
+ MBEDTLS_PUT_UINT32_LE( d, output, 12 );
return( 0 );
}
@@ -921,7 +899,7 @@
{ \
if( verbose ) \
mbedtls_printf( "failed\n" ); \
- return( 1 ); \
+ goto exit; \
} else { \
if( verbose ) \
mbedtls_printf( "passed\n" ); \
@@ -935,6 +913,7 @@
int i;
uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE];
mbedtls_aria_context ctx;
+ int ret = 1;
#if (defined(MBEDTLS_CIPHER_MODE_CFB) || defined(MBEDTLS_CIPHER_MODE_CTR))
size_t j;
@@ -946,6 +925,8 @@
uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE];
#endif
+ mbedtls_aria_init( &ctx );
+
/*
* Test set 1
*/
@@ -1065,7 +1046,11 @@
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
- return( 0 );
+ ret = 0;
+
+exit:
+ mbedtls_aria_free( &ctx );
+ return( ret );
}
#endif /* MBEDTLS_SELF_TEST */
diff --git a/library/asn1write.c b/library/asn1write.c
index deb1a2f..3811ef2 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -60,8 +60,8 @@
if( *p - start < 3 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
- *--(*p) = ( len ) & 0xFF;
- *--(*p) = ( len >> 8 ) & 0xFF;
+ *--(*p) = MBEDTLS_BYTE_0( len );
+ *--(*p) = MBEDTLS_BYTE_1( len );
*--(*p) = 0x82;
return( 3 );
}
@@ -71,9 +71,9 @@
if( *p - start < 4 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
- *--(*p) = ( len ) & 0xFF;
- *--(*p) = ( len >> 8 ) & 0xFF;
- *--(*p) = ( len >> 16 ) & 0xFF;
+ *--(*p) = MBEDTLS_BYTE_0( len );
+ *--(*p) = MBEDTLS_BYTE_1( len );
+ *--(*p) = MBEDTLS_BYTE_2( len );
*--(*p) = 0x83;
return( 4 );
}
@@ -85,10 +85,10 @@
if( *p - start < 5 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
- *--(*p) = ( len ) & 0xFF;
- *--(*p) = ( len >> 8 ) & 0xFF;
- *--(*p) = ( len >> 16 ) & 0xFF;
- *--(*p) = ( len >> 24 ) & 0xFF;
+ *--(*p) = MBEDTLS_BYTE_0( len );
+ *--(*p) = MBEDTLS_BYTE_1( len );
+ *--(*p) = MBEDTLS_BYTE_2( len );
+ *--(*p) = MBEDTLS_BYTE_3( len );
*--(*p) = 0x84;
return( 5 );
}
diff --git a/library/base64.c b/library/base64.c
index d39474a..9cf5dd4 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -66,6 +66,99 @@
#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
/*
+ * Constant flow conditional assignment to unsigned char
+ */
+static void mbedtls_base64_cond_assign_uchar( unsigned char * dest, const unsigned char * const src,
+ unsigned char condition )
+{
+ /* MSVC has a warning about unary minus on unsigned integer types,
+ * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
+ /* Generate bitmask from condition, mask will either be 0xFF or 0 */
+ unsigned char mask = ( condition | -condition );
+ mask >>= 7;
+ mask = -mask;
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+ *dest = ( ( *src ) & mask ) | ( ( *dest ) & ~mask );
+}
+
+/*
+ * Constant flow conditional assignment to uint_32
+ */
+static void mbedtls_base64_cond_assign_uint32( uint32_t * dest, const uint32_t src,
+ uint32_t condition )
+{
+ /* MSVC has a warning about unary minus on unsigned integer types,
+ * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
+ /* Generate bitmask from condition, mask will either be 0xFFFFFFFF or 0 */
+ uint32_t mask = ( condition | -condition );
+ mask >>= 31;
+ mask = -mask;
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+ *dest = ( src & mask ) | ( ( *dest ) & ~mask );
+}
+
+/*
+ * Constant flow check for equality
+ */
+static unsigned char mbedtls_base64_eq( size_t in_a, size_t in_b )
+{
+ size_t difference = in_a ^ in_b;
+
+ /* MSVC has a warning about unary minus on unsigned integer types,
+ * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
+ difference |= -difference;
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+ /* cope with the varying size of size_t per platform */
+ difference >>= ( sizeof( difference ) * 8 - 1 );
+
+ return (unsigned char) ( 1 ^ difference );
+}
+
+/*
+ * Constant flow lookup into table.
+ */
+static unsigned char mbedtls_base64_table_lookup( const unsigned char * const table,
+ const size_t table_size, const size_t table_index )
+{
+ size_t i;
+ unsigned char result = 0;
+
+ for( i = 0; i < table_size; ++i )
+ {
+ mbedtls_base64_cond_assign_uchar( &result, &table[i], mbedtls_base64_eq( i, table_index ) );
+ }
+
+ return result;
+}
+
+/*
* Encode a buffer into base64 format
*/
int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
@@ -105,10 +198,17 @@
C2 = *src++;
C3 = *src++;
- *p++ = base64_enc_map[(C1 >> 2) & 0x3F];
- *p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
- *p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F];
- *p++ = base64_enc_map[C3 & 0x3F];
+ *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
+ ( ( C1 >> 2 ) & 0x3F ) );
+
+ *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
+ ( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ) );
+
+ *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
+ ( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) & 0x3F ) );
+
+ *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
+ ( C3 & 0x3F ) );
}
if( i < slen )
@@ -116,11 +216,15 @@
C1 = *src++;
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
- *p++ = base64_enc_map[(C1 >> 2) & 0x3F];
- *p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
+ *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
+ ( ( C1 >> 2 ) & 0x3F ) );
+
+ *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
+ ( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ) );
if( ( i + 1 ) < slen )
- *p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F];
+ *p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
+ ( ( ( C2 & 15 ) << 2 ) & 0x3F ) );
else *p++ = '=';
*p++ = '=';
@@ -141,6 +245,7 @@
size_t i, n;
uint32_t j, x;
unsigned char *p;
+ unsigned char dec_map_lookup;
/* First pass: check for validity and get output length */
for( i = n = j = 0; i < slen; i++ )
@@ -171,10 +276,12 @@
if( src[i] == '=' && ++j > 2 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
- if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
+ dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), src[i] );
+
+ if( src[i] > 127 || dec_map_lookup == 127 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
- if( base64_dec_map[src[i]] < 64 && j != 0 )
+ if( dec_map_lookup < 64 && j != 0 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
n++;
@@ -204,15 +311,17 @@
if( *src == '\r' || *src == '\n' || *src == ' ' )
continue;
- j -= ( base64_dec_map[*src] == 64 );
- x = ( x << 6 ) | ( base64_dec_map[*src] & 0x3F );
+ dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), *src );
+
+ mbedtls_base64_cond_assign_uint32( &j, j - 1, mbedtls_base64_eq( dec_map_lookup, 64 ) );
+ x = ( x << 6 ) | ( dec_map_lookup & 0x3F );
if( ++n == 4 )
{
n = 0;
- if( j > 0 ) *p++ = (unsigned char)( x >> 16 );
- if( j > 1 ) *p++ = (unsigned char)( x >> 8 );
- if( j > 2 ) *p++ = (unsigned char)( x );
+ if( j > 0 ) *p++ = MBEDTLS_BYTE_2( x );
+ if( j > 1 ) *p++ = MBEDTLS_BYTE_1( x );
+ if( j > 2 ) *p++ = MBEDTLS_BYTE_0( x );
}
}
diff --git a/library/bignum.c b/library/bignum.c
index af9a399..3643326 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -181,8 +181,35 @@
return( 0 );
}
+/* Resize X to have exactly n limbs and set it to 0. */
+static int mbedtls_mpi_resize_clear( mbedtls_mpi *X, size_t limbs )
+{
+ if( limbs == 0 )
+ {
+ mbedtls_mpi_free( X );
+ return( 0 );
+ }
+ else if( X->n == limbs )
+ {
+ memset( X->p, 0, limbs * ciL );
+ X->s = 1;
+ return( 0 );
+ }
+ else
+ {
+ mbedtls_mpi_free( X );
+ return( mbedtls_mpi_grow( X, limbs ) );
+ }
+}
+
/*
- * Copy the contents of Y into X
+ * Copy the contents of Y into X.
+ *
+ * This function is not constant-time. Leading zeros in Y may be removed.
+ *
+ * Ensure that X does not shrink. This is not guaranteed by the public API,
+ * but some code in the bignum module relies on this property, for example
+ * in mbedtls_mpi_exp_mod().
*/
int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y )
{
@@ -196,7 +223,11 @@
if( Y->n == 0 )
{
- mbedtls_mpi_free( X );
+ if( X->n != 0 )
+ {
+ X->s = 1;
+ memset( X->p, 0, X->n * ciL );
+ }
return( 0 );
}
@@ -237,6 +268,36 @@
memcpy( Y, &T, sizeof( mbedtls_mpi ) );
}
+/**
+ * Select between two sign values in constant-time.
+ *
+ * This is functionally equivalent to second ? a : b but uses only bit
+ * operations in order to avoid branches.
+ *
+ * \param[in] a The first sign; must be either +1 or -1.
+ * \param[in] b The second sign; must be either +1 or -1.
+ * \param[in] second Must be either 1 (return b) or 0 (return a).
+ *
+ * \return The selected sign value.
+ */
+static int mpi_safe_cond_select_sign( int a, int b, unsigned char second )
+{
+ /* In order to avoid questions about what we can reasonnably assume about
+ * the representations of signed integers, move everything to unsigned
+ * by taking advantage of the fact that a and b are either +1 or -1. */
+ unsigned ua = a + 1;
+ unsigned ub = b + 1;
+
+ /* second was 0 or 1, mask is 0 or 2 as are ua and ub */
+ const unsigned mask = second << 1;
+
+ /* select ua or ub */
+ unsigned ur = ( ua & ~mask ) | ( ub & mask );
+
+ /* ur is now 0 or 2, convert back to -1 or +1 */
+ return( (int) ur - 1 );
+}
+
/*
* Conditionally assign dest = src, without leaking information
* about whether the assignment was made or not.
@@ -249,8 +310,23 @@
unsigned char assign )
{
size_t i;
+
+ /* MSVC has a warning about unary minus on unsigned integer types,
+ * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
+ /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */
+ const mbedtls_mpi_uint mask = -assign;
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
for( i = 0; i < n; i++ )
- dest[i] = dest[i] * ( 1 - assign ) + src[i] * assign;
+ dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask );
}
/*
@@ -262,20 +338,34 @@
{
int ret = 0;
size_t i;
+ mbedtls_mpi_uint limb_mask;
MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( Y != NULL );
+ /* MSVC has a warning about unary minus on unsigned integer types,
+ * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
/* make sure assign is 0 or 1 in a time-constant manner */
- assign = (assign | (unsigned char)-assign) >> 7;
+ assign = (assign | (unsigned char)-assign) >> (sizeof( assign ) * 8 - 1);
+ /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */
+ limb_mask = -assign;
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) );
- X->s = X->s * ( 1 - assign ) + Y->s * assign;
+ X->s = mpi_safe_cond_select_sign( X->s, Y->s, assign );
mpi_safe_cond_assign( Y->n, X->p, Y->p, assign );
for( i = Y->n; i < X->n; i++ )
- X->p[i] *= ( 1 - assign );
+ X->p[i] &= ~limb_mask;
cleanup:
return( ret );
@@ -291,6 +381,7 @@
{
int ret, s;
size_t i;
+ mbedtls_mpi_uint limb_mask;
mbedtls_mpi_uint tmp;
MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( Y != NULL );
@@ -298,22 +389,35 @@
if( X == Y )
return( 0 );
+ /* MSVC has a warning about unary minus on unsigned integer types,
+ * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
/* make sure swap is 0 or 1 in a time-constant manner */
- swap = (swap | (unsigned char)-swap) >> 7;
+ swap = (swap | (unsigned char)-swap) >> (sizeof( swap ) * 8 - 1);
+ /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */
+ limb_mask = -swap;
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) );
s = X->s;
- X->s = X->s * ( 1 - swap ) + Y->s * swap;
- Y->s = Y->s * ( 1 - swap ) + s * swap;
+ X->s = mpi_safe_cond_select_sign( X->s, Y->s, swap );
+ Y->s = mpi_safe_cond_select_sign( Y->s, s, swap );
for( i = 0; i < X->n; i++ )
{
tmp = X->p[i];
- X->p[i] = X->p[i] * ( 1 - swap ) + Y->p[i] * swap;
- Y->p[i] = Y->p[i] * ( 1 - swap ) + tmp * swap;
+ X->p[i] = ( X->p[i] & ~limb_mask ) | ( Y->p[i] & limb_mask );
+ Y->p[i] = ( Y->p[i] & ~limb_mask ) | ( tmp & limb_mask );
}
cleanup:
@@ -470,6 +574,7 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t i, j, slen, n;
+ int sign = 1;
mbedtls_mpi_uint d;
mbedtls_mpi T;
MPI_VALIDATE_RET( X != NULL );
@@ -480,6 +585,18 @@
mbedtls_mpi_init( &T );
+ if( s[0] == 0 )
+ {
+ mbedtls_mpi_free( X );
+ return( 0 );
+ }
+
+ if( s[0] == '-' )
+ {
+ ++s;
+ sign = -1;
+ }
+
slen = strlen( s );
if( radix == 16 )
@@ -494,12 +611,6 @@
for( i = slen, j = 0; i > 0; i--, j++ )
{
- if( i == 1 && s[i - 1] == '-' )
- {
- X->s = -1;
- break;
- }
-
MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) );
X->p[j / ( 2 * ciL )] |= d << ( ( j % ( 2 * ciL ) ) << 2 );
}
@@ -510,26 +621,15 @@
for( i = 0; i < slen; i++ )
{
- if( i == 0 && s[i] == '-' )
- {
- X->s = -1;
- continue;
- }
-
MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i] ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T, X, radix ) );
-
- if( X->s == 1 )
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, &T, d ) );
- }
- else
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( X, &T, d ) );
- }
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, &T, d ) );
}
}
+ if( sign < 0 && mbedtls_mpi_bitlen( X ) != 0 )
+ X->s = -1;
+
cleanup:
mbedtls_mpi_free( &T );
@@ -848,14 +948,7 @@
size_t const limbs = CHARS_TO_LIMBS( buflen );
/* Ensure that target MPI has exactly the necessary number of limbs */
- if( X->n != limbs )
- {
- mbedtls_mpi_free( X );
- mbedtls_mpi_init( X );
- MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
- }
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) );
for( i = 0; i < buflen; i++ )
X->p[i / ciL] |= ((mbedtls_mpi_uint) buf[i]) << ((i % ciL) << 3);
@@ -884,17 +977,11 @@
MPI_VALIDATE_RET( buflen == 0 || buf != NULL );
/* Ensure that target MPI has exactly the necessary number of limbs */
- if( X->n != limbs )
- {
- mbedtls_mpi_free( X );
- mbedtls_mpi_init( X );
- MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
- }
- MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) );
- /* Avoid calling `memcpy` with NULL source argument,
+ /* Avoid calling `memcpy` with NULL source or destination argument,
* even if buflen is 0. */
- if( buf != NULL )
+ if( buflen != 0 )
{
Xp = (unsigned char*) X->p;
memcpy( Xp + overhead, buf, buflen );
@@ -1385,6 +1472,12 @@
for( n = B->n; n > 0; n-- )
if( B->p[n - 1] != 0 )
break;
+ if( n > A->n )
+ {
+ /* B >= (2^ciL)^n > A */
+ ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE;
+ goto cleanup;
+ }
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, A->n ) );
@@ -1494,17 +1587,17 @@
*/
int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b )
{
- mbedtls_mpi _B;
+ mbedtls_mpi B;
mbedtls_mpi_uint p[1];
MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( A != NULL );
p[0] = ( b < 0 ) ? -b : b;
- _B.s = ( b < 0 ) ? -1 : 1;
- _B.n = 1;
- _B.p = p;
+ B.s = ( b < 0 ) ? -1 : 1;
+ B.n = 1;
+ B.p = p;
- return( mbedtls_mpi_add_mpi( X, A, &_B ) );
+ return( mbedtls_mpi_add_mpi( X, A, &B ) );
}
/*
@@ -1512,17 +1605,17 @@
*/
int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b )
{
- mbedtls_mpi _B;
+ mbedtls_mpi B;
mbedtls_mpi_uint p[1];
MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( A != NULL );
p[0] = ( b < 0 ) ? -b : b;
- _B.s = ( b < 0 ) ? -1 : 1;
- _B.n = 1;
- _B.p = p;
+ B.s = ( b < 0 ) ? -1 : 1;
+ B.n = 1;
+ B.p = p;
- return( mbedtls_mpi_sub_mpi( X, A, &_B ) );
+ return( mbedtls_mpi_sub_mpi( X, A, &B ) );
}
/** Helper for mbedtls_mpi multiplication.
@@ -1621,6 +1714,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t i, j;
mbedtls_mpi TA, TB;
+ int result_is_zero = 0;
MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( A != NULL );
MPI_VALIDATE_RET( B != NULL );
@@ -1633,10 +1727,14 @@
for( i = A->n; i > 0; i-- )
if( A->p[i - 1] != 0 )
break;
+ if( i == 0 )
+ result_is_zero = 1;
for( j = B->n; j > 0; j-- )
if( B->p[j - 1] != 0 )
break;
+ if( j == 0 )
+ result_is_zero = 1;
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
@@ -1644,7 +1742,14 @@
for( ; j > 0; j-- )
mpi_mul_hlp( i, A->p, X->p + j - 1, B->p[j - 1] );
- X->s = A->s * B->s;
+ /* If the result is 0, we don't shortcut the operation, which reduces
+ * but does not eliminate side channels leaking the zero-ness. We do
+ * need to take care to set the sign bit properly since the library does
+ * not fully support an MPI object with a value of 0 and s == -1. */
+ if( result_is_zero )
+ X->s = 1;
+ else
+ X->s = A->s * B->s;
cleanup:
@@ -1670,12 +1775,19 @@
* calculating the result is trivial in those cases. */
if( b == 0 || n == 0 )
{
- mbedtls_mpi_lset( X, 0 );
- return( 0 );
+ return( mbedtls_mpi_lset( X, 0 ) );
}
- /* Calculate X*b as A + A*(b-1) to take advantage of mpi_mul_hlp */
+ /* Calculate A*b as A + A*(b-1) to take advantage of mpi_mul_hlp */
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ /* In general, A * b requires 1 limb more than b. If
+ * A->p[n - 1] * b / b == A->p[n - 1], then A * b fits in the same
+ * number of limbs as A and the call to grow() is not required since
+ * copy() will take care of the growth if needed. However, experimentally,
+ * making the call to grow() unconditional causes slightly fewer
+ * calls to calloc() in ECP code, presumably because it reuses the
+ * same mpi for a while and this way the mpi is more likely to directly
+ * grow to its final size. */
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, n + 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) );
mpi_mul_hlp( n, A->p, X->p, b - 1 );
@@ -1822,7 +1934,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Z, A->n + 2 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Z, 0 ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T1, 2 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T1, A->n + 2 ) );
k = mbedtls_mpi_bitlen( &Y ) % biL;
if( k < biL - 1 )
@@ -1915,16 +2027,16 @@
const mbedtls_mpi *A,
mbedtls_mpi_sint b )
{
- mbedtls_mpi _B;
+ mbedtls_mpi B;
mbedtls_mpi_uint p[1];
MPI_VALIDATE_RET( A != NULL );
p[0] = ( b < 0 ) ? -b : b;
- _B.s = ( b < 0 ) ? -1 : 1;
- _B.n = 1;
- _B.p = p;
+ B.s = ( b < 0 ) ? -1 : 1;
+ B.n = 1;
+ B.p = p;
- return( mbedtls_mpi_div_mpi( Q, R, A, &_B ) );
+ return( mbedtls_mpi_div_mpi( Q, R, A, &B ) );
}
/*
@@ -2116,18 +2228,83 @@
}
/*
+ * Constant-flow boolean "equal" comparison:
+ * return x == y
+ *
+ * This function can be used to write constant-time code by replacing branches
+ * with bit operations - it can be used in conjunction with
+ * mbedtls_ssl_cf_mask_from_bit().
+ *
+ * This function is implemented without using comparison operators, as those
+ * might be translated to branches by some compilers on some platforms.
+ */
+static size_t mbedtls_mpi_cf_bool_eq( size_t x, size_t y )
+{
+ /* diff = 0 if x == y, non-zero otherwise */
+ const size_t diff = x ^ y;
+
+ /* MSVC has a warning about unary minus on unsigned integer types,
+ * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
+ /* diff_msb's most significant bit is equal to x != y */
+ const size_t diff_msb = ( diff | (size_t) -diff );
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+ /* diff1 = (x != y) ? 1 : 0 */
+ const size_t diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 );
+
+ return( 1 ^ diff1 );
+}
+
+/**
+ * Select an MPI from a table without leaking the index.
+ *
+ * This is functionally equivalent to mbedtls_mpi_copy(R, T[idx]) except it
+ * reads the entire table in order to avoid leaking the value of idx to an
+ * attacker able to observe memory access patterns.
+ *
+ * \param[out] R Where to write the selected MPI.
+ * \param[in] T The table to read from.
+ * \param[in] T_size The number of elements in the table.
+ * \param[in] idx The index of the element to select;
+ * this must satisfy 0 <= idx < T_size.
+ *
+ * \return \c 0 on success, or a negative error code.
+ */
+static int mpi_select( mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_t idx )
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ for( size_t i = 0; i < T_size; i++ )
+ {
+ MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( R, &T[i],
+ (unsigned char) mbedtls_mpi_cf_bool_eq( i, idx ) ) );
+ }
+
+cleanup:
+ return( ret );
+}
+
+/*
* Sliding-window exponentiation: X = A^E mod N (HAC 14.85)
*/
int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *E, const mbedtls_mpi *N,
- mbedtls_mpi *_RR )
+ mbedtls_mpi *prec_RR )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t wbits, wsize, one = 1;
size_t i, j, nblimbs;
size_t bufsize, nbits;
mbedtls_mpi_uint ei, mm, state;
- mbedtls_mpi RR, T, W[ 1 << MBEDTLS_MPI_WINDOW_SIZE ], Apos;
+ mbedtls_mpi RR, T, W[ 1 << MBEDTLS_MPI_WINDOW_SIZE ], WW, Apos;
int neg;
MPI_VALIDATE_RET( X != NULL );
@@ -2141,12 +2318,17 @@
if( mbedtls_mpi_cmp_int( E, 0 ) < 0 )
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+ if( mbedtls_mpi_bitlen( E ) > MBEDTLS_MPI_MAX_BITS ||
+ mbedtls_mpi_bitlen( N ) > MBEDTLS_MPI_MAX_BITS )
+ return ( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
/*
* Init temps and window size
*/
mpi_montg_init( &mm, N );
mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T );
mbedtls_mpi_init( &Apos );
+ mbedtls_mpi_init( &WW );
memset( W, 0, sizeof( W ) );
i = mbedtls_mpi_bitlen( E );
@@ -2160,6 +2342,11 @@
#endif
j = N->n + 1;
+ /* All W[i] and X must have at least N->n limbs for the mpi_montmul()
+ * and mpi_montred() calls later. Here we ensure that W[1] and X are
+ * large enough, and later we'll grow other W[i] to the same length.
+ * They must not be shrunk midway through this function!
+ */
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) );
@@ -2178,26 +2365,34 @@
/*
* If 1st call, pre-compute R^2 mod N
*/
- if( _RR == NULL || _RR->p == NULL )
+ if( prec_RR == NULL || prec_RR->p == NULL )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) );
- if( _RR != NULL )
- memcpy( _RR, &RR, sizeof( mbedtls_mpi ) );
+ if( prec_RR != NULL )
+ memcpy( prec_RR, &RR, sizeof( mbedtls_mpi ) );
}
else
- memcpy( &RR, _RR, sizeof( mbedtls_mpi ) );
+ memcpy( &RR, prec_RR, sizeof( mbedtls_mpi ) );
/*
* W[1] = A * R^2 * R^-1 mod N = A * R mod N
*/
if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 )
+ {
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) );
+ /* This should be a no-op because W[1] is already that large before
+ * mbedtls_mpi_mod_mpi(), but it's necessary to avoid an overflow
+ * in mpi_montmul() below, so let's make sure. */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], N->n + 1 ) );
+ }
else
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) );
+ /* Note that this is safe because W[1] always has at least N->n limbs
+ * (it grew above and was preserved by mbedtls_mpi_copy()). */
mpi_montmul( &W[1], &RR, N, mm, &T );
/*
@@ -2287,7 +2482,8 @@
/*
* X = X * W[wbits] R^-1 mod N
*/
- mpi_montmul( X, &W[wbits], N, mm, &T );
+ MBEDTLS_MPI_CHK( mpi_select( &WW, W, (size_t) 1 << wsize, wbits ) );
+ mpi_montmul( X, &WW, N, mm, &T );
state--;
nbits = 0;
@@ -2325,8 +2521,9 @@
mbedtls_mpi_free( &W[i] );
mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos );
+ mbedtls_mpi_free( &WW );
- if( _RR == NULL || _RR->p == NULL )
+ if( prec_RR == NULL || prec_RR->p == NULL )
mbedtls_mpi_free( &RR );
return( ret );
@@ -2353,19 +2550,67 @@
lz = mbedtls_mpi_lsb( &TA );
lzt = mbedtls_mpi_lsb( &TB );
+ /* The loop below gives the correct result when A==0 but not when B==0.
+ * So have a special case for B==0. Leverage the fact that we just
+ * calculated the lsb and lsb(B)==0 iff B is odd or 0 to make the test
+ * slightly more efficient than cmp_int(). */
+ if( lzt == 0 && mbedtls_mpi_get_bit( &TB, 0 ) == 0 )
+ {
+ ret = mbedtls_mpi_copy( G, A );
+ goto cleanup;
+ }
+
if( lzt < lz )
lz = lzt;
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, lz ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, lz ) );
-
TA.s = TB.s = 1;
+ /* We mostly follow the procedure described in HAC 14.54, but with some
+ * minor differences:
+ * - Sequences of multiplications or divisions by 2 are grouped into a
+ * single shift operation.
+ * - The procedure in HAC assumes that 0 < TB <= TA.
+ * - The condition TB <= TA is not actually necessary for correctness.
+ * TA and TB have symmetric roles except for the loop termination
+ * condition, and the shifts at the beginning of the loop body
+ * remove any significance from the ordering of TA vs TB before
+ * the shifts.
+ * - If TA = 0, the loop goes through 0 iterations and the result is
+ * correctly TB.
+ * - The case TB = 0 was short-circuited above.
+ *
+ * For the correctness proof below, decompose the original values of
+ * A and B as
+ * A = sa * 2^a * A' with A'=0 or A' odd, and sa = +-1
+ * B = sb * 2^b * B' with B'=0 or B' odd, and sb = +-1
+ * Then gcd(A, B) = 2^{min(a,b)} * gcd(A',B'),
+ * and gcd(A',B') is odd or 0.
+ *
+ * At the beginning, we have TA = |A| and TB = |B| so gcd(A,B) = gcd(TA,TB).
+ * The code maintains the following invariant:
+ * gcd(A,B) = 2^k * gcd(TA,TB) for some k (I)
+ */
+
+ /* Proof that the loop terminates:
+ * At each iteration, either the right-shift by 1 is made on a nonzero
+ * value and the nonnegative integer bitlen(TA) + bitlen(TB) decreases
+ * by at least 1, or the right-shift by 1 is made on zero and then
+ * TA becomes 0 which ends the loop (TB cannot be 0 if it is right-shifted
+ * since in that case TB is calculated from TB-TA with the condition TB>TA).
+ */
while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 )
{
+ /* Divisions by 2 preserve the invariant (I). */
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) );
+ /* Set either TA or TB to |TA-TB|/2. Since TA and TB are both odd,
+ * TA-TB is even so the division by 2 has an integer result.
+ * Invariant (I) is preserved since any odd divisor of both TA and TB
+ * also divides |TA-TB|/2, and any odd divisor of both TA and |TA-TB|/2
+ * also divides TB, and any odd divisior of both TB and |TA-TB|/2 also
+ * divides TA.
+ */
if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) );
@@ -2376,8 +2621,18 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) );
}
+ /* Note that one of TA or TB is still odd. */
}
+ /* By invariant (I), gcd(A,B) = 2^k * gcd(TA,TB) for some k.
+ * At the loop exit, TA = 0, so gcd(TA,TB) = TB.
+ * - If there was at least one loop iteration, then one of TA or TB is odd,
+ * and TA = 0, so TB is odd and gcd(TA,TB) = gcd(A',B'). In this case,
+ * lz = min(a,b) so gcd(A,B) = 2^lz * TB.
+ * - If there was no loop iteration, then A was 0, and gcd(A,B) = B.
+ * In this case, lz = 0 and B = TB so gcd(A,B) = B = 2^lz * TB as well.
+ */
+
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) );
@@ -2388,6 +2643,33 @@
return( ret );
}
+/* Fill X with n_bytes random bytes.
+ * X must already have room for those bytes.
+ * The ordering of the bytes returned from the RNG is suitable for
+ * deterministic ECDSA (see RFC 6979 §3.3 and mbedtls_mpi_random()).
+ * The size and sign of X are unchanged.
+ * n_bytes must not be 0.
+ */
+static int mpi_fill_random_internal(
+ mbedtls_mpi *X, size_t n_bytes,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ const size_t limbs = CHARS_TO_LIMBS( n_bytes );
+ const size_t overhead = ( limbs * ciL ) - n_bytes;
+
+ if( X->n < limbs )
+ return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+ memset( X->p, 0, overhead );
+ memset( (unsigned char *) X->p + limbs * ciL, 0, ( X->n - limbs ) * ciL );
+ MBEDTLS_MPI_CHK( f_rng( p_rng, (unsigned char *) X->p + overhead, n_bytes ) );
+ mpi_bigendian_to_host( X->p, limbs );
+
+cleanup:
+ return( ret );
+}
+
/*
* Fill X with size bytes of random.
*
@@ -2401,30 +2683,96 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t const limbs = CHARS_TO_LIMBS( size );
- size_t const overhead = ( limbs * ciL ) - size;
- unsigned char *Xp;
MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( f_rng != NULL );
/* Ensure that target MPI has exactly the necessary number of limbs */
- if( X->n != limbs )
- {
- mbedtls_mpi_free( X );
- mbedtls_mpi_init( X );
- MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
- }
- MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) );
+ if( size == 0 )
+ return( 0 );
- Xp = (unsigned char*) X->p;
- f_rng( p_rng, Xp + overhead, size );
-
- mpi_bigendian_to_host( X->p, limbs );
+ ret = mpi_fill_random_internal( X, size, f_rng, p_rng );
cleanup:
return( ret );
}
+int mbedtls_mpi_random( mbedtls_mpi *X,
+ mbedtls_mpi_sint min,
+ const mbedtls_mpi *N,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
+{
+ int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+ int count;
+ unsigned lt_lower = 1, lt_upper = 0;
+ size_t n_bits = mbedtls_mpi_bitlen( N );
+ size_t n_bytes = ( n_bits + 7 ) / 8;
+ mbedtls_mpi lower_bound;
+
+ if( min < 0 )
+ return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+ if( mbedtls_mpi_cmp_int( N, min ) <= 0 )
+ return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+ /*
+ * When min == 0, each try has at worst a probability 1/2 of failing
+ * (the msb has a probability 1/2 of being 0, and then the result will
+ * be < N), so after 30 tries failure probability is a most 2**(-30).
+ *
+ * When N is just below a power of 2, as is the case when generating
+ * a random scalar on most elliptic curves, 1 try is enough with
+ * overwhelming probability. When N is just above a power of 2,
+ * as when generating a random scalar on secp224k1, each try has
+ * a probability of failing that is almost 1/2.
+ *
+ * The probabilities are almost the same if min is nonzero but negligible
+ * compared to N. This is always the case when N is crypto-sized, but
+ * it's convenient to support small N for testing purposes. When N
+ * is small, use a higher repeat count, otherwise the probability of
+ * failure is macroscopic.
+ */
+ count = ( n_bytes > 4 ? 30 : 250 );
+
+ mbedtls_mpi_init( &lower_bound );
+
+ /* Ensure that target MPI has exactly the same number of limbs
+ * as the upper bound, even if the upper bound has leading zeros.
+ * This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, N->n ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &lower_bound, N->n ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &lower_bound, min ) );
+
+ /*
+ * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA)
+ * when f_rng is a suitably parametrized instance of HMAC_DRBG:
+ * - use the same byte ordering;
+ * - keep the leftmost n_bits bits of the generated octet string;
+ * - try until result is in the desired range.
+ * This also avoids any bias, which is especially important for ECDSA.
+ */
+ do
+ {
+ MBEDTLS_MPI_CHK( mpi_fill_random_internal( X, n_bytes, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, 8 * n_bytes - n_bits ) );
+
+ if( --count == 0 )
+ {
+ ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+ goto cleanup;
+ }
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, &lower_bound, <_lower ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, N, <_upper ) );
+ }
+ while( lt_lower != 0 || lt_upper == 0 );
+
+cleanup:
+ mbedtls_mpi_free( &lower_bound );
+ return( ret );
+}
+
/*
* Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64)
*/
diff --git a/library/blowfish.c b/library/blowfish.c
index 76da448..621e9f7 100644
--- a/library/blowfish.c
+++ b/library/blowfish.c
@@ -40,29 +40,6 @@
#define BLOWFISH_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
@@ -79,13 +56,13 @@
unsigned short a, b, c, d;
uint32_t y;
- d = (unsigned short)(x & 0xFF);
+ d = MBEDTLS_BYTE_0( x );
x >>= 8;
- c = (unsigned short)(x & 0xFF);
+ c = MBEDTLS_BYTE_0( x );
x >>= 8;
- b = (unsigned short)(x & 0xFF);
+ b = MBEDTLS_BYTE_0( x );
x >>= 8;
- a = (unsigned short)(x & 0xFF);
+ a = MBEDTLS_BYTE_0( x );
y = ctx->S[0][a] + ctx->S[1][b];
y = y ^ ctx->S[2][c];
y = y + ctx->S[3][d];
@@ -242,8 +219,8 @@
BLOWFISH_VALIDATE_RET( input != NULL );
BLOWFISH_VALIDATE_RET( output != NULL );
- GET_UINT32_BE( X0, input, 0 );
- GET_UINT32_BE( X1, input, 4 );
+ X0 = MBEDTLS_GET_UINT32_BE( input, 0 );
+ X1 = MBEDTLS_GET_UINT32_BE( input, 4 );
if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{
@@ -254,8 +231,8 @@
blowfish_enc( ctx, &X0, &X1 );
}
- PUT_UINT32_BE( X0, output, 0 );
- PUT_UINT32_BE( X1, output, 4 );
+ MBEDTLS_PUT_UINT32_BE( X0, output, 0 );
+ MBEDTLS_PUT_UINT32_BE( X1, output, 4 );
return( 0 );
}
diff --git a/library/camellia.c b/library/camellia.c
index d60f931..29d730a 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -49,29 +49,6 @@
#define CAMELLIA_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
static const unsigned char SIGMA_CHARS[6][8] =
{
{ 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b },
@@ -301,14 +278,14 @@
I0 = x[0] ^ k[0];
I1 = x[1] ^ k[1];
- I0 = ((uint32_t) SBOX1((I0 >> 24) & 0xFF) << 24) |
- ((uint32_t) SBOX2((I0 >> 16) & 0xFF) << 16) |
- ((uint32_t) SBOX3((I0 >> 8) & 0xFF) << 8) |
- ((uint32_t) SBOX4((I0 ) & 0xFF) );
- I1 = ((uint32_t) SBOX2((I1 >> 24) & 0xFF) << 24) |
- ((uint32_t) SBOX3((I1 >> 16) & 0xFF) << 16) |
- ((uint32_t) SBOX4((I1 >> 8) & 0xFF) << 8) |
- ((uint32_t) SBOX1((I1 ) & 0xFF) );
+ I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) |
+ ((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) |
+ ((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) << 8) |
+ ((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 )) );
+ I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) |
+ ((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) |
+ ((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) << 8) |
+ ((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 )) );
I0 ^= (I1 << 8) | (I1 >> 24);
I1 ^= (I0 << 16) | (I0 >> 16);
@@ -376,8 +353,8 @@
* Prepare SIGMA values
*/
for( i = 0; i < 6; i++ ) {
- GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 );
- GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 );
+ SIGMA[i][0] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 0 );
+ SIGMA[i][1] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 4 );
}
/*
@@ -388,7 +365,7 @@
/* Store KL, KR */
for( i = 0; i < 8; i++ )
- GET_UINT32_BE( KC[i], t, i * 4 );
+ KC[i] = MBEDTLS_GET_UINT32_BE( t, i * 4 );
/* Generate KA */
for( i = 0; i < 4; ++i )
@@ -514,10 +491,10 @@
NR = ctx->nr;
RK = ctx->rk;
- GET_UINT32_BE( X[0], input, 0 );
- GET_UINT32_BE( X[1], input, 4 );
- GET_UINT32_BE( X[2], input, 8 );
- GET_UINT32_BE( X[3], input, 12 );
+ X[0] = MBEDTLS_GET_UINT32_BE( input, 0 );
+ X[1] = MBEDTLS_GET_UINT32_BE( input, 4 );
+ X[2] = MBEDTLS_GET_UINT32_BE( input, 8 );
+ X[3] = MBEDTLS_GET_UINT32_BE( input, 12 );
X[0] ^= *RK++;
X[1] ^= *RK++;
@@ -552,10 +529,10 @@
X[0] ^= *RK++;
X[1] ^= *RK++;
- PUT_UINT32_BE( X[2], output, 0 );
- PUT_UINT32_BE( X[3], output, 4 );
- PUT_UINT32_BE( X[0], output, 8 );
- PUT_UINT32_BE( X[1], output, 12 );
+ MBEDTLS_PUT_UINT32_BE( X[2], output, 0 );
+ MBEDTLS_PUT_UINT32_BE( X[3], output, 4 );
+ MBEDTLS_PUT_UINT32_BE( X[0], output, 8 );
+ MBEDTLS_PUT_UINT32_BE( X[1], output, 12 );
return( 0 );
}
@@ -942,9 +919,11 @@
unsigned char nonce_counter[16];
unsigned char stream_block[16];
#endif
+ int ret = 1;
mbedtls_camellia_context ctx;
+ mbedtls_camellia_init( &ctx );
memset( key, 0, 32 );
for( j = 0; j < 6; j++ ) {
@@ -974,8 +953,7 @@
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
-
- return( 1 );
+ goto exit;
}
}
@@ -1027,8 +1005,7 @@
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
-
- return( 1 );
+ goto exit;
}
}
@@ -1071,8 +1048,7 @@
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
-
- return( 1 );
+ goto exit;
}
}
else
@@ -1087,8 +1063,7 @@
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
-
- return( 1 );
+ goto exit;
}
}
@@ -1100,7 +1075,11 @@
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
- return( 0 );
+ ret = 0;
+
+exit:
+ mbedtls_camellia_free( &ctx );
+ return( ret );
}
#endif /* MBEDTLS_SELF_TEST */
diff --git a/library/ccm.c b/library/ccm.c
index 424ee77..a21a37f 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -200,7 +200,7 @@
memcpy( b + 1, iv, iv_len );
for( i = 0, len_left = length; i < q; i++, len_left >>= 8 )
- b[15-i] = (unsigned char)( len_left & 0xFF );
+ b[15-i] = MBEDTLS_BYTE_0( len_left );
if( len_left > 0 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
@@ -221,8 +221,7 @@
src = add;
memset( b, 0, 16 );
- b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF );
- b[1] = (unsigned char)( ( add_len ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( add_len, b, 0 );
use_len = len_left < 16 - 2 ? len_left : 16 - 2;
memcpy( b + 2, src, use_len );
diff --git a/library/chacha20.c b/library/chacha20.c
index 78467d3..658f046 100644
--- a/library/chacha20.c
+++ b/library/chacha20.c
@@ -54,13 +54,6 @@
#define CHACHA20_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
-#define BYTES_TO_U32_LE( data, offset ) \
- ( (uint32_t) (data)[offset] \
- | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \
- | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \
- | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \
- )
-
#define ROTL32( value, amount ) \
( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) )
@@ -171,10 +164,7 @@
{
size_t offset = i * 4U;
- keystream[offset ] = (unsigned char)( working_state[i] );
- keystream[offset + 1U] = (unsigned char)( working_state[i] >> 8 );
- keystream[offset + 2U] = (unsigned char)( working_state[i] >> 16 );
- keystream[offset + 3U] = (unsigned char)( working_state[i] >> 24 );
+ MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset);
}
mbedtls_platform_zeroize( working_state, sizeof( working_state ) );
@@ -212,14 +202,14 @@
ctx->state[3] = 0x6b206574;
/* Set key */
- ctx->state[4] = BYTES_TO_U32_LE( key, 0 );
- ctx->state[5] = BYTES_TO_U32_LE( key, 4 );
- ctx->state[6] = BYTES_TO_U32_LE( key, 8 );
- ctx->state[7] = BYTES_TO_U32_LE( key, 12 );
- ctx->state[8] = BYTES_TO_U32_LE( key, 16 );
- ctx->state[9] = BYTES_TO_U32_LE( key, 20 );
- ctx->state[10] = BYTES_TO_U32_LE( key, 24 );
- ctx->state[11] = BYTES_TO_U32_LE( key, 28 );
+ ctx->state[4] = MBEDTLS_GET_UINT32_LE( key, 0 );
+ ctx->state[5] = MBEDTLS_GET_UINT32_LE( key, 4 );
+ ctx->state[6] = MBEDTLS_GET_UINT32_LE( key, 8 );
+ ctx->state[7] = MBEDTLS_GET_UINT32_LE( key, 12 );
+ ctx->state[8] = MBEDTLS_GET_UINT32_LE( key, 16 );
+ ctx->state[9] = MBEDTLS_GET_UINT32_LE( key, 20 );
+ ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 );
+ ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 );
return( 0 );
}
@@ -235,9 +225,9 @@
ctx->state[12] = counter;
/* Nonce */
- ctx->state[13] = BYTES_TO_U32_LE( nonce, 0 );
- ctx->state[14] = BYTES_TO_U32_LE( nonce, 4 );
- ctx->state[15] = BYTES_TO_U32_LE( nonce, 8 );
+ ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 );
+ ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 );
+ ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 );
mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) );
diff --git a/library/chachapoly.c b/library/chachapoly.c
index 77d5477..dc75b20 100644
--- a/library/chachapoly.c
+++ b/library/chachapoly.c
@@ -263,22 +263,8 @@
/* The lengths of the AAD and ciphertext are processed by
* Poly1305 as the final 128-bit block, encoded as little-endian integers.
*/
- len_block[ 0] = (unsigned char)( ctx->aad_len );
- len_block[ 1] = (unsigned char)( ctx->aad_len >> 8 );
- len_block[ 2] = (unsigned char)( ctx->aad_len >> 16 );
- len_block[ 3] = (unsigned char)( ctx->aad_len >> 24 );
- len_block[ 4] = (unsigned char)( ctx->aad_len >> 32 );
- len_block[ 5] = (unsigned char)( ctx->aad_len >> 40 );
- len_block[ 6] = (unsigned char)( ctx->aad_len >> 48 );
- len_block[ 7] = (unsigned char)( ctx->aad_len >> 56 );
- len_block[ 8] = (unsigned char)( ctx->ciphertext_len );
- len_block[ 9] = (unsigned char)( ctx->ciphertext_len >> 8 );
- len_block[10] = (unsigned char)( ctx->ciphertext_len >> 16 );
- len_block[11] = (unsigned char)( ctx->ciphertext_len >> 24 );
- len_block[12] = (unsigned char)( ctx->ciphertext_len >> 32 );
- len_block[13] = (unsigned char)( ctx->ciphertext_len >> 40 );
- len_block[14] = (unsigned char)( ctx->ciphertext_len >> 48 );
- len_block[15] = (unsigned char)( ctx->ciphertext_len >> 56 );
+ MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0);
+ MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8);
ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U );
if( ret != 0 )
diff --git a/library/check_crypto_config.h b/library/check_crypto_config.h
index cac90a0..d7ad16a 100644
--- a/library/check_crypto_config.h
+++ b/library/check_crypto_config.h
@@ -28,6 +28,19 @@
#ifndef MBEDTLS_CHECK_CRYPTO_CONFIG_H
#define MBEDTLS_CHECK_CRYPTO_CONFIG_H
+#if defined(PSA_WANT_ALG_CCM) && \
+ !( defined(PSA_WANT_KEY_TYPE_AES) || \
+ defined(PSA_WANT_KEY_TYPE_CAMELLIA) )
+#error "PSA_WANT_ALG_CCM defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_CMAC) && \
+ !( defined(PSA_WANT_KEY_TYPE_AES) || \
+ defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \
+ defined(PSA_WANT_KEY_TYPE_DES) )
+#error "PSA_WANT_ALG_CMAC defined, but not all prerequisites"
+#endif
+
#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
!( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) )
@@ -40,6 +53,12 @@
#error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites"
#endif
+#if defined(PSA_WANT_ALG_GCM) && \
+ !( defined(PSA_WANT_KEY_TYPE_AES) || \
+ defined(PSA_WANT_KEY_TYPE_CAMELLIA) )
+#error "PSA_WANT_ALG_GCM defined, but not all prerequisites"
+#endif
+
#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \
!( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
diff --git a/library/cipher.c b/library/cipher.c
index 853eeec..457f8f6 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -1288,23 +1288,16 @@
#if defined(MBEDTLS_CIPHER_MODE_AEAD)
/*
- * Packet-oriented encryption for AEAD modes
+ * Packet-oriented encryption for AEAD modes: internal function shared by
+ * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext().
*/
-int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
+static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
unsigned char *tag, size_t tag_len )
{
- CIPHER_VALIDATE_RET( ctx != NULL );
- CIPHER_VALIDATE_RET( iv != NULL );
- CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
- CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
- CIPHER_VALIDATE_RET( output != NULL );
- CIPHER_VALIDATE_RET( olen != NULL );
- CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
-
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( ctx->psa_enabled == 1 )
{
@@ -1320,7 +1313,7 @@
/* PSA Crypto API always writes the authentication tag
* at the end of the encrypted message. */
- if( tag != output + ilen )
+ if( output == NULL || tag != output + ilen )
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
status = psa_aead_encrypt( cipher_psa->slot,
@@ -1370,44 +1363,21 @@
ilen, iv, ad, ad_len, input, output, tag ) );
}
#endif /* MBEDTLS_CHACHAPOLY_C */
-#if defined(MBEDTLS_NIST_KW_C)
- if( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
- MBEDTLS_MODE_KWP == ctx->cipher_info->mode )
- {
- mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ?
- MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
-
- /* There is no iv, tag or ad associated with KW and KWP, these length should be 0 */
- if( iv_len != 0 || tag_len != 0 || ad_len != 0 )
- {
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
- }
-
- return( mbedtls_nist_kw_wrap( ctx->cipher_ctx, mode, input, ilen, output, olen, SIZE_MAX ) );
- }
-#endif /* MBEDTLS_NIST_KW_C */
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
/*
- * Packet-oriented decryption for AEAD modes
+ * Packet-oriented encryption for AEAD modes: internal function shared by
+ * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext().
*/
-int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
+static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len )
{
- CIPHER_VALIDATE_RET( ctx != NULL );
- CIPHER_VALIDATE_RET( iv != NULL );
- CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
- CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
- CIPHER_VALIDATE_RET( output != NULL );
- CIPHER_VALIDATE_RET( olen != NULL );
- CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
-
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( ctx->psa_enabled == 1 )
{
@@ -1423,7 +1393,7 @@
/* PSA Crypto API always writes the authentication tag
* at the end of the encrypted message. */
- if( tag != input + ilen )
+ if( input == NULL || tag != input + ilen )
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
status = psa_aead_decrypt( cipher_psa->slot,
@@ -1495,25 +1465,169 @@
return( ret );
}
#endif /* MBEDTLS_CHACHAPOLY_C */
+
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+/*
+ * Packet-oriented encryption for AEAD modes: public legacy function.
+ */
+int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen,
+ unsigned char *tag, size_t tag_len )
+{
+ CIPHER_VALIDATE_RET( ctx != NULL );
+ CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
+ CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
+ CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
+ CIPHER_VALIDATE_RET( ilen == 0 || output != NULL );
+ CIPHER_VALIDATE_RET( olen != NULL );
+ CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
+
+ return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len,
+ input, ilen, output, olen,
+ tag, tag_len ) );
+}
+
+/*
+ * Packet-oriented decryption for AEAD modes: public legacy function.
+ */
+int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen,
+ const unsigned char *tag, size_t tag_len )
+{
+ CIPHER_VALIDATE_RET( ctx != NULL );
+ CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
+ CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
+ CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
+ CIPHER_VALIDATE_RET( ilen == 0 || output != NULL );
+ CIPHER_VALIDATE_RET( olen != NULL );
+ CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
+
+ return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len,
+ input, ilen, output, olen,
+ tag, tag_len ) );
+}
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+/*
+ * Packet-oriented encryption for AEAD/NIST_KW: public function.
+ */
+int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t output_len,
+ size_t *olen, size_t tag_len )
+{
+ CIPHER_VALIDATE_RET( ctx != NULL );
+ CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
+ CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
+ CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
+ CIPHER_VALIDATE_RET( output != NULL );
+ CIPHER_VALIDATE_RET( olen != NULL );
+
#if defined(MBEDTLS_NIST_KW_C)
- if( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
- MBEDTLS_MODE_KWP == ctx->cipher_info->mode )
+ if(
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ ctx->psa_enabled == 0 &&
+#endif
+ ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
+ MBEDTLS_MODE_KWP == ctx->cipher_info->mode ) )
{
mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ?
MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
- /* There is no iv, tag or ad associated with KW and KWP, these length should be 0 */
+ /* There is no iv, tag or ad associated with KW and KWP,
+ * so these length should be 0 as documented. */
if( iv_len != 0 || tag_len != 0 || ad_len != 0 )
- {
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
- }
- return( mbedtls_nist_kw_unwrap( ctx->cipher_ctx, mode, input, ilen, output, olen, SIZE_MAX ) );
+ (void) iv;
+ (void) ad;
+
+ return( mbedtls_nist_kw_wrap( ctx->cipher_ctx, mode, input, ilen,
+ output, olen, output_len ) );
}
#endif /* MBEDTLS_NIST_KW_C */
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+ /* AEAD case: check length before passing on to shared function */
+ if( output_len < ilen + tag_len )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ int ret = mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len,
+ input, ilen, output, olen,
+ output + ilen, tag_len );
+ *olen += tag_len;
+ return( ret );
+#else
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-}
#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+}
+
+/*
+ * Packet-oriented decryption for AEAD/NIST_KW: public function.
+ */
+int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t output_len,
+ size_t *olen, size_t tag_len )
+{
+ CIPHER_VALIDATE_RET( ctx != NULL );
+ CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
+ CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
+ CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
+ CIPHER_VALIDATE_RET( output_len == 0 || output != NULL );
+ CIPHER_VALIDATE_RET( olen != NULL );
+
+#if defined(MBEDTLS_NIST_KW_C)
+ if(
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ ctx->psa_enabled == 0 &&
+#endif
+ ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
+ MBEDTLS_MODE_KWP == ctx->cipher_info->mode ) )
+ {
+ mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ?
+ MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
+
+ /* There is no iv, tag or ad associated with KW and KWP,
+ * so these length should be 0 as documented. */
+ if( iv_len != 0 || tag_len != 0 || ad_len != 0 )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ (void) iv;
+ (void) ad;
+
+ return( mbedtls_nist_kw_unwrap( ctx->cipher_ctx, mode, input, ilen,
+ output, olen, output_len ) );
+ }
+#endif /* MBEDTLS_NIST_KW_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+ /* AEAD case: check length before passing on to shared function */
+ if( ilen < tag_len || output_len < ilen - tag_len )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len,
+ input, ilen - tag_len, output, olen,
+ input + ilen - tag_len, tag_len ) );
+#else
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+}
+#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
#endif /* MBEDTLS_CIPHER_C */
diff --git a/library/cmac.c b/library/cmac.c
index 59ece15..3cc49d1 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -45,22 +45,10 @@
#include "mbedtls/cmac.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
+#include "mbedtls/platform.h"
#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc calloc
-#define mbedtls_free free
-#if defined(MBEDTLS_SELF_TEST)
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_SELF_TEST */
-#endif /* MBEDTLS_PLATFORM_C */
-
#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
/*
@@ -793,6 +781,18 @@
if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits,
MBEDTLS_ENCRYPT ) ) != 0 )
{
+ /* When CMAC is implemented by an alternative implementation, or
+ * the underlying primitive itself is implemented alternatively,
+ * AES-192 may be unavailable. This should not cause the selftest
+ * function to fail. */
+ if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+ ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) &&
+ cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) {
+ if( verbose != 0 )
+ mbedtls_printf( "skipped\n" );
+ goto next_test;
+ }
+
if( verbose != 0 )
mbedtls_printf( "test execution failed\n" );
@@ -820,6 +820,7 @@
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+next_test:
mbedtls_cipher_free( &ctx );
}
@@ -864,6 +865,19 @@
if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages,
message_lengths[i], output ) ) != 0 )
{
+ /* When CMAC is implemented by an alternative implementation, or
+ * the underlying primitive itself is implemented alternatively,
+ * AES-192 and/or 3DES may be unavailable. This should not cause
+ * the selftest function to fail. */
+ if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+ ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) &&
+ ( cipher_type == MBEDTLS_CIPHER_AES_192_ECB ||
+ cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB ) ) {
+ if( verbose != 0 )
+ mbedtls_printf( "skipped\n" );
+ continue;
+ }
+
if( verbose != 0 )
mbedtls_printf( "failed\n" );
goto exit;
diff --git a/library/common.h b/library/common.h
index 5845766..c064724 100644
--- a/library/common.h
+++ b/library/common.h
@@ -29,6 +29,8 @@
#include "mbedtls/config.h"
#endif
+#include <stdint.h>
+
/** Helper to define a function as static except when building invasive tests.
*
* If a function is only used inside its own source file and should be
@@ -50,4 +52,254 @@
#define MBEDTLS_STATIC_TESTABLE static
#endif
+/** Byte Reading Macros
+ *
+ * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th
+ * byte from x, where byte 0 is the least significant byte.
+ */
+#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) )
+#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) )
+#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) )
+#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) )
+#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) )
+#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) )
+#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) )
+#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) )
+
+/**
+ * Get the unsigned 32 bits integer corresponding to four bytes in
+ * big-endian order (MSB first).
+ *
+ * \param data Base address of the memory to get the four bytes from.
+ * \param offset Offset from \p base of the first and most significant
+ * byte of the four bytes to build the 32 bits unsigned
+ * integer from.
+ */
+#ifndef MBEDTLS_GET_UINT32_BE
+#define MBEDTLS_GET_UINT32_BE( data , offset ) \
+ ( \
+ ( (uint32_t) ( data )[( offset ) ] << 24 ) \
+ | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \
+ | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \
+ | ( (uint32_t) ( data )[( offset ) + 3] ) \
+ )
+#endif
+
+/**
+ * Put in memory a 32 bits unsigned integer in big-endian order.
+ *
+ * \param n 32 bits unsigned integer to put in memory.
+ * \param data Base address of the memory where to put the 32
+ * bits unsigned integer in.
+ * \param offset Offset from \p base where to put the most significant
+ * byte of the 32 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT32_BE
+#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \
+{ \
+ ( data )[( offset ) ] = MBEDTLS_BYTE_3( n ); \
+ ( data )[( offset ) + 1] = MBEDTLS_BYTE_2( n ); \
+ ( data )[( offset ) + 2] = MBEDTLS_BYTE_1( n ); \
+ ( data )[( offset ) + 3] = MBEDTLS_BYTE_0( n ); \
+}
+#endif
+
+/**
+ * Get the unsigned 32 bits integer corresponding to four bytes in
+ * little-endian order (LSB first).
+ *
+ * \param data Base address of the memory to get the four bytes from.
+ * \param offset Offset from \p base of the first and least significant
+ * byte of the four bytes to build the 32 bits unsigned
+ * integer from.
+ */
+#ifndef MBEDTLS_GET_UINT32_LE
+#define MBEDTLS_GET_UINT32_LE( data, offset ) \
+ ( \
+ ( (uint32_t) ( data )[( offset ) ] ) \
+ | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \
+ | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \
+ | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \
+ )
+#endif
+
+/**
+ * Put in memory a 32 bits unsigned integer in little-endian order.
+ *
+ * \param n 32 bits unsigned integer to put in memory.
+ * \param data Base address of the memory where to put the 32
+ * bits unsigned integer in.
+ * \param offset Offset from \p base where to put the least significant
+ * byte of the 32 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT32_LE
+#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \
+{ \
+ ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \
+ ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \
+ ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \
+ ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \
+}
+#endif
+
+/**
+ * Get the unsigned 16 bits integer corresponding to two bytes in
+ * little-endian order (LSB first).
+ *
+ * \param data Base address of the memory to get the two bytes from.
+ * \param offset Offset from \p base of the first and least significant
+ * byte of the two bytes to build the 16 bits unsigned
+ * integer from.
+ */
+#ifndef MBEDTLS_GET_UINT16_LE
+#define MBEDTLS_GET_UINT16_LE( data, offset ) \
+ ( \
+ ( (uint16_t) ( data )[( offset ) ] ) \
+ | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \
+ )
+#endif
+
+/**
+ * Put in memory a 16 bits unsigned integer in little-endian order.
+ *
+ * \param n 16 bits unsigned integer to put in memory.
+ * \param data Base address of the memory where to put the 16
+ * bits unsigned integer in.
+ * \param offset Offset from \p base where to put the least significant
+ * byte of the 16 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT16_LE
+#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \
+{ \
+ ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \
+ ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \
+}
+#endif
+
+/**
+ * Get the unsigned 16 bits integer corresponding to two bytes in
+ * big-endian order (MSB first).
+ *
+ * \param data Base address of the memory to get the two bytes from.
+ * \param offset Offset from \p base of the first and most significant
+ * byte of the two bytes to build the 16 bits unsigned
+ * integer from.
+ */
+#ifndef MBEDTLS_GET_UINT16_BE
+#define MBEDTLS_GET_UINT16_BE( data, offset ) \
+ ( \
+ ( (uint16_t) ( data )[( offset ) ] << 8 ) \
+ | ( (uint16_t) ( data )[( offset ) + 1] ) \
+ )
+#endif
+
+/**
+ * Put in memory a 16 bits unsigned integer in big-endian order.
+ *
+ * \param n 16 bits unsigned integer to put in memory.
+ * \param data Base address of the memory where to put the 16
+ * bits unsigned integer in.
+ * \param offset Offset from \p base where to put the most significant
+ * byte of the 16 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT16_BE
+#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \
+{ \
+ ( data )[( offset ) ] = MBEDTLS_BYTE_1( n ); \
+ ( data )[( offset ) + 1] = MBEDTLS_BYTE_0( n ); \
+}
+#endif
+
+/**
+ * Get the unsigned 64 bits integer corresponding to eight bytes in
+ * big-endian order (MSB first).
+ *
+ * \param data Base address of the memory to get the eight bytes from.
+ * \param offset Offset from \p base of the first and most significant
+ * byte of the eight bytes to build the 64 bits unsigned
+ * integer from.
+ */
+#ifndef MBEDTLS_GET_UINT64_BE
+#define MBEDTLS_GET_UINT64_BE( data, offset ) \
+ ( \
+ ( (uint64_t) ( data )[( offset ) ] << 56 ) \
+ | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \
+ | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \
+ | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \
+ | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \
+ | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \
+ | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \
+ | ( (uint64_t) ( data )[( offset ) + 7] ) \
+ )
+#endif
+
+/**
+ * Put in memory a 64 bits unsigned integer in big-endian order.
+ *
+ * \param n 64 bits unsigned integer to put in memory.
+ * \param data Base address of the memory where to put the 64
+ * bits unsigned integer in.
+ * \param offset Offset from \p base where to put the most significant
+ * byte of the 64 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT64_BE
+#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \
+{ \
+ ( data )[( offset ) ] = MBEDTLS_BYTE_7( n ); \
+ ( data )[( offset ) + 1] = MBEDTLS_BYTE_6( n ); \
+ ( data )[( offset ) + 2] = MBEDTLS_BYTE_5( n ); \
+ ( data )[( offset ) + 3] = MBEDTLS_BYTE_4( n ); \
+ ( data )[( offset ) + 4] = MBEDTLS_BYTE_3( n ); \
+ ( data )[( offset ) + 5] = MBEDTLS_BYTE_2( n ); \
+ ( data )[( offset ) + 6] = MBEDTLS_BYTE_1( n ); \
+ ( data )[( offset ) + 7] = MBEDTLS_BYTE_0( n ); \
+}
+#endif
+
+/**
+ * Get the unsigned 64 bits integer corresponding to eight bytes in
+ * little-endian order (LSB first).
+ *
+ * \param data Base address of the memory to get the eight bytes from.
+ * \param offset Offset from \p base of the first and least significant
+ * byte of the eight bytes to build the 64 bits unsigned
+ * integer from.
+ */
+#ifndef MBEDTLS_GET_UINT64_LE
+#define MBEDTLS_GET_UINT64_LE( data, offset ) \
+ ( \
+ ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \
+ | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \
+ | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \
+ | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \
+ | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \
+ | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \
+ | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \
+ | ( (uint64_t) ( data )[( offset ) ] ) \
+ )
+#endif
+
+/**
+ * Put in memory a 64 bits unsigned integer in little-endian order.
+ *
+ * \param n 64 bits unsigned integer to put in memory.
+ * \param data Base address of the memory where to put the 64
+ * bits unsigned integer in.
+ * \param offset Offset from \p base where to put the least significant
+ * byte of the 64 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT64_LE
+#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \
+{ \
+ ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \
+ ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \
+ ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \
+ ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \
+ ( data )[( offset ) + 4] = MBEDTLS_BYTE_4( n ); \
+ ( data )[( offset ) + 5] = MBEDTLS_BYTE_5( n ); \
+ ( data )[( offset ) + 6] = MBEDTLS_BYTE_6( n ); \
+ ( data )[( offset ) + 7] = MBEDTLS_BYTE_7( n ); \
+}
+#endif
+
#endif /* MBEDTLS_LIBRARY_COMMON_H */
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 023aac5..a604ec0 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -56,10 +56,6 @@
ctx->reseed_counter = -1;
ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
-
-#if defined(MBEDTLS_THREADING_C)
- mbedtls_mutex_init( &ctx->mutex );
-#endif
}
/*
@@ -72,15 +68,14 @@
return;
#if defined(MBEDTLS_THREADING_C)
- mbedtls_mutex_free( &ctx->mutex );
+ /* The mutex is initialized iff f_entropy is set. */
+ if( ctx->f_entropy != NULL )
+ mbedtls_mutex_free( &ctx->mutex );
#endif
mbedtls_aes_free( &ctx->aes_ctx );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
ctx->reseed_counter = -1;
-#if defined(MBEDTLS_THREADING_C)
- mbedtls_mutex_init( &ctx->mutex );
-#endif
}
void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
@@ -157,11 +152,8 @@
* (Total is padded to a multiple of 16-bytes with zeroes)
*/
p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE;
- *p++ = ( data_len >> 24 ) & 0xff;
- *p++ = ( data_len >> 16 ) & 0xff;
- *p++ = ( data_len >> 8 ) & 0xff;
- *p++ = ( data_len ) & 0xff;
- p += 3;
+ MBEDTLS_PUT_UINT32_BE( data_len, p, 0);
+ p += 4 + 3;
*p++ = MBEDTLS_CTR_DRBG_SEEDLEN;
memcpy( p, data, data_len );
p[data_len] = 0x80;
@@ -394,7 +386,7 @@
/* Gather entropy for a nonce if requested. */
if( nonce_len != 0 )
{
- if( 0 != ctx->f_entropy( ctx->p_entropy, seed, nonce_len ) )
+ if( 0 != ctx->f_entropy( ctx->p_entropy, seed + seedlen, nonce_len ) )
{
return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
}
@@ -464,6 +456,11 @@
memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE );
+ /* The mutex is initialized iff f_entropy is set. */
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_mutex_init( &ctx->mutex );
+#endif
+
mbedtls_aes_init( &ctx->aes_ctx );
ctx->f_entropy = f_entropy;
@@ -684,54 +681,134 @@
#if defined(MBEDTLS_SELF_TEST)
-static const unsigned char entropy_source_pr[96] =
- { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
- 0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02,
- 0x6a, 0x54, 0x6f, 0x0c, 0x70, 0x81, 0x49, 0x8b,
- 0x6e, 0xa6, 0x62, 0x52, 0x6d, 0x51, 0xb1, 0xcb,
- 0x58, 0x3b, 0xfa, 0xd5, 0x37, 0x5f, 0xfb, 0xc9,
- 0xff, 0x46, 0xd2, 0x19, 0xc7, 0x22, 0x3e, 0x95,
- 0x45, 0x9d, 0x82, 0xe1, 0xe7, 0x22, 0x9f, 0x63,
- 0x31, 0x69, 0xd2, 0x6b, 0x57, 0x47, 0x4f, 0xa3,
- 0x37, 0xc9, 0x98, 0x1c, 0x0b, 0xfb, 0x91, 0x31,
- 0x4d, 0x55, 0xb9, 0xe9, 0x1c, 0x5a, 0x5e, 0xe4,
- 0x93, 0x92, 0xcf, 0xc5, 0x23, 0x12, 0xd5, 0x56,
- 0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 };
-
-static const unsigned char entropy_source_nopr[64] =
- { 0x5a, 0x19, 0x4d, 0x5e, 0x2b, 0x31, 0x58, 0x14,
- 0x54, 0xde, 0xf6, 0x75, 0xfb, 0x79, 0x58, 0xfe,
- 0xc7, 0xdb, 0x87, 0x3e, 0x56, 0x89, 0xfc, 0x9d,
- 0x03, 0x21, 0x7c, 0x68, 0xd8, 0x03, 0x38, 0x20,
- 0xf9, 0xe6, 0x5e, 0x04, 0xd8, 0x56, 0xf3, 0xa9,
- 0xc4, 0x4a, 0x4c, 0xbd, 0xc1, 0xd0, 0x08, 0x46,
- 0xf5, 0x98, 0x3d, 0x77, 0x1c, 0x1b, 0x13, 0x7e,
- 0x4e, 0x0f, 0x9d, 0x8e, 0xf4, 0x09, 0xf9, 0x2e };
-
-static const unsigned char nonce_pers_pr[16] =
- { 0xd2, 0x54, 0xfc, 0xff, 0x02, 0x1e, 0x69, 0xd2,
- 0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c };
-
-static const unsigned char nonce_pers_nopr[16] =
- { 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5,
- 0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f };
+/* The CTR_DRBG NIST test vectors used here are available at
+ * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/drbg/drbgtestvectors.zip
+ *
+ * The parameters used to derive the test data are:
+ *
+ * [AES-128 use df]
+ * [PredictionResistance = True/False]
+ * [EntropyInputLen = 128]
+ * [NonceLen = 64]
+ * [PersonalizationStringLen = 128]
+ * [AdditionalInputLen = 0]
+ * [ReturnedBitsLen = 512]
+ *
+ * [AES-256 use df]
+ * [PredictionResistance = True/False]
+ * [EntropyInputLen = 256]
+ * [NonceLen = 128]
+ * [PersonalizationStringLen = 256]
+ * [AdditionalInputLen = 0]
+ * [ReturnedBitsLen = 512]
+ *
+ */
#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
-static const unsigned char result_pr[16] =
- { 0x95, 0x3c, 0xa5, 0xbd, 0x44, 0x1, 0x34, 0xb7,
- 0x13, 0x58, 0x3e, 0x6a, 0x6c, 0x7e, 0x88, 0x8a };
+static const unsigned char entropy_source_pr[] =
+ { 0x04, 0xd9, 0x49, 0xa6, 0xdc, 0xe8, 0x6e, 0xbb,
+ 0xf1, 0x08, 0x77, 0x2b, 0x9e, 0x08, 0xca, 0x92,
+ 0x65, 0x16, 0xda, 0x99, 0xa2, 0x59, 0xf3, 0xe8,
+ 0x38, 0x7e, 0x3f, 0x6b, 0x51, 0x70, 0x7b, 0x20,
+ 0xec, 0x53, 0xd0, 0x66, 0xc3, 0x0f, 0xe3, 0xb0,
+ 0xe0, 0x86, 0xa6, 0xaa, 0x5f, 0x72, 0x2f, 0xad,
+ 0xf7, 0xef, 0x06, 0xb8, 0xd6, 0x9c, 0x9d, 0xe8 };
-static const unsigned char result_nopr[16] =
- { 0x6c, 0x25, 0x27, 0x95, 0xa3, 0x62, 0xd6, 0xdb,
- 0x90, 0xfd, 0x69, 0xb5, 0x42, 0x9, 0x4b, 0x84 };
+static const unsigned char entropy_source_nopr[] =
+ { 0x07, 0x0d, 0x59, 0x63, 0x98, 0x73, 0xa5, 0x45,
+ 0x27, 0x38, 0x22, 0x7b, 0x76, 0x85, 0xd1, 0xa9,
+ 0x74, 0x18, 0x1f, 0x3c, 0x22, 0xf6, 0x49, 0x20,
+ 0x4a, 0x47, 0xc2, 0xf3, 0x85, 0x16, 0xb4, 0x6f,
+ 0x00, 0x2e, 0x71, 0xda, 0xed, 0x16, 0x9b, 0x5c };
+
+static const unsigned char pers_pr[] =
+ { 0xbf, 0xa4, 0x9a, 0x8f, 0x7b, 0xd8, 0xb1, 0x7a,
+ 0x9d, 0xfa, 0x45, 0xed, 0x21, 0x52, 0xb3, 0xad };
+
+static const unsigned char pers_nopr[] =
+ { 0x4e, 0x61, 0x79, 0xd4, 0xc2, 0x72, 0xa1, 0x4c,
+ 0xf1, 0x3d, 0xf6, 0x5e, 0xa3, 0xa6, 0xe5, 0x0f };
+
+static const unsigned char result_pr[] =
+ { 0xc9, 0x0a, 0xaf, 0x85, 0x89, 0x71, 0x44, 0x66,
+ 0x4f, 0x25, 0x0b, 0x2b, 0xde, 0xd8, 0xfa, 0xff,
+ 0x52, 0x5a, 0x1b, 0x32, 0x5e, 0x41, 0x7a, 0x10,
+ 0x1f, 0xef, 0x1e, 0x62, 0x23, 0xe9, 0x20, 0x30,
+ 0xc9, 0x0d, 0xad, 0x69, 0xb4, 0x9c, 0x5b, 0xf4,
+ 0x87, 0x42, 0xd5, 0xae, 0x5e, 0x5e, 0x43, 0xcc,
+ 0xd9, 0xfd, 0x0b, 0x93, 0x4a, 0xe3, 0xd4, 0x06,
+ 0x37, 0x36, 0x0f, 0x3f, 0x72, 0x82, 0x0c, 0xcf };
+
+static const unsigned char result_nopr[] =
+ { 0x31, 0xc9, 0x91, 0x09, 0xf8, 0xc5, 0x10, 0x13,
+ 0x3c, 0xd3, 0x96, 0xf9, 0xbc, 0x2c, 0x12, 0xc0,
+ 0x7c, 0xc1, 0x61, 0x5f, 0xa3, 0x09, 0x99, 0xaf,
+ 0xd7, 0xf2, 0x36, 0xfd, 0x40, 0x1a, 0x8b, 0xf2,
+ 0x33, 0x38, 0xee, 0x1d, 0x03, 0x5f, 0x83, 0xb7,
+ 0xa2, 0x53, 0xdc, 0xee, 0x18, 0xfc, 0xa7, 0xf2,
+ 0xee, 0x96, 0xc6, 0xc2, 0xcd, 0x0c, 0xff, 0x02,
+ 0x76, 0x70, 0x69, 0xaa, 0x69, 0xd1, 0x3b, 0xe8 };
#else /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
-static const unsigned char result_pr[16] =
- { 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f,
- 0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 };
-static const unsigned char result_nopr[16] =
- { 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88,
- 0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f };
+static const unsigned char entropy_source_pr[] =
+ { 0xca, 0x58, 0xfd, 0xf2, 0xb9, 0x77, 0xcb, 0x49,
+ 0xd4, 0xe0, 0x5b, 0xe2, 0x39, 0x50, 0xd9, 0x8a,
+ 0x6a, 0xb3, 0xc5, 0x2f, 0xdf, 0x74, 0xd5, 0x85,
+ 0x8f, 0xd1, 0xba, 0x64, 0x54, 0x7b, 0xdb, 0x1e,
+ 0xc5, 0xea, 0x24, 0xc0, 0xfa, 0x0c, 0x90, 0x15,
+ 0x09, 0x20, 0x92, 0x42, 0x32, 0x36, 0x45, 0x45,
+ 0x7d, 0x20, 0x76, 0x6b, 0xcf, 0xa2, 0x15, 0xc8,
+ 0x2f, 0x9f, 0xbc, 0x88, 0x3f, 0x80, 0xd1, 0x2c,
+ 0xb7, 0x16, 0xd1, 0x80, 0x9e, 0xe1, 0xc9, 0xb3,
+ 0x88, 0x1b, 0x21, 0x45, 0xef, 0xa1, 0x7f, 0xce,
+ 0xc8, 0x92, 0x35, 0x55, 0x2a, 0xd9, 0x1d, 0x8e,
+ 0x12, 0x38, 0xac, 0x01, 0x4e, 0x38, 0x18, 0x76,
+ 0x9c, 0xf2, 0xb6, 0xd4, 0x13, 0xb6, 0x2c, 0x77,
+ 0xc0, 0xe7, 0xe6, 0x0c, 0x47, 0x44, 0x95, 0xbe };
+
+static const unsigned char entropy_source_nopr[] =
+ { 0x4c, 0xfb, 0x21, 0x86, 0x73, 0x34, 0x6d, 0x9d,
+ 0x50, 0xc9, 0x22, 0xe4, 0x9b, 0x0d, 0xfc, 0xd0,
+ 0x90, 0xad, 0xf0, 0x4f, 0x5c, 0x3b, 0xa4, 0x73,
+ 0x27, 0xdf, 0xcd, 0x6f, 0xa6, 0x3a, 0x78, 0x5c,
+ 0x01, 0x69, 0x62, 0xa7, 0xfd, 0x27, 0x87, 0xa2,
+ 0x4b, 0xf6, 0xbe, 0x47, 0xef, 0x37, 0x83, 0xf1,
+ 0xb7, 0xec, 0x46, 0x07, 0x23, 0x63, 0x83, 0x4a,
+ 0x1b, 0x01, 0x33, 0xf2, 0xc2, 0x38, 0x91, 0xdb,
+ 0x4f, 0x11, 0xa6, 0x86, 0x51, 0xf2, 0x3e, 0x3a,
+ 0x8b, 0x1f, 0xdc, 0x03, 0xb1, 0x92, 0xc7, 0xe7 };
+
+static const unsigned char pers_pr[] =
+ { 0x5a, 0x70, 0x95, 0xe9, 0x81, 0x40, 0x52, 0x33,
+ 0x91, 0x53, 0x7e, 0x75, 0xd6, 0x19, 0x9d, 0x1e,
+ 0xad, 0x0d, 0xc6, 0xa7, 0xde, 0x6c, 0x1f, 0xe0,
+ 0xea, 0x18, 0x33, 0xa8, 0x7e, 0x06, 0x20, 0xe9 };
+
+static const unsigned char pers_nopr[] =
+ { 0x88, 0xee, 0xb8, 0xe0, 0xe8, 0x3b, 0xf3, 0x29,
+ 0x4b, 0xda, 0xcd, 0x60, 0x99, 0xeb, 0xe4, 0xbf,
+ 0x55, 0xec, 0xd9, 0x11, 0x3f, 0x71, 0xe5, 0xeb,
+ 0xcb, 0x45, 0x75, 0xf3, 0xd6, 0xa6, 0x8a, 0x6b };
+
+static const unsigned char result_pr[] =
+ { 0xce, 0x2f, 0xdb, 0xb6, 0xd9, 0xb7, 0x39, 0x85,
+ 0x04, 0xc5, 0xc0, 0x42, 0xc2, 0x31, 0xc6, 0x1d,
+ 0x9b, 0x5a, 0x59, 0xf8, 0x7e, 0x0d, 0xcc, 0x62,
+ 0x7b, 0x65, 0x11, 0x55, 0x10, 0xeb, 0x9e, 0x3d,
+ 0xa4, 0xfb, 0x1c, 0x6a, 0x18, 0xc0, 0x74, 0xdb,
+ 0xdd, 0xe7, 0x02, 0x23, 0x63, 0x21, 0xd0, 0x39,
+ 0xf9, 0xa7, 0xc4, 0x52, 0x84, 0x3b, 0x49, 0x40,
+ 0x72, 0x2b, 0xb0, 0x6c, 0x9c, 0xdb, 0xc3, 0x43 };
+
+static const unsigned char result_nopr[] =
+ { 0xa5, 0x51, 0x80, 0xa1, 0x90, 0xbe, 0xf3, 0xad,
+ 0xaf, 0x28, 0xf6, 0xb7, 0x95, 0xe9, 0xf1, 0xf3,
+ 0xd6, 0xdf, 0xa1, 0xb2, 0x7d, 0xd0, 0x46, 0x7b,
+ 0x0c, 0x75, 0xf5, 0xfa, 0x93, 0x1e, 0x97, 0x14,
+ 0x75, 0xb2, 0x7c, 0xae, 0x03, 0xa2, 0x96, 0x54,
+ 0xe2, 0xf4, 0x09, 0x66, 0xea, 0x33, 0x64, 0x30,
+ 0x40, 0xd1, 0x40, 0x0f, 0xe6, 0x77, 0x87, 0x3a,
+ 0xf8, 0x09, 0x7c, 0x1f, 0xe9, 0xf0, 0x02, 0x98 };
#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
static size_t test_offset;
@@ -751,13 +828,15 @@
return( 1 ); \
}
+#define SELF_TEST_OUPUT_DISCARD_LENGTH 64
+
/*
* Checkup routine
*/
int mbedtls_ctr_drbg_self_test( int verbose )
{
mbedtls_ctr_drbg_context ctx;
- unsigned char buf[16];
+ unsigned char buf[ sizeof( result_pr ) ];
mbedtls_ctr_drbg_init( &ctx );
@@ -768,16 +847,16 @@
mbedtls_printf( " CTR_DRBG (PR = TRUE) : " );
test_offset = 0;
- mbedtls_ctr_drbg_set_entropy_len( &ctx, 32 );
- mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 );
+ mbedtls_ctr_drbg_set_entropy_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE );
+ mbedtls_ctr_drbg_set_nonce_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2 );
CHK( mbedtls_ctr_drbg_seed( &ctx,
ctr_drbg_self_test_entropy,
(void *) entropy_source_pr,
- nonce_pers_pr, 16 ) );
+ pers_pr, MBEDTLS_CTR_DRBG_KEYSIZE ) );
mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
- CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
- CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
- CHK( memcmp( buf, result_pr, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
+ CHK( mbedtls_ctr_drbg_random( &ctx, buf, SELF_TEST_OUPUT_DISCARD_LENGTH ) );
+ CHK( mbedtls_ctr_drbg_random( &ctx, buf, sizeof( result_pr ) ) );
+ CHK( memcmp( buf, result_pr, sizeof( result_pr ) ) );
mbedtls_ctr_drbg_free( &ctx );
@@ -793,16 +872,16 @@
mbedtls_ctr_drbg_init( &ctx );
test_offset = 0;
- mbedtls_ctr_drbg_set_entropy_len( &ctx, 32 );
- mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 );
+ mbedtls_ctr_drbg_set_entropy_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE);
+ mbedtls_ctr_drbg_set_nonce_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2 );
CHK( mbedtls_ctr_drbg_seed( &ctx,
ctr_drbg_self_test_entropy,
(void *) entropy_source_nopr,
- nonce_pers_nopr, 16 ) );
- CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
+ pers_nopr, MBEDTLS_CTR_DRBG_KEYSIZE ) );
CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) );
- CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
- CHK( memcmp( buf, result_nopr, 16 ) );
+ CHK( mbedtls_ctr_drbg_random( &ctx, buf, SELF_TEST_OUPUT_DISCARD_LENGTH ) );
+ CHK( mbedtls_ctr_drbg_random( &ctx, buf, sizeof( result_nopr ) ) );
+ CHK( memcmp( buf, result_nopr, sizeof( result_nopr ) ) );
mbedtls_ctr_drbg_free( &ctx );
diff --git a/library/debug.c b/library/debug.c
index c3384be..e108600 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -74,6 +74,7 @@
#endif
}
+MBEDTLS_PRINTF_ATTRIBUTE(5, 6)
void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
const char *format, ... )
@@ -219,8 +220,8 @@
const char *text, const mbedtls_mpi *X )
{
char str[DEBUG_BUF_SIZE];
- int j, k, zeros = 1;
- size_t i, n, idx = 0;
+ size_t bitlen;
+ size_t idx = 0;
if( NULL == ssl ||
NULL == ssl->conf ||
@@ -231,55 +232,43 @@
return;
}
- for( n = X->n - 1; n > 0; n-- )
- if( X->p[n] != 0 )
- break;
+ bitlen = mbedtls_mpi_bitlen( X );
- for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- )
- if( ( ( X->p[n] >> j ) & 1 ) != 0 )
- break;
-
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n",
- text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
-
+ mbedtls_snprintf( str, sizeof( str ), "value of '%s' (%u bits) is:\n",
+ text, (unsigned) bitlen );
debug_send_line( ssl, level, file, line, str );
- idx = 0;
- for( i = n + 1, j = 0; i > 0; i-- )
+ if( bitlen == 0 )
{
- if( zeros && X->p[i - 1] == 0 )
- continue;
-
- for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- )
+ str[0] = ' '; str[1] = '0'; str[2] = '0';
+ idx = 3;
+ }
+ else
+ {
+ int n;
+ for( n = (int) ( ( bitlen - 1 ) / 8 ); n >= 0; n-- )
{
- if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
- continue;
- else
- zeros = 0;
-
- if( j % 16 == 0 )
+ size_t limb_offset = n / sizeof( mbedtls_mpi_uint );
+ size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint );
+ unsigned char octet =
+ ( X->p[limb_offset] >> ( offset_in_limb * 8 ) ) & 0xff;
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", octet );
+ idx += 3;
+ /* Wrap lines after 16 octets that each take 3 columns */
+ if( idx >= 3 * 16 )
{
- if( j > 0 )
- {
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
- debug_send_line( ssl, level, file, line, str );
- idx = 0;
- }
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
+ debug_send_line( ssl, level, file, line, str );
+ idx = 0;
}
-
- idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int)
- ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
-
- j++;
}
-
}
- if( zeros == 1 )
- idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" );
-
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
- debug_send_line( ssl, level, file, line, str );
+ if( idx != 0 )
+ {
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
+ debug_send_line( ssl, level, file, line, str );
+ }
}
#endif /* MBEDTLS_BIGNUM_C */
diff --git a/library/des.c b/library/des.c
index eddf55e..7f90faa 100644
--- a/library/des.c
+++ b/library/des.c
@@ -44,29 +44,6 @@
#if !defined(MBEDTLS_DES_ALT)
/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
-/*
* Expanded DES S-boxes
*/
static const uint32_t SB1[64] =
@@ -423,8 +400,8 @@
int i;
uint32_t X, Y, T;
- GET_UINT32_BE( X, key, 0 );
- GET_UINT32_BE( Y, key, 4 );
+ X = MBEDTLS_GET_UINT32_BE( key, 0 );
+ Y = MBEDTLS_GET_UINT32_BE( key, 4 );
/*
* Permuted Choice 1
@@ -633,8 +610,8 @@
SK = ctx->sk;
- GET_UINT32_BE( X, input, 0 );
- GET_UINT32_BE( Y, input, 4 );
+ X = MBEDTLS_GET_UINT32_BE( input, 0 );
+ Y = MBEDTLS_GET_UINT32_BE( input, 4 );
DES_IP( X, Y );
@@ -646,8 +623,8 @@
DES_FP( Y, X );
- PUT_UINT32_BE( Y, output, 0 );
- PUT_UINT32_BE( X, output, 4 );
+ MBEDTLS_PUT_UINT32_BE( Y, output, 0 );
+ MBEDTLS_PUT_UINT32_BE( X, output, 4 );
return( 0 );
}
@@ -720,8 +697,8 @@
SK = ctx->sk;
- GET_UINT32_BE( X, input, 0 );
- GET_UINT32_BE( Y, input, 4 );
+ X = MBEDTLS_GET_UINT32_BE( input, 0 );
+ Y = MBEDTLS_GET_UINT32_BE( input, 4 );
DES_IP( X, Y );
@@ -745,8 +722,8 @@
DES_FP( Y, X );
- PUT_UINT32_BE( Y, output, 0 );
- PUT_UINT32_BE( X, output, 4 );
+ MBEDTLS_PUT_UINT32_BE( Y, output, 0 );
+ MBEDTLS_PUT_UINT32_BE( X, output, 4 );
return( 0 );
}
diff --git a/library/dhm.c b/library/dhm.c
index f796812..88e148b 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -79,7 +79,7 @@
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 )
- return( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED, ret ) );
(*p) += n;
@@ -100,22 +100,21 @@
*/
static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P )
{
- mbedtls_mpi L, U;
+ mbedtls_mpi U;
int ret = 0;
- mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U );
+ mbedtls_mpi_init( &U );
- MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) );
- if( mbedtls_mpi_cmp_mpi( param, &L ) < 0 ||
+ if( mbedtls_mpi_cmp_int( param, 2 ) < 0 ||
mbedtls_mpi_cmp_mpi( param, &U ) > 0 )
{
ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
}
cleanup:
- mbedtls_mpi_free( &L ); mbedtls_mpi_free( &U );
+ mbedtls_mpi_free( &U );
return( ret );
}
@@ -151,38 +150,44 @@
}
/*
- * Setup and write the ServerKeyExchange parameters
+ * Pick a random R in the range [2, M-2] for blinding or key generation.
*/
-int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
- unsigned char *output, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng )
+static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
- int ret, count = 0;
- size_t n1, n2, n3;
- unsigned char *p;
- DHM_VALIDATE_RET( ctx != NULL );
- DHM_VALIDATE_RET( output != NULL );
- DHM_VALIDATE_RET( olen != NULL );
- DHM_VALIDATE_RET( f_rng != NULL );
+ int ret;
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_random( R, 3, M, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( R, R, 1 ) );
+
+cleanup:
+ return( ret );
+}
+
+static int dhm_make_common( mbedtls_dhm_context *ctx, int x_size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
+{
+ int ret = 0;
if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+ if( x_size < 0 )
+ return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
- /*
- * Generate X as large as possible ( < P )
- */
- do
+ if( (unsigned) x_size < mbedtls_mpi_size( &ctx->P ) )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );
-
- while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
-
- if( count++ > 10 )
- return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED );
}
- while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
+ else
+ {
+ /* Generate X as large as possible ( <= P - 2 ) */
+ ret = dhm_random_below( &ctx->X, &ctx->P, f_rng, p_rng );
+ if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE )
+ return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED );
+ if( ret != 0 )
+ return( ret );
+ }
/*
* Calculate GX = G^X mod P
@@ -193,16 +198,41 @@
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
return( ret );
+cleanup:
+ return( ret );
+}
+
+/*
+ * Setup and write the ServerKeyExchange parameters
+ */
+int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
+ unsigned char *output, size_t *olen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
+{
+ int ret;
+ size_t n1, n2, n3;
+ unsigned char *p;
+ DHM_VALIDATE_RET( ctx != NULL );
+ DHM_VALIDATE_RET( output != NULL );
+ DHM_VALIDATE_RET( olen != NULL );
+ DHM_VALIDATE_RET( f_rng != NULL );
+
+ ret = dhm_make_common( ctx, x_size, f_rng, p_rng );
+ if( ret != 0 )
+ goto cleanup;
+
/*
- * export P, G, GX
+ * Export P, G, GX. RFC 5246 §4.4 states that "leading zero octets are
+ * not required". We omit leading zeros for compactness.
*/
#define DHM_MPI_EXPORT( X, n ) \
do { \
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ), \
p + 2, \
( n ) ) ); \
- *p++ = (unsigned char)( ( n ) >> 8 ); \
- *p++ = (unsigned char)( ( n ) ); \
+ *p++ = MBEDTLS_BYTE_1( n ); \
+ *p++ = MBEDTLS_BYTE_0( n ); \
p += ( n ); \
} while( 0 )
@@ -220,11 +250,9 @@
ctx->len = n1;
cleanup:
-
- if( ret != 0 )
- return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED + ret );
-
- return( 0 );
+ if( ret != 0 && ret > -128 )
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret );
+ return( ret );
}
/*
@@ -242,7 +270,7 @@
if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ||
( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 )
{
- return( MBEDTLS_ERR_DHM_SET_GROUP_FAILED + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret ) );
}
ctx->len = mbedtls_mpi_size( &ctx->P );
@@ -263,7 +291,7 @@
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
- return( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED, ret ) );
return( 0 );
}
@@ -276,7 +304,7 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
- int ret, count = 0;
+ int ret;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( output != NULL );
DHM_VALIDATE_RET( f_rng != NULL );
@@ -284,62 +312,17 @@
if( olen < 1 || olen > ctx->len )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
- if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
- return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
-
- /*
- * generate X and calculate GX = G^X mod P
- */
- do
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );
-
- while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
-
- if( count++ > 10 )
- return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED );
- }
- while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
- &ctx->P , &ctx->RP ) );
-
- if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
- return( ret );
+ ret = dhm_make_common( ctx, x_size, f_rng, p_rng );
+ if( ret == MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED )
+ return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED );
+ if( ret != 0 )
+ goto cleanup;
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) );
cleanup:
-
- if( ret != 0 )
- return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
-
- return( 0 );
-}
-
-/*
- * Pick a random R in the range [2, M) for blinding purposes
- */
-static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
- int ret, count;
-
- count = 0;
- do
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( R, mbedtls_mpi_size( M ), f_rng, p_rng ) );
-
- while( mbedtls_mpi_cmp_mpi( R, M ) >= 0 )
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( R, 1 ) );
-
- if( count++ > 10 )
- return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
- }
- while( mbedtls_mpi_cmp_int( R, 1 ) <= 0 );
-
-cleanup:
+ if( ret != 0 && ret > -128 )
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret );
return( ret );
}
@@ -390,7 +373,7 @@
* We need to generate blinding values from scratch
*/
- /* Vi = random( 2, P-1 ) */
+ /* Vi = random( 2, P-2 ) */
MBEDTLS_MPI_CHK( dhm_random_below( &ctx->Vi, &ctx->P, f_rng, p_rng ) );
/* Vf = Vi^-X mod P
@@ -454,15 +437,16 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
}
+ /* Output the secret without any leading zero byte. This is mandatory
+ * for TLS per RFC 5246 §8.1.2. */
*olen = mbedtls_mpi_size( &ctx->K );
-
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) );
cleanup:
mbedtls_mpi_free( &GYb );
if( ret != 0 )
- return( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED, ret ) );
return( 0 );
}
@@ -544,7 +528,7 @@
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
- ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret );
goto exit;
}
@@ -553,7 +537,7 @@
if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
{
- ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret );
goto exit;
}
@@ -567,13 +551,13 @@
mbedtls_mpi_free( &rec );
if ( ret != 0 )
{
- ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret );
goto exit;
}
if ( p != end )
{
- ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
goto exit;
}
}
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 22fb5e3..640eb24 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -217,6 +217,9 @@
#endif /* MBEDTLS_ECP_RESTARTABLE */
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \
+ !defined(MBEDTLS_ECDSA_SIGN_ALT) || \
+ !defined(MBEDTLS_ECDSA_VERIFY_ALT)
/*
* Derive a suitable integer for group grp from a buffer of length len
* SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
@@ -239,6 +242,7 @@
cleanup:
return( ret );
}
+#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */
#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
/*
@@ -466,6 +470,8 @@
sign:
#endif
#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+ (void) f_rng_blind;
+ (void) p_rng_blind;
ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
mbedtls_hmac_drbg_random, p_rng );
#else
@@ -720,7 +726,7 @@
unsigned char *sig, size_t *slen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
+ unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = {0};
unsigned char *p = buf + sizeof( buf );
size_t len = 0;
@@ -766,6 +772,8 @@
(void) md_alg;
#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+ (void) rs_ctx;
+
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
hash, hlen, f_rng, p_rng ) );
#else
@@ -862,8 +870,8 @@
if( p + len != end )
{
- ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
goto cleanup;
}
@@ -874,6 +882,8 @@
goto cleanup;
}
#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
+ (void) rs_ctx;
+
if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
&ctx->Q, &r, &s ) ) != 0 )
goto cleanup;
diff --git a/library/ecjpake.c b/library/ecjpake.c
index 315da4a..368b6c7 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -166,10 +166,7 @@
if( ret != 0 )
return( ret );
- (*p)[0] = (unsigned char)( ( len >> 24 ) & 0xFF );
- (*p)[1] = (unsigned char)( ( len >> 16 ) & 0xFF );
- (*p)[2] = (unsigned char)( ( len >> 8 ) & 0xFF );
- (*p)[3] = (unsigned char)( ( len ) & 0xFF );
+ MBEDTLS_PUT_UINT32_BE( len, *p, 0 );
*p += 4 + len;
@@ -209,10 +206,8 @@
if( end - p < 4 )
return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
- *p++ = (unsigned char)( ( id_len >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( id_len >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( id_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( id_len ) & 0xFF );
+ MBEDTLS_PUT_UINT32_BE( id_len, p, 0 );
+ p += 4;
if( end < p || (size_t)( end - p ) < id_len )
return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
@@ -273,7 +268,7 @@
r_len = *(*p)++;
- if( end < *p || (size_t)( end - *p ) < r_len )
+ if( end < *p || (size_t)( end - *p ) < r_len || r_len == 0 )
{
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
@@ -352,7 +347,7 @@
goto cleanup;
}
- *(*p)++ = (unsigned char)( len & 0xFF );
+ *(*p)++ = MBEDTLS_BYTE_0( len );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */
*p += len;
@@ -820,6 +815,8 @@
0x65, 0x73, 0x74
};
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+
static const unsigned char ecjpake_test_x1[] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
@@ -964,6 +961,8 @@
return( ret );
}
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
+
/* For tests we don't need a secure RNG;
* use the LGC from Numerical Recipes for simplicity */
static int ecjpake_lgc( void *p, unsigned char *out, size_t len )
@@ -1059,6 +1058,12 @@
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+ /* 'reference handshake' tests can only be run against implementations
+ * for which we have 100% control over how the random ephemeral keys
+ * are generated. This is only the case for the internal mbed TLS
+ * implementation, so these tests are skipped in case the internal
+ * implementation is swapped out for an alternative one. */
if( verbose != 0 )
mbedtls_printf( " ECJPAKE test #2 (reference handshake): " );
@@ -1107,6 +1112,7 @@
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
cleanup:
mbedtls_ecjpake_free( &cli );
diff --git a/library/ecp.c b/library/ecp.c
index 05a0b01..7f9e104 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -76,6 +76,9 @@
#include "mbedtls/threading.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
+#include "mbedtls/bn_mul.h"
+
+#include "ecp_invasive.h"
#include <string.h>
@@ -1157,8 +1160,7 @@
/*
* Next two bytes are the namedcurve value
*/
- buf[0] = curve_info->tls_id >> 8;
- buf[1] = curve_info->tls_id & 0xFF;
+ MBEDTLS_PUT_UINT16_BE( curve_info->tls_id, buf, 0 );
return( 0 );
}
@@ -1243,6 +1245,13 @@
while( (N).s < 0 && mbedtls_mpi_cmp_int( &(N), 0 ) != 0 ) \
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &(N), &(N), &grp->P ) )
+#if ( defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \
+ !( defined(MBEDTLS_ECP_NO_FALLBACK) && \
+ defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \
+ defined(MBEDTLS_ECP_ADD_MIXED_ALT) ) ) || \
+ ( defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) && \
+ !( defined(MBEDTLS_ECP_NO_FALLBACK) && \
+ defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) ) )
static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp,
mbedtls_mpi *X,
const mbedtls_mpi *A,
@@ -1254,6 +1263,7 @@
cleanup:
return( ret );
}
+#endif /* All functions referencing mbedtls_mpi_sub_mod() are alt-implemented without fallback */
/*
* Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int.
@@ -1276,6 +1286,10 @@
return( ret );
}
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \
+ !( defined(MBEDTLS_ECP_NO_FALLBACK) && \
+ defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \
+ defined(MBEDTLS_ECP_ADD_MIXED_ALT) )
static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp,
mbedtls_mpi *X,
size_t count )
@@ -1286,6 +1300,7 @@
cleanup:
return( ret );
}
+#endif /* All functions referencing mbedtls_mpi_shift_l_mod() are alt-implemented without fallback */
#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/*
@@ -1302,9 +1317,6 @@
*/
static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_mpi Zi, ZZi;
-
if( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 )
return( 0 );
@@ -1313,6 +1325,11 @@
return( mbedtls_internal_ecp_normalize_jac( grp, pt ) );
#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#else
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_mpi Zi, ZZi;
mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi );
/*
@@ -1338,6 +1355,7 @@
mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi );
return( ret );
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) */
}
/*
@@ -1354,10 +1372,6 @@
static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
mbedtls_ecp_point *T[], size_t T_size )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t i;
- mbedtls_mpi *c, u, Zi, ZZi;
-
if( T_size < 2 )
return( ecp_normalize_jac( grp, *T ) );
@@ -1366,6 +1380,13 @@
return( mbedtls_internal_ecp_normalize_jac_many( grp, T, T_size ) );
#endif
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#else
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ size_t i;
+ mbedtls_mpi *c, u, Zi, ZZi;
+
if( ( c = mbedtls_calloc( T_size, sizeof( mbedtls_mpi ) ) ) == NULL )
return( MBEDTLS_ERR_ECP_ALLOC_FAILED );
@@ -1433,6 +1454,7 @@
mbedtls_free( c );
return( ret );
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) */
}
/*
@@ -1477,9 +1499,6 @@
static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_ecp_point *P )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_mpi M, S, T, U;
-
#if defined(MBEDTLS_SELF_TEST)
dbl_count++;
#endif
@@ -1489,6 +1508,12 @@
return( mbedtls_internal_ecp_double_jac( grp, R, P ) );
#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#else
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_mpi M, S, T, U;
+
mbedtls_mpi_init( &M ); mbedtls_mpi_init( &S ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &U );
/* Special case for A = -3 */
@@ -1550,6 +1575,7 @@
mbedtls_mpi_free( &M ); mbedtls_mpi_free( &S ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &U );
return( ret );
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) */
}
/*
@@ -1573,9 +1599,6 @@
static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_mpi T1, T2, T3, T4, X, Y, Z;
-
#if defined(MBEDTLS_SELF_TEST)
add_count++;
#endif
@@ -1585,6 +1608,12 @@
return( mbedtls_internal_ecp_add_mixed( grp, R, P, Q ) );
#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#else
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_mpi T1, T2, T3, T4, X, Y, Z;
+
/*
* Trivial cases: P == 0 or Q == 0 (case 1)
*/
@@ -1649,6 +1678,7 @@
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
return( ret );
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_ADD_MIXED_ALT) */
}
/*
@@ -1661,34 +1691,21 @@
static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_mpi l, ll;
- size_t p_size;
- int count = 0;
-
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
if( mbedtls_internal_ecp_grp_capable( grp ) )
return( mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng ) );
#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
- p_size = ( grp->pbits + 7 ) / 8;
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#else
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_mpi l, ll;
+
mbedtls_mpi_init( &l ); mbedtls_mpi_init( &ll );
/* Generate l such that 1 < l < p */
- do
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ) );
-
- while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 )
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) );
-
- if( count++ > 10 )
- {
- ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
- goto cleanup;
- }
- }
- while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_random( &l, 2, &grp->P, f_rng, p_rng ) );
/* Z = l * Z */
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Z, &pt->Z, &l ) );
@@ -1704,7 +1721,10 @@
cleanup:
mbedtls_mpi_free( &l ); mbedtls_mpi_free( &ll );
+ if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE )
+ ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
return( ret );
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) */
}
/*
@@ -2413,19 +2433,22 @@
*/
static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
if( mbedtls_internal_ecp_grp_capable( grp ) )
return( mbedtls_internal_ecp_normalize_mxz( grp, P ) );
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#else
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &P->Z ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) );
cleanup:
return( ret );
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) */
}
/*
@@ -2439,34 +2462,20 @@
static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_mpi l;
- size_t p_size;
- int count = 0;
-
#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
if( mbedtls_internal_ecp_grp_capable( grp ) )
- return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng );
+ return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ) );
#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
- p_size = ( grp->pbits + 7 ) / 8;
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#else
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_mpi l;
mbedtls_mpi_init( &l );
/* Generate l such that 1 < l < p */
- do
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ) );
-
- while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 )
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) );
-
- if( count++ > 10 )
- {
- ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
- goto cleanup;
- }
- }
- while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_random( &l, 2, &grp->P, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &l ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->Z, &P->Z, &l ) );
@@ -2474,7 +2483,10 @@
cleanup:
mbedtls_mpi_free( &l );
+ if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE )
+ ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
return( ret );
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) */
}
/*
@@ -2497,14 +2509,17 @@
const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q,
const mbedtls_mpi *d )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB;
-
#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
if( mbedtls_internal_ecp_grp_capable( grp ) )
return( mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d ) );
#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#else
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB;
+
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &AA ); mbedtls_mpi_init( &B );
mbedtls_mpi_init( &BB ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &C );
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &DA ); mbedtls_mpi_init( &CB );
@@ -2534,6 +2549,7 @@
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &DA ); mbedtls_mpi_free( &CB );
return( ret );
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) */
}
/*
@@ -2768,7 +2784,7 @@
#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/*
- * R = m * P with shortcuts for m == 1 and m == -1
+ * R = m * P with shortcuts for m == 0, m == 1 and m == -1
* NOT constant-time - ONLY for short Weierstrass!
*/
static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,
@@ -2779,7 +2795,11 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( mbedtls_mpi_cmp_int( m, 1 ) == 0 )
+ if( mbedtls_mpi_cmp_int( m, 0 ) == 0 )
+ {
+ MBEDTLS_MPI_CHK( mbedtls_ecp_set_zero( R ) );
+ }
+ else if( mbedtls_mpi_cmp_int( m, 1 ) == 0 )
{
MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) );
}
@@ -2915,6 +2935,97 @@
#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)}
+#define ECP_MPI_INIT_ARRAY(x) \
+ ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x)
+/*
+ * Constants for the two points other than 0, 1, -1 (mod p) in
+ * https://cr.yp.to/ecdh.html#validate
+ * See ecp_check_pubkey_x25519().
+ */
+static const mbedtls_mpi_uint x25519_bad_point_1[] = {
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 ),
+};
+static const mbedtls_mpi_uint x25519_bad_point_2[] = {
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 ),
+};
+static const mbedtls_mpi ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY(
+ x25519_bad_point_1 );
+static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY(
+ x25519_bad_point_2 );
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+/*
+ * Check that the input point is not one of the low-order points.
+ * This is recommended by the "May the Fourth" paper:
+ * https://eprint.iacr.org/2017/806.pdf
+ * Those points are never sent by an honest peer.
+ */
+static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P,
+ const mbedtls_ecp_group_id grp_id )
+{
+ int ret;
+ mbedtls_mpi XmP;
+
+ mbedtls_mpi_init( &XmP );
+
+ /* Reduce X mod P so that we only need to check values less than P.
+ * We know X < 2^256 so we can proceed by subtraction. */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &XmP, X ) );
+ while( mbedtls_mpi_cmp_mpi( &XmP, P ) >= 0 )
+ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &XmP, &XmP, P ) );
+
+ /* Check against the known bad values that are less than P. For Curve448
+ * these are 0, 1 and -1. For Curve25519 we check the values less than P
+ * from the following list: https://cr.yp.to/ecdh.html#validate */
+ if( mbedtls_mpi_cmp_int( &XmP, 1 ) <= 0 ) /* takes care of 0 and 1 */
+ {
+ ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+ goto cleanup;
+ }
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+ if( grp_id == MBEDTLS_ECP_DP_CURVE25519 )
+ {
+ if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_1 ) == 0 )
+ {
+ ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+ goto cleanup;
+ }
+
+ if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_2 ) == 0 )
+ {
+ ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+ goto cleanup;
+ }
+ }
+#else
+ (void) grp_id;
+#endif
+
+ /* Final check: check if XmP + 1 is P (final because it changes XmP!) */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &XmP, &XmP, 1 ) );
+ if( mbedtls_mpi_cmp_mpi( &XmP, P ) == 0 )
+ {
+ ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+ goto cleanup;
+ }
+
+ ret = 0;
+
+cleanup:
+ mbedtls_mpi_free( &XmP );
+
+ return( ret );
+}
+
/*
* Check validity of a public key for Montgomery curves with x-only schemes
*/
@@ -2926,7 +3037,13 @@
if( mbedtls_mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 )
return( MBEDTLS_ERR_ECP_INVALID_KEY );
- return( 0 );
+ /* Implicit in all standards (as they don't consider negative numbers):
+ * X must be non-negative. This is normally ensured by the way it's
+ * encoded for transmission, but let's be extra sure. */
+ if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 )
+ return( MBEDTLS_ERR_ECP_INVALID_KEY );
+
+ return( ecp_check_bad_points_mx( &pt->X, &grp->P, grp->id ) );
}
#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
@@ -2994,6 +3111,56 @@
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
}
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+MBEDTLS_STATIC_TESTABLE
+int mbedtls_ecp_gen_privkey_mx( size_t high_bit,
+ mbedtls_mpi *d,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
+{
+ int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+ size_t n_random_bytes = high_bit / 8 + 1;
+
+ /* [Curve25519] page 5 */
+ /* Generate a (high_bit+1)-bit random number by generating just enough
+ * random bytes, then shifting out extra bits from the top (necessary
+ * when (high_bit+1) is not a multiple of 8). */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_random_bytes,
+ f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_random_bytes - high_bit - 1 ) );
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) );
+
+ /* Make sure the last two bits are unset for Curve448, three bits for
+ Curve25519 */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) );
+ if( high_bit == 254 )
+ {
+ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
+ }
+
+cleanup:
+ return( ret );
+}
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+static int mbedtls_ecp_gen_privkey_sw(
+ const mbedtls_mpi *N, mbedtls_mpi *d,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+ int ret = mbedtls_mpi_random( d, 1, N, f_rng, p_rng );
+ switch( ret )
+ {
+ case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE:
+ return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+ default:
+ return( ret );
+ }
+}
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+
/*
* Generate a private key
*/
@@ -3002,89 +3169,21 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
- int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
- size_t n_size;
-
ECP_VALIDATE_RET( grp != NULL );
ECP_VALIDATE_RET( d != NULL );
ECP_VALIDATE_RET( f_rng != NULL );
- n_size = ( grp->nbits + 7 ) / 8;
-
#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
- {
- /* [M225] page 5 */
- size_t b;
-
- do {
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) );
- } while( mbedtls_mpi_bitlen( d ) == 0);
-
- /* Make sure the most significant bit is nbits */
- b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */
- if( b > grp->nbits )
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - grp->nbits ) );
- else
- MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, grp->nbits, 1 ) );
-
- /* Make sure the last two bits are unset for Curve448, three bits for
- Curve25519 */
- MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) );
- if( grp->nbits == 254 )
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
- }
- }
+ return( mbedtls_ecp_gen_privkey_mx( grp->nbits, d, f_rng, p_rng ) );
#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
- {
- /* SEC1 3.2.1: Generate d such that 1 <= n < N */
- int count = 0;
- unsigned cmp = 0;
-
- /*
- * Match the procedure given in RFC 6979 (deterministic ECDSA):
- * - use the same byte ordering;
- * - keep the leftmost nbits bits of the generated octet string;
- * - try until result is in the desired range.
- * This also avoids any biais, which is especially important for ECDSA.
- */
- do
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) );
-
- /*
- * Each try has at worst a probability 1/2 of failing (the msb has
- * a probability 1/2 of being 0, and then the result will be < N),
- * so after 30 tries failure probability is a most 2**(-30).
- *
- * For most curves, 1 try is enough with overwhelming probability,
- * since N starts with a lot of 1s in binary, but some curves
- * such as secp224k1 are actually very close to the worst case.
- */
- if( ++count > 30 )
- {
- ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
- goto cleanup;
- }
-
- ret = mbedtls_mpi_lt_mpi_ct( d, &grp->N, &cmp );
- if( ret != 0 )
- {
- goto cleanup;
- }
- }
- while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp != 1 );
- }
+ return( mbedtls_ecp_gen_privkey_sw( &grp->N, d, f_rng, p_rng ) );
#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-cleanup:
- return( ret );
+ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
}
/*
diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index a1aab5d..ff26a18 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -24,6 +24,9 @@
#include "mbedtls/ecp.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
+#include "mbedtls/bn_mul.h"
+
+#include "ecp_invasive.h"
#include <string.h>
@@ -40,44 +43,10 @@
#define inline __inline
#endif
-/*
- * Conversion macros for embedded constants:
- * build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2
- */
-#if defined(MBEDTLS_HAVE_INT32)
+#define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)}
-#define BYTES_TO_T_UINT_4( a, b, c, d ) \
- ( (mbedtls_mpi_uint) (a) << 0 ) | \
- ( (mbedtls_mpi_uint) (b) << 8 ) | \
- ( (mbedtls_mpi_uint) (c) << 16 ) | \
- ( (mbedtls_mpi_uint) (d) << 24 )
-
-#define BYTES_TO_T_UINT_2( a, b ) \
- BYTES_TO_T_UINT_4( a, b, 0, 0 )
-
-#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
- BYTES_TO_T_UINT_4( a, b, c, d ), \
- BYTES_TO_T_UINT_4( e, f, g, h )
-
-#else /* 64-bits */
-
-#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
- ( (mbedtls_mpi_uint) (a) << 0 ) | \
- ( (mbedtls_mpi_uint) (b) << 8 ) | \
- ( (mbedtls_mpi_uint) (c) << 16 ) | \
- ( (mbedtls_mpi_uint) (d) << 24 ) | \
- ( (mbedtls_mpi_uint) (e) << 32 ) | \
- ( (mbedtls_mpi_uint) (f) << 40 ) | \
- ( (mbedtls_mpi_uint) (g) << 48 ) | \
- ( (mbedtls_mpi_uint) (h) << 56 )
-
-#define BYTES_TO_T_UINT_4( a, b, c, d ) \
- BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 )
-
-#define BYTES_TO_T_UINT_2( a, b ) \
- BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 )
-
-#endif /* bits in mbedtls_mpi_uint */
+#define ECP_MPI_INIT_ARRAY(x) \
+ ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x)
/*
* Note: the constants are in little-endian order
@@ -89,29 +58,29 @@
*/
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
static const mbedtls_mpi_uint secp192r1_p[] = {
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
};
static const mbedtls_mpi_uint secp192r1_b[] = {
- BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ),
- BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ),
- BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ),
};
static const mbedtls_mpi_uint secp192r1_gx[] = {
- BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ),
- BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ),
- BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ),
};
static const mbedtls_mpi_uint secp192r1_gy[] = {
- BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ),
- BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ),
- BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ),
};
static const mbedtls_mpi_uint secp192r1_n[] = {
- BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ),
- BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
};
#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
@@ -120,34 +89,34 @@
*/
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
static const mbedtls_mpi_uint secp224r1_p[] = {
- BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
- BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
};
static const mbedtls_mpi_uint secp224r1_b[] = {
- BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ),
- BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ),
- BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ),
- BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ),
+ MBEDTLS_BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ),
};
static const mbedtls_mpi_uint secp224r1_gx[] = {
- BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ),
- BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ),
- BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ),
- BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ),
+ MBEDTLS_BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ),
};
static const mbedtls_mpi_uint secp224r1_gy[] = {
- BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ),
- BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ),
- BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ),
- BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ),
+ MBEDTLS_BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ),
};
static const mbedtls_mpi_uint secp224r1_n[] = {
- BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ),
- BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ),
};
#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
@@ -156,34 +125,34 @@
*/
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
static const mbedtls_mpi_uint secp256r1_p[] = {
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
- BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
- BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
};
static const mbedtls_mpi_uint secp256r1_b[] = {
- BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ),
- BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ),
- BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ),
- BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ),
};
static const mbedtls_mpi_uint secp256r1_gx[] = {
- BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ),
- BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ),
- BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ),
- BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ),
};
static const mbedtls_mpi_uint secp256r1_gy[] = {
- BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ),
- BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ),
- BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ),
- BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ),
};
static const mbedtls_mpi_uint secp256r1_n[] = {
- BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ),
- BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
};
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
@@ -192,44 +161,44 @@
*/
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
static const mbedtls_mpi_uint secp384r1_p[] = {
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
- BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
};
static const mbedtls_mpi_uint secp384r1_b[] = {
- BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ),
- BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ),
- BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ),
- BYTES_TO_T_UINT_8( 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18 ),
- BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ),
- BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ),
};
static const mbedtls_mpi_uint secp384r1_gx[] = {
- BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ),
- BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ),
- BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ),
- BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ),
- BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ),
- BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ),
};
static const mbedtls_mpi_uint secp384r1_gy[] = {
- BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ),
- BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ),
- BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ),
- BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ),
- BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ),
- BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ),
};
static const mbedtls_mpi_uint secp384r1_n[] = {
- BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ),
- BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ),
- BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
};
#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
@@ -238,154 +207,154 @@
*/
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
static const mbedtls_mpi_uint secp521r1_p[] = {
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_2( 0xFF, 0x01 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0xFF, 0x01 ),
};
static const mbedtls_mpi_uint secp521r1_b[] = {
- BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ),
- BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ),
- BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ),
- BYTES_TO_T_UINT_8( 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56 ),
- BYTES_TO_T_UINT_8( 0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8 ),
- BYTES_TO_T_UINT_8( 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2 ),
- BYTES_TO_T_UINT_8( 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92 ),
- BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ),
- BYTES_TO_T_UINT_2( 0x51, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0x51, 0x00 ),
};
static const mbedtls_mpi_uint secp521r1_gx[] = {
- BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ),
- BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ),
- BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ),
- BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ),
- BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ),
- BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ),
- BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ),
- BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ),
- BYTES_TO_T_UINT_2( 0xC6, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0xC6, 0x00 ),
};
static const mbedtls_mpi_uint secp521r1_gy[] = {
- BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ),
- BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ),
- BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ),
- BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ),
- BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ),
- BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ),
- BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ),
- BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ),
- BYTES_TO_T_UINT_2( 0x18, 0x01 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0x18, 0x01 ),
};
static const mbedtls_mpi_uint secp521r1_n[] = {
- BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ),
- BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ),
- BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ),
- BYTES_TO_T_UINT_8( 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51 ),
- BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_2( 0xFF, 0x01 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0xFF, 0x01 ),
};
#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
static const mbedtls_mpi_uint secp192k1_p[] = {
- BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
};
static const mbedtls_mpi_uint secp192k1_a[] = {
- BYTES_TO_T_UINT_2( 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ),
};
static const mbedtls_mpi_uint secp192k1_b[] = {
- BYTES_TO_T_UINT_2( 0x03, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0x03, 0x00 ),
};
static const mbedtls_mpi_uint secp192k1_gx[] = {
- BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ),
- BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ),
- BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ),
};
static const mbedtls_mpi_uint secp192k1_gy[] = {
- BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ),
- BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ),
- BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ),
};
static const mbedtls_mpi_uint secp192k1_n[] = {
- BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ),
- BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
};
#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
static const mbedtls_mpi_uint secp224k1_p[] = {
- BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ),
};
static const mbedtls_mpi_uint secp224k1_a[] = {
- BYTES_TO_T_UINT_2( 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ),
};
static const mbedtls_mpi_uint secp224k1_b[] = {
- BYTES_TO_T_UINT_2( 0x05, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0x05, 0x00 ),
};
static const mbedtls_mpi_uint secp224k1_gx[] = {
- BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ),
- BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ),
- BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ),
- BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ),
+ MBEDTLS_BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ),
};
static const mbedtls_mpi_uint secp224k1_gy[] = {
- BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ),
- BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ),
- BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ),
- BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ),
+ MBEDTLS_BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ),
};
static const mbedtls_mpi_uint secp224k1_n[] = {
- BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ),
- BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ),
- BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
- BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ),
};
#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
static const mbedtls_mpi_uint secp256k1_p[] = {
- BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
};
static const mbedtls_mpi_uint secp256k1_a[] = {
- BYTES_TO_T_UINT_2( 0x00, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ),
};
static const mbedtls_mpi_uint secp256k1_b[] = {
- BYTES_TO_T_UINT_2( 0x07, 0x00 ),
+ MBEDTLS_BYTES_TO_T_UINT_2( 0x07, 0x00 ),
};
static const mbedtls_mpi_uint secp256k1_gx[] = {
- BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ),
- BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ),
- BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ),
- BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ),
};
static const mbedtls_mpi_uint secp256k1_gy[] = {
- BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ),
- BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ),
- BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ),
- BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ),
};
static const mbedtls_mpi_uint secp256k1_n[] = {
- BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ),
- BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ),
- BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
- BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
};
#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
@@ -394,40 +363,40 @@
*/
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
static const mbedtls_mpi_uint brainpoolP256r1_p[] = {
- BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ),
- BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ),
- BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ),
- BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ),
};
static const mbedtls_mpi_uint brainpoolP256r1_a[] = {
- BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ),
- BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ),
- BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ),
- BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ),
};
static const mbedtls_mpi_uint brainpoolP256r1_b[] = {
- BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ),
- BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ),
- BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ),
- BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ),
};
static const mbedtls_mpi_uint brainpoolP256r1_gx[] = {
- BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ),
- BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ),
- BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ),
- BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ),
};
static const mbedtls_mpi_uint brainpoolP256r1_gy[] = {
- BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ),
- BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ),
- BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ),
- BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ),
};
static const mbedtls_mpi_uint brainpoolP256r1_n[] = {
- BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ),
- BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ),
- BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ),
- BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ),
};
#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
@@ -436,52 +405,52 @@
*/
#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
static const mbedtls_mpi_uint brainpoolP384r1_p[] = {
- BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ),
- BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ),
- BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ),
- BYTES_TO_T_UINT_8( 0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ),
- BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ),
- BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ),
};
static const mbedtls_mpi_uint brainpoolP384r1_a[] = {
- BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ),
- BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ),
- BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ),
- BYTES_TO_T_UINT_8( 0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2 ),
- BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ),
- BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ),
};
static const mbedtls_mpi_uint brainpoolP384r1_b[] = {
- BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ),
- BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ),
- BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ),
- BYTES_TO_T_UINT_8( 0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F ),
- BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ),
- BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ),
};
static const mbedtls_mpi_uint brainpoolP384r1_gx[] = {
- BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ),
- BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ),
- BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ),
- BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ),
- BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ),
- BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ),
};
static const mbedtls_mpi_uint brainpoolP384r1_gy[] = {
- BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ),
- BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ),
- BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ),
- BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ),
- BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ),
- BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ),
};
static const mbedtls_mpi_uint brainpoolP384r1_n[] = {
- BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ),
- BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ),
- BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ),
- BYTES_TO_T_UINT_8( 0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ),
- BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ),
- BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ),
};
#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
@@ -490,64 +459,64 @@
*/
#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
static const mbedtls_mpi_uint brainpoolP512r1_p[] = {
- BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ),
- BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ),
- BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ),
- BYTES_TO_T_UINT_8( 0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D ),
- BYTES_TO_T_UINT_8( 0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ),
- BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ),
- BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ),
- BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ),
};
static const mbedtls_mpi_uint brainpoolP512r1_a[] = {
- BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ),
- BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ),
- BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ),
- BYTES_TO_T_UINT_8( 0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D ),
- BYTES_TO_T_UINT_8( 0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8 ),
- BYTES_TO_T_UINT_8( 0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94 ),
- BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ),
- BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ),
};
static const mbedtls_mpi_uint brainpoolP512r1_b[] = {
- BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ),
- BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ),
- BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ),
- BYTES_TO_T_UINT_8( 0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B ),
- BYTES_TO_T_UINT_8( 0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B ),
- BYTES_TO_T_UINT_8( 0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8 ),
- BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ),
- BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ),
};
static const mbedtls_mpi_uint brainpoolP512r1_gx[] = {
- BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ),
- BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ),
- BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ),
- BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ),
- BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ),
- BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ),
- BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ),
- BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ),
};
static const mbedtls_mpi_uint brainpoolP512r1_gy[] = {
- BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ),
- BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ),
- BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ),
- BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ),
- BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ),
- BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ),
- BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ),
- BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ),
};
static const mbedtls_mpi_uint brainpoolP512r1_n[] = {
- BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ),
- BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ),
- BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ),
- BYTES_TO_T_UINT_8( 0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55 ),
- BYTES_TO_T_UINT_8( 0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ),
- BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ),
- BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ),
- BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ),
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ),
};
#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
@@ -678,6 +647,13 @@
#endif /* ECP_LOAD_GROUP */
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+/* Constants used by ecp_use_curve25519() */
+static const mbedtls_mpi_sint curve25519_a24 = 0x01DB42;
+static const unsigned char curve25519_part_of_n[] = {
+ 0x14, 0xDE, 0xF9, 0xDE, 0xA2, 0xF7, 0x9C, 0xD6,
+ 0x58, 0x12, 0x63, 0x1A, 0x5C, 0xF5, 0xD3, 0xED,
+};
+
/*
* Specialized function for creating the Curve25519 group
*/
@@ -686,7 +662,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* Actually ( A + 2 ) / 4 */
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "01DB42" ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->A, curve25519_a24 ) );
/* P = 2^255 - 19 */
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) );
@@ -695,8 +671,8 @@
grp->pbits = mbedtls_mpi_bitlen( &grp->P );
/* N = 2^252 + 27742317777372353535851937790883648493 */
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->N, 16,
- "14DEF9DEA2F79CD65812631A5CF5D3ED" ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &grp->N,
+ curve25519_part_of_n, sizeof( curve25519_part_of_n ) ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 252, 1 ) );
/* Y intentionally not set, since we use x/z coordinates.
@@ -717,6 +693,15 @@
#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+/* Constants used by ecp_use_curve448() */
+static const mbedtls_mpi_sint curve448_a24 = 0x98AA;
+static const unsigned char curve448_part_of_n[] = {
+ 0x83, 0x35, 0xDC, 0x16, 0x3B, 0xB1, 0x24,
+ 0xB6, 0x51, 0x29, 0xC9, 0x6F, 0xDE, 0x93,
+ 0x3D, 0x8D, 0x72, 0x3A, 0x70, 0xAA, 0xDC,
+ 0x87, 0x3D, 0x6D, 0x54, 0xA7, 0xBB, 0x0D,
+};
+
/*
* Specialized function for creating the Curve448 group
*/
@@ -728,7 +713,7 @@
mbedtls_mpi_init( &Ns );
/* Actually ( A + 2 ) / 4 */
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "98AA" ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->A, curve448_a24 ) );
/* P = 2^448 - 2^224 - 1 */
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) );
@@ -746,8 +731,8 @@
/* N = 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885 */
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 446, 1 ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &Ns, 16,
- "8335DC163BB124B65129C96FDE933D8D723A70AADC873D6D54A7BB0D" ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &Ns,
+ curve448_part_of_n, sizeof( curve448_part_of_n ) ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &grp->N, &grp->N, &Ns ) );
/* Actually, the required msb for private keys */
@@ -1001,7 +986,7 @@
#define SUB( j ) sub32( &cur, A( j ), &c );
#define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */
-#define biL (ciL << 3) /* bits in limb */
+#define biL (ciL << 3) /* bits in limb */
/*
* Helpers for the main 'loop'
@@ -1028,26 +1013,35 @@
STORE32; i++; \
cur = c > 0 ? c : 0; STORE32; \
cur = 0; while( ++i < MAX32 ) { STORE32; } \
- if( c < 0 ) fix_negative( N, c, bits );
+ if( c < 0 ) mbedtls_ecp_fix_negative( N, c, bits );
/*
* If the result is negative, we get it in the form
- * c * 2^(bits + 32) + N, with c negative and N positive shorter than 'bits'
+ * c * 2^bits + N, with c negative and N positive shorter than 'bits'
*/
-static inline void fix_negative( mbedtls_mpi *N, signed char c, size_t bits )
+MBEDTLS_STATIC_TESTABLE
+void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits )
{
size_t i;
- /* Set N := N - 2^bits */
- --N->p[0];
+ /* Set N := 2^bits - 1 - N. We know that 0 <= N < 2^bits, so
+ * set the absolute value to 0xfff...fff - N. There is no carry
+ * since we're subtracting from all-bits-one. */
for( i = 0; i <= bits / 8 / sizeof( mbedtls_mpi_uint ); i++ )
{
N->p[i] = ~(mbedtls_mpi_uint)0 - N->p[i];
}
+ /* Add 1, taking care of the carry. */
+ i = 0;
+ do
+ ++N->p[i];
+ while( N->p[i++] == 0 && i <= bits / 8 / sizeof( mbedtls_mpi_uint ) );
+ /* Invert the sign.
+ * Now N = N0 - 2^bits where N0 is the initial value of N. */
N->s = -1;
- /* Add |c| * 2^(bits + 32) to the absolute value. Since c and N are
- * negative, this adds c * 2^(bits + 32). */
+ /* Add |c| * 2^bits to the absolute value. Since c and N are
+ * negative, this adds c * 2^bits. */
mbedtls_mpi_uint msw = (mbedtls_mpi_uint) -c;
#if defined(MBEDTLS_HAVE_INT64)
if( bits == 224 )
@@ -1435,9 +1429,11 @@
static int ecp_mod_p192k1( mbedtls_mpi *N )
{
static mbedtls_mpi_uint Rp[] = {
- BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00,
+ 0x00 ) };
- return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
+ return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0,
+ 0 ) );
}
#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
@@ -1449,12 +1445,14 @@
static int ecp_mod_p224k1( mbedtls_mpi *N )
{
static mbedtls_mpi_uint Rp[] = {
- BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
+ MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00,
+ 0x00 ) };
#if defined(MBEDTLS_HAVE_INT64)
return( ecp_mod_koblitz( N, Rp, 4, 1, 32, 0xFFFFFFFF ) );
#else
- return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
+ return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0,
+ 0 ) );
#endif
}
@@ -1468,8 +1466,10 @@
static int ecp_mod_p256k1( mbedtls_mpi *N )
{
static mbedtls_mpi_uint Rp[] = {
- BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
- return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
+ MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00,
+ 0x00 ) };
+ return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0,
+ 0 ) );
}
#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h
new file mode 100644
index 0000000..71c7702
--- /dev/null
+++ b/library/ecp_invasive.h
@@ -0,0 +1,81 @@
+/**
+ * \file ecp_invasive.h
+ *
+ * \brief ECP module: interfaces for invasive testing only.
+ *
+ * The interfaces in this file are intended for testing purposes only.
+ * They SHOULD NOT be made available in library integrations except when
+ * building the library for testing.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef MBEDTLS_ECP_INVASIVE_H
+#define MBEDTLS_ECP_INVASIVE_H
+
+#include "common.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/ecp.h"
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_C)
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+/* Preconditions:
+ * - bits is a multiple of 64 or is 224
+ * - c is -1 or -2
+ * - 0 <= N < 2^bits
+ * - N has room for bits plus one limb
+ *
+ * Behavior:
+ * Set N to c * 2^bits + old_value_of_N.
+ */
+void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits );
+#endif
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+/** Generate a private key on a Montgomery curve (Curve25519 or Curve448).
+ *
+ * This function implements key generation for the set of secret keys
+ * specified in [Curve25519] p. 5 and in [Curve448]. The resulting value
+ * has the lower bits masked but is not necessarily canonical.
+ *
+ * \note - [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf
+ * - [RFC7748] https://tools.ietf.org/html/rfc7748
+ *
+ * \p high_bit The position of the high-order bit of the key to generate.
+ * This is the bit-size of the key minus 1:
+ * 254 for Curve25519 or 447 for Curve448.
+ * \param d The randomly generated key. This is a number of size
+ * exactly \p n_bits + 1 bits, with the least significant bits
+ * masked as specified in [Curve25519] and in [RFC7748] §5.
+ * \param f_rng The RNG function.
+ * \param p_rng The RNG context to be passed to \p f_rng.
+ *
+ * \return \c 0 on success.
+ * \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure.
+ */
+int mbedtls_ecp_gen_privkey_mx( size_t n_bits,
+ mbedtls_mpi *d,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng );
+
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_ECP_C */
+
+#endif /* MBEDTLS_ECP_INVASIVE_H */
diff --git a/library/entropy.c b/library/entropy.c
index db61f16..12fd3b9 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -116,6 +116,11 @@
void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
{
+ /* If the context was already free, don't call free() again.
+ * This is important for mutexes which don't allow double-free. */
+ if( ctx->accumulator_started == -1 )
+ return;
+
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_free( &ctx->havege_data );
#endif
@@ -132,7 +137,7 @@
#endif
ctx->source_count = 0;
mbedtls_platform_zeroize( ctx->source, sizeof( ctx->source ) );
- ctx->accumulator_started = 0;
+ ctx->accumulator_started = -1;
}
int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
@@ -466,15 +471,21 @@
#if defined(MBEDTLS_FS_IO)
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
{
- int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
- FILE *f;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ FILE *f = NULL;
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
- if( ( f = fopen( path, "wb" ) ) == NULL )
- return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
-
if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
+ {
+ ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
goto exit;
+ }
+
+ if( ( f = fopen( path, "wb" ) ) == NULL )
+ {
+ ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+ goto exit;
+ }
if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
{
@@ -487,7 +498,9 @@
exit:
mbedtls_platform_zeroize( buf, sizeof( buf ) );
- fclose( f );
+ if( f != NULL )
+ fclose( f );
+
return( ret );
}
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index 5250a7b..2c1e093 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -109,6 +109,21 @@
#endif /* SYS_getrandom */
#endif /* __linux__ || __midipix__ */
+#if defined(__FreeBSD__) || defined(__DragonFly__)
+#include <sys/param.h>
+#if (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || \
+ (defined(__DragonFly__) && __DragonFly_version >= 500700)
+#include <errno.h>
+#include <sys/random.h>
+#define HAVE_GETRANDOM
+static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
+{
+ return getrandom( buf, buflen, flags );
+}
+#endif /* (__FreeBSD__ && __FreeBSD_version >= 1200000) ||
+ (__DragonFly__ && __DragonFly_version >= 500700) */
+#endif /* __FreeBSD__ || __DragonFly__ */
+
/*
* Some BSD systems provide KERN_ARND.
* This is equivalent to reading from /dev/urandom, only it doesn't require an
@@ -205,13 +220,13 @@
{
((void) data);
((void) output);
- *olen = 0;
+ *olen = 0;
if( len < sizeof(unsigned char) )
return( 0 );
+ output[0] = 0;
*olen = sizeof(unsigned char);
-
return( 0 );
}
#endif
diff --git a/library/error.c b/library/error.c
index 901a369..afad389 100644
--- a/library/error.c
+++ b/library/error.c
@@ -973,4 +973,8 @@
#endif /* MBEDTLS_ERROR_C */
+#if defined(MBEDTLS_TEST_HOOKS)
+void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
+#endif
+
#endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */
diff --git a/library/gcm.c b/library/gcm.c
index 2363e58..948268c 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -59,29 +59,6 @@
MBEDTLS_INTERNAL_VALIDATE( cond )
/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
-/*
* Initialize a context
*/
void mbedtls_gcm_init( mbedtls_gcm_context *ctx )
@@ -111,12 +88,12 @@
return( ret );
/* pack h as two 64-bits ints, big-endian */
- GET_UINT32_BE( hi, h, 0 );
- GET_UINT32_BE( lo, h, 4 );
+ hi = MBEDTLS_GET_UINT32_BE( h, 0 );
+ lo = MBEDTLS_GET_UINT32_BE( h, 4 );
vh = (uint64_t) hi << 32 | lo;
- GET_UINT32_BE( hi, h, 8 );
- GET_UINT32_BE( lo, h, 12 );
+ hi = MBEDTLS_GET_UINT32_BE( h, 8 );
+ lo = MBEDTLS_GET_UINT32_BE( h, 12 );
vl = (uint64_t) hi << 32 | lo;
/* 8 = 1000 corresponds to 1 in GF(2^128) */
@@ -223,10 +200,10 @@
if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) {
unsigned char h[16];
- PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 );
- PUT_UINT32_BE( ctx->HH[8], h, 4 );
- PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 );
- PUT_UINT32_BE( ctx->HL[8], h, 12 );
+ MBEDTLS_PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 );
+ MBEDTLS_PUT_UINT32_BE( ctx->HH[8], h, 4 );
+ MBEDTLS_PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 );
+ MBEDTLS_PUT_UINT32_BE( ctx->HL[8], h, 12 );
mbedtls_aesni_gcm_mult( output, x, h );
return;
@@ -262,10 +239,10 @@
zl ^= ctx->HL[hi];
}
- PUT_UINT32_BE( zh >> 32, output, 0 );
- PUT_UINT32_BE( zh, output, 4 );
- PUT_UINT32_BE( zl >> 32, output, 8 );
- PUT_UINT32_BE( zl, output, 12 );
+ MBEDTLS_PUT_UINT32_BE( zh >> 32, output, 0 );
+ MBEDTLS_PUT_UINT32_BE( zh, output, 4 );
+ MBEDTLS_PUT_UINT32_BE( zl >> 32, output, 8 );
+ MBEDTLS_PUT_UINT32_BE( zl, output, 12 );
}
int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
@@ -309,7 +286,7 @@
else
{
memset( work_buf, 0x00, 16 );
- PUT_UINT32_BE( iv_len * 8, work_buf, 12 );
+ MBEDTLS_PUT_UINT32_BE( iv_len * 8, work_buf, 12 );
p = iv;
while( iv_len > 0 )
@@ -442,10 +419,10 @@
{
memset( work_buf, 0x00, 16 );
- PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 );
- PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 );
- PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 );
- PUT_UINT32_BE( ( orig_len ), work_buf, 12 );
+ MBEDTLS_PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 );
+ MBEDTLS_PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 );
+ MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 );
+ MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 );
for( i = 0; i < 16; i++ )
ctx->buf[i] ^= work_buf[i];
@@ -819,6 +796,15 @@
add_len_test_data[i],
pt_test_data[pt_index_test_data[i]],
buf, 16, tag_buf );
+#if defined(MBEDTLS_GCM_ALT)
+ /* Allow alternative implementations to only support 12-byte nonces. */
+ if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED &&
+ iv_len_test_data[i] != 12 )
+ {
+ mbedtls_printf( "skipped\n" );
+ break;
+ }
+#endif /* defined(MBEDTLS_GCM_ALT) */
if( ret != 0 )
goto exit;
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 25a0225..de97068 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -54,10 +54,6 @@
memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
-
-#if defined(MBEDTLS_THREADING_C)
- mbedtls_mutex_init( &ctx->mutex );
-#endif
}
/*
@@ -129,6 +125,10 @@
if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
return( ret );
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_mutex_init( &ctx->mutex );
+#endif
+
/*
* Set initial working state.
* Use the V memory location, which is currently all 0, to initialize the
@@ -254,6 +254,11 @@
if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
return( ret );
+ /* The mutex is initialized iff the md context is set up. */
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_mutex_init( &ctx->mutex );
+#endif
+
md_size = mbedtls_md_get_size( md_info );
/*
@@ -421,14 +426,13 @@
return;
#if defined(MBEDTLS_THREADING_C)
- mbedtls_mutex_free( &ctx->mutex );
+ /* The mutex is initialized iff the md context is set up. */
+ if( ctx->md_ctx.md_info != NULL )
+ mbedtls_mutex_free( &ctx->mutex );
#endif
mbedtls_md_free( &ctx->md_ctx );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) );
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
-#if defined(MBEDTLS_THREADING_C)
- mbedtls_mutex_init( &ctx->mutex );
-#endif
}
#if defined(MBEDTLS_FS_IO)
diff --git a/library/md.c b/library/md.c
index de77b16..a10a835 100644
--- a/library/md.c
+++ b/library/md.c
@@ -1,5 +1,5 @@
/**
- * \file mbedtls_md.c
+ * \file md.c
*
* \brief Generic message digest wrapper for mbed TLS
*
diff --git a/library/md2.c b/library/md2.c
index b4f7cc6..7264e30 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -147,6 +147,9 @@
t = ctx->cksum[i];
}
+ /* Zeroise variables to clear sensitive data from memory. */
+ mbedtls_platform_zeroize( &t, sizeof( t ) );
+
return( 0 );
}
diff --git a/library/md4.c b/library/md4.c
index 1cac0a4..eaa679a 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -44,29 +44,6 @@
#if !defined(MBEDTLS_MD4_ALT)
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] ) \
- | ( (uint32_t) (b)[(i) + 1] << 8 ) \
- | ( (uint32_t) (b)[(i) + 2] << 16 ) \
- | ( (uint32_t) (b)[(i) + 3] << 24 ); \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
- (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
- (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
-}
-#endif
-
void mbedtls_md4_init( mbedtls_md4_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_md4_context ) );
@@ -113,31 +90,34 @@
int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
const unsigned char data[64] )
{
- uint32_t X[16], A, B, C, D;
+ struct
+ {
+ uint32_t X[16], A, B, C, D;
+ } local;
- GET_UINT32_LE( X[ 0], data, 0 );
- GET_UINT32_LE( X[ 1], data, 4 );
- GET_UINT32_LE( X[ 2], data, 8 );
- GET_UINT32_LE( X[ 3], data, 12 );
- GET_UINT32_LE( X[ 4], data, 16 );
- GET_UINT32_LE( X[ 5], data, 20 );
- GET_UINT32_LE( X[ 6], data, 24 );
- GET_UINT32_LE( X[ 7], data, 28 );
- GET_UINT32_LE( X[ 8], data, 32 );
- GET_UINT32_LE( X[ 9], data, 36 );
- GET_UINT32_LE( X[10], data, 40 );
- GET_UINT32_LE( X[11], data, 44 );
- GET_UINT32_LE( X[12], data, 48 );
- GET_UINT32_LE( X[13], data, 52 );
- GET_UINT32_LE( X[14], data, 56 );
- GET_UINT32_LE( X[15], data, 60 );
+ local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 );
+ local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 );
+ local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 );
+ local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 );
+ local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 );
+ local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 );
+ local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 );
+ local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 );
+ local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 );
+ local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 );
+ local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 );
+ local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 );
+ local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 );
+ local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 );
+ local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 );
+ local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 );
#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
- A = ctx->state[0];
- B = ctx->state[1];
- C = ctx->state[2];
- D = ctx->state[3];
+ local.A = ctx->state[0];
+ local.B = ctx->state[1];
+ local.C = ctx->state[2];
+ local.D = ctx->state[3];
#define F(x, y, z) (((x) & (y)) | ((~(x)) & (z)))
#define P(a,b,c,d,x,s) \
@@ -148,22 +128,22 @@
} while( 0 )
- P( A, B, C, D, X[ 0], 3 );
- P( D, A, B, C, X[ 1], 7 );
- P( C, D, A, B, X[ 2], 11 );
- P( B, C, D, A, X[ 3], 19 );
- P( A, B, C, D, X[ 4], 3 );
- P( D, A, B, C, X[ 5], 7 );
- P( C, D, A, B, X[ 6], 11 );
- P( B, C, D, A, X[ 7], 19 );
- P( A, B, C, D, X[ 8], 3 );
- P( D, A, B, C, X[ 9], 7 );
- P( C, D, A, B, X[10], 11 );
- P( B, C, D, A, X[11], 19 );
- P( A, B, C, D, X[12], 3 );
- P( D, A, B, C, X[13], 7 );
- P( C, D, A, B, X[14], 11 );
- P( B, C, D, A, X[15], 19 );
+ P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 1], 7 );
+ P( local.C, local.D, local.A, local.B, local.X[ 2], 11 );
+ P( local.B, local.C, local.D, local.A, local.X[ 3], 19 );
+ P( local.A, local.B, local.C, local.D, local.X[ 4], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 5], 7 );
+ P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
+ P( local.B, local.C, local.D, local.A, local.X[ 7], 19 );
+ P( local.A, local.B, local.C, local.D, local.X[ 8], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 9], 7 );
+ P( local.C, local.D, local.A, local.B, local.X[10], 11 );
+ P( local.B, local.C, local.D, local.A, local.X[11], 19 );
+ P( local.A, local.B, local.C, local.D, local.X[12], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[13], 7 );
+ P( local.C, local.D, local.A, local.B, local.X[14], 11 );
+ P( local.B, local.C, local.D, local.A, local.X[15], 19 );
#undef P
#undef F
@@ -176,22 +156,22 @@
(a) = S((a),(s)); \
} while( 0 )
- P( A, B, C, D, X[ 0], 3 );
- P( D, A, B, C, X[ 4], 5 );
- P( C, D, A, B, X[ 8], 9 );
- P( B, C, D, A, X[12], 13 );
- P( A, B, C, D, X[ 1], 3 );
- P( D, A, B, C, X[ 5], 5 );
- P( C, D, A, B, X[ 9], 9 );
- P( B, C, D, A, X[13], 13 );
- P( A, B, C, D, X[ 2], 3 );
- P( D, A, B, C, X[ 6], 5 );
- P( C, D, A, B, X[10], 9 );
- P( B, C, D, A, X[14], 13 );
- P( A, B, C, D, X[ 3], 3 );
- P( D, A, B, C, X[ 7], 5 );
- P( C, D, A, B, X[11], 9 );
- P( B, C, D, A, X[15], 13 );
+ P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 4], 5 );
+ P( local.C, local.D, local.A, local.B, local.X[ 8], 9 );
+ P( local.B, local.C, local.D, local.A, local.X[12], 13 );
+ P( local.A, local.B, local.C, local.D, local.X[ 1], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 5], 5 );
+ P( local.C, local.D, local.A, local.B, local.X[ 9], 9 );
+ P( local.B, local.C, local.D, local.A, local.X[13], 13 );
+ P( local.A, local.B, local.C, local.D, local.X[ 2], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 6], 5 );
+ P( local.C, local.D, local.A, local.B, local.X[10], 9 );
+ P( local.B, local.C, local.D, local.A, local.X[14], 13 );
+ P( local.A, local.B, local.C, local.D, local.X[ 3], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 7], 5 );
+ P( local.C, local.D, local.A, local.B, local.X[11], 9 );
+ P( local.B, local.C, local.D, local.A, local.X[15], 13 );
#undef P
#undef F
@@ -204,30 +184,33 @@
(a) = S((a),(s)); \
} while( 0 )
- P( A, B, C, D, X[ 0], 3 );
- P( D, A, B, C, X[ 8], 9 );
- P( C, D, A, B, X[ 4], 11 );
- P( B, C, D, A, X[12], 15 );
- P( A, B, C, D, X[ 2], 3 );
- P( D, A, B, C, X[10], 9 );
- P( C, D, A, B, X[ 6], 11 );
- P( B, C, D, A, X[14], 15 );
- P( A, B, C, D, X[ 1], 3 );
- P( D, A, B, C, X[ 9], 9 );
- P( C, D, A, B, X[ 5], 11 );
- P( B, C, D, A, X[13], 15 );
- P( A, B, C, D, X[ 3], 3 );
- P( D, A, B, C, X[11], 9 );
- P( C, D, A, B, X[ 7], 11 );
- P( B, C, D, A, X[15], 15 );
+ P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 8], 9 );
+ P( local.C, local.D, local.A, local.B, local.X[ 4], 11 );
+ P( local.B, local.C, local.D, local.A, local.X[12], 15 );
+ P( local.A, local.B, local.C, local.D, local.X[ 2], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[10], 9 );
+ P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
+ P( local.B, local.C, local.D, local.A, local.X[14], 15 );
+ P( local.A, local.B, local.C, local.D, local.X[ 1], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[ 9], 9 );
+ P( local.C, local.D, local.A, local.B, local.X[ 5], 11 );
+ P( local.B, local.C, local.D, local.A, local.X[13], 15 );
+ P( local.A, local.B, local.C, local.D, local.X[ 3], 3 );
+ P( local.D, local.A, local.B, local.C, local.X[11], 9 );
+ P( local.C, local.D, local.A, local.B, local.X[ 7], 11 );
+ P( local.B, local.C, local.D, local.A, local.X[15], 15 );
#undef F
#undef P
- ctx->state[0] += A;
- ctx->state[1] += B;
- ctx->state[2] += C;
- ctx->state[3] += D;
+ ctx->state[0] += local.A;
+ ctx->state[1] += local.B;
+ ctx->state[2] += local.C;
+ ctx->state[3] += local.D;
+
+ /* Zeroise variables to clear sensitive data from memory. */
+ mbedtls_platform_zeroize( &local, sizeof( local ) );
return( 0 );
}
@@ -327,8 +310,8 @@
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_LE( low, msglen, 0 );
- PUT_UINT32_LE( high, msglen, 4 );
+ MBEDTLS_PUT_UINT32_LE( low, msglen, 0 );
+ MBEDTLS_PUT_UINT32_LE( high, msglen, 4 );
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
@@ -341,10 +324,10 @@
return( ret );
- PUT_UINT32_LE( ctx->state[0], output, 0 );
- PUT_UINT32_LE( ctx->state[1], output, 4 );
- PUT_UINT32_LE( ctx->state[2], output, 8 );
- PUT_UINT32_LE( ctx->state[3], output, 12 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 );
return( 0 );
}
diff --git a/library/md5.c b/library/md5.c
index 1e702b4..4b53fcf 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -43,29 +43,6 @@
#if !defined(MBEDTLS_MD5_ALT)
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] ) \
- | ( (uint32_t) (b)[(i) + 1] << 8 ) \
- | ( (uint32_t) (b)[(i) + 2] << 16 ) \
- | ( (uint32_t) (b)[(i) + 3] << 24 ); \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
- (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
- (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
-}
-#endif
-
void mbedtls_md5_init( mbedtls_md5_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_md5_context ) );
@@ -112,128 +89,134 @@
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
const unsigned char data[64] )
{
- uint32_t X[16], A, B, C, D;
+ struct
+ {
+ uint32_t X[16], A, B, C, D;
+ } local;
- GET_UINT32_LE( X[ 0], data, 0 );
- GET_UINT32_LE( X[ 1], data, 4 );
- GET_UINT32_LE( X[ 2], data, 8 );
- GET_UINT32_LE( X[ 3], data, 12 );
- GET_UINT32_LE( X[ 4], data, 16 );
- GET_UINT32_LE( X[ 5], data, 20 );
- GET_UINT32_LE( X[ 6], data, 24 );
- GET_UINT32_LE( X[ 7], data, 28 );
- GET_UINT32_LE( X[ 8], data, 32 );
- GET_UINT32_LE( X[ 9], data, 36 );
- GET_UINT32_LE( X[10], data, 40 );
- GET_UINT32_LE( X[11], data, 44 );
- GET_UINT32_LE( X[12], data, 48 );
- GET_UINT32_LE( X[13], data, 52 );
- GET_UINT32_LE( X[14], data, 56 );
- GET_UINT32_LE( X[15], data, 60 );
+ local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 );
+ local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 );
+ local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 );
+ local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 );
+ local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 );
+ local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 );
+ local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 );
+ local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 );
+ local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 );
+ local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 );
+ local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 );
+ local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 );
+ local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 );
+ local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 );
+ local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 );
+ local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 );
#define S(x,n) \
( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) )
-#define P(a,b,c,d,k,s,t) \
- do \
- { \
- (a) += F((b),(c),(d)) + X[(k)] + (t); \
- (a) = S((a),(s)) + (b); \
+#define P(a,b,c,d,k,s,t) \
+ do \
+ { \
+ (a) += F((b),(c),(d)) + local.X[(k)] + (t); \
+ (a) = S((a),(s)) + (b); \
} while( 0 )
- A = ctx->state[0];
- B = ctx->state[1];
- C = ctx->state[2];
- D = ctx->state[3];
+ local.A = ctx->state[0];
+ local.B = ctx->state[1];
+ local.C = ctx->state[2];
+ local.D = ctx->state[3];
#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
- P( A, B, C, D, 0, 7, 0xD76AA478 );
- P( D, A, B, C, 1, 12, 0xE8C7B756 );
- P( C, D, A, B, 2, 17, 0x242070DB );
- P( B, C, D, A, 3, 22, 0xC1BDCEEE );
- P( A, B, C, D, 4, 7, 0xF57C0FAF );
- P( D, A, B, C, 5, 12, 0x4787C62A );
- P( C, D, A, B, 6, 17, 0xA8304613 );
- P( B, C, D, A, 7, 22, 0xFD469501 );
- P( A, B, C, D, 8, 7, 0x698098D8 );
- P( D, A, B, C, 9, 12, 0x8B44F7AF );
- P( C, D, A, B, 10, 17, 0xFFFF5BB1 );
- P( B, C, D, A, 11, 22, 0x895CD7BE );
- P( A, B, C, D, 12, 7, 0x6B901122 );
- P( D, A, B, C, 13, 12, 0xFD987193 );
- P( C, D, A, B, 14, 17, 0xA679438E );
- P( B, C, D, A, 15, 22, 0x49B40821 );
+ P( local.A, local.B, local.C, local.D, 0, 7, 0xD76AA478 );
+ P( local.D, local.A, local.B, local.C, 1, 12, 0xE8C7B756 );
+ P( local.C, local.D, local.A, local.B, 2, 17, 0x242070DB );
+ P( local.B, local.C, local.D, local.A, 3, 22, 0xC1BDCEEE );
+ P( local.A, local.B, local.C, local.D, 4, 7, 0xF57C0FAF );
+ P( local.D, local.A, local.B, local.C, 5, 12, 0x4787C62A );
+ P( local.C, local.D, local.A, local.B, 6, 17, 0xA8304613 );
+ P( local.B, local.C, local.D, local.A, 7, 22, 0xFD469501 );
+ P( local.A, local.B, local.C, local.D, 8, 7, 0x698098D8 );
+ P( local.D, local.A, local.B, local.C, 9, 12, 0x8B44F7AF );
+ P( local.C, local.D, local.A, local.B, 10, 17, 0xFFFF5BB1 );
+ P( local.B, local.C, local.D, local.A, 11, 22, 0x895CD7BE );
+ P( local.A, local.B, local.C, local.D, 12, 7, 0x6B901122 );
+ P( local.D, local.A, local.B, local.C, 13, 12, 0xFD987193 );
+ P( local.C, local.D, local.A, local.B, 14, 17, 0xA679438E );
+ P( local.B, local.C, local.D, local.A, 15, 22, 0x49B40821 );
#undef F
#define F(x,y,z) ((y) ^ ((z) & ((x) ^ (y))))
- P( A, B, C, D, 1, 5, 0xF61E2562 );
- P( D, A, B, C, 6, 9, 0xC040B340 );
- P( C, D, A, B, 11, 14, 0x265E5A51 );
- P( B, C, D, A, 0, 20, 0xE9B6C7AA );
- P( A, B, C, D, 5, 5, 0xD62F105D );
- P( D, A, B, C, 10, 9, 0x02441453 );
- P( C, D, A, B, 15, 14, 0xD8A1E681 );
- P( B, C, D, A, 4, 20, 0xE7D3FBC8 );
- P( A, B, C, D, 9, 5, 0x21E1CDE6 );
- P( D, A, B, C, 14, 9, 0xC33707D6 );
- P( C, D, A, B, 3, 14, 0xF4D50D87 );
- P( B, C, D, A, 8, 20, 0x455A14ED );
- P( A, B, C, D, 13, 5, 0xA9E3E905 );
- P( D, A, B, C, 2, 9, 0xFCEFA3F8 );
- P( C, D, A, B, 7, 14, 0x676F02D9 );
- P( B, C, D, A, 12, 20, 0x8D2A4C8A );
+ P( local.A, local.B, local.C, local.D, 1, 5, 0xF61E2562 );
+ P( local.D, local.A, local.B, local.C, 6, 9, 0xC040B340 );
+ P( local.C, local.D, local.A, local.B, 11, 14, 0x265E5A51 );
+ P( local.B, local.C, local.D, local.A, 0, 20, 0xE9B6C7AA );
+ P( local.A, local.B, local.C, local.D, 5, 5, 0xD62F105D );
+ P( local.D, local.A, local.B, local.C, 10, 9, 0x02441453 );
+ P( local.C, local.D, local.A, local.B, 15, 14, 0xD8A1E681 );
+ P( local.B, local.C, local.D, local.A, 4, 20, 0xE7D3FBC8 );
+ P( local.A, local.B, local.C, local.D, 9, 5, 0x21E1CDE6 );
+ P( local.D, local.A, local.B, local.C, 14, 9, 0xC33707D6 );
+ P( local.C, local.D, local.A, local.B, 3, 14, 0xF4D50D87 );
+ P( local.B, local.C, local.D, local.A, 8, 20, 0x455A14ED );
+ P( local.A, local.B, local.C, local.D, 13, 5, 0xA9E3E905 );
+ P( local.D, local.A, local.B, local.C, 2, 9, 0xFCEFA3F8 );
+ P( local.C, local.D, local.A, local.B, 7, 14, 0x676F02D9 );
+ P( local.B, local.C, local.D, local.A, 12, 20, 0x8D2A4C8A );
#undef F
#define F(x,y,z) ((x) ^ (y) ^ (z))
- P( A, B, C, D, 5, 4, 0xFFFA3942 );
- P( D, A, B, C, 8, 11, 0x8771F681 );
- P( C, D, A, B, 11, 16, 0x6D9D6122 );
- P( B, C, D, A, 14, 23, 0xFDE5380C );
- P( A, B, C, D, 1, 4, 0xA4BEEA44 );
- P( D, A, B, C, 4, 11, 0x4BDECFA9 );
- P( C, D, A, B, 7, 16, 0xF6BB4B60 );
- P( B, C, D, A, 10, 23, 0xBEBFBC70 );
- P( A, B, C, D, 13, 4, 0x289B7EC6 );
- P( D, A, B, C, 0, 11, 0xEAA127FA );
- P( C, D, A, B, 3, 16, 0xD4EF3085 );
- P( B, C, D, A, 6, 23, 0x04881D05 );
- P( A, B, C, D, 9, 4, 0xD9D4D039 );
- P( D, A, B, C, 12, 11, 0xE6DB99E5 );
- P( C, D, A, B, 15, 16, 0x1FA27CF8 );
- P( B, C, D, A, 2, 23, 0xC4AC5665 );
+ P( local.A, local.B, local.C, local.D, 5, 4, 0xFFFA3942 );
+ P( local.D, local.A, local.B, local.C, 8, 11, 0x8771F681 );
+ P( local.C, local.D, local.A, local.B, 11, 16, 0x6D9D6122 );
+ P( local.B, local.C, local.D, local.A, 14, 23, 0xFDE5380C );
+ P( local.A, local.B, local.C, local.D, 1, 4, 0xA4BEEA44 );
+ P( local.D, local.A, local.B, local.C, 4, 11, 0x4BDECFA9 );
+ P( local.C, local.D, local.A, local.B, 7, 16, 0xF6BB4B60 );
+ P( local.B, local.C, local.D, local.A, 10, 23, 0xBEBFBC70 );
+ P( local.A, local.B, local.C, local.D, 13, 4, 0x289B7EC6 );
+ P( local.D, local.A, local.B, local.C, 0, 11, 0xEAA127FA );
+ P( local.C, local.D, local.A, local.B, 3, 16, 0xD4EF3085 );
+ P( local.B, local.C, local.D, local.A, 6, 23, 0x04881D05 );
+ P( local.A, local.B, local.C, local.D, 9, 4, 0xD9D4D039 );
+ P( local.D, local.A, local.B, local.C, 12, 11, 0xE6DB99E5 );
+ P( local.C, local.D, local.A, local.B, 15, 16, 0x1FA27CF8 );
+ P( local.B, local.C, local.D, local.A, 2, 23, 0xC4AC5665 );
#undef F
#define F(x,y,z) ((y) ^ ((x) | ~(z)))
- P( A, B, C, D, 0, 6, 0xF4292244 );
- P( D, A, B, C, 7, 10, 0x432AFF97 );
- P( C, D, A, B, 14, 15, 0xAB9423A7 );
- P( B, C, D, A, 5, 21, 0xFC93A039 );
- P( A, B, C, D, 12, 6, 0x655B59C3 );
- P( D, A, B, C, 3, 10, 0x8F0CCC92 );
- P( C, D, A, B, 10, 15, 0xFFEFF47D );
- P( B, C, D, A, 1, 21, 0x85845DD1 );
- P( A, B, C, D, 8, 6, 0x6FA87E4F );
- P( D, A, B, C, 15, 10, 0xFE2CE6E0 );
- P( C, D, A, B, 6, 15, 0xA3014314 );
- P( B, C, D, A, 13, 21, 0x4E0811A1 );
- P( A, B, C, D, 4, 6, 0xF7537E82 );
- P( D, A, B, C, 11, 10, 0xBD3AF235 );
- P( C, D, A, B, 2, 15, 0x2AD7D2BB );
- P( B, C, D, A, 9, 21, 0xEB86D391 );
+ P( local.A, local.B, local.C, local.D, 0, 6, 0xF4292244 );
+ P( local.D, local.A, local.B, local.C, 7, 10, 0x432AFF97 );
+ P( local.C, local.D, local.A, local.B, 14, 15, 0xAB9423A7 );
+ P( local.B, local.C, local.D, local.A, 5, 21, 0xFC93A039 );
+ P( local.A, local.B, local.C, local.D, 12, 6, 0x655B59C3 );
+ P( local.D, local.A, local.B, local.C, 3, 10, 0x8F0CCC92 );
+ P( local.C, local.D, local.A, local.B, 10, 15, 0xFFEFF47D );
+ P( local.B, local.C, local.D, local.A, 1, 21, 0x85845DD1 );
+ P( local.A, local.B, local.C, local.D, 8, 6, 0x6FA87E4F );
+ P( local.D, local.A, local.B, local.C, 15, 10, 0xFE2CE6E0 );
+ P( local.C, local.D, local.A, local.B, 6, 15, 0xA3014314 );
+ P( local.B, local.C, local.D, local.A, 13, 21, 0x4E0811A1 );
+ P( local.A, local.B, local.C, local.D, 4, 6, 0xF7537E82 );
+ P( local.D, local.A, local.B, local.C, 11, 10, 0xBD3AF235 );
+ P( local.C, local.D, local.A, local.B, 2, 15, 0x2AD7D2BB );
+ P( local.B, local.C, local.D, local.A, 9, 21, 0xEB86D391 );
#undef F
- ctx->state[0] += A;
- ctx->state[1] += B;
- ctx->state[2] += C;
- ctx->state[3] += D;
+ ctx->state[0] += local.A;
+ ctx->state[1] += local.B;
+ ctx->state[2] += local.C;
+ ctx->state[3] += local.D;
+
+ /* Zeroise variables to clear sensitive data from memory. */
+ mbedtls_platform_zeroize( &local, sizeof( local ) );
return( 0 );
}
@@ -347,8 +330,8 @@
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_LE( low, ctx->buffer, 56 );
- PUT_UINT32_LE( high, ctx->buffer, 60 );
+ MBEDTLS_PUT_UINT32_LE( low, ctx->buffer, 56 );
+ MBEDTLS_PUT_UINT32_LE( high, ctx->buffer, 60 );
if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
@@ -356,10 +339,10 @@
/*
* Output final state
*/
- PUT_UINT32_LE( ctx->state[0], output, 0 );
- PUT_UINT32_LE( ctx->state[1], output, 4 );
- PUT_UINT32_LE( ctx->state[2], output, 8 );
- PUT_UINT32_LE( ctx->state[3], output, 12 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 );
return( 0 );
}
diff --git a/library/mps_common.h b/library/mps_common.h
new file mode 100644
index 0000000..d20776f
--- /dev/null
+++ b/library/mps_common.h
@@ -0,0 +1,195 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/**
+ * \file mps_common.h
+ *
+ * \brief Common functions and macros used by MPS
+ */
+
+#ifndef MBEDTLS_MPS_COMMON_H
+#define MBEDTLS_MPS_COMMON_H
+
+#include "mps_error.h"
+
+#include <stdio.h>
+
+/**
+ * \name SECTION: MPS Configuration
+ *
+ * \{
+ */
+
+/*! This flag controls whether the MPS-internal components
+ * (reader, writer, Layer 1-3) perform validation of the
+ * expected abstract state at the entry of API calls.
+ *
+ * Context: All MPS API functions impose assumptions/preconditions on the
+ * context on which they operate. For example, every structure has a notion of
+ * state integrity which is established by `xxx_init()` and preserved by any
+ * calls to the MPS API which satisfy their preconditions and either succeed,
+ * or fail with an error code which is explicitly documented to not corrupt
+ * structure integrity (such as WANT_READ and WANT_WRITE);
+ * apart from `xxx_init()` any function assumes state integrity as a
+ * precondition (but usually more). If any of the preconditions is violated,
+ * the function's behavior is entirely undefined.
+ * In addition to state integrity, all MPS structures have a more refined
+ * notion of abstract state that the API operates on. For example, all layers
+ * have a notion of 'abtract read state' which indicates if incoming data has
+ * been passed to the user, e.g. through mps_l2_read_start() for Layer 2
+ * or mps_l3_read() in Layer 3. After such a call, it doesn't make sense to
+ * call these reading functions again until the incoming data has been
+ * explicitly 'consumed', e.g. through mps_l2_read_consume() for Layer 2 or
+ * mps_l3_read_consume() on Layer 3. However, even if it doesn't make sense,
+ * it's a design choice whether the API should fail gracefully on such
+ * non-sensical calls or not, and that's what this option is about:
+ *
+ * This option determines whether the expected abstract state
+ * is part of the API preconditions or not: If the option is set,
+ * then the abstract state is not part of the precondition and is
+ * thus required to be validated by the implementation. If an unexpected
+ * abstract state is encountered, the implementation must fail gracefully
+ * with error #MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED.
+ * Conversely, if this option is not set, then the expected abstract state
+ * is included in the preconditions of the respective API calls, and
+ * an implementation's behaviour is undefined if the abstract state is
+ * not as expected.
+ *
+ * For example: Enabling this makes mps_l2_read_done() fail if
+ * no incoming record is currently open; disabling this would
+ * lead to undefined behavior in this case.
+ *
+ * Comment this to remove state validation.
+ */
+#define MBEDTLS_MPS_STATE_VALIDATION
+
+/*! This flag enables/disables assertions on the internal state of MPS.
+ *
+ * Assertions are sanity checks that should never trigger when MPS
+ * is used within the bounds of its API and preconditions.
+ *
+ * Enabling this increases security by limiting the scope of
+ * potential bugs, but comes at the cost of increased code size.
+ *
+ * Note: So far, there is no guiding principle as to what
+ * expected conditions merit an assertion, and which don't.
+ *
+ * Comment this to disable assertions.
+ */
+#define MBEDTLS_MPS_ENABLE_ASSERTIONS
+
+/*! This flag controls whether tracing for MPS should be enabled. */
+//#define MBEDTLS_MPS_ENABLE_TRACE
+
+#if defined(MBEDTLS_MPS_STATE_VALIDATION)
+
+#define MBEDTLS_MPS_STATE_VALIDATE_RAW( cond, string ) \
+ do \
+ { \
+ if( !(cond) ) \
+ { \
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, string ); \
+ MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED ); \
+ } \
+ } while( 0 )
+
+#else /* MBEDTLS_MPS_STATE_VALIDATION */
+
+#define MBEDTLS_MPS_STATE_VALIDATE_RAW( cond, string ) \
+ do \
+ { \
+ ( cond ); \
+ } while( 0 )
+
+#endif /* MBEDTLS_MPS_STATE_VALIDATION */
+
+#if defined(MBEDTLS_MPS_ENABLE_ASSERTIONS)
+
+#define MBEDTLS_MPS_ASSERT_RAW( cond, string ) \
+ do \
+ { \
+ if( !(cond) ) \
+ { \
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, string ); \
+ MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_INTERNAL_ERROR ); \
+ } \
+ } while( 0 )
+
+#else /* MBEDTLS_MPS_ENABLE_ASSERTIONS */
+
+#define MBEDTLS_MPS_ASSERT_RAW( cond, string ) do {} while( 0 )
+
+#endif /* MBEDTLS_MPS_ENABLE_ASSERTIONS */
+
+
+/* \} name SECTION: MPS Configuration */
+
+/**
+ * \name SECTION: Common types
+ *
+ * Various common types used throughout MPS.
+ * \{
+ */
+
+/** \brief The type of buffer sizes and offsets used in MPS structures.
+ *
+ * This is an unsigned integer type that should be large enough to
+ * hold the length of any buffer or message processed by MPS.
+ *
+ * The reason to pick a value as small as possible here is
+ * to reduce the size of MPS structures.
+ *
+ * \warning Care has to be taken when using a narrower type
+ * than ::mbedtls_mps_size_t here because of
+ * potential truncation during conversion.
+ *
+ * \warning Handshake messages in TLS may be up to 2^24 ~ 16Mb in size.
+ * If mbedtls_mps_[opt_]stored_size_t is smaller than that, the
+ * maximum handshake message is restricted accordingly.
+ *
+ * For now, we use the default type of size_t throughout, and the use of
+ * smaller types or different types for ::mbedtls_mps_size_t and
+ * ::mbedtls_mps_stored_size_t is not yet supported.
+ *
+ */
+typedef size_t mbedtls_mps_stored_size_t;
+#define MBEDTLS_MPS_STORED_SIZE_MAX ( (mbedtls_mps_stored_size_t) -1 )
+
+/** \brief The type of buffer sizes and offsets used in the MPS API
+ * and implementation.
+ *
+ * This must be at least as wide as ::mbedtls_stored_size_t but
+ * may be chosen to be strictly larger if more suitable for the
+ * target architecture.
+ *
+ * For example, in a test build for ARM Thumb, using uint_fast16_t
+ * instead of uint16_t reduced the code size from 1060 Byte to 962 Byte,
+ * so almost 10%.
+ */
+typedef size_t mbedtls_mps_size_t;
+#define MBEDTLS_MPS_SIZE_MAX ( (mbedtls_mps_size_t) -1 )
+
+#if MBEDTLS_MPS_STORED_SIZE_MAX > MBEDTLS_MPS_SIZE_MAX
+#error "Misconfiguration of mbedtls_mps_size_t and mbedtls_mps_stored_size_t."
+#endif
+
+/* \} SECTION: Common types */
+
+
+#endif /* MBEDTLS_MPS_COMMON_H */
diff --git a/library/mps_error.h b/library/mps_error.h
new file mode 100644
index 0000000..f78d9a0
--- /dev/null
+++ b/library/mps_error.h
@@ -0,0 +1,103 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/**
+ * \file mps_error.h
+ *
+ * \brief Error codes used by MPS
+ */
+
+#ifndef MBEDTLS_MPS_ERROR_H
+#define MBEDTLS_MPS_ERROR_H
+
+
+/* TODO: The error code allocation needs to be revisited:
+ *
+ * - Should we make (some of) the MPS Reader error codes public?
+ * If so, we need to adjust MBEDTLS_MPS_READER_MAKE_ERROR() to hit
+ * a gap in the Mbed TLS public error space.
+ * If not, we have to make sure we don't forward those errors
+ * at the level of the public API -- no risk at the moment as
+ * long as MPS is an experimental component not accessible from
+ * public API.
+ */
+
+/**
+ * \name SECTION: MPS general error codes
+ *
+ * \{
+ */
+
+#ifndef MBEDTLS_MPS_ERR_BASE
+#define MBEDTLS_MPS_ERR_BASE ( 0 )
+#endif
+
+#define MBEDTLS_MPS_MAKE_ERROR(code) \
+ ( -( MBEDTLS_MPS_ERR_BASE | (code) ) )
+
+#define MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED MBEDTLS_MPS_MAKE_ERROR( 0x1 )
+#define MBEDTLS_ERR_MPS_INTERNAL_ERROR MBEDTLS_MPS_MAKE_ERROR( 0x2 )
+
+/* \} name SECTION: MPS general error codes */
+
+/**
+ * \name SECTION: MPS Reader error codes
+ *
+ * \{
+ */
+
+#ifndef MBEDTLS_MPS_READER_ERR_BASE
+#define MBEDTLS_MPS_READER_ERR_BASE ( 1 << 8 )
+#endif
+
+#define MBEDTLS_MPS_READER_MAKE_ERROR(code) \
+ ( -( MBEDTLS_MPS_READER_ERR_BASE | (code) ) )
+
+/*! An attempt to reclaim the data buffer from a reader failed because
+ * the user hasn't yet read and committed all of it. */
+#define MBEDTLS_ERR_MPS_READER_DATA_LEFT MBEDTLS_MPS_READER_MAKE_ERROR( 0x1 )
+
+/*! An invalid argument was passed to the reader. */
+#define MBEDTLS_ERR_MPS_READER_INVALID_ARG MBEDTLS_MPS_READER_MAKE_ERROR( 0x2 )
+
+/*! An attempt to move a reader to consuming mode through mbedtls_mps_reader_feed()
+ * after pausing failed because the provided data is not sufficient to serve the
+ * read requests that led to the pausing. */
+#define MBEDTLS_ERR_MPS_READER_NEED_MORE MBEDTLS_MPS_READER_MAKE_ERROR( 0x3 )
+
+/*! A get request failed because not enough data is available in the reader. */
+#define MBEDTLS_ERR_MPS_READER_OUT_OF_DATA MBEDTLS_MPS_READER_MAKE_ERROR( 0x4 )
+
+/*!< A get request after pausing and reactivating the reader failed because
+ * the request is not in line with the request made prior to pausing. The user
+ * must not change it's 'strategy' after pausing and reactivating a reader. */
+#define MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS MBEDTLS_MPS_READER_MAKE_ERROR( 0x5 )
+
+/*! An attempt to reclaim the data buffer from a reader failed because the reader
+ * has no accumulator it can use to backup the data that hasn't been processed. */
+#define MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR MBEDTLS_MPS_READER_MAKE_ERROR( 0x6 )
+
+/*! An attempt to reclaim the data buffer from a reader failed because the
+ * accumulator passed to the reader is not large enough to hold both the
+ * data that hasn't been processed and the excess of the last read-request. */
+#define MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL MBEDTLS_MPS_READER_MAKE_ERROR( 0x7 )
+
+/* \} name SECTION: MPS Reader error codes */
+
+#endif /* MBEDTLS_MPS_ERROR_H */
diff --git a/library/mps_reader.c b/library/mps_reader.c
new file mode 100644
index 0000000..9af5073
--- /dev/null
+++ b/library/mps_reader.c
@@ -0,0 +1,564 @@
+/*
+ * Message Processing Stack, Reader implementation
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+
+#include "mps_reader.h"
+#include "mps_common.h"
+#include "mps_trace.h"
+
+#include <string.h>
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+ !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#if defined(MBEDTLS_MPS_ENABLE_TRACE)
+static int mbedtls_mps_trace_id = MBEDTLS_MPS_TRACE_BIT_READER;
+#endif /* MBEDTLS_MPS_ENABLE_TRACE */
+
+/*
+ * GENERAL NOTE ON CODING STYLE
+ *
+ * The following code intentionally separates memory loads
+ * and stores from other operations (arithmetic or branches).
+ * This leads to the introduction of many local variables
+ * and significantly increases the C-code line count, but
+ * should not increase the size of generated assembly.
+ *
+ * The reason for this is twofold:
+ * (1) It will ease verification efforts using the VST
+ * (Verified Software Toolchain)
+ * whose program logic cannot directly reason
+ * about instructions containing a load or store in
+ * addition to other operations (e.g. *p = *q or
+ * tmp = *p + 42).
+ * (2) Operating on local variables and writing the results
+ * back to the target contexts on success only
+ * allows to maintain structure invariants even
+ * on failure - this in turn has two benefits:
+ * (2.a) If for some reason an error code is not caught
+ * and operation continues, functions are nonetheless
+ * called with sane contexts, reducing the risk
+ * of dangerous behavior.
+ * (2.b) Randomized testing is easier if structures
+ * remain intact even in the face of failing
+ * and/or non-sensical calls.
+ * Moreover, it might even reduce code-size because
+ * the compiler need not write back temporary results
+ * to memory in case of failure.
+ *
+ */
+
+static inline int mps_reader_is_accumulating(
+ mbedtls_mps_reader const *rd )
+{
+ mbedtls_mps_size_t acc_remaining;
+ if( rd->acc == NULL )
+ return( 0 );
+
+ acc_remaining = rd->acc_share.acc_remaining;
+ return( acc_remaining > 0 );
+}
+
+static inline int mps_reader_is_producing(
+ mbedtls_mps_reader const *rd )
+{
+ unsigned char *frag = rd->frag;
+ return( frag == NULL );
+}
+
+static inline int mps_reader_is_consuming(
+ mbedtls_mps_reader const *rd )
+{
+ return( !mps_reader_is_producing( rd ) );
+}
+
+static inline mbedtls_mps_size_t mps_reader_get_fragment_offset(
+ mbedtls_mps_reader const *rd )
+{
+ unsigned char *acc = rd->acc;
+ mbedtls_mps_size_t frag_offset;
+
+ if( acc == NULL )
+ return( 0 );
+
+ frag_offset = rd->acc_share.frag_offset;
+ return( frag_offset );
+}
+
+static inline mbedtls_mps_size_t mps_reader_serving_from_accumulator(
+ mbedtls_mps_reader const *rd )
+{
+ mbedtls_mps_size_t frag_offset, end;
+
+ frag_offset = mps_reader_get_fragment_offset( rd );
+ end = rd->end;
+
+ return( end < frag_offset );
+}
+
+static inline void mps_reader_zero( mbedtls_mps_reader *rd )
+{
+ /* A plain memset() would likely be more efficient,
+ * but the current way of zeroing makes it harder
+ * to overlook fields which should not be zero-initialized.
+ * It's also more suitable for FV efforts since it
+ * doesn't require reasoning about structs being
+ * interpreted as unstructured binary blobs. */
+ static mbedtls_mps_reader const zero =
+ { .frag = NULL,
+ .frag_len = 0,
+ .commit = 0,
+ .end = 0,
+ .pending = 0,
+ .acc = NULL,
+ .acc_len = 0,
+ .acc_available = 0,
+ .acc_share = { .acc_remaining = 0 }
+ };
+ *rd = zero;
+}
+
+int mbedtls_mps_reader_init( mbedtls_mps_reader *rd,
+ unsigned char *acc,
+ mbedtls_mps_size_t acc_len )
+{
+ MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_init" );
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "* Accumulator size: %u bytes", (unsigned) acc_len );
+ mps_reader_zero( rd );
+ rd->acc = acc;
+ rd->acc_len = acc_len;
+ MBEDTLS_MPS_TRACE_RETURN( 0 );
+}
+
+int mbedtls_mps_reader_free( mbedtls_mps_reader *rd )
+{
+ MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_free" );
+ mps_reader_zero( rd );
+ MBEDTLS_MPS_TRACE_RETURN( 0 );
+}
+
+int mbedtls_mps_reader_feed( mbedtls_mps_reader *rd,
+ unsigned char *new_frag,
+ mbedtls_mps_size_t new_frag_len )
+{
+ mbedtls_mps_size_t copy_to_acc;
+ MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_feed" );
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "* Fragment length: %u bytes", (unsigned) new_frag_len );
+
+ if( new_frag == NULL )
+ MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_INVALID_ARG );
+
+ MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_producing( rd ),
+ "mbedtls_mps_reader_feed() requires reader to be in producing mode" );
+
+ if( mps_reader_is_accumulating( rd ) )
+ {
+ unsigned char *acc = rd->acc;
+ mbedtls_mps_size_t acc_remaining = rd->acc_share.acc_remaining;
+ mbedtls_mps_size_t acc_available = rd->acc_available;
+
+ /* Skip over parts of the accumulator that have already been filled. */
+ acc += acc_available;
+
+ copy_to_acc = acc_remaining;
+ if( copy_to_acc > new_frag_len )
+ copy_to_acc = new_frag_len;
+
+ /* Copy new contents to accumulator. */
+ memcpy( acc, new_frag, copy_to_acc );
+
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Copy new data of size %u of %u into accumulator at offset %u",
+ (unsigned) copy_to_acc, (unsigned) new_frag_len, (unsigned) acc_available );
+
+ /* Check if, with the new fragment, we have enough data. */
+ acc_remaining -= copy_to_acc;
+ if( acc_remaining > 0 )
+ {
+ /* We need to accumulate more data. Stay in producing mode. */
+ acc_available += copy_to_acc;
+ rd->acc_share.acc_remaining = acc_remaining;
+ rd->acc_available = acc_available;
+ MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_NEED_MORE );
+ }
+
+ /* We have filled the accumulator: Move to consuming mode. */
+
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Enough data available to serve user request" );
+
+ /* Remember overlap of accumulator and fragment. */
+ rd->acc_share.frag_offset = acc_available;
+ acc_available += copy_to_acc;
+ rd->acc_available = acc_available;
+ }
+ else /* Not accumulating */
+ {
+ rd->acc_share.frag_offset = 0;
+ }
+
+ rd->frag = new_frag;
+ rd->frag_len = new_frag_len;
+ rd->commit = 0;
+ rd->end = 0;
+ MBEDTLS_MPS_TRACE_RETURN( 0 );
+}
+
+
+int mbedtls_mps_reader_get( mbedtls_mps_reader *rd,
+ mbedtls_mps_size_t desired,
+ unsigned char **buffer,
+ mbedtls_mps_size_t *buflen )
+{
+ unsigned char *frag;
+ mbedtls_mps_size_t frag_len, frag_offset, end, frag_fetched, frag_remaining;
+ MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_get" );
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "* Bytes requested: %u", (unsigned) desired );
+
+ MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ),
+ "mbedtls_mps_reader_get() requires reader to be in consuming mode" );
+
+ end = rd->end;
+ frag_offset = mps_reader_get_fragment_offset( rd );
+
+ /* Check if we're still serving from the accumulator. */
+ if( mps_reader_serving_from_accumulator( rd ) )
+ {
+ /* Illustration of supported and unsupported cases:
+ *
+ * - Allowed #1
+ *
+ * +-----------------------------------+
+ * | frag |
+ * +-----------------------------------+
+ *
+ * end end+desired
+ * | |
+ * +-----v-------v-------------+
+ * | acc |
+ * +---------------------------+
+ * | |
+ * frag_offset acc_available
+ *
+ * - Allowed #2
+ *
+ * +-----------------------------------+
+ * | frag |
+ * +-----------------------------------+
+ *
+ * end end+desired
+ * | |
+ * +----------v----------------v
+ * | acc |
+ * +---------------------------+
+ * | |
+ * frag_offset acc_available
+ *
+ * - Not allowed #1 (could be served, but we don't actually use it):
+ *
+ * +-----------------------------------+
+ * | frag |
+ * +-----------------------------------+
+ *
+ * end end+desired
+ * | |
+ * +------v-------------v------+
+ * | acc |
+ * +---------------------------+
+ * | |
+ * frag_offset acc_available
+ *
+ *
+ * - Not allowed #2 (can't be served with a contiguous buffer):
+ *
+ * +-----------------------------------+
+ * | frag |
+ * +-----------------------------------+
+ *
+ * end end + desired
+ * | |
+ * +------v--------------------+ v
+ * | acc |
+ * +---------------------------+
+ * | |
+ * frag_offset acc_available
+ *
+ * In case of Allowed #2 we're switching to serve from
+ * `frag` starting from the next call to mbedtls_mps_reader_get().
+ */
+
+ unsigned char *acc;
+
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Serve the request from the accumulator" );
+ if( frag_offset - end < desired )
+ {
+ mbedtls_mps_size_t acc_available;
+ acc_available = rd->acc_available;
+ if( acc_available - end != desired )
+ {
+ /* It might be possible to serve some of these situations by
+ * making additional space in the accumulator, removing those
+ * parts that have already been committed.
+ * On the other hand, this brings additional complexity and
+ * enlarges the code size, while there doesn't seem to be a use
+ * case where we don't attempt exactly the same `get` calls when
+ * resuming on a reader than what we tried before pausing it.
+ * If we believe we adhere to this restricted usage throughout
+ * the library, this check is a good opportunity to
+ * validate this. */
+ MBEDTLS_MPS_TRACE_RETURN(
+ MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS );
+ }
+ }
+
+ acc = rd->acc;
+ acc += end;
+
+ *buffer = acc;
+ if( buflen != NULL )
+ *buflen = desired;
+
+ end += desired;
+ rd->end = end;
+ rd->pending = 0;
+
+ MBEDTLS_MPS_TRACE_RETURN( 0 );
+ }
+
+ /* Attempt to serve the request from the current fragment */
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Serve the request from the current fragment." );
+
+ frag_len = rd->frag_len;
+ frag_fetched = end - frag_offset; /* The amount of data from the current
+ * fragment that has already been passed
+ * to the user. */
+ frag_remaining = frag_len - frag_fetched; /* Remaining data in fragment */
+
+ /* Check if we can serve the read request from the fragment. */
+ if( frag_remaining < desired )
+ {
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "There's not enough data in the current fragment "
+ "to serve the request." );
+ /* There's not enough data in the current fragment,
+ * so either just RETURN what we have or fail. */
+ if( buflen == NULL )
+ {
+ if( frag_remaining > 0 )
+ {
+ rd->pending = desired - frag_remaining;
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Remember to collect %u bytes before re-opening",
+ (unsigned) rd->pending );
+ }
+ MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+ }
+
+ desired = frag_remaining;
+ }
+
+ /* There's enough data in the current fragment to serve the
+ * (potentially modified) read request. */
+
+ frag = rd->frag;
+ frag += frag_fetched;
+
+ *buffer = frag;
+ if( buflen != NULL )
+ *buflen = desired;
+
+ end += desired;
+ rd->end = end;
+ rd->pending = 0;
+ MBEDTLS_MPS_TRACE_RETURN( 0 );
+}
+
+int mbedtls_mps_reader_commit( mbedtls_mps_reader *rd )
+{
+ mbedtls_mps_size_t end;
+ MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_commit" );
+ MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ),
+ "mbedtls_mps_reader_commit() requires reader to be in consuming mode" );
+
+ end = rd->end;
+ rd->commit = end;
+
+ MBEDTLS_MPS_TRACE_RETURN( 0 );
+}
+
+int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd,
+ int *paused )
+{
+ unsigned char *frag, *acc;
+ mbedtls_mps_size_t pending, commit;
+ mbedtls_mps_size_t acc_len, frag_offset, frag_len;
+ MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_reclaim" );
+
+ if( paused != NULL )
+ *paused = 0;
+
+ MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ),
+ "mbedtls_mps_reader_reclaim() requires reader to be in consuming mode" );
+
+ frag = rd->frag;
+ acc = rd->acc;
+ pending = rd->pending;
+ commit = rd->commit;
+ frag_len = rd->frag_len;
+
+ frag_offset = mps_reader_get_fragment_offset( rd );
+
+ if( pending == 0 )
+ {
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "No unsatisfied read-request has been logged." );
+
+ /* Check if there's data left to be consumed. */
+ if( commit < frag_offset || commit - frag_offset < frag_len )
+ {
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "There is data left to be consumed." );
+ rd->end = commit;
+ MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_DATA_LEFT );
+ }
+
+ rd->acc_available = 0;
+ rd->acc_share.acc_remaining = 0;
+
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Fragment has been fully processed and committed." );
+ }
+ else
+ {
+ int overflow;
+
+ mbedtls_mps_size_t acc_backup_offset;
+ mbedtls_mps_size_t acc_backup_len;
+ mbedtls_mps_size_t frag_backup_offset;
+ mbedtls_mps_size_t frag_backup_len;
+
+ mbedtls_mps_size_t backup_len;
+ mbedtls_mps_size_t acc_len_needed;
+
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "There has been an unsatisfied read with %u bytes overhead.",
+ (unsigned) pending );
+
+ if( acc == NULL )
+ {
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "No accumulator present" );
+ MBEDTLS_MPS_TRACE_RETURN(
+ MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR );
+ }
+ acc_len = rd->acc_len;
+
+ /* Check if the upper layer has already fetched
+ * and committed the contents of the accumulator. */
+ if( commit < frag_offset )
+ {
+ /* No, accumulator is still being processed. */
+ frag_backup_offset = 0;
+ frag_backup_len = frag_len;
+ acc_backup_offset = commit;
+ acc_backup_len = frag_offset - commit;
+ }
+ else
+ {
+ /* Yes, the accumulator is already processed. */
+ frag_backup_offset = commit - frag_offset;
+ frag_backup_len = frag_len - frag_backup_offset;
+ acc_backup_offset = 0;
+ acc_backup_len = 0;
+ }
+
+ backup_len = acc_backup_len + frag_backup_len;
+ acc_len_needed = backup_len + pending;
+
+ overflow = 0;
+ overflow |= ( backup_len < acc_backup_len );
+ overflow |= ( acc_len_needed < backup_len );
+
+ if( overflow || acc_len < acc_len_needed )
+ {
+ /* Except for the different return code, we behave as if
+ * there hadn't been a call to mbedtls_mps_reader_get()
+ * since the last commit. */
+ rd->end = commit;
+ rd->pending = 0;
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR,
+ "The accumulator is too small to handle the backup." );
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR,
+ "* Size: %u", (unsigned) acc_len );
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR,
+ "* Needed: %u (%u + %u)",
+ (unsigned) acc_len_needed,
+ (unsigned) backup_len, (unsigned) pending );
+ MBEDTLS_MPS_TRACE_RETURN(
+ MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL );
+ }
+
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Fragment backup: %u", (unsigned) frag_backup_len );
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Accumulator backup: %u", (unsigned) acc_backup_len );
+
+ /* Move uncommitted parts from the accumulator to the front
+ * of the accumulator. */
+ memmove( acc, acc + acc_backup_offset, acc_backup_len );
+
+ /* Copy uncmmitted parts of the current fragment to the
+ * accumulator. */
+ memcpy( acc + acc_backup_len,
+ frag + frag_backup_offset, frag_backup_len );
+
+ rd->acc_available = backup_len;
+ rd->acc_share.acc_remaining = pending;
+
+ if( paused != NULL )
+ *paused = 1;
+ }
+
+ rd->frag = NULL;
+ rd->frag_len = 0;
+
+ rd->commit = 0;
+ rd->end = 0;
+ rd->pending = 0;
+
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ "Final state: aa %u, al %u, ar %u",
+ (unsigned) rd->acc_available, (unsigned) rd->acc_len,
+ (unsigned) rd->acc_share.acc_remaining );
+ MBEDTLS_MPS_TRACE_RETURN( 0 );
+}
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/library/mps_reader.h b/library/mps_reader.h
new file mode 100644
index 0000000..427c1bd
--- /dev/null
+++ b/library/mps_reader.h
@@ -0,0 +1,382 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/**
+ * \file mps_reader.h
+ *
+ * \brief This file defines reader objects, which together with their
+ * sibling writer objects form the basis for the communication
+ * between the various layers of the Mbed TLS messaging stack,
+ * as well as the communication between the messaging stack and
+ * the (D)TLS handshake protocol implementation.
+ *
+ * Readers provide a means of transferring incoming data from
+ * a 'producer' providing it in chunks of arbitrary size, to
+ * a 'consumer' which fetches and processes it in chunks of
+ * again arbitrary, and potentially different, size.
+ *
+ * Readers can thus be seen as datagram-to-stream converters,
+ * and they abstract away the following two tasks from the user:
+ * 1. The pointer arithmetic of stepping through a producer-
+ * provided chunk in smaller chunks.
+ * 2. The merging of incoming data chunks in case the
+ * consumer requests data in larger chunks than what the
+ * producer provides.
+ *
+ * The basic abstract flow of operation is the following:
+ * - Initially, the reader is in 'producing mode'.
+ * - The producer hands an incoming data buffer to the reader,
+ * moving it from 'producing' to 'consuming' mode.
+ * - The consumer subsequently fetches and processes the buffer
+ * content. Once that's done -- or partially done and a consumer's
+ * request can't be fulfilled -- the producer revokes the reader's
+ * access to the incoming data buffer, putting the reader back to
+ * producing mode.
+ * - The producer subsequently gathers more incoming data and hands
+ * it to the reader until it switches back to consuming mode
+ * if enough data is available for the last consumer request to
+ * be satisfiable.
+ * - Repeat the above.
+ *
+ * The abstract states of the reader from the producer's and
+ * consumer's perspective are as follows:
+ *
+ * - From the perspective of the consumer, the state of the
+ * reader consists of the following:
+ * - A byte stream representing (concatenation of) the data
+ * received through calls to mbedtls_mps_reader_get(),
+ * - A marker within that byte stream indicating which data
+ * can be considered processed, and hence need not be retained,
+ * when the reader is passed back to the producer via
+ * mbedtls_mps_reader_reclaim().
+ * The marker is set via mbedtls_mps_reader_commit()
+ * which places it at the end of the current byte stream.
+ * The consumer need not be aware of the distinction between consumer
+ * and producer mode, because it only interfaces with the reader
+ * when the latter is in consuming mode.
+ *
+ * - From the perspective of the producer, the reader's state is one of:
+ * - Attached: The reader is in consuming mode.
+ * - Unset: No incoming data buffer is currently managed by the reader,
+ * and all previously handed incoming data buffers have been
+ * fully processed. More data needs to be fed into the reader
+ * via mbedtls_mps_reader_feed().
+ *
+ * - Accumulating: No incoming data buffer is currently managed by the
+ * reader, but some data from the previous incoming data
+ * buffer hasn't been processed yet and is internally
+ * held back.
+ * The Attached state belongs to consuming mode, while the Unset and
+ * Accumulating states belong to producing mode.
+ *
+ * Transitioning from the Unset or Accumulating state to Attached is
+ * done via successful calls to mbedtls_mps_reader_feed(), while
+ * transitioning from Attached to either Unset or Accumulating (depending
+ * on what has been processed) is done via mbedtls_mps_reader_reclaim().
+ *
+ * The following diagram depicts the producer-state progression:
+ *
+ * +------------------+ reclaim
+ * | Unset +<-------------------------------------+ get
+ * +--------|---------+ | +------+
+ * | | | |
+ * | | | |
+ * | feed +---------+---+--+ |
+ * +--------------------------------------> <---+
+ * | Attached |
+ * +--------------------------------------> <---+
+ * | feed, enough data available +---------+---+--+ |
+ * | to serve previous consumer request | | |
+ * | | | |
+ * +--------+---------+ | +------+
+ * +----> Accumulating |<-------------------------------------+ commit
+ * | +---+--------------+ reclaim, previous read request
+ * | | couldn't be fulfilled
+ * | |
+ * +--------+
+ * feed, need more data to serve
+ * previous consumer request
+ * |
+ * |
+ * producing mode | consuming mode
+ * |
+ *
+ */
+
+#ifndef MBEDTLS_READER_H
+#define MBEDTLS_READER_H
+
+#include <stdio.h>
+
+#include "mps_common.h"
+#include "mps_error.h"
+
+struct mbedtls_mps_reader;
+typedef struct mbedtls_mps_reader mbedtls_mps_reader;
+
+/*
+ * Structure definitions
+ */
+
+struct mbedtls_mps_reader
+{
+ unsigned char *frag; /*!< The fragment of incoming data managed by
+ * the reader; it is provided to the reader
+ * through mbedtls_mps_reader_feed(). The reader
+ * does not own the fragment and does not
+ * perform any allocation operations on it,
+ * but does have read and write access to it.
+ *
+ * The reader is in consuming mode if
+ * and only if \c frag is not \c NULL. */
+ mbedtls_mps_stored_size_t frag_len;
+ /*!< The length of the current fragment.
+ * Must be 0 if \c frag == \c NULL. */
+ mbedtls_mps_stored_size_t commit;
+ /*!< The offset of the last commit, relative
+ * to the first byte in the fragment, if
+ * no accumulator is present. If an accumulator
+ * is present, it is viewed as a prefix to the
+ * current fragment, and this variable contains
+ * an offset from the beginning of the accumulator.
+ *
+ * This is only used when the reader is in
+ * consuming mode, i.e. \c frag != \c NULL;
+ * otherwise, its value is \c 0. */
+ mbedtls_mps_stored_size_t end;
+ /*!< The offset of the end of the last chunk
+ * passed to the user through a call to
+ * mbedtls_mps_reader_get(), relative to the first
+ * byte in the fragment, if no accumulator is
+ * present. If an accumulator is present, it is
+ * viewed as a prefix to the current fragment, and
+ * this variable contains an offset from the
+ * beginning of the accumulator.
+ *
+ * This is only used when the reader is in
+ * consuming mode, i.e. \c frag != \c NULL;
+ * otherwise, its value is \c 0. */
+ mbedtls_mps_stored_size_t pending;
+ /*!< The amount of incoming data missing on the
+ * last call to mbedtls_mps_reader_get().
+ * In particular, it is \c 0 if the last call
+ * was successful.
+ * If a reader is reclaimed after an
+ * unsuccessful call to mbedtls_mps_reader_get(),
+ * this variable is used to have the reader
+ * remember how much data should be accumulated
+ * so that the call to mbedtls_mps_reader_get()
+ * succeeds next time.
+ * This is only used when the reader is in
+ * consuming mode, i.e. \c frag != \c NULL;
+ * otherwise, its value is \c 0. */
+
+ /* The accumulator is only needed if we need to be able to pause
+ * the reader. A few bytes could be saved by moving this to a
+ * separate struct and using a pointer here. */
+
+ unsigned char *acc; /*!< The accumulator is used to gather incoming
+ * data if a read-request via mbedtls_mps_reader_get()
+ * cannot be served from the current fragment. */
+ mbedtls_mps_stored_size_t acc_len;
+ /*!< The total size of the accumulator. */
+ mbedtls_mps_stored_size_t acc_available;
+ /*!< The number of bytes currently gathered in
+ * the accumulator. This is both used in
+ * producing and in consuming mode:
+ * While producing, it is increased until
+ * it reaches the value of \c acc_remaining below.
+ * While consuming, it is used to judge if a
+ * get request can be served from the
+ * accumulator or not.
+ * Must not be larger than \c acc_len. */
+ union
+ {
+ mbedtls_mps_stored_size_t acc_remaining;
+ /*!< This indicates the amount of data still
+ * to be gathered in the accumulator. It is
+ * only used in producing mode.
+ * Must be at most acc_len - acc_available. */
+ mbedtls_mps_stored_size_t frag_offset;
+ /*!< If an accumulator is present and in use, this
+ * field indicates the offset of the current
+ * fragment from the beginning of the
+ * accumulator. If no accumulator is present
+ * or the accumulator is not in use, this is \c 0.
+ * It is only used in consuming mode.
+ * Must not be larger than \c acc_available. */
+ } acc_share;
+};
+
+/*
+ * API organization:
+ * A reader object is usually prepared and maintained
+ * by some lower layer and passed for usage to an upper
+ * layer, and the API naturally splits according to which
+ * layer is supposed to use the respective functions.
+ */
+
+/*
+ * Maintenance API (Lower layer)
+ */
+
+/**
+ * \brief Initialize a reader object
+ *
+ * \param reader The reader to be initialized.
+ * \param acc The buffer to be used as a temporary accumulator
+ * in case get requests through mbedtls_mps_reader_get()
+ * exceed the buffer provided by mbedtls_mps_reader_feed().
+ * This buffer is owned by the caller and exclusive use
+ * for reading and writing is given to the reader for the
+ * duration of the reader's lifetime. It is thus the caller's
+ * responsibility to maintain (and not touch) the buffer for
+ * the lifetime of the reader, and to properly zeroize and
+ * free the memory after the reader has been destroyed.
+ * \param acc_len The size in Bytes of \p acc.
+ *
+ * \return \c 0 on success.
+ * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure.
+ */
+int mbedtls_mps_reader_init( mbedtls_mps_reader *reader,
+ unsigned char *acc,
+ mbedtls_mps_size_t acc_len );
+
+/**
+ * \brief Free a reader object
+ *
+ * \param reader The reader to be freed.
+ *
+ * \return \c 0 on success.
+ * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure.
+ */
+int mbedtls_mps_reader_free( mbedtls_mps_reader *reader );
+
+/**
+ * \brief Pass chunk of data for the reader to manage.
+ *
+ * \param reader The reader context to use. The reader must be
+ * in producing mode.
+ * \param buf The buffer to be managed by the reader.
+ * \param buflen The size in Bytes of \p buffer.
+ *
+ * \return \c 0 on success. In this case, the reader will be
+ * moved to consuming mode and obtains read access
+ * of \p buf until mbedtls_mps_reader_reclaim()
+ * is called. It is the responsibility of the caller
+ * to ensure that the \p buf persists and is not changed
+ * between successful calls to mbedtls_mps_reader_feed()
+ * and mbedtls_mps_reader_reclaim().
+ * \return \c MBEDTLS_ERR_MPS_READER_NEED_MORE if more input data is
+ * required to fulfill a previous request to mbedtls_mps_reader_get().
+ * In this case, the reader remains in producing mode and
+ * takes no ownership of the provided buffer (an internal copy
+ * is made instead).
+ * \return Another negative \c MBEDTLS_ERR_READER_XXX error code on
+ * different kinds of failures.
+ */
+int mbedtls_mps_reader_feed( mbedtls_mps_reader *reader,
+ unsigned char *buf,
+ mbedtls_mps_size_t buflen );
+
+/**
+ * \brief Reclaim reader's access to the current input buffer.
+ *
+ * \param reader The reader context to use. The reader must be
+ * in consuming mode.
+ * \param paused If not \c NULL, the integer at address \p paused will be
+ * modified to indicate whether the reader has been paused
+ * (value \c 1) or not (value \c 0). Pausing happens if there
+ * is uncommitted data and a previous request to
+ * mbedtls_mps_reader_get() has exceeded the bounds of the
+ * input buffer.
+ *
+ * \return \c 0 on success.
+ * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure.
+ */
+int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *reader,
+ int *paused );
+
+/*
+ * Usage API (Upper layer)
+ */
+
+/**
+ * \brief Request data from the reader.
+ *
+ * \param reader The reader context to use. The reader must
+ * be in consuming mode.
+ * \param desired The desired amount of data to be read, in Bytes.
+ * \param buffer The address to store the buffer pointer in.
+ * This must not be \c NULL.
+ * \param buflen The address to store the actual buffer
+ * length in, or \c NULL.
+ *
+ * \return \c 0 on success. In this case, \c *buf holds the
+ * address of a buffer of size \c *buflen
+ * (if \c buflen != \c NULL) or \c desired
+ * (if \c buflen == \c NULL). The user has read access
+ * to the buffer and guarantee of stability of the data
+ * until the next call to mbedtls_mps_reader_reclaim().
+ * \return #MBEDTLS_ERR_MPS_READER_OUT_OF_DATA if there is not enough
+ * data available to serve the get request. In this case, the
+ * reader remains intact and in consuming mode, and the consumer
+ * should retry the call after a successful cycle of
+ * mbedtls_mps_reader_reclaim() and mbedtls_mps_reader_feed().
+ * If, after such a cycle, the consumer requests a different
+ * amount of data, the result is implementation-defined;
+ * progress is guaranteed only if the same amount of data
+ * is requested after a mbedtls_mps_reader_reclaim() and
+ * mbedtls_mps_reader_feed() cycle.
+ * \return Another negative \c MBEDTLS_ERR_READER_XXX error
+ * code for different kinds of failure.
+ *
+ * \note Passing \c NULL as \p buflen is a convenient way to
+ * indicate that fragmentation is not tolerated.
+ * It's functionally equivalent to passing a valid
+ * address as buflen and checking \c *buflen == \c desired
+ * afterwards.
+ */
+int mbedtls_mps_reader_get( mbedtls_mps_reader *reader,
+ mbedtls_mps_size_t desired,
+ unsigned char **buffer,
+ mbedtls_mps_size_t *buflen );
+
+/**
+ * \brief Mark data obtained from mbedtls_mps_reader_get() as processed.
+ *
+ * This call indicates that all data received from prior calls to
+ * mbedtls_mps_reader_get() has been or will have been
+ * processed when mbedtls_mps_reader_reclaim() is called,
+ * and thus need not be backed up.
+ *
+ * This function has no user observable effect until
+ * mbedtls_mps_reader_reclaim() is called. In particular,
+ * buffers received from mbedtls_mps_reader_get() remain
+ * valid until mbedtls_mps_reader_reclaim() is called.
+ *
+ * \param reader The reader context to use.
+ *
+ * \return \c 0 on success.
+ * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure.
+ *
+ */
+int mbedtls_mps_reader_commit( mbedtls_mps_reader *reader );
+
+#endif /* MBEDTLS_READER_H */
diff --git a/library/mps_trace.c b/library/mps_trace.c
new file mode 100644
index 0000000..6026a07
--- /dev/null
+++ b/library/mps_trace.c
@@ -0,0 +1,127 @@
+/*
+ * Message Processing Stack, Trace module
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+
+#include "mps_common.h"
+
+#if defined(MBEDTLS_MPS_ENABLE_TRACE)
+
+#include "mps_trace.h"
+#include <stdarg.h>
+
+static int trace_depth = 0;
+
+#define color_default "\x1B[0m"
+#define color_red "\x1B[1;31m"
+#define color_green "\x1B[1;32m"
+#define color_yellow "\x1B[1;33m"
+#define color_blue "\x1B[1;34m"
+#define color_magenta "\x1B[1;35m"
+#define color_cyan "\x1B[1;36m"
+#define color_white "\x1B[1;37m"
+
+static char const * colors[] =
+{
+ color_default,
+ color_green,
+ color_yellow,
+ color_magenta,
+ color_cyan,
+ color_blue,
+ color_white
+};
+
+#define MPS_TRACE_BUF_SIZE 100
+
+void mbedtls_mps_trace_print_msg( int id, int line, const char *format, ... )
+{
+ int ret;
+ char str[MPS_TRACE_BUF_SIZE];
+ va_list argp;
+ va_start( argp, format );
+ ret = mbedtls_vsnprintf( str, MPS_TRACE_BUF_SIZE, format, argp );
+ va_end( argp );
+
+ if( ret >= 0 && ret < MPS_TRACE_BUF_SIZE )
+ {
+ str[ret] = '\0';
+ mbedtls_printf( "[%d|L%d]: %s\n", id, line, str );
+ }
+}
+
+int mbedtls_mps_trace_get_depth()
+{
+ return trace_depth;
+}
+void mbedtls_mps_trace_dec_depth()
+{
+ trace_depth--;
+}
+void mbedtls_mps_trace_inc_depth()
+{
+ trace_depth++;
+}
+
+void mbedtls_mps_trace_color( int id )
+{
+ if( id > (int) ( sizeof( colors ) / sizeof( *colors ) ) )
+ return;
+ printf( "%s", colors[ id ] );
+}
+
+void mbedtls_mps_trace_indent( int level, mbedtls_mps_trace_type ty )
+{
+ if( level > 0 )
+ {
+ while( --level )
+ printf( "| " );
+
+ printf( "| " );
+ }
+
+ switch( ty )
+ {
+ case MBEDTLS_MPS_TRACE_TYPE_COMMENT:
+ mbedtls_printf( "@ " );
+ break;
+
+ case MBEDTLS_MPS_TRACE_TYPE_CALL:
+ mbedtls_printf( "+--> " );
+ break;
+
+ case MBEDTLS_MPS_TRACE_TYPE_ERROR:
+ mbedtls_printf( "E " );
+ break;
+
+ case MBEDTLS_MPS_TRACE_TYPE_RETURN:
+ mbedtls_printf( "< " );
+ break;
+
+ default:
+ break;
+ }
+}
+
+#endif /* MBEDTLS_MPS_ENABLE_TRACE */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/library/mps_trace.h b/library/mps_trace.h
new file mode 100644
index 0000000..7c23601
--- /dev/null
+++ b/library/mps_trace.h
@@ -0,0 +1,175 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/**
+ * \file mps_trace.h
+ *
+ * \brief Tracing module for MPS
+ */
+
+#ifndef MBEDTLS_MPS_MBEDTLS_MPS_TRACE_H
+#define MBEDTLS_MPS_MBEDTLS_MPS_TRACE_H
+
+#include "common.h"
+#include "mps_common.h"
+#include "mps_trace.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#define mbedtls_vsnprintf vsnprintf
+#endif /* MBEDTLS_PLATFORM_C */
+
+#if defined(MBEDTLS_MPS_ENABLE_TRACE)
+
+/*
+ * Adapt this to enable/disable tracing output
+ * from the various layers of the MPS.
+ */
+
+#define MBEDTLS_MPS_TRACE_ENABLE_LAYER_1
+#define MBEDTLS_MPS_TRACE_ENABLE_LAYER_2
+#define MBEDTLS_MPS_TRACE_ENABLE_LAYER_3
+#define MBEDTLS_MPS_TRACE_ENABLE_LAYER_4
+#define MBEDTLS_MPS_TRACE_ENABLE_READER
+#define MBEDTLS_MPS_TRACE_ENABLE_WRITER
+
+/*
+ * To use the existing trace module, only change
+ * MBEDTLS_MPS_TRACE_ENABLE_XXX above, but don't modify the
+ * rest of this file.
+ */
+
+typedef enum
+{
+ MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+ MBEDTLS_MPS_TRACE_TYPE_CALL,
+ MBEDTLS_MPS_TRACE_TYPE_ERROR,
+ MBEDTLS_MPS_TRACE_TYPE_RETURN
+} mbedtls_mps_trace_type;
+
+#define MBEDTLS_MPS_TRACE_BIT_LAYER_1 1
+#define MBEDTLS_MPS_TRACE_BIT_LAYER_2 2
+#define MBEDTLS_MPS_TRACE_BIT_LAYER_3 3
+#define MBEDTLS_MPS_TRACE_BIT_LAYER_4 4
+#define MBEDTLS_MPS_TRACE_BIT_WRITER 5
+#define MBEDTLS_MPS_TRACE_BIT_READER 6
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_1)
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_1 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_1 )
+#else
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_1 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_2)
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_2 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_2 )
+#else
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_2 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_3)
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_3 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_3 )
+#else
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_3 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_4)
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_4 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_4 )
+#else
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_4 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_READER)
+#define MBEDTLS_MPS_TRACE_MASK_READER (1u << MBEDTLS_MPS_TRACE_BIT_READER )
+#else
+#define MBEDTLS_MPS_TRACE_MASK_READER 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_WRITER)
+#define MBEDTLS_MPS_TRACE_MASK_WRITER (1u << MBEDTLS_MPS_TRACE_BIT_WRITER )
+#else
+#define MBEDTLS_MPS_TRACE_MASK_WRITER 0
+#endif
+
+#define MBEDTLS_MPS_TRACE_MASK ( MBEDTLS_MPS_TRACE_MASK_LAYER_1 | \
+ MBEDTLS_MPS_TRACE_MASK_LAYER_2 | \
+ MBEDTLS_MPS_TRACE_MASK_LAYER_3 | \
+ MBEDTLS_MPS_TRACE_MASK_LAYER_4 | \
+ MBEDTLS_MPS_TRACE_MASK_READER | \
+ MBEDTLS_MPS_TRACE_MASK_WRITER )
+
+/* We have to avoid globals because E-ACSL chokes on them...
+ * Wrap everything in stub functions. */
+int mbedtls_mps_trace_get_depth( void );
+void mbedtls_mps_trace_inc_depth( void );
+void mbedtls_mps_trace_dec_depth( void );
+
+void mbedtls_mps_trace_color( int id );
+void mbedtls_mps_trace_indent( int level, mbedtls_mps_trace_type ty );
+
+void mbedtls_mps_trace_print_msg( int id, int line, const char *format, ... );
+
+#define MBEDTLS_MPS_TRACE( type, ... ) \
+ do { \
+ if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \
+ break; \
+ mbedtls_mps_trace_indent( mbedtls_mps_trace_get_depth(), type ); \
+ mbedtls_mps_trace_color( mbedtls_mps_trace_id ); \
+ mbedtls_mps_trace_print_msg( mbedtls_mps_trace_id, __LINE__, __VA_ARGS__ ); \
+ mbedtls_mps_trace_color( 0 ); \
+ } while( 0 )
+
+#define MBEDTLS_MPS_TRACE_INIT( ... ) \
+ do { \
+ if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \
+ break; \
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_CALL, __VA_ARGS__ ); \
+ mbedtls_mps_trace_inc_depth(); \
+ } while( 0 )
+
+#define MBEDTLS_MPS_TRACE_END( val ) \
+ do { \
+ if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \
+ break; \
+ MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_RETURN, "%d (-%#04x)", \
+ (int) (val), -((unsigned)(val)) ); \
+ mbedtls_mps_trace_dec_depth(); \
+ } while( 0 )
+
+#define MBEDTLS_MPS_TRACE_RETURN( val ) \
+ do { \
+ /* Breaks tail recursion. */ \
+ int ret__ = val; \
+ MBEDTLS_MPS_TRACE_END( ret__ ); \
+ return( ret__ ); \
+ } while( 0 )
+
+#else /* MBEDTLS_MPS_TRACE */
+
+#define MBEDTLS_MPS_TRACE( type, ... ) do { } while( 0 )
+#define MBEDTLS_MPS_TRACE_INIT( ... ) do { } while( 0 )
+#define MBEDTLS_MPS_TRACE_END do { } while( 0 )
+
+#define MBEDTLS_MPS_TRACE_RETURN( val ) return( val );
+
+#endif /* MBEDTLS_MPS_TRACE */
+
+#endif /* MBEDTLS_MPS_MBEDTLS_MPS_TRACE_H */
diff --git a/library/net_sockets.c b/library/net_sockets.c
index 54c2b47..5fbe1f7 100644
--- a/library/net_sockets.c
+++ b/library/net_sockets.c
@@ -20,8 +20,12 @@
/* Enable definition of getaddrinfo() even when compiling with -std=c99. Must
* be set before config.h, which pulls in glibc's features.h indirectly.
* Harmless on other platforms. */
+#ifndef _POSIX_C_SOURCE
#define _POSIX_C_SOURCE 200112L
+#endif
+#ifndef _XOPEN_SOURCE
#define _XOPEN_SOURCE 600 /* sockaddr_storage */
+#endif
#include "common.h"
@@ -132,6 +136,31 @@
}
/*
+ * Return 0 if the file descriptor is valid, an error otherwise.
+ * If for_select != 0, check whether the file descriptor is within the range
+ * allowed for fd_set used for the FD_xxx macros and the select() function.
+ */
+static int check_fd( int fd, int for_select )
+{
+ if( fd < 0 )
+ return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+ !defined(EFI32)
+ (void) for_select;
+#else
+ /* A limitation of select() is that it only works with file descriptors
+ * that are strictly less than FD_SETSIZE. This is a limitation of the
+ * fd_set type. Error out early, because attempting to call FD_SET on a
+ * large file descriptor is a buffer overflow on typical platforms. */
+ if( for_select && fd >= FD_SETSIZE )
+ return( MBEDTLS_ERR_NET_POLL_FAILED );
+#endif
+
+ return( 0 );
+}
+
+/*
* Initialize a context
*/
void mbedtls_net_init( mbedtls_net_context *ctx )
@@ -462,8 +491,9 @@
int fd = ctx->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+ ret = check_fd( fd, 1 );
+ if( ret != 0 )
+ return( ret );
#if defined(__has_feature)
#if __has_feature(memory_sanitizer)
@@ -542,8 +572,9 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+ ret = check_fd( fd, 0 );
+ if( ret != 0 )
+ return( ret );
ret = (int) read( fd, buf, len );
@@ -581,8 +612,9 @@
fd_set read_fds;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+ ret = check_fd( fd, 1 );
+ if( ret != 0 )
+ return( ret );
FD_ZERO( &read_fds );
FD_SET( fd, &read_fds );
@@ -622,8 +654,9 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+ ret = check_fd( fd, 0 );
+ if( ret != 0 )
+ return( ret );
ret = (int) write( fd, buf, len );
diff --git a/library/nist_kw.c b/library/nist_kw.c
index 04829a0..e2ab256 100644
--- a/library/nist_kw.c
+++ b/library/nist_kw.c
@@ -77,26 +77,6 @@
/*! The 32-bit default integrity check value (ICV) for KWP mode. */
static const unsigned char NIST_KW_ICV2[] = {0xA6, 0x59, 0x59, 0xA6};
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-do { \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-} while( 0 )
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-do { \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-} while( 0 )
-#endif
-
/*
* Initialize context
*/
@@ -189,8 +169,6 @@
uint64_t t = 0;
unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2];
- unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH;
- unsigned char *A = output;
*out_len = 0;
/*
@@ -245,7 +223,7 @@
}
memcpy( output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2 );
- PUT_UINT32_BE( ( in_len & 0xffffffff ), output,
+ MBEDTLS_PUT_UINT32_BE( ( in_len & 0xffffffff ), output,
KW_SEMIBLOCK_LENGTH / 2 );
memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len );
@@ -266,6 +244,9 @@
}
else
{
+ unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH;
+ unsigned char *A = output;
+
/*
* Do the wrapping function W, as defined in RFC 3394 section 2.2.1
*/
@@ -329,7 +310,7 @@
uint64_t t = 0;
unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2];
- unsigned char *R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH;
+ unsigned char *R = NULL;
*out_len = 0;
if( semiblocks < MIN_SEMIBLOCKS_COUNT )
@@ -339,6 +320,7 @@
memcpy( A, input, KW_SEMIBLOCK_LENGTH );
memmove( output, input + KW_SEMIBLOCK_LENGTH, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH );
+ R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH;
/* Calculate intermediate values */
for( t = s; t >= 1; t-- )
@@ -472,7 +454,7 @@
ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
}
- GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 );
+ Plen = MBEDTLS_GET_UINT32_BE( A, KW_SEMIBLOCK_LENGTH / 2 );
/*
* Plen is the length of the plaintext, when the input is valid.
diff --git a/library/pem.c b/library/pem.c
index 534d071..fcfde94 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -343,7 +343,7 @@
ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 );
if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER )
- return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) );
if( ( buf = mbedtls_calloc( 1, len ) ) == NULL )
return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
@@ -352,7 +352,7 @@
{
mbedtls_platform_zeroize( buf, len );
mbedtls_free( buf );
- return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) );
}
if( enc != 0 )
@@ -478,8 +478,12 @@
*p++ = '\0';
*olen = p - buf;
+ /* Clean any remaining data previously written to the buffer */
+ memset( buf + *olen, 0, buf_len - *olen );
+
mbedtls_free( encode_buf );
return( 0 );
}
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */
+
diff --git a/library/pk.c b/library/pk.c
index ecf002d..05cc213 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -235,12 +235,15 @@
{
const mbedtls_md_info_t *md_info;
- if( *hash_len != 0 )
+ if( *hash_len != 0 && md_alg == MBEDTLS_MD_NONE )
return( 0 );
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
return( -1 );
+ if ( *hash_len != 0 && *hash_len != mbedtls_md_get_size( md_info ) )
+ return ( -1 );
+
*hash_len = mbedtls_md_get_size( md_info );
return( 0 );
}
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 4bdeb68..3699dd5 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -60,21 +60,21 @@
*
*/
if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
- return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) );
salt->p = *p;
*p += salt->len;
if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 )
- return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) );
if( *p != end )
- return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -330,8 +330,8 @@
for( i = v; i > 0; i-- )
{
j = salt_block[i - 1] + hash_block[i - 1] + c;
- c = (unsigned char) (j >> 8);
- salt_block[i - 1] = j & 0xFF;
+ c = MBEDTLS_BYTE_1( j );
+ salt_block[i - 1] = MBEDTLS_BYTE_0( j );
}
// pwd_block += B
@@ -339,8 +339,8 @@
for( i = v; i > 0; i-- )
{
j = pwd_block[i - 1] + hash_block[i - 1] + c;
- c = (unsigned char) (j >> 8);
- pwd_block[i - 1] = j & 0xFF;
+ c = MBEDTLS_BYTE_1( j );
+ pwd_block[i - 1] = MBEDTLS_BYTE_0( j );
}
}
diff --git a/library/pkcs5.c b/library/pkcs5.c
index f89cc64..2b014d9 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -60,8 +60,8 @@
const unsigned char *end = params->p + params->len;
if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
/*
* PBKDF2-params ::= SEQUENCE {
* salt OCTET STRING,
@@ -73,13 +73,13 @@
*/
if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len,
MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
salt->p = p;
p += salt->len;
if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 )
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
if( p == end )
return( 0 );
@@ -87,21 +87,21 @@
if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 )
{
if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
}
if( p == end )
return( 0 );
if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 )
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( p != end )
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -134,12 +134,12 @@
* }
*/
if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid,
&kdf_alg_params ) ) != 0 )
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
// Only PBKDF2 supported at the moment
//
@@ -160,7 +160,7 @@
if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid,
&enc_scheme_params ) ) != 0 )
{
- return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
}
if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 )
@@ -221,7 +221,8 @@
unsigned int iteration_count,
uint32_t key_length, unsigned char *output )
{
- int ret, j;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ int j;
unsigned int i;
unsigned char md1[MBEDTLS_MD_MAX_SIZE];
unsigned char work[MBEDTLS_MD_MAX_SIZE];
@@ -245,16 +246,16 @@
// U1 ends up in work
//
if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 )
- return( ret );
+ goto cleanup;
memcpy( md1, work, md_size );
@@ -263,13 +264,13 @@
// U2 ends up in md1
//
if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 )
- return( ret );
+ goto cleanup;
// U1 xor U2
//
@@ -288,7 +289,12 @@
break;
}
- return( 0 );
+cleanup:
+ /* Zeroise buffers to clear sensitive data from memory. */
+ mbedtls_platform_zeroize( work, MBEDTLS_MD_MAX_SIZE );
+ mbedtls_platform_zeroize( md1, MBEDTLS_MD_MAX_SIZE );
+
+ return( ret );
}
#if defined(MBEDTLS_SELF_TEST)
diff --git a/library/pkparse.c b/library/pkparse.c
index 0590f2b..535ed70 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -186,8 +186,8 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if ( end - *p < 1 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
/* Tag may be either OID or SEQUENCE */
params->tag = **p;
@@ -197,21 +197,21 @@
#endif
)
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
}
if( ( ret = mbedtls_asn1_get_tag( p, end, ¶ms->len, params->tag ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
params->p = *p;
*p += params->len;
if( *p != end )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -247,7 +247,7 @@
/* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */
if( ( ret = mbedtls_asn1_get_int( &p, end, &ver ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
if( ver < 1 || ver > 3 )
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
@@ -285,13 +285,13 @@
/* Prime-p ::= INTEGER -- Field of size p. */
if( ( ret = mbedtls_asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
grp->pbits = mbedtls_mpi_bitlen( &grp->P );
if( p != end_field )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/*
* Curve ::= SEQUENCE {
@@ -315,7 +315,7 @@
if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ||
( ret = mbedtls_mpi_read_binary( &grp->A, p, len ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
p += len;
@@ -323,7 +323,7 @@
if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ||
( ret = mbedtls_mpi_read_binary( &grp->B, p, len ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
p += len;
@@ -333,14 +333,14 @@
p += len;
if( p != end_curve )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/*
* ECPoint ::= OCTET STRING
*/
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
if( ( ret = mbedtls_ecp_point_read_binary( grp, &grp->G,
( const unsigned char *) p, len ) ) != 0 )
@@ -366,7 +366,7 @@
* order INTEGER
*/
if( ( ret = mbedtls_asn1_get_mpi( &p, end, &grp->N ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
grp->nbits = mbedtls_mpi_bitlen( &grp->N );
@@ -528,15 +528,15 @@
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) );
if( *p + len != end )
- return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/* Import N */
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
- return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) );
if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0,
NULL, 0, NULL, 0 ) ) != 0 )
@@ -546,7 +546,7 @@
/* Import E */
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
- return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) );
if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
NULL, 0, *p, len ) ) != 0 )
@@ -561,8 +561,8 @@
}
if( *p != end )
- return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -584,7 +584,7 @@
memset( params, 0, sizeof(mbedtls_asn1_buf) );
if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 )
- return( MBEDTLS_ERR_PK_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_ALG, ret ) );
if( mbedtls_oid_get_pk_alg( &alg_oid, pk_alg ) != 0 )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
@@ -624,7 +624,7 @@
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
end = *p + len;
@@ -633,11 +633,11 @@
return( ret );
if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
- return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) );
if( *p + len != end )
- return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
@@ -662,8 +662,8 @@
ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
if( ret == 0 && *p != end )
- ret = MBEDTLS_ERR_PK_INVALID_PUBKEY +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
if( ret != 0 )
mbedtls_pk_free( pk );
@@ -734,14 +734,14 @@
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
end = p + len;
if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
if( version != 0 )
@@ -831,8 +831,8 @@
if( p != end )
{
- ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ;
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
cleanup:
@@ -843,7 +843,7 @@
{
/* Wrap error code if it's coming from a lower level */
if( ( ret & 0xff80 ) == 0 )
- ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret;
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret );
else
ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
@@ -883,24 +883,24 @@
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
end = p + len;
if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
if( version != 1 )
return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION );
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
if( ( ret = mbedtls_mpi_read_binary( &eck->d, p, len ) ) != 0 )
{
mbedtls_ecp_keypair_free( eck );
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
p += len;
@@ -924,7 +924,7 @@
else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
{
mbedtls_ecp_keypair_free( eck );
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
}
@@ -940,11 +940,11 @@
end2 = p + len;
if( ( ret = mbedtls_asn1_get_bitstring_null( &p, end2, &len ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
if( p + len != end2 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 )
pubkey_done = 1;
@@ -961,7 +961,7 @@
else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
{
mbedtls_ecp_keypair_free( eck );
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
}
@@ -970,7 +970,7 @@
NULL, NULL ) ) != 0 )
{
mbedtls_ecp_keypair_free( eck );
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
if( ( ret = mbedtls_ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
@@ -1028,26 +1028,28 @@
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
end = p + len;
if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
if( version != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret ) );
if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ {
+ return( ret );
+ }
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
if( len < 1 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
@@ -1130,16 +1132,16 @@
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
}
end = p + len;
if( ( ret = mbedtls_asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
buf = p;
@@ -1378,8 +1380,11 @@
}
#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
- if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 )
+ ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen );
+ if( ret == 0 )
+ {
return( 0 );
+ }
mbedtls_pk_free( pk );
mbedtls_pk_init( pk );
@@ -1518,7 +1523,8 @@
return( ret );
}
mbedtls_pk_free( ctx );
- if( ret != ( MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) )
+ if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) )
{
return( ret );
}
diff --git a/library/pkwrite.c b/library/pkwrite.c
index 0da3698..566153d 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -487,7 +487,7 @@
* publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1
* }
*/
-#define RSA_PUB_DER_MAX_BYTES 38 + 2 * MBEDTLS_MPI_MAX_SIZE
+#define RSA_PUB_DER_MAX_BYTES ( 38 + 2 * MBEDTLS_MPI_MAX_SIZE )
/*
* RSA private keys:
@@ -504,10 +504,10 @@
* otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported)
* }
*/
-#define MPI_MAX_SIZE_2 MBEDTLS_MPI_MAX_SIZE / 2 + \
- MBEDTLS_MPI_MAX_SIZE % 2
-#define RSA_PRV_DER_MAX_BYTES 47 + 3 * MBEDTLS_MPI_MAX_SIZE \
- + 5 * MPI_MAX_SIZE_2
+#define MPI_MAX_SIZE_2 ( MBEDTLS_MPI_MAX_SIZE / 2 + \
+ MBEDTLS_MPI_MAX_SIZE % 2 )
+#define RSA_PRV_DER_MAX_BYTES ( 47 + 3 * MBEDTLS_MPI_MAX_SIZE \
+ + 5 * MPI_MAX_SIZE_2 )
#else /* MBEDTLS_RSA_C */
@@ -528,7 +528,7 @@
* + 2 * ECP_MAX (coords) [1]
* }
*/
-#define ECP_PUB_DER_MAX_BYTES 30 + 2 * MBEDTLS_ECP_MAX_BYTES
+#define ECP_PUB_DER_MAX_BYTES ( 30 + 2 * MBEDTLS_ECP_MAX_BYTES )
/*
* EC private keys:
@@ -539,7 +539,7 @@
* publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above
* }
*/
-#define ECP_PRV_DER_MAX_BYTES 29 + 3 * MBEDTLS_ECP_MAX_BYTES
+#define ECP_PRV_DER_MAX_BYTES ( 29 + 3 * MBEDTLS_ECP_MAX_BYTES )
#else /* MBEDTLS_ECP_C */
@@ -548,10 +548,10 @@
#endif /* MBEDTLS_ECP_C */
-#define PUB_DER_MAX_BYTES RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
- RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES
-#define PRV_DER_MAX_BYTES RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
- RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES
+#define PUB_DER_MAX_BYTES ( RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
+ RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES )
+#define PRV_DER_MAX_BYTES ( RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
+ RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES )
int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
{
diff --git a/library/poly1305.c b/library/poly1305.c
index 492d145..7375a0c 100644
--- a/library/poly1305.c
+++ b/library/poly1305.c
@@ -52,13 +52,6 @@
#define POLY1305_BLOCK_SIZE_BYTES ( 16U )
-#define BYTES_TO_U32_LE( data, offset ) \
- ( (uint32_t) (data)[offset] \
- | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \
- | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \
- | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \
- )
-
/*
* Our implementation is tuned for 32-bit platforms with a 64-bit multiplier.
* However we provided an alternative for platforms without such a multiplier.
@@ -129,10 +122,10 @@
for( i = 0U; i < nblocks; i++ )
{
/* The input block is treated as a 128-bit little-endian integer */
- d0 = BYTES_TO_U32_LE( input, offset + 0 );
- d1 = BYTES_TO_U32_LE( input, offset + 4 );
- d2 = BYTES_TO_U32_LE( input, offset + 8 );
- d3 = BYTES_TO_U32_LE( input, offset + 12 );
+ d0 = MBEDTLS_GET_UINT32_LE( input, offset + 0 );
+ d1 = MBEDTLS_GET_UINT32_LE( input, offset + 4 );
+ d2 = MBEDTLS_GET_UINT32_LE( input, offset + 8 );
+ d3 = MBEDTLS_GET_UINT32_LE( input, offset + 12 );
/* Compute: acc += (padded) block as a 130-bit integer */
d0 += (uint64_t) acc0;
@@ -257,22 +250,10 @@
acc3 += ctx->s[3] + (uint32_t) ( d >> 32U );
/* Compute MAC (128 least significant bits of the accumulator) */
- mac[ 0] = (unsigned char)( acc0 );
- mac[ 1] = (unsigned char)( acc0 >> 8 );
- mac[ 2] = (unsigned char)( acc0 >> 16 );
- mac[ 3] = (unsigned char)( acc0 >> 24 );
- mac[ 4] = (unsigned char)( acc1 );
- mac[ 5] = (unsigned char)( acc1 >> 8 );
- mac[ 6] = (unsigned char)( acc1 >> 16 );
- mac[ 7] = (unsigned char)( acc1 >> 24 );
- mac[ 8] = (unsigned char)( acc2 );
- mac[ 9] = (unsigned char)( acc2 >> 8 );
- mac[10] = (unsigned char)( acc2 >> 16 );
- mac[11] = (unsigned char)( acc2 >> 24 );
- mac[12] = (unsigned char)( acc3 );
- mac[13] = (unsigned char)( acc3 >> 8 );
- mac[14] = (unsigned char)( acc3 >> 16 );
- mac[15] = (unsigned char)( acc3 >> 24 );
+ MBEDTLS_PUT_UINT32_LE( acc0, mac, 0 );
+ MBEDTLS_PUT_UINT32_LE( acc1, mac, 4 );
+ MBEDTLS_PUT_UINT32_LE( acc2, mac, 8 );
+ MBEDTLS_PUT_UINT32_LE( acc3, mac, 12 );
}
void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx )
@@ -297,15 +278,15 @@
POLY1305_VALIDATE_RET( key != NULL );
/* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */
- ctx->r[0] = BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU;
- ctx->r[1] = BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU;
- ctx->r[2] = BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU;
- ctx->r[3] = BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU;
+ ctx->r[0] = MBEDTLS_GET_UINT32_LE( key, 0 ) & 0x0FFFFFFFU;
+ ctx->r[1] = MBEDTLS_GET_UINT32_LE( key, 4 ) & 0x0FFFFFFCU;
+ ctx->r[2] = MBEDTLS_GET_UINT32_LE( key, 8 ) & 0x0FFFFFFCU;
+ ctx->r[3] = MBEDTLS_GET_UINT32_LE( key, 12 ) & 0x0FFFFFFCU;
- ctx->s[0] = BYTES_TO_U32_LE( key, 16 );
- ctx->s[1] = BYTES_TO_U32_LE( key, 20 );
- ctx->s[2] = BYTES_TO_U32_LE( key, 24 );
- ctx->s[3] = BYTES_TO_U32_LE( key, 28 );
+ ctx->s[0] = MBEDTLS_GET_UINT32_LE( key, 16 );
+ ctx->s[1] = MBEDTLS_GET_UINT32_LE( key, 20 );
+ ctx->s[2] = MBEDTLS_GET_UINT32_LE( key, 24 );
+ ctx->s[3] = MBEDTLS_GET_UINT32_LE( key, 28 );
/* Initial accumulator state */
ctx->acc[0] = 0U;
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1add7c3..3a24bfc 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -26,12 +26,17 @@
#include "check_crypto_config.h"
#endif
-#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
+#include "psa_crypto_cipher.h"
#include "psa_crypto_core.h"
#include "psa_crypto_invasive.h"
#include "psa_crypto_driver_wrappers.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_hash.h"
+#include "psa_crypto_mac.h"
+#include "psa_crypto_rsa.h"
+#include "psa_crypto_ecp.h"
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
#include "psa_crypto_se.h"
#endif
@@ -40,6 +45,8 @@
* stored keys. */
#include "psa_crypto_storage.h"
+#include "psa_crypto_random_impl.h"
+
#include <assert.h>
#include <stdlib.h>
#include <string.h>
@@ -49,6 +56,7 @@
#define mbedtls_free free
#endif
+#include "mbedtls/aes.h"
#include "mbedtls/arc4.h"
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
@@ -60,7 +68,6 @@
#include "mbedtls/cipher.h"
#include "mbedtls/ccm.h"
#include "mbedtls/cmac.h"
-#include "mbedtls/ctr_drbg.h"
#include "mbedtls/des.h"
#include "mbedtls/ecdh.h"
#include "mbedtls/ecp.h"
@@ -85,20 +92,6 @@
#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
-/* constant-time buffer comparison */
-static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
-{
- size_t i;
- unsigned char diff = 0;
-
- for( i = 0; i < n; i++ )
- diff |= a[i] ^ b[i];
-
- return( diff );
-}
-
-
-
/****************************************************************/
/* Global data, support functions and library management */
/****************************************************************/
@@ -115,25 +108,29 @@
typedef struct
{
- void (* entropy_init )( mbedtls_entropy_context *ctx );
- void (* entropy_free )( mbedtls_entropy_context *ctx );
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
+ mbedtls_psa_random_context_t rng;
unsigned initialized : 1;
unsigned rng_state : 2;
} psa_global_data_t;
static psa_global_data_t global_data;
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state =
+ &global_data.rng.drbg;
+#endif
+
#define GUARD_MODULE_INITIALIZED \
if( global_data.initialized == 0 ) \
return( PSA_ERROR_BAD_STATE );
psa_status_t mbedtls_to_psa_error( int ret )
{
- /* If there's both a high-level code and low-level code, dispatch on
- * the high-level code. */
- switch( ret < -0x7f ? - ( -ret & 0x7f80 ) : ret )
+ /* Mbed TLS error codes can combine a high-level error code and a
+ * low-level error code. The low-level error usually reflects the
+ * root cause better, so dispatch on that preferably. */
+ int low_level_ret = - ( -ret & 0x007f );
+ switch( low_level_ret != 0 ? low_level_ret : ret )
{
case 0:
return( PSA_SUCCESS );
@@ -214,6 +211,10 @@
case MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED:
return( PSA_ERROR_HARDWARE_FAILURE );
+#if !( defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) || \
+ defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) )
+ /* Only check CTR_DRBG error codes if underlying mbedtls_xxx
+ * functions are passed a CTR_DRBG instance. */
case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED:
return( PSA_ERROR_INSUFFICIENT_ENTROPY );
case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG:
@@ -221,6 +222,7 @@
return( PSA_ERROR_NOT_SUPPORTED );
case MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR:
return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+#endif
case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:
return( PSA_ERROR_NOT_SUPPORTED );
@@ -239,6 +241,19 @@
case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED:
return( PSA_ERROR_HARDWARE_FAILURE );
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \
+ defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+ /* Only check HMAC_DRBG error codes if underlying mbedtls_xxx
+ * functions are passed a HMAC_DRBG instance. */
+ case MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+ case MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG:
+ case MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR:
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+#endif
+
case MBEDTLS_ERR_MD2_HW_ACCEL_FAILED:
case MBEDTLS_ERR_MD4_HW_ACCEL_FAILED:
case MBEDTLS_ERR_MD5_HW_ACCEL_FAILED:
@@ -322,7 +337,7 @@
case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE:
return( PSA_ERROR_BUFFER_TOO_SMALL );
case MBEDTLS_ERR_RSA_RNG_FAILED:
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:
return( PSA_ERROR_NOT_SUPPORTED );
case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED:
@@ -350,8 +365,11 @@
return( PSA_ERROR_INVALID_SIGNATURE );
case MBEDTLS_ERR_ECP_ALLOC_FAILED:
return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ case MBEDTLS_ERR_ECP_RANDOM_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED:
return( PSA_ERROR_HARDWARE_FAILURE );
+
case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED:
return( PSA_ERROR_CORRUPTION_DETECTED );
@@ -384,71 +402,98 @@
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
- size_t byte_length )
+ size_t bits,
+ int bits_is_sloppy )
{
switch( curve )
{
case PSA_ECC_FAMILY_SECP_R1:
- switch( byte_length )
+ switch( bits )
{
- case PSA_BITS_TO_BYTES( 192 ):
+#if defined(PSA_WANT_ECC_SECP_R1_192)
+ case 192:
return( MBEDTLS_ECP_DP_SECP192R1 );
- case PSA_BITS_TO_BYTES( 224 ):
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_224)
+ case 224:
return( MBEDTLS_ECP_DP_SECP224R1 );
- case PSA_BITS_TO_BYTES( 256 ):
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_256)
+ case 256:
return( MBEDTLS_ECP_DP_SECP256R1 );
- case PSA_BITS_TO_BYTES( 384 ):
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_384)
+ case 384:
return( MBEDTLS_ECP_DP_SECP384R1 );
- case PSA_BITS_TO_BYTES( 521 ):
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_521)
+ case 521:
return( MBEDTLS_ECP_DP_SECP521R1 );
- default:
- return( MBEDTLS_ECP_DP_NONE );
+ case 528:
+ if( bits_is_sloppy )
+ return( MBEDTLS_ECP_DP_SECP521R1 );
+ break;
+#endif
}
break;
case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
- switch( byte_length )
+ switch( bits )
{
- case PSA_BITS_TO_BYTES( 256 ):
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
+ case 256:
return( MBEDTLS_ECP_DP_BP256R1 );
- case PSA_BITS_TO_BYTES( 384 ):
+#endif
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
+ case 384:
return( MBEDTLS_ECP_DP_BP384R1 );
- case PSA_BITS_TO_BYTES( 512 ):
+#endif
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
+ case 512:
return( MBEDTLS_ECP_DP_BP512R1 );
- default:
- return( MBEDTLS_ECP_DP_NONE );
+#endif
}
break;
case PSA_ECC_FAMILY_MONTGOMERY:
- switch( byte_length )
+ switch( bits )
{
- case PSA_BITS_TO_BYTES( 255 ):
+#if defined(PSA_WANT_ECC_MONTGOMERY_255)
+ case 255:
return( MBEDTLS_ECP_DP_CURVE25519 );
- case PSA_BITS_TO_BYTES( 448 ):
+ case 256:
+ if( bits_is_sloppy )
+ return( MBEDTLS_ECP_DP_CURVE25519 );
+ break;
+#endif
+#if defined(PSA_WANT_ECC_MONTGOMERY_448)
+ case 448:
return( MBEDTLS_ECP_DP_CURVE448 );
- default:
- return( MBEDTLS_ECP_DP_NONE );
+#endif
}
break;
case PSA_ECC_FAMILY_SECP_K1:
- switch( byte_length )
+ switch( bits )
{
- case PSA_BITS_TO_BYTES( 192 ):
+#if defined(PSA_WANT_ECC_SECP_K1_192)
+ case 192:
return( MBEDTLS_ECP_DP_SECP192K1 );
- case PSA_BITS_TO_BYTES( 224 ):
+#endif
+#if defined(PSA_WANT_ECC_SECP_K1_224)
+ case 224:
return( MBEDTLS_ECP_DP_SECP224K1 );
- case PSA_BITS_TO_BYTES( 256 ):
+#endif
+#if defined(PSA_WANT_ECC_SECP_K1_256)
+ case 256:
return( MBEDTLS_ECP_DP_SECP256K1 );
- default:
- return( MBEDTLS_ECP_DP_NONE );
+#endif
}
break;
-
- default:
- return( MBEDTLS_ECP_DP_NONE );
}
+
+ (void) bits_is_sloppy;
+ return( MBEDTLS_ECP_DP_NONE );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
@@ -465,31 +510,31 @@
case PSA_KEY_TYPE_HMAC:
case PSA_KEY_TYPE_DERIVE:
break;
-#if defined(MBEDTLS_AES_C)
+#if defined(PSA_WANT_KEY_TYPE_AES)
case PSA_KEY_TYPE_AES:
if( bits != 128 && bits != 192 && bits != 256 )
return( PSA_ERROR_INVALID_ARGUMENT );
break;
#endif
-#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
case PSA_KEY_TYPE_CAMELLIA:
if( bits != 128 && bits != 192 && bits != 256 )
return( PSA_ERROR_INVALID_ARGUMENT );
break;
#endif
-#if defined(MBEDTLS_DES_C)
+#if defined(PSA_WANT_KEY_TYPE_DES)
case PSA_KEY_TYPE_DES:
if( bits != 64 && bits != 128 && bits != 192 )
return( PSA_ERROR_INVALID_ARGUMENT );
break;
#endif
-#if defined(MBEDTLS_ARC4_C)
+#if defined(PSA_WANT_KEY_TYPE_ARC4)
case PSA_KEY_TYPE_ARC4:
if( bits < 8 || bits > 2048 )
return( PSA_ERROR_INVALID_ARGUMENT );
break;
#endif
-#if defined(MBEDTLS_CHACHA20_C)
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
case PSA_KEY_TYPE_CHACHA20:
if( bits != 256 )
return( PSA_ERROR_INVALID_ARGUMENT );
@@ -504,500 +549,58 @@
return( PSA_SUCCESS );
}
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-
-/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
- * that are not a multiple of 8) well. For example, there is only
- * mbedtls_rsa_get_len(), which returns a number of bytes, and no
- * way to return the exact bit size of a key.
- * To keep things simple, reject non-byte-aligned key sizes. */
-static psa_status_t psa_check_rsa_key_byte_aligned(
- const mbedtls_rsa_context *rsa )
-{
- mbedtls_mpi n;
- psa_status_t status;
- mbedtls_mpi_init( &n );
- status = mbedtls_to_psa_error(
- mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) );
- if( status == PSA_SUCCESS )
- {
- if( mbedtls_mpi_bitlen( &n ) % 8 != 0 )
- status = PSA_ERROR_NOT_SUPPORTED;
- }
- mbedtls_mpi_free( &n );
- return( status );
-}
-
-/** Load the contents of a key buffer into an internal RSA representation
+/** Check whether a given key type is valid for use with a given MAC algorithm
*
- * \param[in] type The type of key contained in \p data.
- * \param[in] data The buffer from which to load the representation.
- * \param[in] data_length The size in bytes of \p data.
- * \param[out] p_rsa Returns a pointer to an RSA context on success.
- * The caller is responsible for freeing both the
- * contents of the context and the context itself
- * when done.
- */
-static psa_status_t psa_load_rsa_representation( psa_key_type_t type,
- const uint8_t *data,
- size_t data_length,
- mbedtls_rsa_context **p_rsa )
-{
- psa_status_t status;
- mbedtls_pk_context ctx;
- size_t bits;
- mbedtls_pk_init( &ctx );
-
- /* Parse the data. */
- if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
- status = mbedtls_to_psa_error(
- mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) );
- else
- status = mbedtls_to_psa_error(
- mbedtls_pk_parse_public_key( &ctx, data, data_length ) );
- if( status != PSA_SUCCESS )
- goto exit;
-
- /* We have something that the pkparse module recognizes. If it is a
- * valid RSA key, store it. */
- if( mbedtls_pk_get_type( &ctx ) != MBEDTLS_PK_RSA )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
-
- /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
- * supports non-byte-aligned key sizes, but not well. For example,
- * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
- bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( mbedtls_pk_rsa( ctx ) ) );
- if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
- status = psa_check_rsa_key_byte_aligned( mbedtls_pk_rsa( ctx ) );
- if( status != PSA_SUCCESS )
- goto exit;
-
- /* Copy out the pointer to the RSA context, and reset the PK context
- * such that pk_free doesn't free the RSA context we just grabbed. */
- *p_rsa = mbedtls_pk_rsa( ctx );
- ctx.pk_info = NULL;
-
-exit:
- mbedtls_pk_free( &ctx );
- return( status );
-}
-
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-
-/** Export an RSA key to export representation
+ * Upon successful return of this function, the behavior of #PSA_MAC_LENGTH
+ * when called with the validated \p algorithm and \p key_type is well-defined.
*
- * \param[in] type The type of key (public/private) to export
- * \param[in] rsa The internal RSA representation from which to export
- * \param[out] data The buffer to export to
- * \param[in] data_size The length of the buffer to export to
- * \param[out] data_length The amount of bytes written to \p data
- */
-static psa_status_t psa_export_rsa_key( psa_key_type_t type,
- mbedtls_rsa_context *rsa,
- uint8_t *data,
- size_t data_size,
- size_t *data_length )
-{
-#if defined(MBEDTLS_PK_WRITE_C)
- int ret;
- mbedtls_pk_context pk;
- uint8_t *pos = data + data_size;
-
- mbedtls_pk_init( &pk );
- pk.pk_info = &mbedtls_rsa_info;
- pk.pk_ctx = rsa;
-
- /* PSA Crypto API defines the format of an RSA key as a DER-encoded
- * representation of the non-encrypted PKCS#1 RSAPrivateKey for a
- * private key and of the RFC3279 RSAPublicKey for a public key. */
- if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
- ret = mbedtls_pk_write_key_der( &pk, data, data_size );
- else
- ret = mbedtls_pk_write_pubkey( &pos, data, &pk );
-
- if( ret < 0 )
- {
- /* Clean up in case pk_write failed halfway through. */
- memset( data, 0, data_size );
- return( mbedtls_to_psa_error( ret ) );
- }
-
- /* The mbedtls_pk_xxx functions write to the end of the buffer.
- * Move the data to the beginning and erase remaining data
- * at the original location. */
- if( 2 * (size_t) ret <= data_size )
- {
- memcpy( data, data + data_size - ret, ret );
- memset( data + data_size - ret, 0, ret );
- }
- else if( (size_t) ret < data_size )
- {
- memmove( data, data + data_size - ret, ret );
- memset( data + ret, 0, data_size - ret );
- }
-
- *data_length = ret;
- return( PSA_SUCCESS );
-#else
- (void) type;
- (void) rsa;
- (void) data;
- (void) data_size;
- (void) data_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* MBEDTLS_PK_WRITE_C */
-}
-
-/** Import an RSA key from import representation to a slot
- *
- * \param[in,out] slot The slot where to store the export representation to
- * \param[in] data The buffer containing the import representation
- * \param[in] data_length The amount of bytes in \p data
- */
-static psa_status_t psa_import_rsa_key( psa_key_slot_t *slot,
- const uint8_t *data,
- size_t data_length )
-{
- psa_status_t status;
- uint8_t* output = NULL;
- mbedtls_rsa_context *rsa = NULL;
-
- /* Parse input */
- status = psa_load_rsa_representation( slot->attr.type,
- data,
- data_length,
- &rsa );
- if( status != PSA_SUCCESS )
- goto exit;
-
- slot->attr.bits = (psa_key_bits_t) PSA_BYTES_TO_BITS(
- mbedtls_rsa_get_len( rsa ) );
-
- /* Re-export the data to PSA export format, such that we can store export
- * representation in the key slot. Export representation in case of RSA is
- * the smallest representation that's allowed as input, so a straight-up
- * allocation of the same size as the input buffer will be large enough. */
- output = mbedtls_calloc( 1, data_length );
- if( output == NULL )
- {
- status = PSA_ERROR_INSUFFICIENT_MEMORY;
- goto exit;
- }
-
- status = psa_export_rsa_key( slot->attr.type,
- rsa,
- output,
- data_length,
- &data_length);
-exit:
- /* Always free the RSA object */
- mbedtls_rsa_free( rsa );
- mbedtls_free( rsa );
-
- /* Free the allocated buffer only on error. */
- if( status != PSA_SUCCESS )
- {
- mbedtls_free( output );
- return( status );
- }
-
- /* On success, store the allocated export-formatted key. */
- slot->data.key.data = output;
- slot->data.key.bytes = data_length;
-
- return( PSA_SUCCESS );
-}
-
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-/** Load the contents of a key buffer into an internal ECP representation
- *
- * \param[in] type The type of key contained in \p data.
- * \param[in] data The buffer from which to load the representation.
- * \param[in] data_length The size in bytes of \p data.
- * \param[out] p_ecp Returns a pointer to an ECP context on success.
- * The caller is responsible for freeing both the
- * contents of the context and the context itself
- * when done.
- */
-static psa_status_t psa_load_ecp_representation( psa_key_type_t type,
- const uint8_t *data,
- size_t data_length,
- mbedtls_ecp_keypair **p_ecp )
-{
- mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE;
- psa_status_t status;
- mbedtls_ecp_keypair *ecp = NULL;
- size_t curve_size = data_length;
-
- if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
- PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
- {
- /* A Weierstrass public key is represented as:
- * - The byte 0x04;
- * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
- * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
- * So its data length is 2m+1 where m is the curve size in bits.
- */
- if( ( data_length & 1 ) == 0 )
- return( PSA_ERROR_INVALID_ARGUMENT );
- curve_size = data_length / 2;
-
- /* Montgomery public keys are represented in compressed format, meaning
- * their curve_size is equal to the amount of input. */
-
- /* Private keys are represented in uncompressed private random integer
- * format, meaning their curve_size is equal to the amount of input. */
- }
-
- /* Allocate and initialize a key representation. */
- ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
- if( ecp == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- mbedtls_ecp_keypair_init( ecp );
-
- /* Load the group. */
- grp_id = mbedtls_ecc_group_of_psa( PSA_KEY_TYPE_ECC_GET_FAMILY( type ),
- curve_size );
- if( grp_id == MBEDTLS_ECP_DP_NONE )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_group_load( &ecp->grp, grp_id ) );
- if( status != PSA_SUCCESS )
- goto exit;
-
- /* Load the key material. */
- if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
- {
- /* Load the public value. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q,
- data,
- data_length ) );
- if( status != PSA_SUCCESS )
- goto exit;
-
- /* Check that the point is on the curve. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) );
- if( status != PSA_SUCCESS )
- goto exit;
- }
- else
- {
- /* Load and validate the secret value. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_read_key( ecp->grp.id,
- ecp,
- data,
- data_length ) );
- if( status != PSA_SUCCESS )
- goto exit;
- }
-
- *p_ecp = ecp;
-exit:
- if( status != PSA_SUCCESS )
- {
- mbedtls_ecp_keypair_free( ecp );
- mbedtls_free( ecp );
- }
-
- return( status );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
-/** Export an ECP key to export representation
- *
- * \param[in] type The type of key (public/private) to export
- * \param[in] ecp The internal ECP representation from which to export
- * \param[out] data The buffer to export to
- * \param[in] data_size The length of the buffer to export to
- * \param[out] data_length The amount of bytes written to \p data
- */
-static psa_status_t psa_export_ecp_key( psa_key_type_t type,
- mbedtls_ecp_keypair *ecp,
- uint8_t *data,
- size_t data_size,
- size_t *data_length )
-{
- psa_status_t status;
-
- if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
- {
- /* Check whether the public part is loaded */
- if( mbedtls_ecp_is_zero( &ecp->Q ) )
- {
- /* Calculate the public key */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
- mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
- if( status != PSA_SUCCESS )
- return( status );
- }
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_point_write_binary( &ecp->grp, &ecp->Q,
- MBEDTLS_ECP_PF_UNCOMPRESSED,
- data_length,
- data,
- data_size ) );
- if( status != PSA_SUCCESS )
- memset( data, 0, data_size );
-
- return( status );
- }
- else
- {
- if( data_size < PSA_BITS_TO_BYTES( ecp->grp.nbits ) )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_write_key( ecp,
- data,
- PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) );
- if( status == PSA_SUCCESS )
- *data_length = PSA_BITS_TO_BYTES( ecp->grp.nbits );
- else
- memset( data, 0, data_size );
-
- return( status );
- }
-}
-
-/** Import an ECP key from import representation to a slot
- *
- * \param[in,out] slot The slot where to store the export representation to
- * \param[in] data The buffer containing the import representation
- * \param[in] data_length The amount of bytes in \p data
- */
-static psa_status_t psa_import_ecp_key( psa_key_slot_t *slot,
- const uint8_t *data,
- size_t data_length )
-{
- psa_status_t status;
- uint8_t* output = NULL;
- mbedtls_ecp_keypair *ecp = NULL;
-
- /* Parse input */
- status = psa_load_ecp_representation( slot->attr.type,
- data,
- data_length,
- &ecp );
- if( status != PSA_SUCCESS )
- goto exit;
-
- if( PSA_KEY_TYPE_ECC_GET_FAMILY( slot->attr.type ) == PSA_ECC_FAMILY_MONTGOMERY)
- slot->attr.bits = (psa_key_bits_t) ecp->grp.nbits + 1;
- else
- slot->attr.bits = (psa_key_bits_t) ecp->grp.nbits;
-
- /* Re-export the data to PSA export format. There is currently no support
- * for other input formats then the export format, so this is a 1-1
- * copy operation. */
- output = mbedtls_calloc( 1, data_length );
- if( output == NULL )
- {
- status = PSA_ERROR_INSUFFICIENT_MEMORY;
- goto exit;
- }
-
- status = psa_export_ecp_key( slot->attr.type,
- ecp,
- output,
- data_length,
- &data_length);
-exit:
- /* Always free the PK object (will also free contained ECP context) */
- mbedtls_ecp_keypair_free( ecp );
- mbedtls_free( ecp );
-
- /* Free the allocated buffer only on error. */
- if( status != PSA_SUCCESS )
- {
- mbedtls_free( output );
- return( status );
- }
-
- /* On success, store the allocated export-formatted key. */
- slot->data.key.data = output;
- slot->data.key.bytes = data_length;
-
- return( PSA_SUCCESS );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
-
-/** Return the size of the key in the given slot, in bits.
- *
- * \param[in] slot A key slot.
- *
- * \return The key size in bits, read from the metadata in the slot.
- */
-static inline size_t psa_get_key_slot_bits( const psa_key_slot_t *slot )
-{
- return( slot->attr.bits );
-}
-
-/** Try to allocate a buffer to an empty key slot.
- *
- * \param[in,out] slot Key slot to attach buffer to.
- * \param[in] buffer_length Requested size of the buffer.
+ * \param[in] algorithm The specific MAC algorithm (can be wildcard).
+ * \param[in] key_type The key type of the key to be used with the
+ * \p algorithm.
*
* \retval #PSA_SUCCESS
- * The buffer has been successfully allocated.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * Not enough memory was available for allocation.
- * \retval #PSA_ERROR_ALREADY_EXISTS
- * Trying to allocate a buffer to a non-empty key slot.
+ * The \p key_type is valid for use with the \p algorithm
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The \p key_type is not valid for use with the \p algorithm
*/
-static psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
- size_t buffer_length )
+MBEDTLS_STATIC_TESTABLE psa_status_t psa_mac_key_can_do(
+ psa_algorithm_t algorithm,
+ psa_key_type_t key_type )
{
- if( slot->data.key.data != NULL )
+ if( PSA_ALG_IS_HMAC( algorithm ) )
+ {
+ if( key_type == PSA_KEY_TYPE_HMAC )
+ return( PSA_SUCCESS );
+ }
+
+ if( PSA_ALG_IS_BLOCK_CIPHER_MAC( algorithm ) )
+ {
+ /* Check that we're calling PSA_BLOCK_CIPHER_BLOCK_LENGTH with a cipher
+ * key. */
+ if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) ==
+ PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
+ {
+ /* PSA_BLOCK_CIPHER_BLOCK_LENGTH returns 1 for stream ciphers and
+ * the block length (larger than 1) for block ciphers. */
+ if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) > 1 )
+ return( PSA_SUCCESS );
+ }
+ }
+
+ return( PSA_ERROR_INVALID_ARGUMENT );
+}
+
+psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
+ size_t buffer_length )
+{
+ if( slot->key.data != NULL )
return( PSA_ERROR_ALREADY_EXISTS );
- slot->data.key.data = mbedtls_calloc( 1, buffer_length );
- if( slot->data.key.data == NULL )
+ slot->key.data = mbedtls_calloc( 1, buffer_length );
+ if( slot->key.data == NULL )
return( PSA_ERROR_INSUFFICIENT_MEMORY );
- slot->data.key.bytes = buffer_length;
+ slot->key.bytes = buffer_length;
return( PSA_SUCCESS );
}
@@ -1010,44 +613,26 @@
if( status != PSA_SUCCESS )
return( status );
- memcpy( slot->data.key.data, data, data_length );
+ memcpy( slot->key.data, data, data_length );
return( PSA_SUCCESS );
}
-/** Import key data into a slot.
- *
- * `slot->type` must have been set previously.
- * This function assumes that the slot does not contain any key material yet.
- * On failure, the slot content is unchanged.
- *
- * Persistent storage is not affected.
- *
- * \param[in,out] slot The key slot to import data into.
- * Its `type` field must have previously been set to
- * the desired key type.
- * It must not contain any key material yet.
- * \param[in] data Buffer containing the key material to parse and import.
- * \param data_length Size of \p data in bytes.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- */
-static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
- const uint8_t *data,
- size_t data_length )
+psa_status_t psa_import_key_into_slot(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits )
{
- psa_status_t status = PSA_SUCCESS;
- size_t bit_size;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t type = attributes->core.type;
/* zero-length keys are never supported. */
if( data_length == 0 )
return( PSA_ERROR_NOT_SUPPORTED );
- if( key_type_is_raw_bytes( slot->attr.type ) )
+ if( key_type_is_raw_bytes( type ) )
{
- bit_size = PSA_BYTES_TO_BITS( data_length );
+ *bits = PSA_BYTES_TO_BITS( data_length );
/* Ensure that the bytes-to-bits conversion hasn't overflown. */
if( data_length > SIZE_MAX / 8 )
@@ -1055,77 +640,49 @@
/* Enforce a size limit, and in particular ensure that the bit
* size fits in its representation type. */
- if( bit_size > PSA_MAX_KEY_BITS )
+ if( ( *bits ) > PSA_MAX_KEY_BITS )
return( PSA_ERROR_NOT_SUPPORTED );
- status = validate_unstructured_key_bit_size( slot->attr.type, bit_size );
+ status = validate_unstructured_key_bit_size( type, *bits );
if( status != PSA_SUCCESS )
return( status );
- /* Allocate memory for the key */
- status = psa_copy_key_material_into_slot( slot, data, data_length );
- if( status != PSA_SUCCESS )
- return( status );
-
- /* Write the actual key size to the slot.
- * psa_start_key_creation() wrote the size declared by the
- * caller, which may be 0 (meaning unspecified) or wrong. */
- slot->attr.bits = (psa_key_bits_t) bit_size;
+ /* Copy the key material. */
+ memcpy( key_buffer, data, data_length );
+ *key_buffer_length = data_length;
+ (void)key_buffer_size;
return( PSA_SUCCESS );
}
- else if( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
+ else if( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) )
{
- /* Try validation through accelerators first. */
- bit_size = slot->attr.bits;
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
- status = psa_driver_wrapper_validate_key( &attributes,
- data,
- data_length,
- &bit_size );
- if( status == PSA_SUCCESS )
- {
- /* Key has been validated successfully by an accelerator.
- * Copy key material into slot. */
- status = psa_copy_key_material_into_slot( slot, data, data_length );
- if( status != PSA_SUCCESS )
- return( status );
-
- slot->attr.bits = (psa_key_bits_t) bit_size;
- return( PSA_SUCCESS );
- }
- else if( status != PSA_ERROR_NOT_SUPPORTED )
- return( status );
-
- /* Key format is not supported by any accelerator, try software fallback
- * if present. */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
- if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
+ if( PSA_KEY_TYPE_IS_ECC( type ) )
{
- return( psa_import_ecp_key( slot, data, data_length ) );
+ return( mbedtls_psa_ecp_import_key( attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length,
+ bits ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
- if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
+ if( PSA_KEY_TYPE_IS_RSA( type ) )
{
- return( psa_import_rsa_key( slot, data, data_length ) );
+ return( mbedtls_psa_rsa_import_key( attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length,
+ bits ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+ }
- /* Fell through the fallback as well, so have nothing else to try. */
- return( PSA_ERROR_NOT_SUPPORTED );
- }
- else
- {
- /* Unknown key type */
- return( PSA_ERROR_NOT_SUPPORTED );
- }
+ return( PSA_ERROR_NOT_SUPPORTED );
}
/** Calculate the intersection of two algorithm usage policies.
@@ -1133,6 +690,7 @@
* Return 0 (which allows no operation) on incompatibility.
*/
static psa_algorithm_t psa_key_policy_algorithm_intersection(
+ psa_key_type_t key_type,
psa_algorithm_t alg1,
psa_algorithm_t alg2 )
{
@@ -1150,11 +708,92 @@
if( PSA_ALG_SIGN_GET_HASH( alg2 ) == PSA_ALG_ANY_HASH )
return( alg1 );
}
+ /* If the policies are from the same AEAD family, check whether
+ * one of them is a minimum-tag-length wildcard. Calculate the most
+ * restrictive tag length. */
+ if( PSA_ALG_IS_AEAD( alg1 ) && PSA_ALG_IS_AEAD( alg2 ) &&
+ ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg1, 0 ) ==
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg2, 0 ) ) )
+ {
+ size_t alg1_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg1 );
+ size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg2 );
+ size_t restricted_len = alg1_len > alg2_len ? alg1_len : alg2_len;
+
+ /* If both are wildcards, return most restrictive wildcard */
+ if( ( ( alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) &&
+ ( ( alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) )
+ {
+ return( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(
+ alg1, restricted_len ) );
+ }
+ /* If only one is a wildcard, return specific algorithm if compatible. */
+ if( ( ( alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) &&
+ ( alg1_len <= alg2_len ) )
+ {
+ return( alg2 );
+ }
+ if( ( ( alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) &&
+ ( alg2_len <= alg1_len ) )
+ {
+ return( alg1 );
+ }
+ }
+ /* If the policies are from the same MAC family, check whether one
+ * of them is a minimum-MAC-length policy. Calculate the most
+ * restrictive tag length. */
+ if( PSA_ALG_IS_MAC( alg1 ) && PSA_ALG_IS_MAC( alg2 ) &&
+ ( PSA_ALG_FULL_LENGTH_MAC( alg1 ) ==
+ PSA_ALG_FULL_LENGTH_MAC( alg2 ) ) )
+ {
+ /* Validate the combination of key type and algorithm. Since the base
+ * algorithm of alg1 and alg2 are the same, we only need this once. */
+ if( PSA_SUCCESS != psa_mac_key_can_do( alg1, key_type ) )
+ return( 0 );
+
+ /* Get the (exact or at-least) output lengths for both sides of the
+ * requested intersection. None of the currently supported algorithms
+ * have an output length dependent on the actual key size, so setting it
+ * to a bogus value of 0 is currently OK.
+ *
+ * Note that for at-least-this-length wildcard algorithms, the output
+ * length is set to the shortest allowed length, which allows us to
+ * calculate the most restrictive tag length for the intersection. */
+ size_t alg1_len = PSA_MAC_LENGTH( key_type, 0, alg1 );
+ size_t alg2_len = PSA_MAC_LENGTH( key_type, 0, alg2 );
+ size_t restricted_len = alg1_len > alg2_len ? alg1_len : alg2_len;
+
+ /* If both are wildcards, return most restrictive wildcard */
+ if( ( ( alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) &&
+ ( ( alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) )
+ {
+ return( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg1, restricted_len ) );
+ }
+
+ /* If only one is an at-least-this-length policy, the intersection would
+ * be the other (fixed-length) policy as long as said fixed length is
+ * equal to or larger than the shortest allowed length. */
+ if( ( alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 )
+ {
+ return( ( alg1_len <= alg2_len ) ? alg2 : 0 );
+ }
+ if( ( alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 )
+ {
+ return( ( alg2_len <= alg1_len ) ? alg1 : 0 );
+ }
+
+ /* If none of them are wildcards, check whether they define the same tag
+ * length. This is still possible here when one is default-length and
+ * the other specific-length. Ensure to always return the
+ * specific-length version for the intersection. */
+ if( alg1_len == alg2_len )
+ return( PSA_ALG_TRUNCATED_MAC( alg1, alg1_len ) );
+ }
/* If the policies are incompatible, allow nothing. */
return( 0 );
}
-static int psa_key_algorithm_permits( psa_algorithm_t policy_alg,
+static int psa_key_algorithm_permits( psa_key_type_t key_type,
+ psa_algorithm_t policy_alg,
psa_algorithm_t requested_alg )
{
/* Common case: the policy only allows requested_alg. */
@@ -1169,6 +808,63 @@
return( ( policy_alg & ~PSA_ALG_HASH_MASK ) ==
( requested_alg & ~PSA_ALG_HASH_MASK ) );
}
+ /* If policy_alg is a wildcard AEAD algorithm of the same base as
+ * the requested algorithm, check the requested tag length to be
+ * equal-length or longer than the wildcard-specified length. */
+ if( PSA_ALG_IS_AEAD( policy_alg ) &&
+ PSA_ALG_IS_AEAD( requested_alg ) &&
+ ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, 0 ) ==
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( requested_alg, 0 ) ) &&
+ ( ( policy_alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) )
+ {
+ return( PSA_ALG_AEAD_GET_TAG_LENGTH( policy_alg ) <=
+ PSA_ALG_AEAD_GET_TAG_LENGTH( requested_alg ) );
+ }
+ /* If policy_alg is a MAC algorithm of the same base as the requested
+ * algorithm, check whether their MAC lengths are compatible. */
+ if( PSA_ALG_IS_MAC( policy_alg ) &&
+ PSA_ALG_IS_MAC( requested_alg ) &&
+ ( PSA_ALG_FULL_LENGTH_MAC( policy_alg ) ==
+ PSA_ALG_FULL_LENGTH_MAC( requested_alg ) ) )
+ {
+ /* Validate the combination of key type and algorithm. Since the policy
+ * and requested algorithms are the same, we only need this once. */
+ if( PSA_SUCCESS != psa_mac_key_can_do( policy_alg, key_type ) )
+ return( 0 );
+
+ /* Get both the requested output length for the algorithm which is to be
+ * verified, and the default output length for the base algorithm.
+ * Note that none of the currently supported algorithms have an output
+ * length dependent on actual key size, so setting it to a bogus value
+ * of 0 is currently OK. */
+ size_t requested_output_length = PSA_MAC_LENGTH(
+ key_type, 0, requested_alg );
+ size_t default_output_length = PSA_MAC_LENGTH(
+ key_type, 0,
+ PSA_ALG_FULL_LENGTH_MAC( requested_alg ) );
+
+ /* If the policy is default-length, only allow an algorithm with
+ * a declared exact-length matching the default. */
+ if( PSA_MAC_TRUNCATED_LENGTH( policy_alg ) == 0 )
+ return( requested_output_length == default_output_length );
+
+ /* If the requested algorithm is default-length, allow it if the policy
+ * length exactly matches the default length. */
+ if( PSA_MAC_TRUNCATED_LENGTH( requested_alg ) == 0 &&
+ PSA_MAC_TRUNCATED_LENGTH( policy_alg ) == default_output_length )
+ {
+ return( 1 );
+ }
+
+ /* If policy_alg is an at-least-this-length wildcard MAC algorithm,
+ * check for the requested MAC length to be equal to or longer than the
+ * minimum allowed length. */
+ if( ( policy_alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 )
+ {
+ return( PSA_MAC_TRUNCATED_LENGTH( policy_alg ) <=
+ requested_output_length );
+ }
+ }
/* If policy_alg is a generic key agreement operation, then using it for
* a key derivation with that key agreement should also be allowed. This
* behaviour is expected to be defined in a future specification version. */
@@ -1178,23 +874,52 @@
return( PSA_ALG_KEY_AGREEMENT_GET_BASE( requested_alg ) ==
policy_alg );
}
- /* If it isn't permitted, it's forbidden. */
+ /* If it isn't explicitly permitted, it's forbidden. */
return( 0 );
}
/** Test whether a policy permits an algorithm.
*
* The caller must test usage flags separately.
+ *
+ * \note This function requires providing the key type for which the policy is
+ * being validated, since some algorithm policy definitions (e.g. MAC)
+ * have different properties depending on what kind of cipher it is
+ * combined with.
+ *
+ * \retval PSA_SUCCESS When \p alg is a specific algorithm
+ * allowed by the \p policy.
+ * \retval PSA_ERROR_INVALID_ARGUMENT When \p alg is not a specific algorithm
+ * \retval PSA_ERROR_NOT_PERMITTED When \p alg is a specific algorithm, but
+ * the \p policy does not allow it.
*/
-static int psa_key_policy_permits( const psa_key_policy_t *policy,
- psa_algorithm_t alg )
+static psa_status_t psa_key_policy_permits( const psa_key_policy_t *policy,
+ psa_key_type_t key_type,
+ psa_algorithm_t alg )
{
- return( psa_key_algorithm_permits( policy->alg, alg ) ||
- psa_key_algorithm_permits( policy->alg2, alg ) );
+ /* '0' is not a valid algorithm */
+ if( alg == 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ /* A requested algorithm cannot be a wildcard. */
+ if( PSA_ALG_IS_WILDCARD( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ if( psa_key_algorithm_permits( key_type, policy->alg, alg ) ||
+ psa_key_algorithm_permits( key_type, policy->alg2, alg ) )
+ return( PSA_SUCCESS );
+ else
+ return( PSA_ERROR_NOT_PERMITTED );
}
/** Restrict a key policy based on a constraint.
*
+ * \note This function requires providing the key type for which the policy is
+ * being restricted, since some algorithm policy definitions (e.g. MAC)
+ * have different properties depending on what kind of cipher it is
+ * combined with.
+ *
+ * \param[in] key_type The key type for which to restrict the policy
* \param[in,out] policy The policy to restrict.
* \param[in] constraint The policy constraint to apply.
*
@@ -1202,17 +927,20 @@
* \c *policy contains the intersection of the original value of
* \c *policy and \c *constraint.
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \c *policy and \c *constraint are incompatible.
+ * \c key_type, \c *policy and \c *constraint are incompatible.
* \c *policy is unchanged.
*/
static psa_status_t psa_restrict_key_policy(
+ psa_key_type_t key_type,
psa_key_policy_t *policy,
const psa_key_policy_t *constraint )
{
psa_algorithm_t intersection_alg =
- psa_key_policy_algorithm_intersection( policy->alg, constraint->alg );
+ psa_key_policy_algorithm_intersection( key_type, policy->alg,
+ constraint->alg );
psa_algorithm_t intersection_alg2 =
- psa_key_policy_algorithm_intersection( policy->alg2, constraint->alg2 );
+ psa_key_policy_algorithm_intersection( key_type, policy->alg2,
+ constraint->alg2 );
if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
if( intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0 )
@@ -1227,7 +955,8 @@
* and lock it.
*
* The key must have allow all the usage flags set in \p usage. If \p alg is
- * nonzero, the key must allow operations with this algorithm.
+ * nonzero, the key must allow operations with this algorithm. If \p alg is
+ * zero, the algorithm is not checked.
*
* In case of a persistent key, the function loads the description of the key
* into a key slot if not already done.
@@ -1256,13 +985,21 @@
if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) )
usage &= ~PSA_KEY_USAGE_EXPORT;
- status = PSA_ERROR_NOT_PERMITTED;
if( ( slot->attr.policy.usage & usage ) != usage )
+ {
+ status = PSA_ERROR_NOT_PERMITTED;
goto error;
+ }
/* Enforce that the usage policy permits the requested algortihm. */
- if( alg != 0 && ! psa_key_policy_permits( &slot->attr.policy, alg ) )
- goto error;
+ if( alg != 0 )
+ {
+ status = psa_key_policy_permits( &slot->attr.policy,
+ slot->attr.type,
+ alg );
+ if( status != PSA_SUCCESS )
+ goto error;
+ }
return( PSA_SUCCESS );
@@ -1312,25 +1049,16 @@
psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg )
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-/** Wipe key data from a slot. Preserve metadata such as the policy. */
-static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
+psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
{
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- if( psa_key_slot_is_external( slot ) )
- {
- /* No key material to clean. */
- }
- else
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- {
- /* Data pointer will always be either a valid pointer or NULL in an
- * initialized slot, so we can just free it. */
- if( slot->data.key.data != NULL )
- mbedtls_platform_zeroize( slot->data.key.data, slot->data.key.bytes);
- mbedtls_free( slot->data.key.data );
- slot->data.key.data = NULL;
- slot->data.key.bytes = 0;
- }
+ /* Data pointer will always be either a valid pointer or NULL in an
+ * initialized slot, so we can just free it. */
+ if( slot->key.data != NULL )
+ mbedtls_platform_zeroize( slot->key.data, slot->key.bytes);
+
+ mbedtls_free( slot->key.data );
+ slot->key.data = NULL;
+ slot->key.bytes = 0;
return( PSA_SUCCESS );
}
@@ -1404,6 +1132,17 @@
return( PSA_ERROR_GENERIC_ERROR );
}
+ if( PSA_KEY_LIFETIME_IS_READ_ONLY( slot->attr.lifetime ) )
+ {
+ /* Refuse the destruction of a read-only key (which may or may not work
+ * if we attempt it, depending on whether the key is merely read-only
+ * by policy or actually physically read-only).
+ * Just do the best we can, which is to wipe the copy in memory
+ * (done in this function's cleanup code). */
+ overall_status = PSA_ERROR_NOT_PERMITTED;
+ goto exit;
+ }
+
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
driver = psa_get_se_driver_entry( slot->attr.lifetime );
if( driver != NULL )
@@ -1415,7 +1154,7 @@
* three actions. */
psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_DESTROY_KEY );
psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
- psa_crypto_transaction.key.slot = slot->data.se.slot_number;
+ psa_crypto_transaction.key.slot = psa_key_slot_get_slot_number( slot );
psa_crypto_transaction.key.id = slot->attr.id;
status = psa_crypto_save_transaction( );
if( status != PSA_SUCCESS )
@@ -1432,7 +1171,8 @@
goto exit;
}
- status = psa_destroy_se_key( driver, slot->data.se.slot_number );
+ status = psa_destroy_se_key( driver,
+ psa_key_slot_get_slot_number( slot ) );
if( overall_status == PSA_SUCCESS )
overall_status = status;
}
@@ -1464,65 +1204,14 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
exit:
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
status = psa_wipe_key_slot( slot );
/* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
- if( overall_status == PSA_SUCCESS )
+ if( status != PSA_SUCCESS )
overall_status = status;
return( overall_status );
}
-void psa_reset_key_attributes( psa_key_attributes_t *attributes )
-{
- mbedtls_free( attributes->domain_parameters );
- memset( attributes, 0, sizeof( *attributes ) );
-}
-
-psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes,
- psa_key_type_t type,
- const uint8_t *data,
- size_t data_length )
-{
- uint8_t *copy = NULL;
-
- if( data_length != 0 )
- {
- copy = mbedtls_calloc( 1, data_length );
- if( copy == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- memcpy( copy, data, data_length );
- }
- /* After this point, this function is guaranteed to succeed, so it
- * can start modifying `*attributes`. */
-
- if( attributes->domain_parameters != NULL )
- {
- mbedtls_free( attributes->domain_parameters );
- attributes->domain_parameters = NULL;
- attributes->domain_parameters_size = 0;
- }
-
- attributes->domain_parameters = copy;
- attributes->domain_parameters_size = data_length;
- attributes->core.type = type;
- return( PSA_SUCCESS );
-}
-
-psa_status_t psa_get_key_domain_parameters(
- const psa_key_attributes_t *attributes,
- uint8_t *data, size_t data_size, size_t *data_length )
-{
- if( attributes->domain_parameters_size > data_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- *data_length = attributes->domain_parameters_size;
- if( attributes->domain_parameters_size != 0 )
- memcpy( data, attributes->domain_parameters,
- attributes->domain_parameters_size );
- return( PSA_SUCCESS );
-}
-
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
static psa_status_t psa_get_rsa_public_exponent(
@@ -1588,7 +1277,8 @@
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
if( psa_key_slot_is_external( slot ) )
- psa_set_key_slot_number( attributes, slot->data.se.slot_number );
+ psa_set_key_slot_number( attributes,
+ psa_key_slot_get_slot_number( slot ) );
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
switch( slot->attr.type )
@@ -1608,10 +1298,11 @@
{
mbedtls_rsa_context *rsa = NULL;
- status = psa_load_rsa_representation( slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &rsa );
+ status = mbedtls_psa_rsa_load_representation(
+ slot->attr.type,
+ slot->key.data,
+ slot->key.bytes,
+ &rsa );
if( status != PSA_SUCCESS )
break;
@@ -1651,147 +1342,35 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-static psa_status_t psa_internal_export_key_buffer( const psa_key_slot_t *slot,
+static psa_status_t psa_export_key_buffer_internal( const uint8_t *key_buffer,
+ size_t key_buffer_size,
uint8_t *data,
size_t data_size,
size_t *data_length )
{
- if( slot->data.key.bytes > data_size )
+ if( key_buffer_size > data_size )
return( PSA_ERROR_BUFFER_TOO_SMALL );
- memcpy( data, slot->data.key.data, slot->data.key.bytes );
- memset( data + slot->data.key.bytes, 0,
- data_size - slot->data.key.bytes );
- *data_length = slot->data.key.bytes;
+ memcpy( data, key_buffer, key_buffer_size );
+ memset( data + key_buffer_size, 0,
+ data_size - key_buffer_size );
+ *data_length = key_buffer_size;
return( PSA_SUCCESS );
}
-static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot,
- uint8_t *data,
- size_t data_size,
- size_t *data_length,
- int export_public_key )
+psa_status_t psa_export_key_internal(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
{
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- const psa_drv_se_t *drv;
- psa_drv_se_context_t *drv_context;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+ psa_key_type_t type = attributes->core.type;
- *data_length = 0;
-
- if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
- /* Reject a zero-length output buffer now, since this can never be a
- * valid key representation. This way we know that data must be a valid
- * pointer and we can do things like memset(data, ..., data_size). */
- if( data_size == 0 )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
+ if( key_type_is_raw_bytes( type ) ||
+ PSA_KEY_TYPE_IS_RSA( type ) ||
+ PSA_KEY_TYPE_IS_ECC( type ) )
{
- psa_drv_se_export_key_t method;
- if( drv->key_management == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
- method = ( export_public_key ?
- drv->key_management->p_export_public :
- drv->key_management->p_export );
- if( method == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
- return( method( drv_context,
- slot->data.se.slot_number,
- data, data_size, data_length ) );
- }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
- if( key_type_is_raw_bytes( slot->attr.type ) )
- {
- return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
- }
- else if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ||
- PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
- {
- if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) )
- {
- /* Exporting public -> public */
- return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
- }
- else if( !export_public_key )
- {
- /* Exporting private -> private */
- return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
- }
-
- /* Need to export the public part of a private key,
- * so conversion is needed. Try the accelerators first. */
- psa_status_t status = psa_driver_wrapper_export_public_key( slot,
- data,
- data_size,
- data_length );
-
- if( status != PSA_ERROR_NOT_SUPPORTED ||
- psa_key_lifetime_is_external( slot->attr.lifetime ) )
- return( status );
-
- if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
- {
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
- mbedtls_rsa_context *rsa = NULL;
- status = psa_load_rsa_representation(
- slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &rsa );
- if( status != PSA_SUCCESS )
- return( status );
-
- status = psa_export_rsa_key( PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- rsa,
- data,
- data_size,
- data_length );
-
- mbedtls_rsa_free( rsa );
- mbedtls_free( rsa );
-
- return( status );
-#else
- /* We don't know how to convert a private RSA key to public. */
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
- }
- else
- {
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
- mbedtls_ecp_keypair *ecp = NULL;
- status = psa_load_ecp_representation(
- slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &ecp );
- if( status != PSA_SUCCESS )
- return( status );
-
- status = psa_export_ecp_key( PSA_KEY_TYPE_ECC_PUBLIC_KEY(
- PSA_KEY_TYPE_ECC_GET_FAMILY(
- slot->attr.type ) ),
- ecp,
- data,
- data_size,
- data_length );
-
- mbedtls_ecp_keypair_free( ecp );
- mbedtls_free( ecp );
- return( status );
-#else
- /* We don't know how to convert a private ECC key to public */
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
- }
+ return( psa_export_key_buffer_internal(
+ key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
}
else
{
@@ -1811,6 +1390,12 @@
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
+ /* Reject a zero-length output buffer now, since this can never be a
+ * valid key representation. This way we know that data must be a valid
+ * pointer and we can do things like memset(data, ..., data_size). */
+ if( data_size == 0 )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
/* Set the key to empty now, so that even when there are errors, we always
* set data_length to a value between 0 and data_size. On error, setting
* the key to empty is a good choice because an empty key representation is
@@ -1826,12 +1411,80 @@
if( status != PSA_SUCCESS )
return( status );
- status = psa_internal_export_key( slot, data, data_size, data_length, 0 );
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+ status = psa_driver_wrapper_export_key( &attributes,
+ slot->key.data, slot->key.bytes,
+ data, data_size, data_length );
+
unlock_status = psa_unlock_key_slot( slot );
return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
+psa_status_t psa_export_public_key_internal(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length )
+{
+ psa_key_type_t type = attributes->core.type;
+
+ if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) )
+ {
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ /* Exporting public -> public */
+ return( psa_export_key_buffer_internal(
+ key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
+ }
+
+ if( PSA_KEY_TYPE_IS_RSA( type ) )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ return( mbedtls_psa_rsa_export_public_key( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
+#else
+ /* We don't know how to convert a private RSA key to public. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+ }
+ else
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ return( mbedtls_psa_ecp_export_public_key( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
+#else
+ /* We don't know how to convert a private ECC key to public */
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
+ }
+ }
+ else
+ {
+ /* This shouldn't happen in the reference implementation, but
+ it is valid for a special-purpose implementation to omit
+ support for exporting certain key types. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+}
+
psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key,
uint8_t *data,
size_t data_size,
@@ -1841,6 +1494,12 @@
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
+ /* Reject a zero-length output buffer now, since this can never be a
+ * valid key representation. This way we know that data must be a valid
+ * pointer and we can do things like memset(data, ..., data_size). */
+ if( data_size == 0 )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
/* Set the key to empty now, so that even when there are errors, we always
* set data_length to a value between 0 and data_size. On error, setting
* the key to empty is a good choice because an empty key representation is
@@ -1852,7 +1511,20 @@
if( status != PSA_SUCCESS )
return( status );
- status = psa_internal_export_key( slot, data, data_size, data_length, 1 );
+ if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+ status = psa_driver_wrapper_export_public_key(
+ &attributes, slot->key.data, slot->key.bytes,
+ data, data_size, data_length );
+
+exit:
unlock_status = psa_unlock_key_slot( slot );
return( ( status == PSA_SUCCESS ) ? unlock_status : status );
@@ -1879,6 +1551,8 @@
PSA_KEY_USAGE_COPY |
PSA_KEY_USAGE_ENCRYPT |
PSA_KEY_USAGE_DECRYPT |
+ PSA_KEY_USAGE_SIGN_MESSAGE |
+ PSA_KEY_USAGE_VERIFY_MESSAGE |
PSA_KEY_USAGE_SIGN_HASH |
PSA_KEY_USAGE_VERIFY_HASH |
PSA_KEY_USAGE_DERIVE ) ) != 0 )
@@ -1923,9 +1597,8 @@
}
else
{
- status = psa_validate_key_id( psa_get_key_id( attributes ), 0 );
- if( status != PSA_SUCCESS )
- return( status );
+ if( !psa_is_valid_key_id( psa_get_key_id( attributes ), 0 ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
status = psa_validate_key_policy( &attributes->core.policy );
@@ -2043,8 +1716,9 @@
* we can roll back to a state where the key doesn't exist. */
if( *p_drv != NULL )
{
+ psa_key_slot_number_t slot_number;
status = psa_find_se_slot_for_key( attributes, method, *p_drv,
- &slot->data.se.slot_number );
+ &slot_number );
if( status != PSA_SUCCESS )
return( status );
@@ -2052,7 +1726,7 @@
{
psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY );
psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
- psa_crypto_transaction.key.slot = slot->data.se.slot_number;
+ psa_crypto_transaction.key.slot = slot_number;
psa_crypto_transaction.key.id = slot->attr.id;
status = psa_crypto_save_transaction( );
if( status != PSA_SUCCESS )
@@ -2061,6 +1735,9 @@
return( status );
}
}
+
+ status = psa_copy_key_material_into_slot(
+ slot, (uint8_t *)( &slot_number ), sizeof( slot_number ) );
}
if( *p_drv == NULL && method == PSA_KEY_CREATION_REGISTER )
@@ -2093,6 +1770,13 @@
*
* \retval #PSA_SUCCESS
* The key was successfully created.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ *
* \return If this function fails, the key slot is an invalid state.
* You must call psa_fail_key_creation() to wipe and free the slot.
*/
@@ -2112,13 +1796,15 @@
if( driver != NULL )
{
psa_se_key_data_storage_t data;
+ psa_key_slot_number_t slot_number =
+ psa_key_slot_get_slot_number( slot ) ;
+
#if defined(static_assert)
- static_assert( sizeof( slot->data.se.slot_number ) ==
+ static_assert( sizeof( slot_number ) ==
sizeof( data.slot_number ),
"Slot number size does not match psa_se_key_data_storage_t" );
#endif
- memcpy( &data.slot_number, &slot->data.se.slot_number,
- sizeof( slot->data.se.slot_number ) );
+ memcpy( &data.slot_number, &slot_number, sizeof( slot_number ) );
status = psa_save_persistent_key( &slot->attr,
(uint8_t*) &data,
sizeof( data ) );
@@ -2129,8 +1815,8 @@
/* Key material is saved in export representation in the slot, so
* just pass the slot buffer for storage. */
status = psa_save_persistent_key( &slot->attr,
- slot->data.key.data,
- slot->data.key.bytes );
+ slot->key.data,
+ slot->key.bytes );
}
}
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
@@ -2234,11 +1920,11 @@
mbedtls_mpi actual, required;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- psa_status_t status = psa_load_rsa_representation(
- slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &rsa );
+ psa_status_t status = mbedtls_psa_rsa_load_representation(
+ slot->attr.type,
+ slot->key.data,
+ slot->key.bytes,
+ &rsa );
if( status != PSA_SUCCESS )
return( status );
@@ -2288,6 +1974,7 @@
psa_status_t status;
psa_key_slot_t *slot = NULL;
psa_se_drv_table_entry_t *driver = NULL;
+ size_t bits;
*key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -2302,39 +1989,34 @@
if( status != PSA_SUCCESS )
goto exit;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- if( driver != NULL )
+ /* In the case of a transparent key or an opaque key stored in local
+ * storage (thus not in the case of generating a key in a secure element
+ * or cryptoprocessor with storage), we have to allocate a buffer to
+ * hold the generated key material. */
+ if( slot->key.data == NULL )
{
- const psa_drv_se_t *drv = psa_get_se_driver_methods( driver );
- /* The driver should set the number of key bits, however in
- * case it doesn't, we initialize bits to an invalid value. */
- size_t bits = PSA_MAX_KEY_BITS + 1;
- if( drv->key_management == NULL ||
- drv->key_management->p_import == NULL )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
- status = drv->key_management->p_import(
- psa_get_se_driver_context( driver ),
- slot->data.se.slot_number, attributes, data, data_length,
- &bits );
+ status = psa_allocate_buffer_to_slot( slot, data_length );
if( status != PSA_SUCCESS )
goto exit;
- if( bits > PSA_MAX_KEY_BITS )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
+ }
+
+ bits = slot->attr.bits;
+ status = psa_driver_wrapper_import_key( attributes,
+ data, data_length,
+ slot->key.data,
+ slot->key.bytes,
+ &slot->key.bytes, &bits );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( slot->attr.bits == 0 )
slot->attr.bits = (psa_key_bits_t) bits;
- }
- else
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+ else if( bits != slot->attr.bits )
{
- status = psa_import_key_into_slot( slot, data, data_length );
- if( status != PSA_SUCCESS )
- goto exit;
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
}
+
status = psa_validate_optional_attributes( slot, attributes );
if( status != PSA_SUCCESS )
goto exit;
@@ -2386,8 +2068,8 @@
psa_key_slot_t *target )
{
psa_status_t status = psa_copy_key_material_into_slot( target,
- source->data.key.data,
- source->data.key.bytes );
+ source->key.data,
+ source->key.bytes );
if( status != PSA_SUCCESS )
return( status );
@@ -2420,7 +2102,8 @@
if( status != PSA_SUCCESS )
goto exit;
- status = psa_restrict_key_policy( &actual_attributes.core.policy,
+ status = psa_restrict_key_policy( source_slot->attr.type,
+ &actual_attributes.core.policy,
&source_slot->attr.policy );
if( status != PSA_SUCCESS )
goto exit;
@@ -2439,6 +2122,17 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+ if( psa_key_lifetime_is_external( actual_attributes.core.lifetime ) )
+ {
+ /*
+ * Copying through an opaque driver is not implemented yet, consider
+ * a lifetime with an external location as an invalid parameter for
+ * now.
+ */
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
status = psa_copy_key_material( source_slot, target_slot );
if( status != PSA_SUCCESS )
goto exit;
@@ -2459,274 +2153,73 @@
/* Message digests */
/****************************************************************/
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
-{
- switch( alg )
- {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- return( &mbedtls_md2_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- return( &mbedtls_md4_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
- case PSA_ALG_MD5:
- return( &mbedtls_md5_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
- case PSA_ALG_RIPEMD160:
- return( &mbedtls_ripemd160_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
- case PSA_ALG_SHA_1:
- return( &mbedtls_sha1_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
- case PSA_ALG_SHA_224:
- return( &mbedtls_sha224_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
- case PSA_ALG_SHA_256:
- return( &mbedtls_sha256_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
- case PSA_ALG_SHA_384:
- return( &mbedtls_sha384_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
- case PSA_ALG_SHA_512:
- return( &mbedtls_sha512_info );
-#endif
- default:
- return( NULL );
- }
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-
psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
{
- switch( operation->alg )
- {
- case 0:
- /* The object has (apparently) been initialized but it is not
- * in use. It's ok to call abort on such an object, and there's
- * nothing to do. */
- break;
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_free( &operation->ctx.md2 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_free( &operation->ctx.md4 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
- case PSA_ALG_MD5:
- mbedtls_md5_free( &operation->ctx.md5 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
- case PSA_ALG_RIPEMD160:
- mbedtls_ripemd160_free( &operation->ctx.ripemd160 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
- case PSA_ALG_SHA_1:
- mbedtls_sha1_free( &operation->ctx.sha1 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
- case PSA_ALG_SHA_224:
- mbedtls_sha256_free( &operation->ctx.sha256 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
- case PSA_ALG_SHA_256:
- mbedtls_sha256_free( &operation->ctx.sha256 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
- case PSA_ALG_SHA_384:
- mbedtls_sha512_free( &operation->ctx.sha512 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
- case PSA_ALG_SHA_512:
- mbedtls_sha512_free( &operation->ctx.sha512 );
- break;
-#endif
- default:
- return( PSA_ERROR_BAD_STATE );
- }
- operation->alg = 0;
- return( PSA_SUCCESS );
+ /* Aborting a non-active operation is allowed */
+ if( operation->id == 0 )
+ return( PSA_SUCCESS );
+
+ psa_status_t status = psa_driver_wrapper_hash_abort( operation );
+ operation->id = 0;
+
+ return( status );
}
psa_status_t psa_hash_setup( psa_hash_operation_t *operation,
psa_algorithm_t alg )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
/* A context must be freshly initialized before it can be set up. */
- if( operation->alg != 0 )
+ if( operation->id != 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
- switch( alg )
+ if( !PSA_ALG_IS_HASH( alg ) )
{
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_init( &operation->ctx.md2 );
- ret = mbedtls_md2_starts_ret( &operation->ctx.md2 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_init( &operation->ctx.md4 );
- ret = mbedtls_md4_starts_ret( &operation->ctx.md4 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
- case PSA_ALG_MD5:
- mbedtls_md5_init( &operation->ctx.md5 );
- ret = mbedtls_md5_starts_ret( &operation->ctx.md5 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
- case PSA_ALG_RIPEMD160:
- mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
- ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
- case PSA_ALG_SHA_1:
- mbedtls_sha1_init( &operation->ctx.sha1 );
- ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
- case PSA_ALG_SHA_224:
- mbedtls_sha256_init( &operation->ctx.sha256 );
- ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
- case PSA_ALG_SHA_256:
- mbedtls_sha256_init( &operation->ctx.sha256 );
- ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
- case PSA_ALG_SHA_384:
- mbedtls_sha512_init( &operation->ctx.sha512 );
- ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
- case PSA_ALG_SHA_512:
- mbedtls_sha512_init( &operation->ctx.sha512 );
- ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 );
- break;
-#endif
- default:
- return( PSA_ALG_IS_HASH( alg ) ?
- PSA_ERROR_NOT_SUPPORTED :
- PSA_ERROR_INVALID_ARGUMENT );
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
}
- if( ret == 0 )
- operation->alg = alg;
- else
+
+ /* Ensure all of the context is zeroized, since PSA_HASH_OPERATION_INIT only
+ * directly zeroes the int-sized dummy member of the context union. */
+ memset( &operation->ctx, 0, sizeof( operation->ctx ) );
+
+ status = psa_driver_wrapper_hash_setup( operation, alg );
+
+exit:
+ if( status != PSA_SUCCESS )
psa_hash_abort( operation );
- return( mbedtls_to_psa_error( ret ) );
+
+ return status;
}
psa_status_t psa_hash_update( psa_hash_operation_t *operation,
const uint8_t *input,
size_t input_length )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ if( operation->id == 0 )
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
/* Don't require hash implementations to behave correctly on a
* zero-length input, which may have an invalid pointer. */
if( input_length == 0 )
return( PSA_SUCCESS );
- switch( operation->alg )
- {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- ret = mbedtls_md2_update_ret( &operation->ctx.md2,
- input, input_length );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- ret = mbedtls_md4_update_ret( &operation->ctx.md4,
- input, input_length );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
- case PSA_ALG_MD5:
- ret = mbedtls_md5_update_ret( &operation->ctx.md5,
- input, input_length );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
- case PSA_ALG_RIPEMD160:
- ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160,
- input, input_length );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
- case PSA_ALG_SHA_1:
- ret = mbedtls_sha1_update_ret( &operation->ctx.sha1,
- input, input_length );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
- case PSA_ALG_SHA_224:
- ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
- input, input_length );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
- case PSA_ALG_SHA_256:
- ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
- input, input_length );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
- case PSA_ALG_SHA_384:
- ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
- input, input_length );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
- case PSA_ALG_SHA_512:
- ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
- input, input_length );
- break;
-#endif
- default:
- (void)input;
- return( PSA_ERROR_BAD_STATE );
- }
+ status = psa_driver_wrapper_hash_update( operation, input, input_length );
- if( ret != 0 )
+exit:
+ if( status != PSA_SUCCESS )
psa_hash_abort( operation );
- return( mbedtls_to_psa_error( ret ) );
+
+ return( status );
}
psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
@@ -2734,88 +2227,14 @@
size_t hash_size,
size_t *hash_length )
{
- psa_status_t status;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t actual_hash_length = PSA_HASH_SIZE( operation->alg );
+ *hash_length = 0;
+ if( operation->id == 0 )
+ return( PSA_ERROR_BAD_STATE );
- /* Fill the output buffer with something that isn't a valid hash
- * (barring an attack on the hash and deliberately-crafted input),
- * in case the caller doesn't check the return status properly. */
- *hash_length = hash_size;
- /* If hash_size is 0 then hash may be NULL and then the
- * call to memset would have undefined behavior. */
- if( hash_size != 0 )
- memset( hash, '!', hash_size );
-
- if( hash_size < actual_hash_length )
- {
- status = PSA_ERROR_BUFFER_TOO_SMALL;
- goto exit;
- }
-
- switch( operation->alg )
- {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
- case PSA_ALG_MD5:
- ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
- case PSA_ALG_RIPEMD160:
- ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
- case PSA_ALG_SHA_1:
- ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
- case PSA_ALG_SHA_224:
- ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
- case PSA_ALG_SHA_256:
- ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
- case PSA_ALG_SHA_384:
- ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
- case PSA_ALG_SHA_512:
- ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
- break;
-#endif
- default:
- return( PSA_ERROR_BAD_STATE );
- }
- status = mbedtls_to_psa_error( ret );
-
-exit:
- if( status == PSA_SUCCESS )
- {
- *hash_length = actual_hash_length;
- return( psa_hash_abort( operation ) );
- }
- else
- {
- psa_hash_abort( operation );
- return( status );
- }
+ psa_status_t status = psa_driver_wrapper_hash_finish(
+ operation, hash, hash_size, hash_length );
+ psa_hash_abort( operation );
+ return( status );
}
psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
@@ -2824,16 +2243,28 @@
{
uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
size_t actual_hash_length;
- psa_status_t status = psa_hash_finish( operation,
- actual_hash, sizeof( actual_hash ),
- &actual_hash_length );
+ psa_status_t status = psa_hash_finish(
+ operation,
+ actual_hash, sizeof( actual_hash ),
+ &actual_hash_length );
+
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
+
if( actual_hash_length != hash_length )
- return( PSA_ERROR_INVALID_SIGNATURE );
- if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
- return( PSA_ERROR_INVALID_SIGNATURE );
- return( PSA_SUCCESS );
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+
+ if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
+ status = PSA_ERROR_INVALID_SIGNATURE;
+
+exit:
+ if( status != PSA_SUCCESS )
+ psa_hash_abort(operation);
+
+ return( status );
}
psa_status_t psa_hash_compute( psa_algorithm_t alg,
@@ -2841,123 +2272,52 @@
uint8_t *hash, size_t hash_size,
size_t *hash_length )
{
- psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ *hash_length = 0;
+ if( !PSA_ALG_IS_HASH( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
- *hash_length = hash_size;
- status = psa_hash_setup( &operation, alg );
- if( status != PSA_SUCCESS )
- goto exit;
- status = psa_hash_update( &operation, input, input_length );
- if( status != PSA_SUCCESS )
- goto exit;
- status = psa_hash_finish( &operation, hash, hash_size, hash_length );
- if( status != PSA_SUCCESS )
- goto exit;
-
-exit:
- if( status == PSA_SUCCESS )
- status = psa_hash_abort( &operation );
- else
- psa_hash_abort( &operation );
- return( status );
+ return( psa_driver_wrapper_hash_compute( alg, input, input_length,
+ hash, hash_size, hash_length ) );
}
psa_status_t psa_hash_compare( psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
const uint8_t *hash, size_t hash_length )
{
- psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
+ size_t actual_hash_length;
- status = psa_hash_setup( &operation, alg );
- if( status != PSA_SUCCESS )
- goto exit;
- status = psa_hash_update( &operation, input, input_length );
- if( status != PSA_SUCCESS )
- goto exit;
- status = psa_hash_verify( &operation, hash, hash_length );
- if( status != PSA_SUCCESS )
- goto exit;
+ if( !PSA_ALG_IS_HASH( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
-exit:
- if( status == PSA_SUCCESS )
- status = psa_hash_abort( &operation );
- else
- psa_hash_abort( &operation );
- return( status );
+ psa_status_t status = psa_driver_wrapper_hash_compute(
+ alg, input, input_length,
+ actual_hash, sizeof(actual_hash),
+ &actual_hash_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( actual_hash_length != hash_length )
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ return( PSA_SUCCESS );
}
psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation,
psa_hash_operation_t *target_operation )
{
- if( target_operation->alg != 0 )
- return( PSA_ERROR_BAD_STATE );
-
- switch( source_operation->alg )
+ if( source_operation->id == 0 ||
+ target_operation->id != 0 )
{
- case 0:
- return( PSA_ERROR_BAD_STATE );
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_clone( &target_operation->ctx.md2,
- &source_operation->ctx.md2 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_clone( &target_operation->ctx.md4,
- &source_operation->ctx.md4 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
- case PSA_ALG_MD5:
- mbedtls_md5_clone( &target_operation->ctx.md5,
- &source_operation->ctx.md5 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
- case PSA_ALG_RIPEMD160:
- mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160,
- &source_operation->ctx.ripemd160 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
- case PSA_ALG_SHA_1:
- mbedtls_sha1_clone( &target_operation->ctx.sha1,
- &source_operation->ctx.sha1 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
- case PSA_ALG_SHA_224:
- mbedtls_sha256_clone( &target_operation->ctx.sha256,
- &source_operation->ctx.sha256 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
- case PSA_ALG_SHA_256:
- mbedtls_sha256_clone( &target_operation->ctx.sha256,
- &source_operation->ctx.sha256 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
- case PSA_ALG_SHA_384:
- mbedtls_sha512_clone( &target_operation->ctx.sha512,
- &source_operation->ctx.sha512 );
- break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
- case PSA_ALG_SHA_512:
- mbedtls_sha512_clone( &target_operation->ctx.sha512,
- &source_operation->ctx.sha512 );
- break;
-#endif
- default:
- return( PSA_ERROR_NOT_SUPPORTED );
+ return( PSA_ERROR_BAD_STATE );
}
- target_operation->alg = source_operation->alg;
- return( PSA_SUCCESS );
+ psa_status_t status = psa_driver_wrapper_hash_clone( source_operation,
+ target_operation );
+ if( status != PSA_SUCCESS )
+ psa_hash_abort( target_operation );
+
+ return( status );
}
@@ -2965,310 +2325,59 @@
/* MAC */
/****************************************************************/
-static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
- psa_algorithm_t alg,
- psa_key_type_t key_type,
- size_t key_bits,
- mbedtls_cipher_id_t* cipher_id )
-{
- mbedtls_cipher_mode_t mode;
- mbedtls_cipher_id_t cipher_id_tmp;
-
- if( PSA_ALG_IS_AEAD( alg ) )
- alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 );
-
- if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
- {
- switch( alg )
- {
- case PSA_ALG_ARC4:
- case PSA_ALG_CHACHA20:
- mode = MBEDTLS_MODE_STREAM;
- break;
- case PSA_ALG_CTR:
- mode = MBEDTLS_MODE_CTR;
- break;
- case PSA_ALG_CFB:
- mode = MBEDTLS_MODE_CFB;
- break;
- case PSA_ALG_OFB:
- mode = MBEDTLS_MODE_OFB;
- break;
- case PSA_ALG_ECB_NO_PADDING:
- mode = MBEDTLS_MODE_ECB;
- break;
- case PSA_ALG_CBC_NO_PADDING:
- mode = MBEDTLS_MODE_CBC;
- break;
- case PSA_ALG_CBC_PKCS7:
- mode = MBEDTLS_MODE_CBC;
- break;
- case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):
- mode = MBEDTLS_MODE_CCM;
- break;
- case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):
- mode = MBEDTLS_MODE_GCM;
- break;
- case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CHACHA20_POLY1305, 0 ):
- mode = MBEDTLS_MODE_CHACHAPOLY;
- break;
- default:
- return( NULL );
- }
- }
- else if( alg == PSA_ALG_CMAC )
- mode = MBEDTLS_MODE_ECB;
- else
- return( NULL );
-
- switch( key_type )
- {
- case PSA_KEY_TYPE_AES:
- cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
- break;
- case PSA_KEY_TYPE_DES:
- /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
- * and 192 for three-key Triple-DES. */
- if( key_bits == 64 )
- cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
- else
- cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
- /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
- * but two-key Triple-DES is functionally three-key Triple-DES
- * with K1=K3, so that's how we present it to mbedtls. */
- if( key_bits == 128 )
- key_bits = 192;
- break;
- case PSA_KEY_TYPE_CAMELLIA:
- cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
- break;
- case PSA_KEY_TYPE_ARC4:
- cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
- break;
- case PSA_KEY_TYPE_CHACHA20:
- cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20;
- break;
- default:
- return( NULL );
- }
- if( cipher_id != NULL )
- *cipher_id = cipher_id_tmp;
-
- return( mbedtls_cipher_info_from_values( cipher_id_tmp,
- (int) key_bits, mode ) );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-static size_t psa_get_hash_block_size( psa_algorithm_t alg )
-{
- switch( alg )
- {
- case PSA_ALG_MD2:
- return( 16 );
- case PSA_ALG_MD4:
- return( 64 );
- case PSA_ALG_MD5:
- return( 64 );
- case PSA_ALG_RIPEMD160:
- return( 64 );
- case PSA_ALG_SHA_1:
- return( 64 );
- case PSA_ALG_SHA_224:
- return( 64 );
- case PSA_ALG_SHA_256:
- return( 64 );
- case PSA_ALG_SHA_384:
- return( 128 );
- case PSA_ALG_SHA_512:
- return( 128 );
- default:
- return( 0 );
- }
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) */
-
-/* Initialize the MAC operation structure. Once this function has been
- * called, psa_mac_abort can run and will do the right thing. */
-static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
- psa_algorithm_t alg )
-{
- psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
-
- operation->alg = alg;
- operation->key_set = 0;
- operation->iv_set = 0;
- operation->iv_required = 0;
- operation->has_input = 0;
- operation->is_sign = 0;
-
-#if defined(MBEDTLS_CMAC_C)
- if( alg == PSA_ALG_CMAC )
- {
- operation->iv_required = 0;
- mbedtls_cipher_init( &operation->ctx.cmac );
- status = PSA_SUCCESS;
- }
- else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
- if( PSA_ALG_IS_HMAC( operation->alg ) )
- {
- /* We'll set up the hash operation later in psa_hmac_setup_internal. */
- operation->ctx.hmac.hash_ctx.alg = 0;
- status = PSA_SUCCESS;
- }
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
- {
- if( ! PSA_ALG_IS_MAC( alg ) )
- status = PSA_ERROR_INVALID_ARGUMENT;
- }
-
- if( status != PSA_SUCCESS )
- memset( operation, 0, sizeof( *operation ) );
- return( status );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac )
-{
- mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) );
- return( psa_hash_abort( &hmac->hash_ctx ) );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-
psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
{
- if( operation->alg == 0 )
- {
- /* The object has (apparently) been initialized but it is not
- * in use. It's ok to call abort on such an object, and there's
- * nothing to do. */
+ /* Aborting a non-active operation is allowed */
+ if( operation->id == 0 )
return( PSA_SUCCESS );
- }
- else
-#if defined(MBEDTLS_CMAC_C)
- if( operation->alg == PSA_ALG_CMAC )
- {
- mbedtls_cipher_free( &operation->ctx.cmac );
- }
- else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
- if( PSA_ALG_IS_HMAC( operation->alg ) )
- {
- psa_hmac_abort_internal( &operation->ctx.hmac );
- }
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
- {
- /* Sanity check (shouldn't happen: operation->alg should
- * always have been initialized to a valid value). */
- goto bad_state;
- }
- operation->alg = 0;
- operation->key_set = 0;
- operation->iv_set = 0;
- operation->iv_required = 0;
- operation->has_input = 0;
+ psa_status_t status = psa_driver_wrapper_mac_abort( operation );
+ operation->mac_size = 0;
operation->is_sign = 0;
-
- return( PSA_SUCCESS );
-
-bad_state:
- /* If abort is called on an uninitialized object, we can't trust
- * anything. Wipe the object in case it contains confidential data.
- * This may result in a memory leak if a pointer gets overwritten,
- * but it's too late to do anything about this. */
- memset( operation, 0, sizeof( *operation ) );
- return( PSA_ERROR_BAD_STATE );
-}
-
-#if defined(MBEDTLS_CMAC_C)
-static int psa_cmac_setup( psa_mac_operation_t *operation,
- size_t key_bits,
- psa_key_slot_t *slot,
- const mbedtls_cipher_info_t *cipher_info )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
- operation->mac_size = cipher_info->block_size;
-
- ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
- if( ret != 0 )
- return( ret );
-
- ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
- slot->data.key.data,
- key_bits );
- return( ret );
-}
-#endif /* MBEDTLS_CMAC_C */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
- const uint8_t *key,
- size_t key_length,
- psa_algorithm_t hash_alg )
-{
- uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
- size_t i;
- size_t hash_size = PSA_HASH_SIZE( hash_alg );
- size_t block_size = psa_get_hash_block_size( hash_alg );
- psa_status_t status;
-
- /* Sanity checks on block_size, to guarantee that there won't be a buffer
- * overflow below. This should never trigger if the hash algorithm
- * is implemented correctly. */
- /* The size checks against the ipad and opad buffers cannot be written
- * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )`
- * because that triggers -Wlogical-op on GCC 7.3. */
- if( block_size > sizeof( ipad ) )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( block_size > sizeof( hmac->opad ) )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( block_size < hash_size )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- if( key_length > block_size )
- {
- status = psa_hash_compute( hash_alg, key, key_length,
- ipad, sizeof( ipad ), &key_length );
- if( status != PSA_SUCCESS )
- goto cleanup;
- }
- /* A 0-length key is not commonly used in HMAC when used as a MAC,
- * but it is permitted. It is common when HMAC is used in HKDF, for
- * example. Don't call `memcpy` in the 0-length because `key` could be
- * an invalid pointer which would make the behavior undefined. */
- else if( key_length != 0 )
- memcpy( ipad, key, key_length );
-
- /* ipad contains the key followed by garbage. Xor and fill with 0x36
- * to create the ipad value. */
- for( i = 0; i < key_length; i++ )
- ipad[i] ^= 0x36;
- memset( ipad + key_length, 0x36, block_size - key_length );
-
- /* Copy the key material from ipad to opad, flipping the requisite bits,
- * and filling the rest of opad with the requisite constant. */
- for( i = 0; i < key_length; i++ )
- hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
- memset( hmac->opad + key_length, 0x5C, block_size - key_length );
-
- status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
- if( status != PSA_SUCCESS )
- goto cleanup;
-
- status = psa_hash_update( &hmac->hash_ctx, ipad, block_size );
-
-cleanup:
- mbedtls_platform_zeroize( ipad, sizeof( ipad ) );
+ operation->id = 0;
return( status );
}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+
+static psa_status_t psa_mac_finalize_alg_and_key_validation(
+ psa_algorithm_t alg,
+ const psa_key_attributes_t *attributes,
+ uint8_t *mac_size )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t key_type = psa_get_key_type( attributes );
+ size_t key_bits = psa_get_key_bits( attributes );
+
+ if( ! PSA_ALG_IS_MAC( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ /* Validate the combination of key type and algorithm */
+ status = psa_mac_key_can_do( alg, key_type );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ /* Get the output length for the algorithm and key combination */
+ *mac_size = PSA_MAC_LENGTH( key_type, key_bits, alg );
+
+ if( *mac_size < 4 )
+ {
+ /* A very short MAC is too short for security since it can be
+ * brute-forced. Ancient protocols with 32-bit MACs do exist,
+ * so we make this our minimum, even though 32 bits is still
+ * too small for security. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( *mac_size > PSA_MAC_LENGTH( key_type, key_bits,
+ PSA_ALG_FULL_LENGTH_MAC( alg ) ) )
+ {
+ /* It's impossible to "truncate" to a larger length than the full length
+ * of the algorithm. */
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+ return( PSA_SUCCESS );
+}
static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
mbedtls_svc_key_id_t key,
@@ -3277,115 +2386,54 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_key_slot_t *slot;
- size_t key_bits;
- psa_key_usage_t usage =
- is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH;
- uint8_t truncated = PSA_MAC_TRUNCATED_LENGTH( alg );
- psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg );
+ psa_key_slot_t *slot = NULL;
/* A context must be freshly initialized before it can be set up. */
- if( operation->alg != 0 )
+ if( operation->id != 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
- status = psa_mac_init( operation, full_length_alg );
- if( status != PSA_SUCCESS )
- return( status );
- if( is_sign )
- operation->is_sign = 1;
-
- status = psa_get_and_lock_transparent_key_slot_with_policy(
- key, &slot, usage, alg );
+ status = psa_get_and_lock_key_slot_with_policy(
+ key,
+ &slot,
+ is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH,
+ alg );
if( status != PSA_SUCCESS )
goto exit;
- key_bits = psa_get_key_slot_bits( slot );
-#if defined(MBEDTLS_CMAC_C)
- if( full_length_alg == PSA_ALG_CMAC )
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ status = psa_mac_finalize_alg_and_key_validation( alg, &attributes,
+ &operation->mac_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ operation->is_sign = is_sign;
+ /* Dispatch the MAC setup call with validated input */
+ if( is_sign )
{
- const mbedtls_cipher_info_t *cipher_info =
- mbedtls_cipher_info_from_psa( full_length_alg,
- slot->attr.type, key_bits, NULL );
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( cipher_info == NULL )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
- operation->mac_size = cipher_info->block_size;
- ret = psa_cmac_setup( operation, key_bits, slot, cipher_info );
- status = mbedtls_to_psa_error( ret );
+ status = psa_driver_wrapper_mac_sign_setup( operation,
+ &attributes,
+ slot->key.data,
+ slot->key.bytes,
+ alg );
}
else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
- if( PSA_ALG_IS_HMAC( full_length_alg ) )
{
- psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
- if( hash_alg == 0 )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
-
- operation->mac_size = PSA_HASH_SIZE( hash_alg );
- /* Sanity check. This shouldn't fail on a valid configuration. */
- if( operation->mac_size == 0 ||
- operation->mac_size > sizeof( operation->ctx.hmac.opad ) )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
-
- if( slot->attr.type != PSA_KEY_TYPE_HMAC )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
-
- status = psa_hmac_setup_internal( &operation->ctx.hmac,
- slot->data.key.data,
- slot->data.key.bytes,
- hash_alg );
+ status = psa_driver_wrapper_mac_verify_setup( operation,
+ &attributes,
+ slot->key.data,
+ slot->key.bytes,
+ alg );
}
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
- {
- (void) key_bits;
- status = PSA_ERROR_NOT_SUPPORTED;
- }
-
- if( truncated == 0 )
- {
- /* The "normal" case: untruncated algorithm. Nothing to do. */
- }
- else if( truncated < 4 )
- {
- /* A very short MAC is too short for security since it can be
- * brute-forced. Ancient protocols with 32-bit MACs do exist,
- * so we make this our minimum, even though 32 bits is still
- * too small for security. */
- status = PSA_ERROR_NOT_SUPPORTED;
- }
- else if( truncated > operation->mac_size )
- {
- /* It's impossible to "truncate" to a larger length. */
- status = PSA_ERROR_INVALID_ARGUMENT;
- }
- else
- operation->mac_size = truncated;
exit:
if( status != PSA_SUCCESS )
- {
psa_mac_abort( operation );
- }
- else
- {
- operation->key_set = 1;
- }
unlock_status = psa_unlock_key_slot( slot );
@@ -3410,590 +2458,320 @@
const uint8_t *input,
size_t input_length )
{
- psa_status_t status = PSA_ERROR_BAD_STATE;
- if( ! operation->key_set )
+ if( operation->id == 0 )
return( PSA_ERROR_BAD_STATE );
- if( operation->iv_required && ! operation->iv_set )
- return( PSA_ERROR_BAD_STATE );
- operation->has_input = 1;
-#if defined(MBEDTLS_CMAC_C)
- if( operation->alg == PSA_ALG_CMAC )
- {
- int ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac,
- input, input_length );
- status = mbedtls_to_psa_error( ret );
- }
- else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
- if( PSA_ALG_IS_HMAC( operation->alg ) )
- {
- status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
- input_length );
- }
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
- {
- /* This shouldn't happen if `operation` was initialized by
- * a setup function. */
- return( PSA_ERROR_BAD_STATE );
- }
+ /* Don't require hash implementations to behave correctly on a
+ * zero-length input, which may have an invalid pointer. */
+ if( input_length == 0 )
+ return( PSA_SUCCESS );
+ psa_status_t status = psa_driver_wrapper_mac_update( operation,
+ input, input_length );
if( status != PSA_SUCCESS )
psa_mac_abort( operation );
+
return( status );
}
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac,
- uint8_t *mac,
- size_t mac_size )
-{
- uint8_t tmp[MBEDTLS_MD_MAX_SIZE];
- psa_algorithm_t hash_alg = hmac->hash_ctx.alg;
- size_t hash_size = 0;
- size_t block_size = psa_get_hash_block_size( hash_alg );
- psa_status_t status;
-
- status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
- if( status != PSA_SUCCESS )
- return( status );
- /* From here on, tmp needs to be wiped. */
-
- status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
- if( status != PSA_SUCCESS )
- goto exit;
-
- status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size );
- if( status != PSA_SUCCESS )
- goto exit;
-
- status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size );
- if( status != PSA_SUCCESS )
- goto exit;
-
- status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
- if( status != PSA_SUCCESS )
- goto exit;
-
- memcpy( mac, tmp, mac_size );
-
-exit:
- mbedtls_platform_zeroize( tmp, hash_size );
- return( status );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-
-static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size )
-{
- if( ! operation->key_set )
- return( PSA_ERROR_BAD_STATE );
- if( operation->iv_required && ! operation->iv_set )
- return( PSA_ERROR_BAD_STATE );
-
- if( mac_size < operation->mac_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-#if defined(MBEDTLS_CMAC_C)
- if( operation->alg == PSA_ALG_CMAC )
- {
- uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE];
- int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
- if( ret == 0 )
- memcpy( mac, tmp, operation->mac_size );
- mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
- return( mbedtls_to_psa_error( ret ) );
- }
- else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
- if( PSA_ALG_IS_HMAC( operation->alg ) )
- {
- return( psa_hmac_finish_internal( &operation->ctx.hmac,
- mac, operation->mac_size ) );
- }
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
- {
- /* This shouldn't happen if `operation` was initialized by
- * a setup function. */
- return( PSA_ERROR_BAD_STATE );
- }
-}
-
psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
uint8_t *mac,
size_t mac_size,
size_t *mac_length )
{
- psa_status_t status;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
- if( operation->alg == 0 )
+ if( operation->id == 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
- /* Fill the output buffer with something that isn't a valid mac
- * (barring an attack on the mac and deliberately-crafted input),
- * in case the caller doesn't check the return status properly. */
- *mac_length = mac_size;
- /* If mac_size is 0 then mac may be NULL and then the
- * call to memset would have undefined behavior. */
- if( mac_size != 0 )
- memset( mac, '!', mac_size );
-
if( ! operation->is_sign )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
- status = psa_mac_finish_internal( operation, mac, mac_size );
-
- if( status == PSA_SUCCESS )
+ /* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL)
+ * once all the error checks are done. */
+ if( operation->mac_size == 0 )
{
- status = psa_mac_abort( operation );
- if( status == PSA_SUCCESS )
- *mac_length = operation->mac_size;
- else
- memset( mac, '!', mac_size );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
- else
- psa_mac_abort( operation );
- return( status );
+
+ if( mac_size < operation->mac_size )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_mac_sign_finish( operation,
+ mac, operation->mac_size,
+ mac_length );
+
+exit:
+ /* In case of success, set the potential excess room in the output buffer
+ * to an invalid value, to avoid potentially leaking a longer MAC.
+ * In case of error, set the output length and content to a safe default,
+ * such that in case the caller misses an error check, the output would be
+ * an unachievable MAC.
+ */
+ if( status != PSA_SUCCESS )
+ {
+ *mac_length = mac_size;
+ operation->mac_size = 0;
+ }
+
+ if( mac_size > operation->mac_size )
+ memset( &mac[operation->mac_size], '!',
+ mac_size - operation->mac_size );
+
+ abort_status = psa_mac_abort( operation );
+
+ return( status == PSA_SUCCESS ? abort_status : status );
}
psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
const uint8_t *mac,
size_t mac_length )
{
- uint8_t actual_mac[PSA_MAC_MAX_SIZE];
- psa_status_t status;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
- if( operation->alg == 0 )
+ if( operation->id == 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
if( operation->is_sign )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
+
if( operation->mac_size != mac_length )
{
status = PSA_ERROR_INVALID_SIGNATURE;
- goto cleanup;
+ goto exit;
}
- status = psa_mac_finish_internal( operation,
- actual_mac, sizeof( actual_mac ) );
- if( status != PSA_SUCCESS )
- goto cleanup;
+ status = psa_driver_wrapper_mac_verify_finish( operation,
+ mac, mac_length );
- if( safer_memcmp( mac, actual_mac, mac_length ) != 0 )
- status = PSA_ERROR_INVALID_SIGNATURE;
+exit:
+ abort_status = psa_mac_abort( operation );
-cleanup:
- if( status == PSA_SUCCESS )
- status = psa_mac_abort( operation );
- else
- psa_mac_abort( operation );
-
- mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
-
- return( status );
+ return( status == PSA_SUCCESS ? abort_status : status );
}
+static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length,
+ int is_sign )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
+ uint8_t operation_mac_size = 0;
+ status = psa_get_and_lock_key_slot_with_policy(
+ key, &slot,
+ is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH,
+ alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ status = psa_mac_finalize_alg_and_key_validation( alg, &attributes,
+ &operation_mac_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( mac_size < operation_mac_size )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_mac_compute(
+ &attributes,
+ slot->key.data, slot->key.bytes,
+ alg,
+ input, input_length,
+ mac, operation_mac_size, mac_length );
+
+exit:
+ /* In case of success, set the potential excess room in the output buffer
+ * to an invalid value, to avoid potentially leaking a longer MAC.
+ * In case of error, set the output length and content to a safe default,
+ * such that in case the caller misses an error check, the output would be
+ * an unachievable MAC.
+ */
+ if( status != PSA_SUCCESS )
+ {
+ *mac_length = mac_size;
+ operation_mac_size = 0;
+ }
+ if( mac_size > operation_mac_size )
+ memset( &mac[operation_mac_size], '!', mac_size - operation_mac_size );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+}
+
+psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ return( psa_mac_compute_internal( key, alg,
+ input, input_length,
+ mac, mac_size, mac_length, 1 ) );
+}
+
+psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *mac,
+ size_t mac_length)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ uint8_t actual_mac[PSA_MAC_MAX_SIZE];
+ size_t actual_mac_length;
+
+ status = psa_mac_compute_internal( key, alg,
+ input, input_length,
+ actual_mac, sizeof( actual_mac ),
+ &actual_mac_length, 0 );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( mac_length != actual_mac_length )
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+ if( mbedtls_psa_safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 )
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+
+exit:
+ mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
+
+ return ( status );
+}
/****************************************************************/
/* Asymmetric cryptography */
/****************************************************************/
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
-/* Decode the hash algorithm from alg and store the mbedtls encoding in
- * md_alg. Verify that the hash length is acceptable. */
-static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
- size_t hash_length,
- mbedtls_md_type_t *md_alg )
+static psa_status_t psa_sign_verify_check_alg( int input_is_message,
+ psa_algorithm_t alg )
{
- psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
- *md_alg = mbedtls_md_get_type( md_info );
-
- /* The Mbed TLS RSA module uses an unsigned int for hash length
- * parameters. Validate that it fits so that we don't risk an
- * overflow later. */
-#if SIZE_MAX > UINT_MAX
- if( hash_length > UINT_MAX )
- return( PSA_ERROR_INVALID_ARGUMENT );
-#endif
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
- /* For PKCS#1 v1.5 signature, if using a hash, the hash length
- * must be correct. */
- if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
- alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
+ if( input_is_message )
{
- if( md_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( mbedtls_md_get_size( md_info ) != hash_length )
+ if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
+ {
+ if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ }
+ else
+ {
+ if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) )
return( PSA_ERROR_INVALID_ARGUMENT );
}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
- /* PSS requires a hash internally. */
- if( PSA_ALG_IS_RSA_PSS( alg ) )
- {
- if( md_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
- }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
return( PSA_SUCCESS );
}
-static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length )
-{
- psa_status_t status;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_md_type_t md_alg;
-
- status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
- if( status != PSA_SUCCESS )
- return( status );
-
- if( signature_size < mbedtls_rsa_get_len( rsa ) )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
- if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
- {
- mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
- MBEDTLS_MD_NONE );
- ret = mbedtls_rsa_pkcs1_sign( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- MBEDTLS_RSA_PRIVATE,
- md_alg,
- (unsigned int) hash_length,
- hash,
- signature );
- }
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
- if( PSA_ALG_IS_RSA_PSS( alg ) )
- {
- mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
- ret = mbedtls_rsa_rsassa_pss_sign( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- MBEDTLS_RSA_PRIVATE,
- MBEDTLS_MD_NONE,
- (unsigned int) hash_length,
- hash,
- signature );
- }
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
- {
- return( PSA_ERROR_INVALID_ARGUMENT );
- }
-
- if( ret == 0 )
- *signature_length = mbedtls_rsa_get_len( rsa );
- return( mbedtls_to_psa_error( ret ) );
-}
-
-static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- const uint8_t *signature,
- size_t signature_length )
-{
- psa_status_t status;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_md_type_t md_alg;
-
- status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
- if( status != PSA_SUCCESS )
- return( status );
-
- if( signature_length != mbedtls_rsa_get_len( rsa ) )
- return( PSA_ERROR_INVALID_SIGNATURE );
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
- if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
- {
- mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
- MBEDTLS_MD_NONE );
- ret = mbedtls_rsa_pkcs1_verify( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- MBEDTLS_RSA_PUBLIC,
- md_alg,
- (unsigned int) hash_length,
- hash,
- signature );
- }
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
- if( PSA_ALG_IS_RSA_PSS( alg ) )
- {
- mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
- ret = mbedtls_rsa_rsassa_pss_verify( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- MBEDTLS_RSA_PUBLIC,
- MBEDTLS_MD_NONE,
- (unsigned int) hash_length,
- hash,
- signature );
- }
- else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
- {
- return( PSA_ERROR_INVALID_ARGUMENT );
- }
-
- /* Mbed TLS distinguishes "invalid padding" from "valid padding but
- * the rest of the signature is invalid". This has little use in
- * practice and PSA doesn't report this distinction. */
- if( ret == MBEDTLS_ERR_RSA_INVALID_PADDING )
- return( PSA_ERROR_INVALID_SIGNATURE );
- return( mbedtls_to_psa_error( ret ) );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-/* `ecp` cannot be const because `ecp->grp` needs to be non-const
- * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
- * (even though these functions don't modify it). */
-static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_mpi r, s;
- size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
- mbedtls_mpi_init( &r );
- mbedtls_mpi_init( &s );
-
- if( signature_size < 2 * curve_bytes )
- {
- ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
- goto cleanup;
- }
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
- if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
- {
- psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
- mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
- MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext( &ecp->grp, &r, &s,
- &ecp->d, hash,
- hash_length, md_alg,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg ) );
- }
- else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
- {
- (void) alg;
- MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
- hash, hash_length,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg ) );
- }
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
- signature,
- curve_bytes ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
- signature + curve_bytes,
- curve_bytes ) );
-
-cleanup:
- mbedtls_mpi_free( &r );
- mbedtls_mpi_free( &s );
- if( ret == 0 )
- *signature_length = 2 * curve_bytes;
- return( mbedtls_to_psa_error( ret ) );
-}
-
-static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp,
- const uint8_t *hash,
- size_t hash_length,
- const uint8_t *signature,
- size_t signature_length )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_mpi r, s;
- size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
- mbedtls_mpi_init( &r );
- mbedtls_mpi_init( &s );
-
- if( signature_length != 2 * curve_bytes )
- return( PSA_ERROR_INVALID_SIGNATURE );
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
- signature,
- curve_bytes ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
- signature + curve_bytes,
- curve_bytes ) );
-
- /* Check whether the public part is loaded. If not, load it. */
- if( mbedtls_ecp_is_zero( &ecp->Q ) )
- {
- MBEDTLS_MPI_CHK(
- mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
- mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
- }
-
- ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length,
- &ecp->Q, &r, &s );
-
-cleanup:
- mbedtls_mpi_free( &r );
- mbedtls_mpi_free( &s );
- return( mbedtls_to_psa_error( ret ) );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-
-psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length )
+static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key,
+ int input_is_message,
+ psa_algorithm_t alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * signature,
+ size_t signature_size,
+ size_t * signature_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- *signature_length = signature_size;
+ *signature_length = 0;
+
+ status = psa_sign_verify_check_alg( input_is_message, alg );
+ if( status != PSA_SUCCESS )
+ return status;
+
/* Immediately reject a zero-length signature buffer. This guarantees
- * that signature must be a valid pointer. (On the other hand, the hash
+ * that signature must be a valid pointer. (On the other hand, the input
* buffer can in principle be empty since it doesn't actually have
* to be a hash.) */
if( signature_size == 0 )
return( PSA_ERROR_BUFFER_TOO_SMALL );
- status = psa_get_and_lock_key_slot_with_policy( key, &slot,
- PSA_KEY_USAGE_SIGN_HASH,
- alg );
+ status = psa_get_and_lock_key_slot_with_policy(
+ key, &slot,
+ input_is_message ? PSA_KEY_USAGE_SIGN_MESSAGE :
+ PSA_KEY_USAGE_SIGN_HASH,
+ alg );
+
if( status != PSA_SUCCESS )
goto exit;
+
if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) )
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
- /* Try any of the available accelerators first */
- status = psa_driver_wrapper_sign_hash( slot,
- alg,
- hash,
- hash_length,
- signature,
- signature_size,
- signature_length );
- if( status != PSA_ERROR_NOT_SUPPORTED ||
- psa_key_lifetime_is_external( slot->attr.lifetime ) )
- goto exit;
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
- /* If the operation was not supported by any accelerator, try fallback. */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
- if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
+ if( input_is_message )
{
- mbedtls_rsa_context *rsa = NULL;
-
- status = psa_load_rsa_representation( slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &rsa );
- if( status != PSA_SUCCESS )
- goto exit;
-
- status = psa_rsa_sign( rsa,
- alg,
- hash, hash_length,
- signature, signature_size,
- signature_length );
-
- mbedtls_rsa_free( rsa );
- mbedtls_free( rsa );
- }
- else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
- if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
- {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
- if(
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
- PSA_ALG_IS_ECDSA( alg )
-#else
- PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
-#endif
- )
- {
- mbedtls_ecp_keypair *ecp = NULL;
- status = psa_load_ecp_representation( slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &ecp );
- if( status != PSA_SUCCESS )
- goto exit;
- status = psa_ecdsa_sign( ecp,
- alg,
- hash, hash_length,
- signature, signature_size,
- signature_length );
- mbedtls_ecp_keypair_free( ecp );
- mbedtls_free( ecp );
- }
- else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- }
+ status = psa_driver_wrapper_sign_message(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg, input, input_length,
+ signature, signature_size, signature_length );
}
else
{
- status = PSA_ERROR_NOT_SUPPORTED;
+
+ status = psa_driver_wrapper_sign_hash(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg, input, input_length,
+ signature, signature_size, signature_length );
}
+
exit:
/* Fill the unused part of the output buffer (the whole buffer on error,
- * the trailing part on success) with something that isn't a valid mac
- * (barring an attack on the mac and deliberately-crafted input),
+ * the trailing part on success) with something that isn't a valid signature
+ * (barring an attack on the signature and deliberately-crafted input),
* in case the caller doesn't check the return status properly. */
if( status == PSA_SUCCESS )
memset( signature + *signature_length, '!',
@@ -4008,6 +2786,278 @@
return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
+static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key,
+ int input_is_message,
+ psa_algorithm_t alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * signature,
+ size_t signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
+
+ status = psa_sign_verify_check_alg( input_is_message, alg );
+ if( status != PSA_SUCCESS )
+ return status;
+
+ status = psa_get_and_lock_key_slot_with_policy(
+ key, &slot,
+ input_is_message ? PSA_KEY_USAGE_VERIFY_MESSAGE :
+ PSA_KEY_USAGE_VERIFY_HASH,
+ alg );
+
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ if( input_is_message )
+ {
+ status = psa_driver_wrapper_verify_message(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg, input, input_length,
+ signature, signature_length );
+ }
+ else
+ {
+ status = psa_driver_wrapper_verify_hash(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg, input, input_length,
+ signature, signature_length );
+ }
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+
+}
+
+psa_status_t psa_sign_message_builtin(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
+ {
+ size_t hash_length;
+ uint8_t hash[PSA_HASH_MAX_SIZE];
+
+ status = psa_driver_wrapper_hash_compute(
+ PSA_ALG_SIGN_GET_HASH( alg ),
+ input, input_length,
+ hash, sizeof( hash ), &hash_length );
+
+ if( status != PSA_SUCCESS )
+ return status;
+
+ return psa_driver_wrapper_sign_hash(
+ attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length );
+ }
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t psa_sign_message( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * signature,
+ size_t signature_size,
+ size_t * signature_length )
+{
+ return psa_sign_internal(
+ key, 1, alg, input, input_length,
+ signature, signature_size, signature_length );
+}
+
+psa_status_t psa_verify_message_builtin(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
+ {
+ size_t hash_length;
+ uint8_t hash[PSA_HASH_MAX_SIZE];
+
+ status = psa_driver_wrapper_hash_compute(
+ PSA_ALG_SIGN_GET_HASH( alg ),
+ input, input_length,
+ hash, sizeof( hash ), &hash_length );
+
+ if( status != PSA_SUCCESS )
+ return status;
+
+ return psa_driver_wrapper_verify_hash(
+ attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length );
+ }
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t psa_verify_message( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * signature,
+ size_t signature_length )
+{
+ return psa_verify_internal(
+ key, 1, alg, input, input_length,
+ signature, signature_length );
+}
+
+psa_status_t psa_sign_hash_builtin(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+ if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
+ {
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
+ PSA_ALG_IS_RSA_PSS( alg) )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+ return( mbedtls_psa_rsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
+ }
+ else
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ }
+ else
+ if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
+ {
+ if( PSA_ALG_IS_ECDSA( alg ) )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+ return( mbedtls_psa_ecdsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+ }
+ else
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ }
+
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_size;
+ (void)signature_length;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+ return psa_sign_internal(
+ key, 0, alg, hash, hash_length,
+ signature, signature_size, signature_length );
+}
+
+psa_status_t psa_verify_hash_builtin(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+ if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
+ {
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
+ PSA_ALG_IS_RSA_PSS( alg) )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+ return( mbedtls_psa_rsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
+ }
+ else
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ }
+ else
+ if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
+ {
+ if( PSA_ALG_IS_ECDSA( alg ) )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+ return( mbedtls_psa_ecdsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+ }
+ else
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ }
+
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_length;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *hash,
@@ -4015,88 +3065,9 @@
const uint8_t *signature,
size_t signature_length )
{
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_key_slot_t *slot;
-
- status = psa_get_and_lock_key_slot_with_policy( key, &slot,
- PSA_KEY_USAGE_VERIFY_HASH,
- alg );
- if( status != PSA_SUCCESS )
- return( status );
-
- /* Try any of the available accelerators first */
- status = psa_driver_wrapper_verify_hash( slot,
- alg,
- hash,
- hash_length,
- signature,
- signature_length );
- if( status != PSA_ERROR_NOT_SUPPORTED ||
- psa_key_lifetime_is_external( slot->attr.lifetime ) )
- goto exit;
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
- if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
- {
- mbedtls_rsa_context *rsa = NULL;
-
- status = psa_load_rsa_representation( slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &rsa );
- if( status != PSA_SUCCESS )
- goto exit;
-
- status = psa_rsa_verify( rsa,
- alg,
- hash, hash_length,
- signature, signature_length );
- mbedtls_rsa_free( rsa );
- mbedtls_free( rsa );
- goto exit;
- }
- else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
- if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
- {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
- if( PSA_ALG_IS_ECDSA( alg ) )
- {
- mbedtls_ecp_keypair *ecp = NULL;
- status = psa_load_ecp_representation( slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &ecp );
- if( status != PSA_SUCCESS )
- goto exit;
- status = psa_ecdsa_verify( ecp,
- hash, hash_length,
- signature, signature_length );
- mbedtls_ecp_keypair_free( ecp );
- mbedtls_free( ecp );
- goto exit;
- }
- else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
- }
- else
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- }
-
-exit:
- unlock_status = psa_unlock_key_slot( slot );
-
- return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+ return psa_verify_internal(
+ key, 0, alg, hash, hash_length,
+ signature, signature_length );
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
@@ -4151,10 +3122,10 @@
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
mbedtls_rsa_context *rsa = NULL;
- status = psa_load_rsa_representation( slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &rsa );
+ status = mbedtls_psa_rsa_load_representation( slot->attr.type,
+ slot->key.data,
+ slot->key.bytes,
+ &rsa );
if( status != PSA_SUCCESS )
goto rsa_exit;
@@ -4168,8 +3139,8 @@
{
status = mbedtls_to_psa_error(
mbedtls_rsa_pkcs1_encrypt( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
MBEDTLS_RSA_PUBLIC,
input_length,
input,
@@ -4183,8 +3154,8 @@
psa_rsa_oaep_set_padding_mode( alg, rsa );
status = mbedtls_to_psa_error(
mbedtls_rsa_rsaes_oaep_encrypt( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
MBEDTLS_RSA_PUBLIC,
salt, salt_length,
input_length,
@@ -4257,10 +3228,10 @@
if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
mbedtls_rsa_context *rsa = NULL;
- status = psa_load_rsa_representation( slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes,
- &rsa );
+ status = mbedtls_psa_rsa_load_representation( slot->attr.type,
+ slot->key.data,
+ slot->key.bytes,
+ &rsa );
if( status != PSA_SUCCESS )
goto exit;
@@ -4275,8 +3246,8 @@
{
status = mbedtls_to_psa_error(
mbedtls_rsa_pkcs1_decrypt( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
MBEDTLS_RSA_PRIVATE,
output_length,
input,
@@ -4291,8 +3262,8 @@
psa_rsa_oaep_set_padding_mode( alg, rsa );
status = mbedtls_to_psa_error(
mbedtls_rsa_rsaes_oaep_decrypt( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
MBEDTLS_RSA_PRIVATE,
salt, salt_length,
output_length,
@@ -4336,149 +3307,59 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- int ret = 0;
- psa_key_slot_t *slot;
- size_t key_bits;
- const mbedtls_cipher_info_t *cipher_info = NULL;
+ psa_key_slot_t *slot = NULL;
psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ?
PSA_KEY_USAGE_ENCRYPT :
PSA_KEY_USAGE_DECRYPT );
/* A context must be freshly initialized before it can be set up. */
- if( operation->alg != 0 )
- return( PSA_ERROR_BAD_STATE );
+ if( operation->id != 0 )
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
- /* The requested algorithm must be one that can be processed by cipher. */
if( ! PSA_ALG_IS_CIPHER( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
- /* Fetch key material from key storage. */
status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg );
if( status != PSA_SUCCESS )
goto exit;
- /* Initialize the operation struct members, except for alg. The alg member
+ /* Initialize the operation struct members, except for id. The id member
* is used to indicate to psa_cipher_abort that there are resources to free,
- * so we only set it after resources have been allocated/initialized. */
- operation->key_set = 0;
+ * so we only set it (in the driver wrapper) after resources have been
+ * allocated/initialized. */
operation->iv_set = 0;
- operation->mbedtls_in_use = 0;
- operation->iv_size = 0;
- operation->block_size = 0;
if( alg == PSA_ALG_ECB_NO_PADDING )
operation->iv_required = 0;
else
operation->iv_required = 1;
+ operation->default_iv_length = PSA_CIPHER_IV_LENGTH( slot->attr.type, alg );
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
/* Try doing the operation through a driver before using software fallback. */
if( cipher_operation == MBEDTLS_ENCRYPT )
- status = psa_driver_wrapper_cipher_encrypt_setup( &operation->ctx.driver,
- slot,
+ status = psa_driver_wrapper_cipher_encrypt_setup( operation,
+ &attributes,
+ slot->key.data,
+ slot->key.bytes,
alg );
else
- status = psa_driver_wrapper_cipher_decrypt_setup( &operation->ctx.driver,
- slot,
+ status = psa_driver_wrapper_cipher_decrypt_setup( operation,
+ &attributes,
+ slot->key.data,
+ slot->key.bytes,
alg );
- if( status == PSA_SUCCESS )
- {
- /* Once the driver context is initialised, it needs to be freed using
- * psa_cipher_abort. Indicate this through setting alg. */
- operation->alg = alg;
- }
-
- if( status != PSA_ERROR_NOT_SUPPORTED ||
- psa_key_lifetime_is_external( slot->attr.lifetime ) )
- goto exit;
-
- /* Proceed with initializing an mbed TLS cipher context if no driver is
- * available for the given algorithm & key. */
- mbedtls_cipher_init( &operation->ctx.cipher );
-
- /* Once the cipher context is initialised, it needs to be freed using
- * psa_cipher_abort. Indicate there is something to be freed through setting
- * alg, and indicate the operation is being done using mbedtls crypto through
- * setting mbedtls_in_use. */
- operation->alg = alg;
- operation->mbedtls_in_use = 1;
-
- key_bits = psa_get_key_slot_bits( slot );
- cipher_info = mbedtls_cipher_info_from_psa( alg, slot->attr.type, key_bits, NULL );
- if( cipher_info == NULL )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
-
- ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
- if( ret != 0 )
- goto exit;
-
-#if defined(MBEDTLS_DES_C)
- if( slot->attr.type == PSA_KEY_TYPE_DES && key_bits == 128 )
- {
- /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
- uint8_t keys[24];
- memcpy( keys, slot->data.key.data, 16 );
- memcpy( keys + 16, slot->data.key.data, 8 );
- ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
- keys,
- 192, cipher_operation );
- }
- else
-#endif
- {
- ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
- slot->data.key.data,
- (int) key_bits, cipher_operation );
- }
- if( ret != 0 )
- goto exit;
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
- switch( alg )
- {
- case PSA_ALG_CBC_NO_PADDING:
- ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
- MBEDTLS_PADDING_NONE );
- break;
- case PSA_ALG_CBC_PKCS7:
- ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
- MBEDTLS_PADDING_PKCS7 );
- break;
- default:
- /* The algorithm doesn't involve padding. */
- ret = 0;
- break;
- }
- if( ret != 0 )
- goto exit;
-#endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
-
- operation->block_size = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
- PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type ) );
- if( ( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG ) != 0 &&
- alg != PSA_ALG_ECB_NO_PADDING )
- {
- operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type );
- }
-#if defined(MBEDTLS_CHACHA20_C)
- else
- if( alg == PSA_ALG_CHACHA20 )
- operation->iv_size = 12;
-#endif
-
- status = PSA_SUCCESS;
-
exit:
- if( ret != 0 )
- status = mbedtls_to_psa_error( ret );
- if( status == PSA_SUCCESS )
- {
- /* Update operation flags for both driver and software implementations */
- operation->key_set = 1;
- }
- else
+ if( status != PSA_SUCCESS )
psa_cipher_abort( operation );
unlock_status = psa_unlock_key_slot( slot );
@@ -4505,43 +3386,45 @@
size_t iv_size,
size_t *iv_length )
{
- psa_status_t status;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( operation->iv_set || ! operation->iv_required )
- {
- return( PSA_ERROR_BAD_STATE );
- }
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- if( operation->mbedtls_in_use == 0 )
+ *iv_length = 0;
+
+ if( operation->id == 0 )
{
- status = psa_driver_wrapper_cipher_generate_iv( &operation->ctx.driver,
- iv,
- iv_size,
- iv_length );
+ status = PSA_ERROR_BAD_STATE;
goto exit;
}
- if( iv_size < operation->iv_size )
+ if( operation->iv_set || ! operation->iv_required )
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
+
+ if( iv_size < operation->default_iv_length )
{
status = PSA_ERROR_BUFFER_TOO_SMALL;
goto exit;
}
- ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
- iv, operation->iv_size );
- if( ret != 0 )
- {
- status = mbedtls_to_psa_error( ret );
- goto exit;
- }
- *iv_length = operation->iv_size;
- status = psa_cipher_set_iv( operation, iv, *iv_length );
+ status = psa_generate_random( iv, operation->default_iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_driver_wrapper_cipher_set_iv( operation,
+ iv,
+ operation->default_iv_length );
exit:
if( status == PSA_SUCCESS )
+ {
operation->iv_set = 1;
+ *iv_length = operation->default_iv_length;
+ }
else
psa_cipher_abort( operation );
+
return( status );
}
@@ -4549,28 +3432,30 @@
const uint8_t *iv,
size_t iv_length )
{
- psa_status_t status;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( operation->iv_set || ! operation->iv_required )
- {
- return( PSA_ERROR_BAD_STATE );
- }
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- if( operation->mbedtls_in_use == 0 )
+ if( operation->id == 0 )
{
- status = psa_driver_wrapper_cipher_set_iv( &operation->ctx.driver,
- iv,
- iv_length );
+ status = PSA_ERROR_BAD_STATE;
goto exit;
}
- if( iv_length != operation->iv_size )
+ if( operation->iv_set || ! operation->iv_required )
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
+
+ if( iv_length > PSA_CIPHER_IV_MAX_SIZE )
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
- ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
- status = mbedtls_to_psa_error( ret );
+
+ status = psa_driver_wrapper_cipher_set_iv( operation,
+ iv,
+ iv_length );
+
exit:
if( status == PSA_SUCCESS )
operation->iv_set = 1;
@@ -4579,94 +3464,6 @@
return( status );
}
-/* Process input for which the algorithm is set to ECB mode. This requires
- * manual processing, since the PSA API is defined as being able to process
- * arbitrary-length calls to psa_cipher_update() with ECB mode, but the
- * underlying mbedtls_cipher_update only takes full blocks. */
-static psa_status_t psa_cipher_update_ecb_internal(
- mbedtls_cipher_context_t *ctx,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
-{
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- size_t block_size = ctx->cipher_info->block_size;
- size_t internal_output_length = 0;
- *output_length = 0;
-
- if( input_length == 0 )
- {
- status = PSA_SUCCESS;
- goto exit;
- }
-
- if( ctx->unprocessed_len > 0 )
- {
- /* Fill up to block size, and run the block if there's a full one. */
- size_t bytes_to_copy = block_size - ctx->unprocessed_len;
-
- if( input_length < bytes_to_copy )
- bytes_to_copy = input_length;
-
- memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
- input, bytes_to_copy );
- input_length -= bytes_to_copy;
- input += bytes_to_copy;
- ctx->unprocessed_len += bytes_to_copy;
-
- if( ctx->unprocessed_len == block_size )
- {
- status = mbedtls_to_psa_error(
- mbedtls_cipher_update( ctx,
- ctx->unprocessed_data,
- block_size,
- output, &internal_output_length ) );
-
- if( status != PSA_SUCCESS )
- goto exit;
-
- output += internal_output_length;
- output_size -= internal_output_length;
- *output_length += internal_output_length;
- ctx->unprocessed_len = 0;
- }
- }
-
- while( input_length >= block_size )
- {
- /* Run all full blocks we have, one by one */
- status = mbedtls_to_psa_error(
- mbedtls_cipher_update( ctx, input,
- block_size,
- output, &internal_output_length ) );
-
- if( status != PSA_SUCCESS )
- goto exit;
-
- input_length -= block_size;
- input += block_size;
-
- output += internal_output_length;
- output_size -= internal_output_length;
- *output_length += internal_output_length;
- }
-
- if( input_length > 0 )
- {
- /* Save unprocessed bytes for later processing */
- memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
- input, input_length );
- ctx->unprocessed_len += input_length;
- }
-
- status = PSA_SUCCESS;
-
-exit:
- return( status );
-}
-
psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
@@ -4675,69 +3472,30 @@
size_t *output_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- size_t expected_output_size;
- if( operation->alg == 0 )
+
+ if( operation->id == 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
+
if( operation->iv_required && ! operation->iv_set )
{
- return( PSA_ERROR_BAD_STATE );
- }
-
- if( operation->mbedtls_in_use == 0 )
- {
- status = psa_driver_wrapper_cipher_update( &operation->ctx.driver,
- input,
- input_length,
- output,
- output_size,
- output_length );
+ status = PSA_ERROR_BAD_STATE;
goto exit;
}
- if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
- {
- /* Take the unprocessed partial block left over from previous
- * update calls, if any, plus the input to this call. Remove
- * the last partial block, if any. You get the data that will be
- * output in this call. */
- expected_output_size =
- ( operation->ctx.cipher.unprocessed_len + input_length )
- / operation->block_size * operation->block_size;
- }
- else
- {
- expected_output_size = input_length;
- }
+ status = psa_driver_wrapper_cipher_update( operation,
+ input,
+ input_length,
+ output,
+ output_size,
+ output_length );
- if( output_size < expected_output_size )
- {
- status = PSA_ERROR_BUFFER_TOO_SMALL;
- goto exit;
- }
-
- if( operation->alg == PSA_ALG_ECB_NO_PADDING )
- {
- /* mbedtls_cipher_update has an API inconsistency: it will only
- * process a single block at a time in ECB mode. Abstract away that
- * inconsistency here to match the PSA API behaviour. */
- status = psa_cipher_update_ecb_internal( &operation->ctx.cipher,
- input,
- input_length,
- output,
- output_size,
- output_length );
- }
- else
- {
- status = mbedtls_to_psa_error(
- mbedtls_cipher_update( &operation->ctx.cipher, input,
- input_length, output, output_length ) );
- }
exit:
if( status != PSA_SUCCESS )
psa_cipher_abort( operation );
+
return( status );
}
@@ -4747,53 +3505,25 @@
size_t *output_length )
{
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
- if( operation->alg == 0 )
+
+ if( operation->id == 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
+
if( operation->iv_required && ! operation->iv_set )
{
- return( PSA_ERROR_BAD_STATE );
- }
-
- if( operation->mbedtls_in_use == 0 )
- {
- status = psa_driver_wrapper_cipher_finish( &operation->ctx.driver,
- output,
- output_size,
- output_length );
+ status = PSA_ERROR_BAD_STATE;
goto exit;
}
- if( operation->ctx.cipher.unprocessed_len != 0 )
- {
- if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
- operation->alg == PSA_ALG_CBC_NO_PADDING )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
- }
-
- status = mbedtls_to_psa_error(
- mbedtls_cipher_finish( &operation->ctx.cipher,
- temp_output_buffer,
- output_length ) );
- if( status != PSA_SUCCESS )
- goto exit;
-
- if( *output_length == 0 )
- ; /* Nothing to copy. Note that output may be NULL in this case. */
- else if( output_size >= *output_length )
- memcpy( output, temp_output_buffer, *output_length );
- else
- status = PSA_ERROR_BUFFER_TOO_SMALL;
+ status = psa_driver_wrapper_cipher_finish( operation,
+ output,
+ output_size,
+ output_length );
exit:
- if( operation->mbedtls_in_use == 1 )
- mbedtls_platform_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
-
if( status == PSA_SUCCESS )
return( psa_cipher_abort( operation ) );
else
@@ -4807,7 +3537,7 @@
psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
{
- if( operation->alg == 0 )
+ if( operation->id == 0 )
{
/* The object has (apparently) been initialized but it is not (yet)
* in use. It's ok to call abort on such an object, and there's
@@ -4815,186 +3545,120 @@
return( PSA_SUCCESS );
}
- /* Sanity check (shouldn't happen: operation->alg should
- * always have been initialized to a valid value). */
- if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
- return( PSA_ERROR_BAD_STATE );
+ psa_driver_wrapper_cipher_abort( operation );
- if( operation->mbedtls_in_use == 0 )
- psa_driver_wrapper_cipher_abort( &operation->ctx.driver );
- else
- mbedtls_cipher_free( &operation->ctx.cipher );
-
- operation->alg = 0;
- operation->key_set = 0;
+ operation->id = 0;
operation->iv_set = 0;
- operation->mbedtls_in_use = 0;
- operation->iv_size = 0;
- operation->block_size = 0;
operation->iv_required = 0;
return( PSA_SUCCESS );
}
+psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
+ psa_key_type_t key_type;
+ size_t iv_length;
+ *output_length = 0;
+
+ if( ! PSA_ALG_IS_CIPHER( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot,
+ PSA_KEY_USAGE_ENCRYPT,
+ alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ key_type = slot->attr.type;
+ iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg );
+
+ if( iv_length > 0 )
+ {
+ if( output_size < iv_length )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ status = psa_generate_random( output, iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_cipher_encrypt(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg, input, input_length,
+ output, output_size, output_length );
+
+exit:
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+}
+
+psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
+
+ *output_length = 0;
+
+ if( ! PSA_ALG_IS_CIPHER( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot,
+ PSA_KEY_USAGE_DECRYPT,
+ alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ if( input_length < PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ) )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_cipher_decrypt(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg, input, input_length,
+ output, output_size, output_length );
+
+exit:
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+}
/****************************************************************/
/* AEAD */
/****************************************************************/
-typedef struct
-{
- psa_key_slot_t *slot;
- const mbedtls_cipher_info_t *cipher_info;
- union
- {
- unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_CCM_C)
- mbedtls_ccm_context ccm;
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_GCM_C)
- mbedtls_gcm_context gcm;
-#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CHACHAPOLY_C)
- mbedtls_chachapoly_context chachapoly;
-#endif /* MBEDTLS_CHACHAPOLY_C */
- } ctx;
- psa_algorithm_t core_alg;
- uint8_t full_tag_length;
- uint8_t tag_length;
-} aead_operation_t;
-
-#define AEAD_OPERATION_INIT {0, 0, {0}, 0, 0, 0}
-
-static void psa_aead_abort_internal( aead_operation_t *operation )
-{
- switch( operation->core_alg )
- {
-#if defined(MBEDTLS_CCM_C)
- case PSA_ALG_CCM:
- mbedtls_ccm_free( &operation->ctx.ccm );
- break;
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_GCM_C)
- case PSA_ALG_GCM:
- mbedtls_gcm_free( &operation->ctx.gcm );
- break;
-#endif /* MBEDTLS_GCM_C */
- }
-
- psa_unlock_key_slot( operation->slot );
-}
-
-static psa_status_t psa_aead_setup( aead_operation_t *operation,
- mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- psa_status_t status;
- size_t key_bits;
- mbedtls_cipher_id_t cipher_id;
-
- status = psa_get_and_lock_transparent_key_slot_with_policy(
- key, &operation->slot, usage, alg );
- if( status != PSA_SUCCESS )
- return( status );
-
- key_bits = psa_get_key_slot_bits( operation->slot );
-
- operation->cipher_info =
- mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits,
- &cipher_id );
- if( operation->cipher_info == NULL )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto cleanup;
- }
-
- switch( PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 ) )
- {
-#if defined(MBEDTLS_CCM_C)
- case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):
- operation->core_alg = PSA_ALG_CCM;
- operation->full_tag_length = 16;
- /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
- * The call to mbedtls_ccm_encrypt_and_tag or
- * mbedtls_ccm_auth_decrypt will validate the tag length. */
- if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto cleanup;
- }
- mbedtls_ccm_init( &operation->ctx.ccm );
- status = mbedtls_to_psa_error(
- mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
- operation->slot->data.key.data,
- (unsigned int) key_bits ) );
- if( status != 0 )
- goto cleanup;
- break;
-#endif /* MBEDTLS_CCM_C */
-
-#if defined(MBEDTLS_GCM_C)
- case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):
- operation->core_alg = PSA_ALG_GCM;
- operation->full_tag_length = 16;
- /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
- * The call to mbedtls_gcm_crypt_and_tag or
- * mbedtls_gcm_auth_decrypt will validate the tag length. */
- if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto cleanup;
- }
- mbedtls_gcm_init( &operation->ctx.gcm );
- status = mbedtls_to_psa_error(
- mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
- operation->slot->data.key.data,
- (unsigned int) key_bits ) );
- if( status != 0 )
- goto cleanup;
- break;
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
- case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CHACHA20_POLY1305, 0 ):
- operation->core_alg = PSA_ALG_CHACHA20_POLY1305;
- operation->full_tag_length = 16;
- /* We only support the default tag length. */
- if( alg != PSA_ALG_CHACHA20_POLY1305 )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto cleanup;
- }
- mbedtls_chachapoly_init( &operation->ctx.chachapoly );
- status = mbedtls_to_psa_error(
- mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
- operation->slot->data.key.data ) );
- if( status != 0 )
- goto cleanup;
- break;
-#endif /* MBEDTLS_CHACHAPOLY_C */
-
- default:
- status = PSA_ERROR_NOT_SUPPORTED;
- goto cleanup;
- }
-
- if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto cleanup;
- }
- operation->tag_length = PSA_AEAD_TAG_LENGTH( alg );
-
- return( PSA_SUCCESS );
-
-cleanup:
- psa_aead_abort_internal( operation );
- return( status );
-}
-
psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *nonce,
@@ -5007,106 +3671,37 @@
size_t ciphertext_size,
size_t *ciphertext_length )
{
- psa_status_t status;
- aead_operation_t operation = AEAD_OPERATION_INIT;
- uint8_t *tag;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
*ciphertext_length = 0;
- status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg );
+ if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ status = psa_get_and_lock_key_slot_with_policy(
+ key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
if( status != PSA_SUCCESS )
return( status );
- /* For all currently supported modes, the tag is at the end of the
- * ciphertext. */
- if( ciphertext_size < ( plaintext_length + operation.tag_length ) )
- {
- status = PSA_ERROR_BUFFER_TOO_SMALL;
- goto exit;
- }
- tag = ciphertext + plaintext_length;
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
-#if defined(MBEDTLS_GCM_C)
- if( operation.core_alg == PSA_ALG_GCM )
- {
- status = mbedtls_to_psa_error(
- mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm,
- MBEDTLS_GCM_ENCRYPT,
- plaintext_length,
- nonce, nonce_length,
- additional_data, additional_data_length,
- plaintext, ciphertext,
- operation.tag_length, tag ) );
- }
- else
-#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CCM_C)
- if( operation.core_alg == PSA_ALG_CCM )
- {
- status = mbedtls_to_psa_error(
- mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
- plaintext_length,
- nonce, nonce_length,
- additional_data,
- additional_data_length,
- plaintext, ciphertext,
- tag, operation.tag_length ) );
- }
- else
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CHACHAPOLY_C)
- if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
- {
- if( nonce_length != 12 || operation.tag_length != 16 )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
- status = mbedtls_to_psa_error(
- mbedtls_chachapoly_encrypt_and_tag( &operation.ctx.chachapoly,
- plaintext_length,
- nonce,
- additional_data,
- additional_data_length,
- plaintext,
- ciphertext,
- tag ) );
- }
- else
-#endif /* MBEDTLS_CHACHAPOLY_C */
- {
- return( PSA_ERROR_NOT_SUPPORTED );
- }
+ status = psa_driver_wrapper_aead_encrypt(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, plaintext_length,
+ ciphertext, ciphertext_size, ciphertext_length );
if( status != PSA_SUCCESS && ciphertext_size != 0 )
memset( ciphertext, 0, ciphertext_size );
-exit:
- psa_aead_abort_internal( &operation );
- if( status == PSA_SUCCESS )
- *ciphertext_length = plaintext_length + operation.tag_length;
- return( status );
-}
+ psa_unlock_key_slot( slot );
-/* Locate the tag in a ciphertext buffer containing the encrypted data
- * followed by the tag. Return the length of the part preceding the tag in
- * *plaintext_length. This is the size of the plaintext in modes where
- * the encrypted data has the same size as the plaintext, such as
- * CCM and GCM. */
-static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
- const uint8_t *ciphertext,
- size_t ciphertext_length,
- size_t plaintext_size,
- const uint8_t **p_tag )
-{
- size_t payload_length;
- if( tag_length > ciphertext_length )
- return( PSA_ERROR_INVALID_ARGUMENT );
- payload_length = ciphertext_length - tag_length;
- if( payload_length > plaintext_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- *p_tag = ciphertext + payload_length;
- return( PSA_SUCCESS );
+ return( status );
}
psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
@@ -5121,86 +3716,39 @@
size_t plaintext_size,
size_t *plaintext_length )
{
- psa_status_t status;
- aead_operation_t operation = AEAD_OPERATION_INIT;
- const uint8_t *tag = NULL;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
*plaintext_length = 0;
- status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg );
+ if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ status = psa_get_and_lock_key_slot_with_policy(
+ key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
if( status != PSA_SUCCESS )
return( status );
- status = psa_aead_unpadded_locate_tag( operation.tag_length,
- ciphertext, ciphertext_length,
- plaintext_size, &tag );
- if( status != PSA_SUCCESS )
- goto exit;
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
-#if defined(MBEDTLS_GCM_C)
- if( operation.core_alg == PSA_ALG_GCM )
- {
- status = mbedtls_to_psa_error(
- mbedtls_gcm_auth_decrypt( &operation.ctx.gcm,
- ciphertext_length - operation.tag_length,
- nonce, nonce_length,
- additional_data,
- additional_data_length,
- tag, operation.tag_length,
- ciphertext, plaintext ) );
- }
- else
-#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CCM_C)
- if( operation.core_alg == PSA_ALG_CCM )
- {
- status = mbedtls_to_psa_error(
- mbedtls_ccm_auth_decrypt( &operation.ctx.ccm,
- ciphertext_length - operation.tag_length,
- nonce, nonce_length,
- additional_data,
- additional_data_length,
- ciphertext, plaintext,
- tag, operation.tag_length ) );
- }
- else
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CHACHAPOLY_C)
- if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
- {
- if( nonce_length != 12 || operation.tag_length != 16 )
- {
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
- status = mbedtls_to_psa_error(
- mbedtls_chachapoly_auth_decrypt( &operation.ctx.chachapoly,
- ciphertext_length - operation.tag_length,
- nonce,
- additional_data,
- additional_data_length,
- tag,
- ciphertext,
- plaintext ) );
- }
- else
-#endif /* MBEDTLS_CHACHAPOLY_C */
- {
- return( PSA_ERROR_NOT_SUPPORTED );
- }
+ status = psa_driver_wrapper_aead_decrypt(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ ciphertext, ciphertext_length,
+ plaintext, plaintext_size, plaintext_length );
if( status != PSA_SUCCESS && plaintext_size != 0 )
memset( plaintext, 0, plaintext_size );
-exit:
- psa_aead_abort_internal( &operation );
- if( status == PSA_SUCCESS )
- *plaintext_length = ciphertext_length - operation.tag_length;
+ psa_unlock_key_slot( slot );
+
return( status );
}
-
-
/****************************************************************/
/* Generators */
/****************************************************************/
@@ -5209,7 +3757,35 @@
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
#define AT_LEAST_ONE_BUILTIN_KDF
-#endif
+#endif /* At least one builtin KDF */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+static psa_status_t psa_key_derivation_start_hmac(
+ psa_mac_operation_t *operation,
+ psa_algorithm_t hash_alg,
+ const uint8_t *hmac_key,
+ size_t hmac_key_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC );
+ psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( hmac_key_length ) );
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
+
+ operation->is_sign = 1;
+ operation->mac_size = PSA_HASH_LENGTH( hash_alg );
+
+ status = psa_driver_wrapper_mac_sign_setup( operation,
+ &attributes,
+ hmac_key, hmac_key_length,
+ PSA_ALG_HMAC( hash_alg ) );
+
+ psa_reset_key_attributes( &attributes );
+ return( status );
+}
+#endif /* KDF algorithms reliant on HMAC */
#define HKDF_STATE_INIT 0 /* no input yet */
#define HKDF_STATE_STARTED 1 /* got salt */
@@ -5240,7 +3816,7 @@
if( PSA_ALG_IS_HKDF( kdf_alg ) )
{
mbedtls_free( operation->ctx.hkdf.info );
- status = psa_hmac_abort_internal( &operation->ctx.hkdf.hmac );
+ status = psa_mac_abort( &operation->ctx.hkdf.hmac );
}
else
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF */
@@ -5250,6 +3826,13 @@
/* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */
PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
{
+ if( operation->ctx.tls12_prf.secret != NULL )
+ {
+ mbedtls_platform_zeroize( operation->ctx.tls12_prf.secret,
+ operation->ctx.tls12_prf.secret_length );
+ mbedtls_free( operation->ctx.tls12_prf.secret );
+ }
+
if( operation->ctx.tls12_prf.seed != NULL )
{
mbedtls_platform_zeroize( operation->ctx.tls12_prf.seed,
@@ -5264,7 +3847,7 @@
mbedtls_free( operation->ctx.tls12_prf.label );
}
- status = psa_hmac_abort_internal( &operation->ctx.tls12_prf.hmac );
+ status = PSA_SUCCESS;
/* We leave the fields Ai and output_block to be erased safely by the
* mbedtls_platform_zeroize() in the end of this function. */
@@ -5307,11 +3890,12 @@
/* Read some bytes from an HKDF-based operation. This performs a chunk
* of the expand phase of the HKDF algorithm. */
static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf,
- psa_algorithm_t hash_alg,
- uint8_t *output,
- size_t output_length )
+ psa_algorithm_t hash_alg,
+ uint8_t *output,
+ size_t output_length )
{
- uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ uint8_t hash_length = PSA_HASH_LENGTH( hash_alg );
+ size_t hmac_output_length;
psa_status_t status;
if( hkdf->state < HKDF_STATE_KEYED || ! hkdf->info_set )
@@ -5341,31 +3925,35 @@
/* We need a new block */
++hkdf->block_number;
hkdf->offset_in_block = 0;
- status = psa_hmac_setup_internal( &hkdf->hmac,
- hkdf->prk, hash_length,
- hash_alg );
+
+ status = psa_key_derivation_start_hmac( &hkdf->hmac,
+ hash_alg,
+ hkdf->prk,
+ hash_length );
if( status != PSA_SUCCESS )
return( status );
+
if( hkdf->block_number != 1 )
{
- status = psa_hash_update( &hkdf->hmac.hash_ctx,
- hkdf->output_block,
- hash_length );
+ status = psa_mac_update( &hkdf->hmac,
+ hkdf->output_block,
+ hash_length );
if( status != PSA_SUCCESS )
return( status );
}
- status = psa_hash_update( &hkdf->hmac.hash_ctx,
- hkdf->info,
- hkdf->info_length );
+ status = psa_mac_update( &hkdf->hmac,
+ hkdf->info,
+ hkdf->info_length );
if( status != PSA_SUCCESS )
return( status );
- status = psa_hash_update( &hkdf->hmac.hash_ctx,
- &hkdf->block_number, 1 );
+ status = psa_mac_update( &hkdf->hmac,
+ &hkdf->block_number, 1 );
if( status != PSA_SUCCESS )
return( status );
- status = psa_hmac_finish_internal( &hkdf->hmac,
- hkdf->output_block,
- sizeof( hkdf->output_block ) );
+ status = psa_mac_sign_finish( &hkdf->hmac,
+ hkdf->output_block,
+ sizeof( hkdf->output_block ),
+ &hmac_output_length );
if( status != PSA_SUCCESS )
return( status );
}
@@ -5381,8 +3969,9 @@
psa_algorithm_t alg )
{
psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
- uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
- psa_hash_operation_t backup = PSA_HASH_OPERATION_INIT;
+ uint8_t hash_length = PSA_HASH_LENGTH( hash_alg );
+ psa_mac_operation_t hmac = PSA_MAC_OPERATION_INIT;
+ size_t hmac_output_length;
psa_status_t status, cleanup_status;
/* We can't be wanting more output after block 0xff, otherwise
@@ -5414,10 +4003,10 @@
* `block_number`.
*/
- /* Save the hash context before using it, to preserve the hash state with
- * only the inner padding in it. We need this, because inner padding depends
- * on the key (secret in the RFC's terminology). */
- status = psa_hash_clone( &tls12_prf->hmac.hash_ctx, &backup );
+ status = psa_key_derivation_start_hmac( &hmac,
+ hash_alg,
+ tls12_prf->secret,
+ tls12_prf->secret_length );
if( status != PSA_SUCCESS )
goto cleanup;
@@ -5427,57 +4016,58 @@
/* A(1) = HMAC_hash(secret, A(0)), where A(0) = seed. (The RFC overloads
* the variable seed and in this instance means it in the context of the
* P_hash function, where seed = label + seed.) */
- status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
- tls12_prf->label, tls12_prf->label_length );
+ status = psa_mac_update( &hmac,
+ tls12_prf->label,
+ tls12_prf->label_length );
if( status != PSA_SUCCESS )
goto cleanup;
- status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
- tls12_prf->seed, tls12_prf->seed_length );
+ status = psa_mac_update( &hmac,
+ tls12_prf->seed,
+ tls12_prf->seed_length );
if( status != PSA_SUCCESS )
goto cleanup;
}
else
{
/* A(i) = HMAC_hash(secret, A(i-1)) */
- status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
- tls12_prf->Ai, hash_length );
+ status = psa_mac_update( &hmac, tls12_prf->Ai, hash_length );
if( status != PSA_SUCCESS )
goto cleanup;
}
- status = psa_hmac_finish_internal( &tls12_prf->hmac,
- tls12_prf->Ai, hash_length );
- if( status != PSA_SUCCESS )
- goto cleanup;
- status = psa_hash_clone( &backup, &tls12_prf->hmac.hash_ctx );
+ status = psa_mac_sign_finish( &hmac,
+ tls12_prf->Ai, hash_length,
+ &hmac_output_length );
+ if( hmac_output_length != hash_length )
+ status = PSA_ERROR_CORRUPTION_DETECTED;
if( status != PSA_SUCCESS )
goto cleanup;
/* Calculate HMAC_hash(secret, A(i) + label + seed). */
- status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
- tls12_prf->Ai, hash_length );
+ status = psa_key_derivation_start_hmac( &hmac,
+ hash_alg,
+ tls12_prf->secret,
+ tls12_prf->secret_length );
if( status != PSA_SUCCESS )
goto cleanup;
- status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
- tls12_prf->label, tls12_prf->label_length );
+ status = psa_mac_update( &hmac, tls12_prf->Ai, hash_length );
if( status != PSA_SUCCESS )
goto cleanup;
- status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
- tls12_prf->seed, tls12_prf->seed_length );
+ status = psa_mac_update( &hmac, tls12_prf->label, tls12_prf->label_length );
if( status != PSA_SUCCESS )
goto cleanup;
- status = psa_hmac_finish_internal( &tls12_prf->hmac,
- tls12_prf->output_block, hash_length );
+ status = psa_mac_update( &hmac, tls12_prf->seed, tls12_prf->seed_length );
if( status != PSA_SUCCESS )
goto cleanup;
- status = psa_hash_clone( &backup, &tls12_prf->hmac.hash_ctx );
+ status = psa_mac_sign_finish( &hmac,
+ tls12_prf->output_block, hash_length,
+ &hmac_output_length );
if( status != PSA_SUCCESS )
goto cleanup;
cleanup:
-
- cleanup_status = psa_hash_abort( &backup );
+ cleanup_status = psa_mac_abort( &hmac );
if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS )
status = cleanup_status;
@@ -5491,10 +4081,21 @@
size_t output_length )
{
psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg );
- uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ uint8_t hash_length = PSA_HASH_LENGTH( hash_alg );
psa_status_t status;
uint8_t offset, length;
+ switch( tls12_prf->state )
+ {
+ case PSA_TLS12_PRF_STATE_LABEL_SET:
+ tls12_prf->state = PSA_TLS12_PRF_STATE_OUTPUT;
+ break;
+ case PSA_TLS12_PRF_STATE_OUTPUT:
+ break;
+ default:
+ return( PSA_ERROR_BAD_STATE );
+ }
+
while( output_length != 0 )
{
/* Check if we have fully processed the current block. */
@@ -5574,13 +4175,14 @@
PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
{
status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf,
- kdf_alg, output,
- output_length );
+ kdf_alg, output,
+ output_length );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF ||
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
{
+ (void) kdf_alg;
return( PSA_ERROR_BAD_STATE );
}
@@ -5599,7 +4201,7 @@
return( status );
}
-#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
static void psa_des_set_key_parity( uint8_t *data, size_t data_size )
{
if( data_size >= 8 )
@@ -5609,7 +4211,7 @@
if( data_size >= 24 )
mbedtls_des_key_set_parity( data + 16 );
}
-#endif /* MBEDTLS_DES_C */
+#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */
static psa_status_t psa_generate_derived_key_internal(
psa_key_slot_t *slot,
@@ -5631,11 +4233,27 @@
status = psa_key_derivation_output_bytes( operation, data, bytes );
if( status != PSA_SUCCESS )
goto exit;
-#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
if( slot->attr.type == PSA_KEY_TYPE_DES )
psa_des_set_key_parity( data, bytes );
-#endif /* MBEDTLS_DES_C */
- status = psa_import_key_into_slot( slot, data, bytes );
+#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */
+
+ status = psa_allocate_buffer_to_slot( slot, bytes );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ slot->attr.bits = (psa_key_bits_t) bits;
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ status = psa_driver_wrapper_import_key( &attributes,
+ data, bytes,
+ slot->key.data,
+ slot->key.bytes,
+ &slot->key.bytes, &bits );
+ if( bits != slot->attr.bits )
+ status = PSA_ERROR_INVALID_ARGUMENT;
exit:
mbedtls_free( data );
@@ -5689,7 +4307,7 @@
/* Key derivation */
/****************************************************************/
-#ifdef AT_LEAST_ONE_BUILTIN_KDF
+#if defined(AT_LEAST_ONE_BUILTIN_KDF)
static psa_status_t psa_key_derivation_setup_kdf(
psa_key_derivation_operation_t *operation,
psa_algorithm_t kdf_alg )
@@ -5721,7 +4339,7 @@
if( is_kdf_alg_supported )
{
psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
- size_t hash_size = PSA_HASH_SIZE( hash_alg );
+ size_t hash_size = PSA_HASH_LENGTH( hash_alg );
if( hash_size == 0 )
return( PSA_ERROR_NOT_SUPPORTED );
if( ( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
@@ -5748,17 +4366,23 @@
if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) )
return( PSA_ERROR_INVALID_ARGUMENT );
-#ifdef AT_LEAST_ONE_BUILTIN_KDF
else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
{
+#if defined(AT_LEAST_ONE_BUILTIN_KDF)
psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg );
status = psa_key_derivation_setup_kdf( operation, kdf_alg );
+#else
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* AT_LEAST_ONE_BUILTIN_KDF */
}
else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
{
+#if defined(AT_LEAST_ONE_BUILTIN_KDF)
status = psa_key_derivation_setup_kdf( operation, alg );
+#else
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* AT_LEAST_ONE_BUILTIN_KDF */
}
-#endif
else
return( PSA_ERROR_INVALID_ARGUMENT );
@@ -5780,36 +4404,40 @@
case PSA_KEY_DERIVATION_INPUT_SALT:
if( hkdf->state != HKDF_STATE_INIT )
return( PSA_ERROR_BAD_STATE );
- status = psa_hmac_setup_internal( &hkdf->hmac,
- data, data_length,
- hash_alg );
- if( status != PSA_SUCCESS )
- return( status );
- hkdf->state = HKDF_STATE_STARTED;
- return( PSA_SUCCESS );
+ else
+ {
+ status = psa_key_derivation_start_hmac( &hkdf->hmac,
+ hash_alg,
+ data, data_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+ hkdf->state = HKDF_STATE_STARTED;
+ return( PSA_SUCCESS );
+ }
case PSA_KEY_DERIVATION_INPUT_SECRET:
/* If no salt was provided, use an empty salt. */
if( hkdf->state == HKDF_STATE_INIT )
{
- status = psa_hmac_setup_internal( &hkdf->hmac,
- NULL, 0,
- hash_alg );
+ status = psa_key_derivation_start_hmac( &hkdf->hmac,
+ hash_alg,
+ NULL, 0 );
if( status != PSA_SUCCESS )
return( status );
hkdf->state = HKDF_STATE_STARTED;
}
if( hkdf->state != HKDF_STATE_STARTED )
return( PSA_ERROR_BAD_STATE );
- status = psa_hash_update( &hkdf->hmac.hash_ctx,
- data, data_length );
+ status = psa_mac_update( &hkdf->hmac,
+ data, data_length );
if( status != PSA_SUCCESS )
return( status );
- status = psa_hmac_finish_internal( &hkdf->hmac,
- hkdf->prk,
- sizeof( hkdf->prk ) );
+ status = psa_mac_sign_finish( &hkdf->hmac,
+ hkdf->prk,
+ sizeof( hkdf->prk ),
+ &data_length );
if( status != PSA_SUCCESS )
return( status );
- hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg );
+ hkdf->offset_in_block = PSA_HASH_LENGTH( hash_alg );
hkdf->block_number = 0;
hkdf->state = HKDF_STATE_KEYED;
return( PSA_SUCCESS );
@@ -5840,7 +4468,7 @@
const uint8_t *data,
size_t data_length )
{
- if( prf->state != TLS12_PRF_STATE_INIT )
+ if( prf->state != PSA_TLS12_PRF_STATE_INIT )
return( PSA_ERROR_BAD_STATE );
if( data_length != 0 )
@@ -5853,25 +4481,29 @@
prf->seed_length = data_length;
}
- prf->state = TLS12_PRF_STATE_SEED_SET;
+ prf->state = PSA_TLS12_PRF_STATE_SEED_SET;
return( PSA_SUCCESS );
}
static psa_status_t psa_tls12_prf_set_key( psa_tls12_prf_key_derivation_t *prf,
- psa_algorithm_t hash_alg,
const uint8_t *data,
size_t data_length )
{
- psa_status_t status;
- if( prf->state != TLS12_PRF_STATE_SEED_SET )
+ if( prf->state != PSA_TLS12_PRF_STATE_SEED_SET )
return( PSA_ERROR_BAD_STATE );
- status = psa_hmac_setup_internal( &prf->hmac, data, data_length, hash_alg );
- if( status != PSA_SUCCESS )
- return( status );
+ if( data_length != 0 )
+ {
+ prf->secret = mbedtls_calloc( 1, data_length );
+ if( prf->secret == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
- prf->state = TLS12_PRF_STATE_KEY_SET;
+ memcpy( prf->secret, data, data_length );
+ prf->secret_length = data_length;
+ }
+
+ prf->state = PSA_TLS12_PRF_STATE_KEY_SET;
return( PSA_SUCCESS );
}
@@ -5880,7 +4512,7 @@
const uint8_t *data,
size_t data_length )
{
- if( prf->state != TLS12_PRF_STATE_KEY_SET )
+ if( prf->state != PSA_TLS12_PRF_STATE_KEY_SET )
return( PSA_ERROR_BAD_STATE );
if( data_length != 0 )
@@ -5893,13 +4525,12 @@
prf->label_length = data_length;
}
- prf->state = TLS12_PRF_STATE_LABEL_SET;
+ prf->state = PSA_TLS12_PRF_STATE_LABEL_SET;
return( PSA_SUCCESS );
}
static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf,
- psa_algorithm_t hash_alg,
psa_key_derivation_step_t step,
const uint8_t *data,
size_t data_length )
@@ -5909,7 +4540,7 @@
case PSA_KEY_DERIVATION_INPUT_SEED:
return( psa_tls12_prf_set_seed( prf, data, data_length ) );
case PSA_KEY_DERIVATION_INPUT_SECRET:
- return( psa_tls12_prf_set_key( prf, hash_alg, data, data_length ) );
+ return( psa_tls12_prf_set_key( prf, data, data_length ) );
case PSA_KEY_DERIVATION_INPUT_LABEL:
return( psa_tls12_prf_set_label( prf, data, data_length ) );
default:
@@ -5922,15 +4553,14 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
psa_tls12_prf_key_derivation_t *prf,
- psa_algorithm_t hash_alg,
const uint8_t *data,
size_t data_length )
{
psa_status_t status;
- uint8_t pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ];
+ uint8_t pms[ 4 + 2 * PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ];
uint8_t *cur = pms;
- if( data_length > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN )
+ if( data_length > PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE )
return( PSA_ERROR_INVALID_ARGUMENT );
/* Quoting RFC 4279, Section 2:
@@ -5940,8 +4570,8 @@
* uint16 with the value N, and the PSK itself.
*/
- *cur++ = ( data_length >> 8 ) & 0xff;
- *cur++ = ( data_length >> 0 ) & 0xff;
+ *cur++ = MBEDTLS_BYTE_1( data_length );
+ *cur++ = MBEDTLS_BYTE_0( data_length );
memset( cur, 0, data_length );
cur += data_length;
*cur++ = pms[0];
@@ -5949,7 +4579,7 @@
memcpy( cur, data, data_length );
cur += data_length;
- status = psa_tls12_prf_set_key( prf, hash_alg, pms, cur - pms );
+ status = psa_tls12_prf_set_key( prf, pms, cur - pms );
mbedtls_platform_zeroize( pms, sizeof( pms ) );
return( status );
@@ -5957,18 +4587,17 @@
static psa_status_t psa_tls12_prf_psk_to_ms_input(
psa_tls12_prf_key_derivation_t *prf,
- psa_algorithm_t hash_alg,
psa_key_derivation_step_t step,
const uint8_t *data,
size_t data_length )
{
if( step == PSA_KEY_DERIVATION_INPUT_SECRET )
{
- return( psa_tls12_prf_psk_to_ms_set_key( prf, hash_alg,
+ return( psa_tls12_prf_psk_to_ms_set_key( prf,
data, data_length ) );
}
- return( psa_tls12_prf_input( prf, hash_alg, step, data, data_length ) );
+ return( psa_tls12_prf_input( prf, step, data, data_length ) );
}
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
@@ -6033,7 +4662,6 @@
if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) )
{
status = psa_tls12_prf_input( &operation->ctx.tls12_prf,
- PSA_ALG_HKDF_GET_HASH( kdf_alg ),
step, data, data_length );
}
else
@@ -6042,13 +4670,15 @@
if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
{
status = psa_tls12_prf_psk_to_ms_input( &operation->ctx.tls12_prf,
- PSA_ALG_HKDF_GET_HASH( kdf_alg ),
step, data, data_length );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
{
/* This can't happen unless the operation object was not initialized */
+ (void) data;
+ (void) data_length;
+ (void) kdf_alg;
return( PSA_ERROR_BAD_STATE );
}
@@ -6093,8 +4723,8 @@
status = psa_key_derivation_input_internal( operation,
step, slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes );
+ slot->key.data,
+ slot->key.bytes );
unlock_status = psa_unlock_key_slot( slot );
@@ -6122,10 +4752,12 @@
psa_ecc_family_t curve = mbedtls_ecc_group_to_psa( our_key->grp.id, &bits );
mbedtls_ecdh_init( &ecdh );
- status = psa_load_ecp_representation( PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve),
- peer_key,
- peer_key_length,
- &their_key );
+ status = mbedtls_psa_ecp_load_representation(
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve),
+ bits,
+ peer_key,
+ peer_key_length,
+ &their_key );
if( status != PSA_SUCCESS )
goto exit;
@@ -6142,8 +4774,8 @@
mbedtls_ecdh_calc_secret( &ecdh,
shared_secret_length,
shared_secret, shared_secret_size,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg ) );
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE ) );
if( status != PSA_SUCCESS )
goto exit;
if( PSA_BITS_TO_BYTES( bits ) != *shared_secret_length )
@@ -6177,11 +4809,12 @@
if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( private_key->attr.type ) )
return( PSA_ERROR_INVALID_ARGUMENT );
mbedtls_ecp_keypair *ecp = NULL;
- psa_status_t status = psa_load_ecp_representation(
- private_key->attr.type,
- private_key->data.key.data,
- private_key->data.key.bytes,
- &ecp );
+ psa_status_t status = mbedtls_psa_ecp_load_representation(
+ private_key->attr.type,
+ private_key->attr.bits,
+ private_key->key.data,
+ private_key->key.bytes,
+ &ecp );
if( status != PSA_SUCCESS )
return( status );
status = psa_key_agreement_ecdh( peer_key, peer_key_length,
@@ -6321,31 +4954,139 @@
}
+
/****************************************************************/
/* Random generation */
/****************************************************************/
+/** Initialize the PSA random generator.
+ */
+static void mbedtls_psa_random_init( mbedtls_psa_random_context_t *rng )
+{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ memset( rng, 0, sizeof( *rng ) );
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+ /* Set default configuration if
+ * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */
+ if( rng->entropy_init == NULL )
+ rng->entropy_init = mbedtls_entropy_init;
+ if( rng->entropy_free == NULL )
+ rng->entropy_free = mbedtls_entropy_free;
+
+ rng->entropy_init( &rng->entropy );
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
+ defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+ /* The PSA entropy injection feature depends on using NV seed as an entropy
+ * source. Add NV seed as an entropy source for PSA entropy injection. */
+ mbedtls_entropy_add_source( &rng->entropy,
+ mbedtls_nv_seed_poll, NULL,
+ MBEDTLS_ENTROPY_BLOCK_SIZE,
+ MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+
+ mbedtls_psa_drbg_init( MBEDTLS_PSA_RANDOM_STATE );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+}
+
+/** Deinitialize the PSA random generator.
+ */
+static void mbedtls_psa_random_free( mbedtls_psa_random_context_t *rng )
+{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ memset( rng, 0, sizeof( *rng ) );
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+ mbedtls_psa_drbg_free( MBEDTLS_PSA_RANDOM_STATE );
+ rng->entropy_free( &rng->entropy );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+}
+
+/** Seed the PSA random generator.
+ */
+static psa_status_t mbedtls_psa_random_seed( mbedtls_psa_random_context_t *rng )
+{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ /* Do nothing: the external RNG seeds itself. */
+ (void) rng;
+ return( PSA_SUCCESS );
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+ const unsigned char drbg_seed[] = "PSA";
+ int ret = mbedtls_psa_drbg_seed( &rng->entropy,
+ drbg_seed, sizeof( drbg_seed ) - 1 );
+ return mbedtls_to_psa_error( ret );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+}
+
psa_status_t psa_generate_random( uint8_t *output,
size_t output_size )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
GUARD_MODULE_INITIALIZED;
- while( output_size > MBEDTLS_CTR_DRBG_MAX_REQUEST )
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+
+ size_t output_length = 0;
+ psa_status_t status = mbedtls_psa_external_get_random( &global_data.rng,
+ output, output_size,
+ &output_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+ /* Breaking up a request into smaller chunks is currently not supported
+ * for the extrernal RNG interface. */
+ if( output_length != output_size )
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+ return( PSA_SUCCESS );
+
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+ while( output_size > 0 )
{
- ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
- output,
- MBEDTLS_CTR_DRBG_MAX_REQUEST );
+ size_t request_size =
+ ( output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ?
+ MBEDTLS_PSA_RANDOM_MAX_REQUEST :
+ output_size );
+ int ret = mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
+ output, request_size );
if( ret != 0 )
return( mbedtls_to_psa_error( ret ) );
- output += MBEDTLS_CTR_DRBG_MAX_REQUEST;
- output_size -= MBEDTLS_CTR_DRBG_MAX_REQUEST;
+ output_size -= request_size;
+ output += request_size;
}
-
- ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, output, output_size );
- return( mbedtls_to_psa_error( ret ) );
+ return( PSA_SUCCESS );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
}
+/* Wrapper function allowing the classic API to use the PSA RNG.
+ *
+ * `mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, ...)` calls
+ * `psa_generate_random(...)`. The state parameter is ignored since the
+ * PSA API doesn't support passing an explicit state.
+ *
+ * In the non-external case, psa_generate_random() calls an
+ * `mbedtls_xxx_drbg_random` function which has exactly the same signature
+ * and semantics as mbedtls_psa_get_random(). As an optimization,
+ * instead of doing this back-and-forth between the PSA API and the
+ * classic API, psa_crypto_random_impl.h defines `mbedtls_psa_get_random`
+ * as a constant function pointer to `mbedtls_xxx_drbg_random`.
+ */
+#if defined (MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+int mbedtls_psa_get_random( void *p_rng,
+ unsigned char *output,
+ size_t output_size )
+{
+ /* This function takes a pointer to the RNG state because that's what
+ * classic mbedtls functions using an RNG expect. The PSA RNG manages
+ * its own state internally and doesn't let the caller access that state.
+ * So we just ignore the state parameter, and in practice we'll pass
+ * NULL. */
+ (void) p_rng;
+ psa_status_t status = psa_generate_random( output, output_size );
+ if( status == PSA_SUCCESS )
+ return( 0 );
+ else
+ return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
#include "mbedtls/entropy_poll.h"
@@ -6364,167 +5105,109 @@
}
#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
-static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
- size_t domain_parameters_size,
- int *exponent )
+/** Validate the key type and size for key generation
+ *
+ * \param type The key type
+ * \param bits The number of bits of the key
+ *
+ * \retval #PSA_SUCCESS
+ * The key type and size are valid.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The size in bits of the key is not valid.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * The type and/or the size in bits of the key or the combination of
+ * the two is not supported.
+ */
+static psa_status_t psa_validate_key_type_and_size_for_key_generation(
+ psa_key_type_t type, size_t bits )
{
- size_t i;
- uint32_t acc = 0;
-
- if( domain_parameters_size == 0 )
- {
- *exponent = 65537;
- return( PSA_SUCCESS );
- }
-
- /* Mbed TLS encodes the public exponent as an int. For simplicity, only
- * support values that fit in a 32-bit integer, which is larger than
- * int on just about every platform anyway. */
- if( domain_parameters_size > sizeof( acc ) )
- return( PSA_ERROR_NOT_SUPPORTED );
- for( i = 0; i < domain_parameters_size; i++ )
- acc = ( acc << 8 ) | domain_parameters[i];
- if( acc > INT_MAX )
- return( PSA_ERROR_NOT_SUPPORTED );
- *exponent = acc;
- return( PSA_SUCCESS );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
-
-static psa_status_t psa_generate_key_internal(
- psa_key_slot_t *slot, size_t bits,
- const uint8_t *domain_parameters, size_t domain_parameters_size )
-{
- psa_key_type_t type = slot->attr.type;
-
- if( domain_parameters == NULL && domain_parameters_size != 0 )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
if( key_type_is_raw_bytes( type ) )
{
- psa_status_t status;
-
- status = validate_unstructured_key_bit_size( slot->attr.type, bits );
+ status = validate_unstructured_key_bit_size( type, bits );
if( status != PSA_SUCCESS )
return( status );
-
- /* Allocate memory for the key */
- status = psa_allocate_buffer_to_slot( slot, PSA_BITS_TO_BYTES( bits ) );
- if( status != PSA_SUCCESS )
- return( status );
-
- status = psa_generate_random( slot->data.key.data,
- slot->data.key.bytes );
- if( status != PSA_SUCCESS )
- return( status );
-
- slot->attr.bits = (psa_key_bits_t) bits;
-#if defined(MBEDTLS_DES_C)
- if( type == PSA_KEY_TYPE_DES )
- psa_des_set_key_parity( slot->data.key.data,
- slot->data.key.bytes );
-#endif /* MBEDTLS_DES_C */
}
else
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
- if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
+ if( PSA_KEY_TYPE_IS_RSA( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
{
- mbedtls_rsa_context rsa;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- int exponent;
- psa_status_t status;
if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
return( PSA_ERROR_NOT_SUPPORTED );
+
/* Accept only byte-aligned keys, for the same reasons as
* in psa_import_rsa_key(). */
if( bits % 8 != 0 )
return( PSA_ERROR_NOT_SUPPORTED );
- status = psa_read_rsa_exponent( domain_parameters,
- domain_parameters_size,
- &exponent );
- if( status != PSA_SUCCESS )
- return( status );
- mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
- ret = mbedtls_rsa_gen_key( &rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- (unsigned int) bits,
- exponent );
- if( ret != 0 )
- return( mbedtls_to_psa_error( ret ) );
-
- /* Make sure to always have an export representation available */
- size_t bytes = PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE( bits );
-
- status = psa_allocate_buffer_to_slot( slot, bytes );
- if( status != PSA_SUCCESS )
- {
- mbedtls_rsa_free( &rsa );
- return( status );
- }
-
- status = psa_export_rsa_key( type,
- &rsa,
- slot->data.key.data,
- bytes,
- &slot->data.key.bytes );
- mbedtls_rsa_free( &rsa );
- if( status != PSA_SUCCESS )
- psa_remove_key_data_from_memory( slot );
- return( status );
}
else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
+#endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) */
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
+ if( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
+ {
+ /* To avoid empty block, return successfully here. */
+ return( PSA_SUCCESS );
+ }
+ else
+#endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) */
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_generate_key_internal(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t type = attributes->core.type;
+
+ if( ( attributes->domain_parameters == NULL ) &&
+ ( attributes->domain_parameters_size != 0 ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ if( key_type_is_raw_bytes( type ) )
+ {
+ status = psa_generate_random( key_buffer, key_buffer_size );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
+ if( type == PSA_KEY_TYPE_DES )
+ psa_des_set_key_parity( key_buffer, key_buffer_size );
+#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */
+ }
+ else
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
+ defined(MBEDTLS_GENPRIME)
+ if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
+ {
+ return( mbedtls_psa_rsa_generate_key( attributes,
+ key_buffer,
+ key_buffer_size,
+ key_buffer_length ) );
+ }
+ else
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+ * defined(MBEDTLS_GENPRIME) */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
{
- psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
- mbedtls_ecp_group_id grp_id =
- mbedtls_ecc_group_of_psa( curve, PSA_BITS_TO_BYTES( bits ) );
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id( grp_id );
- mbedtls_ecp_keypair ecp;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( domain_parameters_size != 0 )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
- mbedtls_ecp_keypair_init( &ecp );
- ret = mbedtls_ecp_gen_key( grp_id, &ecp,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg );
- if( ret != 0 )
- {
- mbedtls_ecp_keypair_free( &ecp );
- return( mbedtls_to_psa_error( ret ) );
- }
-
-
- /* Make sure to always have an export representation available */
- size_t bytes = PSA_BITS_TO_BYTES( bits );
- psa_status_t status = psa_allocate_buffer_to_slot( slot, bytes );
- if( status != PSA_SUCCESS )
- {
- mbedtls_ecp_keypair_free( &ecp );
- return( status );
- }
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_write_key( &ecp, slot->data.key.data, bytes ) );
-
- mbedtls_ecp_keypair_free( &ecp );
- if( status != PSA_SUCCESS ) {
- memset( slot->data.key.data, 0, bytes );
- psa_remove_key_data_from_memory( slot );
- }
- return( status );
+ return( mbedtls_psa_ecp_generate_key( attributes,
+ key_buffer,
+ key_buffer_size,
+ key_buffer_length ) );
}
else
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
{
+ (void)key_buffer_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
@@ -6537,6 +5220,7 @@
psa_status_t status;
psa_key_slot_t *slot = NULL;
psa_se_drv_table_entry_t *driver = NULL;
+ size_t key_buffer_size;
*key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -6550,15 +5234,42 @@
if( status != PSA_SUCCESS )
goto exit;
- status = psa_driver_wrapper_generate_key( attributes,
- slot );
- if( status != PSA_ERROR_NOT_SUPPORTED ||
- psa_key_lifetime_is_external( attributes->core.lifetime ) )
- goto exit;
+ /* In the case of a transparent key or an opaque key stored in local
+ * storage (thus not in the case of generating a key in a secure element
+ * or cryptoprocessor with storage), we have to allocate a buffer to
+ * hold the generated key material. */
+ if( slot->key.data == NULL )
+ {
+ if ( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) ==
+ PSA_KEY_LOCATION_LOCAL_STORAGE )
+ {
+ status = psa_validate_key_type_and_size_for_key_generation(
+ attributes->core.type, attributes->core.bits );
+ if( status != PSA_SUCCESS )
+ goto exit;
- status = psa_generate_key_internal(
- slot, attributes->core.bits,
- attributes->domain_parameters, attributes->domain_parameters_size );
+ key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
+ attributes->core.type,
+ attributes->core.bits );
+ }
+ else
+ {
+ status = psa_driver_wrapper_get_key_buffer_size(
+ attributes, &key_buffer_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = psa_allocate_buffer_to_slot( slot, key_buffer_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_generate_key( attributes,
+ slot->key.data, slot->key.bytes, &slot->key.bytes );
+
+ if( status != PSA_SUCCESS )
+ psa_remove_key_data_from_memory( slot );
exit:
if( status == PSA_SUCCESS )
@@ -6569,30 +5280,29 @@
return( status );
}
-
-
/****************************************************************/
/* Module setup */
/****************************************************************/
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
void (* entropy_init )( mbedtls_entropy_context *ctx ),
void (* entropy_free )( mbedtls_entropy_context *ctx ) )
{
if( global_data.rng_state != RNG_NOT_INITIALIZED )
return( PSA_ERROR_BAD_STATE );
- global_data.entropy_init = entropy_init;
- global_data.entropy_free = entropy_free;
+ global_data.rng.entropy_init = entropy_init;
+ global_data.rng.entropy_free = entropy_free;
return( PSA_SUCCESS );
}
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
void mbedtls_psa_crypto_free( void )
{
psa_wipe_all_key_slots( );
if( global_data.rng_state != RNG_NOT_INITIALIZED )
{
- mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
- global_data.entropy_free( &global_data.entropy );
+ mbedtls_psa_random_free( &global_data.rng );
}
/* Wipe all remaining data, including configuration.
* In particular, this sets all state indicator to the value
@@ -6626,7 +5336,7 @@
default:
/* We found an unsupported transaction in the storage.
* We don't know what state the storage is in. Give up. */
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
}
}
#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
@@ -6634,37 +5344,15 @@
psa_status_t psa_crypto_init( void )
{
psa_status_t status;
- const unsigned char drbg_seed[] = "PSA";
/* Double initialization is explicitly allowed. */
if( global_data.initialized != 0 )
return( PSA_SUCCESS );
- /* Set default configuration if
- * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */
- if( global_data.entropy_init == NULL )
- global_data.entropy_init = mbedtls_entropy_init;
- if( global_data.entropy_free == NULL )
- global_data.entropy_free = mbedtls_entropy_free;
-
- /* Initialize the random generator. */
- global_data.entropy_init( &global_data.entropy );
-#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
- defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
- /* The PSA entropy injection feature depends on using NV seed as an entropy
- * source. Add NV seed as an entropy source for PSA entropy injection. */
- mbedtls_entropy_add_source( &global_data.entropy,
- mbedtls_nv_seed_poll, NULL,
- MBEDTLS_ENTROPY_BLOCK_SIZE,
- MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
- mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
+ /* Initialize and seed the random generator. */
+ mbedtls_psa_random_init( &global_data.rng );
global_data.rng_state = RNG_INITIALIZED;
- status = mbedtls_to_psa_error(
- mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
- mbedtls_entropy_func,
- &global_data.entropy,
- drbg_seed, sizeof( drbg_seed ) - 1 ) );
+ status = mbedtls_psa_random_seed( &global_data.rng );
if( status != PSA_SUCCESS )
goto exit;
global_data.rng_state = RNG_SEEDED;
diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c
new file mode 100644
index 0000000..356679c
--- /dev/null
+++ b/library/psa_crypto_aead.c
@@ -0,0 +1,367 @@
+/*
+ * PSA AEAD entry points
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "psa_crypto_aead.h"
+#include "psa_crypto_core.h"
+
+#include "mbedtls/ccm.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/gcm.h"
+
+typedef struct
+{
+ union
+ {
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ mbedtls_ccm_context ccm;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+ mbedtls_gcm_context gcm;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+ mbedtls_chachapoly_context chachapoly;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+ } ctx;
+ psa_algorithm_t core_alg;
+ uint8_t tag_length;
+} aead_operation_t;
+
+#define AEAD_OPERATION_INIT {{0}, 0, 0}
+
+static void psa_aead_abort_internal( aead_operation_t *operation )
+{
+ switch( operation->core_alg )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ case PSA_ALG_CCM:
+ mbedtls_ccm_free( &operation->ctx.ccm );
+ break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+ case PSA_ALG_GCM:
+ mbedtls_gcm_free( &operation->ctx.gcm );
+ break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+ case PSA_ALG_CHACHA20_POLY1305:
+ mbedtls_chachapoly_free( &operation->ctx.chachapoly );
+ break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+ }
+}
+
+static psa_status_t psa_aead_setup(
+ aead_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ psa_algorithm_t alg )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t key_bits;
+ const mbedtls_cipher_info_t *cipher_info;
+ mbedtls_cipher_id_t cipher_id;
+ size_t full_tag_length = 0;
+
+ key_bits = attributes->core.bits;
+
+ cipher_info = mbedtls_cipher_info_from_psa( alg,
+ attributes->core.type, key_bits,
+ &cipher_id );
+ if( cipher_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
+ operation->core_alg = PSA_ALG_CCM;
+ full_tag_length = 16;
+ /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
+ * The call to mbedtls_ccm_encrypt_and_tag or
+ * mbedtls_ccm_auth_decrypt will validate the tag length. */
+ if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ mbedtls_ccm_init( &operation->ctx.ccm );
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
+ key_buffer, (unsigned int) key_bits ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
+ operation->core_alg = PSA_ALG_GCM;
+ full_tag_length = 16;
+ /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
+ * The call to mbedtls_gcm_crypt_and_tag or
+ * mbedtls_gcm_auth_decrypt will validate the tag length. */
+ if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ mbedtls_gcm_init( &operation->ctx.gcm );
+ status = mbedtls_to_psa_error(
+ mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
+ key_buffer, (unsigned int) key_bits ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
+ operation->core_alg = PSA_ALG_CHACHA20_POLY1305;
+ full_tag_length = 16;
+ /* We only support the default tag length. */
+ if( alg != PSA_ALG_CHACHA20_POLY1305 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ mbedtls_chachapoly_init( &operation->ctx.chachapoly );
+ status = mbedtls_to_psa_error(
+ mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
+ key_buffer ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+
+ default:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( PSA_AEAD_TAG_LENGTH( attributes->core.type,
+ key_bits, alg )
+ > full_tag_length )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ operation->tag_length = PSA_AEAD_TAG_LENGTH( attributes->core.type,
+ key_bits,
+ alg );
+
+ return( PSA_SUCCESS );
+}
+
+psa_status_t mbedtls_psa_aead_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *plaintext, size_t plaintext_length,
+ uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ aead_operation_t operation = AEAD_OPERATION_INIT;
+ uint8_t *tag;
+ (void) key_buffer_size;
+
+ status = psa_aead_setup( &operation, attributes, key_buffer, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* For all currently supported modes, the tag is at the end of the
+ * ciphertext. */
+ if( ciphertext_size < ( plaintext_length + operation.tag_length ) )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+ tag = ciphertext + plaintext_length;
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation.core_alg == PSA_ALG_CCM )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
+ plaintext_length,
+ nonce, nonce_length,
+ additional_data,
+ additional_data_length,
+ plaintext, ciphertext,
+ tag, operation.tag_length ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+ if( operation.core_alg == PSA_ALG_GCM )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm,
+ MBEDTLS_GCM_ENCRYPT,
+ plaintext_length,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, ciphertext,
+ operation.tag_length, tag ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+ if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
+ {
+ if( nonce_length != 12 || operation.tag_length != 16 )
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+ status = mbedtls_to_psa_error(
+ mbedtls_chachapoly_encrypt_and_tag( &operation.ctx.chachapoly,
+ plaintext_length,
+ nonce,
+ additional_data,
+ additional_data_length,
+ plaintext,
+ ciphertext,
+ tag ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+ {
+ (void) tag;
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( status == PSA_SUCCESS )
+ *ciphertext_length = plaintext_length + operation.tag_length;
+
+exit:
+ psa_aead_abort_internal( &operation );
+
+ return( status );
+}
+
+/* Locate the tag in a ciphertext buffer containing the encrypted data
+ * followed by the tag. Return the length of the part preceding the tag in
+ * *plaintext_length. This is the size of the plaintext in modes where
+ * the encrypted data has the same size as the plaintext, such as
+ * CCM and GCM. */
+static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
+ const uint8_t *ciphertext,
+ size_t ciphertext_length,
+ size_t plaintext_size,
+ const uint8_t **p_tag )
+{
+ size_t payload_length;
+ if( tag_length > ciphertext_length )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ payload_length = ciphertext_length - tag_length;
+ if( payload_length > plaintext_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ *p_tag = ciphertext + payload_length;
+ return( PSA_SUCCESS );
+}
+
+psa_status_t mbedtls_psa_aead_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *ciphertext, size_t ciphertext_length,
+ uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ aead_operation_t operation = AEAD_OPERATION_INIT;
+ const uint8_t *tag = NULL;
+ (void) key_buffer_size;
+
+ status = psa_aead_setup( &operation, attributes, key_buffer, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_aead_unpadded_locate_tag( operation.tag_length,
+ ciphertext, ciphertext_length,
+ plaintext_size, &tag );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation.core_alg == PSA_ALG_CCM )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_auth_decrypt( &operation.ctx.ccm,
+ ciphertext_length - operation.tag_length,
+ nonce, nonce_length,
+ additional_data,
+ additional_data_length,
+ ciphertext, plaintext,
+ tag, operation.tag_length ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+ if( operation.core_alg == PSA_ALG_GCM )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_gcm_auth_decrypt( &operation.ctx.gcm,
+ ciphertext_length - operation.tag_length,
+ nonce, nonce_length,
+ additional_data,
+ additional_data_length,
+ tag, operation.tag_length,
+ ciphertext, plaintext ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+ if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
+ {
+ if( nonce_length != 12 || operation.tag_length != 16 )
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+ status = mbedtls_to_psa_error(
+ mbedtls_chachapoly_auth_decrypt( &operation.ctx.chachapoly,
+ ciphertext_length - operation.tag_length,
+ nonce,
+ additional_data,
+ additional_data_length,
+ tag,
+ ciphertext,
+ plaintext ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( status == PSA_SUCCESS )
+ *plaintext_length = ciphertext_length - operation.tag_length;
+
+exit:
+ psa_aead_abort_internal( &operation );
+
+ if( status == PSA_SUCCESS )
+ *plaintext_length = ciphertext_length - operation.tag_length;
+ return( status );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
diff --git a/library/psa_crypto_aead.h b/library/psa_crypto_aead.h
new file mode 100644
index 0000000..aab0f83
--- /dev/null
+++ b/library/psa_crypto_aead.h
@@ -0,0 +1,151 @@
+/*
+ * PSA AEAD driver entry points
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_AEAD_H
+#define PSA_CRYPTO_AEAD_H
+
+#include <psa/crypto.h>
+
+/**
+ * \brief Process an authenticated encryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * aead_encrypt entry point. This function behaves as an aead_encrypt
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param alg The AEAD algorithm to compute.
+ * \param[in] nonce Nonce or IV to use.
+ * \param nonce_length Size of the nonce buffer in bytes. This must
+ * be appropriate for the selected algorithm.
+ * The default nonce size is
+ * PSA_AEAD_NONCE_LENGTH(key_type, alg) where
+ * key_type is the type of key.
+ * \param[in] additional_data Additional data that will be authenticated
+ * but not encrypted.
+ * \param additional_data_length Size of additional_data in bytes.
+ * \param[in] plaintext Data that will be authenticated and encrypted.
+ * \param plaintext_length Size of plaintext in bytes.
+ * \param[out] ciphertext Output buffer for the authenticated and
+ * encrypted data. The additional data is not
+ * part of this output. For algorithms where the
+ * encrypted data and the authentication tag are
+ * defined as separate outputs, the
+ * authentication tag is appended to the
+ * encrypted data.
+ * \param ciphertext_size Size of the ciphertext buffer in bytes. This
+ * must be appropriate for the selected algorithm
+ * and key:
+ * - A sufficient output size is
+ * PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg,
+ * plaintext_length) where key_type is the type
+ * of key.
+ * - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(
+ * plaintext_length) evaluates to the maximum
+ * ciphertext size of any supported AEAD
+ * encryption.
+ * \param[out] ciphertext_length On success, the size of the output in the
+ * ciphertext buffer.
+ *
+ * \retval #PSA_SUCCESS Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * ciphertext_size is too small.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_aead_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *plaintext, size_t plaintext_length,
+ uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length );
+
+/**
+ * \brief Process an authenticated decryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * aead_decrypt entry point. This function behaves as an aead_decrypt
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param alg The AEAD algorithm to compute.
+ * \param[in] nonce Nonce or IV to use.
+ * \param nonce_length Size of the nonce buffer in bytes. This must
+ * be appropriate for the selected algorithm.
+ * The default nonce size is
+ * PSA_AEAD_NONCE_LENGTH(key_type, alg) where
+ * key_type is the type of key.
+ * \param[in] additional_data Additional data that has been authenticated
+ * but not encrypted.
+ * \param additional_data_length Size of additional_data in bytes.
+ * \param[in] ciphertext Data that has been authenticated and
+ * encrypted. For algorithms where the encrypted
+ * data and the authentication tag are defined
+ * as separate inputs, the buffer contains
+ * encrypted data followed by the authentication
+ * tag.
+ * \param ciphertext_length Size of ciphertext in bytes.
+ * \param[out] plaintext Output buffer for the decrypted data.
+ * \param plaintext_size Size of the plaintext buffer in bytes. This
+ * must be appropriate for the selected algorithm
+ * and key:
+ * - A sufficient output size is
+ * PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg,
+ * ciphertext_length) where key_type is the
+ * type of key.
+ * - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(
+ * ciphertext_length) evaluates to the maximum
+ * plaintext size of any supported AEAD
+ * decryption.
+ * \param[out] plaintext_length On success, the size of the output in the
+ * plaintext buffer.
+ *
+ * \retval #PSA_SUCCESS Success.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The cipher is not authentic.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * plaintext_size is too small.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_aead_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *ciphertext, size_t ciphertext_length,
+ uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );
+
+#endif /* PSA_CRYPTO_AEAD */
diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
new file mode 100644
index 0000000..6c4150b
--- /dev/null
+++ b/library/psa_crypto_cipher.c
@@ -0,0 +1,741 @@
+/*
+ * PSA cipher driver entry points
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa_crypto_cipher.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_random_impl.h"
+
+#include "mbedtls/cipher.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) )
+#define BUILTIN_KEY_TYPE_DES 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) )
+#define BUILTIN_ALG_CBC_NO_PADDING 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) )
+#define BUILTIN_ALG_CBC_PKCS7 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) )
+#define BUILTIN_KEY_TYPE_CHACHA20 1
+#endif
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
+ psa_algorithm_t alg,
+ psa_key_type_t key_type,
+ size_t key_bits,
+ mbedtls_cipher_id_t* cipher_id )
+{
+ mbedtls_cipher_mode_t mode;
+ mbedtls_cipher_id_t cipher_id_tmp;
+
+ if( PSA_ALG_IS_AEAD( alg ) )
+ alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 );
+
+ if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
+ {
+ switch( alg )
+ {
+ case PSA_ALG_STREAM_CIPHER:
+ mode = MBEDTLS_MODE_STREAM;
+ break;
+ case PSA_ALG_CTR:
+ mode = MBEDTLS_MODE_CTR;
+ break;
+ case PSA_ALG_CFB:
+ mode = MBEDTLS_MODE_CFB;
+ break;
+ case PSA_ALG_OFB:
+ mode = MBEDTLS_MODE_OFB;
+ break;
+ case PSA_ALG_ECB_NO_PADDING:
+ mode = MBEDTLS_MODE_ECB;
+ break;
+ case PSA_ALG_CBC_NO_PADDING:
+ mode = MBEDTLS_MODE_CBC;
+ break;
+ case PSA_ALG_CBC_PKCS7:
+ mode = MBEDTLS_MODE_CBC;
+ break;
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
+ mode = MBEDTLS_MODE_CCM;
+ break;
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
+ mode = MBEDTLS_MODE_GCM;
+ break;
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
+ mode = MBEDTLS_MODE_CHACHAPOLY;
+ break;
+ default:
+ return( NULL );
+ }
+ }
+ else if( alg == PSA_ALG_CMAC )
+ mode = MBEDTLS_MODE_ECB;
+ else
+ return( NULL );
+
+ switch( key_type )
+ {
+ case PSA_KEY_TYPE_AES:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
+ break;
+ case PSA_KEY_TYPE_DES:
+ /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
+ * and 192 for three-key Triple-DES. */
+ if( key_bits == 64 )
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
+ else
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
+ /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
+ * but two-key Triple-DES is functionally three-key Triple-DES
+ * with K1=K3, so that's how we present it to mbedtls. */
+ if( key_bits == 128 )
+ key_bits = 192;
+ break;
+ case PSA_KEY_TYPE_CAMELLIA:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
+ break;
+ case PSA_KEY_TYPE_ARC4:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
+ break;
+ case PSA_KEY_TYPE_CHACHA20:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20;
+ break;
+ default:
+ return( NULL );
+ }
+ if( cipher_id != NULL )
+ *cipher_id = cipher_id_tmp;
+
+ return( mbedtls_cipher_info_from_values( cipher_id_tmp,
+ (int) key_bits, mode ) );
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || defined(PSA_CRYPTO_DRIVER_TEST)
+
+static psa_status_t cipher_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ mbedtls_operation_t cipher_operation )
+{
+ int ret = 0;
+ size_t key_bits;
+ const mbedtls_cipher_info_t *cipher_info = NULL;
+ psa_key_type_t key_type = attributes->core.type;
+
+ (void)key_buffer_size;
+
+ mbedtls_cipher_init( &operation->ctx.cipher );
+
+ operation->alg = alg;
+ key_bits = attributes->core.bits;
+ cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
+ key_bits, NULL );
+ if( cipher_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
+ if( ret != 0 )
+ goto exit;
+
+#if defined(BUILTIN_KEY_TYPE_DES)
+ if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
+ {
+ /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
+ uint8_t keys[24];
+ memcpy( keys, key_buffer, 16 );
+ memcpy( keys + 16, key_buffer, 8 );
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
+ keys,
+ 192, cipher_operation );
+ }
+ else
+#endif
+ {
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer,
+ (int) key_bits, cipher_operation );
+ }
+ if( ret != 0 )
+ goto exit;
+
+#if defined(BUILTIN_ALG_CBC_NO_PADDING) || \
+ defined(BUILTIN_ALG_CBC_PKCS7)
+ switch( alg )
+ {
+ case PSA_ALG_CBC_NO_PADDING:
+ ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
+ MBEDTLS_PADDING_NONE );
+ break;
+ case PSA_ALG_CBC_PKCS7:
+ ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
+ MBEDTLS_PADDING_PKCS7 );
+ break;
+ default:
+ /* The algorithm doesn't involve padding. */
+ ret = 0;
+ break;
+ }
+ if( ret != 0 )
+ goto exit;
+#endif /* BUILTIN_ALG_CBC_NO_PADDING || BUILTIN_ALG_CBC_PKCS7 */
+
+ operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
+ operation->iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg );
+
+exit:
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t cipher_encrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_setup( operation, attributes,
+ key_buffer, key_buffer_size,
+ alg, MBEDTLS_ENCRYPT ) );
+}
+
+static psa_status_t cipher_decrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_setup( operation, attributes,
+ key_buffer, key_buffer_size,
+ alg, MBEDTLS_DECRYPT ) );
+}
+
+static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length )
+{
+ if( iv_length != operation->iv_length )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ return( mbedtls_to_psa_error(
+ mbedtls_cipher_set_iv( &operation->ctx.cipher,
+ iv, iv_length ) ) );
+}
+
+/** Process input for which the algorithm is set to ECB mode.
+ *
+ * This requires manual processing, since the PSA API is defined as being
+ * able to process arbitrary-length calls to psa_cipher_update() with ECB mode,
+ * but the underlying mbedtls_cipher_update only takes full blocks.
+ *
+ * \param ctx The mbedtls cipher context to use. It must have been
+ * set up for ECB.
+ * \param[in] input The input plaintext or ciphertext to process.
+ * \param input_length The number of bytes to process from \p input.
+ * This does not need to be aligned to a block boundary.
+ * If there is a partial block at the end of the input,
+ * it is stored in \p ctx for future processing.
+ * \param output The buffer where the output is written. It must be
+ * at least `BS * floor((p + input_length) / BS)` bytes
+ * long, where `p` is the number of bytes in the
+ * unprocessed partial block in \p ctx (with
+ * `0 <= p <= BS - 1`) and `BS` is the block size.
+ * \param output_length On success, the number of bytes written to \p output.
+ * \c 0 on error.
+ *
+ * \return #PSA_SUCCESS or an error from a hardware accelerator
+ */
+static psa_status_t psa_cipher_update_ecb(
+ mbedtls_cipher_context_t *ctx,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t block_size = ctx->cipher_info->block_size;
+ size_t internal_output_length = 0;
+ *output_length = 0;
+
+ if( input_length == 0 )
+ {
+ status = PSA_SUCCESS;
+ goto exit;
+ }
+
+ if( ctx->unprocessed_len > 0 )
+ {
+ /* Fill up to block size, and run the block if there's a full one. */
+ size_t bytes_to_copy = block_size - ctx->unprocessed_len;
+
+ if( input_length < bytes_to_copy )
+ bytes_to_copy = input_length;
+
+ memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
+ input, bytes_to_copy );
+ input_length -= bytes_to_copy;
+ input += bytes_to_copy;
+ ctx->unprocessed_len += bytes_to_copy;
+
+ if( ctx->unprocessed_len == block_size )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_cipher_update( ctx,
+ ctx->unprocessed_data,
+ block_size,
+ output, &internal_output_length ) );
+
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ output += internal_output_length;
+ *output_length += internal_output_length;
+ ctx->unprocessed_len = 0;
+ }
+ }
+
+ while( input_length >= block_size )
+ {
+ /* Run all full blocks we have, one by one */
+ status = mbedtls_to_psa_error(
+ mbedtls_cipher_update( ctx, input,
+ block_size,
+ output, &internal_output_length ) );
+
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ input_length -= block_size;
+ input += block_size;
+
+ output += internal_output_length;
+ *output_length += internal_output_length;
+ }
+
+ if( input_length > 0 )
+ {
+ /* Save unprocessed bytes for later processing */
+ memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
+ input, input_length );
+ ctx->unprocessed_len += input_length;
+ }
+
+ status = PSA_SUCCESS;
+
+exit:
+ return( status );
+}
+
+static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t expected_output_size;
+
+ if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
+ {
+ /* Take the unprocessed partial block left over from previous
+ * update calls, if any, plus the input to this call. Remove
+ * the last partial block, if any. You get the data that will be
+ * output in this call. */
+ expected_output_size =
+ ( operation->ctx.cipher.unprocessed_len + input_length )
+ / operation->block_length * operation->block_length;
+ }
+ else
+ {
+ expected_output_size = input_length;
+ }
+
+ if( output_size < expected_output_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ if( operation->alg == PSA_ALG_ECB_NO_PADDING )
+ {
+ /* mbedtls_cipher_update has an API inconsistency: it will only
+ * process a single block at a time in ECB mode. Abstract away that
+ * inconsistency here to match the PSA API behaviour. */
+ status = psa_cipher_update_ecb( &operation->ctx.cipher,
+ input,
+ input_length,
+ output,
+ output_length );
+ }
+ else
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_cipher_update( &operation->ctx.cipher, input,
+ input_length, output, output_length ) );
+
+ if( *output_length > output_size )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ }
+
+ return( status );
+}
+
+static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
+
+ if( operation->ctx.cipher.unprocessed_len != 0 )
+ {
+ if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
+ operation->alg == PSA_ALG_CBC_NO_PADDING )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+ }
+
+ status = mbedtls_to_psa_error(
+ mbedtls_cipher_finish( &operation->ctx.cipher,
+ temp_output_buffer,
+ output_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( *output_length == 0 )
+ ; /* Nothing to copy. Note that output may be NULL in this case. */
+ else if( output_size >= *output_length )
+ memcpy( output, temp_output_buffer, *output_length );
+ else
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+
+exit:
+ mbedtls_platform_zeroize( temp_output_buffer,
+ sizeof( temp_output_buffer ) );
+
+ return( status );
+}
+
+static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation )
+{
+ /* Sanity check (shouldn't happen: operation->alg should
+ * always have been initialized to a valid value). */
+ if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
+ return( PSA_ERROR_BAD_STATE );
+
+ mbedtls_cipher_free( &operation->ctx.cipher );
+
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+ size_t olength, accumulated_length;
+
+ status = cipher_encrypt_setup( &operation, attributes,
+ key_buffer, key_buffer_size, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = 0;
+ if( operation.iv_length > 0 )
+ {
+ status = cipher_set_iv( &operation, output, operation.iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = operation.iv_length;
+ }
+
+ status = cipher_update( &operation, input, input_length,
+ output + operation.iv_length,
+ output_size - operation.iv_length,
+ &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length += olength;
+
+ status = cipher_finish( &operation, output + accumulated_length,
+ output_size - accumulated_length, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *output_length = accumulated_length + olength;
+
+exit:
+ if( status == PSA_SUCCESS )
+ status = cipher_abort( &operation );
+ else
+ cipher_abort( &operation );
+ return( status );
+}
+
+static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+ size_t olength, accumulated_length;
+
+ status = cipher_decrypt_setup( &operation, attributes,
+ key_buffer, key_buffer_size, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( operation.iv_length > 0 )
+ {
+ status = cipher_set_iv( &operation, input, operation.iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = cipher_update( &operation, input + operation.iv_length,
+ input_length - operation.iv_length,
+ output, output_size, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = olength;
+
+ status = cipher_finish( &operation, output + accumulated_length,
+ output_size - accumulated_length, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *output_length = accumulated_length + olength;
+
+exit:
+ if ( status == PSA_SUCCESS )
+ status = cipher_abort( &operation );
+ else
+ cipher_abort( &operation );
+ return( status );
+}
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+psa_status_t mbedtls_psa_cipher_encrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_encrypt_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_psa_cipher_decrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_decrypt_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv,
+ size_t iv_length )
+{
+ return( cipher_set_iv( operation, iv, iv_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_update( operation, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_finish( operation, output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation )
+{
+ return( cipher_abort( operation ) );
+}
+
+psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_encrypt_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_decrypt_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_set_iv(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length )
+{
+ return( cipher_set_iv( operation, iv, iv_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_update(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length )
+{
+ return( cipher_update( operation, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_finish(
+ mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length )
+{
+ return( cipher_finish( operation, output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_abort(
+ mbedtls_psa_cipher_operation_t *operation )
+{
+ return( cipher_abort( operation ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h
new file mode 100644
index 0000000..5971e8d
--- /dev/null
+++ b/library/psa_crypto_cipher.h
@@ -0,0 +1,363 @@
+/*
+ * PSA cipher driver entry points
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_CIPHER_H
+#define PSA_CRYPTO_CIPHER_H
+
+#include <mbedtls/cipher.h>
+#include <psa/crypto.h>
+
+/** Get Mbed TLS cipher information given the cipher algorithm PSA identifier
+ * as well as the PSA type and size of the key to be used with the cipher
+ * algorithm.
+ *
+ * \param alg PSA cipher algorithm identifier
+ * \param key_type PSA key type
+ * \param key_bits Size of the key in bits
+ * \param[out] cipher_id Mbed TLS cipher algorithm identifier
+ *
+ * \return The Mbed TLS cipher information of the cipher algorithm.
+ * \c NULL if the PSA cipher algorithm is not supported.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
+ psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits,
+ mbedtls_cipher_id_t *cipher_id );
+
+/**
+ * \brief Set the key for a multipart symmetric encryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_encrypt_setup entry point. This function behaves as a
+ * cipher_encrypt_setup entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in,out] operation The operation object to set up. It has been
+ * initialized as per the documentation for
+ * #psa_cipher_operation_t and not yet in use.
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg The cipher algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_cipher_encrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+/**
+ * \brief Set the key for a multipart symmetric decryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_decrypt_setup entry point. This function behaves as a
+ * cipher_decrypt_setup entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in,out] operation The operation object to set up. It has been
+ * initialized as per the documentation for
+ * #psa_cipher_operation_t and not yet in use.
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg The cipher algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_cipher_decrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+/** Set the IV for a symmetric encryption or decryption operation.
+ *
+ * This function sets the IV (initialization vector), nonce
+ * or initial counter value for the encryption or decryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_set_iv entry point. This function behaves as a
+ * cipher_set_iv entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in,out] operation Active cipher operation.
+ * \param[in] iv Buffer containing the IV to use.
+ * \param[in] iv_length Size of the IV in bytes. It is guaranteed by
+ * the core to be less or equal to
+ * PSA_CIPHER_IV_MAX_SIZE.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The size of \p iv is not acceptable for the chosen algorithm,
+ * or the chosen algorithm does not use an IV.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t mbedtls_psa_cipher_set_iv(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length );
+
+/** Encrypt or decrypt a message fragment in an active cipher operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_update entry point. This function behaves as a
+ * cipher_update entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in,out] operation Active cipher operation.
+ * \param[in] input Buffer containing the message fragment to
+ * encrypt or decrypt.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[out] output Buffer where the output is to be written.
+ * \param[in] output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes
+ * that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t mbedtls_psa_cipher_update(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length );
+
+/** Finish encrypting or decrypting a message in a cipher operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_finish entry point. This function behaves as a
+ * cipher_finish entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in,out] operation Active cipher operation.
+ * \param[out] output Buffer where the output is to be written.
+ * \param[in] output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes
+ * that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The total input size passed to this operation is not valid for
+ * this particular algorithm. For example, the algorithm is a based
+ * on block cipher and requires a whole number of blocks, but the
+ * total input size is not a multiple of the block size.
+ * \retval #PSA_ERROR_INVALID_PADDING
+ * This is a decryption operation for an algorithm that includes
+ * padding, and the ciphertext does not contain valid padding.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t mbedtls_psa_cipher_finish(
+ mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length );
+
+/** Abort a cipher operation.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_abort entry point. This function behaves as a
+ * cipher_abort entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in,out] operation Initialized cipher operation.
+ *
+ * \retval #PSA_SUCCESS
+ */
+psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation );
+
+/** Encrypt a message using a symmetric cipher.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_encrypt entry point. This function behaves as a
+ * cipher_encrypt entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg The cipher algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param[in] input Buffer containing the message to encrypt.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[in,out] output Buffer where the output is to be written.
+ * The core has generated and written the IV
+ * at the beginning of this buffer before
+ * this function is called. The size of the IV
+ * is PSA_CIPHER_IV_LENGTH( key_type, alg ) where
+ * \c key_type is the type of the key identified
+ * by \p key and \p alg is the cipher algorithm
+ * to compute.
+ * \param[in] output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes that make up
+ * the returned output. Initialized to zero
+ * by the core.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The size of \p iv is not acceptable for the chosen algorithm,
+ * or the chosen algorithm does not use an IV.
+ * The total input size passed to this operation is not valid for
+ * this particular algorithm. For example, the algorithm is a based
+ * on block cipher and requires a whole number of blocks, but the
+ * total input size is not a multiple of the block size.
+ * \retval #PSA_ERROR_INVALID_PADDING
+ * This is a decryption operation for an algorithm that includes
+ * padding, and the ciphertext does not contain valid padding.
+ */
+psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length );
+
+/** Decrypt a message using a symmetric cipher.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_decrypt entry point. This function behaves as a
+ * cipher_decrypt entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg The cipher algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param[in] input Buffer containing the iv and the ciphertext.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[out] output Buffer where the output is to be written.
+ * \param[in] output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes that make up
+ * the returned output. Initialized to zero
+ * by the core.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The size of \p iv is not acceptable for the chosen algorithm,
+ * or the chosen algorithm does not use an IV.
+ * The total input size passed to this operation is not valid for
+ * this particular algorithm. For example, the algorithm is a based
+ * on block cipher and requires a whole number of blocks, but the
+ * total input size is not a multiple of the block size.
+ * \retval #PSA_ERROR_INVALID_PADDING
+ * This is a decryption operation for an algorithm that includes
+ * padding, and the ciphertext does not contain valid padding.
+ */
+psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length );
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_set_iv(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_update(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_finish(
+ mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_abort(
+ mbedtls_psa_cipher_operation_t *operation );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* PSA_CRYPTO_CIPHER_H */
diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c
new file mode 100644
index 0000000..629feb7
--- /dev/null
+++ b/library/psa_crypto_client.c
@@ -0,0 +1,82 @@
+/*
+ * PSA crypto client code
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+#include "psa/crypto.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+
+#include <string.h>
+#include "mbedtls/platform.h"
+#if !defined(MBEDTLS_PLATFORM_C)
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
+void psa_reset_key_attributes( psa_key_attributes_t *attributes )
+{
+ mbedtls_free( attributes->domain_parameters );
+ memset( attributes, 0, sizeof( *attributes ) );
+}
+
+psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes,
+ psa_key_type_t type,
+ const uint8_t *data,
+ size_t data_length )
+{
+ uint8_t *copy = NULL;
+
+ if( data_length != 0 )
+ {
+ copy = mbedtls_calloc( 1, data_length );
+ if( copy == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ memcpy( copy, data, data_length );
+ }
+ /* After this point, this function is guaranteed to succeed, so it
+ * can start modifying `*attributes`. */
+
+ if( attributes->domain_parameters != NULL )
+ {
+ mbedtls_free( attributes->domain_parameters );
+ attributes->domain_parameters = NULL;
+ attributes->domain_parameters_size = 0;
+ }
+
+ attributes->domain_parameters = copy;
+ attributes->domain_parameters_size = data_length;
+ attributes->core.type = type;
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_get_key_domain_parameters(
+ const psa_key_attributes_t *attributes,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ if( attributes->domain_parameters_size > data_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ *data_length = attributes->domain_parameters_size;
+ if( attributes->domain_parameters_size != 0 )
+ memcpy( data, attributes->domain_parameters,
+ attributes->domain_parameters_size );
+ return( PSA_SUCCESS );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index f61ef95..4420ec2 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -30,6 +30,26 @@
#include "psa/crypto.h"
#include "psa/crypto_se_driver.h"
+/** Constant-time buffer comparison
+ *
+ * \param[in] a Left-hand buffer for comparison.
+ * \param[in] b Right-hand buffer for comparison.
+ * \param n Amount of bytes to compare.
+ *
+ * \return 0 if the buffer contents are equal, non-zero otherwise
+ */
+static inline int mbedtls_psa_safer_memcmp(
+ const uint8_t *a, const uint8_t *b, size_t n )
+{
+ size_t i;
+ unsigned char diff = 0;
+
+ for( i = 0; i < n; i++ )
+ diff |= a[i] ^ b[i];
+
+ return( diff );
+}
+
/** The data structure representing a key slot, containing key material
* and metadata for one key.
*/
@@ -62,23 +82,13 @@
*/
size_t lock_count;
- union
+ /* Dynamically allocated key data buffer.
+ * Format as specified in psa_export_key(). */
+ struct key_data
{
- /* Dynamically allocated key data buffer.
- * Format as specified in psa_export_key(). */
- struct key_data
- {
- uint8_t *data;
- size_t bytes;
- } key;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- /* Any key type in a secure element */
- struct se
- {
- psa_key_slot_number_t slot_number;
- } se;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- } data;
+ uint8_t *data;
+ size_t bytes;
+ } key;
} psa_key_slot_t;
/* A mask of key attribute flags used only internally.
@@ -163,6 +173,20 @@
slot->attr.flags &= ~mask;
}
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+/** Get the SE slot number of a key from the key slot storing its description.
+ *
+ * \param[in] slot The key slot to query. This must be a key slot storing
+ * the description of a key of a dynamically registered
+ * secure element, otherwise the behaviour is undefined.
+ */
+static inline psa_key_slot_number_t psa_key_slot_get_slot_number(
+ const psa_key_slot_t *slot )
+{
+ return( *( (psa_key_slot_number_t *)( slot->key.data ) ) );
+}
+#endif
+
/** Completely wipe a slot in memory, including its policy.
*
* Persistent storage is not affected.
@@ -176,6 +200,24 @@
*/
psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
+/** Try to allocate a buffer to an empty key slot.
+ *
+ * \param[in,out] slot Key slot to attach buffer to.
+ * \param[in] buffer_length Requested size of the buffer.
+ *
+ * \retval #PSA_SUCCESS
+ * The buffer has been successfully allocated.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * Not enough memory was available for allocation.
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * Trying to allocate a buffer to a non-empty key slot.
+ */
+psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
+ size_t buffer_length );
+
+/** Wipe key data from a slot. Preserves metadata such as the policy. */
+psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot );
+
/** Copy key data (in export format) into an empty key slot.
*
* This function assumes that the slot does not contain
@@ -208,4 +250,286 @@
*/
psa_status_t mbedtls_to_psa_error( int ret );
+/** Get Mbed TLS cipher information given the cipher algorithm PSA identifier
+ * as well as the PSA type and size of the key to be used with the cipher
+ * algorithm.
+ *
+ * \param alg PSA cipher algorithm identifier
+ * \param key_type PSA key type
+ * \param key_bits Size of the key in bits
+ * \param[out] cipher_id Mbed TLS cipher algorithm identifier
+ *
+ * \return The Mbed TLS cipher information of the cipher algorithm.
+ * \c NULL if the PSA cipher algorithm is not supported.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
+ psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits,
+ mbedtls_cipher_id_t *cipher_id );
+
+/** Import a key in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * import_key entry point. This function behaves as an import_key
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes for the key to import.
+ * \param[in] data The buffer containing the key data in import
+ * format.
+ * \param[in] data_length Size of the \p data buffer in bytes.
+ * \param[out] key_buffer The buffer to contain the key data in output
+ * format upon successful return.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. This
+ * size is greater or equal to \p data_length.
+ * \param[out] key_buffer_length The length of the data written in \p
+ * key_buffer in bytes.
+ * \param[out] bits The key size in number of bits.
+ *
+ * \retval #PSA_SUCCESS The key was imported successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The key data is not correctly formatted.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t psa_import_key_into_slot(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits );
+
+/** Export a key in binary format
+ *
+ * \note The signature of this function is that of a PSA driver export_key
+ * entry point. This function behaves as an export_key entry point as
+ * defined in the PSA driver interface specification.
+ *
+ * \param[in] attributes The attributes for the key to export.
+ * \param[in] key_buffer Material or context of the key to export.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[out] data Buffer where the key data is to be written.
+ * \param[in] data_size Size of the \p data buffer in bytes.
+ * \param[out] data_length On success, the number of bytes written in
+ * \p data
+ *
+ * \retval #PSA_SUCCESS The key was exported successfully.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t psa_export_key_internal(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+/** Export a public key or the public part of a key pair in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * export_public_key entry point. This function behaves as an
+ * export_public_key entry point as defined in the PSA driver interface
+ * specification.
+ *
+ * \param[in] attributes The attributes for the key to export.
+ * \param[in] key_buffer Material or context of the key to export.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[out] data Buffer where the key data is to be written.
+ * \param[in] data_size Size of the \p data buffer in bytes.
+ * \param[out] data_length On success, the number of bytes written in
+ * \p data
+ *
+ * \retval #PSA_SUCCESS The public key was exported successfully.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t psa_export_public_key_internal(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+/**
+ * \brief Generate a key.
+ *
+ * \note The signature of the function is that of a PSA driver generate_key
+ * entry point.
+ *
+ * \param[in] attributes The attributes for the key to generate.
+ * \param[out] key_buffer Buffer where the key data is to be written.
+ * \param[in] key_buffer_size Size of \p key_buffer in bytes.
+ * \param[out] key_buffer_length On success, the number of bytes written in
+ * \p key_buffer.
+ *
+ * \retval #PSA_SUCCESS
+ * The key was generated successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * Key size in bits or type not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of \p key_buffer is too small.
+ */
+psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length );
+
+/** Sign a message with a private key. For hash-and-sign algorithms,
+ * this includes the hashing step.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * sign_message entry point. This function behaves as a sign_message
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \note This function will call the driver for psa_sign_hash
+ * and go through driver dispatch again.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg A signature algorithm that is compatible with
+ * the type of the key.
+ * \param[in] input The input message to sign.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[out] signature Buffer where the signature is to be written.
+ * \param[in] signature_size Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ * that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p signature buffer is too small. You can
+ * determine a sufficient buffer size by calling
+ * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ * where \c key_type and \c key_bits are the type and bit-size
+ * respectively of the key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ */
+psa_status_t psa_sign_message_builtin(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *input, size_t input_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length );
+
+/** Verify the signature of a message with a public key, using
+ * a hash-and-sign verification algorithm.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * verify_message entry point. This function behaves as a verify_message
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \note This function will call the driver for psa_verify_hash
+ * and go through driver dispatch again.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg A signature algorithm that is compatible with
+ * the type of the key.
+ * \param[in] input The message whose signature is to be verified.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[in] signature Buffer containing the signature to verify.
+ * \param[in] signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The calculation was performed successfully, but the passed
+ * signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t psa_verify_message_builtin(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *input, size_t input_length,
+ const uint8_t *signature, size_t signature_length );
+
+/** Sign an already-calculated hash with a private key.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * sign_hash entry point. This function behaves as a sign_hash
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg A signature algorithm that is compatible with
+ * the type of the key.
+ * \param[in] hash The hash or message to sign.
+ * \param[in] hash_length Size of the \p hash buffer in bytes.
+ * \param[out] signature Buffer where the signature is to be written.
+ * \param[in] signature_size Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ * that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p signature buffer is too small. You can
+ * determine a sufficient buffer size by calling
+ * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ * where \c key_type and \c key_bits are the type and bit-size
+ * respectively of the key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ */
+psa_status_t psa_sign_hash_builtin(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length );
+
+/**
+ * \brief Verify the signature a hash or short message using a public key.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * verify_hash entry point. This function behaves as a verify_hash
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg A signature algorithm that is compatible with
+ * the type of the key.
+ * \param[in] hash The hash or message whose signature is to be
+ * verified.
+ * \param[in] hash_length Size of the \p hash buffer in bytes.
+ * \param[in] signature Buffer containing the signature to verify.
+ * \param[in] signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The calculation was performed successfully, but the passed
+ * signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t psa_verify_hash_builtin(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length );
+
#endif /* PSA_CRYPTO_CORE_H */
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index c3ea6f1..f7240ce 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -19,10 +19,17 @@
* limitations under the License.
*/
+#include "psa_crypto_aead.h"
+#include "psa_crypto_cipher.h"
#include "psa_crypto_core.h"
#include "psa_crypto_driver_wrappers.h"
+#include "psa_crypto_hash.h"
+#include "psa_crypto_mac.h"
+
#include "mbedtls/platform.h"
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
/* Include test driver definition when running tests */
@@ -37,15 +44,18 @@
#endif /* PSA_CRYPTO_DRIVER_TEST */
/* Repeat above block for each JSON-declared driver during autogeneration */
-
-/* Auto-generated values depending on which drivers are registered. ID 0 is
- * reserved for unallocated operations. */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (1)
-#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (2)
-#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+/* Auto-generated values depending on which drivers are registered.
+ * ID 0 is reserved for unallocated operations.
+ * ID 1 is reserved for the Mbed TLS software driver. */
+#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1)
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (2)
+#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (3)
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
/* Support the 'old' SE interface when asked to */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
/* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
@@ -57,21 +67,164 @@
#endif
/* Start delegation functions */
-psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length )
+psa_status_t psa_driver_wrapper_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT)
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ /* Key is stored in the slot in export representation, so
+ * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_signature_sign_message(
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ signature,
+ signature_size,
+ signature_length );
+ /* Declared with fallback == true */
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ break;
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ status = mbedtls_test_opaque_signature_sign_message(
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ signature,
+ signature_size,
+ signature_length );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+ break;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ /* Key is declared with a lifetime not known to us */
+ (void)status;
+ break;
+ }
+
+ return( psa_sign_message_builtin( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ signature,
+ signature_size,
+ signature_length ) );
+}
+
+psa_status_t psa_driver_wrapper_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ /* Key is stored in the slot in export representation, so
+ * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_signature_verify_message(
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ signature,
+ signature_length );
+ /* Declared with fallback == true */
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ break;
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ return( mbedtls_test_opaque_signature_verify_message(
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ signature,
+ signature_length ) );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+ break;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ /* Key is declared with a lifetime not known to us */
+ (void)status;
+ break;
+ }
+
+ return( psa_verify_message_builtin( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ signature,
+ signature_length ) );
+}
+
+psa_status_t psa_driver_wrapper_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
/* Try dynamically-registered SE interface first */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
const psa_drv_se_t *drv;
psa_drv_se_context_t *drv_context;
- if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
+ if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
{
if( drv->asymmetric == NULL ||
drv->asymmetric->p_sign == NULL )
@@ -79,32 +232,27 @@
/* Key is defined in SE, but we have no way to exercise it */
return( PSA_ERROR_NOT_SUPPORTED );
}
- return( drv->asymmetric->p_sign( drv_context,
- slot->data.se.slot_number,
- alg,
- hash, hash_length,
- signature, signature_size,
- signature_length ) );
+ return( drv->asymmetric->p_sign(
+ drv_context, *( (psa_key_slot_number_t *)key_buffer ),
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
}
#endif /* PSA_CRYPTO_SE_C */
- /* Then try accelerator API */
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = test_transparent_signature_sign_hash( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
+ status = mbedtls_test_transparent_signature_sign_hash( attributes,
+ key_buffer,
+ key_buffer_size,
alg,
hash,
hash_length,
@@ -115,55 +263,52 @@
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
+ return( psa_sign_hash_builtin( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ hash,
+ hash_length,
+ signature,
+ signature_size,
+ signature_length ) );
+
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
- return( test_opaque_signature_sign_hash( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- alg,
- hash,
- hash_length,
- signature,
- signature_size,
- signature_length ) );
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ return( mbedtls_test_opaque_signature_sign_hash( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ hash,
+ hash_length,
+ signature,
+ signature_size,
+ signature_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
- return( status );
+ (void)status;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void)slot;
- (void)alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_size;
- (void)signature_length;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
-psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- const uint8_t *signature,
- size_t signature_length )
+psa_status_t psa_driver_wrapper_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT)
/* Try dynamically-registered SE interface first */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
const psa_drv_se_t *drv;
psa_drv_se_context_t *drv_context;
- if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
+ if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
{
if( drv->asymmetric == NULL ||
drv->asymmetric->p_verify == NULL )
@@ -171,156 +316,133 @@
/* Key is defined in SE, but we have no way to exercise it */
return( PSA_ERROR_NOT_SUPPORTED );
}
- return( drv->asymmetric->p_verify( drv_context,
- slot->data.se.slot_number,
- alg,
- hash, hash_length,
- signature, signature_length ) );
+ return( drv->asymmetric->p_verify(
+ drv_context, *( (psa_key_slot_number_t *)key_buffer ),
+ alg, hash, hash_length,
+ signature, signature_length ) );
}
#endif /* PSA_CRYPTO_SE_C */
- /* Then try accelerator API */
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = test_transparent_signature_verify_hash( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- alg,
- hash,
- hash_length,
- signature,
- signature_length );
+ status = mbedtls_test_transparent_signature_verify_hash(
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ hash,
+ hash_length,
+ signature,
+ signature_length );
/* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
- /* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+ return( psa_verify_hash_builtin( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ hash,
+ hash_length,
+ signature,
+ signature_length ) );
+
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
- return( test_opaque_signature_verify_hash( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- alg,
- hash,
- hash_length,
- signature,
- signature_length ) );
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ return( mbedtls_test_opaque_signature_verify_hash( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ hash,
+ hash_length,
+ signature,
+ signature_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
- return( status );
+ (void)status;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void)slot;
- (void)alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_length;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-/** Calculate the size to allocate for buffering a key with given attributes.
+/** Get the key buffer size required to store the key material of a key
+ * associated with an opaque driver without storage.
*
- * This function provides a way to get the expected size for storing a key with
- * the given attributes. This will be the size of the export representation for
- * cleartext keys, and a driver-defined size for keys stored by opaque drivers.
- *
- * \param[in] attributes The key attribute structure of the key to store.
- * \param[out] expected_size On success, a byte size large enough to contain
- * the declared key.
+ * \param[in] attributes The key attributes.
+ * \param[out] key_buffer_size Minimum buffer size to contain the key material
*
* \retval #PSA_SUCCESS
+ * The minimum size for a buffer to contain the key material has been
+ * returned successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The size in bits of the key is not valid.
* \retval #PSA_ERROR_NOT_SUPPORTED
+ * The type and/or the size in bits of the key or the combination of
+ * the two is not supported.
*/
-static psa_status_t get_expected_key_size( const psa_key_attributes_t *attributes,
- size_t *expected_size )
+psa_status_t psa_driver_wrapper_get_key_buffer_size(
+ const psa_key_attributes_t *attributes,
+ size_t *key_buffer_size )
{
- size_t buffer_size = 0;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
psa_key_type_t key_type = attributes->core.type;
size_t key_bits = attributes->core.bits;
+ *key_buffer_size = 0;
switch( location )
{
- case PSA_KEY_LOCATION_LOCAL_STORAGE:
- buffer_size = PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits );
-
- if( buffer_size == 0 )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- *expected_size = buffer_size;
- return( PSA_SUCCESS );
-
#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
- *expected_size = test_size_function( key_type, key_bits );
- return( PSA_SUCCESS );
-#else /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
- if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) )
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+ /* Emulate property 'builtin_key_size' */
+ if( psa_key_id_is_builtin(
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
+ psa_get_key_id( attributes ) ) ) )
{
- int public_key_overhead = ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) ?
- PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits ) : 0 );
- *expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
- + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE
- + public_key_overhead;
+ *key_buffer_size = sizeof( psa_drv_slot_number_t );
+ return( PSA_SUCCESS );
}
- else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( attributes->core.type ) )
- {
- *expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
- + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE;
- }
- else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) &&
- !PSA_KEY_TYPE_IS_PUBLIC_KEY ( attributes->core.type ) )
- {
- *expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
- + TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR
- * ( ( key_bits + 7 ) / 8 );
- }
- else
- {
- return( PSA_ERROR_NOT_SUPPORTED );
- }
- return( PSA_SUCCESS );
-#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+ *key_buffer_size = mbedtls_test_size_function( key_type, key_bits );
+ return( ( *key_buffer_size != 0 ) ?
+ PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED );
#endif /* PSA_CRYPTO_DRIVER_TEST */
default:
+ (void)key_type;
+ (void)key_bits;
return( PSA_ERROR_NOT_SUPPORTED );
}
}
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
- psa_key_slot_t *slot )
+psa_status_t psa_driver_wrapper_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT)
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
/* Try dynamically-registered SE interface first */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
const psa_drv_se_t *drv;
psa_drv_se_context_t *drv_context;
- if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
+ if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
{
size_t pubkey_length = 0; /* We don't support this feature yet */
if( drv->key_management == NULL ||
@@ -331,171 +453,292 @@
}
return( drv->key_management->p_generate(
drv_context,
- slot->data.se.slot_number, attributes,
- NULL, 0, &pubkey_length ) );
+ *( (psa_key_slot_number_t *)key_buffer ),
+ attributes, NULL, 0, &pubkey_length ) );
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- /* Then try accelerator API */
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- size_t export_size = 0;
-
- status = get_expected_key_size( attributes, &export_size );
- if( status != PSA_SUCCESS )
- return( status );
-
- slot->data.key.data = mbedtls_calloc(1, export_size);
- if( slot->data.key.data == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- slot->data.key.bytes = export_size;
-
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
- /* Key is stored in the slot in export representation, so
- * cycle through all known transparent accelerators */
-
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
/* Transparent drivers are limited to generating asymmetric keys */
- if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
+ if( PSA_KEY_TYPE_IS_ASYMMETRIC( attributes->core.type ) )
{
- status = PSA_ERROR_NOT_SUPPORTED;
- break;
+ /* Cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_generate_key(
+ attributes, key_buffer, key_buffer_size,
+ key_buffer_length );
+ /* Declared with fallback == true */
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ break;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
}
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = test_transparent_generate_key( attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- &slot->data.key.bytes );
- /* Declared with fallback == true */
- if( status != PSA_ERROR_NOT_SUPPORTED )
- break;
-#endif /* PSA_CRYPTO_DRIVER_TEST */
- /* Fell through, meaning no accelerator supports this operation */
- status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+ /* Software fallback */
+ status = psa_generate_key_internal(
+ attributes, key_buffer, key_buffer_size, key_buffer_length );
break;
+
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
- status = test_opaque_generate_key( attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- &slot->data.key.bytes );
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ status = mbedtls_test_opaque_generate_key(
+ attributes, key_buffer, key_buffer_size, key_buffer_length );
break;
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
default:
/* Key is declared with a lifetime not known to us */
status = PSA_ERROR_INVALID_ARGUMENT;
break;
}
- if( status != PSA_SUCCESS )
- {
- /* free allocated buffer */
- mbedtls_free( slot->data.key.data );
- slot->data.key.data = NULL;
- slot->data.key.bytes = 0;
- }
-
return( status );
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) attributes;
- (void) slot;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
-psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
- const uint8_t *data,
- size_t data_length,
- size_t *bits )
+psa_status_t psa_driver_wrapper_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length,
+ size_t *bits )
{
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- /* Try accelerators in turn */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = test_transparent_validate_key( attributes,
- data,
- data_length,
- bits );
- /* Declared with fallback == true */
- if( status != PSA_ERROR_NOT_SUPPORTED )
- return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
+ psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
+ psa_get_key_lifetime( attributes ) );
- return( PSA_ERROR_NOT_SUPPORTED );
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
- (void) attributes;
- (void) data;
- (void) data_length;
- (void) bits;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
+ /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ const psa_drv_se_t *drv;
+ psa_drv_se_context_t *drv_context;
-psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot,
- uint8_t *data,
- size_t data_size,
- size_t *data_length )
-{
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
+ {
+ if( drv->key_management == NULL ||
+ drv->key_management->p_import == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ /* The driver should set the number of key bits, however in
+ * case it doesn't, we initialize bits to an invalid value. */
+ *bits = PSA_MAX_KEY_BITS + 1;
+ status = drv->key_management->p_import(
+ drv_context,
+ *( (psa_key_slot_number_t *)key_buffer ),
+ attributes, data, data_length, bits );
+
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( (*bits) > PSA_MAX_KEY_BITS )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ return( PSA_SUCCESS );
+ }
+#endif /* PSA_CRYPTO_SE_C */
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = test_transparent_export_public_key( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- data,
- data_size,
- data_length );
+ status = mbedtls_test_transparent_import_key(
+ attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits );
/* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */
+ return( psa_import_key_into_slot( attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
+
+ default:
+ /* Importing a key with external storage in not yet supported.
+ * Return in error indicating that the lifetime is not valid. */
+ (void)status;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+}
+
+psa_status_t psa_driver_wrapper_export_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+
+{
+ psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+ psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
+ psa_get_key_lifetime( attributes ) );
+
+ /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ const psa_drv_se_t *drv;
+ psa_drv_se_context_t *drv_context;
+
+ if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
+ {
+ if( ( drv->key_management == NULL ) ||
+ ( drv->key_management->p_export == NULL ) )
+ {
return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ return( drv->key_management->p_export(
+ drv_context,
+ *( (psa_key_slot_number_t *)key_buffer ),
+ data, data_size, data_length ) );
+ }
+#endif /* PSA_CRYPTO_SE_C */
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ return( psa_export_key_internal( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
+
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
- return( test_opaque_export_public_key( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- data,
- data_size,
- data_length ) );
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ return( mbedtls_test_opaque_export_key( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
return( status );
}
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
- (void) slot;
- (void) data;
- (void) data_size;
- (void) data_length;
- return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t psa_driver_wrapper_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+
+{
+ psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+ psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
+ psa_get_key_lifetime( attributes ) );
+
+ /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ const psa_drv_se_t *drv;
+ psa_drv_se_context_t *drv_context;
+
+ if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
+ {
+ if( ( drv->key_management == NULL ) ||
+ ( drv->key_management->p_export_public == NULL ) )
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ return( drv->key_management->p_export_public(
+ drv_context,
+ *( (psa_key_slot_number_t *)key_buffer ),
+ data, data_size, data_length ) );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ /* Key is stored in the slot in export representation, so
+ * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_export_public_key(
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length );
+ /* Declared with fallback == true */
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ /* Fell through, meaning no accelerator supports this operation */
+ return( psa_export_public_key_internal( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ return( mbedtls_test_opaque_export_public_key( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ /* Key is declared with a lifetime not known to us */
+ return( status );
+ }
+}
+
+psa_status_t psa_driver_wrapper_get_builtin_key(
+ psa_drv_slot_number_t slot_number,
+ psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
+ switch( location )
+ {
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ return( mbedtls_test_opaque_get_builtin_key(
+ slot_number,
+ attributes,
+ key_buffer, key_buffer_size, key_buffer_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+ default:
+ (void) slot_number;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) key_buffer_length;
+ return( PSA_ERROR_DOES_NOT_EXIST );
+ }
}
/*
* Cipher functions
*/
psa_status_t psa_driver_wrapper_cipher_encrypt(
- psa_key_slot_t *slot,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -503,66 +746,81 @@
size_t output_size,
size_t *output_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = test_transparent_cipher_encrypt( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- alg,
- input,
- input_length,
- output,
- output_size,
- output_length );
+ status = mbedtls_test_transparent_cipher_encrypt( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ output_length );
/* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
- /* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
- /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
- return( test_opaque_cipher_encrypt( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_encrypt( attributes,
+ key_buffer,
+ key_buffer_size,
alg,
input,
input_length,
output,
output_size,
output_length ) );
+#else
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ return( mbedtls_test_opaque_cipher_encrypt( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ output_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
default:
/* Key is declared with a lifetime not known to us */
- return( status );
+ (void)status;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)input;
+ (void)input_length;
+ (void)output;
+ (void)output_size;
+ (void)output_length;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) slot;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) output;
- (void) output_size;
- (void) output_length;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_cipher_decrypt(
- psa_key_slot_t *slot,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -570,424 +828,986 @@
size_t output_size,
size_t *output_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = test_transparent_cipher_decrypt( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- alg,
- input,
- input_length,
- output,
- output_size,
- output_length );
+ status = mbedtls_test_transparent_cipher_decrypt( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ output_length );
/* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
- /* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
- /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
- return( test_opaque_cipher_decrypt( &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_decrypt( attributes,
+ key_buffer,
+ key_buffer_size,
alg,
input,
input_length,
output,
output_size,
output_length ) );
+#else
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ return( mbedtls_test_opaque_cipher_decrypt( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ output_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
default:
/* Key is declared with a lifetime not known to us */
- return( status );
+ (void)status;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)input;
+ (void)input_length;
+ (void)output;
+ (void)output_size;
+ (void)output_length;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) slot;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) output;
- (void) output_size;
- (void) output_length;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
- psa_operation_driver_context_t *operation,
- psa_key_slot_t *slot,
+ psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- operation->ctx = mbedtls_calloc( 1, sizeof(test_transparent_cipher_operation_t) );
- if( operation->ctx == NULL )
- return PSA_ERROR_INSUFFICIENT_MEMORY;
-
- status = test_transparent_cipher_encrypt_setup( operation->ctx,
- &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- alg );
+ status = mbedtls_test_transparent_cipher_encrypt_setup(
+ &operation->ctx.transparent_test_driver_ctx,
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg );
/* Declared with fallback == true */
if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
- else
- {
- mbedtls_platform_zeroize(
- operation->ctx,
- sizeof( test_transparent_cipher_operation_t ) );
- mbedtls_free( operation->ctx );
- operation->ctx = NULL;
- }
- return( status );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
/* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
- /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
- operation->ctx = mbedtls_calloc( 1, sizeof(test_opaque_cipher_operation_t) );
- if( operation->ctx == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
- status = test_opaque_cipher_encrypt_setup( operation->ctx,
- &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
+ status = mbedtls_psa_cipher_encrypt_setup( &operation->ctx.mbedtls_ctx,
+ attributes,
+ key_buffer,
+ key_buffer_size,
alg );
if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ status = mbedtls_test_opaque_cipher_encrypt_setup(
+ &operation->ctx.opaque_test_driver_ctx,
+ attributes,
+ key_buffer, key_buffer_size,
+ alg );
+
+ if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
- else
- {
- mbedtls_platform_zeroize(
- operation->ctx,
- sizeof( test_opaque_cipher_operation_t ) );
- mbedtls_free( operation->ctx );
- operation->ctx = NULL;
- }
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
- return( PSA_ERROR_NOT_SUPPORTED );
+ (void)status;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void)slot;
- (void)alg;
- (void)operation;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
- psa_operation_driver_context_t *operation,
- psa_key_slot_t *slot,
+ psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- operation->ctx = mbedtls_calloc( 1, sizeof(test_transparent_cipher_operation_t) );
- if( operation->ctx == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
- status = test_transparent_cipher_decrypt_setup( operation->ctx,
- &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
- alg );
+ status = mbedtls_test_transparent_cipher_decrypt_setup(
+ &operation->ctx.transparent_test_driver_ctx,
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg );
/* Declared with fallback == true */
if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
- else
- {
- mbedtls_platform_zeroize(
- operation->ctx,
- sizeof( test_transparent_cipher_operation_t ) );
- mbedtls_free( operation->ctx );
- operation->ctx = NULL;
- }
- return( status );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
/* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
- /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
- operation->ctx = mbedtls_calloc( 1, sizeof(test_opaque_cipher_operation_t) );
- if( operation->ctx == NULL )
- return PSA_ERROR_INSUFFICIENT_MEMORY;
-
- status = test_opaque_cipher_decrypt_setup( operation->ctx,
- &attributes,
- slot->data.key.data,
- slot->data.key.bytes,
+ status = mbedtls_psa_cipher_decrypt_setup( &operation->ctx.mbedtls_ctx,
+ attributes,
+ key_buffer,
+ key_buffer_size,
alg );
if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+
+ return( status );
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ status = mbedtls_test_opaque_cipher_decrypt_setup(
+ &operation->ctx.opaque_test_driver_ctx,
+ attributes,
+ key_buffer, key_buffer_size,
+ alg );
+
+ if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
- else
- {
- mbedtls_platform_zeroize(
- operation->ctx,
- sizeof( test_opaque_cipher_operation_t ) );
- mbedtls_free( operation->ctx );
- operation->ctx = NULL;
- }
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
- return( PSA_ERROR_NOT_SUPPORTED );
+ (void)status;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void)slot;
- (void)alg;
- (void)operation;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_generate_iv(
- psa_operation_driver_context_t *operation,
- uint8_t *iv,
- size_t iv_size,
- size_t *iv_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- switch( operation->id )
- {
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
- return( test_transparent_cipher_generate_iv( operation->ctx,
- iv,
- iv_size,
- iv_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
- return( test_opaque_cipher_generate_iv( operation->ctx,
- iv,
- iv_size,
- iv_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
- default:
- /* Key is attached to a driver not known to us */
- return( PSA_ERROR_BAD_STATE );
- }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) operation;
- (void) iv;
- (void) iv_size;
- (void) iv_length;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_cipher_set_iv(
- psa_operation_driver_context_t *operation,
+ psa_cipher_operation_t *operation,
const uint8_t *iv,
size_t iv_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
switch( operation->id )
{
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
- return( test_transparent_cipher_set_iv( operation->ctx,
- iv,
- iv_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
- return( test_opaque_cipher_set_iv( operation->ctx,
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_cipher_set_iv( &operation->ctx.mbedtls_ctx,
iv,
iv_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
- default:
- /* Key is attached to a driver not known to us */
- return( PSA_ERROR_BAD_STATE );
- }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) operation;
- (void) iv;
- (void) iv_length;
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_cipher_set_iv(
+ &operation->ctx.transparent_test_driver_ctx,
+ iv, iv_length ) );
+
+ case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+ return( mbedtls_test_opaque_cipher_set_iv(
+ &operation->ctx.opaque_test_driver_ctx,
+ iv, iv_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ }
+
+ (void)iv;
+ (void)iv_length;
+
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
psa_status_t psa_driver_wrapper_cipher_update(
- psa_operation_driver_context_t *operation,
+ psa_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
switch( operation->id )
{
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
- return( test_transparent_cipher_update( operation->ctx,
- input,
- input_length,
- output,
- output_size,
- output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
- return( test_opaque_cipher_update( operation->ctx,
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_cipher_update( &operation->ctx.mbedtls_ctx,
input,
input_length,
output,
output_size,
output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
- default:
- /* Key is attached to a driver not known to us */
- return( PSA_ERROR_BAD_STATE );
- }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) operation;
- (void) input;
- (void) input_length;
- (void) output;
- (void) output_length;
- (void) output_size;
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_cipher_update(
+ &operation->ctx.transparent_test_driver_ctx,
+ input, input_length,
+ output, output_size, output_length ) );
+
+ case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+ return( mbedtls_test_opaque_cipher_update(
+ &operation->ctx.opaque_test_driver_ctx,
+ input, input_length,
+ output, output_size, output_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ }
+
+ (void)input;
+ (void)input_length;
+ (void)output;
+ (void)output_size;
+ (void)output_length;
+
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
psa_status_t psa_driver_wrapper_cipher_finish(
- psa_operation_driver_context_t *operation,
+ psa_cipher_operation_t *operation,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
switch( operation->id )
{
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
- return( test_transparent_cipher_finish( operation->ctx,
- output,
- output_size,
- output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
- return( test_opaque_cipher_finish( operation->ctx,
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_cipher_finish( &operation->ctx.mbedtls_ctx,
output,
output_size,
output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
- default:
- /* Key is attached to a driver not known to us */
- return( PSA_ERROR_BAD_STATE );
- }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) operation;
- (void) output;
- (void) output_size;
- (void) output_length;
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_cipher_finish(
+ &operation->ctx.transparent_test_driver_ctx,
+ output, output_size, output_length ) );
+
+ case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+ return( mbedtls_test_opaque_cipher_finish(
+ &operation->ctx.opaque_test_driver_ctx,
+ output, output_size, output_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ }
+
+ (void)output;
+ (void)output_size;
+ (void)output_length;
+
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
psa_status_t psa_driver_wrapper_cipher_abort(
- psa_operation_driver_context_t *operation )
+ psa_cipher_operation_t *operation )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-
- /* The object has (apparently) been initialized but it is not in use. It's
- * ok to call abort on such an object, and there's nothing to do. */
- if( operation->ctx == NULL && operation->id == 0 )
- return( PSA_SUCCESS );
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
switch( operation->id )
{
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_cipher_abort( &operation->ctx.mbedtls_ctx ) );
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
- status = test_transparent_cipher_abort( operation->ctx );
+ status = mbedtls_test_transparent_cipher_abort(
+ &operation->ctx.transparent_test_driver_ctx );
mbedtls_platform_zeroize(
- operation->ctx,
- sizeof( test_transparent_cipher_operation_t ) );
- mbedtls_free( operation->ctx );
- operation->ctx = NULL;
- operation->id = 0;
-
+ &operation->ctx.transparent_test_driver_ctx,
+ sizeof( operation->ctx.transparent_test_driver_ctx ) );
return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
+
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
- status = test_opaque_cipher_abort( operation->ctx );
+ status = mbedtls_test_opaque_cipher_abort(
+ &operation->ctx.opaque_test_driver_ctx );
mbedtls_platform_zeroize(
- operation->ctx,
- sizeof( test_opaque_cipher_operation_t ) );
- mbedtls_free( operation->ctx );
- operation->ctx = NULL;
- operation->id = 0;
-
+ &operation->ctx.opaque_test_driver_ctx,
+ sizeof( operation->ctx.opaque_test_driver_ctx ) );
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
- default:
- /* Operation is attached to a driver not known to us */
- return( PSA_ERROR_BAD_STATE );
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void)operation;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
+ (void)status;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-/* End of automatically generated file. */
+/*
+ * Hashing functions
+ */
+psa_status_t psa_driver_wrapper_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ /* Try accelerators first */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_hash_compute(
+ alg, input, input_length, hash, hash_size, hash_length );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif
+
+ /* If software fallback is compiled in, try fallback */
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+ status = mbedtls_psa_hash_compute( alg, input, input_length,
+ hash, hash_size, hash_length );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif
+ (void) status;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) hash;
+ (void) hash_size;
+ (void) hash_length;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t psa_driver_wrapper_hash_setup(
+ psa_hash_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ /* Try setup on accelerators first */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_hash_setup(
+ &operation->ctx.test_driver_ctx, alg );
+ if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif
+
+ /* If software fallback is compiled in, try fallback */
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+ status = mbedtls_psa_hash_setup( &operation->ctx.mbedtls_ctx, alg );
+ if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif
+ /* Nothing left to try if we fall through here */
+ (void) status;
+ (void) operation;
+ (void) alg;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t psa_driver_wrapper_hash_clone(
+ const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation )
+{
+ switch( source_operation->id )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+ return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx,
+ &target_operation->ctx.mbedtls_ctx ) );
+#endif
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+ return( mbedtls_test_transparent_hash_clone(
+ &source_operation->ctx.test_driver_ctx,
+ &target_operation->ctx.test_driver_ctx ) );
+#endif
+ default:
+ (void) target_operation;
+ return( PSA_ERROR_BAD_STATE );
+ }
+}
+
+psa_status_t psa_driver_wrapper_hash_update(
+ psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ switch( operation->id )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx,
+ input, input_length ) );
+#endif
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_hash_update(
+ &operation->ctx.test_driver_ctx,
+ input, input_length ) );
+#endif
+ default:
+ (void) input;
+ (void) input_length;
+ return( PSA_ERROR_BAD_STATE );
+ }
+}
+
+psa_status_t psa_driver_wrapper_hash_finish(
+ psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length )
+{
+ switch( operation->id )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx,
+ hash, hash_size, hash_length ) );
+#endif
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_hash_finish(
+ &operation->ctx.test_driver_ctx,
+ hash, hash_size, hash_length ) );
+#endif
+ default:
+ (void) hash;
+ (void) hash_size;
+ (void) hash_length;
+ return( PSA_ERROR_BAD_STATE );
+ }
+}
+
+psa_status_t psa_driver_wrapper_hash_abort(
+ psa_hash_operation_t *operation )
+{
+ switch( operation->id )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) );
+#endif
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_hash_abort(
+ &operation->ctx.test_driver_ctx ) );
+#endif
+ default:
+ return( PSA_ERROR_BAD_STATE );
+ }
+}
+
+psa_status_t psa_driver_wrapper_aead_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *plaintext, size_t plaintext_length,
+ uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ /* Key is stored in the slot in export representation, so
+ * cycle through all known transparent accelerators */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_aead_encrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, plaintext_length,
+ ciphertext, ciphertext_size, ciphertext_length );
+ /* Declared with fallback == true */
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+ /* Fell through, meaning no accelerator supports this operation */
+ return( mbedtls_psa_aead_encrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, plaintext_length,
+ ciphertext, ciphertext_size, ciphertext_length ) );
+
+ /* Add cases for opaque driver here */
+
+ default:
+ /* Key is declared with a lifetime not known to us */
+ (void)status;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+psa_status_t psa_driver_wrapper_aead_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *ciphertext, size_t ciphertext_length,
+ uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ /* Key is stored in the slot in export representation, so
+ * cycle through all known transparent accelerators */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_aead_decrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ ciphertext, ciphertext_length,
+ plaintext, plaintext_size, plaintext_length );
+ /* Declared with fallback == true */
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+ /* Fell through, meaning no accelerator supports this operation */
+ return( mbedtls_psa_aead_decrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ ciphertext, ciphertext_length,
+ plaintext, plaintext_size, plaintext_length ) );
+
+ /* Add cases for opaque driver here */
+
+ default:
+ /* Key is declared with a lifetime not known to us */
+ (void)status;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+
+/*
+ * MAC functions
+ */
+psa_status_t psa_driver_wrapper_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ /* Key is stored in the slot in export representation, so
+ * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_mac_compute(
+ attributes, key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length );
+ /* Declared with fallback == true */
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+ /* Fell through, meaning no accelerator supports this operation */
+ status = mbedtls_psa_mac_compute(
+ attributes, key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ status = mbedtls_test_opaque_mac_compute(
+ attributes, key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length );
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ /* Key is declared with a lifetime not known to us */
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ (void) status;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+psa_status_t psa_driver_wrapper_mac_sign_setup(
+ psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ /* Key is stored in the slot in export representation, so
+ * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_mac_sign_setup(
+ &operation->ctx.transparent_test_driver_ctx,
+ attributes,
+ key_buffer, key_buffer_size,
+ alg );
+ /* Declared with fallback == true */
+ if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+ /* Fell through, meaning no accelerator supports this operation */
+ status = mbedtls_psa_mac_sign_setup( &operation->ctx.mbedtls_ctx,
+ attributes,
+ key_buffer, key_buffer_size,
+ alg );
+ if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ status = mbedtls_test_opaque_mac_sign_setup(
+ &operation->ctx.opaque_test_driver_ctx,
+ attributes,
+ key_buffer, key_buffer_size,
+ alg );
+
+ if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
+
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ /* Key is declared with a lifetime not known to us */
+ (void) status;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+psa_status_t psa_driver_wrapper_mac_verify_setup(
+ psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ /* Key is stored in the slot in export representation, so
+ * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_mac_verify_setup(
+ &operation->ctx.transparent_test_driver_ctx,
+ attributes,
+ key_buffer, key_buffer_size,
+ alg );
+ /* Declared with fallback == true */
+ if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+ /* Fell through, meaning no accelerator supports this operation */
+ status = mbedtls_psa_mac_verify_setup( &operation->ctx.mbedtls_ctx,
+ attributes,
+ key_buffer, key_buffer_size,
+ alg );
+ if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+ status = mbedtls_test_opaque_mac_verify_setup(
+ &operation->ctx.opaque_test_driver_ctx,
+ attributes,
+ key_buffer, key_buffer_size,
+ alg );
+
+ if( status == PSA_SUCCESS )
+ operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
+
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ /* Key is declared with a lifetime not known to us */
+ (void) status;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+psa_status_t psa_driver_wrapper_mac_update(
+ psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ switch( operation->id )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_mac_update( &operation->ctx.mbedtls_ctx,
+ input, input_length ) );
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_mac_update(
+ &operation->ctx.transparent_test_driver_ctx,
+ input, input_length ) );
+
+ case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+ return( mbedtls_test_opaque_mac_update(
+ &operation->ctx.opaque_test_driver_ctx,
+ input, input_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ (void) input;
+ (void) input_length;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+psa_status_t psa_driver_wrapper_mac_sign_finish(
+ psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ switch( operation->id )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_mac_sign_finish( &operation->ctx.mbedtls_ctx,
+ mac, mac_size, mac_length ) );
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_mac_sign_finish(
+ &operation->ctx.transparent_test_driver_ctx,
+ mac, mac_size, mac_length ) );
+
+ case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+ return( mbedtls_test_opaque_mac_sign_finish(
+ &operation->ctx.opaque_test_driver_ctx,
+ mac, mac_size, mac_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+psa_status_t psa_driver_wrapper_mac_verify_finish(
+ psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length )
+{
+ switch( operation->id )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_mac_verify_finish( &operation->ctx.mbedtls_ctx,
+ mac, mac_length ) );
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_mac_verify_finish(
+ &operation->ctx.transparent_test_driver_ctx,
+ mac, mac_length ) );
+
+ case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+ return( mbedtls_test_opaque_mac_verify_finish(
+ &operation->ctx.opaque_test_driver_ctx,
+ mac, mac_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ (void) mac;
+ (void) mac_length;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+psa_status_t psa_driver_wrapper_mac_abort(
+ psa_mac_operation_t *operation )
+{
+ switch( operation->id )
+ {
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+ case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+ return( mbedtls_psa_mac_abort( &operation->ctx.mbedtls_ctx ) );
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+ return( mbedtls_test_transparent_mac_abort(
+ &operation->ctx.transparent_test_driver_ctx ) );
+ case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+ return( mbedtls_test_opaque_mac_abort(
+ &operation->ctx.opaque_test_driver_ctx ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h
index 6b51437..38a6ee8 100644
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@@ -28,43 +28,79 @@
/*
* Signature functions
*/
-psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length );
+psa_status_t psa_driver_wrapper_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length );
-psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- const uint8_t *signature,
- size_t signature_length );
+psa_status_t psa_driver_wrapper_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length );
+
+psa_status_t psa_driver_wrapper_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length );
+
+psa_status_t psa_driver_wrapper_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length );
/*
* Key handling functions
*/
-psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
- psa_key_slot_t *slot );
+psa_status_t psa_driver_wrapper_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits );
-psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
- const uint8_t *data,
- size_t data_length,
- size_t *bits );
+psa_status_t psa_driver_wrapper_export_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
-psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot,
- uint8_t *data,
- size_t data_size,
- size_t *data_length );
+psa_status_t psa_driver_wrapper_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+psa_status_t psa_driver_wrapper_get_key_buffer_size(
+ const psa_key_attributes_t *attributes,
+ size_t *key_buffer_size );
+
+psa_status_t psa_driver_wrapper_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
+
+psa_status_t psa_driver_wrapper_get_builtin_key(
+ psa_drv_slot_number_t slot_number,
+ psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
/*
* Cipher functions
*/
psa_status_t psa_driver_wrapper_cipher_encrypt(
- psa_key_slot_t *slot,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -73,7 +109,9 @@
size_t *output_length );
psa_status_t psa_driver_wrapper_cipher_decrypt(
- psa_key_slot_t *slot,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -82,28 +120,24 @@
size_t *output_length );
psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
- psa_operation_driver_context_t *operation,
- psa_key_slot_t *slot,
+ psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg );
psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
- psa_operation_driver_context_t *operation,
- psa_key_slot_t *slot,
+ psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg );
-psa_status_t psa_driver_wrapper_cipher_generate_iv(
- psa_operation_driver_context_t *operation,
- uint8_t *iv,
- size_t iv_size,
- size_t *iv_length );
-
psa_status_t psa_driver_wrapper_cipher_set_iv(
- psa_operation_driver_context_t *operation,
+ psa_cipher_operation_t *operation,
const uint8_t *iv,
size_t iv_length );
psa_status_t psa_driver_wrapper_cipher_update(
- psa_operation_driver_context_t *operation,
+ psa_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
@@ -111,13 +145,115 @@
size_t *output_length );
psa_status_t psa_driver_wrapper_cipher_finish(
- psa_operation_driver_context_t *operation,
+ psa_cipher_operation_t *operation,
uint8_t *output,
size_t output_size,
size_t *output_length );
psa_status_t psa_driver_wrapper_cipher_abort(
- psa_operation_driver_context_t *operation );
+ psa_cipher_operation_t *operation );
+
+/*
+ * Hashing functions
+ */
+psa_status_t psa_driver_wrapper_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length);
+
+psa_status_t psa_driver_wrapper_hash_setup(
+ psa_hash_operation_t *operation,
+ psa_algorithm_t alg );
+
+psa_status_t psa_driver_wrapper_hash_clone(
+ const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation );
+
+psa_status_t psa_driver_wrapper_hash_update(
+ psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+psa_status_t psa_driver_wrapper_hash_finish(
+ psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length );
+
+psa_status_t psa_driver_wrapper_hash_abort(
+ psa_hash_operation_t *operation );
+
+/*
+ * AEAD functions
+ */
+
+psa_status_t psa_driver_wrapper_aead_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *plaintext, size_t plaintext_length,
+ uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length );
+
+psa_status_t psa_driver_wrapper_aead_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *ciphertext, size_t ciphertext_length,
+ uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );
+
+/*
+ * MAC functions
+ */
+psa_status_t psa_driver_wrapper_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t psa_driver_wrapper_mac_sign_setup(
+ psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t psa_driver_wrapper_mac_verify_setup(
+ psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t psa_driver_wrapper_mac_update(
+ psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+psa_status_t psa_driver_wrapper_mac_sign_finish(
+ psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t psa_driver_wrapper_mac_verify_finish(
+ psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length );
+
+psa_status_t psa_driver_wrapper_mac_abort(
+ psa_mac_operation_t *operation );
#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */
diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c
new file mode 100644
index 0000000..3ce232c
--- /dev/null
+++ b/library/psa_crypto_ecp.c
@@ -0,0 +1,668 @@
+/*
+ * PSA ECP layer on top of Mbed TLS crypto
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_random_impl.h"
+#include "psa_crypto_hash.h"
+
+#include <stdlib.h>
+#include <string.h>
+#include "mbedtls/platform.h"
+#if !defined(MBEDTLS_PLATFORM_C)
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
+#include <mbedtls/ecdsa.h>
+#include <mbedtls/ecp.h>
+#include <mbedtls/error.h>
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ) )
+#define BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) )
+#define BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \
+ defined(MBEDTLS_ECDSA_C) ) )
+#define BUILTIN_ALG_ECDSA 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) && \
+ defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) ) )
+#define BUILTIN_ALG_DETERMINISTIC_ECDSA 1
+#endif
+
+#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
+ defined(BUILTIN_ALG_ECDSA) || \
+ defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
+psa_status_t mbedtls_psa_ecp_load_representation(
+ psa_key_type_t type, size_t curve_bits,
+ const uint8_t *data, size_t data_length,
+ mbedtls_ecp_keypair **p_ecp )
+{
+ mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE;
+ psa_status_t status;
+ mbedtls_ecp_keypair *ecp = NULL;
+ size_t curve_bytes = data_length;
+ int explicit_bits = ( curve_bits != 0 );
+
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
+ PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
+ {
+ /* A Weierstrass public key is represented as:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
+ * So its data length is 2m+1 where m is the curve size in bits.
+ */
+ if( ( data_length & 1 ) == 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ curve_bytes = data_length / 2;
+
+ /* Montgomery public keys are represented in compressed format, meaning
+ * their curve_bytes is equal to the amount of input. */
+
+ /* Private keys are represented in uncompressed private random integer
+ * format, meaning their curve_bytes is equal to the amount of input. */
+ }
+
+ if( explicit_bits )
+ {
+ /* With an explicit bit-size, the data must have the matching length. */
+ if( curve_bytes != PSA_BITS_TO_BYTES( curve_bits ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ else
+ {
+ /* We need to infer the bit-size from the data. Since the only
+ * information we have is the length in bytes, the value of curve_bits
+ * at this stage is rounded up to the nearest multiple of 8. */
+ curve_bits = PSA_BYTES_TO_BITS( curve_bytes );
+ }
+
+ /* Allocate and initialize a key representation. */
+ ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
+ if( ecp == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ mbedtls_ecp_keypair_init( ecp );
+
+ /* Load the group. */
+ grp_id = mbedtls_ecc_group_of_psa( PSA_KEY_TYPE_ECC_GET_FAMILY( type ),
+ curve_bits, !explicit_bits );
+ if( grp_id == MBEDTLS_ECP_DP_NONE )
+ {
+ /* We can't distinguish between a nonsensical family/size combination
+ * (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a
+ * well-regarded curve that Mbed TLS just doesn't know about (which
+ * would warrant PSA_ERROR_NOT_SUPPORTED). For uniformity with how
+ * curves that Mbed TLS knows about but for which support is disabled
+ * at build time, return NOT_SUPPORTED. */
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_group_load( &ecp->grp, grp_id ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Load the key material. */
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ /* Load the public value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q,
+ data,
+ data_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Check that the point is on the curve. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+ else
+ {
+ /* Load and validate the secret value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_read_key( ecp->grp.id,
+ ecp,
+ data,
+ data_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ *p_ecp = ecp;
+exit:
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+ }
+
+ return( status );
+}
+#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+ * defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
+ * defined(BUILTIN_ALG_ECDSA) ||
+ * defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */
+
+#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+
+static psa_status_t ecp_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits )
+{
+ psa_status_t status;
+ mbedtls_ecp_keypair *ecp = NULL;
+
+ /* Parse input */
+ status = mbedtls_psa_ecp_load_representation( attributes->core.type,
+ attributes->core.bits,
+ data,
+ data_length,
+ &ecp );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) ==
+ PSA_ECC_FAMILY_MONTGOMERY )
+ *bits = ecp->grp.nbits + 1;
+ else
+ *bits = ecp->grp.nbits;
+
+ /* Re-export the data to PSA export format. There is currently no support
+ * for other input formats then the export format, so this is a 1-1
+ * copy operation. */
+ status = mbedtls_psa_ecp_export_key( attributes->core.type,
+ ecp,
+ key_buffer,
+ key_buffer_size,
+ key_buffer_length );
+exit:
+ /* Always free the PK object (will also free contained ECP context) */
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+
+ return( status );
+}
+
+psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type,
+ mbedtls_ecp_keypair *ecp,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length )
+{
+ psa_status_t status;
+
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ /* Check whether the public part is loaded */
+ if( mbedtls_ecp_is_zero( &ecp->Q ) )
+ {
+ /* Calculate the public key */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_point_write_binary( &ecp->grp, &ecp->Q,
+ MBEDTLS_ECP_PF_UNCOMPRESSED,
+ data_length,
+ data,
+ data_size ) );
+ if( status != PSA_SUCCESS )
+ memset( data, 0, data_size );
+
+ return( status );
+ }
+ else
+ {
+ if( data_size < PSA_BITS_TO_BYTES( ecp->grp.nbits ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_write_key( ecp,
+ data,
+ PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) );
+ if( status == PSA_SUCCESS )
+ *data_length = PSA_BITS_TO_BYTES( ecp->grp.nbits );
+ else
+ memset( data, 0, data_size );
+
+ return( status );
+ }
+}
+
+static psa_status_t ecp_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_ecp_keypair *ecp = NULL;
+
+ status = mbedtls_psa_ecp_load_representation(
+ attributes->core.type, attributes->core.bits,
+ key_buffer, key_buffer_size, &ecp );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = mbedtls_psa_ecp_export_key(
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(
+ PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) ),
+ ecp, data, data_size, data_length );
+
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+
+ return( status );
+}
+#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+ * defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
+
+#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+static psa_status_t ecp_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
+ attributes->core.type );
+ mbedtls_ecp_group_id grp_id =
+ mbedtls_ecc_group_of_psa( curve, attributes->core.bits, 0 );
+
+ const mbedtls_ecp_curve_info *curve_info =
+ mbedtls_ecp_curve_info_from_grp_id( grp_id );
+ mbedtls_ecp_keypair ecp;
+
+ if( attributes->domain_parameters_size != 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ mbedtls_ecp_keypair_init( &ecp );
+ ret = mbedtls_ecp_gen_key( grp_id, &ecp,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE );
+ if( ret != 0 )
+ {
+ mbedtls_ecp_keypair_free( &ecp );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_write_key( &ecp, key_buffer, key_buffer_size ) );
+
+ mbedtls_ecp_keypair_free( &ecp );
+
+ if( status == PSA_SUCCESS )
+ *key_buffer_length = key_buffer_size;
+
+ return( status );
+}
+#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
+
+/****************************************************************/
+/* ECDSA sign/verify */
+/****************************************************************/
+
+#if defined(BUILTIN_ALG_ECDSA) || \
+ defined(BUILTIN_ALG_DETERMINISTIC_ECDSA)
+static psa_status_t ecdsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_ecp_keypair *ecp = NULL;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ size_t curve_bytes;
+ mbedtls_mpi r, s;
+
+ status = mbedtls_psa_ecp_load_representation( attributes->core.type,
+ attributes->core.bits,
+ key_buffer,
+ key_buffer_size,
+ &ecp );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
+ mbedtls_mpi_init( &r );
+ mbedtls_mpi_init( &s );
+
+ if( signature_size < 2 * curve_bytes )
+ {
+ ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+ goto cleanup;
+ }
+
+ if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) )
+ {
+#if defined(BUILTIN_ALG_DETERMINISTIC_ECDSA)
+ psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+ const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+ mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
+ MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext(
+ &ecp->grp, &r, &s,
+ &ecp->d, hash,
+ hash_length, md_alg,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE ) );
+#else
+ ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+ goto cleanup;
+#endif /* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+ }
+ else
+ {
+ (void) alg;
+ MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
+ hash, hash_length,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE ) );
+ }
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
+ signature,
+ curve_bytes ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
+ signature + curve_bytes,
+ curve_bytes ) );
+cleanup:
+ mbedtls_mpi_free( &r );
+ mbedtls_mpi_free( &s );
+ if( ret == 0 )
+ *signature_length = 2 * curve_bytes;
+
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t ecdsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_ecp_keypair *ecp = NULL;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ size_t curve_bytes;
+ mbedtls_mpi r, s;
+
+ (void)alg;
+
+ status = mbedtls_psa_ecp_load_representation( attributes->core.type,
+ attributes->core.bits,
+ key_buffer,
+ key_buffer_size,
+ &ecp );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
+ mbedtls_mpi_init( &r );
+ mbedtls_mpi_init( &s );
+
+ if( signature_length != 2 * curve_bytes )
+ {
+ ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+ goto cleanup;
+ }
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
+ signature,
+ curve_bytes ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
+ signature + curve_bytes,
+ curve_bytes ) );
+
+ /* Check whether the public part is loaded. If not, load it. */
+ if( mbedtls_ecp_is_zero( &ecp->Q ) )
+ {
+ MBEDTLS_MPI_CHK(
+ mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
+ mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) );
+ }
+
+ ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length,
+ &ecp->Q, &r, &s );
+
+cleanup:
+ mbedtls_mpi_free( &r );
+ mbedtls_mpi_free( &s );
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+#endif /* defined(BUILTIN_ALG_ECDSA) || \
+ * defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+
+psa_status_t mbedtls_psa_ecp_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits )
+{
+ return( ecp_import_key( attributes, data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
+}
+
+psa_status_t mbedtls_psa_ecp_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ return( ecp_export_public_key( attributes, key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
+}
+
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+psa_status_t mbedtls_psa_ecp_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ return( ecp_generate_key( attributes, key_buffer, key_buffer_size,
+ key_buffer_length ) );
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
+
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+
+psa_status_t mbedtls_psa_ecdsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+
+ return( ecdsa_sign_hash( attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+}
+
+psa_status_t mbedtls_psa_ecdsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+ return( ecdsa_verify_hash( attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+}
+
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
+
+psa_status_t mbedtls_transparent_test_driver_ecp_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits )
+{
+ return( ecp_import_key( attributes, data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ return( ecp_export_public_key( attributes, key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
+}
+
+#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ||
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */
+
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \
+ defined(MBEDTLS_GENPRIME)
+psa_status_t mbedtls_transparent_test_driver_ecp_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ return( ecp_generate_key( attributes, key_buffer, key_buffer_size,
+ key_buffer_length ) );
+}
+#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) &&
+ defined(MBEDTLS_GENPRIME) */
+
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+
+psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+
+#if defined(MBEDTLS_ECDSA_C)
+ return( ecdsa_sign_hash( attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+#else
+ (void)attributes;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_size;
+ (void)signature_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+}
+
+psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+#if defined(MBEDTLS_ECDSA_C)
+ return( ecdsa_verify_hash( attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+#else
+ (void)attributes;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+}
+
+#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
+ * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h
new file mode 100644
index 0000000..0c2b928
--- /dev/null
+++ b/library/psa_crypto_ecp.h
@@ -0,0 +1,256 @@
+/*
+ * PSA ECP layer on top of Mbed TLS crypto
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_ECP_H
+#define PSA_CRYPTO_ECP_H
+
+#include <psa/crypto.h>
+#include <mbedtls/ecp.h>
+
+/** Load the contents of a key buffer into an internal ECP representation
+ *
+ * \param[in] type The type of key contained in \p data.
+ * \param[in] curve_bits The nominal bit-size of the curve.
+ * It must be consistent with the representation
+ * passed in \p data.
+ * This can be 0, in which case the bit-size
+ * is inferred from \p data_length (which is possible
+ * for all key types and representation formats
+ * formats that are currently supported or will
+ * be in the foreseeable future).
+ * \param[in] data The buffer from which to load the representation.
+ * \param[in] data_length The size in bytes of \p data.
+ * \param[out] p_ecp Returns a pointer to an ECP context on success.
+ * The caller is responsible for freeing both the
+ * contents of the context and the context itself
+ * when done.
+ */
+psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type,
+ size_t curve_bits,
+ const uint8_t *data,
+ size_t data_length,
+ mbedtls_ecp_keypair **p_ecp );
+
+/** Import an ECP key in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * import_key entry point. This function behaves as an import_key
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes for the key to import.
+ * \param[in] data The buffer containing the key data in import
+ * format.
+ * \param[in] data_length Size of the \p data buffer in bytes.
+ * \param[out] key_buffer The buffer containing the key data in output
+ * format.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. This
+ * size is greater or equal to \p data_length.
+ * \param[out] key_buffer_length The length of the data written in \p
+ * key_buffer in bytes.
+ * \param[out] bits The key size in number of bits.
+ *
+ * \retval #PSA_SUCCESS The ECP key was imported successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The key data is not correctly formatted.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_ecp_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits );
+
+/** Export an ECP key to export representation
+ *
+ * \param[in] type The type of key (public/private) to export
+ * \param[in] ecp The internal ECP representation from which to export
+ * \param[out] data The buffer to export to
+ * \param[in] data_size The length of the buffer to export to
+ * \param[out] data_length The amount of bytes written to \p data
+ */
+psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type,
+ mbedtls_ecp_keypair *ecp,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length );
+
+/** Export an ECP public key or the public part of an ECP key pair in binary
+ * format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * export_public_key entry point. This function behaves as an
+ * export_public_key entry point as defined in the PSA driver interface
+ * specification.
+ *
+ * \param[in] attributes The attributes for the key to export.
+ * \param[in] key_buffer Material or context of the key to export.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[out] data Buffer where the key data is to be written.
+ * \param[in] data_size Size of the \p data buffer in bytes.
+ * \param[out] data_length On success, the number of bytes written in
+ * \p data
+ *
+ * \retval #PSA_SUCCESS The ECP public key was exported successfully.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t mbedtls_psa_ecp_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+/**
+ * \brief Generate an ECP key.
+ *
+ * \note The signature of the function is that of a PSA driver generate_key
+ * entry point.
+ *
+ * \param[in] attributes The attributes for the ECP key to generate.
+ * \param[out] key_buffer Buffer where the key data is to be written.
+ * \param[in] key_buffer_size Size of \p key_buffer in bytes.
+ * \param[out] key_buffer_length On success, the number of bytes written in
+ * \p key_buffer.
+ *
+ * \retval #PSA_SUCCESS
+ * The key was successfully generated.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * Key length or type not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of \p key_buffer is too small.
+ */
+psa_status_t mbedtls_psa_ecp_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
+
+/** Sign an already-calculated hash with ECDSA.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * sign_hash entry point. This function behaves as a sign_hash
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes of the ECC key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the ECC key context.
+ * format.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg Randomized or deterministic ECDSA algorithm.
+ * \param[in] hash The hash or message to sign.
+ * \param[in] hash_length Size of the \p hash buffer in bytes.
+ * \param[out] signature Buffer where the signature is to be written.
+ * \param[in] signature_size Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ * that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p signature buffer is too small. You can
+ * determine a sufficient buffer size by calling
+ * #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_ECC_KEY_PAIR, \c key_bits,
+ * \p alg) where \c key_bits is the bit-size of the ECC key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ */
+psa_status_t mbedtls_psa_ecdsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length );
+
+/**
+ * \brief Verify an ECDSA hash or short message signature.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * verify_hash entry point. This function behaves as a verify_hash
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes of the ECC key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the ECC key context.
+ * format.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg Randomized or deterministic ECDSA algorithm.
+ * \param[in] hash The hash or message whose signature is to be
+ * verified.
+ * \param[in] hash_length Size of the \p hash buffer in bytes.
+ * \param[in] signature Buffer containing the signature to verify.
+ * \param[in] signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The calculation was performed successfully, but the passed
+ * signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t mbedtls_psa_ecdsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length );
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+psa_status_t mbedtls_transparent_test_driver_ecp_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits );
+
+psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+psa_status_t mbedtls_transparent_test_driver_ecp_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
+
+psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length );
+
+psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length );
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* PSA_CRYPTO_ECP_H */
diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c
new file mode 100644
index 0000000..a49edd8
--- /dev/null
+++ b/library/psa_crypto_hash.c
@@ -0,0 +1,697 @@
+/*
+ * PSA hashing layer on top of Mbed TLS software crypto
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_hash.h"
+
+#include <mbedtls/error.h>
+#include <string.h>
+
+/* Use builtin defines specific to this compilation unit, since the test driver
+ * relies on the software driver. */
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) )
+#define BUILTIN_ALG_MD2 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) )
+#define BUILTIN_ALG_MD4 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) )
+#define BUILTIN_ALG_MD5 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) )
+#define BUILTIN_ALG_RIPEMD160 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) )
+#define BUILTIN_ALG_SHA_1 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) )
+#define BUILTIN_ALG_SHA_224 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) )
+#define BUILTIN_ALG_SHA_256 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) )
+#define BUILTIN_ALG_SHA_384 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) )
+#define BUILTIN_ALG_SHA_512 1
+#endif
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
+{
+ switch( alg )
+ {
+#if defined(MBEDTLS_MD2_C)
+ case PSA_ALG_MD2:
+ return( &mbedtls_md2_info );
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case PSA_ALG_MD4:
+ return( &mbedtls_md4_info );
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case PSA_ALG_MD5:
+ return( &mbedtls_md5_info );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case PSA_ALG_RIPEMD160:
+ return( &mbedtls_ripemd160_info );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case PSA_ALG_SHA_1:
+ return( &mbedtls_sha1_info );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_224:
+ return( &mbedtls_sha224_info );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_256:
+ return( &mbedtls_sha256_info );
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+ case PSA_ALG_SHA_384:
+ return( &mbedtls_sha384_info );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case PSA_ALG_SHA_512:
+ return( &mbedtls_sha512_info );
+#endif
+ default:
+ return( NULL );
+ }
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+
+/* Implement the PSA driver hash interface on top of mbed TLS if either the
+ * software driver or the test driver requires it. */
+#if defined(MBEDTLS_PSA_BUILTIN_HASH) || defined(PSA_CRYPTO_DRIVER_TEST)
+static psa_status_t hash_abort(
+ mbedtls_psa_hash_operation_t *operation )
+{
+ switch( operation->alg )
+ {
+ case 0:
+ /* The object has (apparently) been initialized but it is not
+ * in use. It's ok to call abort on such an object, and there's
+ * nothing to do. */
+ break;
+#if defined(BUILTIN_ALG_MD2)
+ case PSA_ALG_MD2:
+ mbedtls_md2_free( &operation->ctx.md2 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD4)
+ case PSA_ALG_MD4:
+ mbedtls_md4_free( &operation->ctx.md4 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD5)
+ case PSA_ALG_MD5:
+ mbedtls_md5_free( &operation->ctx.md5 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_RIPEMD160)
+ case PSA_ALG_RIPEMD160:
+ mbedtls_ripemd160_free( &operation->ctx.ripemd160 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_1)
+ case PSA_ALG_SHA_1:
+ mbedtls_sha1_free( &operation->ctx.sha1 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_224)
+ case PSA_ALG_SHA_224:
+ mbedtls_sha256_free( &operation->ctx.sha256 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_256)
+ case PSA_ALG_SHA_256:
+ mbedtls_sha256_free( &operation->ctx.sha256 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_384)
+ case PSA_ALG_SHA_384:
+ mbedtls_sha512_free( &operation->ctx.sha512 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_512)
+ case PSA_ALG_SHA_512:
+ mbedtls_sha512_free( &operation->ctx.sha512 );
+ break;
+#endif
+ default:
+ return( PSA_ERROR_BAD_STATE );
+ }
+ operation->alg = 0;
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t hash_setup(
+ mbedtls_psa_hash_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ /* A context must be freshly initialized before it can be set up. */
+ if( operation->alg != 0 )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ switch( alg )
+ {
+#if defined(BUILTIN_ALG_MD2)
+ case PSA_ALG_MD2:
+ mbedtls_md2_init( &operation->ctx.md2 );
+ ret = mbedtls_md2_starts_ret( &operation->ctx.md2 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD4)
+ case PSA_ALG_MD4:
+ mbedtls_md4_init( &operation->ctx.md4 );
+ ret = mbedtls_md4_starts_ret( &operation->ctx.md4 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD5)
+ case PSA_ALG_MD5:
+ mbedtls_md5_init( &operation->ctx.md5 );
+ ret = mbedtls_md5_starts_ret( &operation->ctx.md5 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_RIPEMD160)
+ case PSA_ALG_RIPEMD160:
+ mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
+ ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_1)
+ case PSA_ALG_SHA_1:
+ mbedtls_sha1_init( &operation->ctx.sha1 );
+ ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_224)
+ case PSA_ALG_SHA_224:
+ mbedtls_sha256_init( &operation->ctx.sha256 );
+ ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_256)
+ case PSA_ALG_SHA_256:
+ mbedtls_sha256_init( &operation->ctx.sha256 );
+ ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_384)
+ case PSA_ALG_SHA_384:
+ mbedtls_sha512_init( &operation->ctx.sha512 );
+ ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_512)
+ case PSA_ALG_SHA_512:
+ mbedtls_sha512_init( &operation->ctx.sha512 );
+ ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 );
+ break;
+#endif
+ default:
+ return( PSA_ALG_IS_HASH( alg ) ?
+ PSA_ERROR_NOT_SUPPORTED :
+ PSA_ERROR_INVALID_ARGUMENT );
+ }
+ if( ret == 0 )
+ operation->alg = alg;
+ else
+ hash_abort( operation );
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t hash_clone(
+ const mbedtls_psa_hash_operation_t *source_operation,
+ mbedtls_psa_hash_operation_t *target_operation )
+{
+ switch( source_operation->alg )
+ {
+ case 0:
+ return( PSA_ERROR_BAD_STATE );
+#if defined(BUILTIN_ALG_MD2)
+ case PSA_ALG_MD2:
+ mbedtls_md2_clone( &target_operation->ctx.md2,
+ &source_operation->ctx.md2 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD4)
+ case PSA_ALG_MD4:
+ mbedtls_md4_clone( &target_operation->ctx.md4,
+ &source_operation->ctx.md4 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD5)
+ case PSA_ALG_MD5:
+ mbedtls_md5_clone( &target_operation->ctx.md5,
+ &source_operation->ctx.md5 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_RIPEMD160)
+ case PSA_ALG_RIPEMD160:
+ mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160,
+ &source_operation->ctx.ripemd160 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_1)
+ case PSA_ALG_SHA_1:
+ mbedtls_sha1_clone( &target_operation->ctx.sha1,
+ &source_operation->ctx.sha1 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_224)
+ case PSA_ALG_SHA_224:
+ mbedtls_sha256_clone( &target_operation->ctx.sha256,
+ &source_operation->ctx.sha256 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_256)
+ case PSA_ALG_SHA_256:
+ mbedtls_sha256_clone( &target_operation->ctx.sha256,
+ &source_operation->ctx.sha256 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_384)
+ case PSA_ALG_SHA_384:
+ mbedtls_sha512_clone( &target_operation->ctx.sha512,
+ &source_operation->ctx.sha512 );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_512)
+ case PSA_ALG_SHA_512:
+ mbedtls_sha512_clone( &target_operation->ctx.sha512,
+ &source_operation->ctx.sha512 );
+ break;
+#endif
+ default:
+ (void) source_operation;
+ (void) target_operation;
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ target_operation->alg = source_operation->alg;
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t hash_update(
+ mbedtls_psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ switch( operation->alg )
+ {
+#if defined(BUILTIN_ALG_MD2)
+ case PSA_ALG_MD2:
+ ret = mbedtls_md2_update_ret( &operation->ctx.md2,
+ input, input_length );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD4)
+ case PSA_ALG_MD4:
+ ret = mbedtls_md4_update_ret( &operation->ctx.md4,
+ input, input_length );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD5)
+ case PSA_ALG_MD5:
+ ret = mbedtls_md5_update_ret( &operation->ctx.md5,
+ input, input_length );
+ break;
+#endif
+#if defined(BUILTIN_ALG_RIPEMD160)
+ case PSA_ALG_RIPEMD160:
+ ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160,
+ input, input_length );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_1)
+ case PSA_ALG_SHA_1:
+ ret = mbedtls_sha1_update_ret( &operation->ctx.sha1,
+ input, input_length );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_224)
+ case PSA_ALG_SHA_224:
+ ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
+ input, input_length );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_256)
+ case PSA_ALG_SHA_256:
+ ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
+ input, input_length );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_384)
+ case PSA_ALG_SHA_384:
+ ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
+ input, input_length );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_512)
+ case PSA_ALG_SHA_512:
+ ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
+ input, input_length );
+ break;
+#endif
+ default:
+ (void) input;
+ (void) input_length;
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t hash_finish(
+ mbedtls_psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length )
+{
+ psa_status_t status;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ size_t actual_hash_length = PSA_HASH_LENGTH( operation->alg );
+
+ /* Fill the output buffer with something that isn't a valid hash
+ * (barring an attack on the hash and deliberately-crafted input),
+ * in case the caller doesn't check the return status properly. */
+ *hash_length = hash_size;
+ /* If hash_size is 0 then hash may be NULL and then the
+ * call to memset would have undefined behavior. */
+ if( hash_size != 0 )
+ memset( hash, '!', hash_size );
+
+ if( hash_size < actual_hash_length )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ switch( operation->alg )
+ {
+#if defined(BUILTIN_ALG_MD2)
+ case PSA_ALG_MD2:
+ ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD4)
+ case PSA_ALG_MD4:
+ ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash );
+ break;
+#endif
+#if defined(BUILTIN_ALG_MD5)
+ case PSA_ALG_MD5:
+ ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash );
+ break;
+#endif
+#if defined(BUILTIN_ALG_RIPEMD160)
+ case PSA_ALG_RIPEMD160:
+ ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_1)
+ case PSA_ALG_SHA_1:
+ ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_224)
+ case PSA_ALG_SHA_224:
+ ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_256)
+ case PSA_ALG_SHA_256:
+ ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_384)
+ case PSA_ALG_SHA_384:
+ ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
+ break;
+#endif
+#if defined(BUILTIN_ALG_SHA_512)
+ case PSA_ALG_SHA_512:
+ ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
+ break;
+#endif
+ default:
+ (void) hash;
+ return( PSA_ERROR_BAD_STATE );
+ }
+ status = mbedtls_to_psa_error( ret );
+
+exit:
+ if( status == PSA_SUCCESS )
+ *hash_length = actual_hash_length;
+ return( status );
+}
+
+static psa_status_t hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ mbedtls_psa_hash_operation_t operation = MBEDTLS_PSA_HASH_OPERATION_INIT;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ *hash_length = hash_size;
+ status = hash_setup( &operation, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ status = hash_update( &operation, input, input_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ status = hash_finish( &operation, hash, hash_size, hash_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+exit:
+ abort_status = hash_abort( &operation );
+ if( status == PSA_SUCCESS )
+ return( abort_status );
+ else
+ return( status );
+
+}
+#endif /* MBEDTLS_PSA_BUILTIN_HASH || PSA_CRYPTO_DRIVER_TEST */
+
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+psa_status_t mbedtls_psa_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ return( hash_compute( alg, input, input_length,
+ hash, hash_size, hash_length ) );
+}
+
+psa_status_t mbedtls_psa_hash_setup(
+ mbedtls_psa_hash_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ return( hash_setup( operation, alg ) );
+}
+
+psa_status_t mbedtls_psa_hash_clone(
+ const mbedtls_psa_hash_operation_t *source_operation,
+ mbedtls_psa_hash_operation_t *target_operation )
+{
+ return( hash_clone( source_operation, target_operation ) );
+}
+
+psa_status_t mbedtls_psa_hash_update(
+ mbedtls_psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ return( hash_update( operation, input, input_length ) );
+}
+
+psa_status_t mbedtls_psa_hash_finish(
+ mbedtls_psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length )
+{
+ return( hash_finish( operation, hash, hash_size, hash_length ) );
+}
+
+psa_status_t mbedtls_psa_hash_abort(
+ mbedtls_psa_hash_operation_t *operation )
+{
+ return( hash_abort( operation ) );
+}
+#endif /* MBEDTLS_PSA_BUILTIN_HASH */
+
+ /*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+static int is_hash_accelerated( psa_algorithm_t alg )
+{
+ switch( alg )
+ {
+#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
+ case PSA_ALG_MD2:
+ return( 1 );
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
+ case PSA_ALG_MD4:
+ return( 1 );
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
+ case PSA_ALG_MD5:
+ return( 1 );
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
+ case PSA_ALG_RIPEMD160:
+ return( 1 );
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
+ case PSA_ALG_SHA_1:
+ return( 1 );
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
+ case PSA_ALG_SHA_224:
+ return( 1 );
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
+ case PSA_ALG_SHA_256:
+ return( 1 );
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
+ case PSA_ALG_SHA_384:
+ return( 1 );
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
+ case PSA_ALG_SHA_512:
+ return( 1 );
+#endif
+ default:
+ return( 0 );
+ }
+}
+
+psa_status_t mbedtls_transparent_test_driver_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ if( is_hash_accelerated( alg ) )
+ return( hash_compute( alg, input, input_length,
+ hash, hash_size, hash_length ) );
+ else
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_transparent_test_driver_hash_setup(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ if( is_hash_accelerated( alg ) )
+ return( hash_setup( operation, alg ) );
+ else
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_transparent_test_driver_hash_clone(
+ const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
+ mbedtls_transparent_test_driver_hash_operation_t *target_operation )
+{
+ if( is_hash_accelerated( source_operation->alg ) )
+ return( hash_clone( source_operation, target_operation ) );
+ else
+ return( PSA_ERROR_BAD_STATE );
+}
+
+psa_status_t mbedtls_transparent_test_driver_hash_update(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ if( is_hash_accelerated( operation->alg ) )
+ return( hash_update( operation, input, input_length ) );
+ else
+ return( PSA_ERROR_BAD_STATE );
+}
+
+psa_status_t mbedtls_transparent_test_driver_hash_finish(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length )
+{
+ if( is_hash_accelerated( operation->alg ) )
+ return( hash_finish( operation, hash, hash_size, hash_length ) );
+ else
+ return( PSA_ERROR_BAD_STATE );
+}
+
+psa_status_t mbedtls_transparent_test_driver_hash_abort(
+ mbedtls_transparent_test_driver_hash_operation_t *operation )
+{
+ return( hash_abort( operation ) );
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h
new file mode 100644
index 0000000..eb70512
--- /dev/null
+++ b/library/psa_crypto_hash.h
@@ -0,0 +1,272 @@
+/*
+ * PSA hashing layer on top of Mbed TLS software crypto
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_HASH_H
+#define PSA_CRYPTO_HASH_H
+
+#include <psa/crypto.h>
+
+#include <mbedtls/md_internal.h>
+
+/** Get Mbed TLS MD information of a hash algorithm given its PSA identifier
+ *
+ * \param[in] alg PSA hash algorithm identifier
+ *
+ * \return The Mbed TLS MD information of the hash algorithm. \c NULL if the
+ * PSA hash algorithm is not supported.
+ */
+const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg );
+
+/** Calculate the hash (digest) of a message using Mbed TLS routines.
+ *
+ * \note The signature of this function is that of a PSA driver hash_compute
+ * entry point. This function behaves as a hash_compute entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value
+ * such that #PSA_ALG_IS_HASH(\p alg) is true).
+ * \param[in] input Buffer containing the message to hash.
+ * \param input_length Size of the \p input buffer in bytes.
+ * \param[out] hash Buffer where the hash is to be written.
+ * \param hash_size Size of the \p hash buffer in bytes.
+ * \param[out] hash_length On success, the number of bytes
+ * that make up the hash value. This is always
+ * #PSA_HASH_LENGTH(\p alg).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * \p hash_size is too small
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length);
+
+/** Set up a multipart hash operation using Mbed TLS routines.
+ *
+ * \note The signature of this function is that of a PSA driver hash_setup
+ * entry point. This function behaves as a hash_setup entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * If an error occurs at any step after a call to mbedtls_psa_hash_setup(), the
+ * operation will need to be reset by a call to mbedtls_psa_hash_abort(). The
+ * core may call mbedtls_psa_hash_abort() at any time after the operation
+ * has been initialized.
+ *
+ * After a successful call to mbedtls_psa_hash_setup(), the core must
+ * eventually terminate the operation. The following events terminate an
+ * operation:
+ * - A successful call to mbedtls_psa_hash_finish() or mbedtls_psa_hash_verify().
+ * - A call to mbedtls_psa_hash_abort().
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ * been initialized to all-zero and not yet be in use.
+ * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value
+ * such that #PSA_ALG_IS_HASH(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (it must be inactive).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_hash_setup(
+ mbedtls_psa_hash_operation_t *operation,
+ psa_algorithm_t alg );
+
+/** Clone an Mbed TLS hash operation.
+ *
+ * \note The signature of this function is that of a PSA driver hash_clone
+ * entry point. This function behaves as a hash_clone entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * This function copies the state of an ongoing hash operation to
+ * a new operation object. In other words, this function is equivalent
+ * to calling mbedtls_psa_hash_setup() on \p target_operation with the same
+ * algorithm that \p source_operation was set up for, then
+ * mbedtls_psa_hash_update() on \p target_operation with the same input that
+ * that was passed to \p source_operation. After this function returns, the
+ * two objects are independent, i.e. subsequent calls involving one of
+ * the objects do not affect the other object.
+ *
+ * \param[in] source_operation The active hash operation to clone.
+ * \param[in,out] target_operation The operation object to set up.
+ * It must be initialized but not active.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * The \p source_operation state is not valid (it must be active).
+ * \retval #PSA_ERROR_BAD_STATE
+ * The \p target_operation state is not valid (it must be inactive).
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t mbedtls_psa_hash_clone(
+ const mbedtls_psa_hash_operation_t *source_operation,
+ mbedtls_psa_hash_operation_t *target_operation );
+
+/** Add a message fragment to a multipart Mbed TLS hash operation.
+ *
+ * \note The signature of this function is that of a PSA driver hash_update
+ * entry point. This function behaves as a hash_update entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * The application must call mbedtls_psa_hash_setup() before calling this function.
+ *
+ * If this function returns an error status, the operation enters an error
+ * state and must be aborted by calling mbedtls_psa_hash_abort().
+ *
+ * \param[in,out] operation Active hash operation.
+ * \param[in] input Buffer containing the message fragment to hash.
+ * \param input_length Size of the \p input buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (it must be active).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_hash_update(
+ mbedtls_psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+/** Finish the calculation of the Mbed TLS-calculated hash of a message.
+ *
+ * \note The signature of this function is that of a PSA driver hash_finish
+ * entry point. This function behaves as a hash_finish entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * The application must call mbedtls_psa_hash_setup() before calling this function.
+ * This function calculates the hash of the message formed by concatenating
+ * the inputs passed to preceding calls to mbedtls_psa_hash_update().
+ *
+ * When this function returns successfuly, the operation becomes inactive.
+ * If this function returns an error status, the operation enters an error
+ * state and must be aborted by calling mbedtls_psa_hash_abort().
+ *
+ * \param[in,out] operation Active hash operation.
+ * \param[out] hash Buffer where the hash is to be written.
+ * \param hash_size Size of the \p hash buffer in bytes.
+ * \param[out] hash_length On success, the number of bytes
+ * that make up the hash value. This is always
+ * #PSA_HASH_LENGTH(\c alg) where \c alg is the
+ * hash algorithm that is calculated.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (it must be active).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p hash buffer is too small. You can determine a
+ * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg)
+ * where \c alg is the hash algorithm that is calculated.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_hash_finish(
+ mbedtls_psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length );
+
+/** Abort an Mbed TLS hash operation.
+ *
+ * \note The signature of this function is that of a PSA driver hash_abort
+ * entry point. This function behaves as a hash_abort entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * mbedtls_psa_hash_setup() again.
+ *
+ * You may call this function any time after the operation object has
+ * been initialized by one of the methods described in #psa_hash_operation_t.
+ *
+ * In particular, calling mbedtls_psa_hash_abort() after the operation has been
+ * terminated by a call to mbedtls_psa_hash_abort(), mbedtls_psa_hash_finish() or
+ * mbedtls_psa_hash_verify() is safe and has no effect.
+ *
+ * \param[in,out] operation Initialized hash operation.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_hash_abort(
+ mbedtls_psa_hash_operation_t *operation );
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+psa_status_t mbedtls_transparent_test_driver_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length);
+
+psa_status_t mbedtls_transparent_test_driver_hash_setup(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_transparent_test_driver_hash_clone(
+ const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
+ mbedtls_transparent_test_driver_hash_operation_t *target_operation );
+
+psa_status_t mbedtls_transparent_test_driver_hash_update(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+psa_status_t mbedtls_transparent_test_driver_hash_finish(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length );
+
+psa_status_t mbedtls_transparent_test_driver_hash_abort(
+ mbedtls_transparent_test_driver_hash_operation_t *operation );
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* PSA_CRYPTO_HASH_H */
diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h
index 2b4ee1f..1e5a407 100644
--- a/library/psa_crypto_invasive.h
+++ b/library/psa_crypto_invasive.h
@@ -35,9 +35,11 @@
#endif
#include "psa/crypto.h"
+#include "common.h"
#include "mbedtls/entropy.h"
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
/** \brief Configure entropy sources.
*
* This function may only be called before a call to psa_crypto_init(),
@@ -73,5 +75,12 @@
psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
void (* entropy_init )( mbedtls_entropy_context *ctx ),
void (* entropy_free )( mbedtls_entropy_context *ctx ) );
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C)
+psa_status_t psa_mac_key_can_do(
+ psa_algorithm_t algorithm,
+ psa_key_type_t key_type );
+#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_PSA_CRYPTO_C */
#endif /* PSA_CRYPTO_INVASIVE_H */
diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h
index 11703a0..3a3f49a 100644
--- a/library/psa_crypto_its.h
+++ b/library/psa_crypto_its.h
@@ -72,12 +72,12 @@
*
* \return A status indicating the success/failure of the operation
*
- * \retval #PSA_SUCCESS The operation completed successfully
- * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG
- * \retval #PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
- * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`)
+ * \retval #PSA_SUCCESS The operation completed successfully
+ * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG
+ * \retval #PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
+ * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`)
* is invalid, for example is `NULL` or references memory the caller cannot access
*/
psa_status_t psa_its_set(psa_storage_uid_t uid,
@@ -97,11 +97,11 @@
*
* \return A status indicating the success/failure of the operation
*
- * \retval #PSA_SUCCESS The operation completed successfully
- * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage
- * \retval #PSA_ERROR_INVALID_SIZE The operation failed because the data associated with provided uid is larger than `data_size`
- * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
+ * \retval #PSA_SUCCESS The operation completed successfully
+ * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage
+ * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval #PSA_ERROR_DATA_CORRUPT The operation failed because stored data has been corrupted
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
* is invalid. For example is `NULL` or references memory the caller cannot access.
* In addition, this can also happen if an invalid offset was provided.
*/
@@ -119,10 +119,10 @@
*
* \return A status indicating the success/failure of the operation
*
- * \retval #PSA_SUCCESS The operation completed successfully
- * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
- * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`)
+ * \retval #PSA_SUCCESS The operation completed successfully
+ * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
+ * \retval #PSA_ERROR_DATA_CORRUPT The operation failed because stored data has been corrupted
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`)
* is invalid, for example is `NULL` or references memory the caller cannot access
*/
psa_status_t psa_its_get_info(psa_storage_uid_t uid,
@@ -135,10 +135,10 @@
*
* \return A status indicating the success/failure of the operation
*
- * \retval #PSA_SUCCESS The operation completed successfully
- * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage
- * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG
- * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval #PSA_SUCCESS The operation completed successfully
+ * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage
+ * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG
+ * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
*/
psa_status_t psa_its_remove(psa_storage_uid_t uid);
diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c
new file mode 100644
index 0000000..135fa35
--- /dev/null
+++ b/library/psa_crypto_mac.c
@@ -0,0 +1,801 @@
+/*
+ * PSA MAC layer on top of Mbed TLS software crypto
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_mac.h"
+#include <mbedtls/md.h>
+
+#include <mbedtls/error.h>
+#include <string.h>
+
+/* Use builtin defines specific to this compilation unit, since the test driver
+ * relies on the software driver. */
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) )
+#define BUILTIN_ALG_CMAC 1
+#endif
+#if( defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) )
+#define BUILTIN_ALG_HMAC 1
+#endif
+
+#if defined(BUILTIN_ALG_HMAC)
+static size_t psa_get_hash_block_size( psa_algorithm_t alg )
+{
+ switch( alg )
+ {
+ case PSA_ALG_MD2:
+ return( 16 );
+ case PSA_ALG_MD4:
+ return( 64 );
+ case PSA_ALG_MD5:
+ return( 64 );
+ case PSA_ALG_RIPEMD160:
+ return( 64 );
+ case PSA_ALG_SHA_1:
+ return( 64 );
+ case PSA_ALG_SHA_224:
+ return( 64 );
+ case PSA_ALG_SHA_256:
+ return( 64 );
+ case PSA_ALG_SHA_384:
+ return( 128 );
+ case PSA_ALG_SHA_512:
+ return( 128 );
+ default:
+ return( 0 );
+ }
+}
+
+static psa_status_t psa_hmac_abort_internal(
+ mbedtls_psa_hmac_operation_t *hmac )
+{
+ mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) );
+ return( psa_hash_abort( &hmac->hash_ctx ) );
+}
+
+static psa_status_t psa_hmac_setup_internal(
+ mbedtls_psa_hmac_operation_t *hmac,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t hash_alg )
+{
+ uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
+ size_t i;
+ size_t hash_size = PSA_HASH_LENGTH( hash_alg );
+ size_t block_size = psa_get_hash_block_size( hash_alg );
+ psa_status_t status;
+
+ hmac->alg = hash_alg;
+
+ /* Sanity checks on block_size, to guarantee that there won't be a buffer
+ * overflow below. This should never trigger if the hash algorithm
+ * is implemented correctly. */
+ /* The size checks against the ipad and opad buffers cannot be written
+ * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )`
+ * because that triggers -Wlogical-op on GCC 7.3. */
+ if( block_size > sizeof( ipad ) )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( block_size > sizeof( hmac->opad ) )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( block_size < hash_size )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ if( key_length > block_size )
+ {
+ status = psa_hash_compute( hash_alg, key, key_length,
+ ipad, sizeof( ipad ), &key_length );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+ }
+ /* A 0-length key is not commonly used in HMAC when used as a MAC,
+ * but it is permitted. It is common when HMAC is used in HKDF, for
+ * example. Don't call `memcpy` in the 0-length because `key` could be
+ * an invalid pointer which would make the behavior undefined. */
+ else if( key_length != 0 )
+ memcpy( ipad, key, key_length );
+
+ /* ipad contains the key followed by garbage. Xor and fill with 0x36
+ * to create the ipad value. */
+ for( i = 0; i < key_length; i++ )
+ ipad[i] ^= 0x36;
+ memset( ipad + key_length, 0x36, block_size - key_length );
+
+ /* Copy the key material from ipad to opad, flipping the requisite bits,
+ * and filling the rest of opad with the requisite constant. */
+ for( i = 0; i < key_length; i++ )
+ hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
+ memset( hmac->opad + key_length, 0x5C, block_size - key_length );
+
+ status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+ status = psa_hash_update( &hmac->hash_ctx, ipad, block_size );
+
+cleanup:
+ mbedtls_platform_zeroize( ipad, sizeof( ipad ) );
+
+ return( status );
+}
+
+static psa_status_t psa_hmac_update_internal(
+ mbedtls_psa_hmac_operation_t *hmac,
+ const uint8_t *data,
+ size_t data_length )
+{
+ return( psa_hash_update( &hmac->hash_ctx, data, data_length ) );
+}
+
+static psa_status_t psa_hmac_finish_internal(
+ mbedtls_psa_hmac_operation_t *hmac,
+ uint8_t *mac,
+ size_t mac_size )
+{
+ uint8_t tmp[MBEDTLS_MD_MAX_SIZE];
+ psa_algorithm_t hash_alg = hmac->alg;
+ size_t hash_size = 0;
+ size_t block_size = psa_get_hash_block_size( hash_alg );
+ psa_status_t status;
+
+ status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
+ if( status != PSA_SUCCESS )
+ return( status );
+ /* From here on, tmp needs to be wiped. */
+
+ status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ memcpy( mac, tmp, mac_size );
+
+exit:
+ mbedtls_platform_zeroize( tmp, hash_size );
+ return( status );
+}
+#endif /* BUILTIN_ALG_HMAC */
+
+#if defined(BUILTIN_ALG_CMAC)
+static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer )
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+#if defined(PSA_WANT_KEY_TYPE_DES)
+ /* Mbed TLS CMAC does not accept 3DES with only two keys, nor does it accept
+ * to do CMAC with pure DES, so return NOT_SUPPORTED here. */
+ if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_DES &&
+ ( psa_get_key_bits( attributes ) == 64 ||
+ psa_get_key_bits( attributes ) == 128 ) )
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+
+ const mbedtls_cipher_info_t * cipher_info =
+ mbedtls_cipher_info_from_psa(
+ PSA_ALG_CMAC,
+ psa_get_key_type( attributes ),
+ psa_get_key_bits( attributes ),
+ NULL );
+
+ if( cipher_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
+ if( ret != 0 )
+ goto exit;
+
+ ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
+ key_buffer,
+ psa_get_key_bits( attributes ) );
+exit:
+ return( mbedtls_to_psa_error( ret ) );
+}
+#endif /* BUILTIN_ALG_CMAC */
+
+/* Implement the PSA driver MAC interface on top of mbed TLS if either the
+ * software driver or the test driver requires it. */
+#if defined(BUILTIN_ALG_HMAC) || defined(BUILTIN_ALG_CMAC)
+
+/* Initialize this driver's MAC operation structure. Once this function has been
+ * called, mbedtls_psa_mac_abort can run and will do the right thing. */
+static psa_status_t mac_init(
+ mbedtls_psa_mac_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ operation->alg = alg;
+
+#if defined(BUILTIN_ALG_CMAC)
+ if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
+ {
+ mbedtls_cipher_init( &operation->ctx.cmac );
+ status = PSA_SUCCESS;
+ }
+ else
+#endif /* BUILTIN_ALG_CMAC */
+#if defined(BUILTIN_ALG_HMAC)
+ if( PSA_ALG_IS_HMAC( operation->alg ) )
+ {
+ /* We'll set up the hash operation later in psa_hmac_setup_internal. */
+ operation->ctx.hmac.alg = 0;
+ status = PSA_SUCCESS;
+ }
+ else
+#endif /* BUILTIN_ALG_HMAC */
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ if( status != PSA_SUCCESS )
+ memset( operation, 0, sizeof( *operation ) );
+ return( status );
+}
+
+static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation )
+{
+ if( operation->alg == 0 )
+ {
+ /* The object has (apparently) been initialized but it is not
+ * in use. It's ok to call abort on such an object, and there's
+ * nothing to do. */
+ return( PSA_SUCCESS );
+ }
+ else
+#if defined(BUILTIN_ALG_CMAC)
+ if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
+ {
+ mbedtls_cipher_free( &operation->ctx.cmac );
+ }
+ else
+#endif /* BUILTIN_ALG_CMAC */
+#if defined(BUILTIN_ALG_HMAC)
+ if( PSA_ALG_IS_HMAC( operation->alg ) )
+ {
+ psa_hmac_abort_internal( &operation->ctx.hmac );
+ }
+ else
+#endif /* BUILTIN_ALG_HMAC */
+ {
+ /* Sanity check (shouldn't happen: operation->alg should
+ * always have been initialized to a valid value). */
+ goto bad_state;
+ }
+
+ operation->alg = 0;
+
+ return( PSA_SUCCESS );
+
+bad_state:
+ /* If abort is called on an uninitialized object, we can't trust
+ * anything. Wipe the object in case it contains confidential data.
+ * This may result in a memory leak if a pointer gets overwritten,
+ * but it's too late to do anything about this. */
+ memset( operation, 0, sizeof( *operation ) );
+ return( PSA_ERROR_BAD_STATE );
+}
+
+static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ /* A context must be freshly initialized before it can be set up. */
+ if( operation->alg != 0 )
+ return( PSA_ERROR_BAD_STATE );
+
+ status = mac_init( operation, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+#if defined(BUILTIN_ALG_CMAC)
+ if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC )
+ {
+ /* Key buffer size for CMAC is dictated by the key bits set on the
+ * attributes, and previously validated by the core on key import. */
+ (void) key_buffer_size;
+ status = cmac_setup( operation, attributes, key_buffer );
+ }
+ else
+#endif /* BUILTIN_ALG_CMAC */
+#if defined(BUILTIN_ALG_HMAC)
+ if( PSA_ALG_IS_HMAC( alg ) )
+ {
+ status = psa_hmac_setup_internal( &operation->ctx.hmac,
+ key_buffer,
+ key_buffer_size,
+ PSA_ALG_HMAC_GET_HASH( alg ) );
+ }
+ else
+#endif /* BUILTIN_ALG_HMAC */
+ {
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ if( status != PSA_SUCCESS )
+ mac_abort( operation );
+
+ return( status );
+}
+
+static psa_status_t mac_update(
+ mbedtls_psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ if( operation->alg == 0 )
+ return( PSA_ERROR_BAD_STATE );
+
+#if defined(BUILTIN_ALG_CMAC)
+ if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
+ {
+ return( mbedtls_to_psa_error(
+ mbedtls_cipher_cmac_update( &operation->ctx.cmac,
+ input, input_length ) ) );
+ }
+ else
+#endif /* BUILTIN_ALG_CMAC */
+#if defined(BUILTIN_ALG_HMAC)
+ if( PSA_ALG_IS_HMAC( operation->alg ) )
+ {
+ return( psa_hmac_update_internal( &operation->ctx.hmac,
+ input, input_length ) );
+ }
+ else
+#endif /* BUILTIN_ALG_HMAC */
+ {
+ /* This shouldn't happen if `operation` was initialized by
+ * a setup function. */
+ (void) input;
+ (void) input_length;
+ return( PSA_ERROR_BAD_STATE );
+ }
+}
+
+static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size )
+{
+#if defined(BUILTIN_ALG_CMAC)
+ if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
+ {
+ uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE];
+ int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
+ if( ret == 0 )
+ memcpy( mac, tmp, mac_size );
+ mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+ else
+#endif /* BUILTIN_ALG_CMAC */
+#if defined(BUILTIN_ALG_HMAC)
+ if( PSA_ALG_IS_HMAC( operation->alg ) )
+ {
+ return( psa_hmac_finish_internal( &operation->ctx.hmac,
+ mac, mac_size ) );
+ }
+ else
+#endif /* BUILTIN_ALG_HMAC */
+ {
+ /* This shouldn't happen if `operation` was initialized by
+ * a setup function. */
+ (void) operation;
+ (void) mac;
+ (void) mac_size;
+ return( PSA_ERROR_BAD_STATE );
+ }
+}
+
+static psa_status_t mac_sign_finish(
+ mbedtls_psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ if( operation->alg == 0 )
+ return( PSA_ERROR_BAD_STATE );
+
+ status = mac_finish_internal( operation, mac, mac_size );
+
+ if( status == PSA_SUCCESS )
+ *mac_length = mac_size;
+
+ return( status );
+}
+
+static psa_status_t mac_verify_finish(
+ mbedtls_psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length )
+{
+ uint8_t actual_mac[PSA_MAC_MAX_SIZE];
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ if( operation->alg == 0 )
+ return( PSA_ERROR_BAD_STATE );
+
+ /* Consistency check: requested MAC length fits our local buffer */
+ if( mac_length > sizeof( actual_mac ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = mac_finish_internal( operation, actual_mac, mac_length );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+ if( mbedtls_psa_safer_memcmp( mac, actual_mac, mac_length ) != 0 )
+ status = PSA_ERROR_INVALID_SIGNATURE;
+
+cleanup:
+ mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
+
+ return( status );
+}
+
+static psa_status_t mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT;
+
+ status = mac_setup( &operation,
+ attributes, key_buffer, key_buffer_size,
+ alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( input_length > 0 )
+ {
+ status = mac_update( &operation, input, input_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = mac_finish_internal( &operation, mac, mac_size );
+ if( status == PSA_SUCCESS )
+ *mac_length = mac_size;
+
+exit:
+ mac_abort( &operation );
+
+ return( status );
+}
+
+#endif /* BUILTIN_ALG_HMAC || BUILTIN_ALG_CMAC */
+
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+psa_status_t mbedtls_psa_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ return( mac_compute( attributes, key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length ) );
+}
+
+psa_status_t mbedtls_psa_mac_sign_setup(
+ mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( mac_setup( operation, attributes,
+ key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_psa_mac_verify_setup(
+ mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( mac_setup( operation, attributes,
+ key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_psa_mac_update(
+ mbedtls_psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ return( mac_update( operation, input, input_length ) );
+}
+
+psa_status_t mbedtls_psa_mac_sign_finish(
+ mbedtls_psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ return( mac_sign_finish( operation, mac, mac_size, mac_length ) );
+}
+
+psa_status_t mbedtls_psa_mac_verify_finish(
+ mbedtls_psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length )
+{
+ return( mac_verify_finish( operation, mac, mac_length ) );
+}
+
+psa_status_t mbedtls_psa_mac_abort(
+ mbedtls_psa_mac_operation_t *operation )
+{
+ return( mac_abort( operation ) );
+}
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+ /*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+static int is_mac_accelerated( psa_algorithm_t alg )
+{
+#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
+ if( PSA_ALG_IS_HMAC( alg ) )
+ return( 1 );
+#endif
+
+ switch( PSA_ALG_FULL_LENGTH_MAC( alg ) )
+ {
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
+ case PSA_ALG_CMAC:
+ return( 1 );
+#endif
+ default:
+ return( 0 );
+ }
+}
+
+psa_status_t mbedtls_transparent_test_driver_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ if( is_mac_accelerated( alg ) )
+ return( mac_compute( attributes, key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length ) );
+ else
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_transparent_test_driver_mac_sign_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ if( is_mac_accelerated( alg ) )
+ return( mac_setup( operation, attributes,
+ key_buffer, key_buffer_size, alg ) );
+ else
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_transparent_test_driver_mac_verify_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ if( is_mac_accelerated( alg ) )
+ return( mac_setup( operation, attributes,
+ key_buffer, key_buffer_size, alg ) );
+ else
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_transparent_test_driver_mac_update(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ if( is_mac_accelerated( operation->alg ) )
+ return( mac_update( operation, input, input_length ) );
+ else
+ return( PSA_ERROR_BAD_STATE );
+}
+
+psa_status_t mbedtls_transparent_test_driver_mac_sign_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ if( is_mac_accelerated( operation->alg ) )
+ return( mac_sign_finish( operation, mac, mac_size, mac_length ) );
+ else
+ return( PSA_ERROR_BAD_STATE );
+}
+
+psa_status_t mbedtls_transparent_test_driver_mac_verify_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length )
+{
+ if( is_mac_accelerated( operation->alg ) )
+ return( mac_verify_finish( operation, mac, mac_length ) );
+ else
+ return( PSA_ERROR_BAD_STATE );
+}
+
+psa_status_t mbedtls_transparent_test_driver_mac_abort(
+ mbedtls_transparent_test_driver_mac_operation_t *operation )
+{
+ return( mac_abort( operation ) );
+}
+
+psa_status_t mbedtls_opaque_test_driver_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ /* Opaque driver testing is not implemented yet through this mechanism. */
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_opaque_test_driver_mac_sign_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ /* Opaque driver testing is not implemented yet through this mechanism. */
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_opaque_test_driver_mac_verify_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ /* Opaque driver testing is not implemented yet through this mechanism. */
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_opaque_test_driver_mac_update(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ /* Opaque driver testing is not implemented yet through this mechanism. */
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_opaque_test_driver_mac_sign_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ /* Opaque driver testing is not implemented yet through this mechanism. */
+ (void) operation;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_opaque_test_driver_mac_verify_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length )
+{
+ /* Opaque driver testing is not implemented yet through this mechanism. */
+ (void) operation;
+ (void) mac;
+ (void) mac_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_opaque_test_driver_mac_abort(
+ mbedtls_opaque_test_driver_mac_operation_t *operation )
+{
+ /* Opaque driver testing is not implemented yet through this mechanism. */
+ (void) operation;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h
new file mode 100644
index 0000000..9b81e73
--- /dev/null
+++ b/library/psa_crypto_mac.h
@@ -0,0 +1,372 @@
+/*
+ * PSA MAC layer on top of Mbed TLS software crypto
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_MAC_H
+#define PSA_CRYPTO_MAC_H
+
+#include <psa/crypto.h>
+
+/** Calculate the MAC (message authentication code) of a message using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_compute
+ * entry point. This function behaves as a mac_compute entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key to use for
+ * computing the MAC. This buffer contains the key
+ * in export representation as defined by
+ * psa_export_key() (i.e. the raw key bytes).
+ * \param key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param alg The MAC algorithm to use (\c PSA_ALG_XXX value
+ * such that #PSA_ALG_IS_MAC(\p alg) is true).
+ * \param[in] input Buffer containing the input message.
+ * \param input_length Size of the \p input buffer in bytes.
+ * \param[out] mac Buffer where the MAC value is to be written.
+ * \param mac_size Size of the \p mac buffer in bytes.
+ * \param[out] mac_length On success, the number of bytes
+ * that make up the MAC value.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * \p mac_size is too small
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length);
+
+/** Set up a multipart MAC calculation operation using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_sign_setup
+ * entry point. This function behaves as a mac_sign_setup entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ * been initialized and not yet in use.
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key to use for
+ * computing the MAC. This buffer contains the key
+ * in export representation as defined by
+ * psa_export_key() (i.e. the raw key bytes).
+ * \param key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param alg The MAC algorithm to use (\c PSA_ALG_XXX value
+ * such that #PSA_ALG_IS_MAC(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (it must be inactive).
+ */
+psa_status_t mbedtls_psa_mac_sign_setup(
+ mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg);
+
+/** Set up a multipart MAC verification operation using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_verify_setup
+ * entry point. This function behaves as a mac_verify_setup entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ * been initialized and not yet in use.
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key to use for
+ * computing the MAC. This buffer contains the key
+ * in export representation as defined by
+ * psa_export_key() (i.e. the raw key bytes).
+ * \param key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param alg The MAC algorithm to use (\c PSA_ALG_XXX value
+ * such that #PSA_ALG_IS_MAC(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (it must be inactive).
+ */
+psa_status_t mbedtls_psa_mac_verify_setup(
+ mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg);
+
+/** Add a message fragment to a multipart MAC operation using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_update
+ * entry point. This function behaves as a mac_update entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * The PSA core calls mbedtls_psa_mac_sign_setup() or
+ * mbedtls_psa_mac_verify_setup() before calling this function.
+ *
+ * If this function returns an error status, the PSA core aborts the
+ * operation by calling mbedtls_psa_mac_abort().
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[in] input Buffer containing the message fragment to add to
+ * the MAC calculation.
+ * \param input_length Size of the \p input buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (it must be active).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_mac_update(
+ mbedtls_psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+/** Finish the calculation of the MAC of a message using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_sign_finish
+ * entry point. This function behaves as a mac_sign_finish entry point as
+ * defined in the PSA driver interface specification for transparent
+ * drivers.
+ *
+ * The PSA core calls mbedtls_psa_mac_sign_setup() before calling this function.
+ * This function calculates the MAC of the message formed by concatenating
+ * the inputs passed to preceding calls to mbedtls_psa_mac_update().
+ *
+ * Whether this function returns successfully or not, the PSA core subsequently
+ * aborts the operation by calling mbedtls_psa_mac_abort().
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[out] mac Buffer where the MAC value is to be written.
+ * \param mac_size Output size requested for the MAC algorithm. The PSA
+ * core guarantees this is a valid MAC length for the
+ * algorithm and key combination passed to
+ * mbedtls_psa_mac_sign_setup(). It also guarantees the
+ * \p mac buffer is large enough to contain the
+ * requested output size.
+ * \param[out] mac_length On success, the number of bytes output to buffer
+ * \p mac, which will be equal to the requested length
+ * \p mac_size.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (it must be an active mac sign
+ * operation).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p mac buffer is too small. A sufficient buffer size
+ * can be determined by calling PSA_MAC_LENGTH().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_mac_sign_finish(
+ mbedtls_psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+/** Finish the calculation of the MAC of a message and compare it with
+ * an expected value using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * mac_verify_finish entry point. This function behaves as a
+ * mac_verify_finish entry point as defined in the PSA driver interface
+ * specification for transparent drivers.
+ *
+ * The PSA core calls mbedtls_psa_mac_verify_setup() before calling this
+ * function. This function calculates the MAC of the message formed by
+ * concatenating the inputs passed to preceding calls to
+ * mbedtls_psa_mac_update(). It then compares the calculated MAC with the
+ * expected MAC passed as a parameter to this function.
+ *
+ * Whether this function returns successfully or not, the PSA core subsequently
+ * aborts the operation by calling mbedtls_psa_mac_abort().
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[in] mac Buffer containing the expected MAC value.
+ * \param mac_length Length in bytes of the expected MAC value. The PSA
+ * core guarantees that this length is a valid MAC
+ * length for the algorithm and key combination passed
+ * to mbedtls_psa_mac_verify_setup().
+ *
+ * \retval #PSA_SUCCESS
+ * The expected MAC is identical to the actual MAC of the message.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The MAC of the message was calculated successfully, but it
+ * differs from the expected MAC.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (it must be an active mac verify
+ * operation).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_mac_verify_finish(
+ mbedtls_psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length );
+
+/** Abort a MAC operation using Mbed TLS.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * mbedtls_psa_mac_sign_setup() or mbedtls_psa_mac_verify_setup() again.
+ *
+ * The PSA core may call this function any time after the operation object has
+ * been initialized by one of the methods described in
+ * #mbedtls_psa_mac_operation_t.
+ *
+ * In particular, calling mbedtls_psa_mac_abort() after the operation has been
+ * terminated by a call to mbedtls_psa_mac_abort(),
+ * mbedtls_psa_mac_sign_finish() or mbedtls_psa_mac_verify_finish() is safe and
+ * has no effect.
+ *
+ * \param[in,out] operation Initialized MAC operation.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_mac_abort(
+ mbedtls_psa_mac_operation_t *operation );
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+psa_status_t mbedtls_transparent_test_driver_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t mbedtls_transparent_test_driver_mac_sign_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_transparent_test_driver_mac_verify_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_transparent_test_driver_mac_update(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+psa_status_t mbedtls_transparent_test_driver_mac_sign_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t mbedtls_transparent_test_driver_mac_verify_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length );
+
+psa_status_t mbedtls_transparent_test_driver_mac_abort(
+ mbedtls_transparent_test_driver_mac_operation_t *operation );
+
+psa_status_t mbedtls_opaque_test_driver_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t mbedtls_opaque_test_driver_mac_sign_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_opaque_test_driver_mac_verify_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_opaque_test_driver_mac_update(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+psa_status_t mbedtls_opaque_test_driver_mac_sign_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t mbedtls_opaque_test_driver_mac_verify_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length );
+
+psa_status_t mbedtls_opaque_test_driver_mac_abort(
+ mbedtls_opaque_test_driver_mac_operation_t *operation );
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* PSA_CRYPTO_MAC_H */
diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h
new file mode 100644
index 0000000..3c4c09a
--- /dev/null
+++ b/library/psa_crypto_random_impl.h
@@ -0,0 +1,205 @@
+/** \file psa_crypto_random_impl.h
+ *
+ * \brief PSA crypto random generator implementation abstraction.
+ *
+ * The definitions here need to be consistent with the declarations
+ * in include/mbedtls/psa_util.h. This file contains some redundant
+ * declarations to increase the chance that a compiler will detect
+ * inconsistencies if one file is changed without updating the other,
+ * but not all potential inconsistencies can be enforced, so make sure
+ * to check the public declarations and contracts in
+ * include/mbedtls/psa_util.h if you modify this file.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_RANDOM_IMPL_H
+#define PSA_CRYPTO_RANDOM_IMPL_H
+
+#include <mbedtls/psa_util.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+
+#include <string.h>
+#include <mbedtls/entropy.h> // only for error codes
+#include <psa/crypto.h>
+
+typedef mbedtls_psa_external_random_context_t mbedtls_psa_random_context_t;
+
+/* Trivial wrapper around psa_generate_random(). */
+int mbedtls_psa_get_random( void *p_rng,
+ unsigned char *output,
+ size_t output_size );
+
+/* The PSA RNG API doesn't need any externally maintained state. */
+#define MBEDTLS_PSA_RANDOM_STATE NULL
+
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+/* Choose a DRBG based on configuration and availability */
+#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+
+#include "mbedtls/hmac_drbg.h"
+
+#elif defined(MBEDTLS_CTR_DRBG_C)
+
+#include "mbedtls/ctr_drbg.h"
+
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+
+#include "mbedtls/hmac_drbg.h"
+#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_SHA256_C)
+#include <limits.h>
+#if SIZE_MAX > 0xffffffff
+/* Looks like a 64-bit system, so prefer SHA-512. */
+#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA512
+#else
+/* Looks like a 32-bit system, so prefer SHA-256. */
+#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
+#endif
+#elif defined(MBEDTLS_SHA512_C)
+#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA512
+#elif defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
+#else
+#error "No hash algorithm available for HMAC_DBRG."
+#endif
+
+#else
+#error "No DRBG module available for the psa_crypto module."
+#endif
+
+#include "mbedtls/entropy.h"
+
+/** Initialize the PSA DRBG.
+ *
+ * \param p_rng Pointer to the Mbed TLS DRBG state.
+ */
+static inline void mbedtls_psa_drbg_init( mbedtls_psa_drbg_context_t *p_rng )
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+ mbedtls_ctr_drbg_init( p_rng );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ mbedtls_hmac_drbg_init( p_rng );
+#endif
+}
+
+/** Deinitialize the PSA DRBG.
+ *
+ * \param p_rng Pointer to the Mbed TLS DRBG state.
+ */
+static inline void mbedtls_psa_drbg_free( mbedtls_psa_drbg_context_t *p_rng )
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+ mbedtls_ctr_drbg_free( p_rng );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ mbedtls_hmac_drbg_free( p_rng );
+#endif
+}
+
+/** The type of the PSA random generator context.
+ *
+ * The random generator context is composed of an entropy context and
+ * a DRBG context.
+ */
+typedef struct
+{
+ void (* entropy_init )( mbedtls_entropy_context *ctx );
+ void (* entropy_free )( mbedtls_entropy_context *ctx );
+ mbedtls_entropy_context entropy;
+ mbedtls_psa_drbg_context_t drbg;
+} mbedtls_psa_random_context_t;
+
+/* Defined in include/mbedtls/psa_util.h so that it's visible to
+ * application code. The declaration here is redundant, but included
+ * as a safety net to make it more likely that a future change that
+ * accidentally causes the implementation to diverge from the interface
+ * will be noticed. */
+/* Do not include the declaration under MSVC because it doesn't accept it
+ * ("error C2370: 'mbedtls_psa_get_random' : redefinition; different storage class").
+ * Observed with Visual Studio 2013. A known bug apparently:
+ * https://stackoverflow.com/questions/8146541/duplicate-external-static-declarations-not-allowed-in-visual-studio
+ */
+#if !defined(_MSC_VER)
+static mbedtls_f_rng_t *const mbedtls_psa_get_random;
+#endif
+
+/** The maximum number of bytes that mbedtls_psa_get_random() is expected to
+ * return.
+ */
+#if defined(MBEDTLS_CTR_DRBG_C)
+#define MBEDTLS_PSA_RANDOM_MAX_REQUEST MBEDTLS_CTR_DRBG_MAX_REQUEST
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+#define MBEDTLS_PSA_RANDOM_MAX_REQUEST MBEDTLS_HMAC_DRBG_MAX_REQUEST
+#endif
+
+/** A pointer to the PSA DRBG state.
+ *
+ * This variable is only intended to be used through the macro
+ * #MBEDTLS_PSA_RANDOM_STATE.
+ */
+/* psa_crypto.c sets this variable to a pointer to the DRBG state in the
+ * global PSA crypto state. */
+/* The type `mbedtls_psa_drbg_context_t` is defined in
+ * include/mbedtls/psa_util.h so that `mbedtls_psa_random_state` can be
+ * declared there and be visible to application code. */
+extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
+
+/** A pointer to the PSA DRBG state.
+ *
+ * This macro expands to an expression that is suitable as the \c p_rng
+ * parameter to pass to mbedtls_psa_get_random().
+ *
+ * This macro exists in all configurations where the psa_crypto module is
+ * enabled. Its expansion depends on the configuration.
+ */
+#define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
+
+/** Seed the PSA DRBG.
+ *
+ * \param entropy An entropy context to read the seed from.
+ * \param custom The personalization string.
+ * This can be \c NULL, in which case the personalization
+ * string is empty regardless of the value of \p len.
+ * \param len The length of the personalization string.
+ *
+ * \return \c 0 on success.
+ * \return An Mbed TLS error code (\c MBEDTLS_ERR_xxx) on failure.
+ */
+static inline int mbedtls_psa_drbg_seed(
+ mbedtls_entropy_context *entropy,
+ const unsigned char *custom, size_t len )
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+ return( mbedtls_ctr_drbg_seed( MBEDTLS_PSA_RANDOM_STATE,
+ mbedtls_entropy_func,
+ entropy,
+ custom, len ) );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ const mbedtls_md_info_t *md_info =
+ mbedtls_md_info_from_type( MBEDTLS_PSA_HMAC_DRBG_MD_TYPE );
+ return( mbedtls_hmac_drbg_seed( MBEDTLS_PSA_RANDOM_STATE,
+ md_info,
+ mbedtls_entropy_func,
+ entropy,
+ custom, len ) );
+#endif
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#endif /* PSA_CRYPTO_RANDOM_IMPL_H */
diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
new file mode 100644
index 0000000..80b9985
--- /dev/null
+++ b/library/psa_crypto_rsa.c
@@ -0,0 +1,700 @@
+/*
+ * PSA RSA layer on top of Mbed TLS crypto
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_random_impl.h"
+#include "psa_crypto_rsa.h"
+#include "psa_crypto_hash.h"
+
+#include <stdlib.h>
+#include <string.h>
+#include "mbedtls/platform.h"
+#if !defined(MBEDTLS_PLATFORM_C)
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
+#include <mbedtls/rsa.h>
+#include <mbedtls/error.h>
+#include <mbedtls/pk.h>
+#include <mbedtls/pk_internal.h>
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) )
+#define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) )
+#define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \
+ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) )
+#define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \
+ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) )
+#define BUILTIN_ALG_RSA_PSS 1
+#endif
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
+ defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(BUILTIN_ALG_RSA_PSS) || \
+ defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+
+/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
+ * that are not a multiple of 8) well. For example, there is only
+ * mbedtls_rsa_get_len(), which returns a number of bytes, and no
+ * way to return the exact bit size of a key.
+ * To keep things simple, reject non-byte-aligned key sizes. */
+static psa_status_t psa_check_rsa_key_byte_aligned(
+ const mbedtls_rsa_context *rsa )
+{
+ mbedtls_mpi n;
+ psa_status_t status;
+ mbedtls_mpi_init( &n );
+ status = mbedtls_to_psa_error(
+ mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) );
+ if( status == PSA_SUCCESS )
+ {
+ if( mbedtls_mpi_bitlen( &n ) % 8 != 0 )
+ status = PSA_ERROR_NOT_SUPPORTED;
+ }
+ mbedtls_mpi_free( &n );
+ return( status );
+}
+
+psa_status_t mbedtls_psa_rsa_load_representation(
+ psa_key_type_t type, const uint8_t *data, size_t data_length,
+ mbedtls_rsa_context **p_rsa )
+{
+ psa_status_t status;
+ mbedtls_pk_context ctx;
+ size_t bits;
+ mbedtls_pk_init( &ctx );
+
+ /* Parse the data. */
+ if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
+ status = mbedtls_to_psa_error(
+ mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) );
+ else
+ status = mbedtls_to_psa_error(
+ mbedtls_pk_parse_public_key( &ctx, data, data_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* We have something that the pkparse module recognizes. If it is a
+ * valid RSA key, store it. */
+ if( mbedtls_pk_get_type( &ctx ) != MBEDTLS_PK_RSA )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
+ * supports non-byte-aligned key sizes, but not well. For example,
+ * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
+ bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( mbedtls_pk_rsa( ctx ) ) );
+ if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+ status = psa_check_rsa_key_byte_aligned( mbedtls_pk_rsa( ctx ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Copy out the pointer to the RSA context, and reset the PK context
+ * such that pk_free doesn't free the RSA context we just grabbed. */
+ *p_rsa = mbedtls_pk_rsa( ctx );
+ ctx.pk_info = NULL;
+
+exit:
+ mbedtls_pk_free( &ctx );
+ return( status );
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
+ * defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(BUILTIN_ALG_RSA_PSS) ||
+ * defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+ * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+
+#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+
+static psa_status_t rsa_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits )
+{
+ psa_status_t status;
+ mbedtls_rsa_context *rsa = NULL;
+
+ /* Parse input */
+ status = mbedtls_psa_rsa_load_representation( attributes->core.type,
+ data,
+ data_length,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *bits = (psa_key_bits_t) PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
+
+ /* Re-export the data to PSA export format, such that we can store export
+ * representation in the key slot. Export representation in case of RSA is
+ * the smallest representation that's allowed as input, so a straight-up
+ * allocation of the same size as the input buffer will be large enough. */
+ status = mbedtls_psa_rsa_export_key( attributes->core.type,
+ rsa,
+ key_buffer,
+ key_buffer_size,
+ key_buffer_length );
+exit:
+ /* Always free the RSA object */
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+
+ return( status );
+}
+
+psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type,
+ mbedtls_rsa_context *rsa,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length )
+{
+#if defined(MBEDTLS_PK_WRITE_C)
+ int ret;
+ mbedtls_pk_context pk;
+ uint8_t *pos = data + data_size;
+
+ mbedtls_pk_init( &pk );
+ pk.pk_info = &mbedtls_rsa_info;
+ pk.pk_ctx = rsa;
+
+ /* PSA Crypto API defines the format of an RSA key as a DER-encoded
+ * representation of the non-encrypted PKCS#1 RSAPrivateKey for a
+ * private key and of the RFC3279 RSAPublicKey for a public key. */
+ if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
+ ret = mbedtls_pk_write_key_der( &pk, data, data_size );
+ else
+ ret = mbedtls_pk_write_pubkey( &pos, data, &pk );
+
+ if( ret < 0 )
+ {
+ /* Clean up in case pk_write failed halfway through. */
+ memset( data, 0, data_size );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+
+ /* The mbedtls_pk_xxx functions write to the end of the buffer.
+ * Move the data to the beginning and erase remaining data
+ * at the original location. */
+ if( 2 * (size_t) ret <= data_size )
+ {
+ memcpy( data, data + data_size - ret, ret );
+ memset( data + data_size - ret, 0, ret );
+ }
+ else if( (size_t) ret < data_size )
+ {
+ memmove( data, data + data_size - ret, ret );
+ memset( data + ret, 0, data_size - ret );
+ }
+
+ *data_length = ret;
+ return( PSA_SUCCESS );
+#else
+ (void) type;
+ (void) rsa;
+ (void) data;
+ (void) data_size;
+ (void) data_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_PK_WRITE_C */
+}
+
+static psa_status_t rsa_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_rsa_context *rsa = NULL;
+
+ status = mbedtls_psa_rsa_load_representation(
+ attributes->core.type, key_buffer, key_buffer_size, &rsa );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = mbedtls_psa_rsa_export_key( PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ rsa,
+ data,
+ data_size,
+ data_length );
+
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+
+ return( status );
+}
+#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+ * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+
+#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
+ defined(MBEDTLS_GENPRIME)
+static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters,
+ size_t domain_parameters_size,
+ int *exponent )
+{
+ size_t i;
+ uint32_t acc = 0;
+
+ if( domain_parameters_size == 0 )
+ {
+ *exponent = 65537;
+ return( PSA_SUCCESS );
+ }
+
+ /* Mbed TLS encodes the public exponent as an int. For simplicity, only
+ * support values that fit in a 32-bit integer, which is larger than
+ * int on just about every platform anyway. */
+ if( domain_parameters_size > sizeof( acc ) )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ for( i = 0; i < domain_parameters_size; i++ )
+ acc = ( acc << 8 ) | domain_parameters[i];
+ if( acc > INT_MAX )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ *exponent = acc;
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t rsa_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ psa_status_t status;
+ mbedtls_rsa_context rsa;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ int exponent;
+
+ status = psa_rsa_read_exponent( attributes->domain_parameters,
+ attributes->domain_parameters_size,
+ &exponent );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
+ ret = mbedtls_rsa_gen_key( &rsa,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
+ (unsigned int)attributes->core.bits,
+ exponent );
+ if( ret != 0 )
+ return( mbedtls_to_psa_error( ret ) );
+
+ status = mbedtls_psa_rsa_export_key( attributes->core.type,
+ &rsa, key_buffer, key_buffer_size,
+ key_buffer_length );
+ mbedtls_rsa_free( &rsa );
+
+ return( status );
+}
+#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+ * defined(MBEDTLS_GENPRIME) */
+
+/****************************************************************/
+/* Sign/verify hashes */
+/****************************************************************/
+
+#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || defined(BUILTIN_ALG_RSA_PSS)
+
+/* Decode the hash algorithm from alg and store the mbedtls encoding in
+ * md_alg. Verify that the hash length is acceptable. */
+static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
+ size_t hash_length,
+ mbedtls_md_type_t *md_alg )
+{
+ psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+ const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+ *md_alg = mbedtls_md_get_type( md_info );
+
+ /* The Mbed TLS RSA module uses an unsigned int for hash length
+ * parameters. Validate that it fits so that we don't risk an
+ * overflow later. */
+#if SIZE_MAX > UINT_MAX
+ if( hash_length > UINT_MAX )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+#endif
+
+ /* For signatures using a hash, the hash length must be correct. */
+ if( alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
+ {
+ if( md_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( mbedtls_md_get_size( md_info ) != hash_length )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t rsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_rsa_context *rsa = NULL;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_md_type_t md_alg;
+
+ status = mbedtls_psa_rsa_load_representation( attributes->core.type,
+ key_buffer,
+ key_buffer_size,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( signature_size < mbedtls_rsa_get_len( rsa ) )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
+ {
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
+ MBEDTLS_MD_NONE );
+ ret = mbedtls_rsa_pkcs1_sign( rsa,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
+ MBEDTLS_RSA_PRIVATE,
+ md_alg,
+ (unsigned int) hash_length,
+ hash,
+ signature );
+ }
+ else
+#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
+#if defined(BUILTIN_ALG_RSA_PSS)
+ if( PSA_ALG_IS_RSA_PSS( alg ) )
+ {
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+ ret = mbedtls_rsa_rsassa_pss_sign( rsa,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
+ MBEDTLS_RSA_PRIVATE,
+ MBEDTLS_MD_NONE,
+ (unsigned int) hash_length,
+ hash,
+ signature );
+ }
+ else
+#endif /* BUILTIN_ALG_RSA_PSS */
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ if( ret == 0 )
+ *signature_length = mbedtls_rsa_get_len( rsa );
+ status = mbedtls_to_psa_error( ret );
+
+exit:
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+
+ return( status );
+}
+
+static psa_status_t rsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_rsa_context *rsa = NULL;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_md_type_t md_alg;
+
+ status = mbedtls_psa_rsa_load_representation( attributes->core.type,
+ key_buffer,
+ key_buffer_size,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( signature_length != mbedtls_rsa_get_len( rsa ) )
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+
+#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
+ {
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
+ MBEDTLS_MD_NONE );
+ ret = mbedtls_rsa_pkcs1_verify( rsa,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
+ MBEDTLS_RSA_PUBLIC,
+ md_alg,
+ (unsigned int) hash_length,
+ hash,
+ signature );
+ }
+ else
+#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
+#if defined(BUILTIN_ALG_RSA_PSS)
+ if( PSA_ALG_IS_RSA_PSS( alg ) )
+ {
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+ ret = mbedtls_rsa_rsassa_pss_verify( rsa,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE,
+ MBEDTLS_RSA_PUBLIC,
+ md_alg,
+ (unsigned int) hash_length,
+ hash,
+ signature );
+ }
+ else
+#endif /* BUILTIN_ALG_RSA_PSS */
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ /* Mbed TLS distinguishes "invalid padding" from "valid padding but
+ * the rest of the signature is invalid". This has little use in
+ * practice and PSA doesn't report this distinction. */
+ status = ( ret == MBEDTLS_ERR_RSA_INVALID_PADDING ) ?
+ PSA_ERROR_INVALID_SIGNATURE :
+ mbedtls_to_psa_error( ret );
+
+exit:
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+
+ return( status );
+}
+
+#endif /* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(BUILTIN_ALG_RSA_PSS) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+
+psa_status_t mbedtls_psa_rsa_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits )
+{
+ return( rsa_import_key( attributes, data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
+}
+
+psa_status_t mbedtls_psa_rsa_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
+}
+
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
+ defined(MBEDTLS_GENPRIME)
+psa_status_t mbedtls_psa_rsa_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
+ key_buffer_length ) );
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+ * defined(MBEDTLS_GENPRIME) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+psa_status_t mbedtls_psa_rsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+ return( rsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+}
+
+psa_status_t mbedtls_psa_rsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+ return( rsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
+
+psa_status_t mbedtls_transparent_test_driver_rsa_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits )
+{
+ return( rsa_import_key( attributes, data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
+}
+
+#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ||
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */
+
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
+psa_status_t mbedtls_transparent_test_driver_rsa_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
+ key_buffer_length ) );
+}
+#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
+
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
+psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+#if defined(MBEDTLS_RSA_C) && \
+ (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
+ return( rsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+#else
+ (void)attributes;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_size;
+ (void)signature_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+}
+
+psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+#if defined(MBEDTLS_RSA_C) && \
+ (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
+ return( rsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+#else
+ (void)attributes;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+}
+#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h
new file mode 100644
index 0000000..41a90f7
--- /dev/null
+++ b/library/psa_crypto_rsa.h
@@ -0,0 +1,250 @@
+/*
+ * PSA RSA layer on top of Mbed TLS crypto
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_RSA_H
+#define PSA_CRYPTO_RSA_H
+
+#include <psa/crypto.h>
+#include <mbedtls/rsa.h>
+
+/** Load the contents of a key buffer into an internal RSA representation
+ *
+ * \param[in] type The type of key contained in \p data.
+ * \param[in] data The buffer from which to load the representation.
+ * \param[in] data_length The size in bytes of \p data.
+ * \param[out] p_rsa Returns a pointer to an RSA context on success.
+ * The caller is responsible for freeing both the
+ * contents of the context and the context itself
+ * when done.
+ */
+psa_status_t mbedtls_psa_rsa_load_representation( psa_key_type_t type,
+ const uint8_t *data,
+ size_t data_length,
+ mbedtls_rsa_context **p_rsa );
+
+/** Import an RSA key in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * import_key entry point. This function behaves as an import_key
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes for the key to import.
+ * \param[in] data The buffer containing the key data in import
+ * format.
+ * \param[in] data_length Size of the \p data buffer in bytes.
+ * \param[out] key_buffer The buffer containing the key data in output
+ * format.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. This
+ * size is greater or equal to \p data_length.
+ * \param[out] key_buffer_length The length of the data written in \p
+ * key_buffer in bytes.
+ * \param[out] bits The key size in number of bits.
+ *
+ * \retval #PSA_SUCCESS The RSA key was imported successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The key data is not correctly formatted.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_rsa_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits );
+
+/** Export an RSA key to export representation
+ *
+ * \param[in] type The type of key (public/private) to export
+ * \param[in] rsa The internal RSA representation from which to export
+ * \param[out] data The buffer to export to
+ * \param[in] data_size The length of the buffer to export to
+ * \param[out] data_length The amount of bytes written to \p data
+ */
+psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type,
+ mbedtls_rsa_context *rsa,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length );
+
+/** Export a public RSA key or the public part of an RSA key pair in binary
+ * format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * export_public_key entry point. This function behaves as an
+ * export_public_key entry point as defined in the PSA driver interface
+ * specification.
+ *
+ * \param[in] attributes The attributes for the key to export.
+ * \param[in] key_buffer Material or context of the key to export.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[out] data Buffer where the key data is to be written.
+ * \param[in] data_size Size of the \p data buffer in bytes.
+ * \param[out] data_length On success, the number of bytes written in
+ * \p data.
+ *
+ * \retval #PSA_SUCCESS The RSA public key was exported successfully.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t mbedtls_psa_rsa_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+/**
+ * \brief Generate an RSA key.
+ *
+ * \note The signature of the function is that of a PSA driver generate_key
+ * entry point.
+ *
+ * \param[in] attributes The attributes for the RSA key to generate.
+ * \param[out] key_buffer Buffer where the key data is to be written.
+ * \param[in] key_buffer_size Size of \p key_buffer in bytes.
+ * \param[out] key_buffer_length On success, the number of bytes written in
+ * \p key_buffer.
+ *
+ * \retval #PSA_SUCCESS
+ * The key was successfully generated.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * Key length or type not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of \p key_buffer is too small.
+ */
+psa_status_t mbedtls_psa_rsa_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
+
+/** Sign an already-calculated hash with an RSA private key.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * sign_hash entry point. This function behaves as a sign_hash
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes of the RSA key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the RSA key context.
+ * format.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg A signature algorithm that is compatible with
+ * an RSA key.
+ * \param[in] hash The hash or message to sign.
+ * \param[in] hash_length Size of the \p hash buffer in bytes.
+ * \param[out] signature Buffer where the signature is to be written.
+ * \param[in] signature_size Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ * that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p signature buffer is too small. You can
+ * determine a sufficient buffer size by calling
+ * #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_RSA_KEY_PAIR, \c key_bits,
+ * \p alg) where \c key_bits is the bit-size of the RSA key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ */
+psa_status_t mbedtls_psa_rsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length );
+
+/**
+ * \brief Verify the signature a hash or short message using a public RSA key.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * verify_hash entry point. This function behaves as a verify_hash
+ * entry point as defined in the PSA driver interface specification for
+ * transparent drivers.
+ *
+ * \param[in] attributes The attributes of the RSA key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the RSA key context.
+ * format.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg A signature algorithm that is compatible with
+ * an RSA key.
+ * \param[in] hash The hash or message whose signature is to be
+ * verified.
+ * \param[in] hash_length Size of the \p hash buffer in bytes.
+ * \param[in] signature Buffer containing the signature to verify.
+ * \param[in] signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The calculation was performed successfully, but the passed
+ * signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t mbedtls_psa_rsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length );
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+psa_status_t mbedtls_transparent_test_driver_rsa_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ uint8_t *key_buffer, size_t key_buffer_size,
+ size_t *key_buffer_length, size_t *bits );
+
+psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+psa_status_t mbedtls_transparent_test_driver_rsa_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length );
+
+psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length );
+
+psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length );
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* PSA_CRYPTO_RSA_H */
diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h
index 67fadf8..7104261 100644
--- a/library/psa_crypto_se.h
+++ b/library/psa_crypto_se.h
@@ -155,6 +155,13 @@
*
* \param driver The driver table entry containing the persistent
* data to load from storage.
+ *
+ * \return #PSA_SUCCESS
+ * \return #PSA_ERROR_NOT_SUPPORTED
+ * \return #PSA_ERROR_DOES_NOT_EXIST
+ * \return #PSA_ERROR_STORAGE_FAILURE
+ * \return #PSA_ERROR_DATA_CORRUPT
+ * \return #PSA_ERROR_INVALID_ARGUMENT
*/
psa_status_t psa_load_se_persistent_data(
const psa_se_drv_table_entry_t *driver );
@@ -163,6 +170,14 @@
*
* \param[in] driver The driver table entry containing the persistent
* data to save to storage.
+ *
+ * \return #PSA_SUCCESS
+ * \return #PSA_ERROR_NOT_SUPPORTED
+ * \return #PSA_ERROR_NOT_PERMITTED
+ * \return #PSA_ERROR_NOT_SUPPORTED
+ * \return #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \return #PSA_ERROR_STORAGE_FAILURE
+ * \return #PSA_ERROR_INVALID_ARGUMENT
*/
psa_status_t psa_save_se_persistent_data(
const psa_se_drv_table_entry_t *driver );
diff --git a/library/psa_crypto_service_integration.h b/library/psa_crypto_service_integration.h
deleted file mode 100644
index 87889af..0000000
--- a/library/psa_crypto_service_integration.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H
-#define PSA_CRYPTO_SERVICE_INTEGRATION_H
-
-/*
- * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
- * (Secure Partition Manager) integration which separates the code into two
- * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
- * Environment). When building for the SPE, an additional header file should be
- * included.
- */
-#if defined(MBEDTLS_PSA_CRYPTO_SPM)
-/*
- * PSA_CRYPTO_SECURE means that the file which included this file is being
- * compiled for SPE. The files crypto_structs.h and crypto_types.h have
- * different implementations for NSPE and SPE and are compiled according to this
- * flag.
- */
-#define PSA_CRYPTO_SECURE 1
-#include "crypto_spe.h"
-#endif // MBEDTLS_PSA_CRYPTO_SPM
-
-#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 4c4ad03..6f69fc8 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -22,10 +22,10 @@
#if defined(MBEDTLS_PSA_CRYPTO_C)
-#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_core.h"
+#include "psa_crypto_driver_wrappers.h"
#include "psa_crypto_slot_management.h"
#include "psa_crypto_storage.h"
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@@ -45,27 +45,26 @@
typedef struct
{
- psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
+ psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
unsigned key_slots_initialized : 1;
} psa_global_data_t;
static psa_global_data_t global_data;
-psa_status_t psa_validate_key_id(
- mbedtls_svc_key_id_t key, int vendor_ok )
+int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok )
{
psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
if( ( PSA_KEY_ID_USER_MIN <= key_id ) &&
( key_id <= PSA_KEY_ID_USER_MAX ) )
- return( PSA_SUCCESS );
+ return( 1 );
if( vendor_ok &&
( PSA_KEY_ID_VENDOR_MIN <= key_id ) &&
( key_id <= PSA_KEY_ID_VENDOR_MAX ) )
- return( PSA_SUCCESS );
+ return( 1 );
- return( PSA_ERROR_INVALID_HANDLE );
+ return( 0 );
}
/** Get the description in memory of a key given its identifier and lock it.
@@ -124,17 +123,16 @@
}
else
{
- status = psa_validate_key_id( key, 1 );
- if( status != PSA_SUCCESS )
- return( status );
+ if ( !psa_is_valid_key_id( key, 1 ) )
+ return( PSA_ERROR_INVALID_HANDLE );
- for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
+ for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{
slot = &global_data.key_slots[ slot_idx ];
if( mbedtls_svc_key_id_equal( key, slot->attr.id ) )
break;
}
- status = ( slot_idx < PSA_KEY_SLOT_COUNT ) ?
+ status = ( slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT ) ?
PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
}
@@ -161,7 +159,7 @@
{
size_t slot_idx;
- for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
+ for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{
psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
slot->lock_count = 1;
@@ -184,7 +182,7 @@
}
selected_slot = unlocked_persistent_key_slot = NULL;
- for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
+ for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{
psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
if( ! psa_is_key_slot_occupied( slot ) )
@@ -248,25 +246,27 @@
goto exit;
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- if( psa_key_lifetime_is_external( slot->attr.lifetime ) )
+ /* Special handling is required for loading keys associated with a
+ * dynamically registered SE interface. */
+ const psa_drv_se_t *drv;
+ psa_drv_se_context_t *drv_context;
+ if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
{
psa_se_key_data_storage_t *data;
+
if( key_data_length != sizeof( *data ) )
{
- status = PSA_ERROR_STORAGE_FAILURE;
+ status = PSA_ERROR_DATA_INVALID;
goto exit;
}
data = (psa_se_key_data_storage_t *) key_data;
- memcpy( &slot->data.se.slot_number, &data->slot_number,
- sizeof( slot->data.se.slot_number ) );
+ status = psa_copy_key_material_into_slot(
+ slot, data->slot_number, sizeof( data->slot_number ) );
+ goto exit;
}
- else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- {
- status = psa_copy_key_material_into_slot( slot, key_data, key_data_length );
- if( status != PSA_SUCCESS )
- goto exit;
- }
+
+ status = psa_copy_key_material_into_slot( slot, key_data, key_data_length );
exit:
psa_free_persistent_key_data( key_data, key_data_length );
@@ -274,6 +274,77 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+
+static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_lifetime_t lifetime = PSA_KEY_LIFETIME_VOLATILE;
+ psa_drv_slot_number_t slot_number = 0;
+ size_t key_buffer_size = 0;
+ size_t key_buffer_length = 0;
+
+ if( ! psa_key_id_is_builtin(
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) )
+ {
+ return( PSA_ERROR_DOES_NOT_EXIST );
+ }
+
+ /* Check the platform function to see whether this key actually exists */
+ status = mbedtls_psa_platform_get_builtin_key(
+ slot->attr.id, &lifetime, &slot_number );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ /* Set required key attributes to ensure get_builtin_key can retrieve the
+ * full attributes. */
+ psa_set_key_id( &attributes, slot->attr.id );
+ psa_set_key_lifetime( &attributes, lifetime );
+
+ /* Get the full key attributes from the driver in order to be able to
+ * calculate the required buffer size. */
+ status = psa_driver_wrapper_get_builtin_key(
+ slot_number, &attributes,
+ NULL, 0, NULL );
+ if( status != PSA_ERROR_BUFFER_TOO_SMALL )
+ {
+ /* Builtin keys cannot be defined by the attributes alone */
+ if( status == PSA_SUCCESS )
+ status = PSA_ERROR_CORRUPTION_DETECTED;
+ return( status );
+ }
+
+ /* If the key should exist according to the platform, then ask the driver
+ * what its expected size is. */
+ status = psa_driver_wrapper_get_key_buffer_size( &attributes,
+ &key_buffer_size );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ /* Allocate a buffer of the required size and load the builtin key directly
+ * into the (now properly sized) slot buffer. */
+ status = psa_allocate_buffer_to_slot( slot, key_buffer_size );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_driver_wrapper_get_builtin_key(
+ slot_number, &attributes,
+ slot->key.data, slot->key.bytes, &key_buffer_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Copy actual key length and core attributes into the slot on success */
+ slot->key.bytes = key_buffer_length;
+ slot->attr = attributes.core;
+
+exit:
+ if( status != PSA_SUCCESS )
+ psa_remove_key_data_from_memory( slot );
+ return( status );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+
psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key,
psa_key_slot_t **p_slot )
{
@@ -291,25 +362,43 @@
if( status != PSA_ERROR_DOES_NOT_EXIST )
return( status );
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ /* Loading keys from storage requires support for such a mechanism */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \
+ defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
psa_key_id_t volatile_key_id;
status = psa_get_empty_key_slot( &volatile_key_id, p_slot );
if( status != PSA_SUCCESS )
return( status );
- (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
(*p_slot)->attr.id = key;
+ (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
- status = psa_load_persistent_key_into_slot( *p_slot );
- if( status != PSA_SUCCESS )
- psa_wipe_key_slot( *p_slot );
+ status = PSA_ERROR_DOES_NOT_EXIST;
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+ /* Load keys in the 'builtin' range through their own interface */
+ status = psa_load_builtin_key_into_slot( *p_slot );
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
- return( status );
-#else
- return( PSA_ERROR_DOES_NOT_EXIST );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ if( status == PSA_ERROR_DOES_NOT_EXIST )
+ status = psa_load_persistent_key_into_slot( *p_slot );
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+ if( status != PSA_SUCCESS )
+ {
+ psa_wipe_key_slot( *p_slot );
+ if( status == PSA_ERROR_DOES_NOT_EXIST )
+ status = PSA_ERROR_INVALID_HANDLE;
+ }
+ else
+ /* Add implicit usage flags. */
+ psa_extend_key_usage_flags( &(*p_slot)->attr.policy.usage );
+
+ return( status );
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+ return( PSA_ERROR_INVALID_HANDLE );
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
}
psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot )
@@ -343,19 +432,26 @@
if ( psa_key_lifetime_is_external( lifetime ) )
{
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ /* Check whether a driver is registered against this lifetime */
psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime );
- if( driver == NULL )
- return( PSA_ERROR_INVALID_ARGUMENT );
- else
+ if( driver != NULL )
{
if (p_drv != NULL)
*p_drv = driver;
return( PSA_SUCCESS );
}
-#else
+#else /* MBEDTLS_PSA_CRYPTO_SE_C */
(void) p_drv;
- return( PSA_ERROR_INVALID_ARGUMENT );
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
+ /* Key location for external keys gets checked by the wrapper */
+ return( PSA_SUCCESS );
+#else /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+ /* No support for external lifetimes at all, or dynamic interface
+ * did not find driver for requested lifetime. */
+ return( PSA_ERROR_INVALID_ARGUMENT );
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
}
else
/* Local/internal keys are always valid */
@@ -373,7 +469,10 @@
{
/* Persistent keys require storage support */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- return( PSA_SUCCESS );
+ if( PSA_KEY_LIFETIME_IS_READ_ONLY( lifetime ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ else
+ return( PSA_SUCCESS );
#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
@@ -382,7 +481,8 @@
psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle )
{
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \
+ defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
psa_status_t status;
psa_key_slot_t *slot;
@@ -390,6 +490,9 @@
if( status != PSA_SUCCESS )
{
*handle = PSA_KEY_HANDLE_INIT;
+ if( status == PSA_ERROR_INVALID_HANDLE )
+ status = PSA_ERROR_DOES_NOT_EXIST;
+
return( status );
}
@@ -397,11 +500,11 @@
return( psa_unlock_key_slot( slot ) );
-#else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
(void) key;
*handle = PSA_KEY_HANDLE_INIT;
return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
}
psa_status_t psa_close_key( psa_key_handle_t handle )
@@ -414,8 +517,12 @@
status = psa_get_and_lock_key_slot_in_memory( handle, &slot );
if( status != PSA_SUCCESS )
- return( status );
+ {
+ if( status == PSA_ERROR_DOES_NOT_EXIST )
+ status = PSA_ERROR_INVALID_HANDLE;
+ return( status );
+ }
if( slot->lock_count <= 1 )
return( psa_wipe_key_slot( slot ) );
else
@@ -444,7 +551,7 @@
memset( stats, 0, sizeof( *stats ) );
- for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
+ for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{
const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
if( psa_is_key_slot_locked( slot ) )
@@ -456,16 +563,17 @@
++stats->empty_slots;
continue;
}
- if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
++stats->volatile_slots;
- else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+ else
{
psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
++stats->persistent_slots;
if( id > stats->max_open_internal_key_id )
stats->max_open_internal_key_id = id;
}
- else
+ if( PSA_KEY_LIFETIME_GET_LOCATION( slot->attr.lifetime ) !=
+ PSA_KEY_LOCATION_LOCAL_STORAGE )
{
psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
++stats->external_slots;
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index ef0814a..d539bdd 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -25,14 +25,10 @@
#include "psa_crypto_core.h"
#include "psa_crypto_se.h"
-/* Number of key slots (plus one because 0 is not used).
- * The value is a compile-time constant for now, for simplicity. */
-#define PSA_KEY_SLOT_COUNT 32
-
/** Range of volatile key identifiers.
*
- * The last PSA_KEY_SLOT_COUNT identifiers of the implementation range
- * of key identifiers are reserved for volatile key identifiers.
+ * The last #MBEDTLS_PSA_KEY_SLOT_COUNT identifiers of the implementation
+ * range of key identifiers are reserved for volatile key identifiers.
* A volatile key identifier is equal to #PSA_KEY_ID_VOLATILE_MIN plus the
* index of the key slot containing the volatile key definition.
*/
@@ -40,7 +36,7 @@
/** The minimum value for a volatile key identifier.
*/
#define PSA_KEY_ID_VOLATILE_MIN ( PSA_KEY_ID_VENDOR_MAX - \
- PSA_KEY_SLOT_COUNT + 1 )
+ MBEDTLS_PSA_KEY_SLOT_COUNT + 1 )
/** The maximum value for a volatile key identifier.
*/
@@ -209,8 +205,8 @@
* \param[in] lifetime The key lifetime attribute.
*
* \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT The key is persistent but persistent
- * keys are not supported.
+ * \retval #PSA_ERROR_NOT_SUPPORTED The key is persistent but persistent keys
+ * are not supported.
*/
psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime );
@@ -221,9 +217,8 @@
* vendor range are allowed, volatile key identifiers
* excepted \c 0 otherwise.
*
- * \retval #PSA_SUCCESS The identifier is valid.
- * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid.
+ * \retval <> 0 if the key identifier is valid, 0 otherwise.
*/
-psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok );
+int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok );
#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 1ebd20e..b485c50 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -18,18 +18,13 @@
* limitations under the License.
*/
-#if defined(MBEDTLS_CONFIG_FILE)
-#include MBEDTLS_CONFIG_FILE
-#else
-#include "mbedtls/config.h"
-#endif
+#include "common.h"
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
#include <stdlib.h>
#include <string.h>
-#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_storage.h"
#include "mbedtls/platform_util.h"
@@ -49,8 +44,6 @@
#define mbedtls_free free
#endif
-
-
/****************************************************************/
/* Key storage */
/****************************************************************/
@@ -91,6 +84,8 @@
* \param data_size Size of the \c data buffer in bytes.
*
* \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
* \retval #PSA_ERROR_STORAGE_FAILURE
* \retval #PSA_ERROR_DOES_NOT_EXIST
*/
@@ -108,7 +103,7 @@
status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data, &data_length );
if( data_size != data_length )
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
return( status );
}
@@ -139,8 +134,9 @@
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_STORAGE_FAILURE
* \retval #PSA_ERROR_ALREADY_EXISTS
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
*/
static psa_status_t psa_crypto_storage_store( const mbedtls_svc_key_id_t key,
const uint8_t *data,
@@ -156,7 +152,7 @@
status = psa_its_set( data_identifier, (uint32_t) data_length, data, 0 );
if( status != PSA_SUCCESS )
{
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
}
status = psa_its_get_info( data_identifier, &data_identifier_info );
@@ -167,7 +163,7 @@
if( data_identifier_info.size != data_length )
{
- status = PSA_ERROR_STORAGE_FAILURE;
+ status = PSA_ERROR_DATA_INVALID;
goto exit;
}
@@ -194,11 +190,11 @@
return( PSA_SUCCESS );
if( psa_its_remove( data_identifier ) != PSA_SUCCESS )
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
ret = psa_its_get_info( data_identifier, &data_identifier_info );
if( ret != PSA_ERROR_DOES_NOT_EXIST )
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
return( PSA_SUCCESS );
}
@@ -212,6 +208,8 @@
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_DATA_CORRUPT
*/
static psa_status_t psa_crypto_storage_get_data_length(
const mbedtls_svc_key_id_t key,
@@ -230,48 +228,6 @@
return( PSA_SUCCESS );
}
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE( n, b, i ) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] ) \
- | ( (uint32_t) (b)[(i) + 1] << 8 ) \
- | ( (uint32_t) (b)[(i) + 2] << 16 ) \
- | ( (uint32_t) (b)[(i) + 3] << 24 ); \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE( n, b, i ) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
- (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
- (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
-}
-#endif
-
-/*
- * 16-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT16_LE
-#define GET_UINT16_LE( n, b, i ) \
-{ \
- (n) = ( (uint16_t) (b)[(i) ] ) \
- | ( (uint16_t) (b)[(i) + 1] << 8 ); \
-}
-#endif
-
-#ifndef PUT_UINT16_LE
-#define PUT_UINT16_LE( n, b, i ) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
-}
-#endif
-
/**
* Persistent key storage magic header.
*/
@@ -298,14 +254,14 @@
(psa_persistent_key_storage_format *) storage_data;
memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH );
- PUT_UINT32_LE( 0, storage_format->version, 0 );
- PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
- PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 );
- PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 );
- PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
- PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
- PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
- PUT_UINT32_LE( data_length, storage_format->data_len, 0 );
+ MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 );
+ MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
+ MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 );
+ MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 );
+ MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
+ MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
+ MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
+ MBEDTLS_PUT_UINT32_LE( data_length, storage_format->data_len, 0 );
memcpy( storage_format->key_data, data, data_length );
}
@@ -313,7 +269,7 @@
{
if( memcmp( data, PSA_KEY_STORAGE_MAGIC_HEADER,
PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ) != 0 )
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
return( PSA_SUCCESS );
}
@@ -329,20 +285,20 @@
uint32_t version;
if( storage_data_length < sizeof(*storage_format) )
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
status = check_magic_header( storage_data );
if( status != PSA_SUCCESS )
return( status );
- GET_UINT32_LE( version, storage_format->version, 0 );
+ version = MBEDTLS_GET_UINT32_LE( storage_format->version, 0 );
if( version != 0 )
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
- GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 );
+ *key_data_length = MBEDTLS_GET_UINT32_LE( storage_format->data_len, 0 );
if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) ||
*key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE )
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
if( *key_data_length == 0 )
{
@@ -356,12 +312,12 @@
memcpy( *key_data, storage_format->key_data, *key_data_length );
}
- GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
- GET_UINT16_LE( attr->type, storage_format->type, 0 );
- GET_UINT16_LE( attr->bits, storage_format->bits, 0 );
- GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
- GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
- GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
+ attr->lifetime = MBEDTLS_GET_UINT32_LE( storage_format->lifetime, 0 );
+ attr->type = MBEDTLS_GET_UINT16_LE( storage_format->type, 0 );
+ attr->bits = MBEDTLS_GET_UINT16_LE( storage_format->bits, 0 );
+ attr->policy.usage = MBEDTLS_GET_UINT32_LE( storage_format->policy, 0 );
+ attr->policy.alg = MBEDTLS_GET_UINT32_LE( storage_format->policy, sizeof( uint32_t ) );
+ attr->policy.alg2 = MBEDTLS_GET_UINT32_LE( storage_format->policy, 2 * sizeof( uint32_t ) );
return( PSA_SUCCESS );
}
@@ -374,8 +330,12 @@
uint8_t *storage_data;
psa_status_t status;
+ /* All keys saved to persistent storage always have a key context */
+ if( data == NULL || data_length == 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
if( data_length > PSA_CRYPTO_MAX_STORAGE_SIZE )
- return PSA_ERROR_INSUFFICIENT_STORAGE;
+ return( PSA_ERROR_INSUFFICIENT_STORAGE );
storage_data_length = data_length + sizeof( psa_persistent_key_storage_format );
storage_data = mbedtls_calloc( 1, storage_data_length );
@@ -426,6 +386,11 @@
status = psa_parse_key_data_from_storage( loaded_data, storage_data_length,
data, data_length, attr );
+ /* All keys saved to persistent storage always have a key context */
+ if( status == PSA_SUCCESS &&
+ ( *data == NULL || *data_length == 0 ) )
+ status = PSA_ERROR_STORAGE_FAILURE;
+
exit:
mbedtls_free( loaded_data );
return( status );
@@ -470,7 +435,7 @@
if( status != PSA_SUCCESS )
return( status );
if( length != sizeof( psa_crypto_transaction ) )
- return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_ERROR_DATA_INVALID );
return( PSA_SUCCESS );
}
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index fbc94fc..970e108 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -49,7 +49,7 @@
* - Using the ITS backend, all key ids are ok except 0xFFFFFF52
* (#PSA_CRYPTO_ITS_RANDOM_SEED_UID) for which the file contains the
* device's random seed (if this feature is enabled).
- * - Only key ids from 1 to #PSA_KEY_SLOT_COUNT are actually used.
+ * - Only key ids from 1 to #MBEDTLS_PSA_KEY_SLOT_COUNT are actually used.
*
* Since we need to preserve the random seed, avoid using that key slot.
* Reserve a whole range of key slots just in case something else comes up.
@@ -86,6 +86,9 @@
* already occupied non-persistent key, as well as ensuring the key data is
* validated.
*
+ * Note: This function will only succeed for key buffers which are not
+ * empty. If passed a NULL pointer or zero-length, the function will fail
+ * with #PSA_ERROR_INVALID_ARGUMENT.
*
* \param[in] attr The attributes of the key to save.
* The key identifier field in the attributes
@@ -94,10 +97,13 @@
* \param data_length The number of bytes that make up the key data.
*
* \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_STORAGE_FAILURE
* \retval #PSA_ERROR_ALREADY_EXISTS
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
*/
psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr,
const uint8_t *data,
@@ -111,9 +117,10 @@
* metadata and writes them to the appropriate output parameters.
*
* Note: This function allocates a buffer and returns a pointer to it through
- * the data parameter. psa_free_persistent_key_data() must be called after
- * this function to zeroize and free this buffer, regardless of whether this
- * function succeeds or fails.
+ * the data parameter. On successful return, the pointer is guaranteed to be
+ * valid and the buffer contains at least one byte of data.
+ * psa_free_persistent_key_data() must be called on the data buffer
+ * afterwards to zeroize and free this buffer.
*
* \param[in,out] attr On input, the key identifier field identifies
* the key to load. Other fields are ignored.
@@ -124,7 +131,8 @@
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
* \retval #PSA_ERROR_DOES_NOT_EXIST
*/
psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr,
@@ -140,7 +148,7 @@
* \retval #PSA_SUCCESS
* The key was successfully removed,
* or the key did not exist.
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
*/
psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key );
@@ -183,9 +191,8 @@
* with the loaded key metadata.
*
* \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
*/
psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
size_t storage_data_length,
@@ -319,6 +326,7 @@
* atomically update the transaction state.
*
* \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_DATA_CORRUPT
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_STORAGE_FAILURE
*/
@@ -335,6 +343,8 @@
* \retval #PSA_ERROR_DOES_NOT_EXIST
* There is no ongoing transaction.
* \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_INVALID
+ * \retval #PSA_ERROR_DATA_CORRUPT
*/
psa_status_t psa_crypto_load_transaction( void );
diff --git a/library/psa_its_file.c b/library/psa_its_file.c
index 2fbff20..c4782cd 100644
--- a/library/psa_its_file.c
+++ b/library/psa_its_file.c
@@ -18,11 +18,7 @@
* limitations under the License.
*/
-#if defined(MBEDTLS_CONFIG_FILE)
-#include MBEDTLS_CONFIG_FILE
-#else
-#include "mbedtls/config.h"
-#endif
+#include "common.h"
#if defined(MBEDTLS_PSA_ITS_FILE_C)
@@ -47,7 +43,7 @@
#define PSA_ITS_STORAGE_PREFIX ""
#endif
-#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx"
+#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08x%08x"
#define PSA_ITS_STORAGE_SUFFIX ".psa_its"
#define PSA_ITS_STORAGE_FILENAME_LENGTH \
( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \
@@ -87,8 +83,8 @@
mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH,
"%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s",
PSA_ITS_STORAGE_PREFIX,
- (unsigned long) ( uid >> 32 ),
- (unsigned long) ( uid & 0xffffffff ),
+ (unsigned) ( uid >> 32 ),
+ (unsigned) ( uid & 0xffffffff ),
PSA_ITS_STORAGE_SUFFIX );
}
@@ -195,14 +191,8 @@
size_t n;
memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH );
- header.size[0] = data_length & 0xff;
- header.size[1] = ( data_length >> 8 ) & 0xff;
- header.size[2] = ( data_length >> 16 ) & 0xff;
- header.size[3] = ( data_length >> 24 ) & 0xff;
- header.flags[0] = create_flags & 0xff;
- header.flags[1] = ( create_flags >> 8 ) & 0xff;
- header.flags[2] = ( create_flags >> 16 ) & 0xff;
- header.flags[3] = ( create_flags >> 24 ) & 0xff;
+ MBEDTLS_PUT_UINT32_LE( data_length, header.size, 0 );
+ MBEDTLS_PUT_UINT32_LE( create_flags, header.flags, 0 );
psa_its_fill_filename( uid, filename );
stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" );
diff --git a/library/ripemd160.c b/library/ripemd160.c
index 603b6ba..aed7322 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c
@@ -44,29 +44,6 @@
#if !defined(MBEDTLS_RIPEMD160_ALT)
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] ) \
- | ( (uint32_t) (b)[(i) + 1] << 8 ) \
- | ( (uint32_t) (b)[(i) + 2] << 16 ) \
- | ( (uint32_t) (b)[(i) + 3] << 24 ); \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
- (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
- (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
-}
-#endif
-
void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) );
@@ -117,30 +94,33 @@
int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
const unsigned char data[64] )
{
- uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
+ struct
+ {
+ uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
+ } local;
- GET_UINT32_LE( X[ 0], data, 0 );
- GET_UINT32_LE( X[ 1], data, 4 );
- GET_UINT32_LE( X[ 2], data, 8 );
- GET_UINT32_LE( X[ 3], data, 12 );
- GET_UINT32_LE( X[ 4], data, 16 );
- GET_UINT32_LE( X[ 5], data, 20 );
- GET_UINT32_LE( X[ 6], data, 24 );
- GET_UINT32_LE( X[ 7], data, 28 );
- GET_UINT32_LE( X[ 8], data, 32 );
- GET_UINT32_LE( X[ 9], data, 36 );
- GET_UINT32_LE( X[10], data, 40 );
- GET_UINT32_LE( X[11], data, 44 );
- GET_UINT32_LE( X[12], data, 48 );
- GET_UINT32_LE( X[13], data, 52 );
- GET_UINT32_LE( X[14], data, 56 );
- GET_UINT32_LE( X[15], data, 60 );
+ local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 );
+ local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 );
+ local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 );
+ local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 );
+ local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 );
+ local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 );
+ local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 );
+ local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 );
+ local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 );
+ local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 );
+ local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 );
+ local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 );
+ local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 );
+ local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 );
+ local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 );
+ local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 );
- A = Ap = ctx->state[0];
- B = Bp = ctx->state[1];
- C = Cp = ctx->state[2];
- D = Dp = ctx->state[3];
- E = Ep = ctx->state[4];
+ local.A = local.Ap = ctx->state[0];
+ local.B = local.Bp = ctx->state[1];
+ local.C = local.Cp = ctx->state[2];
+ local.D = local.Dp = ctx->state[3];
+ local.E = local.Ep = ctx->state[4];
#define F1( x, y, z ) ( (x) ^ (y) ^ (z) )
#define F2( x, y, z ) ( ( (x) & (y) ) | ( ~(x) & (z) ) )
@@ -150,12 +130,12 @@
#define S( x, n ) ( ( (x) << (n) ) | ( (x) >> (32 - (n)) ) )
-#define P( a, b, c, d, e, r, s, f, k ) \
- do \
- { \
- (a) += f( (b), (c), (d) ) + X[r] + (k); \
- (a) = S( (a), (s) ) + (e); \
- (c) = S( (c), 10 ); \
+#define P( a, b, c, d, e, r, s, f, k ) \
+ do \
+ { \
+ (a) += f( (b), (c), (d) ) + local.X[r] + (k); \
+ (a) = S( (a), (s) ) + (e); \
+ (c) = S( (c), 10 ); \
} while( 0 )
#define P2( a, b, c, d, e, r, s, rp, sp ) \
@@ -170,22 +150,22 @@
#define K 0x00000000
#define Fp F5
#define Kp 0x50A28BE6
- P2( A, B, C, D, E, 0, 11, 5, 8 );
- P2( E, A, B, C, D, 1, 14, 14, 9 );
- P2( D, E, A, B, C, 2, 15, 7, 9 );
- P2( C, D, E, A, B, 3, 12, 0, 11 );
- P2( B, C, D, E, A, 4, 5, 9, 13 );
- P2( A, B, C, D, E, 5, 8, 2, 15 );
- P2( E, A, B, C, D, 6, 7, 11, 15 );
- P2( D, E, A, B, C, 7, 9, 4, 5 );
- P2( C, D, E, A, B, 8, 11, 13, 7 );
- P2( B, C, D, E, A, 9, 13, 6, 7 );
- P2( A, B, C, D, E, 10, 14, 15, 8 );
- P2( E, A, B, C, D, 11, 15, 8, 11 );
- P2( D, E, A, B, C, 12, 6, 1, 14 );
- P2( C, D, E, A, B, 13, 7, 10, 14 );
- P2( B, C, D, E, A, 14, 9, 3, 12 );
- P2( A, B, C, D, E, 15, 8, 12, 6 );
+ P2( local.A, local.B, local.C, local.D, local.E, 0, 11, 5, 8 );
+ P2( local.E, local.A, local.B, local.C, local.D, 1, 14, 14, 9 );
+ P2( local.D, local.E, local.A, local.B, local.C, 2, 15, 7, 9 );
+ P2( local.C, local.D, local.E, local.A, local.B, 3, 12, 0, 11 );
+ P2( local.B, local.C, local.D, local.E, local.A, 4, 5, 9, 13 );
+ P2( local.A, local.B, local.C, local.D, local.E, 5, 8, 2, 15 );
+ P2( local.E, local.A, local.B, local.C, local.D, 6, 7, 11, 15 );
+ P2( local.D, local.E, local.A, local.B, local.C, 7, 9, 4, 5 );
+ P2( local.C, local.D, local.E, local.A, local.B, 8, 11, 13, 7 );
+ P2( local.B, local.C, local.D, local.E, local.A, 9, 13, 6, 7 );
+ P2( local.A, local.B, local.C, local.D, local.E, 10, 14, 15, 8 );
+ P2( local.E, local.A, local.B, local.C, local.D, 11, 15, 8, 11 );
+ P2( local.D, local.E, local.A, local.B, local.C, 12, 6, 1, 14 );
+ P2( local.C, local.D, local.E, local.A, local.B, 13, 7, 10, 14 );
+ P2( local.B, local.C, local.D, local.E, local.A, 14, 9, 3, 12 );
+ P2( local.A, local.B, local.C, local.D, local.E, 15, 8, 12, 6 );
#undef F
#undef K
#undef Fp
@@ -195,22 +175,22 @@
#define K 0x5A827999
#define Fp F4
#define Kp 0x5C4DD124
- P2( E, A, B, C, D, 7, 7, 6, 9 );
- P2( D, E, A, B, C, 4, 6, 11, 13 );
- P2( C, D, E, A, B, 13, 8, 3, 15 );
- P2( B, C, D, E, A, 1, 13, 7, 7 );
- P2( A, B, C, D, E, 10, 11, 0, 12 );
- P2( E, A, B, C, D, 6, 9, 13, 8 );
- P2( D, E, A, B, C, 15, 7, 5, 9 );
- P2( C, D, E, A, B, 3, 15, 10, 11 );
- P2( B, C, D, E, A, 12, 7, 14, 7 );
- P2( A, B, C, D, E, 0, 12, 15, 7 );
- P2( E, A, B, C, D, 9, 15, 8, 12 );
- P2( D, E, A, B, C, 5, 9, 12, 7 );
- P2( C, D, E, A, B, 2, 11, 4, 6 );
- P2( B, C, D, E, A, 14, 7, 9, 15 );
- P2( A, B, C, D, E, 11, 13, 1, 13 );
- P2( E, A, B, C, D, 8, 12, 2, 11 );
+ P2( local.E, local.A, local.B, local.C, local.D, 7, 7, 6, 9 );
+ P2( local.D, local.E, local.A, local.B, local.C, 4, 6, 11, 13 );
+ P2( local.C, local.D, local.E, local.A, local.B, 13, 8, 3, 15 );
+ P2( local.B, local.C, local.D, local.E, local.A, 1, 13, 7, 7 );
+ P2( local.A, local.B, local.C, local.D, local.E, 10, 11, 0, 12 );
+ P2( local.E, local.A, local.B, local.C, local.D, 6, 9, 13, 8 );
+ P2( local.D, local.E, local.A, local.B, local.C, 15, 7, 5, 9 );
+ P2( local.C, local.D, local.E, local.A, local.B, 3, 15, 10, 11 );
+ P2( local.B, local.C, local.D, local.E, local.A, 12, 7, 14, 7 );
+ P2( local.A, local.B, local.C, local.D, local.E, 0, 12, 15, 7 );
+ P2( local.E, local.A, local.B, local.C, local.D, 9, 15, 8, 12 );
+ P2( local.D, local.E, local.A, local.B, local.C, 5, 9, 12, 7 );
+ P2( local.C, local.D, local.E, local.A, local.B, 2, 11, 4, 6 );
+ P2( local.B, local.C, local.D, local.E, local.A, 14, 7, 9, 15 );
+ P2( local.A, local.B, local.C, local.D, local.E, 11, 13, 1, 13 );
+ P2( local.E, local.A, local.B, local.C, local.D, 8, 12, 2, 11 );
#undef F
#undef K
#undef Fp
@@ -220,22 +200,22 @@
#define K 0x6ED9EBA1
#define Fp F3
#define Kp 0x6D703EF3
- P2( D, E, A, B, C, 3, 11, 15, 9 );
- P2( C, D, E, A, B, 10, 13, 5, 7 );
- P2( B, C, D, E, A, 14, 6, 1, 15 );
- P2( A, B, C, D, E, 4, 7, 3, 11 );
- P2( E, A, B, C, D, 9, 14, 7, 8 );
- P2( D, E, A, B, C, 15, 9, 14, 6 );
- P2( C, D, E, A, B, 8, 13, 6, 6 );
- P2( B, C, D, E, A, 1, 15, 9, 14 );
- P2( A, B, C, D, E, 2, 14, 11, 12 );
- P2( E, A, B, C, D, 7, 8, 8, 13 );
- P2( D, E, A, B, C, 0, 13, 12, 5 );
- P2( C, D, E, A, B, 6, 6, 2, 14 );
- P2( B, C, D, E, A, 13, 5, 10, 13 );
- P2( A, B, C, D, E, 11, 12, 0, 13 );
- P2( E, A, B, C, D, 5, 7, 4, 7 );
- P2( D, E, A, B, C, 12, 5, 13, 5 );
+ P2( local.D, local.E, local.A, local.B, local.C, 3, 11, 15, 9 );
+ P2( local.C, local.D, local.E, local.A, local.B, 10, 13, 5, 7 );
+ P2( local.B, local.C, local.D, local.E, local.A, 14, 6, 1, 15 );
+ P2( local.A, local.B, local.C, local.D, local.E, 4, 7, 3, 11 );
+ P2( local.E, local.A, local.B, local.C, local.D, 9, 14, 7, 8 );
+ P2( local.D, local.E, local.A, local.B, local.C, 15, 9, 14, 6 );
+ P2( local.C, local.D, local.E, local.A, local.B, 8, 13, 6, 6 );
+ P2( local.B, local.C, local.D, local.E, local.A, 1, 15, 9, 14 );
+ P2( local.A, local.B, local.C, local.D, local.E, 2, 14, 11, 12 );
+ P2( local.E, local.A, local.B, local.C, local.D, 7, 8, 8, 13 );
+ P2( local.D, local.E, local.A, local.B, local.C, 0, 13, 12, 5 );
+ P2( local.C, local.D, local.E, local.A, local.B, 6, 6, 2, 14 );
+ P2( local.B, local.C, local.D, local.E, local.A, 13, 5, 10, 13 );
+ P2( local.A, local.B, local.C, local.D, local.E, 11, 12, 0, 13 );
+ P2( local.E, local.A, local.B, local.C, local.D, 5, 7, 4, 7 );
+ P2( local.D, local.E, local.A, local.B, local.C, 12, 5, 13, 5 );
#undef F
#undef K
#undef Fp
@@ -245,22 +225,22 @@
#define K 0x8F1BBCDC
#define Fp F2
#define Kp 0x7A6D76E9
- P2( C, D, E, A, B, 1, 11, 8, 15 );
- P2( B, C, D, E, A, 9, 12, 6, 5 );
- P2( A, B, C, D, E, 11, 14, 4, 8 );
- P2( E, A, B, C, D, 10, 15, 1, 11 );
- P2( D, E, A, B, C, 0, 14, 3, 14 );
- P2( C, D, E, A, B, 8, 15, 11, 14 );
- P2( B, C, D, E, A, 12, 9, 15, 6 );
- P2( A, B, C, D, E, 4, 8, 0, 14 );
- P2( E, A, B, C, D, 13, 9, 5, 6 );
- P2( D, E, A, B, C, 3, 14, 12, 9 );
- P2( C, D, E, A, B, 7, 5, 2, 12 );
- P2( B, C, D, E, A, 15, 6, 13, 9 );
- P2( A, B, C, D, E, 14, 8, 9, 12 );
- P2( E, A, B, C, D, 5, 6, 7, 5 );
- P2( D, E, A, B, C, 6, 5, 10, 15 );
- P2( C, D, E, A, B, 2, 12, 14, 8 );
+ P2( local.C, local.D, local.E, local.A, local.B, 1, 11, 8, 15 );
+ P2( local.B, local.C, local.D, local.E, local.A, 9, 12, 6, 5 );
+ P2( local.A, local.B, local.C, local.D, local.E, 11, 14, 4, 8 );
+ P2( local.E, local.A, local.B, local.C, local.D, 10, 15, 1, 11 );
+ P2( local.D, local.E, local.A, local.B, local.C, 0, 14, 3, 14 );
+ P2( local.C, local.D, local.E, local.A, local.B, 8, 15, 11, 14 );
+ P2( local.B, local.C, local.D, local.E, local.A, 12, 9, 15, 6 );
+ P2( local.A, local.B, local.C, local.D, local.E, 4, 8, 0, 14 );
+ P2( local.E, local.A, local.B, local.C, local.D, 13, 9, 5, 6 );
+ P2( local.D, local.E, local.A, local.B, local.C, 3, 14, 12, 9 );
+ P2( local.C, local.D, local.E, local.A, local.B, 7, 5, 2, 12 );
+ P2( local.B, local.C, local.D, local.E, local.A, 15, 6, 13, 9 );
+ P2( local.A, local.B, local.C, local.D, local.E, 14, 8, 9, 12 );
+ P2( local.E, local.A, local.B, local.C, local.D, 5, 6, 7, 5 );
+ P2( local.D, local.E, local.A, local.B, local.C, 6, 5, 10, 15 );
+ P2( local.C, local.D, local.E, local.A, local.B, 2, 12, 14, 8 );
#undef F
#undef K
#undef Fp
@@ -270,33 +250,36 @@
#define K 0xA953FD4E
#define Fp F1
#define Kp 0x00000000
- P2( B, C, D, E, A, 4, 9, 12, 8 );
- P2( A, B, C, D, E, 0, 15, 15, 5 );
- P2( E, A, B, C, D, 5, 5, 10, 12 );
- P2( D, E, A, B, C, 9, 11, 4, 9 );
- P2( C, D, E, A, B, 7, 6, 1, 12 );
- P2( B, C, D, E, A, 12, 8, 5, 5 );
- P2( A, B, C, D, E, 2, 13, 8, 14 );
- P2( E, A, B, C, D, 10, 12, 7, 6 );
- P2( D, E, A, B, C, 14, 5, 6, 8 );
- P2( C, D, E, A, B, 1, 12, 2, 13 );
- P2( B, C, D, E, A, 3, 13, 13, 6 );
- P2( A, B, C, D, E, 8, 14, 14, 5 );
- P2( E, A, B, C, D, 11, 11, 0, 15 );
- P2( D, E, A, B, C, 6, 8, 3, 13 );
- P2( C, D, E, A, B, 15, 5, 9, 11 );
- P2( B, C, D, E, A, 13, 6, 11, 11 );
+ P2( local.B, local.C, local.D, local.E, local.A, 4, 9, 12, 8 );
+ P2( local.A, local.B, local.C, local.D, local.E, 0, 15, 15, 5 );
+ P2( local.E, local.A, local.B, local.C, local.D, 5, 5, 10, 12 );
+ P2( local.D, local.E, local.A, local.B, local.C, 9, 11, 4, 9 );
+ P2( local.C, local.D, local.E, local.A, local.B, 7, 6, 1, 12 );
+ P2( local.B, local.C, local.D, local.E, local.A, 12, 8, 5, 5 );
+ P2( local.A, local.B, local.C, local.D, local.E, 2, 13, 8, 14 );
+ P2( local.E, local.A, local.B, local.C, local.D, 10, 12, 7, 6 );
+ P2( local.D, local.E, local.A, local.B, local.C, 14, 5, 6, 8 );
+ P2( local.C, local.D, local.E, local.A, local.B, 1, 12, 2, 13 );
+ P2( local.B, local.C, local.D, local.E, local.A, 3, 13, 13, 6 );
+ P2( local.A, local.B, local.C, local.D, local.E, 8, 14, 14, 5 );
+ P2( local.E, local.A, local.B, local.C, local.D, 11, 11, 0, 15 );
+ P2( local.D, local.E, local.A, local.B, local.C, 6, 8, 3, 13 );
+ P2( local.C, local.D, local.E, local.A, local.B, 15, 5, 9, 11 );
+ P2( local.B, local.C, local.D, local.E, local.A, 13, 6, 11, 11 );
#undef F
#undef K
#undef Fp
#undef Kp
- C = ctx->state[1] + C + Dp;
- ctx->state[1] = ctx->state[2] + D + Ep;
- ctx->state[2] = ctx->state[3] + E + Ap;
- ctx->state[3] = ctx->state[4] + A + Bp;
- ctx->state[4] = ctx->state[0] + B + Cp;
- ctx->state[0] = C;
+ local.C = ctx->state[1] + local.C + local.Dp;
+ ctx->state[1] = ctx->state[2] + local.D + local.Ep;
+ ctx->state[2] = ctx->state[3] + local.E + local.Ap;
+ ctx->state[3] = ctx->state[4] + local.A + local.Bp;
+ ctx->state[4] = ctx->state[0] + local.B + local.Cp;
+ ctx->state[0] = local.C;
+
+ /* Zeroise variables to clear sensitive data from memory. */
+ mbedtls_platform_zeroize( &local, sizeof( local ) );
return( 0 );
}
@@ -394,8 +377,8 @@
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_LE( low, msglen, 0 );
- PUT_UINT32_LE( high, msglen, 4 );
+ MBEDTLS_PUT_UINT32_LE( low, msglen, 0 );
+ MBEDTLS_PUT_UINT32_LE( high, msglen, 4 );
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
@@ -408,11 +391,11 @@
if( ret != 0 )
return( ret );
- PUT_UINT32_LE( ctx->state[0], output, 0 );
- PUT_UINT32_LE( ctx->state[1], output, 4 );
- PUT_UINT32_LE( ctx->state[2], output, 8 );
- PUT_UINT32_LE( ctx->state[3], output, 12 );
- PUT_UINT32_LE( ctx->state[4], output, 16 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 );
+ MBEDTLS_PUT_UINT32_LE( ctx->state[4], output, 16 );
return( 0 );
}
diff --git a/library/rsa.c b/library/rsa.c
index d6abd65..268d025 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -102,7 +102,7 @@
( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) ||
( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) )
{
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
}
if( N != NULL )
@@ -142,7 +142,7 @@
cleanup:
if( ret != 0 )
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
return( 0 );
}
@@ -293,7 +293,7 @@
if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P,
&ctx->Q ) ) != 0 )
{
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
}
ctx->len = mbedtls_mpi_size( &ctx->N );
@@ -308,7 +308,7 @@
ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D,
&ctx->P, &ctx->Q );
if( ret != 0 )
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
}
else if( d_missing )
@@ -318,7 +318,7 @@
&ctx->E,
&ctx->D ) ) != 0 )
{
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
}
}
@@ -333,7 +333,7 @@
ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D,
&ctx->DP, &ctx->DQ, &ctx->QP );
if( ret != 0 )
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
}
#endif /* MBEDTLS_RSA_NO_CRT */
@@ -461,13 +461,13 @@
( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) ||
( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) )
{
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
}
#else
if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D,
DP, DQ, QP ) ) != 0 )
{
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
}
#endif
@@ -490,6 +490,9 @@
mbedtls_rsa_set_padding( ctx, padding, hash_id );
#if defined(MBEDTLS_THREADING_C)
+ /* Set ctx->ver to nonzero to indicate that the mutex has been
+ * initialized and will need to be freed. */
+ ctx->ver = 1;
mbedtls_mutex_init( &ctx->mutex );
#endif
}
@@ -537,9 +540,6 @@
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( f_rng != NULL );
- if( nbits < 128 || exponent < 3 || nbits % 2 != 0 )
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
/*
* If the modulus is 1024 bit long or shorter, then the security strength of
* the RSA algorithm is less than or equal to 80 bits and therefore an error
@@ -552,6 +552,12 @@
mbedtls_mpi_init( &G );
mbedtls_mpi_init( &L );
+ if( nbits < 128 || exponent < 3 || nbits % 2 != 0 )
+ {
+ ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+ goto cleanup;
+ }
+
/*
* find primes P and Q with Q < P so that:
* 1. |P-Q| > 2^( nbits / 2 - 100 )
@@ -629,7 +635,10 @@
if( ret != 0 )
{
mbedtls_rsa_free( ctx );
- return( MBEDTLS_ERR_RSA_KEY_GEN_FAILED + ret );
+
+ if( ( -ret & ~0x7f ) == 0 )
+ ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret );
+ return( ret );
}
return( 0 );
@@ -761,7 +770,7 @@
mbedtls_mpi_free( &T );
if( ret != 0 )
- return( MBEDTLS_ERR_RSA_PUBLIC_FAILED + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) );
return( 0 );
}
@@ -1076,10 +1085,10 @@
mbedtls_mpi_free( &C );
mbedtls_mpi_free( &I );
- if( ret != 0 )
- return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret );
+ if( ret != 0 && ret >= -0x007f )
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) );
- return( 0 );
+ return( ret );
}
#if defined(MBEDTLS_PKCS1_V21)
@@ -1190,7 +1199,7 @@
/* Generate a random octet string seed */
if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 )
- return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
p += hlen;
@@ -1279,7 +1288,7 @@
/* Check if RNG failed to generate data */
if( rng_dl == 0 || ret != 0 )
- return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
p++;
}
@@ -1787,21 +1796,19 @@
}
#if defined(MBEDTLS_PKCS1_V21)
-/*
- * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function
- */
-int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
+static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
mbedtls_md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
+ int saltlen,
unsigned char *sig )
{
size_t olen;
unsigned char *p = sig;
- unsigned char salt[MBEDTLS_MD_MAX_SIZE];
+ unsigned char *salt = NULL;
size_t slen, min_slen, hlen, offset = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t msb;
@@ -1839,31 +1846,44 @@
hlen = mbedtls_md_get_size( md_info );
- /* Calculate the largest possible salt length. Normally this is the hash
- * length, which is the maximum length the salt can have. If there is not
- * enough room, use the maximum salt length that fits. The constraint is
- * that the hash length plus the salt length plus 2 bytes must be at most
- * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017
- * (PKCS#1 v2.2) §9.1.1 step 3. */
- min_slen = hlen - 2;
- if( olen < hlen + min_slen + 2 )
+ if (saltlen == MBEDTLS_RSA_SALT_LEN_ANY)
+ {
+ /* Calculate the largest possible salt length, up to the hash size.
+ * Normally this is the hash length, which is the maximum salt length
+ * according to FIPS 185-4 §5.5 (e) and common practice. If there is not
+ * enough room, use the maximum salt length that fits. The constraint is
+ * that the hash length plus the salt length plus 2 bytes must be at most
+ * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017
+ * (PKCS#1 v2.2) §9.1.1 step 3. */
+ min_slen = hlen - 2;
+ if( olen < hlen + min_slen + 2 )
+ return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+ else if( olen >= hlen + hlen + 2 )
+ slen = hlen;
+ else
+ slen = olen - hlen - 2;
+ }
+ else if ( (saltlen < 0) || (saltlen + hlen + 2 > olen) )
+ {
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
- else if( olen >= hlen + hlen + 2 )
- slen = hlen;
+ }
else
- slen = olen - hlen - 2;
+ {
+ slen = (size_t) saltlen;
+ }
memset( sig, 0, olen );
- /* Generate salt of length slen */
- if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
- return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
-
/* Note: EMSA-PSS encoding is over the length of N - 1 bits */
msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
p += olen - hlen - slen - 2;
*p++ = 0x01;
- memcpy( p, salt, slen );
+
+ /* Generate salt of length slen in place in the encoded message */
+ salt = p;
+ if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
+
p += slen;
mbedtls_md_init( &md_ctx );
@@ -1897,8 +1917,6 @@
p += hlen;
*p++ = 0xBC;
- mbedtls_platform_zeroize( salt, sizeof( salt ) );
-
exit:
mbedtls_md_free( &md_ctx );
@@ -1909,6 +1927,40 @@
? mbedtls_rsa_public( ctx, sig, sig )
: mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) );
}
+
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function with
+ * the option to pass in the salt length.
+ */
+int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ int saltlen,
+ unsigned char *sig )
+{
+ return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg,
+ hashlen, hash, saltlen, sig );
+}
+
+
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function
+ */
+int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ int mode,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ unsigned char *sig )
+{
+ return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg,
+ hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig );
+}
#endif /* MBEDTLS_PKCS1_V21 */
#if defined(MBEDTLS_PKCS1_V15)
@@ -2481,7 +2533,6 @@
RSA_VALIDATE_RET( dst != NULL );
RSA_VALIDATE_RET( src != NULL );
- dst->ver = src->ver;
dst->len = src->len;
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->N, &src->N ) );
@@ -2540,7 +2591,12 @@
#endif /* MBEDTLS_RSA_NO_CRT */
#if defined(MBEDTLS_THREADING_C)
- mbedtls_mutex_free( &ctx->mutex );
+ /* Free the mutex, but only if it hasn't been freed already. */
+ if( ctx->ver != 0 )
+ {
+ mbedtls_mutex_free( &ctx->mutex );
+ ctx->ver = 0;
+ }
#endif
}
diff --git a/library/sha1.c b/library/sha1.c
index 593f795..0a5edaf 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -48,29 +48,6 @@
#if !defined(MBEDTLS_SHA1_ALT)
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
{
SHA1_VALIDATE( ctx != NULL );
@@ -125,35 +102,40 @@
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] )
{
- uint32_t temp, W[16], A, B, C, D, E;
+ struct
+ {
+ uint32_t temp, W[16], A, B, C, D, E;
+ } local;
SHA1_VALIDATE_RET( ctx != NULL );
SHA1_VALIDATE_RET( (const unsigned char *)data != NULL );
- GET_UINT32_BE( W[ 0], data, 0 );
- GET_UINT32_BE( W[ 1], data, 4 );
- GET_UINT32_BE( W[ 2], data, 8 );
- GET_UINT32_BE( W[ 3], data, 12 );
- GET_UINT32_BE( W[ 4], data, 16 );
- GET_UINT32_BE( W[ 5], data, 20 );
- GET_UINT32_BE( W[ 6], data, 24 );
- GET_UINT32_BE( W[ 7], data, 28 );
- GET_UINT32_BE( W[ 8], data, 32 );
- GET_UINT32_BE( W[ 9], data, 36 );
- GET_UINT32_BE( W[10], data, 40 );
- GET_UINT32_BE( W[11], data, 44 );
- GET_UINT32_BE( W[12], data, 48 );
- GET_UINT32_BE( W[13], data, 52 );
- GET_UINT32_BE( W[14], data, 56 );
- GET_UINT32_BE( W[15], data, 60 );
+ local.W[ 0] = MBEDTLS_GET_UINT32_BE( data, 0 );
+ local.W[ 1] = MBEDTLS_GET_UINT32_BE( data, 4 );
+ local.W[ 2] = MBEDTLS_GET_UINT32_BE( data, 8 );
+ local.W[ 3] = MBEDTLS_GET_UINT32_BE( data, 12 );
+ local.W[ 4] = MBEDTLS_GET_UINT32_BE( data, 16 );
+ local.W[ 5] = MBEDTLS_GET_UINT32_BE( data, 20 );
+ local.W[ 6] = MBEDTLS_GET_UINT32_BE( data, 24 );
+ local.W[ 7] = MBEDTLS_GET_UINT32_BE( data, 28 );
+ local.W[ 8] = MBEDTLS_GET_UINT32_BE( data, 32 );
+ local.W[ 9] = MBEDTLS_GET_UINT32_BE( data, 36 );
+ local.W[10] = MBEDTLS_GET_UINT32_BE( data, 40 );
+ local.W[11] = MBEDTLS_GET_UINT32_BE( data, 44 );
+ local.W[12] = MBEDTLS_GET_UINT32_BE( data, 48 );
+ local.W[13] = MBEDTLS_GET_UINT32_BE( data, 52 );
+ local.W[14] = MBEDTLS_GET_UINT32_BE( data, 56 );
+ local.W[15] = MBEDTLS_GET_UINT32_BE( data, 60 );
#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
#define R(t) \
( \
- temp = W[( (t) - 3 ) & 0x0F] ^ W[( (t) - 8 ) & 0x0F] ^ \
- W[( (t) - 14 ) & 0x0F] ^ W[ (t) & 0x0F], \
- ( W[(t) & 0x0F] = S(temp,1) ) \
+ local.temp = local.W[( (t) - 3 ) & 0x0F] ^ \
+ local.W[( (t) - 8 ) & 0x0F] ^ \
+ local.W[( (t) - 14 ) & 0x0F] ^ \
+ local.W[ (t) & 0x0F], \
+ ( local.W[(t) & 0x0F] = S(local.temp,1) ) \
)
#define P(a,b,c,d,e,x) \
@@ -163,35 +145,35 @@
(b) = S((b),30); \
} while( 0 )
- A = ctx->state[0];
- B = ctx->state[1];
- C = ctx->state[2];
- D = ctx->state[3];
- E = ctx->state[4];
+ local.A = ctx->state[0];
+ local.B = ctx->state[1];
+ local.C = ctx->state[2];
+ local.D = ctx->state[3];
+ local.E = ctx->state[4];
#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define K 0x5A827999
- P( A, B, C, D, E, W[0] );
- P( E, A, B, C, D, W[1] );
- P( D, E, A, B, C, W[2] );
- P( C, D, E, A, B, W[3] );
- P( B, C, D, E, A, W[4] );
- P( A, B, C, D, E, W[5] );
- P( E, A, B, C, D, W[6] );
- P( D, E, A, B, C, W[7] );
- P( C, D, E, A, B, W[8] );
- P( B, C, D, E, A, W[9] );
- P( A, B, C, D, E, W[10] );
- P( E, A, B, C, D, W[11] );
- P( D, E, A, B, C, W[12] );
- P( C, D, E, A, B, W[13] );
- P( B, C, D, E, A, W[14] );
- P( A, B, C, D, E, W[15] );
- P( E, A, B, C, D, R(16) );
- P( D, E, A, B, C, R(17) );
- P( C, D, E, A, B, R(18) );
- P( B, C, D, E, A, R(19) );
+ P( local.A, local.B, local.C, local.D, local.E, local.W[0] );
+ P( local.E, local.A, local.B, local.C, local.D, local.W[1] );
+ P( local.D, local.E, local.A, local.B, local.C, local.W[2] );
+ P( local.C, local.D, local.E, local.A, local.B, local.W[3] );
+ P( local.B, local.C, local.D, local.E, local.A, local.W[4] );
+ P( local.A, local.B, local.C, local.D, local.E, local.W[5] );
+ P( local.E, local.A, local.B, local.C, local.D, local.W[6] );
+ P( local.D, local.E, local.A, local.B, local.C, local.W[7] );
+ P( local.C, local.D, local.E, local.A, local.B, local.W[8] );
+ P( local.B, local.C, local.D, local.E, local.A, local.W[9] );
+ P( local.A, local.B, local.C, local.D, local.E, local.W[10] );
+ P( local.E, local.A, local.B, local.C, local.D, local.W[11] );
+ P( local.D, local.E, local.A, local.B, local.C, local.W[12] );
+ P( local.C, local.D, local.E, local.A, local.B, local.W[13] );
+ P( local.B, local.C, local.D, local.E, local.A, local.W[14] );
+ P( local.A, local.B, local.C, local.D, local.E, local.W[15] );
+ P( local.E, local.A, local.B, local.C, local.D, R(16) );
+ P( local.D, local.E, local.A, local.B, local.C, R(17) );
+ P( local.C, local.D, local.E, local.A, local.B, R(18) );
+ P( local.B, local.C, local.D, local.E, local.A, R(19) );
#undef K
#undef F
@@ -199,26 +181,26 @@
#define F(x,y,z) ((x) ^ (y) ^ (z))
#define K 0x6ED9EBA1
- P( A, B, C, D, E, R(20) );
- P( E, A, B, C, D, R(21) );
- P( D, E, A, B, C, R(22) );
- P( C, D, E, A, B, R(23) );
- P( B, C, D, E, A, R(24) );
- P( A, B, C, D, E, R(25) );
- P( E, A, B, C, D, R(26) );
- P( D, E, A, B, C, R(27) );
- P( C, D, E, A, B, R(28) );
- P( B, C, D, E, A, R(29) );
- P( A, B, C, D, E, R(30) );
- P( E, A, B, C, D, R(31) );
- P( D, E, A, B, C, R(32) );
- P( C, D, E, A, B, R(33) );
- P( B, C, D, E, A, R(34) );
- P( A, B, C, D, E, R(35) );
- P( E, A, B, C, D, R(36) );
- P( D, E, A, B, C, R(37) );
- P( C, D, E, A, B, R(38) );
- P( B, C, D, E, A, R(39) );
+ P( local.A, local.B, local.C, local.D, local.E, R(20) );
+ P( local.E, local.A, local.B, local.C, local.D, R(21) );
+ P( local.D, local.E, local.A, local.B, local.C, R(22) );
+ P( local.C, local.D, local.E, local.A, local.B, R(23) );
+ P( local.B, local.C, local.D, local.E, local.A, R(24) );
+ P( local.A, local.B, local.C, local.D, local.E, R(25) );
+ P( local.E, local.A, local.B, local.C, local.D, R(26) );
+ P( local.D, local.E, local.A, local.B, local.C, R(27) );
+ P( local.C, local.D, local.E, local.A, local.B, R(28) );
+ P( local.B, local.C, local.D, local.E, local.A, R(29) );
+ P( local.A, local.B, local.C, local.D, local.E, R(30) );
+ P( local.E, local.A, local.B, local.C, local.D, R(31) );
+ P( local.D, local.E, local.A, local.B, local.C, R(32) );
+ P( local.C, local.D, local.E, local.A, local.B, R(33) );
+ P( local.B, local.C, local.D, local.E, local.A, R(34) );
+ P( local.A, local.B, local.C, local.D, local.E, R(35) );
+ P( local.E, local.A, local.B, local.C, local.D, R(36) );
+ P( local.D, local.E, local.A, local.B, local.C, R(37) );
+ P( local.C, local.D, local.E, local.A, local.B, R(38) );
+ P( local.B, local.C, local.D, local.E, local.A, R(39) );
#undef K
#undef F
@@ -226,26 +208,26 @@
#define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define K 0x8F1BBCDC
- P( A, B, C, D, E, R(40) );
- P( E, A, B, C, D, R(41) );
- P( D, E, A, B, C, R(42) );
- P( C, D, E, A, B, R(43) );
- P( B, C, D, E, A, R(44) );
- P( A, B, C, D, E, R(45) );
- P( E, A, B, C, D, R(46) );
- P( D, E, A, B, C, R(47) );
- P( C, D, E, A, B, R(48) );
- P( B, C, D, E, A, R(49) );
- P( A, B, C, D, E, R(50) );
- P( E, A, B, C, D, R(51) );
- P( D, E, A, B, C, R(52) );
- P( C, D, E, A, B, R(53) );
- P( B, C, D, E, A, R(54) );
- P( A, B, C, D, E, R(55) );
- P( E, A, B, C, D, R(56) );
- P( D, E, A, B, C, R(57) );
- P( C, D, E, A, B, R(58) );
- P( B, C, D, E, A, R(59) );
+ P( local.A, local.B, local.C, local.D, local.E, R(40) );
+ P( local.E, local.A, local.B, local.C, local.D, R(41) );
+ P( local.D, local.E, local.A, local.B, local.C, R(42) );
+ P( local.C, local.D, local.E, local.A, local.B, R(43) );
+ P( local.B, local.C, local.D, local.E, local.A, R(44) );
+ P( local.A, local.B, local.C, local.D, local.E, R(45) );
+ P( local.E, local.A, local.B, local.C, local.D, R(46) );
+ P( local.D, local.E, local.A, local.B, local.C, R(47) );
+ P( local.C, local.D, local.E, local.A, local.B, R(48) );
+ P( local.B, local.C, local.D, local.E, local.A, R(49) );
+ P( local.A, local.B, local.C, local.D, local.E, R(50) );
+ P( local.E, local.A, local.B, local.C, local.D, R(51) );
+ P( local.D, local.E, local.A, local.B, local.C, R(52) );
+ P( local.C, local.D, local.E, local.A, local.B, R(53) );
+ P( local.B, local.C, local.D, local.E, local.A, R(54) );
+ P( local.A, local.B, local.C, local.D, local.E, R(55) );
+ P( local.E, local.A, local.B, local.C, local.D, R(56) );
+ P( local.D, local.E, local.A, local.B, local.C, R(57) );
+ P( local.C, local.D, local.E, local.A, local.B, R(58) );
+ P( local.B, local.C, local.D, local.E, local.A, R(59) );
#undef K
#undef F
@@ -253,35 +235,38 @@
#define F(x,y,z) ((x) ^ (y) ^ (z))
#define K 0xCA62C1D6
- P( A, B, C, D, E, R(60) );
- P( E, A, B, C, D, R(61) );
- P( D, E, A, B, C, R(62) );
- P( C, D, E, A, B, R(63) );
- P( B, C, D, E, A, R(64) );
- P( A, B, C, D, E, R(65) );
- P( E, A, B, C, D, R(66) );
- P( D, E, A, B, C, R(67) );
- P( C, D, E, A, B, R(68) );
- P( B, C, D, E, A, R(69) );
- P( A, B, C, D, E, R(70) );
- P( E, A, B, C, D, R(71) );
- P( D, E, A, B, C, R(72) );
- P( C, D, E, A, B, R(73) );
- P( B, C, D, E, A, R(74) );
- P( A, B, C, D, E, R(75) );
- P( E, A, B, C, D, R(76) );
- P( D, E, A, B, C, R(77) );
- P( C, D, E, A, B, R(78) );
- P( B, C, D, E, A, R(79) );
+ P( local.A, local.B, local.C, local.D, local.E, R(60) );
+ P( local.E, local.A, local.B, local.C, local.D, R(61) );
+ P( local.D, local.E, local.A, local.B, local.C, R(62) );
+ P( local.C, local.D, local.E, local.A, local.B, R(63) );
+ P( local.B, local.C, local.D, local.E, local.A, R(64) );
+ P( local.A, local.B, local.C, local.D, local.E, R(65) );
+ P( local.E, local.A, local.B, local.C, local.D, R(66) );
+ P( local.D, local.E, local.A, local.B, local.C, R(67) );
+ P( local.C, local.D, local.E, local.A, local.B, R(68) );
+ P( local.B, local.C, local.D, local.E, local.A, R(69) );
+ P( local.A, local.B, local.C, local.D, local.E, R(70) );
+ P( local.E, local.A, local.B, local.C, local.D, R(71) );
+ P( local.D, local.E, local.A, local.B, local.C, R(72) );
+ P( local.C, local.D, local.E, local.A, local.B, R(73) );
+ P( local.B, local.C, local.D, local.E, local.A, R(74) );
+ P( local.A, local.B, local.C, local.D, local.E, R(75) );
+ P( local.E, local.A, local.B, local.C, local.D, R(76) );
+ P( local.D, local.E, local.A, local.B, local.C, R(77) );
+ P( local.C, local.D, local.E, local.A, local.B, R(78) );
+ P( local.B, local.C, local.D, local.E, local.A, R(79) );
#undef K
#undef F
- ctx->state[0] += A;
- ctx->state[1] += B;
- ctx->state[2] += C;
- ctx->state[3] += D;
- ctx->state[4] += E;
+ ctx->state[0] += local.A;
+ ctx->state[1] += local.B;
+ ctx->state[2] += local.C;
+ ctx->state[3] += local.D;
+ ctx->state[4] += local.E;
+
+ /* Zeroise buffers and variables to clear sensitive data from memory. */
+ mbedtls_platform_zeroize( &local, sizeof( local ) );
return( 0 );
}
@@ -400,8 +385,8 @@
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_BE( high, ctx->buffer, 56 );
- PUT_UINT32_BE( low, ctx->buffer, 60 );
+ MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 );
+ MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 );
if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
@@ -409,11 +394,11 @@
/*
* Output final state
*/
- PUT_UINT32_BE( ctx->state[0], output, 0 );
- PUT_UINT32_BE( ctx->state[1], output, 4 );
- PUT_UINT32_BE( ctx->state[2], output, 8 );
- PUT_UINT32_BE( ctx->state[3], output, 12 );
- PUT_UINT32_BE( ctx->state[4], output, 16 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 );
return( 0 );
}
diff --git a/library/sha256.c b/library/sha256.c
index b4c4b36..db675ef 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -50,29 +50,6 @@
#if !defined(MBEDTLS_SHA256_ALT)
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-do { \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-} while( 0 )
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-do { \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-} while( 0 )
-#endif
-
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
SHA256_VALIDATE( ctx != NULL );
@@ -179,77 +156,104 @@
#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-#define R(t) \
- ( \
- W[t] = S1(W[(t) - 2]) + W[(t) - 7] + \
- S0(W[(t) - 15]) + W[(t) - 16] \
+#define R(t) \
+ ( \
+ local.W[t] = S1(local.W[(t) - 2]) + local.W[(t) - 7] + \
+ S0(local.W[(t) - 15]) + local.W[(t) - 16] \
)
-#define P(a,b,c,d,e,f,g,h,x,K) \
- do \
- { \
- temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
- temp2 = S2(a) + F0((a),(b),(c)); \
- (d) += temp1; (h) = temp1 + temp2; \
+#define P(a,b,c,d,e,f,g,h,x,K) \
+ do \
+ { \
+ local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
+ local.temp2 = S2(a) + F0((a),(b),(c)); \
+ (d) += local.temp1; (h) = local.temp1 + local.temp2; \
} while( 0 )
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] )
{
- uint32_t temp1, temp2, W[64];
- uint32_t A[8];
+ struct
+ {
+ uint32_t temp1, temp2, W[64];
+ uint32_t A[8];
+ } local;
+
unsigned int i;
SHA256_VALIDATE_RET( ctx != NULL );
SHA256_VALIDATE_RET( (const unsigned char *)data != NULL );
for( i = 0; i < 8; i++ )
- A[i] = ctx->state[i];
+ local.A[i] = ctx->state[i];
#if defined(MBEDTLS_SHA256_SMALLER)
for( i = 0; i < 64; i++ )
{
if( i < 16 )
- GET_UINT32_BE( W[i], data, 4 * i );
+ local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i );
else
R( i );
- P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] );
+ P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+ local.A[5], local.A[6], local.A[7], local.W[i], K[i] );
- temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3];
- A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1;
+ local.temp1 = local.A[7]; local.A[7] = local.A[6];
+ local.A[6] = local.A[5]; local.A[5] = local.A[4];
+ local.A[4] = local.A[3]; local.A[3] = local.A[2];
+ local.A[2] = local.A[1]; local.A[1] = local.A[0];
+ local.A[0] = local.temp1;
}
#else /* MBEDTLS_SHA256_SMALLER */
for( i = 0; i < 16; i++ )
- GET_UINT32_BE( W[i], data, 4 * i );
+ local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i );
for( i = 0; i < 16; i += 8 )
{
- P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i+0], K[i+0] );
- P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i+1], K[i+1] );
- P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i+2], K[i+2] );
- P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i+3], K[i+3] );
- P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i+4], K[i+4] );
- P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i+5], K[i+5] );
- P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i+6], K[i+6] );
- P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i+7], K[i+7] );
+ P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+ local.A[5], local.A[6], local.A[7], local.W[i+0], K[i+0] );
+ P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
+ local.A[4], local.A[5], local.A[6], local.W[i+1], K[i+1] );
+ P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
+ local.A[3], local.A[4], local.A[5], local.W[i+2], K[i+2] );
+ P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
+ local.A[2], local.A[3], local.A[4], local.W[i+3], K[i+3] );
+ P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
+ local.A[1], local.A[2], local.A[3], local.W[i+4], K[i+4] );
+ P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
+ local.A[0], local.A[1], local.A[2], local.W[i+5], K[i+5] );
+ P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
+ local.A[7], local.A[0], local.A[1], local.W[i+6], K[i+6] );
+ P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
+ local.A[6], local.A[7], local.A[0], local.W[i+7], K[i+7] );
}
for( i = 16; i < 64; i += 8 )
{
- P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], R(i+0), K[i+0] );
- P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], R(i+1), K[i+1] );
- P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], R(i+2), K[i+2] );
- P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], R(i+3), K[i+3] );
- P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], R(i+4), K[i+4] );
- P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], R(i+5), K[i+5] );
- P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], R(i+6), K[i+6] );
- P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], R(i+7), K[i+7] );
+ P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+ local.A[5], local.A[6], local.A[7], R(i+0), K[i+0] );
+ P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
+ local.A[4], local.A[5], local.A[6], R(i+1), K[i+1] );
+ P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
+ local.A[3], local.A[4], local.A[5], R(i+2), K[i+2] );
+ P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
+ local.A[2], local.A[3], local.A[4], R(i+3), K[i+3] );
+ P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
+ local.A[1], local.A[2], local.A[3], R(i+4), K[i+4] );
+ P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
+ local.A[0], local.A[1], local.A[2], R(i+5), K[i+5] );
+ P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
+ local.A[7], local.A[0], local.A[1], R(i+6), K[i+6] );
+ P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
+ local.A[6], local.A[7], local.A[0], R(i+7), K[i+7] );
}
#endif /* MBEDTLS_SHA256_SMALLER */
for( i = 0; i < 8; i++ )
- ctx->state[i] += A[i];
+ ctx->state[i] += local.A[i];
+
+ /* Zeroise buffers and variables to clear sensitive data from memory. */
+ mbedtls_platform_zeroize( &local, sizeof( local ) );
return( 0 );
}
@@ -368,8 +372,8 @@
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_BE( high, ctx->buffer, 56 );
- PUT_UINT32_BE( low, ctx->buffer, 60 );
+ MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 );
+ MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 );
if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
@@ -377,16 +381,16 @@
/*
* Output final state
*/
- PUT_UINT32_BE( ctx->state[0], output, 0 );
- PUT_UINT32_BE( ctx->state[1], output, 4 );
- PUT_UINT32_BE( ctx->state[2], output, 8 );
- PUT_UINT32_BE( ctx->state[3], output, 12 );
- PUT_UINT32_BE( ctx->state[4], output, 16 );
- PUT_UINT32_BE( ctx->state[5], output, 20 );
- PUT_UINT32_BE( ctx->state[6], output, 24 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[5], output, 20 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[6], output, 24 );
if( ctx->is224 == 0 )
- PUT_UINT32_BE( ctx->state[7], output, 28 );
+ MBEDTLS_PUT_UINT32_BE( ctx->state[7], output, 28 );
return( 0 );
}
diff --git a/library/sha512.c b/library/sha512.c
index e881198..02a135c 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -56,44 +56,13 @@
#if !defined(MBEDTLS_SHA512_ALT)
-/*
- * 64-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT64_BE
-#define GET_UINT64_BE(n,b,i) \
-{ \
- (n) = ( (uint64_t) (b)[(i) ] << 56 ) \
- | ( (uint64_t) (b)[(i) + 1] << 48 ) \
- | ( (uint64_t) (b)[(i) + 2] << 40 ) \
- | ( (uint64_t) (b)[(i) + 3] << 32 ) \
- | ( (uint64_t) (b)[(i) + 4] << 24 ) \
- | ( (uint64_t) (b)[(i) + 5] << 16 ) \
- | ( (uint64_t) (b)[(i) + 6] << 8 ) \
- | ( (uint64_t) (b)[(i) + 7] ); \
-}
-#endif /* GET_UINT64_BE */
-
-#ifndef PUT_UINT64_BE
-#define PUT_UINT64_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \
- (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 7] = (unsigned char) ( (n) ); \
-}
-#endif /* PUT_UINT64_BE */
-
#if defined(MBEDTLS_SHA512_SMALLER)
static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i )
{
- PUT_UINT64_BE(n, b, i);
+ MBEDTLS_PUT_UINT64_BE(n, b, i);
}
#else
-#define sha512_put_uint64_be PUT_UINT64_BE
+#define sha512_put_uint64_be MBEDTLS_PUT_UINT64_BE
#endif /* MBEDTLS_SHA512_SMALLER */
void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
@@ -232,8 +201,11 @@
const unsigned char data[128] )
{
int i;
- uint64_t temp1, temp2, W[80];
- uint64_t A[8];
+ struct
+ {
+ uint64_t temp1, temp2, W[80];
+ uint64_t A[8];
+ } local;
SHA512_VALIDATE_RET( ctx != NULL );
SHA512_VALIDATE_RET( (const unsigned char *)data != NULL );
@@ -250,64 +222,79 @@
#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-#define P(a,b,c,d,e,f,g,h,x,K) \
- do \
- { \
- temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
- temp2 = S2(a) + F0((a),(b),(c)); \
- (d) += temp1; (h) = temp1 + temp2; \
+#define P(a,b,c,d,e,f,g,h,x,K) \
+ do \
+ { \
+ local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
+ local.temp2 = S2(a) + F0((a),(b),(c)); \
+ (d) += local.temp1; (h) = local.temp1 + local.temp2; \
} while( 0 )
for( i = 0; i < 8; i++ )
- A[i] = ctx->state[i];
+ local.A[i] = ctx->state[i];
#if defined(MBEDTLS_SHA512_SMALLER)
for( i = 0; i < 80; i++ )
{
if( i < 16 )
{
- GET_UINT64_BE( W[i], data, i << 3 );
+ local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 );
}
else
{
- W[i] = S1(W[i - 2]) + W[i - 7] +
- S0(W[i - 15]) + W[i - 16];
+ local.W[i] = S1(local.W[i - 2]) + local.W[i - 7] +
+ S0(local.W[i - 15]) + local.W[i - 16];
}
- P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] );
+ P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+ local.A[5], local.A[6], local.A[7], local.W[i], K[i] );
- temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3];
- A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1;
+ local.temp1 = local.A[7]; local.A[7] = local.A[6];
+ local.A[6] = local.A[5]; local.A[5] = local.A[4];
+ local.A[4] = local.A[3]; local.A[3] = local.A[2];
+ local.A[2] = local.A[1]; local.A[1] = local.A[0];
+ local.A[0] = local.temp1;
}
#else /* MBEDTLS_SHA512_SMALLER */
for( i = 0; i < 16; i++ )
{
- GET_UINT64_BE( W[i], data, i << 3 );
+ local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 );
}
for( ; i < 80; i++ )
{
- W[i] = S1(W[i - 2]) + W[i - 7] +
- S0(W[i - 15]) + W[i - 16];
+ local.W[i] = S1(local.W[i - 2]) + local.W[i - 7] +
+ S0(local.W[i - 15]) + local.W[i - 16];
}
i = 0;
do
{
- P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] ); i++;
- P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i], K[i] ); i++;
- P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i], K[i] ); i++;
- P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i], K[i] ); i++;
- P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i], K[i] ); i++;
- P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i], K[i] ); i++;
- P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i], K[i] ); i++;
- P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i], K[i] ); i++;
+ P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+ local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); i++;
+ P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
+ local.A[4], local.A[5], local.A[6], local.W[i], K[i] ); i++;
+ P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
+ local.A[3], local.A[4], local.A[5], local.W[i], K[i] ); i++;
+ P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
+ local.A[2], local.A[3], local.A[4], local.W[i], K[i] ); i++;
+ P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
+ local.A[1], local.A[2], local.A[3], local.W[i], K[i] ); i++;
+ P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
+ local.A[0], local.A[1], local.A[2], local.W[i], K[i] ); i++;
+ P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
+ local.A[7], local.A[0], local.A[1], local.W[i], K[i] ); i++;
+ P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
+ local.A[6], local.A[7], local.A[0], local.W[i], K[i] ); i++;
}
while( i < 80 );
#endif /* MBEDTLS_SHA512_SMALLER */
for( i = 0; i < 8; i++ )
- ctx->state[i] += A[i];
+ ctx->state[i] += local.A[i];
+
+ /* Zeroise buffers and variables to clear sensitive data from memory. */
+ mbedtls_platform_zeroize( &local, sizeof( local ) );
return( 0 );
}
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index 7e9d4da..32188cf 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -78,14 +78,12 @@
continue;
#endif
- if( session->ciphersuite != entry->session.ciphersuite ||
- session->compression != entry->session.compression ||
- session->id_len != entry->session.id_len )
- continue;
-
- if( memcmp( session->id, entry->session.id,
+ if( session->id_len != entry->session.id_len ||
+ memcmp( session->id, entry->session.id,
entry->session.id_len ) != 0 )
+ {
continue;
+ }
ret = mbedtls_ssl_session_copy( session, &entry->session );
if( ret != 0 )
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 6985fe5..3826ad2 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -34,6 +34,11 @@
#include <string.h>
+#undef HAVE_SHA384
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+#define HAVE_SHA384
+#endif
+
/*
* Ordered from most preferred to least preferred in terms of security.
*
@@ -411,7 +416,7 @@
0 },
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -426,7 +431,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_GCM_C */
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#if defined(MBEDTLS_CCM_C)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -460,13 +465,13 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_GCM_C)
@@ -477,13 +482,13 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -552,7 +557,7 @@
0 },
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
@@ -567,7 +572,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_GCM_C */
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_AES_C */
#if defined(MBEDTLS_CAMELLIA_C)
@@ -579,13 +584,13 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_GCM_C)
@@ -596,13 +601,13 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -641,13 +646,13 @@
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
#if defined(MBEDTLS_AES_C)
-#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
+#if defined(HAVE_SHA384) && defined(MBEDTLS_GCM_C)
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
+#endif /* HAVE_SHA384 && MBEDTLS_GCM_C */
#if defined(MBEDTLS_SHA256_C)
#if defined(MBEDTLS_GCM_C)
@@ -751,13 +756,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -776,13 +781,13 @@
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
#if defined(MBEDTLS_AES_C)
-#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
+#if defined(HAVE_SHA384) && defined(MBEDTLS_GCM_C)
{ MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
+#endif /* HAVE_SHA384 && MBEDTLS_GCM_C */
#if defined(MBEDTLS_SHA256_C)
#if defined(MBEDTLS_GCM_C)
@@ -887,13 +892,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA1_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA1_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -960,7 +965,7 @@
0 },
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
@@ -975,7 +980,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_GCM_C */
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_AES_C */
#if defined(MBEDTLS_CAMELLIA_C)
@@ -987,13 +992,13 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_GCM_C)
@@ -1004,13 +1009,13 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -1079,7 +1084,7 @@
0 },
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -1094,7 +1099,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_GCM_C */
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_AES_C */
#if defined(MBEDTLS_CAMELLIA_C)
@@ -1106,13 +1111,13 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_GCM_C)
@@ -1123,13 +1128,13 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -1177,13 +1182,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1195,13 +1200,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#if defined(MBEDTLS_SHA1_C)
{ MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
@@ -1251,13 +1256,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_GCM_C)
@@ -1269,13 +1274,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -1313,13 +1318,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1331,13 +1336,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#if defined(MBEDTLS_SHA1_C)
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
@@ -1387,13 +1392,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_GCM_C)
@@ -1405,13 +1410,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -1450,13 +1455,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#if defined(MBEDTLS_SHA1_C)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
@@ -1484,13 +1489,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -1528,13 +1533,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1546,13 +1551,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#if defined(MBEDTLS_SHA1_C)
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
@@ -1580,13 +1585,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_GCM_C)
@@ -1598,13 +1603,13 @@
0 },
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
#endif /* MBEDTLS_GCM_C */
#endif /* MBEDTLS_CAMELLIA_C */
@@ -1688,7 +1693,7 @@
MBEDTLS_CIPHERSUITE_WEAK },
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
@@ -1714,7 +1719,7 @@
MBEDTLS_CIPHERSUITE_WEAK },
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
@@ -1740,7 +1745,7 @@
MBEDTLS_CIPHERSUITE_WEAK },
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
@@ -1766,7 +1771,7 @@
MBEDTLS_CIPHERSUITE_WEAK },
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
@@ -1805,7 +1810,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS-RSA-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
@@ -1813,7 +1818,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS-RSA-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
@@ -1842,7 +1847,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
"TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
@@ -1850,7 +1855,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
@@ -1879,7 +1884,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
"TLS-PSK-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
@@ -1887,7 +1892,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS-PSK-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
@@ -1916,7 +1921,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
@@ -1924,7 +1929,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
@@ -1953,7 +1958,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
@@ -1961,7 +1966,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
@@ -1990,7 +1995,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
@@ -2011,7 +2016,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
"TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -2019,7 +2024,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -2048,7 +2053,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
"TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -2056,7 +2061,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -2085,7 +2090,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
@@ -2093,7 +2098,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
@@ -2122,7 +2127,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
"TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
@@ -2130,7 +2135,7 @@
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index a8331d9..b02a3a5 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -136,18 +136,19 @@
* } ServerNameList;
*
*/
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SERVERNAME, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( hostname_len + 5, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( hostname_len + 3, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF );
- *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( hostname_len ) & 0xFF );
+ *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME );
+
+ MBEDTLS_PUT_UINT16_BE( hostname_len, p, 0 );
+ p += 2;
memcpy( p, ssl->hostname, hostname_len );
@@ -181,14 +182,12 @@
/*
* Secure renegotiation
*/
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 )
- & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO )
- & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 );
+ p += 2;
*p++ = 0x00;
- *p++ = ( ssl->verify_data_len + 1 ) & 0xFF;
- *p++ = ssl->verify_data_len & 0xFF;
+ *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 );
+ *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len );
memcpy( p, ssl->own_verify_data, ssl->verify_data_len );
@@ -283,14 +282,14 @@
* SignatureAndHashAlgorithm
* supported_signature_algorithms<2..2^16-2>;
*/
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SIG_ALG, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( sig_alg_len + 2, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( sig_alg_len, p, 0 );
+ p += 2;
*olen = 6 + sig_alg_len;
@@ -354,20 +353,18 @@
grp_id++ )
{
info = mbedtls_ecp_curve_info_from_grp_id( *grp_id );
- elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8;
- elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF;
+ elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1( info->tls_id );
+ elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id );
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 )
- & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES )
- & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( elliptic_curve_len + 2, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( elliptic_curve_len, p, 0 );
+ p += 2;
*olen = 6 + elliptic_curve_len;
@@ -388,10 +385,8 @@
( "client hello, adding supported_point_formats extension" ) );
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 )
- & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS )
- & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 2;
@@ -427,8 +422,8 @@
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 );
+ p += 2;
/*
* We may need to send ClientHello multiple times for Hello verification.
@@ -470,8 +465,8 @@
memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len );
}
- *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( kkpp_len ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 );
+ p += 2;
*olen = kkpp_len + 4;
@@ -510,11 +505,11 @@
MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) );
/* Add extension ID + size */
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 );
+ p += 2;
ext_len = (size_t) ssl->own_cid_len + 1;
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 );
+ p += 2;
*p++ = (uint8_t) ssl->own_cid_len;
memcpy( p, ssl->own_cid, ssl->own_cid_len );
@@ -543,10 +538,8 @@
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 )
- & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH )
- & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 1;
@@ -577,8 +570,8 @@
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 0x00;
@@ -608,8 +601,8 @@
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 0x00;
@@ -639,10 +632,8 @@
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 )
- & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET )
- & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 0x00;
@@ -673,11 +664,11 @@
/* The addition is safe here since the ticket length is 16 bit. */
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( tlen ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( tlen, p, 0 );
+ p += 2;
*olen = 4;
@@ -685,7 +676,7 @@
return( 0 );
MBEDTLS_SSL_DEBUG_MSG( 3,
- ( "sending session ticket of length %d", tlen ) );
+ ( "sending session ticket of length %" MBEDTLS_PRINTF_SIZET, tlen ) );
memcpy( p, ssl->session_negotiate->ticket, tlen );
@@ -717,8 +708,8 @@
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, p, 0 );
+ p += 2;
/*
* opaque ProtocolName<1..2^8-1>;
@@ -745,12 +736,10 @@
*olen = p - buf;
/* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */
- buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
- buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 );
/* Extension length = olen - 2 (ext_type) - 2 (ext_len) */
- buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
- buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 );
return( 0 );
}
@@ -802,12 +791,11 @@
*/
MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_USE_SRTP, p, 0 );
+ p += 2;
-
- *p++ = (unsigned char)( ( ( ext_len & 0xFF00 ) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ext_len & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 );
+ p += 2;
/* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */
/* micro-optimization:
@@ -818,8 +806,7 @@
* >> 8 ) & 0xFF );
*/
*p++ = 0;
- *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
- & 0xFF );
+ *p++ = MBEDTLS_BYTE_0( 2 * ssl->conf->dtls_srtp_profile_list_len );
for( protection_profiles_index=0;
protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len;
@@ -831,8 +818,8 @@
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x",
profile_value ) );
- *p++ = ( ( profile_value >> 8 ) & 0xFF );
- *p++ = ( profile_value & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 );
+ p += 2;
}
else
{
@@ -900,12 +887,11 @@
#if defined(MBEDTLS_HAVE_TIME)
t = mbedtls_time( NULL );
- *p++ = (unsigned char)( t >> 24 );
- *p++ = (unsigned char)( t >> 16 );
- *p++ = (unsigned char)( t >> 8 );
- *p++ = (unsigned char)( t );
+ MBEDTLS_PUT_UINT32_BE( t, p, 0 );
+ p += 4;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG,
+ (long long) t ) );
#else
if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
return( ret );
@@ -1114,7 +1100,7 @@
for( i = 0; i < n; i++ )
*p++ = ssl->session_negotiate->id[i];
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %d", n ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) );
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 39, n );
/*
@@ -1182,7 +1168,7 @@
continue;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %#04x (%s)",
- ciphersuites[i], ciphersuite_info->name ) );
+ (unsigned int)ciphersuites[i], ciphersuite_info->name ) );
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
@@ -1192,12 +1178,12 @@
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
n++;
- *p++ = (unsigned char)( ciphersuites[i] >> 8 );
- *p++ = (unsigned char)( ciphersuites[i] );
+ MBEDTLS_PUT_UINT16_BE( ciphersuites[i], p, 0 );
+ p += 2;
}
MBEDTLS_SSL_DEBUG_MSG( 3,
- ( "client hello, got %d ciphersuites (excluding SCSVs)", n ) );
+ ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites (excluding SCSVs)", n ) );
/*
* Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
@@ -1208,8 +1194,8 @@
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) );
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
- *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
- *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0 );
+ p += 2;
n++;
}
@@ -1220,8 +1206,8 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) );
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
- *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 );
- *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_FALLBACK_SCSV_VALUE, p, 0 );
+ p += 2;
n++;
}
#endif
@@ -1420,16 +1406,15 @@
/* olen unused if all extensions are disabled */
((void) olen);
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET,
ext_len ) );
if( ext_len > 0 )
{
/* No need to check for space here, because the extension
* writing functions already took care of that. */
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
- p += ext_len;
+ MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 );
+ p += 2 + ext_len;
}
ssl->out_msglen = p - buf;
@@ -1524,7 +1509,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1571,7 +1556,7 @@
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1627,7 +1612,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1653,7 +1638,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1678,7 +1663,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1784,7 +1769,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -2167,10 +2152,10 @@
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu",
- ( (uint32_t) buf[2] << 24 ) |
- ( (uint32_t) buf[3] << 16 ) |
- ( (uint32_t) buf[4] << 8 ) |
- ( (uint32_t) buf[5] ) ) );
+ ( (unsigned long) buf[2] << 24 ) |
+ ( (unsigned long) buf[3] << 16 ) |
+ ( (unsigned long) buf[4] << 8 ) |
+ ( (unsigned long) buf[5] ) ) );
memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 );
@@ -2253,7 +2238,7 @@
if( ssl->handshake->ciphersuite_info == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1,
- ( "ciphersuite info for %04x not found", i ) );
+ ( "ciphersuite info for %04x not found", (unsigned int)i ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -2261,7 +2246,7 @@
mbedtls_ssl_optimize_checksum( ssl, ssl->handshake->ciphersuite_info );
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) );
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 35, n );
/*
@@ -2304,7 +2289,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
ssl->handshake->resume ? "a" : "no" ) );
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %04x", i ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %04x", (unsigned) i ) );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d",
buf[37 + n] ) );
@@ -2373,7 +2358,7 @@
ext = buf + 40 + n;
MBEDTLS_SSL_DEBUG_MSG( 2,
- ( "server hello, total extension length: %d", ext_len ) );
+ ( "server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, ext_len ) );
while( ext_len )
{
@@ -2537,7 +2522,7 @@
default:
MBEDTLS_SSL_DEBUG_MSG( 3,
- ( "unknown extension found: %d (ignoring)", ext_id ) );
+ ( "unknown extension found: %u (ignoring)", ext_id ) );
}
ext_len -= 4 + ext_size;
@@ -2609,6 +2594,7 @@
unsigned char *end )
{
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+ size_t dhm_actual_bitlen;
/*
* Ephemeral DH parameters:
@@ -2626,10 +2612,11 @@
return( ret );
}
- if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen )
+ dhm_actual_bitlen = mbedtls_mpi_bitlen( &ssl->handshake->dhm_ctx.P );
+ if( dhm_actual_bitlen < ssl->conf->dhm_min_bitlen )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %d < %d",
- ssl->handshake->dhm_ctx.len * 8,
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u",
+ dhm_actual_bitlen,
ssl->conf->dhm_min_bitlen ) );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
@@ -2905,8 +2892,7 @@
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( len_bytes == 2 )
{
- ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 );
- ssl->out_msg[offset+1] = (unsigned char)( *olen );
+ MBEDTLS_PUT_UINT16_BE( *olen, ssl->out_msg, offset );
*olen += 2;
}
#endif
@@ -3690,8 +3676,7 @@
*/
content_len = ssl->handshake->dhm_ctx.len;
- ssl->out_msg[4] = (unsigned char)( content_len >> 8 );
- ssl->out_msg[5] = (unsigned char)( content_len );
+ MBEDTLS_PUT_UINT16_BE( content_len, ssl->out_msg, 4 );
header_len = 6;
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
@@ -3906,8 +3891,8 @@
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
- ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 );
- ssl->out_msg[header_len++] = (unsigned char)( content_len );
+ ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len );
+ ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len );
memcpy( ssl->out_msg + header_len,
ssl->conf->psk_identity,
@@ -3958,8 +3943,8 @@
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
- ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 );
- ssl->out_msg[header_len++] = (unsigned char)( content_len );
+ ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len );
+ ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len );
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
@@ -4265,8 +4250,7 @@
return( ret );
}
- ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 );
- ssl->out_msg[5 + offset] = (unsigned char)( n );
+ MBEDTLS_PUT_UINT16_BE( n, ssl->out_msg, offset + 4 );
ssl->out_msglen = 6 + n + offset;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
@@ -4347,7 +4331,7 @@
return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET );
}
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", ticket_len ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %" MBEDTLS_PRINTF_SIZET, ticket_len ) );
/* We're not waiting for a NewSessionTicket message any more */
ssl->handshake->new_session_ticket = 0;
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index c8bd1bd..071e55e 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -166,15 +166,12 @@
t = ctx->serial++;
#endif
- (*p)[0] = (unsigned char)( t >> 24 );
- (*p)[1] = (unsigned char)( t >> 16 );
- (*p)[2] = (unsigned char)( t >> 8 );
- (*p)[3] = (unsigned char)( t );
+ MBEDTLS_PUT_UINT32_BE(t, *p, 0);
*p += 4;
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) );
#endif
ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4,
@@ -182,8 +179,8 @@
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
- MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR,
+ MBEDTLS_ERR_THREADING_MUTEX_ERROR ) );
#endif
return( ret );
@@ -210,7 +207,7 @@
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) );
#endif
if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie,
@@ -220,8 +217,8 @@
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
- MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR,
+ MBEDTLS_ERR_THREADING_MUTEX_ERROR ) );
#endif
if( ret != 0 )
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 0718d5a..7da5674 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -283,8 +283,8 @@
}
ssl->handshake->retransmit_timeout = new_timeout;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs",
- ssl->handshake->retransmit_timeout ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %lu millisecs",
+ (unsigned long) ssl->handshake->retransmit_timeout ) );
return( 0 );
}
@@ -292,8 +292,8 @@
static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl )
{
ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs",
- ssl->handshake->retransmit_timeout ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %lu millisecs",
+ (unsigned long) ssl->handshake->retransmit_timeout ) );
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
@@ -454,15 +454,13 @@
*cur = rec->cid_len;
cur++;
- cur[0] = ( rec->data_len >> 8 ) & 0xFF;
- cur[1] = ( rec->data_len >> 0 ) & 0xFF;
+ MBEDTLS_PUT_UINT16_BE( rec->data_len, cur, 0 );
cur += 2;
}
else
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
{
- cur[0] = ( rec->data_len >> 8 ) & 0xFF;
- cur[1] = ( rec->data_len >> 0 ) & 0xFF;
+ MBEDTLS_PUT_UINT16_BE( rec->data_len, cur, 0 );
cur += 2;
}
@@ -495,9 +493,8 @@
padlen = 40;
memcpy( header, ctr, 8 );
- header[ 8] = (unsigned char) type;
- header[ 9] = (unsigned char)( len >> 8 );
- header[10] = (unsigned char)( len );
+ header[8] = (unsigned char) type;
+ MBEDTLS_PUT_UINT16_BE( len, header, 9);
memset( padding, 0x36, padlen );
mbedtls_md_starts( md_ctx );
@@ -623,9 +620,10 @@
if( rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %u too large, maximum %d",
- (unsigned) rec->data_len,
- MBEDTLS_SSL_OUT_CONTENT_LEN ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %" MBEDTLS_PRINTF_SIZET
+ " too large, maximum %" MBEDTLS_PRINTF_SIZET,
+ rec->data_len,
+ (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@@ -764,7 +762,7 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t olen;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", "
"including %d bytes of padding",
rec->data_len, 0 ) );
@@ -842,7 +840,7 @@
dynamic_iv_is_explicit ? dynamic_iv_len : 0 );
MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
add_data, add_data_len );
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", "
"including 0 bytes of padding",
rec->data_len ) );
@@ -850,20 +848,21 @@
* Encrypt and authenticate
*/
- if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx_enc,
+ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &transform->cipher_ctx_enc,
iv, transform->ivlen,
- add_data, add_data_len, /* add data */
- data, rec->data_len, /* source */
- data, &rec->data_len, /* destination */
- data + rec->data_len, transform->taglen ) ) != 0 )
+ add_data, add_data_len,
+ data, rec->data_len, /* src */
+ data, rec->buf_len - (data - rec->buf), /* dst */
+ &rec->data_len,
+ transform->taglen ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret );
return( ret );
}
MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag",
- data + rec->data_len, transform->taglen );
+ data + rec->data_len - transform->taglen,
+ transform->taglen );
/* Account for authentication tag. */
- rec->data_len += transform->taglen;
post_avail -= transform->taglen;
/*
@@ -944,8 +943,9 @@
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
- "including %d bytes of IV and %d bytes of padding",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", "
+ "including %" MBEDTLS_PRINTF_SIZET
+ " bytes of IV and %" MBEDTLS_PRINTF_SIZET " bytes of padding",
rec->data_len, transform->ivlen,
padlen + 1 ) );
@@ -1238,6 +1238,9 @@
MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) );
}
+ /* The context needs to finish() before it starts() again */
+ MD_CHK( mbedtls_md_finish( ctx, aux_out ) );
+
/* Now compute HASH(okey + inner_hash) */
MD_CHK( mbedtls_md_starts( ctx ) );
MD_CHK( mbedtls_md_update( ctx, okey, block_size ) );
@@ -1365,7 +1368,8 @@
{
if( rec->data_len < dynamic_iv_len )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) ",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET
+ " ) < explicit_iv_len (%" MBEDTLS_PRINTF_SIZET ") ",
rec->data_len,
dynamic_iv_len ) );
return( MBEDTLS_ERR_SSL_INVALID_MAC );
@@ -1384,7 +1388,8 @@
/* Check that there's space for the authentication tag. */
if( rec->data_len < transform->taglen )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < taglen (%d) ",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET
+ ") < taglen (%" MBEDTLS_PRINTF_SIZET ") ",
rec->data_len,
transform->taglen ) );
return( MBEDTLS_ERR_SSL_INVALID_MAC );
@@ -1422,12 +1427,11 @@
/*
* Decrypt and authenticate
*/
- if( ( ret = mbedtls_cipher_auth_decrypt( &transform->cipher_ctx_dec,
+ if( ( ret = mbedtls_cipher_auth_decrypt_ext( &transform->cipher_ctx_dec,
iv, transform->ivlen,
add_data, add_data_len,
- data, rec->data_len,
- data, &olen,
- data + rec->data_len,
+ data, rec->data_len + transform->taglen, /* src */
+ data, rec->buf_len - (data - rec->buf), &olen, /* dst */
transform->taglen ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret );
@@ -1488,7 +1492,9 @@
if( rec->data_len < minlen + transform->ivlen ||
rec->data_len < minlen + transform->maclen + 1 )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < max( ivlen(%d), maclen (%d) "
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET
+ ") < max( ivlen(%" MBEDTLS_PRINTF_SIZET
+ "), maclen (%" MBEDTLS_PRINTF_SIZET ") "
"+ 1 ) ( + expl IV )", rec->data_len,
transform->ivlen,
transform->maclen ) );
@@ -1554,7 +1560,8 @@
* data_len >= minlen + ivlen ( = minlen or 2 * minlen ). */
if( rec->data_len % transform->ivlen != 0 )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) %% ivlen (%d) != 0",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET
+ ") %% ivlen (%" MBEDTLS_PRINTF_SIZET ") != 0",
rec->data_len, transform->ivlen ) );
return( MBEDTLS_ERR_SSL_INVALID_MAC );
}
@@ -1624,7 +1631,9 @@
#if defined(MBEDTLS_SSL_DEBUG_ALL)
if( rec->data_len < transform->maclen + padlen + 1 )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET
+ ") < maclen (%" MBEDTLS_PRINTF_SIZET
+ ") + padlen (%" MBEDTLS_PRINTF_SIZET ")",
rec->data_len,
transform->maclen,
padlen + 1 ) );
@@ -1653,8 +1662,8 @@
if( padlen > transform->ivlen )
{
#if defined(MBEDTLS_SSL_DEBUG_ALL)
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, "
- "should be no more than %d",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %" MBEDTLS_PRINTF_SIZET ", "
+ "should be no more than %" MBEDTLS_PRINTF_SIZET,
padlen, transform->ivlen ) );
#endif
correct = 0;
@@ -1890,7 +1899,7 @@
memcpy( msg_pre, ssl->out_msg, len_pre );
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ",
ssl->out_msglen ) );
MBEDTLS_SSL_DEBUG_BUF( 4, "before compression: output payload",
@@ -1911,7 +1920,7 @@
ssl->out_msglen = out_buf_len -
ssl->transform_out->ctx_deflate.avail_out - bytes_written;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ",
ssl->out_msglen ) );
MBEDTLS_SSL_DEBUG_BUF( 4, "after compression: output payload",
@@ -1942,7 +1951,7 @@
memcpy( msg_pre, ssl->in_msg, len_pre );
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ",
ssl->in_msglen ) );
MBEDTLS_SSL_DEBUG_BUF( 4, "before decompression: input payload",
@@ -1963,7 +1972,7 @@
ssl->in_msglen = in_buf_len -
ssl->transform_in->ctx_inflate.avail_out - header_bytes;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ",
ssl->in_msglen ) );
MBEDTLS_SSL_DEBUG_BUF( 4, "after decompression: input payload",
@@ -2042,7 +2051,8 @@
if( ssl->in_left != 0 )
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %"
+ MBEDTLS_PRINTF_SIZET,
ssl->next_record_offset ) );
memmove( ssl->in_hdr,
ssl->in_hdr + ssl->next_record_offset,
@@ -2052,7 +2062,8 @@
ssl->next_record_offset = 0;
}
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET
+ ", nb_want: %" MBEDTLS_PRINTF_SIZET,
ssl->in_left, nb_want ) );
/*
@@ -2094,7 +2105,7 @@
else
timeout = ssl->conf->read_timeout;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %u ms", timeout ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %lu ms", (unsigned long) timeout ) );
if( ssl->f_recv_timeout != NULL )
ret = ssl->f_recv_timeout( ssl->p_bio, ssl->in_hdr, len,
@@ -2153,7 +2164,8 @@
else
#endif
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET
+ ", nb_want: %" MBEDTLS_PRINTF_SIZET,
ssl->in_left, nb_want ) );
while( ssl->in_left < nb_want )
@@ -2177,7 +2189,8 @@
}
}
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET
+ ", nb_want: %" MBEDTLS_PRINTF_SIZET,
ssl->in_left, nb_want ) );
MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret );
@@ -2190,8 +2203,8 @@
if ( (size_t)ret > len || ( INT_MAX > SIZE_MAX && ret > (int)SIZE_MAX ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1,
- ( "f_recv returned %d bytes but only %lu were requested",
- ret, (unsigned long)len ) );
+ ( "f_recv returned %d bytes but only %" MBEDTLS_PRINTF_SIZET " were requested",
+ ret, len ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
@@ -2230,7 +2243,8 @@
while( ssl->out_left > 0 )
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %" MBEDTLS_PRINTF_SIZET
+ ", out_left: %" MBEDTLS_PRINTF_SIZET,
mbedtls_ssl_out_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) );
buf = ssl->out_hdr - ssl->out_left;
@@ -2244,8 +2258,8 @@
if( (size_t)ret > ssl->out_left || ( INT_MAX > SIZE_MAX && ret > (int)SIZE_MAX ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1,
- ( "f_send returned %d bytes but only %lu bytes were sent",
- ret, (unsigned long)ssl->out_left ) );
+ ( "f_send returned %d bytes but only %" MBEDTLS_PRINTF_SIZET " bytes were sent",
+ ret, ssl->out_left ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
@@ -2286,14 +2300,15 @@
/* Allocate space for current message */
if( ( msg = mbedtls_calloc( 1, sizeof( mbedtls_ssl_flight_item ) ) ) == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %" MBEDTLS_PRINTF_SIZET " bytes failed",
sizeof( mbedtls_ssl_flight_item ) ) );
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
}
if( ( msg->p = mbedtls_calloc( 1, ssl->out_msglen ) ) == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", ssl->out_msglen ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %" MBEDTLS_PRINTF_SIZET " bytes failed",
+ ssl->out_msglen ) );
mbedtls_free( msg );
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
}
@@ -2508,13 +2523,13 @@
* Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */
memcpy( ssl->out_msg, cur->p, 6 );
- ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff );
- ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff );
- ssl->out_msg[8] = ( ( frag_off ) & 0xff );
+ ssl->out_msg[6] = MBEDTLS_BYTE_2( frag_off );
+ ssl->out_msg[7] = MBEDTLS_BYTE_1( frag_off );
+ ssl->out_msg[8] = MBEDTLS_BYTE_0( frag_off );
- ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff );
- ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff );
- ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff );
+ ssl->out_msg[ 9] = MBEDTLS_BYTE_2( cur_hs_frag_len );
+ ssl->out_msg[10] = MBEDTLS_BYTE_1( cur_hs_frag_len );
+ ssl->out_msg[11] = MBEDTLS_BYTE_0( cur_hs_frag_len );
MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 );
@@ -2699,9 +2714,10 @@
if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record too large: "
- "size %u, maximum %u",
- (unsigned) ssl->out_msglen,
- (unsigned) MBEDTLS_SSL_OUT_CONTENT_LEN ) );
+ "size %" MBEDTLS_PRINTF_SIZET
+ ", maximum %" MBEDTLS_PRINTF_SIZET,
+ ssl->out_msglen,
+ (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
@@ -2710,9 +2726,9 @@
*/
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
{
- ssl->out_msg[1] = (unsigned char)( hs_len >> 16 );
- ssl->out_msg[2] = (unsigned char)( hs_len >> 8 );
- ssl->out_msg[3] = (unsigned char)( hs_len );
+ ssl->out_msg[1] = MBEDTLS_BYTE_2( hs_len );
+ ssl->out_msg[2] = MBEDTLS_BYTE_1( hs_len );
+ ssl->out_msg[3] = MBEDTLS_BYTE_0( hs_len );
/*
* DTLS has additional fields in the Handshake layer,
@@ -2728,9 +2744,9 @@
if( MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: "
- "size %u, maximum %u",
- (unsigned) ( hs_len ),
- (unsigned) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) );
+ "size %" MBEDTLS_PRINTF_SIZET ", maximum %" MBEDTLS_PRINTF_SIZET,
+ hs_len,
+ (size_t) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@@ -2740,8 +2756,7 @@
/* Write message_seq and update it, except for HelloRequest */
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
{
- ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
- ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
+ MBEDTLS_PUT_UINT16_BE( ssl->handshake->out_msg_seq, ssl->out_msg, 4 );
++( ssl->handshake->out_msg_seq );
}
else
@@ -2855,8 +2870,7 @@
ssl->conf->transport, ssl->out_hdr + 1 );
memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 );
- ssl->out_len[0] = (unsigned char)( len >> 8 );
- ssl->out_len[1] = (unsigned char)( len );
+ MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0);
if( ssl->transform_out != NULL )
{
@@ -2896,8 +2910,7 @@
memcpy( ssl->out_cid, rec.cid, rec.cid_len );
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->out_msglen = len = rec.data_len;
- ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 );
- ssl->out_len[1] = (unsigned char)( rec.data_len );
+ MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->out_len, 0 );
}
protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl );
@@ -2922,8 +2935,8 @@
/* Now write the potentially updated record content type. */
ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, "
- "version = [%d:%d], msglen = %d",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %u, "
+ "version = [%u:%u], msglen = %" MBEDTLS_PRINTF_SIZET,
ssl->out_hdr[0], ssl->out_hdr[1],
ssl->out_hdr[2], len ) );
@@ -3119,7 +3132,7 @@
{
if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %" MBEDTLS_PRINTF_SIZET,
ssl->in_msglen ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
@@ -3127,7 +3140,7 @@
ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ssl_get_hs_total_len( ssl );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen ="
- " %d, type = %d, hslen = %d",
+ " %" MBEDTLS_PRINTF_SIZET ", type = %u, hslen = %" MBEDTLS_PRINTF_SIZET,
ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -3163,7 +3176,7 @@
ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "received message from last flight, "
- "message_seq = %d, start_of_flight = %d",
+ "message_seq = %u, start_of_flight = %u",
recv_msg_seq,
ssl->handshake->in_flight_start_seq ) );
@@ -3176,7 +3189,7 @@
else
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: "
- "message_seq = %d, expected = %d",
+ "message_seq = %u, expected = %u",
recv_msg_seq,
ssl->handshake->in_msg_seq ) );
}
@@ -3469,12 +3482,11 @@
/* Go back and fill length fields */
obuf[27] = (unsigned char)( *olen - 28 );
- obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 );
- obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 );
- obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) );
+ obuf[14] = obuf[22] = MBEDTLS_BYTE_2( *olen - 25 );
+ obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 );
+ obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 );
- obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 );
- obuf[12] = (unsigned char)( ( *olen - 13 ) );
+ MBEDTLS_PUT_UINT16_BE( *olen - 13, obuf, 11 );
return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
}
@@ -3746,8 +3758,8 @@
( (size_t) buf[ rec_hdr_len_offset + 1 ] << 0 );
MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", buf, rec->data_offset );
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, "
- "version = [%d:%d], msglen = %d",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %u, "
+ "version = [%d:%d], msglen = %" MBEDTLS_PRINTF_SIZET,
rec->type,
major_ver, minor_ver, rec->data_len ) );
@@ -3790,8 +3802,8 @@
if( rec_epoch != ssl->in_epoch )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "record from another epoch: "
- "expected %d, received %d",
- ssl->in_epoch, rec_epoch ) );
+ "expected %u, received %lu",
+ ssl->in_epoch, (unsigned long) rec_epoch ) );
/* Records from the next epoch are considered for buffering
* (concretely: early Finished messages). */
@@ -4325,31 +4337,41 @@
{
/* If we can't buffer a future message because
* of space limitations -- ignore. */
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n",
- (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
- (unsigned) hs->buffering.total_bytes_buffered ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %" MBEDTLS_PRINTF_SIZET
+ " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET
+ " (already %" MBEDTLS_PRINTF_SIZET
+ " bytes buffered) -- ignore\n",
+ msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+ hs->buffering.total_bytes_buffered ) );
goto exit;
}
else
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- attempt to make space by freeing buffered future messages\n",
- (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
- (unsigned) hs->buffering.total_bytes_buffered ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %" MBEDTLS_PRINTF_SIZET
+ " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET
+ " (already %" MBEDTLS_PRINTF_SIZET
+ " bytes buffered) -- attempt to make space by freeing buffered future messages\n",
+ msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+ hs->buffering.total_bytes_buffered ) );
}
if( ssl_buffer_make_space( ssl, reassembly_buf_sz ) != 0 )
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %u (%u with bitmap) would exceed the compile-time limit %u (already %u bytes buffered) -- fail\n",
- (unsigned) msg_len,
- (unsigned) reassembly_buf_sz,
- MBEDTLS_SSL_DTLS_MAX_BUFFERING,
- (unsigned) hs->buffering.total_bytes_buffered ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %" MBEDTLS_PRINTF_SIZET
+ " (%" MBEDTLS_PRINTF_SIZET " with bitmap) would exceed"
+ " the compile-time limit %" MBEDTLS_PRINTF_SIZET
+ " (already %" MBEDTLS_PRINTF_SIZET
+ " bytes buffered) -- fail\n",
+ msg_len,
+ reassembly_buf_sz,
+ (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+ hs->buffering.total_bytes_buffered ) );
ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
goto exit;
}
}
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d",
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %" MBEDTLS_PRINTF_SIZET,
msg_len ) );
hs_buf->data = mbedtls_calloc( 1, reassembly_buf_sz );
@@ -4395,7 +4417,8 @@
frag_off = ssl_get_hs_frag_off( ssl );
frag_len = ssl_get_hs_frag_len( ssl );
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d",
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %" MBEDTLS_PRINTF_SIZET
+ ", length = %" MBEDTLS_PRINTF_SIZET,
frag_off, frag_len ) );
memcpy( msg + frag_off, ssl->in_msg + 12, frag_len );
@@ -4622,15 +4645,18 @@
if( rec->buf_len > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
hs->buffering.total_bytes_buffered ) )
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n",
- (unsigned) rec->buf_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
- (unsigned) hs->buffering.total_bytes_buffered ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %" MBEDTLS_PRINTF_SIZET
+ " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET
+ " (already %" MBEDTLS_PRINTF_SIZET
+ " bytes buffered) -- ignore\n",
+ rec->buf_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+ hs->buffering.total_bytes_buffered ) );
return( 0 );
}
/* Buffer record */
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffer record from epoch %u",
- ssl->in_epoch + 1 ) );
+ ssl->in_epoch + 1U ) );
MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered record", rec->buf, rec->buf_len );
/* ssl_parse_record_header() only considers records
@@ -4858,8 +4884,7 @@
ssl->in_hdr[0] = rec.type;
ssl->in_msg = rec.buf + rec.data_offset;
ssl->in_msglen = rec.data_len;
- ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );
- ssl->in_len[1] = (unsigned char)( rec.data_len );
+ MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->in_len, 0 );
#if defined(MBEDTLS_ZLIB_SUPPORT)
if( ssl->transform_in != NULL &&
@@ -4903,7 +4928,7 @@
{
if( ssl->in_msglen != 1 )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %" MBEDTLS_PRINTF_SIZET,
ssl->in_msglen ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
@@ -4939,12 +4964,12 @@
/* Note: Standard allows for more than one 2 byte alert
to be packed in a single message, but Mbed TLS doesn't
currently support this. */
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %" MBEDTLS_PRINTF_SIZET,
ssl->in_msglen ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]",
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%u:%u]",
ssl->in_msg[0], ssl->in_msg[1] ) );
/*
@@ -5771,7 +5796,8 @@
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the (negotiated) "
- "maximum fragment length: %d > %d",
+ "maximum fragment length: %" MBEDTLS_PRINTF_SIZET
+ " > %" MBEDTLS_PRINTF_SIZET,
len, max_len ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index e33b828..210e0d3 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -298,13 +298,13 @@
{
mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:"
- " match sig %d and hash %d",
- sig_cur, md_cur ) );
+ " match sig %u and hash %u",
+ (unsigned) sig_cur, (unsigned) md_cur ) );
}
else
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: "
- "hash alg %d not supported", md_cur ) );
+ "hash alg %u not supported", (unsigned) md_cur ) );
}
}
@@ -633,7 +633,7 @@
/* Remember the client asked us to send a new ticket */
ssl->handshake->new_session_ticket = 1;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", len ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %" MBEDTLS_PRINTF_SIZET, len ) );
if( len == 0 )
return( 0 );
@@ -1048,7 +1048,7 @@
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %#04x (%s)",
- suite_id, suite_info->name ) );
+ (unsigned int) suite_id, suite_info->name ) );
if( suite_info->min_minor_ver > ssl->minor_ver ||
suite_info->max_minor_ver < ssl->minor_ver )
@@ -1116,7 +1116,7 @@
mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm "
- "for signature algorithm %d", sig_type ) );
+ "for signature algorithm %u", (unsigned) sig_type ) );
return( 0 );
}
}
@@ -1247,7 +1247,7 @@
sess_len = ( buf[2] << 8 ) | buf[3];
chal_len = ( buf[4] << 8 ) | buf[5];
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %u, sess_len: %u, chal_len: %u",
ciph_len, sess_len, chal_len ) );
/*
@@ -1322,8 +1322,7 @@
for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 )
{
if( p[0] == 0 &&
- p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) &&
- p[2] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) )
+ MBEDTLS_GET_UINT16_BE(p, 1) != MBEDTLS_SSL_FALLBACK_SCSV_VALUE )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) );
@@ -1354,8 +1353,7 @@
#endif
{
if( p[0] != 0 ||
- p[1] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
- p[2] != ( ( ciphersuites[i] ) & 0xFF ) )
+ MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i] )
continue;
got_common_suite = 1;
@@ -1629,7 +1627,7 @@
if( cli_msg_seq != ssl->handshake->in_msg_seq )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: "
- "%d (expected %d)", cli_msg_seq,
+ "%u (expected %u)", cli_msg_seq,
ssl->handshake->in_msg_seq ) );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
@@ -1887,8 +1885,7 @@
ext_len = ( buf[ext_offset + 0] << 8 )
| ( buf[ext_offset + 1] );
- if( ( ext_len > 0 && ext_len < 4 ) ||
- msg_len != ext_offset + 2 + ext_len )
+ if( msg_len != ext_offset + 2 + ext_len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
@@ -2073,20 +2070,12 @@
#endif /* MBEDTLS_SSL_DTLS_SRTP */
default:
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %u (ignoring)",
ext_id ) );
}
ext_len -= 4 + ext_size;
ext += 4 + ext_size;
-
- if( ext_len > 0 && ext_len < 4 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
- return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
- }
}
#if defined(MBEDTLS_SSL_PROTO_SSL3)
}
@@ -2095,8 +2084,7 @@
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 )
{
- if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) &&
- p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) )
+ if( MBEDTLS_GET_UINT16_BE( p, 0 ) == MBEDTLS_SSL_FALLBACK_SCSV_VALUE )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) );
@@ -2214,8 +2202,7 @@
for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 )
#endif
{
- if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
- p[1] != ( ( ciphersuites[i] ) & 0xFF ) )
+ if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] )
continue;
got_common_suite = 1;
@@ -2274,7 +2261,7 @@
else
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "no hash algorithm for signature algorithm "
- "%d - should not happen", sig_alg ) );
+ "%u - should not happen", (unsigned) sig_alg ) );
}
}
#endif
@@ -2299,8 +2286,8 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 0x00;
@@ -2343,12 +2330,11 @@
* opaque cid<0..2^8-1>;
* } ConnectionId;
*/
-
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 );
+ p += 2;
ext_len = (size_t) ssl->own_cid_len + 1;
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 );
+ p += 2;
*p++ = (uint8_t) ssl->own_cid_len;
memcpy( p, ssl->own_cid, ssl->own_cid_len );
@@ -2390,8 +2376,8 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 0x00;
@@ -2417,8 +2403,8 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret "
"extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 0x00;
@@ -2442,8 +2428,8 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 0x00;
@@ -2466,8 +2452,8 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 );
+ p += 2;
#if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
@@ -2507,8 +2493,8 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 1;
@@ -2537,8 +2523,8 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 );
+ p += 2;
*p++ = 0x00;
*p++ = 2;
@@ -2575,8 +2561,8 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 );
+ p += 2;
ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx,
p + 2, end - p - 2, &kkpp_len,
@@ -2587,8 +2573,8 @@
return;
}
- *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( kkpp_len ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 );
+ p += 2;
*olen = kkpp_len + 4;
}
@@ -2613,18 +2599,15 @@
* 6 . 6 protocol name length
* 7 . 7+n protocol name
*/
- buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
- buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, buf, 0);
*olen = 7 + strlen( ssl->alpn_chosen );
- buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
- buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 );
- buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
- buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 );
- buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF );
+ buf[6] = MBEDTLS_BYTE_0( *olen - 7 );
memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 );
}
@@ -2669,15 +2652,13 @@
}
/* extension */
- buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF );
- buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0 );
/*
* total length 5 and mki value: only one profile(2 bytes)
* and length(2 bytes) and srtp_mki )
*/
ext_len = 5 + mki_len;
- buf[2] = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- buf[3] = (unsigned char)( ext_len & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( ext_len, buf, 2 );
/* protection profile length: 2 */
buf[4] = 0x00;
@@ -2686,8 +2667,7 @@
ssl->dtls_srtp_info.chosen_dtls_srtp_profile );
if( profile_value != MBEDTLS_TLS_SRTP_UNSET )
{
- buf[6] = (unsigned char)( ( profile_value >> 8 ) & 0xFF );
- buf[7] = (unsigned char)( profile_value & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( profile_value, buf, 6 );
}
else
{
@@ -2774,6 +2754,55 @@
}
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl )
+{
+ int ret;
+ mbedtls_ssl_session session_tmp;
+ mbedtls_ssl_session * const session = ssl->session_negotiate;
+
+ /* Resume is 0 by default, see ssl_handshake_init().
+ * It may be already set to 1 by ssl_parse_session_ticket_ext(). */
+ if( ssl->handshake->resume == 1 )
+ return;
+ if( session->id_len == 0 )
+ return;
+ if( ssl->conf->f_get_cache == NULL )
+ return;
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+ return;
+#endif
+
+ mbedtls_ssl_session_init( &session_tmp );
+
+ session_tmp.id_len = session->id_len;
+ memcpy( session_tmp.id, session->id, session->id_len );
+
+ ret = ssl->conf->f_get_cache( ssl->conf->p_cache,
+ &session_tmp );
+ if( ret != 0 )
+ goto exit;
+
+ if( session->ciphersuite != session_tmp.ciphersuite ||
+ session->compression != session_tmp.compression )
+ {
+ /* Mismatch between cached and negotiated session */
+ goto exit;
+ }
+
+ /* Move semantics */
+ mbedtls_ssl_session_free( session );
+ *session = session_tmp;
+ memset( &session_tmp, 0, sizeof( session_tmp ) );
+
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) );
+ ssl->handshake->resume = 1;
+
+exit:
+
+ mbedtls_ssl_session_free( &session_tmp );
+}
+
static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_HAVE_TIME)
@@ -2821,12 +2850,11 @@
#if defined(MBEDTLS_HAVE_TIME)
t = mbedtls_time( NULL );
- *p++ = (unsigned char)( t >> 24 );
- *p++ = (unsigned char)( t >> 16 );
- *p++ = (unsigned char)( t >> 8 );
- *p++ = (unsigned char)( t );
+ MBEDTLS_PUT_UINT32_BE( t, p, 0 );
+ p += 4;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG,
+ (long long) t ) );
#else
if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
return( ret );
@@ -2843,22 +2871,7 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 );
- /*
- * Resume is 0 by default, see ssl_handshake_init().
- * It may be already set to 1 by ssl_parse_session_ticket_ext().
- * If not, try looking up session ID in our cache.
- */
- if( ssl->handshake->resume == 0 &&
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
- ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE &&
-#endif
- ssl->session_negotiate->id_len != 0 &&
- ssl->conf->f_get_cache != NULL &&
- ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) );
- ssl->handshake->resume = 1;
- }
+ ssl_handle_id_based_session_resumption( ssl );
if( ssl->handshake->resume == 0 )
{
@@ -2914,19 +2927,19 @@
memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len );
p += ssl->session_negotiate->id_len;
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) );
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
ssl->handshake->resume ? "a" : "no" ) );
- *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 );
- *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite );
- *p++ = (unsigned char)( ssl->session_negotiate->compression );
+ MBEDTLS_PUT_UINT16_BE( ssl->session_negotiate->ciphersuite, p, 0 );
+ p += 2;
+ *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s",
mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X",
- ssl->session_negotiate->compression ) );
+ (unsigned int) ssl->session_negotiate->compression ) );
/* Do not write the extensions if the protocol is SSLv3 */
#if defined(MBEDTLS_SSL_PROTO_SSL3)
@@ -2995,13 +3008,13 @@
ext_len += olen;
#endif
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %" MBEDTLS_PRINTF_SIZET,
+ ext_len ) );
if( ext_len > 0 )
{
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
- p += ext_len;
+ MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 );
+ p += 2 + ext_len;
}
#if defined(MBEDTLS_SSL_PROTO_SSL3)
@@ -3140,8 +3153,7 @@
#endif
}
- p[0] = (unsigned char)( sa_len >> 8 );
- p[1] = (unsigned char)( sa_len );
+ MBEDTLS_PUT_UINT16_BE( sa_len, p, 0 );
sa_len += 2;
p += sa_len;
}
@@ -3181,8 +3193,8 @@
break;
}
- *p++ = (unsigned char)( dn_size >> 8 );
- *p++ = (unsigned char)( dn_size );
+ MBEDTLS_PUT_UINT16_BE( dn_size, p, 0 );
+ p += 2;
memcpy( p, crt->subject_raw.p, dn_size );
p += dn_size;
@@ -3196,8 +3208,7 @@
ssl->out_msglen = p - buf;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST;
- ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 );
- ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size );
+ MBEDTLS_PUT_UINT16_BE( total_dn_size, ssl->out_msg, 4 + ct_len + sa_len );
ret = mbedtls_ssl_write_handshake_msg( ssl );
@@ -3502,7 +3513,7 @@
md_alg = MBEDTLS_MD_NONE;
}
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %d for signing", md_alg ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %u for signing", (unsigned) md_alg ) );
/*
* 2.2: Compute the hash to be signed
@@ -3695,8 +3706,8 @@
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
if( signature_len != 0 )
{
- ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 );
- ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len );
+ ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1( signature_len );
+ ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0( signature_len );
MBEDTLS_SSL_DEBUG_BUF( 3, "my signature",
ssl->out_msg + ssl->out_msglen,
@@ -3852,12 +3863,13 @@
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
{
- if ( p + 2 > end ) {
+ if ( p + 2 > end )
+ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
}
- if( *p++ != ( ( len >> 8 ) & 0xFF ) ||
- *p++ != ( ( len ) & 0xFF ) )
+ if( *p++ != MBEDTLS_BYTE_1( len ) ||
+ *p++ != MBEDTLS_BYTE_0( len ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
@@ -4620,14 +4632,8 @@
tlen = 0;
}
- ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF;
- ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF;
- ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF;
- ssl->out_msg[7] = ( lifetime ) & 0xFF;
-
- ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF );
- ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF );
-
+ MBEDTLS_PUT_UINT32_BE( lifetime, ssl->out_msg, 4 );
+ MBEDTLS_PUT_UINT16_BE( tlen, ssl->out_msg, 8 );
ssl->out_msglen = 10 + tlen;
/*
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index e3e8023..046ed1b 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -209,7 +209,6 @@
unsigned char *iv = start + TICKET_KEY_NAME_BYTES;
unsigned char *state_len_bytes = iv + TICKET_IV_BYTES;
unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES;
- unsigned char *tag;
size_t clear_len, ciph_len;
*tlen = 0;
@@ -246,27 +245,26 @@
{
goto cleanup;
}
- state_len_bytes[0] = ( clear_len >> 8 ) & 0xff;
- state_len_bytes[1] = ( clear_len ) & 0xff;
+ MBEDTLS_PUT_UINT16_BE( clear_len, state_len_bytes, 0 );
/* Encrypt and authenticate */
- tag = state + clear_len;
- if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx,
+ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx,
iv, TICKET_IV_BYTES,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
- state, clear_len, state, &ciph_len,
- tag, TICKET_AUTH_TAG_BYTES ) ) != 0 )
+ state, clear_len,
+ state, end - state, &ciph_len,
+ TICKET_AUTH_TAG_BYTES ) ) != 0 )
{
goto cleanup;
}
- if( ciph_len != clear_len )
+ if( ciph_len != clear_len + TICKET_AUTH_TAG_BYTES )
{
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
goto cleanup;
}
- *tlen = TICKET_MIN_LEN + ciph_len;
+ *tlen = TICKET_MIN_LEN + ciph_len - TICKET_AUTH_TAG_BYTES;
cleanup:
#if defined(MBEDTLS_THREADING_C)
@@ -308,7 +306,6 @@
unsigned char *iv = buf + TICKET_KEY_NAME_BYTES;
unsigned char *enc_len_p = iv + TICKET_IV_BYTES;
unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES;
- unsigned char *tag;
size_t enc_len, clear_len;
if( ctx == NULL || ctx->f_rng == NULL )
@@ -326,7 +323,6 @@
goto cleanup;
enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
- tag = ticket + enc_len;
if( len != TICKET_MIN_LEN + enc_len )
{
@@ -344,13 +340,13 @@
}
/* Decrypt and authenticate */
- if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx,
+ if( ( ret = mbedtls_cipher_auth_decrypt_ext( &key->ctx,
iv, TICKET_IV_BYTES,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
- ticket, enc_len,
- ticket, &clear_len,
- tag, TICKET_AUTH_TAG_BYTES ) ) != 0 )
+ ticket, enc_len + TICKET_AUTH_TAG_BYTES,
+ ticket, enc_len, &clear_len,
+ TICKET_AUTH_TAG_BYTES ) ) != 0 )
{
if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
ret = MBEDTLS_ERR_SSL_INVALID_MAC;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a1a5859..2e9c401 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -260,6 +260,72 @@
return 0;
}
+
+static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing,
+ size_t in_buf_new_len,
+ size_t out_buf_new_len )
+{
+ int modified = 0;
+ size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
+ size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
+ if( ssl->in_buf != NULL )
+ {
+ written_in = ssl->in_msg - ssl->in_buf;
+ iv_offset_in = ssl->in_iv - ssl->in_buf;
+ len_offset_in = ssl->in_len - ssl->in_buf;
+ if( downsizing ?
+ ssl->in_buf_len > in_buf_new_len && ssl->in_left < in_buf_new_len :
+ ssl->in_buf_len < in_buf_new_len )
+ {
+ if( resize_buffer( &ssl->in_buf, in_buf_new_len, &ssl->in_buf_len ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) );
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %" MBEDTLS_PRINTF_SIZET,
+ in_buf_new_len ) );
+ modified = 1;
+ }
+ }
+ }
+
+ if( ssl->out_buf != NULL )
+ {
+ written_out = ssl->out_msg - ssl->out_buf;
+ iv_offset_out = ssl->out_iv - ssl->out_buf;
+ len_offset_out = ssl->out_len - ssl->out_buf;
+ if( downsizing ?
+ ssl->out_buf_len > out_buf_new_len && ssl->out_left < out_buf_new_len :
+ ssl->out_buf_len < out_buf_new_len )
+ {
+ if( resize_buffer( &ssl->out_buf, out_buf_new_len, &ssl->out_buf_len ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) );
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %" MBEDTLS_PRINTF_SIZET,
+ out_buf_new_len ) );
+ modified = 1;
+ }
+ }
+ }
+ if( modified )
+ {
+ /* Update pointers here to avoid doing it twice. */
+ mbedtls_ssl_reset_in_out_pointers( ssl );
+ /* Fields below might not be properly updated with record
+ * splitting or with CID, so they are manually updated here. */
+ ssl->out_msg = ssl->out_buf + written_out;
+ ssl->out_len = ssl->out_buf + len_offset_out;
+ ssl->out_iv = ssl->out_buf + iv_offset_out;
+
+ ssl->in_msg = ssl->in_buf + written_in;
+ ssl->in_len = ssl->in_buf + len_offset_in;
+ ssl->in_iv = ssl->in_buf + iv_offset_in;
+ }
+}
#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
/*
@@ -655,7 +721,7 @@
}
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
static int tls_prf_sha384( const unsigned char *secret, size_t slen,
const char *label,
const unsigned char *random, size_t rlen,
@@ -664,7 +730,7 @@
return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen,
label, random, rlen, dstbuf, dlen ) );
}
-#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t );
@@ -691,7 +757,7 @@
static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int );
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t );
static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char*, size_t * );
static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int );
@@ -738,7 +804,7 @@
else
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
if( tls_prf == tls_prf_sha384 )
{
return( MBEDTLS_SSL_TLS_PRF_SHA384 );
@@ -779,11 +845,11 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
case MBEDTLS_SSL_TLS_PRF_SHA384:
tls_prf = tls_prf_sha384;
break;
-#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_SSL_TLS_PRF_SHA256:
tls_prf = tls_prf_sha256;
@@ -897,7 +963,7 @@
cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher );
if( cipher_info == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found",
ciphersuite_info->cipher ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@@ -905,8 +971,8 @@
md_info = mbedtls_md_info_from_type( ciphersuite_info->mac );
if( md_info == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found",
- ciphersuite_info->mac ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %u not found",
+ (unsigned) ciphersuite_info->mac ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@@ -1384,7 +1450,8 @@
int minor_ver,
mbedtls_md_type_t hash )
{
-#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || !defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || \
+ !( defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) )
(void) hash;
#endif
@@ -1407,7 +1474,7 @@
else
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
hash == MBEDTLS_MD_SHA384 )
{
@@ -1799,7 +1866,7 @@
}
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl,
unsigned char *hash,
size_t *hlen )
@@ -1846,7 +1913,7 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
return;
}
-#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
@@ -1881,8 +1948,8 @@
if( end - p < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- *(p++) = (unsigned char)( psk_len >> 8 );
- *(p++) = (unsigned char)( psk_len );
+ MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 );
+ p += 2;
if( end < p || (size_t)( end - p ) < psk_len )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -1922,9 +1989,8 @@
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( ret );
}
- *(p++) = (unsigned char)( len >> 8 );
- *(p++) = (unsigned char)( len );
- p += len;
+ MBEDTLS_PUT_UINT16_BE( len, p, 0 );
+ p += 2 + len;
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
}
@@ -1944,9 +2010,8 @@
return( ret );
}
- *(p++) = (unsigned char)( zlen >> 8 );
- *(p++) = (unsigned char)( zlen );
- p += zlen;
+ MBEDTLS_PUT_UINT16_BE( zlen, p, 0 );
+ p += 2 + zlen;
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
MBEDTLS_DEBUG_ECDH_Z );
@@ -1962,8 +2027,8 @@
if( end - p < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- *(p++) = (unsigned char)( psk_len >> 8 );
- *(p++) = (unsigned char)( psk_len );
+ MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 );
+ p += 2;
if( end < p || (size_t)( end - p ) < psk_len )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -2151,22 +2216,23 @@
n = crt->raw.len;
if( n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d",
- i + 3 + n, MBEDTLS_SSL_OUT_CONTENT_LEN ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %" MBEDTLS_PRINTF_SIZET
+ " > %" MBEDTLS_PRINTF_SIZET,
+ i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) );
return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE );
}
- ssl->out_msg[i ] = (unsigned char)( n >> 16 );
- ssl->out_msg[i + 1] = (unsigned char)( n >> 8 );
- ssl->out_msg[i + 2] = (unsigned char)( n );
+ ssl->out_msg[i ] = MBEDTLS_BYTE_2( n );
+ ssl->out_msg[i + 1] = MBEDTLS_BYTE_1( n );
+ ssl->out_msg[i + 2] = MBEDTLS_BYTE_0( n );
i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n );
i += n; crt = crt->next;
}
- ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 );
- ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 );
- ssl->out_msg[6] = (unsigned char)( ( i - 7 ) );
+ ssl->out_msg[4] = MBEDTLS_BYTE_2( i - 7 );
+ ssl->out_msg[5] = MBEDTLS_BYTE_1( i - 7 );
+ ssl->out_msg[6] = MBEDTLS_BYTE_0( i - 7 );
ssl->out_msglen = i;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
@@ -2643,8 +2709,8 @@
#if defined(MBEDTLS_DEBUG_C)
if( ssl->session_negotiate->verify_result != 0 )
{
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x",
- ssl->session_negotiate->verify_result ) );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %08x",
+ (unsigned int) ssl->session_negotiate->verify_result ) );
}
else
{
@@ -2767,7 +2833,7 @@
chain = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
if( chain == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed",
sizeof( mbedtls_x509_crt ) ) );
mbedtls_ssl_send_alert_message( ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
@@ -2869,7 +2935,7 @@
else
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
ssl->handshake->update_checksum = ssl_update_checksum_sha384;
else
@@ -2902,7 +2968,7 @@
mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 );
#endif
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_abort( &ssl->handshake->fin_sha384_psa );
psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
@@ -2929,7 +2995,7 @@
mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
#endif
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len );
#else
@@ -2962,7 +3028,7 @@
}
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
@@ -3196,9 +3262,7 @@
}
#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-
-typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*);
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
static void ssl_calc_finished_tls_sha384(
mbedtls_ssl_context *ssl, unsigned char *buf, int from )
@@ -3258,13 +3322,19 @@
MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *)
sha512.state, sizeof( sha512.state ) );
#endif
- /*
- * For SHA-384, we can save 16 bytes by keeping padbuf 48 bytes long.
- * However, to avoid stringop-overflow warning in gcc, we have to cast
- * mbedtls_sha512_finish_ret().
+ /* mbedtls_sha512_finish_ret's output parameter is declared as a
+ * 64-byte buffer, but sice we're using SHA-384, we know that the
+ * output fits in 48 bytes. This is correct C, but GCC 11.1 warns
+ * about it.
*/
- finish_sha384_t finish = (finish_sha384_t)mbedtls_sha512_finish_ret;
- finish( &sha512, padbuf );
+#if defined(__GNUC__) && __GNUC__ >= 11
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wstringop-overflow"
+#endif
+ mbedtls_sha512_finish_ret( &sha512, padbuf );
+#if defined(__GNUC__) && __GNUC__ >= 11
+#pragma GCC diagnostic pop
+#endif
mbedtls_sha512_free( &sha512 );
#endif
@@ -3278,7 +3348,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
-#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl )
@@ -3538,7 +3608,7 @@
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
}
@@ -3592,7 +3662,7 @@
mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 );
#endif
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
handshake->fin_sha384_psa = psa_hash_operation_init();
psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
@@ -3686,64 +3756,9 @@
}
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
/* If the buffers are too small - reallocate */
- {
- int modified = 0;
- size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
- size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
- if( ssl->in_buf != NULL )
- {
- written_in = ssl->in_msg - ssl->in_buf;
- iv_offset_in = ssl->in_iv - ssl->in_buf;
- len_offset_in = ssl->in_len - ssl->in_buf;
- if( ssl->in_buf_len < MBEDTLS_SSL_IN_BUFFER_LEN )
- {
- if( resize_buffer( &ssl->in_buf, MBEDTLS_SSL_IN_BUFFER_LEN,
- &ssl->in_buf_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) );
- }
- else
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %d", MBEDTLS_SSL_IN_BUFFER_LEN ) );
- modified = 1;
- }
- }
- }
- if( ssl->out_buf != NULL )
- {
- written_out = ssl->out_msg - ssl->out_buf;
- iv_offset_out = ssl->out_iv - ssl->out_buf;
- len_offset_out = ssl->out_len - ssl->out_buf;
- if( ssl->out_buf_len < MBEDTLS_SSL_OUT_BUFFER_LEN )
- {
- if( resize_buffer( &ssl->out_buf, MBEDTLS_SSL_OUT_BUFFER_LEN,
- &ssl->out_buf_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) );
- }
- else
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %d", MBEDTLS_SSL_OUT_BUFFER_LEN ) );
- modified = 1;
- }
- }
- }
- if( modified )
- {
- /* Update pointers here to avoid doing it twice. */
- mbedtls_ssl_reset_in_out_pointers( ssl );
- /* Fields below might not be properly updated with record
- * splitting or with CID, so they are manually updated here. */
- ssl->out_msg = ssl->out_buf + written_out;
- ssl->out_len = ssl->out_buf + len_offset_out;
- ssl->out_iv = ssl->out_buf + iv_offset_out;
-
- ssl->in_msg = ssl->in_buf + written_in;
- ssl->in_len = ssl->in_buf + len_offset_in;
- ssl->in_iv = ssl->in_buf + iv_offset_in;
- }
- }
+ handle_buffer_resizing( ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN,
+ MBEDTLS_SSL_OUT_BUFFER_LEN );
#endif
/* All pointers should exist and can be directly freed without issue */
@@ -3849,7 +3864,7 @@
ssl->in_buf = mbedtls_calloc( 1, in_buf_len );
if( ssl->in_buf == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", in_buf_len ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", in_buf_len ) );
ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
goto error;
}
@@ -3860,7 +3875,7 @@
ssl->out_buf = mbedtls_calloc( 1, out_buf_len );
if( ssl->out_buf == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", out_buf_len ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", out_buf_len ) );
ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
goto error;
}
@@ -5261,8 +5276,8 @@
MBEDTLS_VERSION_MAJOR,
MBEDTLS_VERSION_MINOR,
MBEDTLS_VERSION_PATCH,
- ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF,
- ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF,
+ MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ),
+ MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ),
};
/*
@@ -5343,14 +5358,8 @@
{
start = (uint64_t) session->start;
- *p++ = (unsigned char)( ( start >> 56 ) & 0xFF );
- *p++ = (unsigned char)( ( start >> 48 ) & 0xFF );
- *p++ = (unsigned char)( ( start >> 40 ) & 0xFF );
- *p++ = (unsigned char)( ( start >> 32 ) & 0xFF );
- *p++ = (unsigned char)( ( start >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( start >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( start >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( start ) & 0xFF );
+ MBEDTLS_PUT_UINT64_BE( start, p, 0 );
+ p += 8;
}
#endif /* MBEDTLS_HAVE_TIME */
@@ -5366,22 +5375,20 @@
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( session->ciphersuite >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ciphersuite ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( session->ciphersuite, p, 0 );
+ p += 2;
- *p++ = (unsigned char)( session->compression & 0xFF );
+ *p++ = MBEDTLS_BYTE_0( session->compression );
- *p++ = (unsigned char)( session->id_len & 0xFF );
+ *p++ = MBEDTLS_BYTE_0( session->id_len );
memcpy( p, session->id, 32 );
p += 32;
memcpy( p, session->master, 48 );
p += 48;
- *p++ = (unsigned char)( ( session->verify_result >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( session->verify_result >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( session->verify_result >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session->verify_result ) & 0xFF );
+ MBEDTLS_PUT_UINT32_BE( session->verify_result, p, 0 );
+ p += 4;
}
/*
@@ -5398,9 +5405,9 @@
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( cert_len ) & 0xFF );
+ *p++ = MBEDTLS_BYTE_2( cert_len );
+ *p++ = MBEDTLS_BYTE_1( cert_len );
+ *p++ = MBEDTLS_BYTE_0( cert_len );
if( session->peer_cert != NULL )
{
@@ -5441,9 +5448,9 @@
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( session->ticket_len >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_len ) & 0xFF );
+ *p++ = MBEDTLS_BYTE_2( session->ticket_len );
+ *p++ = MBEDTLS_BYTE_1( session->ticket_len );
+ *p++ = MBEDTLS_BYTE_0( session->ticket_len );
if( session->ticket != NULL )
{
@@ -5451,10 +5458,8 @@
p += session->ticket_len;
}
- *p++ = (unsigned char)( ( session->ticket_lifetime >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_lifetime >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_lifetime >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_lifetime ) & 0xFF );
+ MBEDTLS_PUT_UINT32_BE( session->ticket_lifetime, p, 0 );
+ p += 4;
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
@@ -5479,7 +5484,7 @@
used += 1;
if( used <= buf_len )
- *p++ = (unsigned char)( ( session->encrypt_then_mac ) & 0xFF );
+ *p++ = MBEDTLS_BYTE_0( session->encrypt_then_mac );
#endif
/* Done */
@@ -5978,7 +5983,7 @@
mbedtls_sha256_free( &handshake->fin_sha256 );
#endif
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_abort( &handshake->fin_sha384_psa );
#else
@@ -6068,66 +6073,8 @@
* processes datagrams and the fact that a datagram is allowed to have
* several records in it, it is possible that the I/O buffers are not
* empty at this stage */
- {
- int modified = 0;
- uint32_t buf_len = mbedtls_ssl_get_input_buflen( ssl );
- size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
- size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
- if( ssl->in_buf != NULL )
- {
- written_in = ssl->in_msg - ssl->in_buf;
- iv_offset_in = ssl->in_iv - ssl->in_buf;
- len_offset_in = ssl->in_len - ssl->in_buf;
- if( ssl->in_buf_len > buf_len && ssl->in_left < buf_len )
- {
- if( resize_buffer( &ssl->in_buf, buf_len, &ssl->in_buf_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) );
- }
- else
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %d", buf_len ) );
- modified = 1;
- }
- }
- }
-
-
- buf_len = mbedtls_ssl_get_output_buflen( ssl );
- if(ssl->out_buf != NULL )
- {
- written_out = ssl->out_msg - ssl->out_buf;
- iv_offset_out = ssl->out_iv - ssl->out_buf;
- len_offset_out = ssl->out_len - ssl->out_buf;
- if( ssl->out_buf_len > mbedtls_ssl_get_output_buflen( ssl ) &&
- ssl->out_left < buf_len )
- {
- if( resize_buffer( &ssl->out_buf, buf_len, &ssl->out_buf_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) );
- }
- else
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %d", buf_len ) );
- modified = 1;
- }
- }
- }
- if( modified )
- {
- /* Update pointers here to avoid doing it twice. */
- mbedtls_ssl_reset_in_out_pointers( ssl );
- /* Fields below might not be properly updated with record
- * splitting or with CID, so they are manually updated here. */
- ssl->out_msg = ssl->out_buf + written_out;
- ssl->out_len = ssl->out_buf + len_offset_out;
- ssl->out_iv = ssl->out_buf + iv_offset_out;
-
- ssl->in_msg = ssl->in_buf + written_in;
- ssl->in_len = ssl->in_buf + len_offset_in;
- ssl->in_iv = ssl->in_buf + iv_offset_in;
- }
- }
+ handle_buffer_resizing( ssl, 1, mbedtls_ssl_get_input_buflen( ssl ),
+ mbedtls_ssl_get_output_buflen( ssl ) );
#endif
}
@@ -6190,11 +6137,11 @@
MBEDTLS_VERSION_MAJOR,
MBEDTLS_VERSION_MINOR,
MBEDTLS_VERSION_PATCH,
- ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF,
- ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF,
- ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 16 ) & 0xFF,
- ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 8 ) & 0xFF,
- ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 0 ) & 0xFF,
+ MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ),
+ MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ),
+ MBEDTLS_BYTE_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ),
+ MBEDTLS_BYTE_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ),
+ MBEDTLS_BYTE_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ),
};
/*
@@ -6335,10 +6282,8 @@
used += 4 + session_len;
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( session_len >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( session_len >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( session_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session_len ) & 0xFF );
+ MBEDTLS_PUT_UINT32_BE( session_len, p, 0 );
+ p += 4;
ret = ssl_session_save( ssl->session, 1,
p, session_len, &session_len );
@@ -6380,10 +6325,8 @@
used += 4;
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( ssl->badmac_seen >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->badmac_seen >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->badmac_seen >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->badmac_seen ) & 0xFF );
+ MBEDTLS_PUT_UINT32_BE( ssl->badmac_seen, p, 0 );
+ p += 4;
}
#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
@@ -6391,23 +6334,11 @@
used += 16;
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( ssl->in_window_top >> 56 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window_top >> 48 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window_top >> 40 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window_top >> 32 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window_top >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window_top >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window_top >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window_top ) & 0xFF );
+ MBEDTLS_PUT_UINT64_BE( ssl->in_window_top, p, 0 );
+ p += 8;
- *p++ = (unsigned char)( ( ssl->in_window >> 56 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window >> 48 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window >> 40 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window >> 32 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->in_window ) & 0xFF );
+ MBEDTLS_PUT_UINT64_BE( ssl->in_window, p, 0 );
+ p += 8;
}
#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
@@ -6430,8 +6361,8 @@
used += 2;
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( ssl->mtu >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->mtu ) & 0xFF );
+ MBEDTLS_PUT_UINT16_BE( ssl->mtu, p, 0 );
+ p += 2;
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
@@ -6478,7 +6409,7 @@
unsigned char *dstbuf, size_t dlen );
static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id )
{
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
@@ -6893,6 +6824,8 @@
static int ssl_preset_default_hashes[] = {
#if defined(MBEDTLS_SHA512_C)
MBEDTLS_MD_SHA512,
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
MBEDTLS_MD_SHA384,
#endif
#if defined(MBEDTLS_SHA256_C)
@@ -7252,9 +7185,11 @@
case MBEDTLS_SSL_HASH_SHA256:
return( MBEDTLS_MD_SHA256 );
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
case MBEDTLS_SSL_HASH_SHA384:
return( MBEDTLS_MD_SHA384 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_SSL_HASH_SHA512:
return( MBEDTLS_MD_SHA512 );
#endif
@@ -7284,9 +7219,11 @@
case MBEDTLS_MD_SHA256:
return( MBEDTLS_SSL_HASH_SHA256 );
#endif
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
case MBEDTLS_MD_SHA384:
return( MBEDTLS_SSL_HASH_SHA384 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512:
return( MBEDTLS_SSL_HASH_SHA512 );
#endif
@@ -7446,7 +7383,7 @@
break;
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
case MBEDTLS_SSL_HASH_SHA384:
ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
break;
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index c39e032..3de6f03 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -112,17 +112,17 @@
#endif
*p++ = 0;
- *p++ = (unsigned char)( ( desired_length >> 0 ) & 0xFF );
+ *p++ = MBEDTLS_BYTE_0( desired_length );
/* Add label incl. prefix */
- *p++ = (unsigned char)( total_label_len & 0xFF );
+ *p++ = MBEDTLS_BYTE_0( total_label_len );
memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) );
p += sizeof(tls1_3_label_prefix);
memcpy( p, label, llen );
p += llen;
/* Add context value */
- *p++ = (unsigned char)( clen & 0xFF );
+ *p++ = MBEDTLS_BYTE_0( clen );
if( clen != 0 )
memcpy( p, ctx, clen );
diff --git a/library/threading.c b/library/threading.c
index 2bb932d..2de117f 100644
--- a/library/threading.c
+++ b/library/threading.c
@@ -67,6 +67,12 @@
if( mutex == NULL )
return;
+ /* A nonzero value of is_valid indicates a successfully initialized
+ * mutex. This is a workaround for not being able to return an error
+ * code for this function. The lock/unlock functions return an error
+ * if is_valid is nonzero. The Mbed TLS unit test code uses this field
+ * to distinguish more states of the mutex; see
+ * tests/src/threading_helpers for details. */
mutex->is_valid = pthread_mutex_init( &mutex->mutex, NULL ) == 0;
}
diff --git a/library/version_features.c b/library/version_features.c
index 42ccaf9..f665a23 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -225,6 +225,9 @@
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
"MBEDTLS_ECP_INTERNAL_ALT",
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+#if defined(MBEDTLS_ECP_NO_FALLBACK)
+ "MBEDTLS_ECP_NO_FALLBACK",
+#endif /* MBEDTLS_ECP_NO_FALLBACK */
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
"MBEDTLS_ECP_RANDOMIZE_JAC_ALT",
#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
@@ -435,9 +438,18 @@
#if defined(MBEDTLS_PKCS1_V21)
"MBEDTLS_PKCS1_V21",
#endif /* MBEDTLS_PKCS1_V21 */
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+ "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS",
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+ "MBEDTLS_PSA_CRYPTO_CLIENT",
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
"MBEDTLS_PSA_CRYPTO_DRIVERS",
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG",
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
#if defined(MBEDTLS_PSA_CRYPTO_SPM)
"MBEDTLS_PSA_CRYPTO_SPM",
#endif /* MBEDTLS_PSA_CRYPTO_SPM */
diff --git a/library/x509.c b/library/x509.c
index 2a7be32..f21e9e6 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -81,18 +81,18 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( ( end - *p ) < 1 )
- return( MBEDTLS_ERR_X509_INVALID_SERIAL +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) &&
**p != MBEDTLS_ASN1_INTEGER )
- return( MBEDTLS_ERR_X509_INVALID_SERIAL +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
serial->tag = *(*p)++;
if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, ret ) );
serial->p = *p;
*p += serial->len;
@@ -112,7 +112,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
return( 0 );
}
@@ -126,7 +126,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
return( 0 );
}
@@ -151,39 +151,39 @@
/* Make sure we got a SEQUENCE and setup bounds */
if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
p = alg->p;
end = p + alg->len;
if( p >= end )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
/* Parse md_oid */
md_oid.tag = *p;
if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
md_oid.p = p;
p += md_oid.len;
/* Get md_alg from md_oid */
if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
/* Make sure params is absent of NULL */
if( p == end )
return( 0 );
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
if( p != end )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -217,8 +217,8 @@
/* Make sure params is a SEQUENCE and setup bounds */
if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
p = (unsigned char *) params->p;
end = p + params->len;
@@ -239,14 +239,14 @@
return( ret );
if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
if( p != end2 )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
if( p == end )
return( 0 );
@@ -265,19 +265,19 @@
/* Only MFG1 is recognised for now */
if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 )
- return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE +
- MBEDTLS_ERR_OID_NOT_FOUND );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE,
+ MBEDTLS_ERR_OID_NOT_FOUND ) );
/* Parse HashAlgorithm */
if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 )
return( ret );
if( p != end2 )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
if( p == end )
return( 0 );
@@ -291,14 +291,14 @@
end2 = p + len;
if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
if( p != end2 )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
if( p == end )
return( 0 );
@@ -314,21 +314,21 @@
end2 = p + len;
if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
if( p != end2 )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
if( trailer_field != 1 )
return( MBEDTLS_ERR_X509_INVALID_ALG );
}
else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
if( p != end )
- return( MBEDTLS_ERR_X509_INVALID_ALG +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -354,47 +354,47 @@
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) );
end = *p + len;
if( ( end - *p ) < 1 )
- return( MBEDTLS_ERR_X509_INVALID_NAME +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
oid = &cur->oid;
oid->tag = **p;
if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) );
oid->p = *p;
*p += oid->len;
if( ( end - *p ) < 1 )
- return( MBEDTLS_ERR_X509_INVALID_NAME +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING &&
**p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING &&
**p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING &&
**p != MBEDTLS_ASN1_BIT_STRING )
- return( MBEDTLS_ERR_X509_INVALID_NAME +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
val = &cur->val;
val->tag = *(*p)++;
if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) );
val->p = *p;
*p += val->len;
if( *p != end )
{
- return( MBEDTLS_ERR_X509_INVALID_NAME +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
cur->next = NULL;
@@ -440,7 +440,7 @@
*/
if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) );
end_set = *p + set_len;
@@ -604,8 +604,8 @@
unsigned char tag;
if( ( end - *p ) < 1 )
- return( MBEDTLS_ERR_X509_INVALID_DATE +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
tag = **p;
@@ -614,14 +614,14 @@
else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME )
year_len = 4;
else
- return( MBEDTLS_ERR_X509_INVALID_DATE +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
(*p)++;
ret = mbedtls_asn1_get_len( p, end, &len );
if( ret != 0 )
- return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) );
return x509_parse_time( p, len, year_len, tm );
}
@@ -633,13 +633,13 @@
int tag_type;
if( ( end - *p ) < 1 )
- return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
tag_type = **p;
if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret ) );
sig->tag = tag_type;
sig->len = len;
@@ -663,7 +663,7 @@
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 )
- return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret ) );
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if( *pk_alg == MBEDTLS_PK_RSASSA_PSS )
@@ -714,7 +714,7 @@
ret = mbedtls_asn1_get_tag( p, end, &ext->len,
MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag );
if( ret != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag;
ext->p = *p;
@@ -725,11 +725,11 @@
*/
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( end != *p + len )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
diff --git a/library/x509_crl.c b/library/x509_crl.c
index edeb39b..ac4fc75 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -79,7 +79,7 @@
return( 0 );
}
- return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) );
}
return( 0 );
@@ -125,7 +125,7 @@
/* Get enclosing sequence tag */
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
end_ext_data = *p + len;
@@ -133,7 +133,7 @@
if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len,
MBEDTLS_ASN1_OID ) ) != 0 )
{
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
}
*p += len;
@@ -142,29 +142,29 @@
&is_critical ) ) != 0 &&
( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) )
{
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
}
/* Data should be octet string type */
if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len,
MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
/* Ignore data so far and just check its length */
*p += len;
if( *p != end_ext_data )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/* Abort on (unsupported) critical extensions */
if( is_critical )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
}
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -198,27 +198,27 @@
ext->p = NULL;
return( 0 );
}
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
}
end = *p + ext->len;
if( end != *p + ext->len )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
while( *p < end )
{
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
*p += len;
}
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -364,8 +364,8 @@
if( len != (size_t) ( end - p ) )
{
mbedtls_x509_crl_free( crl );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
/*
@@ -377,7 +377,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
mbedtls_x509_crl_free( crl );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
end = p + len;
@@ -421,7 +421,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
mbedtls_x509_crl_free( crl );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
@@ -444,10 +444,10 @@
if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 )
{
- if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) &&
- ret != ( MBEDTLS_ERR_X509_INVALID_DATE +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA ) )
+ if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) &&
+ ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE,
+ MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) )
{
mbedtls_x509_crl_free( crl );
return( ret );
@@ -486,8 +486,8 @@
if( p != end )
{
mbedtls_x509_crl_free( crl );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
end = crl->raw.p + crl->raw.len;
@@ -521,8 +521,8 @@
if( p != end )
{
mbedtls_x509_crl_free( crl );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
return( 0 );
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 71e9cec..a6cccf8 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -91,15 +91,10 @@
*/
#define X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 )
-/*
- * Default profile
- */
+/* Default profile. Do not remove items unless there are serious security
+ * concerns. */
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
{
-#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES)
- /* Allow SHA-1 (weak, but still safe in controlled environments) */
- MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
-#endif
/* Only SHA-2 hashes */
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
@@ -397,17 +392,17 @@
return( 0 );
}
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
end = *p + len;
if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) );
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_VERSION +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -427,7 +422,7 @@
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) );
end = *p + len;
@@ -438,8 +433,8 @@
return( ret );
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_DATE +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -464,7 +459,7 @@
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( 0 );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
uid->p = *p;
@@ -491,7 +486,7 @@
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( *p == end )
return( 0 );
@@ -502,7 +497,7 @@
ret = mbedtls_asn1_get_int( p, end, ca_istrue );
if( ret != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( *ca_istrue != 0 )
*ca_istrue = 1;
@@ -512,17 +507,17 @@
return( 0 );
if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer
* overflow, which is an undefined behavior. */
if( *max_pathlen == INT_MAX )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_INVALID_LENGTH ) );
(*max_pathlen)++;
@@ -537,11 +532,11 @@
mbedtls_x509_bitstring bs = { 0, 0, NULL };
if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( bs.len != 1 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_INVALID_LENGTH ) );
/* Get actual bitstring */
*ns_cert_type = *bs.p;
@@ -557,11 +552,11 @@
mbedtls_x509_bitstring bs = { 0, 0, NULL };
if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( bs.len < 1 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_INVALID_LENGTH ) );
/* Get actual bitstring */
*key_usage = 0;
@@ -585,12 +580,12 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
/* Sequence length must be >= 1 */
if( ext_key_usage->buf.p == NULL )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_INVALID_LENGTH ) );
return( 0 );
}
@@ -635,11 +630,11 @@
/* Get main sequence tag */
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( *p + len != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
while( *p < end )
{
@@ -649,13 +644,13 @@
tag = **p;
(*p)++;
if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) !=
MBEDTLS_ASN1_CONTEXT_SPECIFIC )
{
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
}
/*
@@ -691,8 +686,8 @@
cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) );
if( cur->next == NULL )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_ALLOC_FAILED );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_ALLOC_FAILED ) );
cur = cur->next;
}
@@ -708,8 +703,8 @@
cur->next = NULL;
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -776,18 +771,18 @@
ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE );
if( ret != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( *p + len != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/*
* Cannot be an empty sequence.
*/
if( len == 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
while( *p < end )
{
@@ -799,13 +794,13 @@
*/
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
policy_end = *p + len;
if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
policy_oid.tag = MBEDTLS_ASN1_OID;
policy_oid.len = len;
@@ -833,8 +828,8 @@
cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) );
if( cur->next == NULL )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_ALLOC_FAILED );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_ALLOC_FAILED ) );
cur = cur->next;
}
@@ -854,7 +849,7 @@
{
if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
/*
* Skip the optional policy qualifiers.
*/
@@ -862,16 +857,16 @@
}
if( *p != policy_end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
/* Set final sequence entry's next pointer to NULL */
cur->next = NULL;
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( parse_ret );
}
@@ -911,14 +906,14 @@
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
end_ext_data = *p + len;
/* Get extension ID */
if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len,
MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
extn_oid.tag = MBEDTLS_ASN1_OID;
extn_oid.p = *p;
@@ -927,19 +922,19 @@
/* Get optional critical */
if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
/* Data should be octet string type */
if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len,
MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
start_ext_octet = *p;
end_ext_octet = *p + len;
if( end_ext_octet != end_ext_data )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/*
* Detect supported extensions
@@ -965,8 +960,8 @@
if( is_critical )
{
/* Data is marked as critical: fail */
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
}
#endif
continue;
@@ -1059,8 +1054,8 @@
}
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
@@ -1138,7 +1133,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
mbedtls_x509_crt_free( crt );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
end = p + len;
@@ -1185,7 +1180,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
mbedtls_x509_crt_free( crt );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
@@ -1218,7 +1213,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
mbedtls_x509_crt_free( crt );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
@@ -1283,8 +1278,8 @@
if( p != end )
{
mbedtls_x509_crt_free( crt );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
end = crt_end;
@@ -1304,6 +1299,7 @@
if( crt->sig_oid.len != sig_oid2.len ||
memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 ||
+ sig_params1.tag != sig_params2.tag ||
sig_params1.len != sig_params2.len ||
( sig_params1.len != 0 &&
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
@@ -1321,8 +1317,8 @@
if( p != end )
{
mbedtls_x509_crt_free( crt );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
return( 0 );
@@ -1628,6 +1624,8 @@
}
#endif /* MBEDTLS_THREADING_C */
+ memset( &sb, 0, sizeof( sb ) );
+
while( ( entry = readdir( dir ) ) != NULL )
{
snp_ret = mbedtls_snprintf( entry_name, sizeof entry_name,
@@ -1703,7 +1701,7 @@
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
cur_oid.tag = MBEDTLS_ASN1_OID;
cur_oid.p = p;
@@ -1720,20 +1718,20 @@
if( p + len >= end )
{
mbedtls_platform_zeroize( other_name, sizeof( *other_name ) );
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
p += len;
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID;
other_name->value.hardware_module_name.oid.p = p;
@@ -1742,13 +1740,13 @@
if( p + len >= end )
{
mbedtls_platform_zeroize( other_name, sizeof( *other_name ) );
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
p += len;
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING;
other_name->value.hardware_module_name.val.p = p;
@@ -1758,8 +1756,8 @@
{
mbedtls_platform_zeroize( other_name,
sizeof( *other_name ) );
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
return( 0 );
}
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 5463f8a..e259410 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -73,7 +73,7 @@
return( 0 );
}
- return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) );
}
return( 0 );
@@ -131,8 +131,8 @@
if( len != (size_t) ( end - p ) )
{
mbedtls_x509_csr_free( csr );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
/*
@@ -144,7 +144,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
mbedtls_x509_csr_free( csr );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
end = p + len;
@@ -176,7 +176,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
mbedtls_x509_csr_free( csr );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 )
@@ -210,7 +210,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 )
{
mbedtls_x509_csr_free( csr );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
}
p += len;
@@ -244,8 +244,8 @@
if( p != end )
{
mbedtls_x509_csr_free( csr );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
return( 0 );
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 32c6550..184c90c 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -163,7 +163,7 @@
return(
mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS,
MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ),
- 0, buf + sizeof(buf) - len, len ) );
+ is_ca, buf + sizeof(buf) - len, len ) );
}
#if defined(MBEDTLS_SHA1_C)
@@ -233,7 +233,7 @@
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
unsigned int key_usage )
{
- unsigned char buf[5], ku[2];
+ unsigned char buf[5] = {0}, ku[2] = {0};
unsigned char *c;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE |
@@ -251,8 +251,7 @@
return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
c = buf + 5;
- ku[0] = (unsigned char)( key_usage );
- ku[1] = (unsigned char)( key_usage >> 8 );
+ MBEDTLS_PUT_UINT16_LE( key_usage, ku, 0 );
ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 );
if( ret < 0 )
@@ -272,7 +271,7 @@
int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
unsigned char ns_cert_type )
{
- unsigned char buf[4];
+ unsigned char buf[4] = {0};
unsigned char *c;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index c7c8032..afda950 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -91,7 +91,7 @@
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
{
- unsigned char buf[4];
+ unsigned char buf[4] = {0};
unsigned char *c;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -113,7 +113,7 @@
int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
unsigned char ns_cert_type )
{
- unsigned char buf[4];
+ unsigned char buf[4] = {0};
unsigned char *c;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
diff --git a/library/xtea.c b/library/xtea.c
index 4b8c9c0..77f6cb6 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -37,29 +37,6 @@
#if !defined(MBEDTLS_XTEA_ALT)
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
void mbedtls_xtea_init( mbedtls_xtea_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_xtea_context ) );
@@ -84,7 +61,7 @@
for( i = 0; i < 4; i++ )
{
- GET_UINT32_BE( ctx->k[i], key, i << 2 );
+ ctx->k[i] = MBEDTLS_GET_UINT32_BE( key, i << 2 );
}
}
@@ -98,8 +75,8 @@
k = ctx->k;
- GET_UINT32_BE( v0, input, 0 );
- GET_UINT32_BE( v1, input, 4 );
+ v0 = MBEDTLS_GET_UINT32_BE( input, 0 );
+ v1 = MBEDTLS_GET_UINT32_BE( input, 4 );
if( mode == MBEDTLS_XTEA_ENCRYPT )
{
@@ -124,8 +101,8 @@
}
}
- PUT_UINT32_BE( v0, output, 0 );
- PUT_UINT32_BE( v1, output, 4 );
+ MBEDTLS_PUT_UINT32_BE( v0, output, 0 );
+ MBEDTLS_PUT_UINT32_BE( v1, output, 4 );
return( 0 );
}
diff --git a/programs/.gitignore b/programs/.gitignore
index 88fb9d5..9816c34 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -1,8 +1,13 @@
+# Ignore makefiles generated by CMake, but not the makefile that's checked in.
*/Makefile
+!fuzz/Makefile
+
*.sln
*.vcxproj
-aes/aescrypt2
+*.o
+*.exe
+
aes/crypt_and_hash
hash/generic_sum
hash/hello
diff --git a/programs/Makefile b/programs/Makefile
index 9cbc471..8cd27ea 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -3,8 +3,8 @@
# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS
CFLAGS ?= -O2
-WARNING_CFLAGS ?= -Wall -Wextra
-WARNING_CXXFLAGS ?= -Wall -Wextra
+WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
+WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
LDFLAGS ?=
MBEDTLS_TEST_PATH:=../tests/src
@@ -56,7 +56,6 @@
endif
APPS = \
- aes/aescrypt2$(EXEXT) \
aes/crypt_and_hash$(EXEXT) \
hash/generic_sum$(EXEXT) \
hash/hello$(EXEXT) \
@@ -139,10 +138,6 @@
${MBEDTLS_TEST_OBJS}:
$(MAKE) -C ../tests mbedtls_test
-aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP)
- echo " CC aes/aescrypt2.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/aescrypt2.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP)
echo " CC aes/crypt_and_hash.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -239,7 +234,7 @@
echo " CC psa/key_ladder_demo.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c $(DEP)
+psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c psa/psa_constant_names_generated.c $(DEP)
echo " CC psa/psa_constant_names.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -267,21 +262,32 @@
echo " CC ssl/ssl_client1.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client1.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c test/query_config.c $(DEP)
+SSL_TEST_OBJECTS = test/query_config.o ssl/ssl_test_lib.o
+SSL_TEST_DEPS = $(SSL_TEST_OBJECTS) \
+ test/query_config.h \
+ ssl/ssl_test_lib.h \
+ ssl/ssl_test_common_source.c \
+ $(DEP)
+
+ssl/ssl_test_lib.o: ssl/ssl_test_lib.c ssl/ssl_test_lib.h $(DEP)
+ echo " CC ssl/ssl_test_lib.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c ssl/ssl_test_lib.c -o $@
+
+ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c $(SSL_TEST_DEPS)
echo " CC ssl/ssl_client2.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c $(SSL_TEST_OBJECTS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
ssl/ssl_server$(EXEXT): ssl/ssl_server.c $(DEP)
echo " CC ssl/ssl_server.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c test/query_config.c $(DEP)
+ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c $(SSL_TEST_DEPS)
echo " CC ssl/ssl_server2.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c $(SSL_TEST_OBJECTS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-ssl/ssl_context_info$(EXEXT): ssl/ssl_context_info.c test/query_config.c $(DEP)
+ssl/ssl_context_info$(EXEXT): ssl/ssl_context_info.c test/query_config.o test/query_config.h $(DEP)
echo " CC ssl/ssl_context_info.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_context_info.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_context_info.c test/query_config.o $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c $(DEP)
echo " CC ssl/ssl_fork_server.c"
@@ -307,6 +313,10 @@
echo " CXX test/cpp_dummy_build.cpp"
$(CXX) $(LOCAL_CXXFLAGS) $(CXXFLAGS) test/cpp_dummy_build.cpp $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+test/query_config.o: test/query_config.c test/query_config.h $(DEP)
+ echo " CC test/query_config.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c test/query_config.c -o $@
+
test/selftest$(EXEXT): test/selftest.c $(DEP)
echo " CC test/selftest.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/selftest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -319,9 +329,9 @@
echo " CC test/zeroize.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c test/query_config.c $(DEP)
+test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c test/query_config.o test/query_config.h $(DEP)
echo " CC test/query_compile_time_config.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c test/query_config.o $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
util/pem2der$(EXEXT): util/pem2der.c $(DEP)
echo " CC util/pem2der.c"
diff --git a/programs/README.md b/programs/README.md
index d26349d..e9e9f57 100644
--- a/programs/README.md
+++ b/programs/README.md
@@ -5,9 +5,6 @@
## Symmetric cryptography (AES) examples
-* [`aes/aescrypt2.c`](aes/aescrypt2.c): file encryption and authentication with a key derived from a low-entropy secret, demonstrating the low-level AES interface, the digest interface and HMAC.
- Warning: this program illustrates how to use low-level functions in the library. It should not be taken as an example of how to build a secure encryption mechanism. To derive a key from a low-entropy secret such as a password, use a standard key stretching mechanism such as PBKDF2 (provided by the `pkcs5` module). To encrypt and authenticate data, use a standard mode such as GCM or CCM (both available as library module).
-
* [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface.
## Hash (digest) examples
diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
index 6b8ce2a..62a54c7 100644
--- a/programs/aes/CMakeLists.txt
+++ b/programs/aes/CMakeLists.txt
@@ -1,5 +1,4 @@
set(executables
- aescrypt2
crypt_and_hash
)
diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c
deleted file mode 100644
index 95d64d9..0000000
--- a/programs/aes/aescrypt2.c
+++ /dev/null
@@ -1,468 +0,0 @@
-/*
- * AES-256 file encryption program
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/* Enable definition of fileno() even when compiling with -std=c99. Must be
- * set before config.h, which pulls in glibc's features.h indirectly.
- * Harmless on other platforms. */
-#define _POSIX_C_SOURCE 200112L
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#define mbedtls_exit exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#include "mbedtls/aes.h"
-#include "mbedtls/md.h"
-#include "mbedtls/platform_util.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if defined(_WIN32)
-#include <windows.h>
-#if !defined(_WIN32_WCE)
-#include <io.h>
-#endif
-#else
-#include <sys/types.h>
-#include <unistd.h>
-#endif
-
-#define MODE_ENCRYPT 0
-#define MODE_DECRYPT 1
-
-#define USAGE \
- "\n aescrypt2 <mode> <input filename> <output filename> <key>\n" \
- "\n <mode>: 0 = encrypt, 1 = decrypt\n" \
- "\n example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \
- "\n"
-
-#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_MD_C)
-int main( void )
-{
- mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_SHA256_C "
- "and/or MBEDTLS_FS_IO and/or MBEDTLS_MD_C "
- "not defined.\n");
- mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
- int ret = 0;
- int exit_code = MBEDTLS_EXIT_FAILURE;
-
- unsigned int i, n;
- int mode, lastn;
- size_t keylen;
- FILE *fkey, *fin = NULL, *fout = NULL;
-
- char *p;
-
- unsigned char IV[16];
- unsigned char tmp[16];
- unsigned char key[512];
- unsigned char digest[64];
- unsigned char buffer[1024];
- unsigned char diff;
-
- mbedtls_aes_context aes_ctx;
- mbedtls_md_context_t sha_ctx;
-
-#if defined(_WIN32_WCE)
- long filesize, offset;
-#elif defined(_WIN32)
- LARGE_INTEGER li_size;
- __int64 filesize, offset;
-#else
- off_t filesize, offset;
-#endif
-
- mbedtls_aes_init( &aes_ctx );
- mbedtls_md_init( &sha_ctx );
-
- ret = mbedtls_md_setup( &sha_ctx, mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), 1 );
- if( ret != 0 )
- {
- mbedtls_printf( " ! mbedtls_md_setup() returned -0x%04x\n", (unsigned int) -ret );
- goto exit;
- }
-
- /*
- * Parse the command-line arguments.
- */
- if( argc != 5 )
- {
- mbedtls_printf( USAGE );
-
-#if defined(_WIN32)
- mbedtls_printf( "\n Press Enter to exit this program.\n" );
- fflush( stdout ); getchar();
-#endif
-
- goto exit;
- }
-
- mode = atoi( argv[1] );
- memset( IV, 0, sizeof( IV ) );
- memset( key, 0, sizeof( key ) );
- memset( digest, 0, sizeof( digest ) );
- memset( buffer, 0, sizeof( buffer ) );
-
- if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT )
- {
- mbedtls_fprintf( stderr, "invalide operation mode\n" );
- goto exit;
- }
-
- if( strcmp( argv[2], argv[3] ) == 0 )
- {
- mbedtls_fprintf( stderr, "input and output filenames must differ\n" );
- goto exit;
- }
-
- if( ( fin = fopen( argv[2], "rb" ) ) == NULL )
- {
- mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] );
- goto exit;
- }
-
- if( ( fout = fopen( argv[3], "wb+" ) ) == NULL )
- {
- mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] );
- goto exit;
- }
-
- /*
- * Read the secret key from file or command line
- */
- if( ( fkey = fopen( argv[4], "rb" ) ) != NULL )
- {
- keylen = fread( key, 1, sizeof( key ), fkey );
- fclose( fkey );
- }
- else
- {
- if( memcmp( argv[4], "hex:", 4 ) == 0 )
- {
- p = &argv[4][4];
- keylen = 0;
-
- while( sscanf( p, "%02X", &n ) > 0 &&
- keylen < (int) sizeof( key ) )
- {
- key[keylen++] = (unsigned char) n;
- p += 2;
- }
- }
- else
- {
- keylen = strlen( argv[4] );
-
- if( keylen > (int) sizeof( key ) )
- keylen = (int) sizeof( key );
-
- memcpy( key, argv[4], keylen );
- }
- }
-
-#if defined(_WIN32_WCE)
- filesize = fseek( fin, 0L, SEEK_END );
-#else
-#if defined(_WIN32)
- /*
- * Support large files (> 2Gb) on Win32
- */
- li_size.QuadPart = 0;
- li_size.LowPart =
- SetFilePointer( (HANDLE) _get_osfhandle( _fileno( fin ) ),
- li_size.LowPart, &li_size.HighPart, FILE_END );
-
- if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR )
- {
- mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" );
- goto exit;
- }
-
- filesize = li_size.QuadPart;
-#else
- if( ( filesize = lseek( fileno( fin ), 0, SEEK_END ) ) < 0 )
- {
- perror( "lseek" );
- goto exit;
- }
-#endif
-#endif
-
- if( fseek( fin, 0, SEEK_SET ) < 0 )
- {
- mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" );
- goto exit;
- }
-
- if( mode == MODE_ENCRYPT )
- {
- /*
- * Generate the initialization vector as:
- * IV = SHA-256( filesize || filename )[0..15]
- */
- for( i = 0; i < 8; i++ )
- buffer[i] = (unsigned char)( filesize >> ( i << 3 ) );
-
- p = argv[2];
-
- mbedtls_md_starts( &sha_ctx );
- mbedtls_md_update( &sha_ctx, buffer, 8 );
- mbedtls_md_update( &sha_ctx, (unsigned char *) p, strlen( p ) );
- mbedtls_md_finish( &sha_ctx, digest );
-
- memcpy( IV, digest, 16 );
-
- /*
- * The last four bits in the IV are actually used
- * to store the file size modulo the AES block size.
- */
- lastn = (int)( filesize & 0x0F );
-
- IV[15] = (unsigned char)
- ( ( IV[15] & 0xF0 ) | lastn );
-
- /*
- * Append the IV at the beginning of the output.
- */
- if( fwrite( IV, 1, 16, fout ) != 16 )
- {
- mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
- goto exit;
- }
-
- /*
- * Hash the IV and the secret key together 8192 times
- * using the result to setup the AES context and HMAC.
- */
- memset( digest, 0, 32 );
- memcpy( digest, IV, 16 );
-
- for( i = 0; i < 8192; i++ )
- {
- mbedtls_md_starts( &sha_ctx );
- mbedtls_md_update( &sha_ctx, digest, 32 );
- mbedtls_md_update( &sha_ctx, key, keylen );
- mbedtls_md_finish( &sha_ctx, digest );
- }
-
- mbedtls_aes_setkey_enc( &aes_ctx, digest, 256 );
- mbedtls_md_hmac_starts( &sha_ctx, digest, 32 );
-
- /*
- * Encrypt and write the ciphertext.
- */
- for( offset = 0; offset < filesize; offset += 16 )
- {
- n = ( filesize - offset > 16 ) ? 16 : (int)
- ( filesize - offset );
-
- if( fread( buffer, 1, n, fin ) != (size_t) n )
- {
- mbedtls_fprintf( stderr, "fread(%u bytes) failed\n", n );
- goto exit;
- }
-
- for( i = 0; i < 16; i++ )
- buffer[i] = (unsigned char)( buffer[i] ^ IV[i] );
-
- mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, buffer, buffer );
- mbedtls_md_hmac_update( &sha_ctx, buffer, 16 );
-
- if( fwrite( buffer, 1, 16, fout ) != 16 )
- {
- mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
- goto exit;
- }
-
- memcpy( IV, buffer, 16 );
- }
-
- /*
- * Finally write the HMAC.
- */
- mbedtls_md_hmac_finish( &sha_ctx, digest );
-
- if( fwrite( digest, 1, 32, fout ) != 32 )
- {
- mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
- goto exit;
- }
- }
-
- if( mode == MODE_DECRYPT )
- {
- /*
- * The encrypted file must be structured as follows:
- *
- * 00 .. 15 Initialization Vector
- * 16 .. 31 AES Encrypted Block #1
- * ..
- * N*16 .. (N+1)*16 - 1 AES Encrypted Block #N
- * (N+1)*16 .. (N+1)*16 + 32 HMAC-SHA-256(ciphertext)
- */
- if( filesize < 48 )
- {
- mbedtls_fprintf( stderr, "File too short to be encrypted.\n" );
- goto exit;
- }
-
- if( ( filesize & 0x0F ) != 0 )
- {
- mbedtls_fprintf( stderr, "File size not a multiple of 16.\n" );
- goto exit;
- }
-
- /*
- * Subtract the IV + HMAC length.
- */
- filesize -= ( 16 + 32 );
-
- /*
- * Read the IV and original filesize modulo 16.
- */
- if( fread( buffer, 1, 16, fin ) != 16 )
- {
- mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
- goto exit;
- }
-
- memcpy( IV, buffer, 16 );
- lastn = IV[15] & 0x0F;
-
- /*
- * Hash the IV and the secret key together 8192 times
- * using the result to setup the AES context and HMAC.
- */
- memset( digest, 0, 32 );
- memcpy( digest, IV, 16 );
-
- for( i = 0; i < 8192; i++ )
- {
- mbedtls_md_starts( &sha_ctx );
- mbedtls_md_update( &sha_ctx, digest, 32 );
- mbedtls_md_update( &sha_ctx, key, keylen );
- mbedtls_md_finish( &sha_ctx, digest );
- }
-
- mbedtls_aes_setkey_dec( &aes_ctx, digest, 256 );
- mbedtls_md_hmac_starts( &sha_ctx, digest, 32 );
-
- /*
- * Decrypt and write the plaintext.
- */
- for( offset = 0; offset < filesize; offset += 16 )
- {
- if( fread( buffer, 1, 16, fin ) != 16 )
- {
- mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
- goto exit;
- }
-
- memcpy( tmp, buffer, 16 );
-
- mbedtls_md_hmac_update( &sha_ctx, buffer, 16 );
- mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_DECRYPT, buffer, buffer );
-
- for( i = 0; i < 16; i++ )
- buffer[i] = (unsigned char)( buffer[i] ^ IV[i] );
-
- memcpy( IV, tmp, 16 );
-
- n = ( lastn > 0 && offset == filesize - 16 )
- ? lastn : 16;
-
- if( fwrite( buffer, 1, n, fout ) != (size_t) n )
- {
- mbedtls_fprintf( stderr, "fwrite(%u bytes) failed\n", n );
- goto exit;
- }
- }
-
- /*
- * Verify the message authentication code.
- */
- mbedtls_md_hmac_finish( &sha_ctx, digest );
-
- if( fread( buffer, 1, 32, fin ) != 32 )
- {
- mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 32 );
- goto exit;
- }
-
- /* Use constant-time buffer comparison */
- diff = 0;
- for( i = 0; i < 32; i++ )
- diff |= digest[i] ^ buffer[i];
-
- if( diff != 0 )
- {
- mbedtls_fprintf( stderr, "HMAC check failed: wrong key, "
- "or file corrupted.\n" );
- goto exit;
- }
- }
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
- if( fin )
- fclose( fin );
- if( fout )
- fclose( fout );
-
- /* Zeroize all command line arguments to also cover
- the case when the user has missed or reordered some,
- in which case the key might not be in argv[4]. */
- for( i = 0; i < (unsigned int) argc; i++ )
- mbedtls_platform_zeroize( argv[i], strlen( argv[i] ) );
-
- mbedtls_platform_zeroize( IV, sizeof( IV ) );
- mbedtls_platform_zeroize( key, sizeof( key ) );
- mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
- mbedtls_platform_zeroize( buffer, sizeof( buffer ) );
- mbedtls_platform_zeroize( digest, sizeof( digest ) );
-
- mbedtls_aes_free( &aes_ctx );
- mbedtls_md_free( &sha_ctx );
-
- mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_AES_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */
diff --git a/programs/fuzz/.gitignore b/programs/fuzz/.gitignore
index 6fcc004..5dc0960 100644
--- a/programs/fuzz/.gitignore
+++ b/programs/fuzz/.gitignore
@@ -1,4 +1,3 @@
-*.o
fuzz_client
fuzz_dtlsclient
fuzz_dtlsserver
diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt
index f0e5705..fd55e31 100644
--- a/programs/fuzz/CMakeLists.txt
+++ b/programs/fuzz/CMakeLists.txt
@@ -32,20 +32,24 @@
foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-
- if (NOT FUZZINGENGINE_LIB)
- target_link_libraries(${exe} ${libs})
- set_property(TARGET ${exe} APPEND PROPERTY SOURCES onefile.c)
- else()
- target_link_libraries(${exe} ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
+ set(exe_sources ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ if(NOT FUZZINGENGINE_LIB)
+ list(APPEND exe_sources onefile.c)
endif()
# This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
list(FIND executables_with_common_c ${exe} exe_index)
- if (${exe_index} GREATER -1)
- set_property(TARGET ${exe} APPEND PROPERTY SOURCES common.c)
+ if(${exe_index} GREATER -1)
+ list(APPEND exe_sources common.c)
+ endif()
+
+ add_executable(${exe} ${exe_sources})
+
+ if (NOT FUZZINGENGINE_LIB)
+ target_link_libraries(${exe} ${libs})
+ else()
+ target_link_libraries(${exe} ${libs} FuzzingEngine)
+ SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
endif()
endforeach()
diff --git a/programs/fuzz/Makefile b/programs/fuzz/Makefile
index fa17918..084fc24 100644
--- a/programs/fuzz/Makefile
+++ b/programs/fuzz/Makefile
@@ -20,8 +20,6 @@
DLEXT ?= so
EXEXT=
SHARED_SUFFIX=
-# python2 for POSIX since FreeBSD has only python2 as default.
-PYTHON ?= python2
# Zlib shared library extensions:
ifdef ZLIB
diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index d165d2e..935d657 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -159,7 +159,7 @@
cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ),
key_bits = 256,
part_size = block_size,
};
@@ -207,7 +207,7 @@
static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ),
key_bits = 256,
input_size = 100,
part_size = 10,
@@ -255,7 +255,7 @@
static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ),
key_bits = 256,
input_size = 100,
part_size = 10,
diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
index 47d5de6..5d64349 100644
--- a/programs/psa/key_ladder_demo.c
+++ b/programs/psa/key_ladder_demo.c
@@ -365,6 +365,8 @@
psa_status_t status;
FILE *input_file = NULL;
FILE *output_file = NULL;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_type_t key_type;
long input_position;
size_t input_size;
size_t buffer_size = 0;
@@ -385,7 +387,10 @@
}
#endif
input_size = input_position;
- buffer_size = PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, input_size );
+ PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes ) );
+ key_type = psa_get_key_type( &attributes );
+ buffer_size =
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, input_size );
/* Check for integer overflow. */
if( buffer_size < input_size )
{
@@ -442,6 +447,8 @@
psa_status_t status;
FILE *input_file = NULL;
FILE *output_file = NULL;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_type_t key_type;
unsigned char *buffer = NULL;
size_t ciphertext_size = 0;
size_t plaintext_size;
@@ -465,8 +472,10 @@
status = DEMO_ERROR;
goto exit;
}
+ PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes) );
+ key_type = psa_get_key_type( &attributes);
ciphertext_size =
- PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, header.payload_size );
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, header.payload_size );
/* Check for integer overflow. */
if( ciphertext_size < header.payload_size )
{
diff --git a/programs/psa/psa_constant_names_generated.c b/programs/psa/psa_constant_names_generated.c
index a9568f3..bebb97c 100644
--- a/programs/psa/psa_constant_names_generated.c
+++ b/programs/psa/psa_constant_names_generated.c
@@ -8,6 +8,8 @@
case PSA_ERROR_BUFFER_TOO_SMALL: return "PSA_ERROR_BUFFER_TOO_SMALL";
case PSA_ERROR_COMMUNICATION_FAILURE: return "PSA_ERROR_COMMUNICATION_FAILURE";
case PSA_ERROR_CORRUPTION_DETECTED: return "PSA_ERROR_CORRUPTION_DETECTED";
+ case PSA_ERROR_DATA_CORRUPT: return "PSA_ERROR_DATA_CORRUPT";
+ case PSA_ERROR_DATA_INVALID: return "PSA_ERROR_DATA_INVALID";
case PSA_ERROR_DOES_NOT_EXIST: return "PSA_ERROR_DOES_NOT_EXIST";
case PSA_ERROR_GENERIC_ERROR: return "PSA_ERROR_GENERIC_ERROR";
case PSA_ERROR_HARDWARE_FAILURE: return "PSA_ERROR_HARDWARE_FAILURE";
@@ -38,6 +40,7 @@
case PSA_ECC_FAMILY_SECT_K1: return "PSA_ECC_FAMILY_SECT_K1";
case PSA_ECC_FAMILY_SECT_R1: return "PSA_ECC_FAMILY_SECT_R1";
case PSA_ECC_FAMILY_SECT_R2: return "PSA_ECC_FAMILY_SECT_R2";
+ case PSA_ECC_FAMILY_TWISTED_EDWARDS: return "PSA_ECC_FAMILY_TWISTED_EDWARDS";
default: return NULL;
}
}
@@ -64,6 +67,7 @@
case PSA_ALG_SHA3_256: return "PSA_ALG_SHA3_256";
case PSA_ALG_SHA3_384: return "PSA_ALG_SHA3_384";
case PSA_ALG_SHA3_512: return "PSA_ALG_SHA3_512";
+ case PSA_ALG_SHAKE256_512: return "PSA_ALG_SHAKE256_512";
case PSA_ALG_SHA_1: return "PSA_ALG_SHA_1";
case PSA_ALG_SHA_224: return "PSA_ALG_SHA_224";
case PSA_ALG_SHA_256: return "PSA_ALG_SHA_256";
@@ -148,20 +152,28 @@
unsigned long length_modifier = NO_LENGTH_MODIFIER;
if (PSA_ALG_IS_MAC(alg)) {
core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0);
- if (core_alg != alg) {
+ if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) {
+ append(&buffer, buffer_size, &required_size,
+ "PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(", 33);
+ length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
+ } else if (core_alg != alg) {
append(&buffer, buffer_size, &required_size,
"PSA_ALG_TRUNCATED_MAC(", 22);
length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
}
} else if (PSA_ALG_IS_AEAD(alg)) {
- core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg);
+ core_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg);
if (core_alg == 0) {
/* For unknown AEAD algorithms, there is no "default tag length". */
core_alg = alg;
+ } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) {
+ append(&buffer, buffer_size, &required_size,
+ "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43);
+ length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg);
} else if (core_alg != alg) {
append(&buffer, buffer_size, &required_size,
- "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29);
- length_modifier = PSA_AEAD_TAG_LENGTH(alg);
+ "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32);
+ length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg);
}
} else if (PSA_ALG_IS_KEY_AGREEMENT(alg) &&
!PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) {
@@ -175,7 +187,6 @@
}
switch (core_alg) {
case PSA_ALG_ANY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ANY_HASH", 16); break;
- case PSA_ALG_ARC4: append(&buffer, buffer_size, &required_size, "PSA_ALG_ARC4", 12); break;
case PSA_ALG_CATEGORY_AEAD: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_AEAD", 21); break;
case PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION", 38); break;
case PSA_ALG_CATEGORY_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_CIPHER", 23); break;
@@ -189,7 +200,6 @@
case PSA_ALG_CBC_PKCS7: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_PKCS7", 17); break;
case PSA_ALG_CCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_CCM", 11); break;
case PSA_ALG_CFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_CFB", 11); break;
- case PSA_ALG_CHACHA20: append(&buffer, buffer_size, &required_size, "PSA_ALG_CHACHA20", 16); break;
case PSA_ALG_CHACHA20_POLY1305: append(&buffer, buffer_size, &required_size, "PSA_ALG_CHACHA20_POLY1305", 25); break;
case PSA_ALG_CIPHER_MAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_CIPHER_MAC_BASE", 23); break;
case PSA_ALG_CMAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CMAC", 12); break;
@@ -200,14 +210,18 @@
case PSA_ALG_ECB_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECB_NO_PADDING", 22); break;
case PSA_ALG_ECDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDH", 12); break;
case PSA_ALG_ECDSA_ANY: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDSA_ANY", 17); break;
+ case PSA_ALG_ED25519PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED25519PH", 17); break;
+ case PSA_ALG_ED448PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED448PH", 15); break;
case PSA_ALG_FFDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_FFDH", 12); break;
case PSA_ALG_GCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_GCM", 11); break;
+ case PSA_ALG_HASH_EDDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HASH_EDDSA_BASE", 23); break;
case PSA_ALG_HKDF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HKDF_BASE", 17); break;
case PSA_ALG_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HMAC_BASE", 17); break;
case PSA_ALG_MD2: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD2", 11); break;
case PSA_ALG_MD4: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD4", 11); break;
case PSA_ALG_MD5: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD5", 11); break;
case PSA_ALG_OFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_OFB", 11); break;
+ case PSA_ALG_PURE_EDDSA: append(&buffer, buffer_size, &required_size, "PSA_ALG_PURE_EDDSA", 18); break;
case PSA_ALG_RIPEMD160: append(&buffer, buffer_size, &required_size, "PSA_ALG_RIPEMD160", 17); break;
case PSA_ALG_RSA_OAEP_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_OAEP_BASE", 21); break;
case PSA_ALG_RSA_PKCS1V15_CRYPT: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_CRYPT", 26); break;
@@ -217,6 +231,7 @@
case PSA_ALG_SHA3_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_256", 16); break;
case PSA_ALG_SHA3_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_384", 16); break;
case PSA_ALG_SHA3_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_512", 16); break;
+ case PSA_ALG_SHAKE256_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHAKE256_512", 20); break;
case PSA_ALG_SHA_1: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_1", 13); break;
case PSA_ALG_SHA_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_224", 15); break;
case PSA_ALG_SHA_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_256", 15); break;
@@ -224,6 +239,7 @@
case PSA_ALG_SHA_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512", 15); break;
case PSA_ALG_SHA_512_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_224", 19); break;
case PSA_ALG_SHA_512_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_256", 19); break;
+ case PSA_ALG_STREAM_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_STREAM_CIPHER", 21); break;
case PSA_ALG_TLS12_PRF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PRF_BASE", 22); break;
case PSA_ALG_TLS12_PSK_TO_MS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PSK_TO_MS_BASE", 28); break;
case PSA_ALG_XTS: append(&buffer, buffer_size, &required_size, "PSA_ALG_XTS", 11); break;
@@ -378,6 +394,13 @@
append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_HASH", 23);
usage ^= PSA_KEY_USAGE_SIGN_HASH;
}
+ if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) {
+ if (required_size != 0) {
+ append(&buffer, buffer_size, &required_size, " | ", 3);
+ }
+ append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_MESSAGE", 26);
+ usage ^= PSA_KEY_USAGE_SIGN_MESSAGE;
+ }
if (usage & PSA_KEY_USAGE_VERIFY_HASH) {
if (required_size != 0) {
append(&buffer, buffer_size, &required_size, " | ", 3);
@@ -385,6 +408,13 @@
append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_HASH", 25);
usage ^= PSA_KEY_USAGE_VERIFY_HASH;
}
+ if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) {
+ if (required_size != 0) {
+ append(&buffer, buffer_size, &required_size, " | ", 3);
+ }
+ append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_MESSAGE", 28);
+ usage ^= PSA_KEY_USAGE_VERIFY_MESSAGE;
+ }
if (usage != 0) {
if (required_size != 0) {
append(&buffer, buffer_size, &required_size, " | ", 3);
diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c
index ccca7f3..e82e627 100644
--- a/programs/random/gen_random_havege.c
+++ b/programs/random/gen_random_havege.c
@@ -81,7 +81,7 @@
if( ( ret = mbedtls_havege_random( &hs, buf, sizeof( buf ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_havege_random returned -0x%04X",
- -ret );
+ ( unsigned int ) -ret );
goto exit;
}
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index 149aa30..dfc16a5 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -27,13 +27,21 @@
)
foreach(exe IN LISTS executables)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ set(extra_sources "")
+ if(exe STREQUAL "ssl_client2" OR exe STREQUAL "ssl_server2")
+ list(APPEND extra_sources
+ ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+ endif()
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
+ ${extra_sources})
target_link_libraries(${exe} ${libs})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
-set_property(TARGET ssl_client2 APPEND PROPERTY SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
-set_property(TARGET ssl_server2 APPEND PROPERTY SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+set_property(TARGET ssl_client2 APPEND PROPERTY SOURCES
+ ssl_test_lib.c ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+set_property(TARGET ssl_server2 APPEND PROPERTY SOURCES
+ ssl_test_lib.c ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
if(THREADS_FOUND)
add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index 03a06ff..8c302a0 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -191,6 +191,7 @@
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_read_timeout( &conf, READ_TIMEOUT_MS );
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index 22e3fc5..5f71ec9 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -87,7 +87,7 @@
#include "mbedtls/ssl_cache.h"
#endif
-#define READ_TIMEOUT_MS 10000 /* 5 seconds */
+#define READ_TIMEOUT_MS 10000 /* 10 seconds */
#define DEBUG_LEVEL 0
@@ -223,6 +223,7 @@
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_read_timeout( &conf, READ_TIMEOUT_MS );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_conf_session_cache( &conf, &cache,
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index fc69061..3937981 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -17,68 +17,21 @@
* limitations under the License.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "ssl_test_lib.h"
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_time time
-#define mbedtls_time_t time_t
-#define mbedtls_printf printf
-#define mbedtls_fprintf fprintf
-#define mbedtls_snprintf snprintf
-#define mbedtls_calloc calloc
-#define mbedtls_free free
-#define mbedtls_exit exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
- !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
- defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+#if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
int main( void )
{
- mbedtls_printf( "MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
- "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined "
- " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" );
+ mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE );
mbedtls_exit( 0 );
}
-#else
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/error.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/base64.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-
-#include <test/helpers.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
+#elif !defined(MBEDTLS_SSL_CLI_C)
+int main( void )
+{
+ mbedtls_printf( "MBEDTLS_SSL_CLI_C not defined.\n" );
+ mbedtls_exit( 0 );
+}
+#else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
/* Size of memory to be allocated for the heap, when using the library's memory
* management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
@@ -568,425 +521,7 @@
const char *mki; /* The dtls mki value to use */
} opt;
-int query_config( const char *config );
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-typedef struct eap_tls_keys
-{
- unsigned char master_secret[48];
- unsigned char randbytes[64];
- mbedtls_tls_prf_types tls_prf_type;
-} eap_tls_keys;
-
-static int eap_tls_key_derivation ( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
-
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
- memcpy( keys->randbytes, client_random, 32 );
- memcpy( keys->randbytes + 32, server_random, 32 );
- keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
- mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
- mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
- }
- return( 0 );
-}
-
-static int nss_keylog_export( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- char nss_keylog_line[ 200 ];
- size_t const client_random_len = 32;
- size_t const master_secret_len = 48;
- size_t len = 0;
- size_t j;
- int ret = 0;
-
- ((void) p_expkey);
- ((void) kb);
- ((void) maclen);
- ((void) keylen);
- ((void) ivlen);
- ((void) server_random);
- ((void) tls_prf_type);
-
- len += sprintf( nss_keylog_line + len,
- "%s", "CLIENT_RANDOM " );
-
- for( j = 0; j < client_random_len; j++ )
- {
- len += sprintf( nss_keylog_line + len,
- "%02x", client_random[j] );
- }
-
- len += sprintf( nss_keylog_line + len, " " );
-
- for( j = 0; j < master_secret_len; j++ )
- {
- len += sprintf( nss_keylog_line + len,
- "%02x", ms[j] );
- }
-
- len += sprintf( nss_keylog_line + len, "\n" );
- nss_keylog_line[ len ] = '\0';
-
- mbedtls_printf( "\n" );
- mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
- mbedtls_printf( "%s", nss_keylog_line );
- mbedtls_printf( "---------------------------------------------\n" );
-
- if( opt.nss_keylog_file != NULL )
- {
- FILE *f;
-
- if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
- {
- ret = -1;
- goto exit;
- }
-
- if( fwrite( nss_keylog_line, 1, len, f ) != len )
- {
- ret = -1;
- fclose( f );
- goto exit;
- }
-
- fclose( f );
- }
-
-exit:
- mbedtls_platform_zeroize( nss_keylog_line,
- sizeof( nss_keylog_line ) );
- return( ret );
-}
-
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-/* Supported SRTP mode needs a maximum of :
- * - 16 bytes for key (AES-128)
- * - 14 bytes SALT
- * One for sender, one for receiver context
- */
-#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
-typedef struct dtls_srtp_keys
-{
- unsigned char master_secret[48];
- unsigned char randbytes[64];
- mbedtls_tls_prf_types tls_prf_type;
-} dtls_srtp_keys;
-
-static int dtls_srtp_key_derivation( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
-
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
- memcpy( keys->randbytes, client_random, 32 );
- memcpy( keys->randbytes + 32, server_random, 32 );
- keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
- mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
- mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
- }
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-static void my_debug( void *ctx, int level,
- const char *file, int line,
- const char *str )
-{
- const char *p, *basename;
-
- /* Extract basename from file */
- for( p = basename = file; *p != '\0'; p++ )
- if( *p == '/' || *p == '\\' )
- basename = p + 1;
-
- mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s",
- basename, line, level, str );
- fflush( (FILE *) ctx );
-}
-
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
-{
- (void) time;
- return 0x5af2a056;
-}
-
-int dummy_entropy( void *data, unsigned char *output, size_t len )
-{
- size_t i;
- int ret;
- (void) data;
-
- ret = mbedtls_entropy_func( data, output, len );
- for ( i = 0; i < len; i++ )
- {
- //replace result with pseudo random
- output[i] = (unsigned char) rand();
- }
- return( ret );
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-int ca_callback( void *data, mbedtls_x509_crt const *child,
- mbedtls_x509_crt **candidates )
-{
- int ret = 0;
- mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
- mbedtls_x509_crt *first;
-
- /* This is a test-only implementation of the CA callback
- * which always returns the entire list of trusted certificates.
- * Production implementations managing a large number of CAs
- * should use an efficient presentation and lookup for the
- * set of trusted certificates (such as a hashtable) and only
- * return those trusted certificates which satisfy basic
- * parental checks, such as the matching of child `Issuer`
- * and parent `Subject` field or matching key identifiers. */
- ((void) child);
-
- first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
- if( first == NULL )
- {
- ret = -1;
- goto exit;
- }
- mbedtls_x509_crt_init( first );
-
- if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
- {
- ret = -1;
- goto exit;
- }
-
- while( ca->next != NULL )
- {
- ca = ca->next;
- if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
- {
- ret = -1;
- goto exit;
- }
- }
-
-exit:
-
- if( ret != 0 )
- {
- mbedtls_x509_crt_free( first );
- mbedtls_free( first );
- first = NULL;
- }
-
- *candidates = first;
- return( ret );
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-/*
- * Test recv/send functions that make sure each try returns
- * WANT_READ/WANT_WRITE at least once before sucesseding
- */
-
-static int delayed_recv( void *ctx, unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( MBEDTLS_ERR_SSL_WANT_READ );
- }
-
- ret = mbedtls_net_recv( ctx, buf, len );
- if( ret != MBEDTLS_ERR_SSL_WANT_READ )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-static int delayed_send( void *ctx, const unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( MBEDTLS_ERR_SSL_WANT_WRITE );
- }
-
- ret = mbedtls_net_send( ctx, buf, len );
- if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-typedef struct
-{
- mbedtls_ssl_context *ssl;
- mbedtls_net_context *net;
-} io_ctx_t;
-
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-static int ssl_check_record( mbedtls_ssl_context const *ssl,
- unsigned char const *buf, size_t len )
-{
- int ret;
- unsigned char *tmp_buf;
-
- tmp_buf = mbedtls_calloc( 1, len );
- if( tmp_buf == NULL )
- return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
- memcpy( tmp_buf, buf, len );
-
- ret = mbedtls_ssl_check_record( ssl, tmp_buf, len );
- if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
- {
- int ret_repeated;
-
- /* Test-only: Make sure that mbedtls_ssl_check_record()
- * doesn't alter state. */
- memcpy( tmp_buf, buf, len ); /* Restore buffer */
- ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len );
- if( ret != ret_repeated )
- {
- mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
- return( -1 );
- }
-
- switch( ret )
- {
- case 0:
- break;
-
- case MBEDTLS_ERR_SSL_INVALID_RECORD:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
- break;
-
- case MBEDTLS_ERR_SSL_INVALID_MAC:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
- break;
-
- case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
- break;
-
- default:
- mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
- return( -1 );
- }
-
- /* Regardless of the outcome, forward the record to the stack. */
- }
-
- mbedtls_free( tmp_buf );
-
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-
-static int recv_cb( void *ctx, unsigned char *buf, size_t len )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
- size_t recv_len;
- int ret;
-
- if( opt.nbio == 2 )
- ret = delayed_recv( io_ctx->net, buf, len );
- else
- ret = mbedtls_net_recv( io_ctx->net, buf, len );
- if( ret < 0 )
- return( ret );
- recv_len = (size_t) ret;
-
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- {
- /* Here's the place to do any datagram/record checking
- * in between receiving the packet from the underlying
- * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
- if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
- return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
- }
-
- return( (int) recv_len );
-}
-
-static int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
- uint32_t timeout )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
- int ret;
- size_t recv_len;
-
- ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
- if( ret < 0 )
- return( ret );
- recv_len = (size_t) ret;
-
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- {
- /* Here's the place to do any datagram/record checking
- * in between receiving the packet from the underlying
- * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
- if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
- return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
- }
-
- return( (int) recv_len );
-}
-
-static int send_cb( void *ctx, unsigned char const *buf, size_t len )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-
- if( opt.nbio == 2 )
- return( delayed_send( io_ctx->net, buf, len ) );
-
- return( mbedtls_net_send( io_ctx->net, buf, len ) );
-}
+#include "ssl_test_common_source.c"
#if defined(MBEDTLS_X509_CRT_PARSE_C)
static unsigned char peer_crt_info[1024];
@@ -1020,75 +555,8 @@
return( 0 );
}
-
-static int ssl_sig_hashes_for_test[] = {
-#if defined(MBEDTLS_SHA512_C)
- MBEDTLS_MD_SHA512,
- MBEDTLS_MD_SHA384,
-#endif
-#if defined(MBEDTLS_SHA256_C)
- MBEDTLS_MD_SHA256,
- MBEDTLS_MD_SHA224,
-#endif
-#if defined(MBEDTLS_SHA1_C)
- /* Allow SHA-1 as we use it extensively in tests. */
- MBEDTLS_MD_SHA1,
-#endif
- MBEDTLS_MD_NONE
-};
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-/*
- * Wait for an event from the underlying transport or the timer
- * (Used in event-driven IO mode).
- */
-#if !defined(MBEDTLS_TIMING_C)
-int idle( mbedtls_net_context *fd,
- int idle_reason )
-#else
-int idle( mbedtls_net_context *fd,
- mbedtls_timing_delay_context *timer,
- int idle_reason )
-#endif
-{
-
- int ret;
- int poll_type = 0;
-
- if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
- poll_type = MBEDTLS_NET_POLL_WRITE;
- else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
- poll_type = MBEDTLS_NET_POLL_READ;
-#if !defined(MBEDTLS_TIMING_C)
- else
- return( 0 );
-#endif
-
- while( 1 )
- {
- /* Check if timer has expired */
-#if defined(MBEDTLS_TIMING_C)
- if( timer != NULL &&
- mbedtls_timing_get_delay( timer ) == 2 )
- {
- break;
- }
-#endif /* MBEDTLS_TIMING_C */
-
- /* Check if underlying transport became available */
- if( poll_type != 0 )
- {
- ret = mbedtls_net_poll( fd, poll_type, 0 );
- if( ret < 0 )
- return( ret );
- if( ret == poll_type )
- break;
- }
- }
-
- return( 0 );
-}
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage( mbedtls_ssl_context *ssl,
const char *additional_description )
@@ -1218,8 +686,7 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
+ rng_context_t rng;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_ssl_session saved_session;
@@ -1236,7 +703,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_key_id_t key_slot = 0; /* invalid key slot */
#endif
-#endif
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
char *p, *q;
const int *list;
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
@@ -1267,6 +734,10 @@
mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
#endif
+#if defined(MBEDTLS_TEST_HOOKS)
+ test_hooks_init( );
+#endif /* MBEDTLS_TEST_HOOKS */
+
/*
* Make sure memory references are valid.
*/
@@ -1274,7 +745,7 @@
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
- mbedtls_ctr_drbg_init( &ctr_drbg );
+ rng_init( &rng );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
@@ -1293,7 +764,10 @@
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
goto exit;
}
-#endif
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ mbedtls_test_enable_insecure_external_rng( );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
if( argc == 0 )
{
@@ -2066,31 +1540,9 @@
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- mbedtls_entropy_init( &entropy );
- if (opt.reproducible)
- {
- srand( 1 );
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- (unsigned int) -ret );
- goto exit;
- }
- }
- else
- {
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- (unsigned int) -ret );
- goto exit;
- }
- }
-
+ ret = rng_seed( &rng, opt.reproducible, pers );
+ if( ret != 0 )
+ goto exit;
mbedtls_printf( " ok\n" );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -2215,7 +1667,7 @@
PSA_ALG_SHA_256 ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
- "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", -ret );
+ "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
}
@@ -2339,12 +1791,12 @@
#endif
#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ const mbedtls_ssl_srtp_profile forced_profile[] =
+ { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
if( opt.use_srtp == 1 )
{
if( opt.force_srtp_profile != 0 )
{
- const mbedtls_ssl_srtp_profile forced_profile[] =
- { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, forced_profile );
}
else
@@ -2434,9 +1886,9 @@
#else
fprintf( stderr, "Warning: reproducible option used without constant time\n" );
#endif
-#endif
+#endif /* MBEDTLS_HAVE_TIME */
}
- mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_rng( &conf, rng_get, &rng );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
@@ -2480,7 +1932,7 @@
goto exit;
}
}
-#endif
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_ECP_C)
if( opt.curves != NULL &&
@@ -3552,20 +3004,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key( key_slot );
#endif
-#endif
- mbedtls_ssl_session_free( &saved_session );
- mbedtls_ssl_free( &ssl );
- mbedtls_ssl_config_free( &conf );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy );
- if( session_data != NULL )
- mbedtls_platform_zeroize( session_data, session_data_len );
- mbedtls_free( session_data );
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
- if( context_buf != NULL )
- mbedtls_platform_zeroize( context_buf, context_buf_len );
- mbedtls_free( context_buf );
-#endif
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -3588,12 +3027,39 @@
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
MBEDTLS_USE_PSA_CRYPTO */
+ mbedtls_ssl_session_free( &saved_session );
+ mbedtls_ssl_free( &ssl );
+ mbedtls_ssl_config_free( &conf );
+ rng_free( &rng );
+ if( session_data != NULL )
+ mbedtls_platform_zeroize( session_data, session_data_len );
+ mbedtls_free( session_data );
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+ if( context_buf != NULL )
+ mbedtls_platform_zeroize( context_buf, context_buf_len );
+ mbedtls_free( context_buf );
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ mbedtls_psa_crypto_free( );
+#endif
+
+#if defined(MBEDTLS_TEST_HOOKS)
+ if( test_hooks_failure_detected( ) )
+ {
+ if( ret == 0 )
+ ret = 1;
+ mbedtls_printf( "Test hooks detected errors.\n" );
+ }
+ test_hooks_free( );
+#endif /* MBEDTLS_TEST_HOOKS */
+
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_memory_buffer_alloc_status();
#endif
mbedtls_memory_buffer_alloc_free();
-#endif
+#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
#if defined(_WIN32)
if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
@@ -3612,6 +3078,4 @@
else
mbedtls_exit( query_config_ret );
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
- MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
- MBEDTLS_CTR_DRBG_C MBEDTLS_TIMING_C */
+#endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index c8ab215..c4c6ef1 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -142,7 +142,7 @@
if( ( ret = mbedtls_ssl_setup( &ssl, thread_info->config ) ) != 0 )
{
mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n",
- thread_id, -ret );
+ thread_id, ( unsigned int ) -ret );
goto thread_exit;
}
@@ -158,7 +158,7 @@
if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
{
mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n",
- thread_id, -ret );
+ thread_id, ( unsigned int ) -ret );
goto thread_exit;
}
}
@@ -195,7 +195,7 @@
default:
mbedtls_printf( " [ #%ld ] mbedtls_ssl_read returned -0x%04x\n",
- thread_id, -ret );
+ thread_id, ( unsigned int ) -ret );
goto thread_exit;
}
}
@@ -229,7 +229,7 @@
if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
{
mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n",
- thread_id, ret );
+ thread_id, ( unsigned int ) ret );
goto thread_exit;
}
}
@@ -246,7 +246,7 @@
ret != MBEDTLS_ERR_SSL_WANT_WRITE )
{
mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n",
- thread_id, ret );
+ thread_id, ( unsigned int ) ret );
goto thread_exit;
}
}
@@ -263,7 +263,7 @@
char error_buf[100];
mbedtls_strerror( ret, error_buf, 100 );
mbedtls_printf(" [ #%ld ] Last error was: -0x%04x - %s\n\n",
- thread_id, -ret, error_buf );
+ thread_id, ( unsigned int ) -ret, error_buf );
}
#endif
@@ -408,7 +408,7 @@
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
- -ret );
+ ( unsigned int ) -ret );
goto exit;
}
@@ -425,7 +425,7 @@
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
{
mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
- -ret );
+ ( unsigned int ) -ret );
goto exit;
}
@@ -470,7 +470,8 @@
{
char error_buf[100];
mbedtls_strerror( ret, error_buf, 100 );
- mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf );
+ mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", ( unsigned int ) -ret,
+ error_buf );
}
#endif
@@ -482,7 +483,8 @@
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
- mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret );
+ mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n",
+ ( unsigned int ) ret );
goto exit;
}
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index ceeb224..bd4dbb6 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -17,64 +17,22 @@
* limitations under the License.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "ssl_test_lib.h"
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_calloc calloc
-#define mbedtls_free free
-#define mbedtls_time time
-#define mbedtls_time_t time_t
-#define mbedtls_calloc calloc
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#define mbedtls_exit exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \
- !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
- defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+#if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
int main( void )
{
- mbedtls_printf( "MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
- "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined "
- " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" );
+ mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE );
mbedtls_exit( 0 );
}
-#else
+#elif !defined(MBEDTLS_SSL_SRV_C)
+int main( void )
+{
+ mbedtls_printf( "MBEDTLS_SSL_SRV_C not defined.\n" );
+ mbedtls_exit( 0 );
+}
+#else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/error.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/base64.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-
-#include <test/helpers.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
#include <stdint.h>
#if !defined(_MSC_VER)
@@ -97,10 +55,6 @@
#include "mbedtls/ssl_cookie.h"
#endif
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO)
#define SNI_OPTION
#endif
@@ -670,424 +624,7 @@
int support_mki; /* The dtls mki mki support */
} opt;
-int query_config( const char *config );
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-typedef struct eap_tls_keys
-{
- unsigned char master_secret[48];
- unsigned char randbytes[64];
- mbedtls_tls_prf_types tls_prf_type;
-} eap_tls_keys;
-
-static int eap_tls_key_derivation ( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
-
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
- memcpy( keys->randbytes, client_random, 32 );
- memcpy( keys->randbytes + 32, server_random, 32 );
- keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
- mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
- mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
- }
- return( 0 );
-}
-
-static int nss_keylog_export( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- char nss_keylog_line[ 200 ];
- size_t const client_random_len = 32;
- size_t const master_secret_len = 48;
- size_t len = 0;
- size_t j;
- int ret = 0;
-
- ((void) p_expkey);
- ((void) kb);
- ((void) maclen);
- ((void) keylen);
- ((void) ivlen);
- ((void) server_random);
- ((void) tls_prf_type);
-
- len += sprintf( nss_keylog_line + len,
- "%s", "CLIENT_RANDOM " );
-
- for( j = 0; j < client_random_len; j++ )
- {
- len += sprintf( nss_keylog_line + len,
- "%02x", client_random[j] );
- }
-
- len += sprintf( nss_keylog_line + len, " " );
-
- for( j = 0; j < master_secret_len; j++ )
- {
- len += sprintf( nss_keylog_line + len,
- "%02x", ms[j] );
- }
-
- len += sprintf( nss_keylog_line + len, "\n" );
- nss_keylog_line[ len ] = '\0';
-
- mbedtls_printf( "\n" );
- mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
- mbedtls_printf( "%s", nss_keylog_line );
- mbedtls_printf( "---------------------------------------------\n" );
-
- if( opt.nss_keylog_file != NULL )
- {
- FILE *f;
-
- if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
- {
- ret = -1;
- goto exit;
- }
-
- if( fwrite( nss_keylog_line, 1, len, f ) != len )
- {
- ret = -1;
- fclose( f );
- goto exit;
- }
-
- fclose( f );
- }
-
-exit:
- mbedtls_platform_zeroize( nss_keylog_line,
- sizeof( nss_keylog_line ) );
- return( ret );
-}
-
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-/* Supported SRTP mode needs a maximum of :
- * - 16 bytes for key (AES-128)
- * - 14 bytes SALT
- * One for sender, one for receiver context
- */
-#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
-typedef struct dtls_srtp_keys
-{
- unsigned char master_secret[48];
- unsigned char randbytes[64];
- mbedtls_tls_prf_types tls_prf_type;
-} dtls_srtp_keys;
-
-static int dtls_srtp_key_derivation( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
-
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
- memcpy( keys->randbytes, client_random, 32 );
- memcpy( keys->randbytes + 32, server_random, 32 );
- keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
- mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
- mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
- }
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-static void my_debug( void *ctx, int level,
- const char *file, int line,
- const char *str )
-{
- const char *p, *basename;
-
- /* Extract basename from file */
- for( p = basename = file; *p != '\0'; p++ )
- if( *p == '/' || *p == '\\' )
- basename = p + 1;
-
- mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", basename, line, level, str );
- fflush( (FILE *) ctx );
-}
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
-{
- (void) time;
- return 0x5af2a056;
-}
-
-int dummy_entropy( void *data, unsigned char *output, size_t len )
-{
- size_t i;
- int ret;
- (void) data;
-
- ret = mbedtls_entropy_func( data, output, len );
- for (i = 0; i < len; i++ ) {
- //replace result with pseudo random
- output[i] = (unsigned char) rand();
- }
- return( ret );
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-int ca_callback( void *data, mbedtls_x509_crt const *child,
- mbedtls_x509_crt **candidates)
-{
- int ret = 0;
- mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
- mbedtls_x509_crt *first;
-
- /* This is a test-only implementation of the CA callback
- * which always returns the entire list of trusted certificates.
- * Production implementations managing a large number of CAs
- * should use an efficient presentation and lookup for the
- * set of trusted certificates (such as a hashtable) and only
- * return those trusted certificates which satisfy basic
- * parental checks, such as the matching of child `Issuer`
- * and parent `Subject` field. */
- ((void) child);
-
- first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
- if( first == NULL )
- {
- ret = -1;
- goto exit;
- }
- mbedtls_x509_crt_init( first );
-
- if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
- {
- ret = -1;
- goto exit;
- }
-
- while( ca->next != NULL )
- {
- ca = ca->next;
- if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
- {
- ret = -1;
- goto exit;
- }
- }
-
-exit:
-
- if( ret != 0 )
- {
- mbedtls_x509_crt_free( first );
- mbedtls_free( first );
- first = NULL;
- }
-
- *candidates = first;
- return( ret );
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-/*
- * Test recv/send functions that make sure each try returns
- * WANT_READ/WANT_WRITE at least once before sucesseding
- */
-static int delayed_recv( void *ctx, unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( MBEDTLS_ERR_SSL_WANT_READ );
- }
-
- ret = mbedtls_net_recv( ctx, buf, len );
- if( ret != MBEDTLS_ERR_SSL_WANT_READ )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-static int delayed_send( void *ctx, const unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( MBEDTLS_ERR_SSL_WANT_WRITE );
- }
-
- ret = mbedtls_net_send( ctx, buf, len );
- if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-typedef struct
-{
- mbedtls_ssl_context *ssl;
- mbedtls_net_context *net;
-} io_ctx_t;
-
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-static int ssl_check_record( mbedtls_ssl_context const *ssl,
- unsigned char const *buf, size_t len )
-{
- int ret;
- unsigned char *tmp_buf;
-
- /* Record checking may modify the input buffer,
- * so make a copy. */
- tmp_buf = mbedtls_calloc( 1, len );
- if( tmp_buf == NULL )
- return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
- memcpy( tmp_buf, buf, len );
-
- ret = mbedtls_ssl_check_record( ssl, tmp_buf, len );
- if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
- {
- int ret_repeated;
-
- /* Test-only: Make sure that mbedtls_ssl_check_record()
- * doesn't alter state. */
- memcpy( tmp_buf, buf, len ); /* Restore buffer */
- ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len );
- if( ret != ret_repeated )
- {
- mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
- return( -1 );
- }
-
- switch( ret )
- {
- case 0:
- break;
-
- case MBEDTLS_ERR_SSL_INVALID_RECORD:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
- break;
-
- case MBEDTLS_ERR_SSL_INVALID_MAC:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
- break;
-
- case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
- break;
-
- default:
- mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
- return( -1 );
- }
-
- /* Regardless of the outcome, forward the record to the stack. */
- }
-
- mbedtls_free( tmp_buf );
-
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-
-static int recv_cb( void *ctx, unsigned char *buf, size_t len )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
- size_t recv_len;
- int ret;
-
- if( opt.nbio == 2 )
- ret = delayed_recv( io_ctx->net, buf, len );
- else
- ret = mbedtls_net_recv( io_ctx->net, buf, len );
- if( ret < 0 )
- return( ret );
- recv_len = (size_t) ret;
-
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- {
- /* Here's the place to do any datagram/record checking
- * in between receiving the packet from the underlying
- * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
- if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
- return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
- }
-
- return( (int) recv_len );
-}
-
-static int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
- uint32_t timeout )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
- int ret;
- size_t recv_len;
-
- ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
- if( ret < 0 )
- return( ret );
- recv_len = (size_t) ret;
-
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- {
- /* Here's the place to do any datagram/record checking
- * in between receiving the packet from the underlying
- * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
- if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
- return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
- }
-
- return( (int) recv_len );
-}
-
-static int send_cb( void *ctx, unsigned char const *buf, size_t len )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-
- if( opt.nbio == 2 )
- return( delayed_send( io_ctx->net, buf, len ) );
-
- return( mbedtls_net_send( io_ctx->net, buf, len ) );
-}
+#include "ssl_test_common_source.c"
/*
* Return authmode from string, or -1 on error
@@ -1406,24 +943,6 @@
}
#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static int ssl_sig_hashes_for_test[] = {
-#if defined(MBEDTLS_SHA512_C)
- MBEDTLS_MD_SHA512,
- MBEDTLS_MD_SHA384,
-#endif
-#if defined(MBEDTLS_SHA256_C)
- MBEDTLS_MD_SHA256,
- MBEDTLS_MD_SHA224,
-#endif
-#if defined(MBEDTLS_SHA1_C)
- /* Allow SHA-1 as we use it extensively in tests. */
- MBEDTLS_MD_SHA1,
-#endif
- MBEDTLS_MD_NONE
-};
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
/** Return true if \p ret is a status code indicating that there is an
* operation in progress on an SSL connection, and false if it indicates
* success or a fatal error.
@@ -1662,56 +1181,6 @@
}
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-/*
- * Wait for an event from the underlying transport or the timer
- * (Used in event-driven IO mode).
- */
-#if !defined(MBEDTLS_TIMING_C)
-int idle( mbedtls_net_context *fd,
- int idle_reason )
-#else
-int idle( mbedtls_net_context *fd,
- mbedtls_timing_delay_context *timer,
- int idle_reason )
-#endif
-{
- int ret;
- int poll_type = 0;
-
- if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
- poll_type = MBEDTLS_NET_POLL_WRITE;
- else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
- poll_type = MBEDTLS_NET_POLL_READ;
-#if !defined(MBEDTLS_TIMING_C)
- else
- return( 0 );
-#endif
-
- while( 1 )
- {
- /* Check if timer has expired */
-#if defined(MBEDTLS_TIMING_C)
- if( timer != NULL &&
- mbedtls_timing_get_delay( timer ) == 2 )
- {
- break;
- }
-#endif /* MBEDTLS_TIMING_C */
-
- /* Check if underlying transport became available */
- if( poll_type != 0 )
- {
- ret = mbedtls_net_poll( fd, poll_type, 0 );
- if( ret < 0 )
- return( ret );
- if( ret == poll_type )
- break;
- }
- }
-
- return( 0 );
-}
-
#if defined(MBEDTLS_USE_PSA_CRYPTO)
static psa_status_t psa_setup_psk_key_slot( psa_key_id_t *slot,
psa_algorithm_t alg,
@@ -1813,8 +1282,7 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
+ rng_context_t rng;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
#if defined(MBEDTLS_TIMING_C)
@@ -1901,6 +1369,10 @@
#endif /* MBEDTLS_MEMORY_DEBUG */
#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+#if defined(MBEDTLS_TEST_HOOKS)
+ test_hooks_init( );
+#endif /* MBEDTLS_TEST_HOOKS */
+
/*
* Make sure memory references are valid in case we exit early.
*/
@@ -1908,7 +1380,7 @@
mbedtls_net_init( &listen_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &ctr_drbg );
+ rng_init( &rng );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &srvcert );
@@ -1944,7 +1416,10 @@
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
goto exit;
}
-#endif
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ mbedtls_test_enable_insecure_external_rng( );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
#if !defined(_WIN32)
/* Abort cleanly on SIGTERM and SIGINT */
@@ -2824,31 +2299,9 @@
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- mbedtls_entropy_init( &entropy );
- if (opt.reproducible)
- {
- srand( 1 );
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- (unsigned int) -ret );
- goto exit;
- }
- }
- else
- {
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- (unsigned int) -ret );
- goto exit;
- }
- }
-
+ ret = rng_seed( &rng, opt.reproducible, pers );
+ if( ret != 0 )
+ goto exit;
mbedtls_printf( " ok\n" );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -3151,11 +2604,11 @@
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
if( opt.use_srtp == 1 )
{
if( opt.force_srtp_profile != 0 )
{
- const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, forced_profile );
}
else
@@ -3235,9 +2688,9 @@
#else
fprintf( stderr, "Warning: reproducible option used without constant time\n" );
#endif
-#endif
+#endif /* MBEDTLS_HAVE_TIME */
}
- mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_rng( &conf, rng_get, &rng );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -3256,7 +2709,7 @@
if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
{
if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
- mbedtls_ctr_drbg_random, &ctr_drbg,
+ rng_get, &rng,
MBEDTLS_CIPHER_AES_256_GCM,
opt.ticket_timeout ) ) != 0 )
{
@@ -3278,7 +2731,7 @@
if( opt.cookies > 0 )
{
if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
- mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
+ rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
goto exit;
@@ -3430,8 +2883,8 @@
ssl_async_keys.inject_error = ( opt.async_private_error < 0 ?
- opt.async_private_error :
opt.async_private_error );
- ssl_async_keys.f_rng = mbedtls_ctr_drbg_random;
- ssl_async_keys.p_rng = &ctr_drbg;
+ ssl_async_keys.f_rng = rng_get;
+ ssl_async_keys.p_rng = &rng;
mbedtls_ssl_conf_async_private_cb( &conf,
sign,
decrypt,
@@ -4529,8 +3982,7 @@
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy );
+ rng_free( &rng );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_free( &cache );
@@ -4550,12 +4002,32 @@
mbedtls_free( context_buf );
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ mbedtls_psa_crypto_free( );
+#endif
+
+#if defined(MBEDTLS_TEST_HOOKS)
+ /* Let test hooks detect errors such as resource leaks.
+ * Don't do it in query_config mode, because some test code prints
+ * information to stdout and this gets mixed with the regular output. */
+ if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
+ {
+ if( test_hooks_failure_detected( ) )
+ {
+ if( ret == 0 )
+ ret = 1;
+ mbedtls_printf( "Test hooks detected errors.\n" );
+ }
+ }
+ test_hooks_free( );
+#endif /* MBEDTLS_TEST_HOOKS */
+
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_memory_buffer_alloc_status();
#endif
mbedtls_memory_buffer_alloc_free();
-#endif
+#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
{
@@ -4576,6 +4048,4 @@
else
mbedtls_exit( query_config_ret );
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
- MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
- MBEDTLS_CTR_DRBG_C */
+#endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */
diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c
new file mode 100644
index 0000000..f5d8680
--- /dev/null
+++ b/programs/ssl/ssl_test_common_source.c
@@ -0,0 +1,306 @@
+/*
+ * Common source code for SSL test programs. This file is included by
+ * both ssl_client2.c and ssl_server2.c and is intended for source
+ * code that is textually identical in both programs, but that cannot be
+ * compiled separately because it refers to types or macros that are
+ * different in the two programs, or because it would have an incomplete
+ * type.
+ *
+ * This file is meant to be #include'd and cannot be compiled separately.
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+int eap_tls_key_derivation( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
+{
+ eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
+
+ ( ( void ) kb );
+ memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
+ memcpy( keys->randbytes, client_random, 32 );
+ memcpy( keys->randbytes + 32, server_random, 32 );
+ keys->tls_prf_type = tls_prf_type;
+
+ if( opt.debug_level > 2 )
+ {
+ mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
+ mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
+ mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
+ }
+ return( 0 );
+}
+
+int nss_keylog_export( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
+{
+ char nss_keylog_line[ 200 ];
+ size_t const client_random_len = 32;
+ size_t const master_secret_len = 48;
+ size_t len = 0;
+ size_t j;
+ int ret = 0;
+
+ ((void) p_expkey);
+ ((void) kb);
+ ((void) maclen);
+ ((void) keylen);
+ ((void) ivlen);
+ ((void) server_random);
+ ((void) tls_prf_type);
+
+ len += sprintf( nss_keylog_line + len,
+ "%s", "CLIENT_RANDOM " );
+
+ for( j = 0; j < client_random_len; j++ )
+ {
+ len += sprintf( nss_keylog_line + len,
+ "%02x", client_random[j] );
+ }
+
+ len += sprintf( nss_keylog_line + len, " " );
+
+ for( j = 0; j < master_secret_len; j++ )
+ {
+ len += sprintf( nss_keylog_line + len,
+ "%02x", ms[j] );
+ }
+
+ len += sprintf( nss_keylog_line + len, "\n" );
+ nss_keylog_line[ len ] = '\0';
+
+ mbedtls_printf( "\n" );
+ mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
+ mbedtls_printf( "%s", nss_keylog_line );
+ mbedtls_printf( "---------------------------------------------\n" );
+
+ if( opt.nss_keylog_file != NULL )
+ {
+ FILE *f;
+
+ if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
+ {
+ ret = -1;
+ goto exit;
+ }
+
+ if( fwrite( nss_keylog_line, 1, len, f ) != len )
+ {
+ ret = -1;
+ fclose( f );
+ goto exit;
+ }
+
+ fclose( f );
+ }
+
+exit:
+ mbedtls_platform_zeroize( nss_keylog_line,
+ sizeof( nss_keylog_line ) );
+ return( ret );
+}
+
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+int dtls_srtp_key_derivation( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
+{
+ dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
+
+ ( ( void ) kb );
+ memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
+ memcpy( keys->randbytes, client_random, 32 );
+ memcpy( keys->randbytes + 32, server_random, 32 );
+ keys->tls_prf_type = tls_prf_type;
+
+ if( opt.debug_level > 2 )
+ {
+ mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
+ mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
+ mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
+ }
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+int ssl_check_record( mbedtls_ssl_context const *ssl,
+ unsigned char const *buf, size_t len )
+{
+ int my_ret = 0, ret_cr1, ret_cr2;
+ unsigned char *tmp_buf;
+
+ /* Record checking may modify the input buffer,
+ * so make a copy. */
+ tmp_buf = mbedtls_calloc( 1, len );
+ if( tmp_buf == NULL )
+ return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+ memcpy( tmp_buf, buf, len );
+
+ ret_cr1 = mbedtls_ssl_check_record( ssl, tmp_buf, len );
+ if( ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
+ {
+ /* Test-only: Make sure that mbedtls_ssl_check_record()
+ * doesn't alter state. */
+ memcpy( tmp_buf, buf, len ); /* Restore buffer */
+ ret_cr2 = mbedtls_ssl_check_record( ssl, tmp_buf, len );
+ if( ret_cr2 != ret_cr1 )
+ {
+ mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
+ my_ret = -1;
+ goto cleanup;
+ }
+
+ switch( ret_cr1 )
+ {
+ case 0:
+ break;
+
+ case MBEDTLS_ERR_SSL_INVALID_RECORD:
+ if( opt.debug_level > 1 )
+ mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
+ break;
+
+ case MBEDTLS_ERR_SSL_INVALID_MAC:
+ if( opt.debug_level > 1 )
+ mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
+ break;
+
+ case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
+ if( opt.debug_level > 1 )
+ mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
+ break;
+
+ default:
+ mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret_cr1 );
+ my_ret = -1;
+ goto cleanup;
+ }
+
+ /* Regardless of the outcome, forward the record to the stack. */
+ }
+
+cleanup:
+ mbedtls_free( tmp_buf );
+
+ return( my_ret );
+}
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+
+int recv_cb( void *ctx, unsigned char *buf, size_t len )
+{
+ io_ctx_t *io_ctx = (io_ctx_t*) ctx;
+ size_t recv_len;
+ int ret;
+
+ if( opt.nbio == 2 )
+ ret = delayed_recv( io_ctx->net, buf, len );
+ else
+ ret = mbedtls_net_recv( io_ctx->net, buf, len );
+ if( ret < 0 )
+ return( ret );
+ recv_len = (size_t) ret;
+
+ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ /* Here's the place to do any datagram/record checking
+ * in between receiving the packet from the underlying
+ * transport and passing it on to the TLS stack. */
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+ if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
+ return( -1 );
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+ }
+
+ return( (int) recv_len );
+}
+
+int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
+ uint32_t timeout )
+{
+ io_ctx_t *io_ctx = (io_ctx_t*) ctx;
+ int ret;
+ size_t recv_len;
+
+ ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
+ if( ret < 0 )
+ return( ret );
+ recv_len = (size_t) ret;
+
+ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ /* Here's the place to do any datagram/record checking
+ * in between receiving the packet from the underlying
+ * transport and passing it on to the TLS stack. */
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+ if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
+ return( -1 );
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+ }
+
+ return( (int) recv_len );
+}
+
+int send_cb( void *ctx, unsigned char const *buf, size_t len )
+{
+ io_ctx_t *io_ctx = (io_ctx_t*) ctx;
+
+ if( opt.nbio == 2 )
+ return( delayed_send( io_ctx->net, buf, len ) );
+
+ return( mbedtls_net_send( io_ctx->net, buf, len ) );
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+int ssl_sig_hashes_for_test[] = {
+#if defined(MBEDTLS_SHA512_C)
+ MBEDTLS_MD_SHA512,
+ MBEDTLS_MD_SHA384,
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ MBEDTLS_MD_SHA256,
+ MBEDTLS_MD_SHA224,
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ /* Allow SHA-1 as we use it extensively in tests. */
+ MBEDTLS_MD_SHA1,
+#endif
+ MBEDTLS_MD_NONE
+};
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
new file mode 100644
index 0000000..1bb9d61
--- /dev/null
+++ b/programs/ssl/ssl_test_lib.c
@@ -0,0 +1,357 @@
+/*
+ * Common code library for SSL test programs.
+ *
+ * In addition to the functions in this file, there is shared source code
+ * that cannot be compiled separately in "ssl_test_common_source.c".
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "ssl_test_lib.h"
+
+#if defined(MBEDTLS_TEST_HOOKS)
+#include "test/helpers.h"
+#endif
+
+#if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
+
+void my_debug( void *ctx, int level,
+ const char *file, int line,
+ const char *str )
+{
+ const char *p, *basename;
+
+ /* Extract basename from file */
+ for( p = basename = file; *p != '\0'; p++ )
+ if( *p == '/' || *p == '\\' )
+ basename = p + 1;
+
+ mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s",
+ basename, line, level, str );
+ fflush( (FILE *) ctx );
+}
+
+mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
+{
+ (void) time;
+ return 0x5af2a056;
+}
+
+#if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+static int dummy_entropy( void *data, unsigned char *output, size_t len )
+{
+ size_t i;
+ int ret;
+ (void) data;
+
+ ret = mbedtls_entropy_func( data, output, len );
+ for( i = 0; i < len; i++ )
+ {
+ //replace result with pseudo random
+ output[i] = (unsigned char) rand();
+ }
+ return( ret );
+}
+#endif
+
+void rng_init( rng_context_t *rng )
+{
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+ (void) rng;
+ psa_crypto_init( );
+#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ mbedtls_ctr_drbg_init( &rng->drbg );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ mbedtls_hmac_drbg_init( &rng->drbg );
+#else
+#error "No DRBG available"
+#endif
+
+ mbedtls_entropy_init( &rng->entropy );
+#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+}
+
+int rng_seed( rng_context_t *rng, int reproducible, const char *pers )
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( reproducible )
+ {
+ mbedtls_fprintf( stderr,
+ "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n" );
+ return( -1 );
+ }
+#endif
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+ /* The PSA crypto RNG does its own seeding. */
+ (void) rng;
+ (void) pers;
+ if( reproducible )
+ {
+ mbedtls_fprintf( stderr,
+ "The PSA RNG does not support reproducible mode.\n" );
+ return( -1 );
+ }
+ return( 0 );
+#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+ int ( *f_entropy )( void *, unsigned char *, size_t ) =
+ ( reproducible ? dummy_entropy : mbedtls_entropy_func );
+
+ if ( reproducible )
+ srand( 1 );
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ int ret = mbedtls_ctr_drbg_seed( &rng->drbg,
+ f_entropy, &rng->entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+#if defined(MBEDTLS_SHA256_C)
+ const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256;
+#elif defined(MBEDTLS_SHA512_C)
+ const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512;
+#else
+#error "No message digest available for HMAC_DRBG"
+#endif
+ int ret = mbedtls_hmac_drbg_seed( &rng->drbg,
+ mbedtls_md_info_from_type( md_type ),
+ f_entropy, &rng->entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) );
+#else /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
+#error "No DRBG available"
+#endif /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
+
+ if( ret != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
+ (unsigned int) -ret );
+ return( ret );
+ }
+#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+
+ return( 0 );
+}
+
+void rng_free( rng_context_t *rng )
+{
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+ (void) rng;
+ /* Deinitialize the PSA crypto subsystem. This deactivates all PSA APIs.
+ * This is ok because none of our applications try to do any crypto after
+ * deinitializing the RNG. */
+ mbedtls_psa_crypto_free( );
+#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ mbedtls_ctr_drbg_free( &rng->drbg );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ mbedtls_hmac_drbg_free( &rng->drbg );
+#else
+#error "No DRBG available"
+#endif
+
+ mbedtls_entropy_free( &rng->entropy );
+#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+}
+
+int rng_get( void *p_rng, unsigned char *output, size_t output_len )
+{
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+ (void) p_rng;
+ return( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
+ output, output_len ) );
+#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+ rng_context_t *rng = p_rng;
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ return( mbedtls_ctr_drbg_random( &rng->drbg, output, output_len ) );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ return( mbedtls_hmac_drbg_random( &rng->drbg, output, output_len ) );
+#else
+#error "No DRBG available"
+#endif
+
+#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+}
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+int ca_callback( void *data, mbedtls_x509_crt const *child,
+ mbedtls_x509_crt **candidates )
+{
+ int ret = 0;
+ mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
+ mbedtls_x509_crt *first;
+
+ /* This is a test-only implementation of the CA callback
+ * which always returns the entire list of trusted certificates.
+ * Production implementations managing a large number of CAs
+ * should use an efficient presentation and lookup for the
+ * set of trusted certificates (such as a hashtable) and only
+ * return those trusted certificates which satisfy basic
+ * parental checks, such as the matching of child `Issuer`
+ * and parent `Subject` field or matching key identifiers. */
+ ((void) child);
+
+ first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
+ if( first == NULL )
+ {
+ ret = -1;
+ goto exit;
+ }
+ mbedtls_x509_crt_init( first );
+
+ if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
+ {
+ ret = -1;
+ goto exit;
+ }
+
+ while( ca->next != NULL )
+ {
+ ca = ca->next;
+ if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
+ {
+ ret = -1;
+ goto exit;
+ }
+ }
+
+exit:
+
+ if( ret != 0 )
+ {
+ mbedtls_x509_crt_free( first );
+ mbedtls_free( first );
+ first = NULL;
+ }
+
+ *candidates = first;
+ return( ret );
+}
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+int delayed_recv( void *ctx, unsigned char *buf, size_t len )
+{
+ static int first_try = 1;
+ int ret;
+
+ if( first_try )
+ {
+ first_try = 0;
+ return( MBEDTLS_ERR_SSL_WANT_READ );
+ }
+
+ ret = mbedtls_net_recv( ctx, buf, len );
+ if( ret != MBEDTLS_ERR_SSL_WANT_READ )
+ first_try = 1; /* Next call will be a new operation */
+ return( ret );
+}
+
+int delayed_send( void *ctx, const unsigned char *buf, size_t len )
+{
+ static int first_try = 1;
+ int ret;
+
+ if( first_try )
+ {
+ first_try = 0;
+ return( MBEDTLS_ERR_SSL_WANT_WRITE );
+ }
+
+ ret = mbedtls_net_send( ctx, buf, len );
+ if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+ first_try = 1; /* Next call will be a new operation */
+ return( ret );
+}
+
+#if !defined(MBEDTLS_TIMING_C)
+int idle( mbedtls_net_context *fd,
+ int idle_reason )
+#else
+int idle( mbedtls_net_context *fd,
+ mbedtls_timing_delay_context *timer,
+ int idle_reason )
+#endif
+{
+ int ret;
+ int poll_type = 0;
+
+ if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
+ poll_type = MBEDTLS_NET_POLL_WRITE;
+ else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
+ poll_type = MBEDTLS_NET_POLL_READ;
+#if !defined(MBEDTLS_TIMING_C)
+ else
+ return( 0 );
+#endif
+
+ while( 1 )
+ {
+ /* Check if timer has expired */
+#if defined(MBEDTLS_TIMING_C)
+ if( timer != NULL &&
+ mbedtls_timing_get_delay( timer ) == 2 )
+ {
+ break;
+ }
+#endif /* MBEDTLS_TIMING_C */
+
+ /* Check if underlying transport became available */
+ if( poll_type != 0 )
+ {
+ ret = mbedtls_net_poll( fd, poll_type, 0 );
+ if( ret < 0 )
+ return( ret );
+ if( ret == poll_type )
+ break;
+ }
+ }
+
+ return( 0 );
+}
+
+#if defined(MBEDTLS_TEST_HOOKS)
+
+void test_hooks_init( void )
+{
+ mbedtls_test_info_reset( );
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ mbedtls_test_mutex_usage_init( );
+#endif
+}
+
+int test_hooks_failure_detected( void )
+{
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ /* Errors are reported via mbedtls_test_info. */
+ mbedtls_test_mutex_usage_check( );
+#endif
+
+ if( mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS )
+ return( 1 );
+ return( 0 );
+}
+
+void test_hooks_free( void )
+{
+}
+
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h
new file mode 100644
index 0000000..98751a0
--- /dev/null
+++ b/programs/ssl/ssl_test_lib.h
@@ -0,0 +1,294 @@
+/*
+ * Common code for SSL test programs
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
+#define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#define mbedtls_time time
+#define mbedtls_time_t time_t
+#define mbedtls_printf printf
+#define mbedtls_fprintf fprintf
+#define mbedtls_snprintf snprintf
+#define mbedtls_exit exit
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif
+
+#undef HAVE_RNG
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \
+ ( defined(MBEDTLS_USE_PSA_CRYPTO) || \
+ defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) )
+#define HAVE_RNG
+#elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
+#define HAVE_RNG
+#elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \
+ ( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) )
+#define HAVE_RNG
+#endif
+
+#if !defined(MBEDTLS_NET_C) || \
+ !defined(MBEDTLS_SSL_TLS_C) || \
+ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+#define MBEDTLS_SSL_TEST_IMPOSSIBLE \
+ "MBEDTLS_NET_C and/or " \
+ "MBEDTLS_SSL_TLS_C not defined, " \
+ "and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n"
+#elif !defined(HAVE_RNG)
+#define MBEDTLS_SSL_TEST_IMPOSSIBLE \
+ "No random generator is available.\n"
+#else
+#undef MBEDTLS_SSL_TEST_IMPOSSIBLE
+
+#undef HAVE_RNG
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/error.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/base64.h"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+#include <test/helpers.h>
+
+#include "../test/query_config.h"
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+
+typedef struct eap_tls_keys
+{
+ unsigned char master_secret[48];
+ unsigned char randbytes[64];
+ mbedtls_tls_prf_types tls_prf_type;
+} eap_tls_keys;
+
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+
+/* Supported SRTP mode needs a maximum of :
+ * - 16 bytes for key (AES-128)
+ * - 14 bytes SALT
+ * One for sender, one for receiver context
+ */
+#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
+
+typedef struct dtls_srtp_keys
+{
+ unsigned char master_secret[48];
+ unsigned char randbytes[64];
+ mbedtls_tls_prf_types tls_prf_type;
+} dtls_srtp_keys;
+
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+typedef struct
+{
+ mbedtls_ssl_context *ssl;
+ mbedtls_net_context *net;
+} io_ctx_t;
+
+void my_debug( void *ctx, int level,
+ const char *file, int line,
+ const char *str );
+
+mbedtls_time_t dummy_constant_time( mbedtls_time_t* time );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use
+ * mbedtls_psa_get_random() rather than entropy+DRBG as a random generator.
+ *
+ * The constraints are:
+ * - Without the entropy module, the PSA RNG is the only option.
+ * - Without at least one of the DRBG modules, the PSA RNG is the only option.
+ * - The PSA RNG does not support explicit seeding, so it is incompatible with
+ * the reproducible mode used by test programs.
+ * - For good overall test coverage, there should be at least one configuration
+ * where the test programs use the PSA RNG while the PSA RNG is itself based
+ * on entropy+DRBG, and at least one configuration where the test programs
+ * do not use the PSA RNG even though it's there.
+ *
+ * A simple choice that meets the constraints is to use the PSA RNG whenever
+ * MBEDTLS_USE_PSA_CRYPTO is enabled. There's no real technical reason the
+ * choice to use the PSA RNG in the test programs and the choice to use
+ * PSA crypto when TLS code needs crypto have to be tied together, but it
+ * happens to be a good match. It's also a good match from an application
+ * perspective: either PSA is preferred for TLS (both for crypto and for
+ * random generation) or it isn't.
+ */
+#define MBEDTLS_TEST_USE_PSA_CRYPTO_RNG
+#endif
+
+/** A context for random number generation (RNG).
+ */
+typedef struct
+{
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+ unsigned char dummy;
+#else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+ mbedtls_entropy_context entropy;
+#if defined(MBEDTLS_CTR_DRBG_C)
+ mbedtls_ctr_drbg_context drbg;
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ mbedtls_hmac_drbg_context drbg;
+#else
+#error "No DRBG available"
+#endif
+#endif /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+} rng_context_t;
+
+/** Initialize the RNG.
+ *
+ * This function only initializes the memory used by the RNG context.
+ * Before using the RNG, it must be seeded with rng_seed().
+ */
+void rng_init( rng_context_t *rng );
+
+/* Seed the random number generator.
+ *
+ * \param rng The RNG context to use. It must have been initialized
+ * with rng_init().
+ * \param reproducible If zero, seed the RNG from entropy.
+ * If nonzero, use a fixed seed, so that the program
+ * will produce the same sequence of random numbers
+ * each time it is invoked.
+ * \param pers A null-terminated string. Different values for this
+ * string cause the RNG to emit different output for
+ * the same seed.
+ *
+ * return 0 on success, a negative value on error.
+ */
+int rng_seed( rng_context_t *rng, int reproducible, const char *pers );
+
+/** Deinitialize the RNG. Free any embedded resource.
+ *
+ * \param rng The RNG context to deinitialize. It must have been
+ * initialized with rng_init().
+ */
+void rng_free( rng_context_t *rng );
+
+/** Generate random data.
+ *
+ * This function is suitable for use as the \c f_rng argument to Mbed TLS
+ * library functions.
+ *
+ * \param p_rng The random generator context. This must be a pointer to
+ * a #rng_context_t structure.
+ * \param output The buffer to fill.
+ * \param output_len The length of the buffer in bytes.
+ *
+ * \return \c 0 on success.
+ * \return An Mbed TLS error code on error.
+ */
+int rng_get( void *p_rng, unsigned char *output, size_t output_len );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/* The test implementation of the PSA external RNG is insecure. When
+ * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto
+ * function that makes use of an RNG, you must call
+ * mbedtls_test_enable_insecure_external_rng(). */
+#include <test/fake_external_rng_for_test.h>
+#endif
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+int ca_callback( void *data, mbedtls_x509_crt const *child,
+ mbedtls_x509_crt **candidates );
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+/*
+ * Test recv/send functions that make sure each try returns
+ * WANT_READ/WANT_WRITE at least once before sucesseding
+ */
+int delayed_recv( void *ctx, unsigned char *buf, size_t len );
+int delayed_send( void *ctx, const unsigned char *buf, size_t len );
+
+/*
+ * Wait for an event from the underlying transport or the timer
+ * (Used in event-driven IO mode).
+ */
+int idle( mbedtls_net_context *fd,
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_timing_delay_context *timer,
+#endif
+ int idle_reason );
+
+#if defined(MBEDTLS_TEST_HOOKS)
+/** Initialize whatever test hooks are enabled by the compile-time
+ * configuration and make sense for the TLS test programs. */
+void test_hooks_init( void );
+
+/** Check if any test hooks detected a problem.
+ *
+ * If a problem was detected, it's ok for the calling program to keep going,
+ * but it should ultimately exit with an error status.
+ *
+ * \note When implementing a test hook that detects errors on its own
+ * (as opposed to e.g. leaving the error for a memory sanitizer to
+ * report), make sure to print a message to standard error either at
+ * the time the problem is detected or during the execution of this
+ * function. This function does not indicate what problem was detected,
+ * so printing a message is the only way to provide feedback in the
+ * logs of the calling program.
+ *
+ * \return Nonzero if a problem was detected.
+ * \c 0 if no problem was detected.
+ */
+int test_hooks_failure_detected( void );
+
+/** Free any resources allocated for the sake of test hooks.
+ *
+ * Call this at the end of the program so that resource leak analyzers
+ * don't complain.
+ */
+void test_hooks_free( void );
+
+#endif /* !MBEDTLS_TEST_HOOKS */
+
+#endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */
+#endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 49b44e7..2b1e61e 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -26,7 +26,13 @@
endif()
foreach(exe IN LISTS executables_libs executables_mbedcrypto)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ set(extra_sources "")
+ if(exe STREQUAL "query_compile_time_config")
+ list(APPEND extra_sources
+ ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
+ endif()
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
+ ${extra_sources})
# This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
list(FIND executables_libs ${exe} exe_index)
@@ -37,9 +43,6 @@
endif()
endforeach()
-set_property(TARGET query_compile_time_config APPEND PROPERTY SOURCES
- ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
-
install(TARGETS ${executables_libs} ${executables_mbedcrypto}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp
index c69cd2b..d052682 100644
--- a/programs/test/cpp_dummy_build.cpp
+++ b/programs/test/cpp_dummy_build.cpp
@@ -44,6 +44,7 @@
#include "mbedtls/cipher_internal.h"
#include "mbedtls/cmac.h"
#include "mbedtls/compat-1.3.h"
+#include "mbedtls/config_psa.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/debug.h"
#include "mbedtls/des.h"
@@ -111,8 +112,6 @@
#include "psa/crypto.h"
#include "psa/crypto_se_driver.h"
-#include "psa/crypto_entropy_driver.h"
-#include "psa/crypto_accel_driver.h"
#include "../library/psa_crypto_its.h"
int main()
diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c
index abe8f76..0e356c8 100644
--- a/programs/test/query_compile_time_config.c
+++ b/programs/test/query_compile_time_config.c
@@ -40,7 +40,7 @@
"Mbed TLS build and the macro expansion of that configuration will be\n" \
"printed (if any). Otherwise, 1 will be returned.\n"
-int query_config( const char *config );
+#include "query_config.h"
int main( int argc, char *argv[] )
{
diff --git a/programs/test/query_config.c b/programs/test/query_config.c
index 1345b11..9b9d0c0 100644
--- a/programs/test/query_config.c
+++ b/programs/test/query_config.c
@@ -23,6 +23,8 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "query_config.h"
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
@@ -656,6 +658,14 @@
}
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+#if defined(MBEDTLS_ECP_NO_FALLBACK)
+ if( strcmp( "MBEDTLS_ECP_NO_FALLBACK", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NO_FALLBACK );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_NO_FALLBACK */
+
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
if( strcmp( "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", config ) == 0 )
{
@@ -1216,6 +1226,22 @@
}
#endif /* MBEDTLS_PKCS1_V21 */
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_CLIENT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CLIENT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
+
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
if( strcmp( "MBEDTLS_PSA_CRYPTO_DRIVERS", config ) == 0 )
{
@@ -1224,6 +1250,14 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
#if defined(MBEDTLS_PSA_CRYPTO_SPM)
if( strcmp( "MBEDTLS_PSA_CRYPTO_SPM", config ) == 0 )
{
@@ -2608,6 +2642,22 @@
}
#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */
+#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+ if( strcmp( "MBEDTLS_PSA_HMAC_DRBG_MD_TYPE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HMAC_DRBG_MD_TYPE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_HMAC_DRBG_MD_TYPE */
+
+#if defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
+ if( strcmp( "MBEDTLS_PSA_KEY_SLOT_COUNT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_KEY_SLOT_COUNT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_KEY_SLOT_COUNT */
+
#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 )
{
@@ -2712,6 +2762,14 @@
}
#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */
+#if defined(MBEDTLS_TLS_EXT_CID)
+ if( strcmp( "MBEDTLS_TLS_EXT_CID", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_EXT_CID );
+ return( 0 );
+ }
+#endif /* MBEDTLS_TLS_EXT_CID */
+
#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 )
{
@@ -2728,14 +2786,6 @@
}
#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */
-#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES)
- if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES", config ) == 0 )
- {
- MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES );
- return( 0 );
- }
-#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES */
-
#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 )
{
diff --git a/programs/test/query_config.h b/programs/test/query_config.h
new file mode 100644
index 0000000..23009c4
--- /dev/null
+++ b/programs/test/query_config.h
@@ -0,0 +1,42 @@
+/*
+ * Query Mbed TLS compile time configurations from config.h
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H
+#define MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/** Check whether a given configuration symbol is enabled.
+ *
+ * \param config The symbol to query (e.g. "MBEDTLS_RSA_C").
+ * \return \c 0 if the symbol was defined at compile time
+ * (in MBEDTLS_CONFIG_FILE or config.h),
+ * \c 1 otherwise.
+ *
+ * \note This function is defined in `programs/test/query_config.c`
+ * which is automatically generated by
+ * `scripts/generate_query_config.pl`.
+ */
+int query_config( const char *config );
+
+#endif /* MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H */
diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index 0b1bfd7..11fe9bf 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -683,26 +683,21 @@
}
/*
- * Avoid dropping or delaying a packet that was already dropped twice: this
- * only results in uninteresting timeouts. We can't rely on type to identify
- * packets, since during renegotiation they're all encrypted. So, rely on
- * size mod 2048 (which is usually just size).
- */
-static unsigned char dropped[2048] = { 0 };
-#define DROP_MAX 2
-
-/* We only drop packets at the level of entire datagrams, not at the level
+ * Avoid dropping or delaying a packet that was already dropped or delayed
+ * ("held") twice: this only results in uninteresting timeouts. We can't rely
+ * on type to identify packets, since during renegotiation they're all
+ * encrypted. So, rely on size mod 2048 (which is usually just size).
+ *
+ * We only hold packets at the level of entire datagrams, not at the level
* of records. In particular, if the peer changes the way it packs multiple
* records into a single datagram, we don't necessarily count the number of
- * times a record has been dropped correctly. However, the only known reason
+ * times a record has been held correctly. However, the only known reason
* why a peer would change datagram packing is disabling the latter on
- * retransmission, in which case we'd drop involved records at most
- * DROP_MAX + 1 times. */
-void update_dropped( const packet *p )
-{
- size_t id = p->len % sizeof( dropped );
- ++dropped[id];
-}
+ * retransmission, in which case we'd hold involved records at most
+ * HOLD_MAX + 1 times.
+ */
+static unsigned char held[2048] = { 0 };
+#define HOLD_MAX 2
int handle_message( const char *way,
mbedtls_net_context *dst,
@@ -729,7 +724,7 @@
cur.dst = dst;
print_packet( &cur, NULL );
- id = cur.len % sizeof( dropped );
+ id = cur.len % sizeof( held );
if( strcmp( way, "S <- C" ) == 0 )
{
@@ -771,10 +766,10 @@
! ( opt.protect_hvr &&
strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
cur.len != (size_t) opt.protect_len &&
- dropped[id] < DROP_MAX &&
+ held[id] < HOLD_MAX &&
rand() % opt.drop == 0 ) )
{
- update_dropped( &cur );
+ ++held[id];
}
else if( ( opt.delay_ccs == 1 &&
strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) ||
@@ -784,9 +779,10 @@
! ( opt.protect_hvr &&
strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
cur.len != (size_t) opt.protect_len &&
- dropped[id] < DROP_MAX &&
+ held[id] < HOLD_MAX &&
rand() % opt.delay == 0 ) )
{
+ ++held[id];
delay_packet( &cur );
}
else
@@ -897,7 +893,7 @@
* 3. Forward packets forever (kill the process to terminate it)
*/
clear_pending();
- memset( dropped, 0, sizeof( dropped ) );
+ memset( held, 0, sizeof( held ) );
nb_fds = client_fd.fd;
if( nb_fds < server_fd.fd )
@@ -1005,8 +1001,8 @@
for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ )
{
- mbedtls_free( opt.delay_cli + delay_idx );
- mbedtls_free( opt.delay_srv + delay_idx );
+ mbedtls_free( opt.delay_cli[delay_idx] );
+ mbedtls_free( opt.delay_srv[delay_idx] );
}
mbedtls_net_free( &client_fd );
diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py
index 8f7d1fd..56d6c37 100755
--- a/scripts/assemble_changelog.py
+++ b/scripts/assemble_changelog.py
@@ -74,6 +74,9 @@
b'Changes',
)
+# The maximum line length for an entry
+MAX_LINE_LENGTH = 80
+
CategoryContent = namedtuple('CategoryContent', [
'name', 'title_line', # Title text and line number of the title
'body', 'body_line', # Body text and starting line number of the body
@@ -198,6 +201,8 @@
# a version that is not yet released. Something like "3.1a" is accepted.
_version_number_re = re.compile(br'[0-9]+\.[0-9A-Za-z.]+')
_incomplete_version_number_re = re.compile(br'.*\.[A-Za-z]')
+ _only_url_re = re.compile(br'^\s*\w+://\S+\s*$')
+ _has_url_re = re.compile(br'.*://.*')
def add_categories_from_text(self, filename, line_offset,
text, allow_unknown_category):
@@ -214,6 +219,21 @@
line_offset + category.title_line,
'Unknown category: "{}"',
category.name.decode('utf8'))
+
+ body_split = category.body.splitlines()
+
+ for line_number, line in enumerate(body_split, 1):
+ if not self._only_url_re.match(line) and \
+ len(line) > MAX_LINE_LENGTH:
+ long_url_msg = '. URL exceeding length limit must be alone in its line.' \
+ if self._has_url_re.match(line) else ""
+ raise InputFormatError(filename,
+ category.body_line + line_number,
+ 'Line is longer than allowed: '
+ 'Length {} (Max {}){}',
+ len(line), MAX_LINE_LENGTH,
+ long_url_msg)
+
self.categories[category.name] += category.body
def __init__(self, input_stream, changelog_format):
diff --git a/scripts/config.py b/scripts/config.py
index ae0614a..01f570e 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -171,6 +171,7 @@
'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options
'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS
+ 'MBEDTLS_ECP_NO_FALLBACK', # removes internal ECP implementation
'MBEDTLS_ECP_NO_INTERNAL_RNG', # removes a feature
'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO
'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY
@@ -185,6 +186,7 @@
'MBEDTLS_PKCS11_C', # build dependency (libpkcs11-helper)
'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature
'MBEDTLS_PSA_CRYPTO_CONFIG', # toggles old/new style PSA config
+ 'MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG', # behavior change + build dependency
'MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER', # incompatible with USE_PSA_CRYPTO
'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM)
'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions)
diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt
index 9e479bb..3be94bd 100644
--- a/scripts/data_files/error.fmt
+++ b/scripts/data_files/error.fmt
@@ -162,4 +162,8 @@
#endif /* MBEDTLS_ERROR_C */
+#if defined(MBEDTLS_TEST_HOOKS)
+void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
+#endif
+
#endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */
diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt
index be1faef..be541cb 100644
--- a/scripts/data_files/query_config.fmt
+++ b/scripts/data_files/query_config.fmt
@@ -23,6 +23,8 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "query_config.h"
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index ed17a0d..65383fa 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -21,6 +21,7 @@
# limitations under the License.
use strict;
+use warnings;
my ($include_dir, $data_dir, $error_file);
@@ -53,26 +54,54 @@
PEM PK PKCS12 PKCS5
RSA SSL X509 );
-my $line_separator = $/;
undef $/;
open(FORMAT_FILE, "$error_format_file") or die "Opening error format file '$error_format_file': $!";
my $error_format = <FORMAT_FILE>;
close(FORMAT_FILE);
-$/ = $line_separator;
-
my @files = <$include_dir/*.h>;
my @necessary_include_files;
my @matches;
foreach my $file (@files) {
open(FILE, "$file");
- my @grep_res = grep(/^\s*#define\s+MBEDTLS_ERR_\w+\s+\-0x[0-9A-Fa-f]+/, <FILE>);
- push(@matches, @grep_res);
+ my $content = <FILE>;
close FILE;
- my $include_name = $file;
- $include_name =~ s!.*/!!;
- push @necessary_include_files, $include_name if @grep_res;
+ my $found = 0;
+ while ($content =~ m[
+ # Both the before-comment and the after-comment are optional.
+ # Only the comment content is a regex capture group. The comment
+ # start and end parts are outside the capture group.
+ (?:/\*[*!](?!<) # Doxygen before-comment start
+ ((?:[^*]|\*+[^*/])*) # $1: Comment content (no */ inside)
+ \*/)? # Comment end
+ \s*\#\s*define\s+(MBEDTLS_ERR_\w+) # $2: name
+ \s+\-(0[Xx][0-9A-Fa-f]+)\s* # $3: value (without the sign)
+ (?:/\*[*!]< # Doxygen after-comment start
+ ((?:[^*]|\*+[^*/])*) # $4: Comment content (no */ inside)
+ \*/)? # Comment end
+ ]gsx) {
+ my ($before, $name, $value, $after) = ($1, $2, $3, $4);
+ # Discard Doxygen comments that are coincidentally present before
+ # an error definition but not attached to it. This is ad hoc, based
+ # on what actually matters (or mattered at some point).
+ undef $before if defined($before) && $before =~ /\s*\\name\s/s;
+ die "Description neither before nor after $name in $file\n"
+ if !defined($before) && !defined($after);
+ die "Description both before and after $name in $file\n"
+ if defined($before) && defined($after);
+ my $description = (defined($before) ? $before : $after);
+ $description =~ s/^\s+//;
+ $description =~ s/\n( *\*)? */ /g;
+ $description =~ s/\.?\s+$//;
+ push @matches, [$name, $value, $description];
+ ++$found;
+ }
+ if ($found) {
+ my $include_name = $file;
+ $include_name =~ s!.*/!!;
+ push @necessary_include_files, $include_name;
+ }
}
my $ll_old_define = "";
@@ -86,20 +115,14 @@
my %error_codes_seen;
-foreach my $line (@matches)
+foreach my $match (@matches)
{
- next if ($line =~ /compat-1.2.h/);
- my ($error_name, $error_code) = $line =~ /(MBEDTLS_ERR_\w+)\s+\-(0x\w+)/;
- my ($description) = $line =~ /\/\*\*< (.*?)\.? \*\//;
+ my ($error_name, $error_code, $description) = @$match;
die "Duplicated error code: $error_code ($error_name)\n"
if( $error_codes_seen{$error_code}++ );
$description =~ s/\\/\\\\/g;
- if ($description eq "") {
- $description = "DESCRIPTION MISSING";
- warn "Missing description for $error_name\n";
- }
my ($module_name) = $error_name =~ /^MBEDTLS_ERR_([^_]+)/;
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index 401c2fc..71afd02 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -27,9 +27,10 @@
# limitations under the License.
import os
-import re
import sys
+from mbedtls_dev import macro_collector
+
OUTPUT_TEMPLATE = '''\
/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */
@@ -99,20 +100,28 @@
unsigned long length_modifier = NO_LENGTH_MODIFIER;
if (PSA_ALG_IS_MAC(alg)) {
core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0);
- if (core_alg != alg) {
+ if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) {
+ append(&buffer, buffer_size, &required_size,
+ "PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(", 33);
+ length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
+ } else if (core_alg != alg) {
append(&buffer, buffer_size, &required_size,
"PSA_ALG_TRUNCATED_MAC(", 22);
length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
}
} else if (PSA_ALG_IS_AEAD(alg)) {
- core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg);
+ core_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg);
if (core_alg == 0) {
/* For unknown AEAD algorithms, there is no "default tag length". */
core_alg = alg;
+ } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) {
+ append(&buffer, buffer_size, &required_size,
+ "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43);
+ length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg);
} else if (core_alg != alg) {
append(&buffer, buffer_size, &required_size,
- "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29);
- length_modifier = PSA_AEAD_TAG_LENGTH(alg);
+ "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32);
+ length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg);
}
} else if (PSA_ALG_IS_KEY_AGREEMENT(alg) &&
!PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) {
@@ -205,103 +214,15 @@
}\
'''
-class MacroCollector:
- """Collect PSA crypto macro definitions from C header files.
+class CaseBuilder(macro_collector.PSAMacroCollector):
+ """Collect PSA crypto macro definitions and write value recognition functions.
1. Call `read_file` on the input header file(s).
2. Call `write_file` to write ``psa_constant_names_generated.c``.
"""
def __init__(self):
- self.statuses = set()
- self.key_types = set()
- self.key_types_from_curve = {}
- self.key_types_from_group = {}
- self.ecc_curves = set()
- self.dh_groups = set()
- self.algorithms = set()
- self.hash_algorithms = set()
- self.ka_algorithms = set()
- self.algorithms_from_hash = {}
- self.key_usages = set()
-
- # "#define" followed by a macro name with either no parameters
- # or a single parameter and a non-empty expansion.
- # Grab the macro name in group 1, the parameter name if any in group 2
- # and the expansion in group 3.
- _define_directive_re = re.compile(r'\s*#\s*define\s+(\w+)' +
- r'(?:\s+|\((\w+)\)\s*)' +
- r'(.+)')
- _deprecated_definition_re = re.compile(r'\s*MBEDTLS_DEPRECATED')
-
- def read_line(self, line):
- """Parse a C header line and record the PSA identifier it defines if any.
- This function analyzes lines that start with "#define PSA_"
- (up to non-significant whitespace) and skips all non-matching lines.
- """
- # pylint: disable=too-many-branches
- m = re.match(self._define_directive_re, line)
- if not m:
- return
- name, parameter, expansion = m.groups()
- expansion = re.sub(r'/\*.*?\*/|//.*', r' ', expansion)
- if re.match(self._deprecated_definition_re, expansion):
- # Skip deprecated values, which are assumed to be
- # backward compatibility aliases that share
- # numerical values with non-deprecated values.
- return
- if name.endswith('_FLAG') or name.endswith('MASK'):
- # Macro only to build actual values
- return
- elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \
- and not parameter:
- self.statuses.add(name)
- elif name.startswith('PSA_KEY_TYPE_') and not parameter:
- self.key_types.add(name)
- elif name.startswith('PSA_KEY_TYPE_') and parameter == 'curve':
- self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:]
- elif name.startswith('PSA_KEY_TYPE_') and parameter == 'group':
- self.key_types_from_group[name] = name[:13] + 'IS_' + name[13:]
- elif name.startswith('PSA_ECC_FAMILY_') and not parameter:
- self.ecc_curves.add(name)
- elif name.startswith('PSA_DH_FAMILY_') and not parameter:
- self.dh_groups.add(name)
- elif name.startswith('PSA_ALG_') and not parameter:
- if name in ['PSA_ALG_ECDSA_BASE',
- 'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']:
- # Ad hoc skipping of duplicate names for some numerical values
- return
- self.algorithms.add(name)
- # Ad hoc detection of hash algorithms
- if re.search(r'0x010000[0-9A-Fa-f]{2}', expansion):
- self.hash_algorithms.add(name)
- # Ad hoc detection of key agreement algorithms
- if re.search(r'0x30[0-9A-Fa-f]{2}0000', expansion):
- self.ka_algorithms.add(name)
- elif name.startswith('PSA_ALG_') and parameter == 'hash_alg':
- if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']:
- # A naming irregularity
- tester = name[:8] + 'IS_RANDOMIZED_' + name[8:]
- else:
- tester = name[:8] + 'IS_' + name[8:]
- self.algorithms_from_hash[name] = tester
- elif name.startswith('PSA_KEY_USAGE_') and not parameter:
- self.key_usages.add(name)
- else:
- # Other macro without parameter
- return
-
- _nonascii_re = re.compile(rb'[^\x00-\x7f]+')
- _continued_line_re = re.compile(rb'\\\r?\n\Z')
- def read_file(self, header_file):
- for line in header_file:
- m = re.search(self._continued_line_re, line)
- while m:
- cont = next(header_file)
- line = line[:m.start(0)] + cont
- m = re.search(self._continued_line_re, line)
- line = re.sub(self._nonascii_re, rb'', line).decode('ascii')
- self.read_line(line)
+ super().__init__(include_intermediate=True)
@staticmethod
def _make_return_case(name):
@@ -383,7 +304,7 @@
def _make_key_usage_code(self):
return '\n'.join([self._make_bit_test('usage', bit)
- for bit in sorted(self.key_usages)])
+ for bit in sorted(self.key_usage_flags)])
def write_file(self, output_file):
"""Generate the pretty-printer function code from the gathered
@@ -404,7 +325,7 @@
output_file.write(OUTPUT_TEMPLATE % data)
def generate_psa_constants(header_file_names, output_file_name):
- collector = MacroCollector()
+ collector = CaseBuilder()
for header_file_name in header_file_names:
with open(header_file_name, 'rb') as header_file:
collector.read_file(header_file)
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index 6c2b5e4..d11041c 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -40,6 +40,7 @@
my $test_source_dir = 'tests/src';
my $test_header_dir = 'tests/include/test';
my $test_drivers_header_dir = 'tests/include/test/drivers';
+my $test_drivers_source_dir = 'tests/src/drivers';
my @thirdparty_header_dirs = qw(
3rdparty/everest/include/everest
@@ -116,6 +117,7 @@
&& -d $psa_header_dir
&& -d $source_dir
&& -d $test_source_dir
+ && -d $test_drivers_source_dir
&& -d $test_header_dir
&& -d $test_drivers_header_dir
&& -d $programs_dir;
@@ -161,6 +163,9 @@
$appname eq "query_compile_time_config" ) {
$srcs .= "\r\n <ClCompile Include=\"..\\..\\programs\\test\\query_config.c\" \/>";
}
+ if( $appname eq "ssl_client2" or $appname eq "ssl_server2" ) {
+ $srcs .= "\r\n <ClCompile Include=\"..\\..\\programs\\ssl\\ssl_test_lib.c\" \/>";
+ }
my $content = $template;
$content =~ s/<SOURCES>/$srcs/g;
@@ -272,6 +277,7 @@
my @source_dirs = (
$source_dir,
$test_source_dir,
+ $test_drivers_source_dir,
@thirdparty_source_dirs,
);
my @sources = (map { <$_/*.c> } @source_dirs);
diff --git a/scripts/mbedtls_dev/asymmetric_key_data.py b/scripts/mbedtls_dev/asymmetric_key_data.py
new file mode 100644
index 0000000..6fd6223
--- /dev/null
+++ b/scripts/mbedtls_dev/asymmetric_key_data.py
@@ -0,0 +1,166 @@
+"""Sample key material for asymmetric key types.
+
+Meant for use in crypto_knowledge.py.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import binascii
+import re
+from typing import Dict
+
+STR_TRANS_REMOVE_BLANKS = str.maketrans('', '', ' \t\n\r')
+
+def unhexlify(text: str) -> bytes:
+ return binascii.unhexlify(text.translate(STR_TRANS_REMOVE_BLANKS))
+
+def construct_asymmetric_key_data(src) -> Dict[str, Dict[int, bytes]]:
+ """Split key pairs into separate table entries and convert hex to bytes.
+
+ Input format: src[abbreviated_type][size] = (private_key_hex, public_key_hex)
+ Output format: dst['PSA_KEY_TYPE_xxx'][size] = key_bytes
+ """
+ dst = {} #type: Dict[str, Dict[int, bytes]]
+ for typ in src:
+ private = 'PSA_KEY_TYPE_' + re.sub(r'(\(|\Z)', r'_KEY_PAIR\1', typ, 1)
+ public = 'PSA_KEY_TYPE_' + re.sub(r'(\(|\Z)', r'_PUBLIC_KEY\1', typ, 1)
+ dst[private] = {}
+ dst[public] = {}
+ for size in src[typ]:
+ dst[private][size] = unhexlify(src[typ][size][0])
+ dst[public][size] = unhexlify(src[typ][size][1])
+ return dst
+
+## These are valid keys that don't try to exercise any edge cases. They're
+## either test vectors from some specification, or randomly generated. All
+## pairs consist of a private key and its public key.
+#pylint: disable=line-too-long
+ASYMMETRIC_KEY_DATA = construct_asymmetric_key_data({
+ 'ECC(PSA_ECC_FAMILY_SECP_K1)': {
+ 192: ("297ac1722ccac7589ecb240dc719842538ca974beb79f228",
+ "0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"),
+ 224: ("0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8",
+ "042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"),
+ 256: ("7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9",
+ "045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"),
+ },
+ 'ECC(PSA_ECC_FAMILY_SECP_R1)': {
+ 225: ("872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995",
+ "046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"),
+ 256: ("49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee",
+ "047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"),
+ 384: ("3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a",
+ "04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"),
+ 521: ("01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae",
+ "04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"),
+ },
+ 'ECC(PSA_ECC_FAMILY_SECP_R2)': {
+ 160: ("00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e",
+ "049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"),
+ },
+ 'ECC(PSA_ECC_FAMILY_SECT_K1)': {
+ 163: ("03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71",
+ "0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"),
+ 233: ("41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8",
+ "0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"),
+ 239: ("1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61",
+ "04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"),
+ 283: ("006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0",
+ "0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"),
+ 409: ("3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8",
+ "04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"),
+ 571: ("005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51",
+ "04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"),
+ },
+ 'ECC(PSA_ECC_FAMILY_SECT_R1)': {
+ 163: ("009b05dc82d46d64a04a22e6e5ca70ca1231e68c50",
+ "0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"),
+ 233: ("00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f",
+ "0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"),
+ 283: ("004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad",
+ "04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"),
+ 409: ("00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64",
+ "0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"),
+ 571: ("026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1",
+ "040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"),
+ },
+ 'ECC(PSA_ECC_FAMILY_SECT_R2)': {
+ 163: ("0210b482a458b4822d0cb21daa96819a67c8062d34",
+ "0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"),
+ },
+ 'ECC(PSA_ECC_FAMILY_BRAINPOOL_P_R1)': {
+ 160: ("69502c4fdaf48d4fa617bdd24498b0406d0eeaac",
+ "04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"),
+ 192: ("1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f",
+ "043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"),
+ 224: ("a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c",
+ "045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"),
+ 256: ("2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff",
+ "04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"),
+ 320: ("61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead",
+ "049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"),
+ 384: ("3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb",
+ "04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"),
+ 512: ("372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2",
+ "0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"),
+ },
+ 'ECC(PSA_ECC_FAMILY_MONTGOMERY)': {
+ 255: ("70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a",
+ "8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"),
+ 448: ("e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1",
+ "c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e"),
+ },
+ 'ECC(PSA_ECC_FAMILY_TWISTED_EDWARDS)': {
+ 255: ("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60",
+ "d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"),
+ 448: ("6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b",
+ "5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"),
+ },
+ 'RSA': {
+ 1024: ("""
+3082025e
+ 020100
+ 02818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3
+ 0203010001
+ 02818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1
+ 024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113
+ 024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091
+ 024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d
+ 024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1
+ 024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24
+""", """
+ 308189
+ 02818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3
+ 0203010001
+"""),
+ 1536: ("""
+3082037b
+ 020100
+ 0281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc35
+ 0203010001
+ 0281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1
+ 026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9
+ 026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd
+ 026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b1
+ 0260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751
+ 026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf
+""", """
+3081c9
+ 0281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc35
+ 0203010001
+"""),
+ },
+})
diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py
new file mode 100644
index 0000000..5c587a1
--- /dev/null
+++ b/scripts/mbedtls_dev/c_build_helper.py
@@ -0,0 +1,138 @@
+"""Generate and run C code.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import platform
+import subprocess
+import sys
+import tempfile
+
+def remove_file_if_exists(filename):
+ """Remove the specified file, ignoring errors."""
+ if not filename:
+ return
+ try:
+ os.remove(filename)
+ except OSError:
+ pass
+
+def create_c_file(file_label):
+ """Create a temporary C file.
+
+ * ``file_label``: a string that will be included in the file name.
+
+ Return ```(c_file, c_name, exe_name)``` where ``c_file`` is a Python
+ stream open for writing to the file, ``c_name`` is the name of the file
+ and ``exe_name`` is the name of the executable that will be produced
+ by compiling the file.
+ """
+ c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(file_label),
+ suffix='.c')
+ exe_suffix = '.exe' if platform.system() == 'Windows' else ''
+ exe_name = c_name[:-2] + exe_suffix
+ remove_file_if_exists(exe_name)
+ c_file = os.fdopen(c_fd, 'w', encoding='ascii')
+ return c_file, c_name, exe_name
+
+def generate_c_printf_expressions(c_file, cast_to, printf_format, expressions):
+ """Generate C instructions to print the value of ``expressions``.
+
+ Write the code with ``c_file``'s ``write`` method.
+
+ Each expression is cast to the type ``cast_to`` and printed with the
+ printf format ``printf_format``.
+ """
+ for expr in expressions:
+ c_file.write(' printf("{}\\n", ({}) {});\n'
+ .format(printf_format, cast_to, expr))
+
+def generate_c_file(c_file,
+ caller, header,
+ main_generator):
+ """Generate a temporary C source file.
+
+ * ``c_file`` is an open stream on the C source file.
+ * ``caller``: an informational string written in a comment at the top
+ of the file.
+ * ``header``: extra code to insert before any function in the generated
+ C file.
+ * ``main_generator``: a function called with ``c_file`` as its sole argument
+ to generate the body of the ``main()`` function.
+ """
+ c_file.write('/* Generated by {} */'
+ .format(caller))
+ c_file.write('''
+#include <stdio.h>
+''')
+ c_file.write(header)
+ c_file.write('''
+int main(void)
+{
+''')
+ main_generator(c_file)
+ c_file.write(''' return 0;
+}
+''')
+
+def get_c_expression_values(
+ cast_to, printf_format,
+ expressions,
+ caller=__name__, file_label='',
+ header='', include_path=None,
+ keep_c=False,
+): # pylint: disable=too-many-arguments
+ """Generate and run a program to print out numerical values for expressions.
+
+ * ``cast_to``: a C type.
+ * ``printf_format``: a printf format suitable for the type ``cast_to``.
+ * ``header``: extra code to insert before any function in the generated
+ C file.
+ * ``expressions``: a list of C language expressions that have the type
+ ``cast_to``.
+ * ``include_path``: a list of directories containing header files.
+ * ``keep_c``: if true, keep the temporary C file (presumably for debugging
+ purposes).
+
+ Return the list of values of the ``expressions``.
+ """
+ if include_path is None:
+ include_path = []
+ c_name = None
+ exe_name = None
+ try:
+ c_file, c_name, exe_name = create_c_file(file_label)
+ generate_c_file(
+ c_file, caller, header,
+ lambda c_file: generate_c_printf_expressions(c_file,
+ cast_to, printf_format,
+ expressions)
+ )
+ c_file.close()
+ cc = os.getenv('CC', 'cc')
+ subprocess.check_call([cc] +
+ ['-I' + dir for dir in include_path] +
+ ['-o', exe_name, c_name])
+ if keep_c:
+ sys.stderr.write('List of {} tests kept at {}\n'
+ .format(caller, c_name))
+ else:
+ os.remove(c_name)
+ output = subprocess.check_output([exe_name])
+ return output.decode('ascii').strip().split('\n')
+ finally:
+ remove_file_if_exists(exe_name)
diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py
new file mode 100644
index 0000000..7214adb
--- /dev/null
+++ b/scripts/mbedtls_dev/crypto_knowledge.py
@@ -0,0 +1,153 @@
+"""Knowledge about cryptographic mechanisms implemented in Mbed TLS.
+
+This module is entirely based on the PSA API.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import re
+from typing import Dict, Iterable, Optional, Pattern, Tuple
+
+from mbedtls_dev.asymmetric_key_data import ASYMMETRIC_KEY_DATA
+
+class KeyType:
+ """Knowledge about a PSA key type."""
+
+ def __init__(self, name: str, params: Optional[Iterable[str]] = None):
+ """Analyze a key type.
+
+ The key type must be specified in PSA syntax. In its simplest form,
+ `name` is a string 'PSA_KEY_TYPE_xxx' which is the name of a PSA key
+ type macro. For key types that take arguments, the arguments can
+ be passed either through the optional argument `params` or by
+ passing an expression of the form 'PSA_KEY_TYPE_xxx(param1, ...)'
+ in `name` as a string.
+ """
+
+ self.name = name.strip()
+ """The key type macro name (``PSA_KEY_TYPE_xxx``).
+
+ For key types constructed from a macro with arguments, this is the
+ name of the macro, and the arguments are in `self.params`.
+ """
+ if params is None:
+ if '(' in self.name:
+ m = re.match(r'(\w+)\s*\((.*)\)\Z', self.name)
+ assert m is not None
+ self.name = m.group(1)
+ params = m.group(2).split(',')
+ self.params = (None if params is None else
+ [param.strip() for param in params])
+ """The parameters of the key type, if there are any.
+
+ None if the key type is a macro without arguments.
+ """
+ assert re.match(r'PSA_KEY_TYPE_\w+\Z', self.name)
+
+ self.expression = self.name
+ """A C expression whose value is the key type encoding."""
+ if self.params is not None:
+ self.expression += '(' + ', '.join(self.params) + ')'
+
+ self.private_type = re.sub(r'_PUBLIC_KEY\Z', r'_KEY_PAIR', self.name)
+ """The key type macro name for the corresponding key pair type.
+
+ For everything other than a public key type, this is the same as
+ `self.name`.
+ """
+
+ ECC_KEY_SIZES = {
+ 'PSA_ECC_FAMILY_SECP_K1': (192, 224, 256),
+ 'PSA_ECC_FAMILY_SECP_R1': (225, 256, 384, 521),
+ 'PSA_ECC_FAMILY_SECP_R2': (160,),
+ 'PSA_ECC_FAMILY_SECT_K1': (163, 233, 239, 283, 409, 571),
+ 'PSA_ECC_FAMILY_SECT_R1': (163, 233, 283, 409, 571),
+ 'PSA_ECC_FAMILY_SECT_R2': (163,),
+ 'PSA_ECC_FAMILY_BRAINPOOL_P_R1': (160, 192, 224, 256, 320, 384, 512),
+ 'PSA_ECC_FAMILY_MONTGOMERY': (255, 448),
+ 'PSA_ECC_FAMILY_TWISTED_EDWARDS': (255, 448),
+ }
+ KEY_TYPE_SIZES = {
+ 'PSA_KEY_TYPE_AES': (128, 192, 256), # exhaustive
+ 'PSA_KEY_TYPE_ARC4': (8, 128, 2048), # extremes + sensible
+ 'PSA_KEY_TYPE_ARIA': (128, 192, 256), # exhaustive
+ 'PSA_KEY_TYPE_CAMELLIA': (128, 192, 256), # exhaustive
+ 'PSA_KEY_TYPE_CHACHA20': (256,), # exhaustive
+ 'PSA_KEY_TYPE_DERIVE': (120, 128), # sample
+ 'PSA_KEY_TYPE_DES': (64, 128, 192), # exhaustive
+ 'PSA_KEY_TYPE_HMAC': (128, 160, 224, 256, 384, 512), # standard size for each supported hash
+ 'PSA_KEY_TYPE_RAW_DATA': (8, 40, 128), # sample
+ 'PSA_KEY_TYPE_RSA_KEY_PAIR': (1024, 1536), # small sample
+ }
+ def sizes_to_test(self) -> Tuple[int, ...]:
+ """Return a tuple of key sizes to test.
+
+ For key types that only allow a single size, or only a small set of
+ sizes, these are all the possible sizes. For key types that allow a
+ wide range of sizes, these are a representative sample of sizes,
+ excluding large sizes for which a typical resource-constrained platform
+ may run out of memory.
+ """
+ if self.private_type == 'PSA_KEY_TYPE_ECC_KEY_PAIR':
+ assert self.params is not None
+ return self.ECC_KEY_SIZES[self.params[0]]
+ return self.KEY_TYPE_SIZES[self.private_type]
+
+ # "48657265006973206b6579a064617461"
+ DATA_BLOCK = b'Here\000is key\240data'
+ def key_material(self, bits: int) -> bytes:
+ """Return a byte string containing suitable key material with the given bit length.
+
+ Use the PSA export representation. The resulting byte string is one that
+ can be obtained with the following code:
+ ```
+ psa_set_key_type(&attributes, `self.expression`);
+ psa_set_key_bits(&attributes, `bits`);
+ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+ psa_generate_key(&attributes, &id);
+ psa_export_key(id, `material`, ...);
+ ```
+ """
+ if self.expression in ASYMMETRIC_KEY_DATA:
+ if bits not in ASYMMETRIC_KEY_DATA[self.expression]:
+ raise ValueError('No key data for {}-bit {}'
+ .format(bits, self.expression))
+ return ASYMMETRIC_KEY_DATA[self.expression][bits]
+ if bits % 8 != 0:
+ raise ValueError('Non-integer number of bytes: {} bits for {}'
+ .format(bits, self.expression))
+ length = bits // 8
+ if self.name == 'PSA_KEY_TYPE_DES':
+ # "644573206b457901644573206b457902644573206b457904"
+ des3 = b'dEs kEy\001dEs kEy\002dEs kEy\004'
+ return des3[:length]
+ return b''.join([self.DATA_BLOCK] * (length // len(self.DATA_BLOCK)) +
+ [self.DATA_BLOCK[:length % len(self.DATA_BLOCK)]])
+
+ KEY_TYPE_FOR_SIGNATURE = {
+ 'PSA_KEY_USAGE_SIGN_HASH': re.compile('.*KEY_PAIR'),
+ 'PSA_KEY_USAGE_VERIFY_HASH': re.compile('.*KEY.*')
+ } #type: Dict[str, Pattern]
+ """Use a regexp to determine key types for which signature is possible
+ when using the actual usage flag.
+ """
+ def is_valid_for_signature(self, usage: str) -> bool:
+ """Determine if the key type is compatible with the specified
+ signitute type.
+
+ """
+ # This is just temporaly solution for the implicit usage flags.
+ return re.match(self.KEY_TYPE_FOR_SIGNATURE[usage], self.name) is not None
diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py
new file mode 100644
index 0000000..f8d6155
--- /dev/null
+++ b/scripts/mbedtls_dev/macro_collector.py
@@ -0,0 +1,512 @@
+"""Collect macro definitions from header files.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import itertools
+import re
+from typing import Dict, Iterable, Iterator, List, Optional, Pattern, Set, Tuple, Union
+
+
+class ReadFileLineException(Exception):
+ def __init__(self, filename: str, line_number: Union[int, str]) -> None:
+ message = 'in {} at {}'.format(filename, line_number)
+ super(ReadFileLineException, self).__init__(message)
+ self.filename = filename
+ self.line_number = line_number
+
+
+class read_file_lines:
+ # Dear Pylint, conventionally, a context manager class name is lowercase.
+ # pylint: disable=invalid-name,too-few-public-methods
+ """Context manager to read a text file line by line.
+
+ ```
+ with read_file_lines(filename) as lines:
+ for line in lines:
+ process(line)
+ ```
+ is equivalent to
+ ```
+ with open(filename, 'r') as input_file:
+ for line in input_file:
+ process(line)
+ ```
+ except that if process(line) raises an exception, then the read_file_lines
+ snippet annotates the exception with the file name and line number.
+ """
+ def __init__(self, filename: str, binary: bool = False) -> None:
+ self.filename = filename
+ self.line_number = 'entry' #type: Union[int, str]
+ self.generator = None #type: Optional[Iterable[Tuple[int, str]]]
+ self.binary = binary
+ def __enter__(self) -> 'read_file_lines':
+ self.generator = enumerate(open(self.filename,
+ 'rb' if self.binary else 'r'))
+ return self
+ def __iter__(self) -> Iterator[str]:
+ assert self.generator is not None
+ for line_number, content in self.generator:
+ self.line_number = line_number
+ yield content
+ self.line_number = 'exit'
+ def __exit__(self, exc_type, exc_value, exc_traceback) -> None:
+ if exc_type is not None:
+ raise ReadFileLineException(self.filename, self.line_number) \
+ from exc_value
+
+
+class PSAMacroEnumerator:
+ """Information about constructors of various PSA Crypto types.
+
+ This includes macro names as well as information about their arguments
+ when applicable.
+
+ This class only provides ways to enumerate expressions that evaluate to
+ values of the covered types. Derived classes are expected to populate
+ the set of known constructors of each kind, as well as populate
+ `self.arguments_for` for arguments that are not of a kind that is
+ enumerated here.
+ """
+ #pylint: disable=too-many-instance-attributes
+
+ def __init__(self) -> None:
+ """Set up an empty set of known constructor macros.
+ """
+ self.statuses = set() #type: Set[str]
+ self.lifetimes = set() #type: Set[str]
+ self.locations = set() #type: Set[str]
+ self.persistence_levels = set() #type: Set[str]
+ self.algorithms = set() #type: Set[str]
+ self.ecc_curves = set() #type: Set[str]
+ self.dh_groups = set() #type: Set[str]
+ self.key_types = set() #type: Set[str]
+ self.key_usage_flags = set() #type: Set[str]
+ self.hash_algorithms = set() #type: Set[str]
+ self.mac_algorithms = set() #type: Set[str]
+ self.ka_algorithms = set() #type: Set[str]
+ self.kdf_algorithms = set() #type: Set[str]
+ self.aead_algorithms = set() #type: Set[str]
+ self.sign_algorithms = set() #type: Set[str]
+ # macro name -> list of argument names
+ self.argspecs = {} #type: Dict[str, List[str]]
+ # argument name -> list of values
+ self.arguments_for = {
+ 'mac_length': [],
+ 'min_mac_length': [],
+ 'tag_length': [],
+ 'min_tag_length': [],
+ } #type: Dict[str, List[str]]
+ # Whether to include intermediate macros in enumerations. Intermediate
+ # macros serve as category headers and are not valid values of their
+ # type. See `is_internal_name`.
+ # Always false in this class, may be set to true in derived classes.
+ self.include_intermediate = False
+
+ def is_internal_name(self, name: str) -> bool:
+ """Whether this is an internal macro. Internal macros will be skipped."""
+ if not self.include_intermediate:
+ if name.endswith('_BASE') or name.endswith('_NONE'):
+ return True
+ if '_CATEGORY_' in name:
+ return True
+ return name.endswith('_FLAG') or name.endswith('_MASK')
+
+ def gather_arguments(self) -> None:
+ """Populate the list of values for macro arguments.
+
+ Call this after parsing all the inputs.
+ """
+ self.arguments_for['hash_alg'] = sorted(self.hash_algorithms)
+ self.arguments_for['mac_alg'] = sorted(self.mac_algorithms)
+ self.arguments_for['ka_alg'] = sorted(self.ka_algorithms)
+ self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms)
+ self.arguments_for['aead_alg'] = sorted(self.aead_algorithms)
+ self.arguments_for['sign_alg'] = sorted(self.sign_algorithms)
+ self.arguments_for['curve'] = sorted(self.ecc_curves)
+ self.arguments_for['group'] = sorted(self.dh_groups)
+ self.arguments_for['persistence'] = sorted(self.persistence_levels)
+ self.arguments_for['location'] = sorted(self.locations)
+ self.arguments_for['lifetime'] = sorted(self.lifetimes)
+
+ @staticmethod
+ def _format_arguments(name: str, arguments: Iterable[str]) -> str:
+ """Format a macro call with arguments.
+
+ The resulting format is consistent with
+ `InputsForTest.normalize_argument`.
+ """
+ return name + '(' + ', '.join(arguments) + ')'
+
+ _argument_split_re = re.compile(r' *, *')
+ @classmethod
+ def _argument_split(cls, arguments: str) -> List[str]:
+ return re.split(cls._argument_split_re, arguments)
+
+ def distribute_arguments(self, name: str) -> Iterator[str]:
+ """Generate macro calls with each tested argument set.
+
+ If name is a macro without arguments, just yield "name".
+ If name is a macro with arguments, yield a series of
+ "name(arg1,...,argN)" where each argument takes each possible
+ value at least once.
+ """
+ try:
+ if name not in self.argspecs:
+ yield name
+ return
+ argspec = self.argspecs[name]
+ if argspec == []:
+ yield name + '()'
+ return
+ argument_lists = [self.arguments_for[arg] for arg in argspec]
+ arguments = [values[0] for values in argument_lists]
+ yield self._format_arguments(name, arguments)
+ # Dear Pylint, enumerate won't work here since we're modifying
+ # the array.
+ # pylint: disable=consider-using-enumerate
+ for i in range(len(arguments)):
+ for value in argument_lists[i][1:]:
+ arguments[i] = value
+ yield self._format_arguments(name, arguments)
+ arguments[i] = argument_lists[0][0]
+ except BaseException as e:
+ raise Exception('distribute_arguments({})'.format(name)) from e
+
+ def distribute_arguments_without_duplicates(
+ self, seen: Set[str], name: str
+ ) -> Iterator[str]:
+ """Same as `distribute_arguments`, but don't repeat seen results."""
+ for result in self.distribute_arguments(name):
+ if result not in seen:
+ seen.add(result)
+ yield result
+
+ def generate_expressions(self, names: Iterable[str]) -> Iterator[str]:
+ """Generate expressions covering values constructed from the given names.
+
+ `names` can be any iterable collection of macro names.
+
+ For example:
+ * ``generate_expressions(['PSA_ALG_CMAC', 'PSA_ALG_HMAC'])``
+ generates ``'PSA_ALG_CMAC'`` as well as ``'PSA_ALG_HMAC(h)'`` for
+ every known hash algorithm ``h``.
+ * ``macros.generate_expressions(macros.key_types)`` generates all
+ key types.
+ """
+ seen = set() #type: Set[str]
+ return itertools.chain(*(
+ self.distribute_arguments_without_duplicates(seen, name)
+ for name in names
+ ))
+
+
+class PSAMacroCollector(PSAMacroEnumerator):
+ """Collect PSA crypto macro definitions from C header files.
+ """
+
+ def __init__(self, include_intermediate: bool = False) -> None:
+ """Set up an object to collect PSA macro definitions.
+
+ Call the read_file method of the constructed object on each header file.
+
+ * include_intermediate: if true, include intermediate macros such as
+ PSA_XXX_BASE that do not designate semantic values.
+ """
+ super().__init__()
+ self.include_intermediate = include_intermediate
+ self.key_types_from_curve = {} #type: Dict[str, str]
+ self.key_types_from_group = {} #type: Dict[str, str]
+ self.algorithms_from_hash = {} #type: Dict[str, str]
+
+ def record_algorithm_subtype(self, name: str, expansion: str) -> None:
+ """Record the subtype of an algorithm constructor.
+
+ Given a ``PSA_ALG_xxx`` macro name and its expansion, if the algorithm
+ is of a subtype that is tracked in its own set, add it to the relevant
+ set.
+ """
+ # This code is very ad hoc and fragile. It should be replaced by
+ # something more robust.
+ if re.match(r'MAC(?:_|\Z)', name):
+ self.mac_algorithms.add(name)
+ elif re.match(r'KDF(?:_|\Z)', name):
+ self.kdf_algorithms.add(name)
+ elif re.search(r'0x020000[0-9A-Fa-f]{2}', expansion):
+ self.hash_algorithms.add(name)
+ elif re.search(r'0x03[0-9A-Fa-f]{6}', expansion):
+ self.mac_algorithms.add(name)
+ elif re.search(r'0x05[0-9A-Fa-f]{6}', expansion):
+ self.aead_algorithms.add(name)
+ elif re.search(r'0x09[0-9A-Fa-f]{2}0000', expansion):
+ self.ka_algorithms.add(name)
+ elif re.search(r'0x08[0-9A-Fa-f]{6}', expansion):
+ self.kdf_algorithms.add(name)
+
+ # "#define" followed by a macro name with either no parameters
+ # or a single parameter and a non-empty expansion.
+ # Grab the macro name in group 1, the parameter name if any in group 2
+ # and the expansion in group 3.
+ _define_directive_re = re.compile(r'\s*#\s*define\s+(\w+)' +
+ r'(?:\s+|\((\w+)\)\s*)' +
+ r'(.+)')
+ _deprecated_definition_re = re.compile(r'\s*MBEDTLS_DEPRECATED')
+
+ def read_line(self, line):
+ """Parse a C header line and record the PSA identifier it defines if any.
+ This function analyzes lines that start with "#define PSA_"
+ (up to non-significant whitespace) and skips all non-matching lines.
+ """
+ # pylint: disable=too-many-branches
+ m = re.match(self._define_directive_re, line)
+ if not m:
+ return
+ name, parameter, expansion = m.groups()
+ expansion = re.sub(r'/\*.*?\*/|//.*', r' ', expansion)
+ if parameter:
+ self.argspecs[name] = [parameter]
+ if re.match(self._deprecated_definition_re, expansion):
+ # Skip deprecated values, which are assumed to be
+ # backward compatibility aliases that share
+ # numerical values with non-deprecated values.
+ return
+ if self.is_internal_name(name):
+ # Macro only to build actual values
+ return
+ elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \
+ and not parameter:
+ self.statuses.add(name)
+ elif name.startswith('PSA_KEY_TYPE_') and not parameter:
+ self.key_types.add(name)
+ elif name.startswith('PSA_KEY_TYPE_') and parameter == 'curve':
+ self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:]
+ elif name.startswith('PSA_KEY_TYPE_') and parameter == 'group':
+ self.key_types_from_group[name] = name[:13] + 'IS_' + name[13:]
+ elif name.startswith('PSA_ECC_FAMILY_') and not parameter:
+ self.ecc_curves.add(name)
+ elif name.startswith('PSA_DH_FAMILY_') and not parameter:
+ self.dh_groups.add(name)
+ elif name.startswith('PSA_ALG_') and not parameter:
+ if name in ['PSA_ALG_ECDSA_BASE',
+ 'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']:
+ # Ad hoc skipping of duplicate names for some numerical values
+ return
+ self.algorithms.add(name)
+ self.record_algorithm_subtype(name, expansion)
+ elif name.startswith('PSA_ALG_') and parameter == 'hash_alg':
+ if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']:
+ # A naming irregularity
+ tester = name[:8] + 'IS_RANDOMIZED_' + name[8:]
+ else:
+ tester = name[:8] + 'IS_' + name[8:]
+ self.algorithms_from_hash[name] = tester
+ elif name.startswith('PSA_KEY_USAGE_') and not parameter:
+ self.key_usage_flags.add(name)
+ else:
+ # Other macro without parameter
+ return
+
+ _nonascii_re = re.compile(rb'[^\x00-\x7f]+')
+ _continued_line_re = re.compile(rb'\\\r?\n\Z')
+ def read_file(self, header_file):
+ for line in header_file:
+ m = re.search(self._continued_line_re, line)
+ while m:
+ cont = next(header_file)
+ line = line[:m.start(0)] + cont
+ m = re.search(self._continued_line_re, line)
+ line = re.sub(self._nonascii_re, rb'', line).decode('ascii')
+ self.read_line(line)
+
+
+class InputsForTest(PSAMacroEnumerator):
+ # pylint: disable=too-many-instance-attributes
+ """Accumulate information about macros to test.
+enumerate
+ This includes macro names as well as information about their arguments
+ when applicable.
+ """
+
+ def __init__(self) -> None:
+ super().__init__()
+ self.all_declared = set() #type: Set[str]
+ # Identifier prefixes
+ self.table_by_prefix = {
+ 'ERROR': self.statuses,
+ 'ALG': self.algorithms,
+ 'ECC_CURVE': self.ecc_curves,
+ 'DH_GROUP': self.dh_groups,
+ 'KEY_LIFETIME': self.lifetimes,
+ 'KEY_LOCATION': self.locations,
+ 'KEY_PERSISTENCE': self.persistence_levels,
+ 'KEY_TYPE': self.key_types,
+ 'KEY_USAGE': self.key_usage_flags,
+ } #type: Dict[str, Set[str]]
+ # Test functions
+ self.table_by_test_function = {
+ # Any function ending in _algorithm also gets added to
+ # self.algorithms.
+ 'key_type': [self.key_types],
+ 'block_cipher_key_type': [self.key_types],
+ 'stream_cipher_key_type': [self.key_types],
+ 'ecc_key_family': [self.ecc_curves],
+ 'ecc_key_types': [self.ecc_curves],
+ 'dh_key_family': [self.dh_groups],
+ 'dh_key_types': [self.dh_groups],
+ 'hash_algorithm': [self.hash_algorithms],
+ 'mac_algorithm': [self.mac_algorithms],
+ 'cipher_algorithm': [],
+ 'hmac_algorithm': [self.mac_algorithms, self.sign_algorithms],
+ 'aead_algorithm': [self.aead_algorithms],
+ 'key_derivation_algorithm': [self.kdf_algorithms],
+ 'key_agreement_algorithm': [self.ka_algorithms],
+ 'asymmetric_signature_algorithm': [self.sign_algorithms],
+ 'asymmetric_signature_wildcard': [self.algorithms],
+ 'asymmetric_encryption_algorithm': [],
+ 'other_algorithm': [],
+ 'lifetime': [self.lifetimes],
+ } #type: Dict[str, List[Set[str]]]
+ self.arguments_for['mac_length'] += ['1', '63']
+ self.arguments_for['min_mac_length'] += ['1', '63']
+ self.arguments_for['tag_length'] += ['1', '63']
+ self.arguments_for['min_tag_length'] += ['1', '63']
+
+ def add_numerical_values(self) -> None:
+ """Add numerical values that are not supported to the known identifiers."""
+ # Sets of names per type
+ self.algorithms.add('0xffffffff')
+ self.ecc_curves.add('0xff')
+ self.dh_groups.add('0xff')
+ self.key_types.add('0xffff')
+ self.key_usage_flags.add('0x80000000')
+
+ # Hard-coded values for unknown algorithms
+ #
+ # These have to have values that are correct for their respective
+ # PSA_ALG_IS_xxx macros, but are also not currently assigned and are
+ # not likely to be assigned in the near future.
+ self.hash_algorithms.add('0x020000fe') # 0x020000ff is PSA_ALG_ANY_HASH
+ self.mac_algorithms.add('0x03007fff')
+ self.ka_algorithms.add('0x09fc0000')
+ self.kdf_algorithms.add('0x080000ff')
+ # For AEAD algorithms, the only variability is over the tag length,
+ # and this only applies to known algorithms, so don't test an
+ # unknown algorithm.
+
+ def get_names(self, type_word: str) -> Set[str]:
+ """Return the set of known names of values of the given type."""
+ return {
+ 'status': self.statuses,
+ 'algorithm': self.algorithms,
+ 'ecc_curve': self.ecc_curves,
+ 'dh_group': self.dh_groups,
+ 'key_type': self.key_types,
+ 'key_usage': self.key_usage_flags,
+ }[type_word]
+
+ # Regex for interesting header lines.
+ # Groups: 1=macro name, 2=type, 3=argument list (optional).
+ _header_line_re = \
+ re.compile(r'#define +' +
+ r'(PSA_((?:(?:DH|ECC|KEY)_)?[A-Z]+)_\w+)' +
+ r'(?:\(([^\n()]*)\))?')
+ # Regex of macro names to exclude.
+ _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z')
+ # Additional excluded macros.
+ _excluded_names = set([
+ # Macros that provide an alternative way to build the same
+ # algorithm as another macro.
+ 'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG',
+ 'PSA_ALG_FULL_LENGTH_MAC',
+ # Auxiliary macro whose name doesn't fit the usual patterns for
+ # auxiliary macros.
+ 'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE',
+ ])
+ def parse_header_line(self, line: str) -> None:
+ """Parse a C header line, looking for "#define PSA_xxx"."""
+ m = re.match(self._header_line_re, line)
+ if not m:
+ return
+ name = m.group(1)
+ self.all_declared.add(name)
+ if re.search(self._excluded_name_re, name) or \
+ name in self._excluded_names or \
+ self.is_internal_name(name):
+ return
+ dest = self.table_by_prefix.get(m.group(2))
+ if dest is None:
+ return
+ dest.add(name)
+ if m.group(3):
+ self.argspecs[name] = self._argument_split(m.group(3))
+
+ _nonascii_re = re.compile(rb'[^\x00-\x7f]+') #type: Pattern
+ def parse_header(self, filename: str) -> None:
+ """Parse a C header file, looking for "#define PSA_xxx"."""
+ with read_file_lines(filename, binary=True) as lines:
+ for line in lines:
+ line = re.sub(self._nonascii_re, rb'', line).decode('ascii')
+ self.parse_header_line(line)
+
+ _macro_identifier_re = re.compile(r'[A-Z]\w+')
+ def generate_undeclared_names(self, expr: str) -> Iterable[str]:
+ for name in re.findall(self._macro_identifier_re, expr):
+ if name not in self.all_declared:
+ yield name
+
+ def accept_test_case_line(self, function: str, argument: str) -> bool:
+ #pylint: disable=unused-argument
+ undeclared = list(self.generate_undeclared_names(argument))
+ if undeclared:
+ raise Exception('Undeclared names in test case', undeclared)
+ return True
+
+ @staticmethod
+ def normalize_argument(argument: str) -> str:
+ """Normalize whitespace in the given C expression.
+
+ The result uses the same whitespace as
+ ` PSAMacroEnumerator.distribute_arguments`.
+ """
+ return re.sub(r',', r', ', re.sub(r' +', r'', argument))
+
+ def add_test_case_line(self, function: str, argument: str) -> None:
+ """Parse a test case data line, looking for algorithm metadata tests."""
+ sets = []
+ if function.endswith('_algorithm'):
+ sets.append(self.algorithms)
+ if function == 'key_agreement_algorithm' and \
+ argument.startswith('PSA_ALG_KEY_AGREEMENT('):
+ # We only want *raw* key agreement algorithms as such, so
+ # exclude ones that are already chained with a KDF.
+ # Keep the expression as one to test as an algorithm.
+ function = 'other_algorithm'
+ sets += self.table_by_test_function[function]
+ if self.accept_test_case_line(function, argument):
+ for s in sets:
+ s.add(self.normalize_argument(argument))
+
+ # Regex matching a *.data line containing a test function call and
+ # its arguments. The actual definition is partly positional, but this
+ # regex is good enough in practice.
+ _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)')
+ def parse_test_cases(self, filename: str) -> None:
+ """Parse a test case file (*.data), looking for algorithm metadata tests."""
+ with read_file_lines(filename) as lines:
+ for line in lines:
+ m = re.match(self._test_case_line_re, line)
+ if m:
+ self.add_test_case_line(m.group(1), m.group(2))
diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py
new file mode 100644
index 0000000..45f0380
--- /dev/null
+++ b/scripts/mbedtls_dev/psa_storage.py
@@ -0,0 +1,203 @@
+"""Knowledge about the PSA key store as implemented in Mbed TLS.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import re
+import struct
+from typing import Dict, List, Optional, Set, Union
+import unittest
+
+from mbedtls_dev import c_build_helper
+
+
+class Expr:
+ """Representation of a C expression with a known or knowable numerical value."""
+
+ def __init__(self, content: Union[int, str]):
+ if isinstance(content, int):
+ digits = 8 if content > 0xffff else 4
+ self.string = '{0:#0{1}x}'.format(content, digits + 2)
+ self.value_if_known = content #type: Optional[int]
+ else:
+ self.string = content
+ self.unknown_values.add(self.normalize(content))
+ self.value_if_known = None
+
+ value_cache = {} #type: Dict[str, int]
+ """Cache of known values of expressions."""
+
+ unknown_values = set() #type: Set[str]
+ """Expressions whose values are not present in `value_cache` yet."""
+
+ def update_cache(self) -> None:
+ """Update `value_cache` for expressions registered in `unknown_values`."""
+ expressions = sorted(self.unknown_values)
+ values = c_build_helper.get_c_expression_values(
+ 'unsigned long', '%lu',
+ expressions,
+ header="""
+ #include <psa/crypto.h>
+ """,
+ include_path=['include']) #type: List[str]
+ for e, v in zip(expressions, values):
+ self.value_cache[e] = int(v, 0)
+ self.unknown_values.clear()
+
+ @staticmethod
+ def normalize(string: str) -> str:
+ """Put the given C expression in a canonical form.
+
+ This function is only intended to give correct results for the
+ relatively simple kind of C expression typically used with this
+ module.
+ """
+ return re.sub(r'\s+', r'', string)
+
+ def value(self) -> int:
+ """Return the numerical value of the expression."""
+ if self.value_if_known is None:
+ if re.match(r'([0-9]+|0x[0-9a-f]+)\Z', self.string, re.I):
+ return int(self.string, 0)
+ normalized = self.normalize(self.string)
+ if normalized not in self.value_cache:
+ self.update_cache()
+ self.value_if_known = self.value_cache[normalized]
+ return self.value_if_known
+
+Exprable = Union[str, int, Expr]
+"""Something that can be converted to a C expression with a known numerical value."""
+
+def as_expr(thing: Exprable) -> Expr:
+ """Return an `Expr` object for `thing`.
+
+ If `thing` is already an `Expr` object, return it. Otherwise build a new
+ `Expr` object from `thing`. `thing` can be an integer or a string that
+ contains a C expression.
+ """
+ if isinstance(thing, Expr):
+ return thing
+ else:
+ return Expr(thing)
+
+
+class Key:
+ """Representation of a PSA crypto key object and its storage encoding.
+ """
+
+ LATEST_VERSION = 0
+ """The latest version of the storage format."""
+
+ def __init__(self, *,
+ version: Optional[int] = None,
+ id: Optional[int] = None, #pylint: disable=redefined-builtin
+ lifetime: Exprable = 'PSA_KEY_LIFETIME_PERSISTENT',
+ type: Exprable, #pylint: disable=redefined-builtin
+ bits: int,
+ usage: Exprable, alg: Exprable, alg2: Exprable,
+ material: bytes #pylint: disable=used-before-assignment
+ ) -> None:
+ self.version = self.LATEST_VERSION if version is None else version
+ self.id = id #pylint: disable=invalid-name #type: Optional[int]
+ self.lifetime = as_expr(lifetime) #type: Expr
+ self.type = as_expr(type) #type: Expr
+ self.bits = bits #type: int
+ self.usage = as_expr(usage) #type: Expr
+ self.alg = as_expr(alg) #type: Expr
+ self.alg2 = as_expr(alg2) #type: Expr
+ self.material = material #type: bytes
+
+ MAGIC = b'PSA\000KEY\000'
+
+ @staticmethod
+ def pack(
+ fmt: str,
+ *args: Union[int, Expr]
+ ) -> bytes: #pylint: disable=used-before-assignment
+ """Pack the given arguments into a byte string according to the given format.
+
+ This function is similar to `struct.pack`, but with the following differences:
+ * All integer values are encoded with standard sizes and in
+ little-endian representation. `fmt` must not include an endianness
+ prefix.
+ * Arguments can be `Expr` objects instead of integers.
+ * Only integer-valued elements are supported.
+ """
+ return struct.pack('<' + fmt, # little-endian, standard sizes
+ *[arg.value() if isinstance(arg, Expr) else arg
+ for arg in args])
+
+ def bytes(self) -> bytes:
+ """Return the representation of the key in storage as a byte array.
+
+ This is the content of the PSA storage file. When PSA storage is
+ implemented over stdio files, this does not include any wrapping made
+ by the PSA-storage-over-stdio-file implementation.
+ """
+ header = self.MAGIC + self.pack('L', self.version)
+ if self.version == 0:
+ attributes = self.pack('LHHLLL',
+ self.lifetime, self.type, self.bits,
+ self.usage, self.alg, self.alg2)
+ material = self.pack('L', len(self.material)) + self.material
+ else:
+ raise NotImplementedError
+ return header + attributes + material
+
+ def hex(self) -> str:
+ """Return the representation of the key as a hexadecimal string.
+
+ This is the hexadecimal representation of `self.bytes`.
+ """
+ return self.bytes().hex()
+
+ def location_value(self) -> int:
+ """The numerical value of the location encoded in the key's lifetime."""
+ return self.lifetime.value() >> 8
+
+
+class TestKey(unittest.TestCase):
+ # pylint: disable=line-too-long
+ """A few smoke tests for the functionality of the `Key` class."""
+
+ def test_numerical(self):
+ key = Key(version=0,
+ id=1, lifetime=0x00000001,
+ type=0x2400, bits=128,
+ usage=0x00000300, alg=0x05500200, alg2=0x04c01000,
+ material=b'@ABCDEFGHIJKLMNO')
+ expected_hex = '505341004b45590000000000010000000024800000030000000250050010c00410000000404142434445464748494a4b4c4d4e4f'
+ self.assertEqual(key.bytes(), bytes.fromhex(expected_hex))
+ self.assertEqual(key.hex(), expected_hex)
+
+ def test_names(self):
+ length = 0xfff8 // 8 # PSA_MAX_KEY_BITS in bytes
+ key = Key(version=0,
+ id=1, lifetime='PSA_KEY_LIFETIME_PERSISTENT',
+ type='PSA_KEY_TYPE_RAW_DATA', bits=length*8,
+ usage=0, alg=0, alg2=0,
+ material=b'\x00' * length)
+ expected_hex = '505341004b45590000000000010000000110f8ff000000000000000000000000ff1f0000' + '00' * length
+ self.assertEqual(key.bytes(), bytes.fromhex(expected_hex))
+ self.assertEqual(key.hex(), expected_hex)
+
+ def test_defaults(self):
+ key = Key(type=0x1001, bits=8,
+ usage=0, alg=0, alg2=0,
+ material=b'\x2a')
+ expected_hex = '505341004b455900000000000100000001100800000000000000000000000000010000002a'
+ self.assertEqual(key.bytes(), bytes.fromhex(expected_hex))
+ self.assertEqual(key.hex(), expected_hex)
diff --git a/scripts/mbedtls_dev/test_case.py b/scripts/mbedtls_dev/test_case.py
new file mode 100644
index 0000000..d01e143
--- /dev/null
+++ b/scripts/mbedtls_dev/test_case.py
@@ -0,0 +1,102 @@
+"""Library for generating Mbed TLS test data.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import binascii
+import os
+import sys
+from typing import Iterable, List, Optional
+
+from mbedtls_dev import typing_util
+
+def hex_string(data: bytes) -> str:
+ return '"' + binascii.hexlify(data).decode('ascii') + '"'
+
+
+class MissingDescription(Exception):
+ pass
+
+class MissingFunction(Exception):
+ pass
+
+class TestCase:
+ """An Mbed TLS test case."""
+
+ def __init__(self, description: Optional[str] = None):
+ self.comments = [] #type: List[str]
+ self.description = description #type: Optional[str]
+ self.dependencies = [] #type: List[str]
+ self.function = None #type: Optional[str]
+ self.arguments = [] #type: List[str]
+
+ def add_comment(self, *lines: str) -> None:
+ self.comments += lines
+
+ def set_description(self, description: str) -> None:
+ self.description = description
+
+ def set_dependencies(self, dependencies: List[str]) -> None:
+ self.dependencies = dependencies
+
+ def set_function(self, function: str) -> None:
+ self.function = function
+
+ def set_arguments(self, arguments: List[str]) -> None:
+ self.arguments = arguments
+
+ def check_completeness(self) -> None:
+ if self.description is None:
+ raise MissingDescription
+ if self.function is None:
+ raise MissingFunction
+
+ def write(self, out: typing_util.Writable) -> None:
+ """Write the .data file paragraph for this test case.
+
+ The output starts and ends with a single newline character. If the
+ surrounding code writes lines (consisting of non-newline characters
+ and a final newline), you will end up with a blank line before, but
+ not after the test case.
+ """
+ self.check_completeness()
+ assert self.description is not None # guide mypy
+ assert self.function is not None # guide mypy
+ out.write('\n')
+ for line in self.comments:
+ out.write('# ' + line + '\n')
+ out.write(self.description + '\n')
+ if self.dependencies:
+ out.write('depends_on:' + ':'.join(self.dependencies) + '\n')
+ out.write(self.function + ':' + ':'.join(self.arguments) + '\n')
+
+
+
+def write_data_file(filename: str,
+ test_cases: Iterable[TestCase],
+ caller: Optional[str] = None) -> None:
+ """Write the test cases to the specified file.
+
+ If the file already exists, it is overwritten.
+ """
+ if caller is None:
+ caller = os.path.basename(sys.argv[0])
+ with open(filename, 'w') as out:
+ out.write('# Automatically generated by {}. Do not edit!\n'
+ .format(caller))
+ for tc in test_cases:
+ tc.write(out)
+ out.write('\n# End of automatically generated file.\n')
diff --git a/scripts/mbedtls_dev/typing_util.py b/scripts/mbedtls_dev/typing_util.py
new file mode 100644
index 0000000..4c34449
--- /dev/null
+++ b/scripts/mbedtls_dev/typing_util.py
@@ -0,0 +1,39 @@
+"""Auxiliary definitions used in type annotations.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from typing import Any
+
+# The typing_extensions module is necessary for type annotations that are
+# checked with mypy. It is only used for type annotations or to define
+# things that are themselves only used for type annotations. It is not
+# available on a default Python installation. Therefore, try loading
+# what we need from it for the sake of mypy (which depends on, or comes
+# with, typing_extensions), and if not define substitutes that lack the
+# static type information but are good enough at runtime.
+try:
+ from typing_extensions import Protocol #pylint: disable=import-error
+except ImportError:
+ class Protocol: #type: ignore
+ #pylint: disable=too-few-public-methods
+ pass
+
+class Writable(Protocol):
+ """Abstract class for typing hints."""
+ # pylint: disable=no-self-use,too-few-public-methods,unused-argument
+ def write(self, text: str) -> Any:
+ ...
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index f8ce925..75ef44e 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -67,6 +67,10 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-unused-function")
endif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
+if(CMAKE_COMPILER_IS_CLANG)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
+endif(CMAKE_COMPILER_IS_CLANG)
+
if(MSVC)
# If a warning level has been defined, suppress all warnings for test code
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W0")
@@ -130,6 +134,8 @@
add_test_suite(mdx)
add_test_suite(memory_buffer_alloc)
add_test_suite(mpi)
+add_test_suite(mps)
+add_test_suite(net)
add_test_suite(nist_kw)
add_test_suite(oid)
add_test_suite(pem)
@@ -141,15 +147,22 @@
add_test_suite(pkwrite)
add_test_suite(poly1305)
add_test_suite(psa_crypto)
+add_test_suite(psa_crypto_attributes)
add_test_suite(psa_crypto_entropy)
add_test_suite(psa_crypto_hash)
add_test_suite(psa_crypto_init)
add_test_suite(psa_crypto_metadata)
+add_test_suite(psa_crypto_not_supported psa_crypto_not_supported.generated)
+add_test_suite(psa_crypto_not_supported psa_crypto_not_supported.misc)
add_test_suite(psa_crypto_persistent_key)
add_test_suite(psa_crypto_se_driver_hal)
add_test_suite(psa_crypto_se_driver_hal_mocks)
add_test_suite(psa_crypto_slot_management)
+add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.misc)
+add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.current)
+add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.v0)
add_test_suite(psa_its)
+add_test_suite(random)
add_test_suite(rsa)
add_test_suite(shax)
add_test_suite(ssl)
diff --git a/tests/Makefile b/tests/Makefile
index 511db9d..6be6f33 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -3,7 +3,7 @@
# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS
CFLAGS ?= -O2
-WARNING_CFLAGS ?= -Wall -Wextra
+WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
LDFLAGS ?=
# Include public header files from ../include, test-specific header files
@@ -49,13 +49,16 @@
ifdef SHARED
SHARED_SUFFIX=.$(DLEXT)
endif
-PYTHON ?= python
else
DLEXT ?= so
EXEXT=
SHARED_SUFFIX=
-# python2 for POSIX since FreeBSD has only python2 as default.
-PYTHON ?= python2
+endif
+
+ifdef WINDOWS
+PYTHON ?= python
+else
+PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi)
endif
# Zlib shared library extensions:
@@ -84,8 +87,16 @@
mbedtls_test: $(MBEDTLS_TEST_OBJS)
+TEST_OBJS_DEPS = $(wildcard include/test/*.h include/test/*/*.h)
+ifdef RECORD_PSA_STATUS_COVERAGE_LOG
+# Explicitly depend on this header because on a clean copy of the source tree,
+# it doesn't exist yet and must be generated as part of the build, and
+# therefore the wildcard enumeration above doesn't include it.
+TEST_OBJS_DEPS += include/test/instrument_record_status.h
+endif
+
# Rule to compile common test C files in src folder
-src/%.o : src/%.c
+src/%.o : src/%.c $(TEST_OBJS_DEPS)
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
@@ -121,20 +132,15 @@
-o .
-$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(MBEDTLS_TEST_OBJS)
+$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS)
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTLS_TEST_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-# Some test suites require additional header files.
-$(filter test_suite_psa_crypto%, $(BINARIES)): include/test/psa_crypto_helpers.h
-$(addprefix embedded_,$(filter test_suite_psa_crypto%, $(APPS))): embedded_%: TESTS/mbedtls/%/psa_crypto_helpers.h
-$(filter test_suite_psa_%, $(BINARIES)): include/test/psa_helpers.h
-$(addprefix embedded_,$(filter test_suite_psa_%, $(APPS))): embedded_%: TESTS/mbedtls/%/psa_helpers.h
-
clean:
ifndef WINDOWS
rm -rf $(BINARIES) *.c *.datax TESTS
rm -f src/*.o src/drivers/*.o src/libmbed*
+ rm -f include/test/instrument_record_status.h
else
if exist *.c del /Q /F *.c
if exist *.exe del /Q /F *.exe
@@ -142,6 +148,7 @@
if exist src/*.o del /Q /F src/*.o
if exist src/drivers/*.o del /Q /F src/drivers/*.o
if exist src/libmbed* del /Q /F src/libmed*
+ if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h
ifneq ($(wildcard TESTS/.*),)
rmdir /Q /S TESTS
endif
@@ -185,9 +192,10 @@
endef
$(foreach app, $(APPS), $(foreach file, $(notdir $(wildcard include/test/*.h)), \
$(eval $(call copy_header_to_target,$(app),$(file)))))
+$(addprefix embedded_,$(filter test_suite_psa_%, $(APPS))): embedded_%: $(patsubst TESTS/mbedtls/%, include/test/%, $(wildcard include/test/*. include/test/*/*.h))
ifdef RECORD_PSA_STATUS_COVERAGE_LOG
-$(BINARIES): include/test/instrument_record_status.h
include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile
+ echo " Gen $@"
sed <../include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p'
endif
diff --git a/tests/compat.sh b/tests/compat.sh
index 6e0a8f9..29aa686 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -905,10 +905,23 @@
fi
M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
- O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem"
+ O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE"
G_SERVER_ARGS="-p $PORT --http $G_MODE"
G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
+ # The default prime for `openssl s_server` depends on the version:
+ # * OpenSSL <= 1.0.2a: 512-bit
+ # * OpenSSL 1.0.2b to 1.1.1b: 1024-bit
+ # * OpenSSL >= 1.1.1c: 2048-bit
+ # Mbed TLS wants >=1024, so force that for older versions. Don't force
+ # it for newer versions, which reject a 1024-bit prime. Indifferently
+ # force it or not for intermediate versions.
+ case $($OPENSSL_CMD version) in
+ "OpenSSL 1.0"*)
+ O_SERVER_ARGS="$O_SERVER_ARGS -dhparam data_files/dhparams.pem"
+ ;;
+ esac
+
# with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes
if is_dtls "$MODE"; then
O_SERVER_ARGS="$O_SERVER_ARGS"
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index bf2f538..f3cba5a 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -208,7 +208,11 @@
$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
all_final += cli-rsa-sha256.crt.der
- cli-rsa.key.der: $(cli_crt_key_file_rsa)
+cli-rsa-sha256-badalg.crt.der: cli-rsa-sha256.crt.der
+ hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D01010B0500/06092A864886F70D01010B0900/2" | xxd -r -p > $@
+all_final += cli-rsa-sha256-badalg.crt.der
+
+cli-rsa.key.der: $(cli_crt_key_file_rsa)
$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
all_final += cli-rsa.key.der
@@ -1014,6 +1018,14 @@
$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
all_final += server1.v1.crt server1.v1.der
+server1.ca.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+ $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 is_ca=1 version=3 output_file=$@
+server1.ca_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+ $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 is_ca=1 version=3 output_file=$@
+server1.ca.der: server1.ca.crt
+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server1.ca.crt server1.ca_noauthid.crt server1.ca.der
+
server1_ca.crt: server1.crt $(test_ca_crt)
cat server1.crt $(test_ca_crt) > $@
all_final += server1_ca.crt
@@ -1120,6 +1132,16 @@
all_final += cert_md5.crt
################################################################
+#### Diffie-Hellman parameters
+################################################################
+
+dh.998.pem:
+ $(OPENSSL) dhparam -out $@ -text 998
+
+dh.999.pem:
+ $(OPENSSL) dhparam -out $@ -text 999
+
+################################################################
#### Meta targets
################################################################
diff --git a/tests/data_files/cli-rsa-sha256-badalg.crt.der b/tests/data_files/cli-rsa-sha256-badalg.crt.der
new file mode 100644
index 0000000..c40ba2a
--- /dev/null
+++ b/tests/data_files/cli-rsa-sha256-badalg.crt.der
Binary files differ
diff --git a/tests/data_files/dh.998.pem b/tests/data_files/dh.998.pem
new file mode 100644
index 0000000..96d6cf2
--- /dev/null
+++ b/tests/data_files/dh.998.pem
@@ -0,0 +1,17 @@
+ DH Parameters: (998 bit)
+ prime:
+ 39:5f:30:c0:7b:06:b7:6a:49:c6:c0:81:1f:39:77:
+ b3:35:e2:8d:66:fc:6a:6e:94:f3:df:97:f2:89:31:
+ 6c:75:39:08:16:d1:a4:b8:0c:68:c5:63:21:61:eb:
+ 48:2d:77:99:08:1d:67:38:37:0a:cd:cf:39:b6:3c:
+ 9d:8a:e5:85:3c:71:e3:4b:3e:1e:b9:80:e3:cc:7a:
+ fd:84:05:b0:df:36:15:29:4e:3e:23:3b:c3:ae:6b:
+ c7:11:b9:64:43:40:75:c7:4a:ef:a7:2d:00:e2:62:
+ 8f:93:78:96:8f:2c:25:8d:7d:1f:eb:5c:3c:bf:51:
+ de:f8:08:25:db
+ generator: 2 (0x2)
+-----BEGIN DH PARAMETERS-----
+MIGCAn05XzDAewa3aknGwIEfOXezNeKNZvxqbpTz35fyiTFsdTkIFtGkuAxoxWMh
+YetILXeZCB1nODcKzc85tjydiuWFPHHjSz4euYDjzHr9hAWw3zYVKU4+IzvDrmvH
+EblkQ0B1x0rvpy0A4mKPk3iWjywljX0f61w8v1He+Agl2wIBAg==
+-----END DH PARAMETERS-----
diff --git a/tests/data_files/dh.999.pem b/tests/data_files/dh.999.pem
new file mode 100644
index 0000000..6e3ceb3
--- /dev/null
+++ b/tests/data_files/dh.999.pem
@@ -0,0 +1,17 @@
+ DH Parameters: (999 bit)
+ prime:
+ 4f:b8:d2:d8:3c:b3:02:c9:64:f5:99:fe:61:cc:b3:
+ 69:1c:ba:bb:a2:33:db:38:2f:85:87:b7:12:fb:69:
+ 6e:a5:32:3e:ff:24:df:c4:61:07:0c:e1:88:72:fa:
+ 14:d4:22:65:18:66:09:7e:43:35:c4:5a:62:f7:0a:
+ 69:be:45:71:6e:ac:c5:56:d8:22:9e:c4:9c:23:2b:
+ bd:6d:3b:b6:02:4f:5d:12:a7:ac:90:b8:9e:be:93:
+ 82:bc:09:7c:cd:e1:09:21:1e:3d:69:2a:76:41:00:
+ 68:6d:b7:e8:e8:df:d6:1b:82:93:d9:21:4a:ea:71:
+ f2:e6:c4:94:03
+ generator: 2 (0x2)
+-----BEGIN DH PARAMETERS-----
+MIGCAn1PuNLYPLMCyWT1mf5hzLNpHLq7ojPbOC+Fh7cS+2lupTI+/yTfxGEHDOGI
+cvoU1CJlGGYJfkM1xFpi9wppvkVxbqzFVtginsScIyu9bTu2Ak9dEqeskLievpOC
+vAl8zeEJIR49aSp2QQBobbfo6N/WG4KT2SFK6nHy5sSUAwIBAg==
+-----END DH PARAMETERS-----
diff --git a/tests/data_files/server1.ca.crt b/tests/data_files/server1.ca.crt
new file mode 100644
index 0000000..84691d6
--- /dev/null
+++ b/tests/data_files/server1.ca.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+o1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9
+Q1kCpjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0B
+AQUFAAOCAQEAgt0Fk6cLMjsZUkVpkpTw6EJuKA48H8ieUSTDzYoaDWJQsFY34OIc
+0UpfMwl1jl0qEcVboOdcJHug0EXsfm6XUlSJkPnmcdt/N4gU3/TVkdQwqbvrwjae
+S+Jb1E7fTAiauMi6++svV/sfKqE3OCTJWF+6D0LdgnxEVZM6DvnFU9Jvw+CPTIx6
++SYZLm5sOTL0sWMIxwAEjwGJ3T1m0sjPjnnl4Jn/XtD8UuRRYB/RS6e2TlKovwWP
+G3eUdEs2QJ5lnnD+d7AUYq9nAYnb42M1ZdAxRQxxu2wweiTpUubvT4W6wkG8veix
+UM45EKsxPinnK0rK9bzrPDwpntIHhEUcSQ==
+-----END CERTIFICATE-----
diff --git a/tests/data_files/server1.ca.der b/tests/data_files/server1.ca.der
new file mode 100644
index 0000000..a5ff059
--- /dev/null
+++ b/tests/data_files/server1.ca.der
Binary files differ
diff --git a/tests/data_files/server1.ca_noauthid.crt b/tests/data_files/server1.ca_noauthid.crt
new file mode 100644
index 0000000..e66956d
--- /dev/null
+++ b/tests/data_files/server1.ca_noauthid.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDJDCCAgygAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+ozIwMDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9
+Q1kCpjANBgkqhkiG9w0BAQUFAAOCAQEAMblPCsjj6RJ8sOm54sdlSJOTGWEo/1LF
+q1bJnKE3FXDeU8pbhEhpfsd2zcKdJxzp7Bg8Ms/xKBuOZhn/4C/n2FwZpEeAsS7J
+tZifKp+GXVs0xbcji9aB8niWXSl/CoICpvHpMAz8k2HT4LDvbC2ElXkqLT7n7k1B
+/ODI3BME34NquyBTDezQb4Gz7bx42OKLrxZkKrO3UF3TQTYBZvlH7IO7SvZhQPGk
+b8a2jKYfeQCCIvcywWQ7qzlgzTgnXJ0RrLyCqOqLFs6ztHPgclHa+XYF5yftSKIS
+zTJLT0IWBtwgB2opv7YSx7tKYhj+uHHY7C3iSXzAgPy5TYkissGXbw==
+-----END CERTIFICATE-----
diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h
new file mode 100644
index 0000000..f80fd86
--- /dev/null
+++ b/tests/include/spe/crypto_spe.h
@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+/**
+ * \file crypto_spe.h
+ *
+ * \brief When Mbed Crypto is built with the MBEDTLS_PSA_CRYPTO_SPM option
+ * enabled, this header is included by all .c files in Mbed Crypto that
+ * use PSA Crypto function names. This avoids duplication of symbols
+ * between TF-M and Mbed Crypto.
+ *
+ * \note This file should be included before including any PSA Crypto headers
+ * from Mbed Crypto.
+ */
+
+#ifndef CRYPTO_SPE_H
+#define CRYPTO_SPE_H
+
+#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x
+
+#define psa_crypto_init \
+ PSA_FUNCTION_NAME(psa_crypto_init)
+#define psa_key_derivation_get_capacity \
+ PSA_FUNCTION_NAME(psa_key_derivation_get_capacity)
+#define psa_key_derivation_set_capacity \
+ PSA_FUNCTION_NAME(psa_key_derivation_set_capacity)
+#define psa_key_derivation_input_bytes \
+ PSA_FUNCTION_NAME(psa_key_derivation_input_bytes)
+#define psa_key_derivation_output_bytes \
+ PSA_FUNCTION_NAME(psa_key_derivation_output_bytes)
+#define psa_key_derivation_input_key \
+ PSA_FUNCTION_NAME(psa_key_derivation_input_key)
+#define psa_key_derivation_output_key \
+ PSA_FUNCTION_NAME(psa_key_derivation_output_key)
+#define psa_key_derivation_setup \
+ PSA_FUNCTION_NAME(psa_key_derivation_setup)
+#define psa_key_derivation_abort \
+ PSA_FUNCTION_NAME(psa_key_derivation_abort)
+#define psa_key_derivation_key_agreement \
+ PSA_FUNCTION_NAME(psa_key_derivation_key_agreement)
+#define psa_raw_key_agreement \
+ PSA_FUNCTION_NAME(psa_raw_key_agreement)
+#define psa_generate_random \
+ PSA_FUNCTION_NAME(psa_generate_random)
+#define psa_aead_encrypt \
+ PSA_FUNCTION_NAME(psa_aead_encrypt)
+#define psa_aead_decrypt \
+ PSA_FUNCTION_NAME(psa_aead_decrypt)
+#define psa_open_key \
+ PSA_FUNCTION_NAME(psa_open_key)
+#define psa_close_key \
+ PSA_FUNCTION_NAME(psa_close_key)
+#define psa_import_key \
+ PSA_FUNCTION_NAME(psa_import_key)
+#define psa_destroy_key \
+ PSA_FUNCTION_NAME(psa_destroy_key)
+#define psa_get_key_attributes \
+ PSA_FUNCTION_NAME(psa_get_key_attributes)
+#define psa_reset_key_attributes \
+ PSA_FUNCTION_NAME(psa_reset_key_attributes)
+#define psa_export_key \
+ PSA_FUNCTION_NAME(psa_export_key)
+#define psa_export_public_key \
+ PSA_FUNCTION_NAME(psa_export_public_key)
+#define psa_purge_key \
+ PSA_FUNCTION_NAME(psa_purge_key)
+#define psa_copy_key \
+ PSA_FUNCTION_NAME(psa_copy_key)
+#define psa_cipher_operation_init \
+ PSA_FUNCTION_NAME(psa_cipher_operation_init)
+#define psa_cipher_generate_iv \
+ PSA_FUNCTION_NAME(psa_cipher_generate_iv)
+#define psa_cipher_set_iv \
+ PSA_FUNCTION_NAME(psa_cipher_set_iv)
+#define psa_cipher_encrypt_setup \
+ PSA_FUNCTION_NAME(psa_cipher_encrypt_setup)
+#define psa_cipher_decrypt_setup \
+ PSA_FUNCTION_NAME(psa_cipher_decrypt_setup)
+#define psa_cipher_update \
+ PSA_FUNCTION_NAME(psa_cipher_update)
+#define psa_cipher_finish \
+ PSA_FUNCTION_NAME(psa_cipher_finish)
+#define psa_cipher_abort \
+ PSA_FUNCTION_NAME(psa_cipher_abort)
+#define psa_hash_operation_init \
+ PSA_FUNCTION_NAME(psa_hash_operation_init)
+#define psa_hash_setup \
+ PSA_FUNCTION_NAME(psa_hash_setup)
+#define psa_hash_update \
+ PSA_FUNCTION_NAME(psa_hash_update)
+#define psa_hash_finish \
+ PSA_FUNCTION_NAME(psa_hash_finish)
+#define psa_hash_verify \
+ PSA_FUNCTION_NAME(psa_hash_verify)
+#define psa_hash_abort \
+ PSA_FUNCTION_NAME(psa_hash_abort)
+#define psa_hash_clone \
+ PSA_FUNCTION_NAME(psa_hash_clone)
+#define psa_hash_compute \
+ PSA_FUNCTION_NAME(psa_hash_compute)
+#define psa_hash_compare \
+ PSA_FUNCTION_NAME(psa_hash_compare)
+#define psa_mac_operation_init \
+ PSA_FUNCTION_NAME(psa_mac_operation_init)
+#define psa_mac_sign_setup \
+ PSA_FUNCTION_NAME(psa_mac_sign_setup)
+#define psa_mac_verify_setup \
+ PSA_FUNCTION_NAME(psa_mac_verify_setup)
+#define psa_mac_update \
+ PSA_FUNCTION_NAME(psa_mac_update)
+#define psa_mac_sign_finish \
+ PSA_FUNCTION_NAME(psa_mac_sign_finish)
+#define psa_mac_verify_finish \
+ PSA_FUNCTION_NAME(psa_mac_verify_finish)
+#define psa_mac_abort \
+ PSA_FUNCTION_NAME(psa_mac_abort)
+#define psa_sign_hash \
+ PSA_FUNCTION_NAME(psa_sign_hash)
+#define psa_verify_hash \
+ PSA_FUNCTION_NAME(psa_verify_hash)
+#define psa_asymmetric_encrypt \
+ PSA_FUNCTION_NAME(psa_asymmetric_encrypt)
+#define psa_asymmetric_decrypt \
+ PSA_FUNCTION_NAME(psa_asymmetric_decrypt)
+#define psa_generate_key \
+ PSA_FUNCTION_NAME(psa_generate_key)
+
+#endif /* CRYPTO_SPE_H */
diff --git a/tests/include/test/asn1_helpers.h b/tests/include/test/asn1_helpers.h
new file mode 100644
index 0000000..91ae260
--- /dev/null
+++ b/tests/include/test/asn1_helpers.h
@@ -0,0 +1,50 @@
+/** Helper functions for tests that manipulate ASN.1 data.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ASN1_HELPERS_H
+#define ASN1_HELPERS_H
+
+#include "test/helpers.h"
+
+/** Skip past an INTEGER in an ASN.1 buffer.
+ *
+ * Mark the current test case as failed in any of the following conditions:
+ * - The buffer does not start with an ASN.1 INTEGER.
+ * - The integer's size or parity does not match the constraints expressed
+ * through \p min_bits, \p max_bits and \p must_be_odd.
+ *
+ * \param p Upon entry, `*p` points to the first byte of the
+ * buffer to parse.
+ * On successful return, `*p` points to the first byte
+ * after the parsed INTEGER.
+ * On failure, `*p` is unspecified.
+ * \param end The end of the ASN.1 buffer.
+ * \param min_bits Fail the test case if the integer does not have at
+ * least this many significant bits.
+ * \param max_bits Fail the test case if the integer has more than
+ * this many significant bits.
+ * \param must_be_odd Fail the test case if the integer is even.
+ *
+ * \return \c 0 if the test failed, otherwise 1.
+ */
+int mbedtls_test_asn1_skip_integer( unsigned char **p, const unsigned char *end,
+ size_t min_bits, size_t max_bits,
+ int must_be_odd );
+
+#endif /* ASN1_HELPERS_H */
diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h
new file mode 100644
index 0000000..2207cb3
--- /dev/null
+++ b/tests/include/test/drivers/aead.h
@@ -0,0 +1,71 @@
+/*
+ * Test driver for AEAD driver entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H
+#define PSA_CRYPTO_TEST_DRIVERS_AEAD_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times AEAD driver functions are called. */
+ unsigned long hits;
+ /* Status returned by the last AEAD driver function call. */
+ psa_status_t driver_status;
+} mbedtls_test_driver_aead_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_AEAD_INIT { 0, 0, 0 }
+static inline mbedtls_test_driver_aead_hooks_t
+ mbedtls_test_driver_aead_hooks_init( void )
+{
+ const mbedtls_test_driver_aead_hooks_t v = MBEDTLS_TEST_DRIVER_AEAD_INIT;
+ return( v );
+}
+
+extern mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks;
+
+psa_status_t mbedtls_test_transparent_aead_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *plaintext, size_t plaintext_length,
+ uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length );
+
+psa_status_t mbedtls_test_transparent_aead_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *ciphertext, size_t ciphertext_length,
+ uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */
diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h
index ef787f7..4fe5596 100644
--- a/tests/include/test/drivers/cipher.h
+++ b/tests/include/test/drivers/cipher.h
@@ -28,22 +28,9 @@
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include <psa/crypto_driver_common.h>
+#include <psa/crypto.h>
#include "mbedtls/cipher.h"
-typedef struct {
- psa_algorithm_t alg;
- unsigned int key_set : 1;
- unsigned int iv_required : 1;
- unsigned int iv_set : 1;
- uint8_t iv_size;
- uint8_t block_size;
- mbedtls_cipher_context_t cipher;
-} test_transparent_cipher_operation_t;
-
-typedef struct{
- unsigned int initialised : 1;
- test_transparent_cipher_operation_t ctx;
-} test_opaque_cipher_operation_t;
typedef struct {
/* If non-null, on success, copy this to the output. */
@@ -54,127 +41,104 @@
psa_status_t forced_status;
/* Count the amount of times one of the cipher driver functions is called. */
unsigned long hits;
-} test_driver_cipher_hooks_t;
+} mbedtls_test_driver_cipher_hooks_t;
-#define TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 }
-static inline test_driver_cipher_hooks_t test_driver_cipher_hooks_init( void )
+#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 }
+static inline mbedtls_test_driver_cipher_hooks_t
+ mbedtls_test_driver_cipher_hooks_init( void )
{
- const test_driver_cipher_hooks_t v = TEST_DRIVER_CIPHER_INIT;
+ const mbedtls_test_driver_cipher_hooks_t v = MBEDTLS_TEST_DRIVER_CIPHER_INIT;
return( v );
}
-extern test_driver_cipher_hooks_t test_driver_cipher_hooks;
+extern mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks;
-psa_status_t test_transparent_cipher_encrypt(
+psa_status_t mbedtls_test_transparent_cipher_encrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length);
-psa_status_t test_transparent_cipher_decrypt(
+psa_status_t mbedtls_test_transparent_cipher_decrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length);
-psa_status_t test_transparent_cipher_encrypt_setup(
- test_transparent_cipher_operation_t *operation,
+psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg);
-psa_status_t test_transparent_cipher_decrypt_setup(
- test_transparent_cipher_operation_t *operation,
+psa_status_t mbedtls_test_transparent_cipher_decrypt_setup(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg);
-psa_status_t test_transparent_cipher_abort(
- test_transparent_cipher_operation_t *operation);
+psa_status_t mbedtls_test_transparent_cipher_abort(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation );
-psa_status_t test_transparent_cipher_generate_iv(
- test_transparent_cipher_operation_t *operation,
- uint8_t *iv,
- size_t iv_size,
- size_t *iv_length);
+psa_status_t mbedtls_test_transparent_cipher_set_iv(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length);
-psa_status_t test_transparent_cipher_set_iv(
- test_transparent_cipher_operation_t *operation,
- const uint8_t *iv,
- size_t iv_length);
+psa_status_t mbedtls_test_transparent_cipher_update(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
-psa_status_t test_transparent_cipher_update(
- test_transparent_cipher_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length);
-
-psa_status_t test_transparent_cipher_finish(
- test_transparent_cipher_operation_t *operation,
- uint8_t *output,
- size_t output_size,
- size_t *output_length);
+psa_status_t mbedtls_test_transparent_cipher_finish(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length);
/*
* opaque versions
*/
-psa_status_t test_opaque_cipher_encrypt(
+psa_status_t mbedtls_test_opaque_cipher_encrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length);
-psa_status_t test_opaque_cipher_decrypt(
+psa_status_t mbedtls_test_opaque_cipher_decrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length);
-psa_status_t test_opaque_cipher_encrypt_setup(
- test_opaque_cipher_operation_t *operation,
+psa_status_t mbedtls_test_opaque_cipher_encrypt_setup(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg);
-psa_status_t test_opaque_cipher_decrypt_setup(
- test_opaque_cipher_operation_t *operation,
+psa_status_t mbedtls_test_opaque_cipher_decrypt_setup(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg);
-psa_status_t test_opaque_cipher_abort(
- test_opaque_cipher_operation_t *operation);
+psa_status_t mbedtls_test_opaque_cipher_abort(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation);
-psa_status_t test_opaque_cipher_generate_iv(
- test_opaque_cipher_operation_t *operation,
- uint8_t *iv,
- size_t iv_size,
- size_t *iv_length);
+psa_status_t mbedtls_test_opaque_cipher_set_iv(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length);
-psa_status_t test_opaque_cipher_set_iv(
- test_opaque_cipher_operation_t *operation,
- const uint8_t *iv,
- size_t iv_length);
+psa_status_t mbedtls_test_opaque_cipher_update(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
-psa_status_t test_opaque_cipher_update(
- test_opaque_cipher_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length);
-
-psa_status_t test_opaque_cipher_finish(
- test_opaque_cipher_operation_t *operation,
- uint8_t *output,
- size_t output_size,
- size_t *output_length);
+psa_status_t mbedtls_test_opaque_cipher_finish(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length);
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */
diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h
new file mode 100644
index 0000000..ebe83de
--- /dev/null
+++ b/tests/include/test/drivers/hash.h
@@ -0,0 +1,80 @@
+/*
+ * Test driver for hash driver entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H
+#define PSA_CRYPTO_TEST_DRIVERS_HASH_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times hash driver entry points are called. */
+ unsigned long hits;
+ /* Status returned by the last hash driver entry point call. */
+ psa_status_t driver_status;
+} mbedtls_test_driver_hash_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_HASH_INIT { 0, 0, 0 }
+static inline mbedtls_test_driver_hash_hooks_t
+ mbedtls_test_driver_hash_hooks_init( void )
+{
+ const mbedtls_test_driver_hash_hooks_t v = MBEDTLS_TEST_DRIVER_HASH_INIT;
+ return( v );
+}
+
+extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks;
+
+psa_status_t mbedtls_test_transparent_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *hash, size_t hash_size, size_t *hash_length );
+
+psa_status_t mbedtls_test_transparent_hash_setup(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_test_transparent_hash_clone(
+ const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
+ mbedtls_transparent_test_driver_hash_operation_t *target_operation );
+
+psa_status_t mbedtls_test_transparent_hash_update(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+psa_status_t mbedtls_test_transparent_hash_finish(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length );
+
+psa_status_t mbedtls_test_transparent_hash_abort(
+ mbedtls_psa_hash_operation_t *operation );
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */
diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h
index 90f8c58..45814fd 100644
--- a/tests/include/test/drivers/key_management.h
+++ b/tests/include/test/drivers/key_management.h
@@ -29,6 +29,9 @@
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include <psa/crypto_driver_common.h>
+#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT 0
+#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT 1
+
typedef struct {
/* If non-null, on success, copy this to the output. */
void *forced_output;
@@ -39,40 +42,56 @@
/* Count the amount of times one of the key management driver functions
* is called. */
unsigned long hits;
-} test_driver_key_management_hooks_t;
+} mbedtls_test_driver_key_management_hooks_t;
-#define TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_ERROR_NOT_SUPPORTED, 0 }
-static inline test_driver_key_management_hooks_t test_driver_key_management_hooks_init( void )
+#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0 }
+static inline mbedtls_test_driver_key_management_hooks_t
+ mbedtls_test_driver_key_management_hooks_init( void )
{
- const test_driver_key_management_hooks_t v = TEST_DRIVER_KEY_MANAGEMENT_INIT;
+ const mbedtls_test_driver_key_management_hooks_t
+ v = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
return( v );
}
-extern test_driver_key_management_hooks_t test_driver_key_management_hooks;
+extern mbedtls_test_driver_key_management_hooks_t
+ mbedtls_test_driver_key_management_hooks;
-psa_status_t test_transparent_generate_key(
+psa_status_t mbedtls_test_transparent_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key, size_t key_size, size_t *key_length );
-psa_status_t test_opaque_generate_key(
+psa_status_t mbedtls_test_opaque_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key, size_t key_size, size_t *key_length );
-psa_status_t test_transparent_validate_key(
+psa_status_t mbedtls_test_opaque_export_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+psa_status_t mbedtls_test_transparent_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+psa_status_t mbedtls_test_opaque_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
+psa_status_t mbedtls_test_transparent_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data,
size_t data_length,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length,
size_t *bits);
-psa_status_t test_transparent_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- uint8_t *data, size_t data_size, size_t *data_length );
-
-psa_status_t test_opaque_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- uint8_t *data, size_t data_size, size_t *data_length );
+psa_status_t mbedtls_test_opaque_get_builtin_key(
+ psa_drv_slot_number_t slot_number,
+ psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */
diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h
new file mode 100644
index 0000000..7733dd3
--- /dev/null
+++ b/tests/include/test/drivers/mac.h
@@ -0,0 +1,141 @@
+/*
+ * Test driver for MAC driver entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H
+#define PSA_CRYPTO_TEST_DRIVERS_MAC_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times MAC driver functions are called. */
+ unsigned long hits;
+ /* Status returned by the last MAC driver function call. */
+ psa_status_t driver_status;
+} mbedtls_test_driver_mac_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_MAC_INIT { 0, 0, 0 }
+static inline mbedtls_test_driver_mac_hooks_t
+ mbedtls_test_driver_mac_hooks_init( void )
+{
+ const mbedtls_test_driver_mac_hooks_t v = MBEDTLS_TEST_DRIVER_MAC_INIT;
+ return( v );
+}
+
+extern mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks;
+
+psa_status_t mbedtls_test_transparent_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t mbedtls_test_transparent_mac_sign_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_test_transparent_mac_verify_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_test_transparent_mac_update(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+psa_status_t mbedtls_test_transparent_mac_sign_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t mbedtls_test_transparent_mac_verify_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length );
+
+psa_status_t mbedtls_test_transparent_mac_abort(
+ mbedtls_transparent_test_driver_mac_operation_t *operation );
+
+psa_status_t mbedtls_test_opaque_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t mbedtls_test_opaque_mac_sign_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_test_opaque_mac_verify_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg );
+
+psa_status_t mbedtls_test_opaque_mac_update(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length );
+
+psa_status_t mbedtls_test_opaque_mac_sign_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length );
+
+psa_status_t mbedtls_test_opaque_mac_verify_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length );
+
+psa_status_t mbedtls_test_opaque_mac_abort(
+ mbedtls_opaque_test_driver_mac_operation_t *operation );
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */
diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h
index 8abcb11..5e64edc 100644
--- a/tests/include/test/drivers/signature.h
+++ b/tests/include/test/drivers/signature.h
@@ -38,40 +38,86 @@
psa_status_t forced_status;
/* Count the amount of times one of the signature driver functions is called. */
unsigned long hits;
-} test_driver_signature_hooks_t;
+} mbedtls_test_driver_signature_hooks_t;
-#define TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_ERROR_NOT_SUPPORTED, 0 }
-static inline test_driver_signature_hooks_t test_driver_signature_hooks_init( void )
+#define MBEDTLS_TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 }
+static inline mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_hooks_init( void )
{
- const test_driver_signature_hooks_t v = TEST_DRIVER_SIGNATURE_INIT;
+ const mbedtls_test_driver_signature_hooks_t
+ v = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
return( v );
}
-extern test_driver_signature_hooks_t test_driver_signature_sign_hooks;
-extern test_driver_signature_hooks_t test_driver_signature_verify_hooks;
+extern mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_sign_hooks;
+extern mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_verify_hooks;
-psa_status_t test_transparent_signature_sign_hash(
+psa_status_t mbedtls_test_transparent_signature_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length );
+
+psa_status_t mbedtls_test_opaque_signature_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length );
+
+psa_status_t mbedtls_test_transparent_signature_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length );
+
+psa_status_t mbedtls_test_opaque_signature_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length );
+
+psa_status_t mbedtls_test_transparent_signature_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *hash, size_t hash_length,
uint8_t *signature, size_t signature_size, size_t *signature_length );
-psa_status_t test_opaque_signature_sign_hash(
+psa_status_t mbedtls_test_opaque_signature_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *hash, size_t hash_length,
uint8_t *signature, size_t signature_size, size_t *signature_length );
-psa_status_t test_transparent_signature_verify_hash(
+psa_status_t mbedtls_test_transparent_signature_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *hash, size_t hash_length,
const uint8_t *signature, size_t signature_length );
-psa_status_t test_opaque_signature_verify_hash(
+psa_status_t mbedtls_test_opaque_signature_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
diff --git a/tests/include/test/drivers/size.h b/tests/include/test/drivers/size.h
index 4bfe986..b2665bd 100644
--- a/tests/include/test/drivers/size.h
+++ b/tests/include/test/drivers/size.h
@@ -29,67 +29,9 @@
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include <psa/crypto_driver_common.h>
-typedef struct {
- unsigned int context;
-} test_driver_key_context_t;
-
-/** \def TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
- *
- * This macro returns the base size for the key context. It is the size of the
- * driver specific information stored in each key context.
- */
-#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t )
-
-/** \def TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE
- *
- * Number of bytes included in every key context for a key pair.
- *
- * This pair size is for an ECC 256-bit private/public key pair.
- * Based on this value, the size of the private key can be derived by
- * subtracting the public key size below from this one.
- */
-
-#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65
-
-/** \def TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE
- *
- * Number of bytes included in every key context for a public key.
- *
- * For ECC public keys, it needs 257 bits so 33 bytes.
- */
-#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33
-
-/** \def TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR
- *
- * Every key context for a symmetric key includes this many times the key size.
- */
-#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0
-
-/** \def TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY
- *
- * If this is true for a key pair, the key context includes space for the public key.
- * If this is false, no additional space is added for the public key.
- *
- * For this instance, store the public key with the private one.
- */
-#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1
-
-/** \def TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
- *
- * If TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION is defined, the test driver
- * provides a size_function entry point, otherwise, it does not.
- *
- * Some opaque drivers have the need to support a custom size for the storage
- * of key and context information. The size_function provides the ability to
- * provide that customization.
- */
-//#define TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
-
-#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
-size_t test_size_function(
+size_t mbedtls_test_size_function(
const psa_key_type_t key_type,
const size_t key_bits );
-#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */
diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h
index f26b795..5b60932 100644
--- a/tests/include/test/drivers/test_driver.h
+++ b/tests/include/test/drivers/test_driver.h
@@ -20,11 +20,14 @@
#ifndef PSA_CRYPTO_TEST_DRIVER_H
#define PSA_CRYPTO_TEST_DRIVER_H
-#define PSA_CRYPTO_TEST_DRIVER_LIFETIME 0x7fffff
+#define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff
-#include "test/drivers/signature.h"
-#include "test/drivers/key_management.h"
+#include "test/drivers/aead.h"
#include "test/drivers/cipher.h"
+#include "test/drivers/hash.h"
+#include "test/drivers/mac.h"
+#include "test/drivers/key_management.h"
+#include "test/drivers/signature.h"
#include "test/drivers/size.h"
#endif /* PSA_CRYPTO_TEST_DRIVER_H */
diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h
new file mode 100644
index 0000000..faeef22
--- /dev/null
+++ b/tests/include/test/fake_external_rng_for_test.h
@@ -0,0 +1,56 @@
+/*
+ * Insecure but standalone implementation of mbedtls_psa_external_get_random().
+ * Only for use in tests!
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H
+#define FAKE_EXTERNAL_RNG_FOR_TEST_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** Enable the insecure implementation of mbedtls_psa_external_get_random().
+ *
+ * The insecure implementation of mbedtls_psa_external_get_random() is
+ * disabled by default.
+ *
+ * When MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled and the test
+ * helpers are linked into a program, you must enable this before running any
+ * code that uses the PSA subsystem to generate random data (including internal
+ * random generation for purposes such as blinding when the random generation
+ * is routed through PSA).
+ *
+ * You can enable and disable it at any time, regardless of the state
+ * of the PSA subsystem. You may disable it temporarily to simulate a
+ * depleted entropy source.
+ */
+void mbedtls_test_enable_insecure_external_rng( void );
+
+/** Disable the insecure implementation of mbedtls_psa_external_get_random().
+ *
+ * See mbedtls_test_enable_insecure_external_rng().
+ */
+void mbedtls_test_disable_insecure_external_rng( void );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#endif /* FAKE_EXTERNAL_RNG_FOR_TEST_H */
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index 2c7b179..dfc09cd 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -31,6 +31,11 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \
+ defined(MBEDTLS_TEST_HOOKS)
+#define MBEDTLS_TEST_MUTEX_USAGE
+#endif
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
@@ -49,10 +54,83 @@
#include <stddef.h>
#include <stdint.h>
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
+typedef enum
+{
+ MBEDTLS_TEST_RESULT_SUCCESS = 0,
+ MBEDTLS_TEST_RESULT_FAILED,
+ MBEDTLS_TEST_RESULT_SKIPPED
+} mbedtls_test_result_t;
+
+typedef struct
+{
+ mbedtls_test_result_t result;
+ const char *test;
+ const char *filename;
+ int line_no;
+ unsigned long step;
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ const char *mutex_usage_error;
+#endif
+}
+mbedtls_test_info_t;
+extern mbedtls_test_info_t mbedtls_test_info;
+
int mbedtls_test_platform_setup( void );
void mbedtls_test_platform_teardown( void );
/**
+ * \brief Record the current test case as a failure.
+ *
+ * This function can be called directly however it is usually
+ * called via macros such as TEST_ASSERT, TEST_EQUAL,
+ * PSA_ASSERT, etc...
+ *
+ * \note If the test case was already marked as failed, calling
+ * `mbedtls_test_fail( )` again will not overwrite any
+ * previous information about the failure.
+ *
+ * \param test Description of the failure or assertion that failed. This
+ * MUST be a string literal.
+ * \param line_no Line number where the failure originated.
+ * \param filename Filename where the failure originated.
+ */
+void mbedtls_test_fail( const char *test, int line_no, const char* filename );
+
+/**
+ * \brief Record the current test case as skipped.
+ *
+ * This function can be called directly however it is usually
+ * called via the TEST_ASSUME macro.
+ *
+ * \param test Description of the assumption that caused the test case to
+ * be skipped. This MUST be a string literal.
+ * \param line_no Line number where the test case was skipped.
+ * \param filename Filename where the test case was skipped.
+ */
+void mbedtls_test_skip( const char *test, int line_no, const char* filename );
+
+/**
+ * \brief Set the test step number for failure reports.
+ *
+ * Call this function to display "step NNN" in addition to the
+ * line number and file name if a test fails. Typically the "step
+ * number" is the index of a for loop but it can be whatever you
+ * want.
+ *
+ * \param step The step number to report.
+ */
+void mbedtls_test_set_step( unsigned long step );
+
+/**
+ * \brief Reset mbedtls_test_info to a ready/starting state.
+ */
+void mbedtls_test_info_reset( void );
+
+/**
* \brief This function decodes the hexadecimal representation of
* data.
*
@@ -190,4 +268,55 @@
void mbedtls_test_param_failed_reset_state( void );
#endif /* MBEDTLS_CHECK_PARAMS */
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#include "test/fake_external_rng_for_test.h"
+#endif
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+/** Permanently activate the mutex usage verification framework. See
+ * threading_helpers.c for information. */
+void mbedtls_test_mutex_usage_init( void );
+
+/** Call this function after executing a test case to check for mutex usage
+ * errors. */
+void mbedtls_test_mutex_usage_check( void );
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+/**
+ * \brief Check that only a pure high-level error code is being combined with
+ * a pure low-level error code as otherwise the resultant error code
+ * would be corrupted.
+ *
+ * \note Both high-level and low-level error codes cannot be greater than
+ * zero however can be zero. If one error code is zero then the
+ * other error code is returned even if both codes are zero.
+ *
+ * \note If the check fails, fail the test currently being run.
+ */
+void mbedtls_test_err_add_check( int high, int low,
+ const char *file, int line);
+#endif
+
+#if defined(MBEDTLS_BIGNUM_C)
+/** Read an MPI from a string.
+ *
+ * Like mbedtls_mpi_read_string(), but size the resulting bignum based
+ * on the number of digits in the string. In particular, construct a
+ * bignum with 0 limbs for an empty string, and a bignum with leading 0
+ * limbs if the string has sufficiently many leading 0 digits.
+ *
+ * This is important so that the "0 (null)" and "0 (1 limb)" and
+ * "leading zeros" test cases do what they claim.
+ *
+ * \param[out] X The MPI object to populate. It must be initialized.
+ * \param radix The radix (2 to 16).
+ * \param[in] s The null-terminated string to read from.
+ *
+ * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
+ */
+/* Since the library has exactly the desired behavior, this is trivial. */
+int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s );
+#endif /* MBEDTLS_BIGNUM_C */
+
#endif /* TEST_HELPERS_H */
diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h
index f404780..b7b6e8f 100644
--- a/tests/include/test/macros.h
+++ b/tests/include/test/macros.h
@@ -51,6 +51,237 @@
#include "mbedtls/memory_buffer_alloc.h"
#endif
+/**
+ * \brief This macro tests the expression passed to it as a test step or
+ * individual test in a test case.
+ *
+ * It allows a library function to return a value and return an error
+ * code that can be tested.
+ *
+ * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
+ * callback, MBEDTLS_PARAM_FAILED(), will be assumed to be a test
+ * failure.
+ *
+ * This macro is not suitable for negative parameter validation tests,
+ * as it assumes the test step will not create an error.
+ *
+ * Failing the test means:
+ * - Mark this test case as failed.
+ * - Print a message identifying the failure.
+ * - Jump to the \c exit label.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param TEST The test expression to be tested.
+ */
+#define TEST_ASSERT( TEST ) \
+ do { \
+ if( ! (TEST) ) \
+ { \
+ mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \
+ goto exit; \
+ } \
+ } while( 0 )
+
+/** Evaluate two expressions and fail the test case if they have different
+ * values.
+ *
+ * \param expr1 An expression to evaluate.
+ * \param expr2 The expected value of \p expr1. This can be any
+ * expression, but it is typically a constant.
+ */
+#define TEST_EQUAL( expr1, expr2 ) \
+ TEST_ASSERT( ( expr1 ) == ( expr2 ) )
+
+/** Allocate memory dynamically and fail the test case if this fails.
+ * The allocated memory will be filled with zeros.
+ *
+ * You must set \p pointer to \c NULL before calling this macro and
+ * put `mbedtls_free( pointer )` in the test's cleanup code.
+ *
+ * If \p length is zero, the resulting \p pointer will be \c NULL.
+ * This is usually what we want in tests since API functions are
+ * supposed to accept null pointers when a buffer size is zero.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param pointer An lvalue where the address of the allocated buffer
+ * will be stored.
+ * This expression may be evaluated multiple times.
+ * \param length Number of elements to allocate.
+ * This expression may be evaluated multiple times.
+ *
+ */
+#define ASSERT_ALLOC( pointer, length ) \
+ do \
+ { \
+ TEST_ASSERT( ( pointer ) == NULL ); \
+ if( ( length ) != 0 ) \
+ { \
+ ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
+ ( length ) ); \
+ TEST_ASSERT( ( pointer ) != NULL ); \
+ } \
+ } \
+ while( 0 )
+
+/** Allocate memory dynamically. If the allocation fails, skip the test case.
+ *
+ * This macro behaves like #ASSERT_ALLOC, except that if the allocation
+ * fails, it marks the test as skipped rather than failed.
+ */
+#define ASSERT_ALLOC_WEAK( pointer, length ) \
+ do \
+ { \
+ TEST_ASSERT( ( pointer ) == NULL ); \
+ if( ( length ) != 0 ) \
+ { \
+ ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
+ ( length ) ); \
+ TEST_ASSUME( ( pointer ) != NULL ); \
+ } \
+ } \
+ while( 0 )
+
+/** Compare two buffers and fail the test case if they differ.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param p1 Pointer to the start of the first buffer.
+ * \param size1 Size of the first buffer in bytes.
+ * This expression may be evaluated multiple times.
+ * \param p2 Pointer to the start of the second buffer.
+ * \param size2 Size of the second buffer in bytes.
+ * This expression may be evaluated multiple times.
+ */
+#define ASSERT_COMPARE( p1, size1, p2, size2 ) \
+ do \
+ { \
+ TEST_ASSERT( ( size1 ) == ( size2 ) ); \
+ if( ( size1 ) != 0 ) \
+ TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 ); \
+ } \
+ while( 0 )
+
+/**
+ * \brief This macro tests the expression passed to it and skips the
+ * running test if it doesn't evaluate to 'true'.
+ *
+ * \param TEST The test expression to be tested.
+ */
+#define TEST_ASSUME( TEST ) \
+ do { \
+ if( ! (TEST) ) \
+ { \
+ mbedtls_test_skip( #TEST, __LINE__, __FILE__ ); \
+ goto exit; \
+ } \
+ } while( 0 )
+
+#if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT)
+/**
+ * \brief This macro tests the statement passed to it as a test step or
+ * individual test in a test case. The macro assumes the test will fail
+ * and will generate an error.
+ *
+ * It allows a library function to return a value and tests the return
+ * code on return to confirm the given error code was returned.
+ *
+ * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
+ * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
+ * expected failure, and the test will pass.
+ *
+ * This macro is intended for negative parameter validation tests,
+ * where the failing function may return an error value or call
+ * MBEDTLS_PARAM_FAILED() to indicate the error.
+ *
+ * \param PARAM_ERROR_VALUE The expected error code.
+ *
+ * \param TEST The test expression to be tested.
+ */
+#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST ) \
+ do { \
+ mbedtls_test_param_failed_expect_call( ); \
+ if( ( ( TEST ) != ( PARAM_ERR_VALUE ) ) || \
+ ( mbedtls_test_param_failed_check_expected_call( ) != 0 ) ) \
+ { \
+ mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \
+ goto exit; \
+ } \
+ mbedtls_test_param_failed_check_expected_call( ); \
+ } while( 0 )
+
+/**
+ * \brief This macro tests the statement passed to it as a test step or
+ * individual test in a test case. The macro assumes the test will fail
+ * and will generate an error.
+ *
+ * It assumes the library function under test cannot return a value and
+ * assumes errors can only be indicated byt calls to
+ * MBEDTLS_PARAM_FAILED().
+ *
+ * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
+ * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
+ * expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test
+ * can be made.
+ *
+ * This macro is intended for negative parameter validation tests,
+ * where the failing function can only return an error by calling
+ * MBEDTLS_PARAM_FAILED() to indicate the error.
+ *
+ * \param TEST The test expression to be tested.
+ */
+#define TEST_INVALID_PARAM( TEST ) \
+ do { \
+ memcpy( jmp_tmp, mbedtls_test_param_failed_get_state_buf( ), \
+ sizeof( jmp_tmp ) ); \
+ if( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) \
+ { \
+ TEST; \
+ mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \
+ goto exit; \
+ } \
+ mbedtls_test_param_failed_reset_state( ); \
+ } while( 0 )
+#endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */
+
+/**
+ * \brief This macro tests the statement passed to it as a test step or
+ * individual test in a test case. The macro assumes the test will not fail.
+ *
+ * It assumes the library function under test cannot return a value and
+ * assumes errors can only be indicated by calls to
+ * MBEDTLS_PARAM_FAILED().
+ *
+ * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
+ * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
+ * expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test
+ * can be made.
+ *
+ * This macro is intended to test that functions returning void
+ * accept all of the parameter values they're supposed to accept - eg
+ * that they don't call MBEDTLS_PARAM_FAILED() when a parameter
+ * that's allowed to be NULL happens to be NULL.
+ *
+ * Note: for functions that return something other that void,
+ * checking that they accept all the parameters they're supposed to
+ * accept is best done by using TEST_ASSERT() and checking the return
+ * value as well.
+ *
+ * Note: this macro is available even when #MBEDTLS_CHECK_PARAMS is
+ * disabled, as it makes sense to check that the functions accept all
+ * legal values even if this option is disabled - only in that case,
+ * the test is more about whether the function segfaults than about
+ * whether it invokes MBEDTLS_PARAM_FAILED().
+ *
+ * \param TEST The test expression to be tested.
+ */
+#define TEST_VALID_PARAM( TEST ) \
+ TEST_ASSERT( ( TEST, 1 ) );
+
#define TEST_HELPER_ASSERT(a) if( !( a ) ) \
{ \
mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \
@@ -58,40 +289,45 @@
mbedtls_exit( 1 ); \
}
+/** \def ARRAY_LENGTH
+ * Return the number of elements of a static or stack array.
+ *
+ * \param array A value of array (not pointer) type.
+ *
+ * \return The number of elements of the array.
+ */
+/* A correct implementation of ARRAY_LENGTH, but which silently gives
+ * a nonsensical result if called with a pointer rather than an array. */
+#define ARRAY_LENGTH_UNSAFE( array ) \
+ ( sizeof( array ) / sizeof( *( array ) ) )
+
#if defined(__GNUC__)
/* Test if arg and &(arg)[0] have the same type. This is true if arg is
* an array but not if it's a pointer. */
#define IS_ARRAY_NOT_POINTER( arg ) \
( ! __builtin_types_compatible_p( __typeof__( arg ), \
__typeof__( &( arg )[0] ) ) )
-#else
-/* On platforms where we don't know how to implement this check,
- * omit it. Oh well, a non-portable check is better than nothing. */
-#define IS_ARRAY_NOT_POINTER( arg ) 1
-#endif
-
/* A compile-time constant with the value 0. If `const_expr` is not a
* compile-time constant with a nonzero value, cause a compile-time error. */
#define STATIC_ASSERT_EXPR( const_expr ) \
( 0 && sizeof( struct { unsigned int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) )
+
/* Return the scalar value `value` (possibly promoted). This is a compile-time
* constant if `value` is. `condition` must be a compile-time constant.
* If `condition` is false, arrange to cause a compile-time error. */
#define STATIC_ASSERT_THEN_RETURN( condition, value ) \
( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) )
-#define ARRAY_LENGTH_UNSAFE( array ) \
- ( sizeof( array ) / sizeof( *( array ) ) )
-/** Return the number of elements of a static or stack array.
- *
- * \param array A value of array (not pointer) type.
- *
- * \return The number of elements of the array.
- */
#define ARRAY_LENGTH( array ) \
( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \
ARRAY_LENGTH_UNSAFE( array ) ) )
+#else
+/* If we aren't sure the compiler supports our non-standard tricks,
+ * fall back to the unsafe implementation. */
+#define ARRAY_LENGTH( array ) ARRAY_LENGTH_UNSAFE( array )
+#endif
+
/** Return the smaller of two values.
*
* \param x An integer-valued expression without side effects.
diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h
index 01b0547..8a8c37e 100644
--- a/tests/include/test/psa_crypto_helpers.h
+++ b/tests/include/test/psa_crypto_helpers.h
@@ -21,84 +21,139 @@
#ifndef PSA_CRYPTO_HELPERS_H
#define PSA_CRYPTO_HELPERS_H
+#include "test/helpers.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
#include "test/psa_helpers.h"
#include <psa/crypto.h>
#include <psa_crypto_slot_management.h>
-static int test_helper_is_psa_pristine( int line, const char *file )
-{
- mbedtls_psa_stats_t stats;
- const char *msg = NULL;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif
- mbedtls_psa_get_stats( &stats );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- if( stats.volatile_slots != 0 )
- msg = "A volatile slot has not been closed properly.";
- else if( stats.persistent_slots != 0 )
- msg = "A persistent slot has not been closed properly.";
- else if( stats.external_slots != 0 )
- msg = "An external slot has not been closed properly.";
- else if( stats.half_filled_slots != 0 )
- msg = "A half-filled slot has not been cleared properly.";
- else if( stats.locked_slots != 0 )
- {
- msg = "Some slots are still marked as locked.";
- }
+/* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */
+int mbedtls_test_uses_key_id( mbedtls_svc_key_id_t key_id );
- /* If the test has already failed, don't overwrite the failure
- * information. Do keep the stats lookup above, because it can be
- * convenient to break on it when debugging a failure. */
- if( msg != NULL && test_info.result == TEST_RESULT_SUCCESS )
- test_fail( msg, line, file );
+/** Destroy persistent keys recorded with #TEST_USES_KEY_ID.
+ */
+void mbedtls_test_psa_purge_key_storage( void );
- return( msg == NULL );
-}
+/** Purge the in-memory cache of persistent keys recorded with
+ * #TEST_USES_KEY_ID.
+ *
+ * Call this function before calling PSA_DONE() if it's ok for
+ * persistent keys to still exist at this point.
+ */
+void mbedtls_test_psa_purge_key_cache( void );
+
+/** \def TEST_USES_KEY_ID
+ *
+ * Call this macro in a test function before potentially creating a
+ * persistent key. Test functions that use this mechanism must call
+ * mbedtls_test_psa_purge_key_storage() in their cleanup code.
+ *
+ * This macro records a persistent key identifier as potentially used in the
+ * current test case. Recorded key identifiers will be cleaned up at the end
+ * of the test case, even on failure.
+ *
+ * This macro has no effect on volatile keys. Therefore, it is safe to call
+ * this macro in a test function that creates either volatile or persistent
+ * keys depending on the test data.
+ *
+ * This macro currently has no effect on special identifiers
+ * used to store implementation-specific files.
+ *
+ * Calling this macro multiple times on the same key identifier in the same
+ * test case has no effect.
+ *
+ * This macro can fail the test case if there isn't enough memory to
+ * record the key id.
+ *
+ * \param key_id The PSA key identifier to record.
+ */
+#define TEST_USES_KEY_ID( key_id ) \
+ TEST_ASSERT( mbedtls_test_uses_key_id( key_id ) )
+
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) )
+#define mbedtls_test_psa_purge_key_storage( ) ( (void) 0 )
+#define mbedtls_test_psa_purge_key_cache( ) ( (void) 0 )
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
+
+/** Check for things that have not been cleaned up properly in the
+ * PSA subsystem.
+ *
+ * \return NULL if nothing has leaked.
+ * \return A string literal explaining what has not been cleaned up
+ * if applicable.
+ */
+const char *mbedtls_test_helper_is_psa_leaking( void );
/** Check that no PSA Crypto key slots are in use.
+ *
+ * If any slots are in use, mark the current test as failed and jump to
+ * the exit label. This is equivalent to
+ * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )`
+ * but with a more informative message.
*/
-#define ASSERT_PSA_PRISTINE( ) \
- do \
- { \
- if( ! test_helper_is_psa_pristine( __LINE__, __FILE__ ) ) \
- goto exit; \
- } \
+#define ASSERT_PSA_PRISTINE( ) \
+ do \
+ { \
+ if( test_fail_if_psa_leaking( __LINE__, __FILE__ ) ) \
+ goto exit; \
+ } \
while( 0 )
-static void test_helper_psa_done( int line, const char *file )
-{
- (void) test_helper_is_psa_pristine( line, file );
- mbedtls_psa_crypto_free( );
-}
-
-/** Shut down the PSA Crypto subsystem. Expect a clean shutdown, with no slots
- * in use.
+/** Shut down the PSA Crypto subsystem and destroy persistent keys.
+ * Expect a clean shutdown, with no slots in use.
+ *
+ * If some key slots are still in use, record the test case as failed,
+ * but continue executing. This macro is suitable (and primarily intended)
+ * for use in the cleanup section of test functions.
+ *
+ * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
+ * creating them.
*/
-#define PSA_DONE( ) test_helper_psa_done( __LINE__, __FILE__ )
+#define PSA_DONE( ) \
+ do \
+ { \
+ test_fail_if_psa_leaking( __LINE__, __FILE__ ); \
+ mbedtls_test_psa_purge_key_storage( ); \
+ mbedtls_psa_crypto_free( ); \
+ } \
+ while( 0 )
+
+/** Shut down the PSA Crypto subsystem, allowing persistent keys to survive.
+ * Expect a clean shutdown, with no slots in use.
+ *
+ * If some key slots are still in use, record the test case as failed and
+ * jump to the `exit` label.
+ */
+#define PSA_SESSION_DONE( ) \
+ do \
+ { \
+ mbedtls_test_psa_purge_key_cache( ); \
+ ASSERT_PSA_PRISTINE( ); \
+ mbedtls_psa_crypto_free( ); \
+ } \
+ while( 0 )
#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
-#include <psa/crypto.h>
-
-/** Name of the file where return statuses are logged by #RECORD_STATUS. */
-#define STATUS_LOG_FILE_NAME "statuses.log"
-
-static psa_status_t record_status( psa_status_t status,
- const char *func,
- const char *file, int line,
- const char *expr )
-{
- /* We open the log file on first use.
- * We never close the log file, so the record_status feature is not
- * compatible with resource leak detectors such as Asan.
- */
- static FILE *log;
- if( log == NULL )
- log = fopen( STATUS_LOG_FILE_NAME, "a" );
- fprintf( log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr );
- return( status );
-}
+psa_status_t mbedtls_test_record_status( psa_status_t status,
+ const char *func,
+ const char *file, int line,
+ const char *expr );
/** Return value logging wrapper macro.
*
@@ -125,10 +180,127 @@
* \return The value of \p expr.
*/
#define RECORD_STATUS( string, expr ) \
- record_status( ( expr ), string, __FILE__, __LINE__, #expr )
+ mbedtls_test_record_status( ( expr ), string, __FILE__, __LINE__, #expr )
#include "instrument_record_status.h"
#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+/** Return extended key usage policies.
+ *
+ * Do a key policy permission extension on key usage policies always involves
+ * permissions of other usage policies
+ * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSGAE).
+ */
+psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags );
+
+/** Skip a test case if the given key is a 192 bits AES key and the AES
+ * implementation is at least partially provided by an accelerator or
+ * alternative implementation.
+ *
+ * Call this macro in a test case when a cryptographic operation that may
+ * involve an AES operation returns a #PSA_ERROR_NOT_SUPPORTED error code.
+ * The macro call will skip and not fail the test case in case the operation
+ * involves a 192 bits AES key and the AES implementation is at least
+ * partially provided by an accelerator or alternative implementation.
+ *
+ * Hardware AES implementations not supporting 192 bits keys commonly exist.
+ * Consequently, PSA test cases aim at not failing when an AES operation with
+ * a 192 bits key performed by an alternative AES implementation returns
+ * with the #PSA_ERROR_NOT_SUPPORTED error code. The purpose of this macro
+ * is to facilitate this and make the test case code more readable.
+ *
+ * \param key_type Key type
+ * \param key_bits Key length in number of bits.
+ */
+#if defined(MBEDTLS_AES_ALT) || \
+ defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#define MBEDTLS_TEST_HAVE_ALT_AES 1
+#else
+#define MBEDTLS_TEST_HAVE_ALT_AES 0
+#endif
+
+#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_bits ) \
+ do \
+ { \
+ if( ( MBEDTLS_TEST_HAVE_ALT_AES ) && \
+ ( ( key_type ) == PSA_KEY_TYPE_AES ) && \
+ ( key_bits == 192 ) ) \
+ { \
+ mbedtls_test_skip( "AES-192 not supported", __LINE__, __FILE__ ); \
+ goto exit; \
+ } \
+ } \
+ while( 0 )
+
+/** Skip a test case if a GCM operation with a nonce length different from
+ * 12 bytes fails and was performed by an accelerator or alternative
+ * implementation.
+ *
+ * Call this macro in a test case when an AEAD cryptography operation that
+ * may involve the GCM mode returns with a #PSA_ERROR_NOT_SUPPORTED error
+ * code. The macro call will skip and not fail the test case in case the
+ * operation involves the GCM mode, a nonce with a length different from
+ * 12 bytes and the GCM mode implementation is an alternative one.
+ *
+ * Hardware GCM implementations not supporting nonce lengths different from
+ * 12 bytes commonly exist, as supporting a non-12-byte nonce requires
+ * additional computations involving the GHASH function.
+ * Consequently, PSA test cases aim at not failing when an AEAD operation in
+ * GCM mode with a nonce length different from 12 bytes is performed by an
+ * alternative GCM implementation and returns with a #PSA_ERROR_NOT_SUPPORTED
+ * error code. The purpose of this macro is to facilitate this check and make
+ * the test case code more readable.
+ *
+ * \param alg The AEAD algorithm.
+ * \param nonce_length The nonce length in number of bytes.
+ */
+#if defined(MBEDTLS_GCM_ALT) || \
+ defined(MBEDTLS_PSA_ACCEL_ALG_GCM)
+#define MBEDTLS_TEST_HAVE_ALT_GCM 1
+#else
+#define MBEDTLS_TEST_HAVE_ALT_GCM 0
+#endif
+
+#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, \
+ nonce_length ) \
+ do \
+ { \
+ if( ( MBEDTLS_TEST_HAVE_ALT_GCM ) && \
+ ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( ( alg ) , 0 ) == \
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ) ) && \
+ ( ( nonce_length ) != 12 ) ) \
+ { \
+ mbedtls_test_skip( "GCM with non-12-byte IV is not supported", __LINE__, __FILE__ ); \
+ goto exit; \
+ } \
+ } \
+ while( 0 )
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+/** \def USE_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO
+ * is enabled and do nothing otherwise. If the initialization fails, mark
+ * the test case as failed and jump to the \p exit label.
+ */
+/** \def USE_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #USE_PSA_INIT.
+ * This is like #PSA_DONE, except that it does nothing if
+ * #MBEDTLS_USE_PSA_CRYPTO is disabled.
+ */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USE_PSA_INIT( ) PSA_INIT( )
+#define USE_PSA_DONE( ) PSA_DONE( )
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+/* Define empty macros so that we can use them in the preamble and teardown
+ * of every test function that uses PSA conditionally based on
+ * MBEDTLS_USE_PSA_CRYPTO. */
+#define USE_PSA_INIT( ) ( (void) 0 )
+#define USE_PSA_DONE( ) ( (void) 0 )
+#endif /* !MBEDTLS_USE_PSA_CRYPTO */
+
#endif /* PSA_CRYPTO_HELPERS_H */
diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h
new file mode 100644
index 0000000..57eae58
--- /dev/null
+++ b/tests/include/test/psa_exercise_key.h
@@ -0,0 +1,241 @@
+/** Code to exercise a PSA key object, i.e. validate that it seems well-formed
+ * and can do what it is supposed to do.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_EXERCISE_KEY_H
+#define PSA_EXERCISE_KEY_H
+
+#include "test/helpers.h"
+#include "test/psa_crypto_helpers.h"
+
+#include <psa/crypto.h>
+
+/** \def KNOWN_SUPPORTED_HASH_ALG
+ *
+ * A hash algorithm that is known to be supported.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(PSA_WANT_ALG_MD2)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2
+#elif defined(PSA_WANT_ALG_MD4)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4
+#elif defined(PSA_WANT_ALG_MD5)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
+/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
+ * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
+ * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
+ * implausible anyway. */
+#elif defined(PSA_WANT_ALG_SHA_1)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
+#elif defined(PSA_WANT_ALG_SHA_256)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
+#elif defined(PSA_WANT_ALG_SHA_384)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384
+#elif defined(PSA_WANT_ALG_SHA_512)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_512
+#elif defined(PSA_WANT_ALG_SHA3_256)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256
+#else
+#undef KNOWN_SUPPORTED_HASH_ALG
+#endif
+
+/** \def KNOWN_SUPPORTED_BLOCK_CIPHER
+ *
+ * A block cipher that is known to be supported.
+ *
+ * For simplicity's sake, stick to block ciphers with 16-byte blocks.
+ */
+#if defined(MBEDTLS_AES_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES
+#elif defined(MBEDTLS_ARIA_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA
+#elif defined(MBEDTLS_CAMELLIA_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA
+#undef KNOWN_SUPPORTED_BLOCK_CIPHER
+#endif
+
+/** \def KNOWN_SUPPORTED_MAC_ALG
+ *
+ * A MAC mode that is known to be supported.
+ *
+ * It must either be HMAC with #KNOWN_SUPPORTED_HASH_ALG or
+ * a block cipher-based MAC with #KNOWN_SUPPORTED_BLOCK_CIPHER.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(KNOWN_SUPPORTED_HASH_ALG) && defined(PSA_WANT_ALG_HMAC)
+#define KNOWN_SUPPORTED_MAC_ALG ( PSA_ALG_HMAC( KNOWN_SUPPORTED_HASH_ALG ) )
+#define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C)
+#define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC
+#define KNOWN_SUPPORTED_MAC_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
+#else
+#undef KNOWN_SUPPORTED_MAC_ALG
+#undef KNOWN_SUPPORTED_MAC_KEY_TYPE
+#endif
+
+/** \def KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+ *
+ * A cipher algorithm and key type that are known to be supported.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CTR)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CBC)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CFB)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_OFB)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB
+#else
+#undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+#endif
+#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG)
+#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
+#elif defined(MBEDTLS_RC4_C)
+#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4
+#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4
+#else
+#undef KNOWN_SUPPORTED_CIPHER_ALG
+#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE
+#endif
+
+/** Convenience function to set up a key derivation.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * The inputs \p input1 and \p input2 are, in order:
+ * - HKDF: salt, info.
+ * - TKS 1.2 PRF, TLS 1.2 PSK-to-MS: seed, label.
+ *
+ * \param operation The operation object to use.
+ * It must be in the initialized state.
+ * \param key The key to use.
+ * \param alg The algorithm to use.
+ * \param input1 The first input to pass.
+ * \param input1_length The length of \p input1 in bytes.
+ * \param input2 The first input to pass.
+ * \param input2_length The length of \p input2 in bytes.
+ * \param capacity The capacity to set.
+ *
+ * \return \c 1 on success, \c 0 on failure.
+ */
+int mbedtls_test_psa_setup_key_derivation_wrap(
+ psa_key_derivation_operation_t* operation,
+ mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const unsigned char* input1, size_t input1_length,
+ const unsigned char* input2, size_t input2_length,
+ size_t capacity );
+
+/** Perform a key agreement using the given key pair against its public key
+ * using psa_raw_key_agreement().
+ *
+ * The result is discarded. The purpose of this function is to smoke-test a key.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * \param alg A key agreement algorithm compatible with \p key.
+ * \param key A key that allows key agreement with \p alg.
+ *
+ * \return \c 1 on success, \c 0 on failure.
+ */
+psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
+ psa_algorithm_t alg,
+ mbedtls_svc_key_id_t key );
+
+/** Perform a key agreement using the given key pair against its public key
+ * using psa_key_derivation_raw_key().
+ *
+ * The result is discarded. The purpose of this function is to smoke-test a key.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * \param operation An operation that has been set up for a key
+ * agreement algorithm that is compatible with
+ * \p key.
+ * \param key A key pair object that is suitable for a key
+ * agreement with \p operation.
+ *
+ * \return \c 1 on success, \c 0 on failure.
+ */
+psa_status_t mbedtls_test_psa_key_agreement_with_self(
+ psa_key_derivation_operation_t *operation,
+ mbedtls_svc_key_id_t key );
+
+/** Perform sanity checks on the given key representation.
+ *
+ * If any of the checks fail, mark the current test case as failed.
+ *
+ * The checks depend on the key type.
+ * - All types: check the export size against maximum-size macros.
+ * - DES: parity bits.
+ * - RSA: check the ASN.1 structure and the size and parity of the integers.
+ * - ECC private or public key: exact representation length.
+ * - Montgomery public key: first byte.
+ *
+ * \param type The key type.
+ * \param bits The key size in bits.
+ * \param exported A buffer containing the key representation.
+ * \param exported_length The length of \p exported in bytes.
+ *
+ * \return \c 1 if all checks passed, \c 0 on failure.
+ */
+int mbedtls_test_psa_exported_key_sanity_check(
+ psa_key_type_t type, size_t bits,
+ const uint8_t *exported, size_t exported_length );
+
+/** Do smoke tests on a key.
+ *
+ * Perform one of each operation indicated by \p alg (decrypt/encrypt,
+ * sign/verify, or derivation) that is permitted according to \p usage.
+ * \p usage and \p alg should correspond to the expected policy on the
+ * key.
+ *
+ * Export the key if permitted by \p usage, and check that the output
+ * looks sensible. If \p usage forbids export, check that
+ * \p psa_export_key correctly rejects the attempt. If the key is
+ * asymmetric, also check \p psa_export_public_key.
+ *
+ * If the key fails the tests, this function calls the test framework's
+ * `mbedtls_test_fail` function and returns false. Otherwise this function
+ * returns true. Therefore it should be used as follows:
+ * ```
+ * if( ! exercise_key( ... ) ) goto exit;
+ * ```
+ *
+ * \param key The key to exercise. It should be capable of performing
+ * \p alg.
+ * \param usage The usage flags to assume.
+ * \param alg The algorithm to exercise.
+ *
+ * \retval 0 The key failed the smoke tests.
+ * \retval 1 The key passed the smoke tests.
+ */
+int mbedtls_test_psa_exercise_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg );
+
+psa_key_usage_t mbedtls_test_psa_usage_to_exercise( psa_key_type_t type,
+ psa_algorithm_t alg );
+
+#endif /* PSA_EXERCISE_KEY_H */
diff --git a/tests/include/test/random.h b/tests/include/test/random.h
index 5e7e4e6..6428280 100644
--- a/tests/include/test/random.h
+++ b/tests/include/test/random.h
@@ -36,8 +36,11 @@
typedef struct
{
- unsigned char *buf;
+ unsigned char *buf; /* Pointer to a buffer of length bytes. */
size_t length;
+ /* If fallback_f_rng is NULL, fail after delivering length bytes. */
+ int ( *fallback_f_rng )( void*, unsigned char *, size_t );
+ void *fallback_p_rng;
} mbedtls_test_rnd_buf_info;
/**
@@ -67,24 +70,25 @@
size_t len );
/**
- * This function only returns zeros
+ * This function only returns zeros.
*
- * rng_state shall be NULL.
+ * \p rng_state shall be \c NULL.
*/
int mbedtls_test_rnd_zero_rand( void *rng_state,
unsigned char *output,
size_t len );
/**
- * This function returns random based on a buffer it receives.
+ * This function returns random data based on a buffer it receives.
*
- * rng_state shall be a pointer to a rnd_buf_info structure.
+ * \p rng_state shall be a pointer to a #mbedtls_test_rnd_buf_info structure.
*
* The number of bytes released from the buffer on each call to
- * the random function is specified by per_call. (Can be between
- * 1 and 4)
+ * the random function is specified by \p len.
*
- * After the buffer is empty it will return rand();
+ * After the buffer is empty, this function will call the fallback RNG in the
+ * #mbedtls_test_rnd_buf_info structure if there is one, and
+ * will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise.
*/
int mbedtls_test_rnd_buffer_rand( void *rng_state,
unsigned char *output,
@@ -96,7 +100,7 @@
* Pseudo random is based on the XTEA encryption algorithm to
* generate pseudorandom.
*
- * rng_state shall be a pointer to a rnd_pseudo_info structure.
+ * \p rng_state shall be a pointer to a #mbedtls_test_rnd_pseudo_info structure.
*/
int mbedtls_test_rnd_pseudo_rand( void *rng_state,
unsigned char *output,
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index af59c62..fa6791c 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -161,6 +161,7 @@
: ${ARMC5_BIN_DIR:=/usr/bin}
: ${ARMC6_BIN_DIR:=/usr/bin}
: ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-}
+ : ${ARM_LINUX_GNUEABI_GCC_PREFIX:=arm-linux-gnueabi-}
# if MAKEFLAGS is not set add the -j option to speed up invocations of make
if [ -z "${MAKEFLAGS+set}" ]; then
@@ -230,6 +231,9 @@
--arm-none-eabi-gcc-prefix=<string>
Prefix for a cross-compiler for arm-none-eabi
(default: "${ARM_NONE_EABI_GCC_PREFIX}")
+ --arm-linux-gnueabi-gcc-prefix=<string>
+ Prefix for a cross-compiler for arm-linux-gnueabi
+ (default: "${ARM_LINUX_GNUEABI_GCC_PREFIX}")
--armcc Run ARM Compiler builds (on by default).
--except Exclude the COMPONENTs listed on the command line,
instead of running only those.
@@ -377,6 +381,7 @@
case "$1" in
--append-outcome) append_outcome=1;;
--arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";;
+ --arm-linux-gnueabi-gcc-prefix) shift; ARM_LINUX_GNUEABI_GCC_PREFIX="$1";;
--armcc) no_armcc=;;
--armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
--armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
@@ -798,6 +803,43 @@
make test
}
+# check_renamed_symbols HEADER LIB
+# Check that if HEADER contains '#define MACRO ...' then MACRO is not a symbol
+# name is LIB.
+check_renamed_symbols () {
+ ! nm "$2" | sed 's/.* //' |
+ grep -x -F "$(sed -n 's/^ *# *define *\([A-Z_a-z][0-9A-Z_a-z]*\)..*/\1/p' "$1")"
+}
+
+component_build_psa_crypto_spm () {
+ msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER + PSA_CRYPTO_SPM, make, gcc"
+ scripts/config.py full
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_SPM
+ # We can only compile, not link, since our test and sample programs
+ # aren't equipped for the modified names used when MBEDTLS_PSA_CRYPTO_SPM
+ # is active.
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' lib
+
+ # Check that if a symbol is renamed by crypto_spe.h, the non-renamed
+ # version is not present.
+ echo "Checking for renamed symbols in the library"
+ if_build_succeeded check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a
+}
+
+component_test_psa_crypto_client () {
+ msg "build: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make"
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CLIENT
+ make
+
+ msg "test: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make"
+ make test
+}
+
component_test_zlib_make() {
msg "build: zlib enabled, make"
scripts/config.py set MBEDTLS_ZLIB_SUPPORT
@@ -837,6 +879,15 @@
support_test_zlib_make "$@"
}
+component_test_psa_crypto_rsa_no_genprime() {
+ msg "build: default config minus MBEDTLS_GENPRIME"
+ scripts/config.py unset MBEDTLS_GENPRIME
+ make
+
+ msg "test: default config minus MBEDTLS_GENPRIME"
+ make test
+}
+
component_test_ref_configs () {
msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
@@ -911,38 +962,161 @@
if_build_succeeded tests/context-info.sh
}
-component_test_no_ctr_drbg () {
- msg "build: Full minus CTR_DRBG"
+component_test_no_ctr_drbg_classic () {
+ msg "build: Full minus CTR_DRBG, classic crypto in TLS"
scripts/config.py full
scripts/config.py unset MBEDTLS_CTR_DRBG_C
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C # requires PSA Crypto
- scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO # requires PSA Crypto
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
- msg "test: no CTR_DRBG"
+ msg "test: Full minus CTR_DRBG, classic crypto - main suites"
make test
- # no ssl-opt.sh/compat.sh as they all depend on CTR_DRBG so far
+ # In this configuration, the TLS test programs use HMAC_DRBG.
+ # The SSL tests are slow, so run a small subset, just enough to get
+ # confidence that the SSL code copes with HMAC_DRBG.
+ msg "test: Full minus CTR_DRBG, classic crypto - ssl-opt.sh (subset)"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server'
+
+ msg "test: Full minus CTR_DRBG, classic crypto - compat.sh (subset)"
+ if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL
}
-component_test_no_hmac_drbg () {
- msg "build: Full minus HMAC_DRBG"
+component_test_no_ctr_drbg_use_psa () {
+ msg "build: Full minus CTR_DRBG, PSA crypto in TLS"
+ scripts/config.py full
+ scripts/config.py unset MBEDTLS_CTR_DRBG_C
+ scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+
+ msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - main suites"
+ make test
+
+ # In this configuration, the TLS test programs use HMAC_DRBG.
+ # The SSL tests are slow, so run a small subset, just enough to get
+ # confidence that the SSL code copes with HMAC_DRBG.
+ msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - ssl-opt.sh (subset)"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server'
+
+ msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - compat.sh (subset)"
+ if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL
+}
+
+component_test_no_hmac_drbg_classic () {
+ msg "build: Full minus HMAC_DRBG, classic crypto in TLS"
scripts/config.py full
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
- msg "test: no HMAC_DRBG"
+ msg "test: Full minus HMAC_DRBG, classic crypto - main suites"
make test
- # No ssl-opt.sh/compat.sh as they never use HMAC_DRBG so far,
- # so there's little value in running those lengthy tests here.
+ # Normally our ECDSA implementation uses deterministic ECDSA. But since
+ # HMAC_DRBG is disabled in this configuration, randomized ECDSA is used
+ # instead.
+ # Test SSL with non-deterministic ECDSA. Only test features that
+ # might be affected by how ECDSA signature is performed.
+ msg "test: Full minus HMAC_DRBG, classic crypto - ssl-opt.sh (subset)"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private: sign'
+
+ # To save time, only test one protocol version, since this part of
+ # the protocol is identical in (D)TLS up to 1.2.
+ msg "test: Full minus HMAC_DRBG, classic crypto - compat.sh (ECDSA)"
+ if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA'
+}
+
+component_test_no_hmac_drbg_use_psa () {
+ msg "build: Full minus HMAC_DRBG, PSA crypto in TLS"
+ scripts/config.py full
+ scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+ scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+ scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+
+ msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - main suites"
+ make test
+
+ # Normally our ECDSA implementation uses deterministic ECDSA. But since
+ # HMAC_DRBG is disabled in this configuration, randomized ECDSA is used
+ # instead.
+ # Test SSL with non-deterministic ECDSA. Only test features that
+ # might be affected by how ECDSA signature is performed.
+ msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - ssl-opt.sh (subset)"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private: sign'
+
+ # To save time, only test one protocol version, since this part of
+ # the protocol is identical in (D)TLS up to 1.2.
+ msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - compat.sh (ECDSA)"
+ if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA'
+}
+
+component_test_psa_external_rng_no_drbg_classic () {
+ msg "build: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto in TLS"
+ scripts/config.py full
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+ scripts/config.py unset MBEDTLS_ENTROPY_C
+ scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+ scripts/config.py unset MBEDTLS_CTR_DRBG_C
+ scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+ scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+ scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
+ # When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG,
+ # the SSL test programs don't have an RNG and can't work. Explicitly
+ # make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG.
+ make CFLAGS="$ASAN_CFLAGS -O2 -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS"
+
+ msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites"
+ make test
+
+ msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - ssl-opt.sh (subset)"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default'
+}
+
+component_test_psa_external_rng_no_drbg_use_psa () {
+ msg "build: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto in TLS"
+ scripts/config.py full
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+ scripts/config.py unset MBEDTLS_ENTROPY_C
+ scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+ scripts/config.py unset MBEDTLS_CTR_DRBG_C
+ scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+ scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+ scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
+ make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+ msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites"
+ make test
+
+ msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - ssl-opt.sh (subset)"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|opaque'
+}
+
+component_test_psa_external_rng_use_psa_crypto () {
+ msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
+ scripts/config.py full
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+ scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+ scripts/config.py unset MBEDTLS_CTR_DRBG_C
+ make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+ msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
+ make test
+
+ msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|opaque'
}
component_test_ecp_no_internal_rng () {
@@ -1309,14 +1483,65 @@
}
component_test_psa_crypto_config_basic() {
- # full plus MBEDTLS_PSA_CRYPTO_CONFIG
- msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG"
+ # Test the library excluding all Mbed TLS cryptographic support for which
+ # we have an accelerator support. Acceleration is faked with the
+ # transparent test driver.
+ msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG + as much acceleration as supported"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+
+ # There is no intended accelerator support for ALG STREAM_CIPHER and
+ # ALG_ECB_NO_PADDING. Therefore, asking for them in the build implies the
+ # inclusion of the Mbed TLS cipher operations. As we want to test here with
+ # cipher operations solely supported by accelerators, disabled those
+ # PSA configuration options.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+ # Don't test DES encryption as:
+ # 1) It is not an issue if we don't test all cipher types here.
+ # 2) That way we don't have to modify in psa_crypto.c the compilation
+ # guards MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES for the code they guard to be
+ # available to the test driver. Modifications that we would need to
+ # revert when we move to compile the test driver separately.
+ # We also disable MBEDTLS_DES_C as the dependencies on DES in PSA test
+ # suites are still based on MBEDTLS_DES_C and not PSA_WANT_KEY_TYPE_DES.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DES
+ scripts/config.py unset MBEDTLS_DES_C
+
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_AES"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CTR"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CFB"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_OFB"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_1"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_224"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_256"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_384"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_512"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_XTS"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CMAC"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_HMAC"
+ loc_cflags="${loc_cflags} -I../tests/include -O2"
+
+ make CC=gcc CFLAGS="$loc_cflags" LDFLAGS="$ASAN_CFLAGS"
+ unset loc_cflags
msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG"
make test
@@ -2082,11 +2307,42 @@
component_test_psa_crypto_drivers () {
msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks"
+ scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_AES"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CTR"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CFB"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_OFB"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_1"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_224"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_256"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_384"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_512"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_XTS"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CMAC"
+ loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_HMAC"
+ loc_cflags="${loc_cflags} -I../tests/include -O2"
- msg "test: MBEDTLS_PSA_CRYPTO_DRIVERS, signature"
+ make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+ unset loc_cflags
+
+ msg "test: full + MBEDTLS_PSA_CRYPTO_DRIVERS"
make test
}
@@ -2281,14 +2537,29 @@
${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
}
-component_build_arm_none_eabi_gcc_arm5vte () {
- msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s
+component_build_arm_linux_gnueabi_gcc_arm5vte () {
+ msg "build: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s
scripts/config.py baremetal
# Build for a target platform that's close to what Debian uses
# for its "armel" distribution (https://wiki.debian.org/ArmEabiPort).
# See https://github.com/ARMmbed/mbedtls/pull/2169 and comments.
- # It would be better to build with arm-linux-gnueabi-gcc but
- # we don't have that on our CI at this time.
+ # Build everything including programs, see for example
+ # https://github.com/ARMmbed/mbedtls/pull/3449#issuecomment-675313720
+ make CC="${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc" AR="${ARM_LINUX_GNUEABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te'
+
+ msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1"
+ ${ARM_LINUX_GNUEABI_GCC_PREFIX}size library/*.o
+}
+support_build_arm_linux_gnueabi_gcc_arm5vte () {
+ type ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc >/dev/null 2>&1
+}
+
+component_build_arm_none_eabi_gcc_arm5vte () {
+ msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s
+ scripts/config.py baremetal
+ # This is an imperfect substitute for
+ # component_build_arm_linux_gnueabi_gcc_arm5vte
+ # in case the gcc-arm-linux-gnueabi toolchain is not available
make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib
msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1"
@@ -2354,15 +2625,6 @@
make CFLAGS='-Werror -O1'
}
-component_test_allow_sha1 () {
- msg "build: allow SHA1 in certificates by default"
- scripts/config.py set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
- make CFLAGS='-Werror -Wall -Wextra'
- msg "test: allow SHA1 in certificates by default"
- make test
- if_build_succeeded tests/ssl-opt.sh -f SHA-1
-}
-
component_test_tls13_experimental () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled"
scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh
index 64ed145..8756634 100755
--- a/tests/scripts/basic-build-test.sh
+++ b/tests/scripts/basic-build-test.sh
@@ -62,6 +62,11 @@
: ${SEED:=1}
export SEED
+# if MAKEFLAGS is not set add the -j option to speed up invocations of make
+if [ -z "${MAKEFLAGS+set}" ]; then
+ export MAKEFLAGS="-j"
+fi
+
# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh
# we just export the variables they require
export OPENSSL_CMD="$OPENSSL"
@@ -87,7 +92,7 @@
make clean
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.py full
-make -j
+make
# Step 2 - Execute the tests
@@ -107,6 +112,7 @@
# Step 2b - System Tests (keep going even if some tests fail)
echo
echo '################ ssl-opt.sh ################'
+echo "ssl-opt.sh will use SEED=$SEED for udp_proxy"
sh ssl-opt.sh |tee sys-test-$TEST_OUTPUT
echo '^^^^^^^^^^^^^^^^ ssl-opt.sh ^^^^^^^^^^^^^^^^'
echo
@@ -154,116 +160,126 @@
echo "Test Report Summary"
echo
-cd tests
+# A failure of the left-hand side of a pipe is ignored (this is a limitation
+# of sh). We'll use the presence of this file as a marker that the generation
+# of the report succeeded.
+rm -f "tests/basic-build-test-$$.ok"
-# Step 4a - Unit tests
-echo "Unit tests - tests/scripts/run-test-suites.pl"
+{
-PASSED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/test cases passed :[\t]*\([0-9]*\)/\1/p'| tr -d ' ')
-SKIPPED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/skipped :[ \t]*\([0-9]*\)/\1/p'| tr -d ' ')
-TOTAL_SUITES=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) .*, [0-9]* tests run)/\1/p'| tr -d ' ')
-FAILED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/failed :[\t]*\([0-9]*\)/\1/p' |tr -d ' ')
+ cd tests
-echo "No test suites : $TOTAL_SUITES"
-echo "Passed : $PASSED_TESTS"
-echo "Failed : $FAILED_TESTS"
-echo "Skipped : $SKIPPED_TESTS"
-echo "Total exec'd tests : $(($PASSED_TESTS + $FAILED_TESTS))"
-echo "Total avail tests : $(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))"
-echo
+ # Step 4a - Unit tests
+ echo "Unit tests - tests/scripts/run-test-suites.pl"
-TOTAL_PASS=$PASSED_TESTS
-TOTAL_FAIL=$FAILED_TESTS
-TOTAL_SKIP=$SKIPPED_TESTS
-TOTAL_AVAIL=$(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))
-TOTAL_EXED=$(($PASSED_TESTS + $FAILED_TESTS))
+ PASSED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/test cases passed :[\t]*\([0-9]*\)/\1/p'| tr -d ' ')
+ SKIPPED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/skipped :[ \t]*\([0-9]*\)/\1/p'| tr -d ' ')
+ TOTAL_SUITES=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) .*, [0-9]* tests run)/\1/p'| tr -d ' ')
+ FAILED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/failed :[\t]*\([0-9]*\)/\1/p' |tr -d ' ')
-# Step 4b - TLS Options tests
-echo "TLS Options tests - tests/ssl-opt.sh"
+ echo "No test suites : $TOTAL_SUITES"
+ echo "Passed : $PASSED_TESTS"
+ echo "Failed : $FAILED_TESTS"
+ echo "Skipped : $SKIPPED_TESTS"
+ echo "Total exec'd tests : $(($PASSED_TESTS + $FAILED_TESTS))"
+ echo "Total avail tests : $(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))"
+ echo
-PASSED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p')
-SKIPPED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p')
-TOTAL_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p')
-FAILED_TESTS=$(($TOTAL_TESTS - $PASSED_TESTS))
+ TOTAL_PASS=$PASSED_TESTS
+ TOTAL_FAIL=$FAILED_TESTS
+ TOTAL_SKIP=$SKIPPED_TESTS
+ TOTAL_AVAIL=$(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))
+ TOTAL_EXED=$(($PASSED_TESTS + $FAILED_TESTS))
-echo "Passed : $PASSED_TESTS"
-echo "Failed : $FAILED_TESTS"
-echo "Skipped : $SKIPPED_TESTS"
-echo "Total exec'd tests : $TOTAL_TESTS"
-echo "Total avail tests : $(($TOTAL_TESTS + $SKIPPED_TESTS))"
-echo
+ # Step 4b - TLS Options tests
+ echo "TLS Options tests - tests/ssl-opt.sh"
-TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS))
-TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS))
-TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS))
-TOTAL_AVAIL=$(($TOTAL_AVAIL + $TOTAL_TESTS + $SKIPPED_TESTS))
-TOTAL_EXED=$(($TOTAL_EXED + $TOTAL_TESTS))
+ PASSED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p')
+ SKIPPED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p')
+ TOTAL_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p')
+ FAILED_TESTS=$(($TOTAL_TESTS - $PASSED_TESTS))
+
+ echo "Passed : $PASSED_TESTS"
+ echo "Failed : $FAILED_TESTS"
+ echo "Skipped : $SKIPPED_TESTS"
+ echo "Total exec'd tests : $TOTAL_TESTS"
+ echo "Total avail tests : $(($TOTAL_TESTS + $SKIPPED_TESTS))"
+ echo
+
+ TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS))
+ TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS))
+ TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS))
+ TOTAL_AVAIL=$(($TOTAL_AVAIL + $TOTAL_TESTS + $SKIPPED_TESTS))
+ TOTAL_EXED=$(($TOTAL_EXED + $TOTAL_TESTS))
-# Step 4c - System Compatibility tests
-echo "System/Compatibility tests - tests/compat.sh"
+ # Step 4c - System Compatibility tests
+ echo "System/Compatibility tests - tests/compat.sh"
-PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
-SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
-EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
-FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS))
+ PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
+ SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
+ EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
+ FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS))
-echo "Passed : $PASSED_TESTS"
-echo "Failed : $FAILED_TESTS"
-echo "Skipped : $SKIPPED_TESTS"
-echo "Total exec'd tests : $EXED_TESTS"
-echo "Total avail tests : $(($EXED_TESTS + $SKIPPED_TESTS))"
-echo
+ echo "Passed : $PASSED_TESTS"
+ echo "Failed : $FAILED_TESTS"
+ echo "Skipped : $SKIPPED_TESTS"
+ echo "Total exec'd tests : $EXED_TESTS"
+ echo "Total avail tests : $(($EXED_TESTS + $SKIPPED_TESTS))"
+ echo
-TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS))
-TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS))
-TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS))
-TOTAL_AVAIL=$(($TOTAL_AVAIL + $EXED_TESTS + $SKIPPED_TESTS))
-TOTAL_EXED=$(($TOTAL_EXED + $EXED_TESTS))
+ TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS))
+ TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS))
+ TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS))
+ TOTAL_AVAIL=$(($TOTAL_AVAIL + $EXED_TESTS + $SKIPPED_TESTS))
+ TOTAL_EXED=$(($TOTAL_EXED + $EXED_TESTS))
-# Step 4d - Grand totals
-echo "-------------------------------------------------------------------------"
-echo "Total tests"
+ # Step 4d - Grand totals
+ echo "-------------------------------------------------------------------------"
+ echo "Total tests"
-echo "Total Passed : $TOTAL_PASS"
-echo "Total Failed : $TOTAL_FAIL"
-echo "Total Skipped : $TOTAL_SKIP"
-echo "Total exec'd tests : $TOTAL_EXED"
-echo "Total avail tests : $TOTAL_AVAIL"
-echo
+ echo "Total Passed : $TOTAL_PASS"
+ echo "Total Failed : $TOTAL_FAIL"
+ echo "Total Skipped : $TOTAL_SKIP"
+ echo "Total exec'd tests : $TOTAL_EXED"
+ echo "Total avail tests : $TOTAL_AVAIL"
+ echo
-# Step 4e - Coverage
-echo "Coverage"
+ # Step 4e - Coverage
+ echo "Coverage"
-LINES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* lines)/\1/p')
-LINES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) lines)/\1/p')
-FUNCS_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* functions)$/\1/p')
-FUNCS_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) functions)$/\1/p')
-BRANCHES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* branches)$/\1/p')
-BRANCHES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) branches)$/\1/p')
+ LINES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* lines)/\1/p')
+ LINES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) lines)/\1/p')
+ FUNCS_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* functions)$/\1/p')
+ FUNCS_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) functions)$/\1/p')
+ BRANCHES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* branches)$/\1/p')
+ BRANCHES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) branches)$/\1/p')
-LINES_PERCENT=$((1000*$LINES_TESTED/$LINES_TOTAL))
-LINES_PERCENT="$(($LINES_PERCENT/10)).$(($LINES_PERCENT-($LINES_PERCENT/10)*10))"
+ LINES_PERCENT=$((1000*$LINES_TESTED/$LINES_TOTAL))
+ LINES_PERCENT="$(($LINES_PERCENT/10)).$(($LINES_PERCENT-($LINES_PERCENT/10)*10))"
-FUNCS_PERCENT=$((1000*$FUNCS_TESTED/$FUNCS_TOTAL))
-FUNCS_PERCENT="$(($FUNCS_PERCENT/10)).$(($FUNCS_PERCENT-($FUNCS_PERCENT/10)*10))"
+ FUNCS_PERCENT=$((1000*$FUNCS_TESTED/$FUNCS_TOTAL))
+ FUNCS_PERCENT="$(($FUNCS_PERCENT/10)).$(($FUNCS_PERCENT-($FUNCS_PERCENT/10)*10))"
-BRANCHES_PERCENT=$((1000*$BRANCHES_TESTED/$BRANCHES_TOTAL))
-BRANCHES_PERCENT="$(($BRANCHES_PERCENT/10)).$(($BRANCHES_PERCENT-($BRANCHES_PERCENT/10)*10))"
+ BRANCHES_PERCENT=$((1000*$BRANCHES_TESTED/$BRANCHES_TOTAL))
+ BRANCHES_PERCENT="$(($BRANCHES_PERCENT/10)).$(($BRANCHES_PERCENT-($BRANCHES_PERCENT/10)*10))"
-echo "Lines Tested : $LINES_TESTED of $LINES_TOTAL $LINES_PERCENT%"
-echo "Functions Tested : $FUNCS_TESTED of $FUNCS_TOTAL $FUNCS_PERCENT%"
-echo "Branches Tested : $BRANCHES_TESTED of $BRANCHES_TOTAL $BRANCHES_PERCENT%"
-echo
+ rm unit-test-$TEST_OUTPUT
+ rm sys-test-$TEST_OUTPUT
+ rm compat-test-$TEST_OUTPUT
+ rm cov-$TEST_OUTPUT
-rm unit-test-$TEST_OUTPUT
-rm sys-test-$TEST_OUTPUT
-rm compat-test-$TEST_OUTPUT
-rm cov-$TEST_OUTPUT
+ echo "Lines Tested : $LINES_TESTED of $LINES_TOTAL $LINES_PERCENT%"
+ echo "Functions Tested : $FUNCS_TESTED of $FUNCS_TOTAL $FUNCS_PERCENT%"
+ echo "Branches Tested : $BRANCHES_TESTED of $BRANCHES_TOTAL $BRANCHES_PERCENT%"
+ echo
-cd ..
+ # Mark the report generation as having succeeded. This must be the
+ # last thing in the report generation.
+ touch "basic-build-test-$$.ok"
+} | tee coverage-summary.txt
make clean
@@ -271,6 +287,7 @@
mv "$CONFIG_BAK" "$CONFIG_H"
fi
-if [ $TOTAL_FAIL -ne 0 ]; then
- exit 1
-fi
+# The file must exist, otherwise it means something went wrong while generating
+# the coverage report. If something did go wrong, rm will complain so this
+# script will exit with a failure status.
+rm "tests/basic-build-test-$$.ok"
diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh
index 845d1c6..5e35be8 100755
--- a/tests/scripts/check-generated-files.sh
+++ b/tests/scripts/check-generated-files.sh
@@ -44,56 +44,56 @@
UPDATE='y'
fi
+# check SCRIPT FILENAME[...]
+# check SCRIPT DIRECTORY
+# Run SCRIPT and check that it does not modify any of the specified files.
+# In the first form, there can be any number of FILENAMEs, which must be
+# regular files.
+# In the second form, there must be a single DIRECTORY, standing for the
+# list of files in the directory. Running SCRIPT must not modify any file
+# in the directory and must not add or remove files either.
+# If $UPDATE is empty, abort with an error status if a file is modified.
check()
{
SCRIPT=$1
- TO_CHECK=$2
- PATTERN=""
- FILES=""
+ shift
- if [ -d $TO_CHECK ]; then
- for FILE in $TO_CHECK/*; do
- FILES="$FILE $FILES"
- done
- else
- FILES=$TO_CHECK
+ directory=
+ if [ -d "$1" ]; then
+ directory="$1"
+ set -- "$1"/*
fi
- for FILE in $FILES; do
- cp $FILE $FILE.bak
+ for FILE in "$@"; do
+ cp "$FILE" "$FILE.bak"
done
- $SCRIPT
+ "$SCRIPT"
# Compare the script output to the old files and remove backups
- for FILE in $FILES; do
- if ! diff $FILE $FILE.bak >/dev/null 2>&1; then
+ for FILE in "$@"; do
+ if ! diff "$FILE" "$FILE.bak" >/dev/null 2>&1; then
echo "'$FILE' was either modified or deleted by '$SCRIPT'"
if [ -z "$UPDATE" ]; then
exit 1
fi
fi
if [ -z "$UPDATE" ]; then
- mv $FILE.bak $FILE
+ mv "$FILE.bak" "$FILE"
else
- rm $FILE.bak
- fi
-
- if [ -d $TO_CHECK ]; then
- # Create a grep regular expression that we can check against the
- # directory contents to test whether new files have been created
- if [ -z $PATTERN ]; then
- PATTERN="$(basename $FILE)"
- else
- PATTERN="$PATTERN\|$(basename $FILE)"
- fi
+ rm "$FILE.bak"
fi
done
- if [ -d $TO_CHECK ]; then
+ if [ -n "$directory" ]; then
+ old_list="$*"
+ set -- "$directory"/*
+ new_list="$*"
# Check if there are any new files
- if ls -1 $TO_CHECK | grep -v "$PATTERN" >/dev/null 2>&1; then
- echo "Files were created by '$SCRIPT'"
+ if [ "$old_list" != "$new_list" ]; then
+ echo "Files were deleted or created by '$SCRIPT'"
+ echo "Before: $old_list"
+ echo "After: $new_list"
if [ -z "$UPDATE" ]; then
exit 1
fi
@@ -106,3 +106,4 @@
check scripts/generate_features.pl library/version_features.c
check scripts/generate_visualc_files.pl visualc/VS2010
check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c
+check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py --list)
diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh
index 55f76da..293afa8 100755
--- a/tests/scripts/check-names.sh
+++ b/tests/scripts/check-names.sh
@@ -28,11 +28,6 @@
exit
fi
-if grep --version|head -n1|grep GNU >/dev/null; then :; else
- echo "This script requires GNU grep.">&2
- exit 1
-fi
-
trace=
if [ $# -ne 0 ] && [ "$1" = "-v" ]; then
shift
diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh
index 518c423..449803a5 100755
--- a/tests/scripts/check-python-files.sh
+++ b/tests/scripts/check-python-files.sh
@@ -14,11 +14,13 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-# Purpose:
-#
-# Run 'pylint' on Python files for programming errors and helps enforcing
-# PEP8 coding standards.
+
+# Purpose: check Python files for potential programming errors or maintenance
+# hurdles. Run pylint to detect some potential mistakes and enforce PEP8
+# coding standards. If available, run mypy to perform static type checking.
+
+# We'll keep going on errors and report the status at the end.
+ret=0
if type python3 >/dev/null 2>/dev/null; then
PYTHON=python3
@@ -26,4 +28,56 @@
PYTHON=python
fi
-$PYTHON -m pylint -j 2 scripts/*.py tests/scripts/*.py
+check_version () {
+ $PYTHON - "$2" <<EOF
+import packaging.version
+import sys
+import $1 as package
+actual = package.__version__
+wanted = sys.argv[1]
+if packaging.version.parse(actual) < packaging.version.parse(wanted):
+ sys.stderr.write("$1: version %s is too old (want %s)\n" % (actual, wanted))
+ exit(1)
+EOF
+}
+
+can_pylint () {
+ # Pylint 1.5.2 from Ubuntu 16.04 is too old:
+ # E: 34, 0: Unable to import 'mbedtls_dev' (import-error)
+ # Pylint 1.8.3 from Ubuntu 18.04 passed on the first commit containing this line.
+ check_version pylint 1.8.3
+}
+
+can_mypy () {
+ # mypy 0.770 is too old:
+ # tests/scripts/test_psa_constant_names.py:34: error: Cannot find implementation or library stub for module named 'mbedtls_dev'
+ # mypy 0.780 from pip passed on the first commit containing this line.
+ check_version mypy.version 0.780
+}
+
+# With just a --can-xxx option, check whether the tool for xxx is available
+# with an acceptable version, and exit without running any checks. The exit
+# status is true if the tool is available and acceptable and false otherwise.
+if [ "$1" = "--can-pylint" ]; then
+ can_pylint
+ exit
+elif [ "$1" = "--can-mypy" ]; then
+ can_mypy
+ exit
+fi
+
+echo 'Running pylint ...'
+$PYTHON -m pylint -j 2 scripts/mbedtls_dev/*.py scripts/*.py tests/scripts/*.py || {
+ echo >&2 "pylint reported errors"
+ ret=1
+}
+
+# Check types if mypy is available
+if can_mypy; then
+ echo
+ echo 'Running mypy ...'
+ $PYTHON -m mypy scripts/*.py tests/scripts/*.py ||
+ ret=1
+fi
+
+exit $ret
diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py
index 13fee9d..8857e00 100755
--- a/tests/scripts/check_files.py
+++ b/tests/scripts/check_files.py
@@ -29,6 +29,10 @@
import re
import subprocess
import sys
+try:
+ from typing import FrozenSet, Optional, Pattern # pylint: disable=unused-import
+except ImportError:
+ pass
class FileIssueTracker:
@@ -48,8 +52,8 @@
``heading``: human-readable description of the issue
"""
- suffix_exemptions = frozenset()
- path_exemptions = None
+ suffix_exemptions = frozenset() #type: FrozenSet[str]
+ path_exemptions = None #type: Optional[Pattern[str]]
# heading must be defined in derived classes.
# pylint: disable=no-member
@@ -161,13 +165,64 @@
heading = "Incorrect permissions:"
+ # .py files can be either full scripts or modules, so they may or may
+ # not be executable.
+ suffix_exemptions = frozenset({".py"})
+
def check_file_for_issue(self, filepath):
is_executable = os.access(filepath, os.X_OK)
- should_be_executable = filepath.endswith((".sh", ".pl", ".py"))
+ should_be_executable = filepath.endswith((".sh", ".pl"))
if is_executable != should_be_executable:
self.files_with_issues[filepath] = None
+class ShebangIssueTracker(FileIssueTracker):
+ """Track files with a bad, missing or extraneous shebang line.
+
+ Executable scripts must start with a valid shebang (#!) line.
+ """
+
+ heading = "Invalid shebang line:"
+
+ # Allow either /bin/sh, /bin/bash, or /usr/bin/env.
+ # Allow at most one argument (this is a Linux limitation).
+ # For sh and bash, the argument if present must be options.
+ # For env, the argument must be the base name of the interpeter.
+ _shebang_re = re.compile(rb'^#! ?(?:/bin/(bash|sh)(?: -[^\n ]*)?'
+ rb'|/usr/bin/env ([^\n /]+))$')
+ _extensions = {
+ b'bash': 'sh',
+ b'perl': 'pl',
+ b'python3': 'py',
+ b'sh': 'sh',
+ }
+
+ def is_valid_shebang(self, first_line, filepath):
+ m = re.match(self._shebang_re, first_line)
+ if not m:
+ return False
+ interpreter = m.group(1) or m.group(2)
+ if interpreter not in self._extensions:
+ return False
+ if not filepath.endswith('.' + self._extensions[interpreter]):
+ return False
+ return True
+
+ def check_file_for_issue(self, filepath):
+ is_executable = os.access(filepath, os.X_OK)
+ with open(filepath, "rb") as f:
+ first_line = f.readline()
+ if first_line.startswith(b'#!'):
+ if not is_executable:
+ # Shebang on a non-executable file
+ self.files_with_issues[filepath] = None
+ elif not self.is_valid_shebang(first_line, filepath):
+ self.files_with_issues[filepath] = [1]
+ elif is_executable:
+ # Executable without a shebang
+ self.files_with_issues[filepath] = None
+
+
class EndOfFileNewlineIssueTracker(FileIssueTracker):
"""Track files that end with an incomplete line
(no newline character at the end of the last line)."""
@@ -288,6 +343,7 @@
self.setup_logger(log_file)
self.issues_to_check = [
PermissionIssueTracker(),
+ ShebangIssueTracker(),
EndOfFileNewlineIssueTracker(),
Utf8BomIssueTracker(),
UnixLineEndingIssueTracker(),
diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py
new file mode 100755
index 0000000..441b1c2
--- /dev/null
+++ b/tests/scripts/generate_psa_tests.py
@@ -0,0 +1,686 @@
+#!/usr/bin/env python3
+"""Generate test data for PSA cryptographic mechanisms.
+
+With no arguments, generate all test data. With non-option arguments,
+generate only the specified files.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import argparse
+import os
+import re
+import sys
+from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional, TypeVar
+
+import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import crypto_knowledge
+from mbedtls_dev import macro_collector
+from mbedtls_dev import psa_storage
+from mbedtls_dev import test_case
+
+T = TypeVar('T') #pylint: disable=invalid-name
+
+
+def psa_want_symbol(name: str) -> str:
+ """Return the PSA_WANT_xxx symbol associated with a PSA crypto feature."""
+ if name.startswith('PSA_'):
+ return name[:4] + 'WANT_' + name[4:]
+ else:
+ raise ValueError('Unable to determine the PSA_WANT_ symbol for ' + name)
+
+def finish_family_dependency(dep: str, bits: int) -> str:
+ """Finish dep if it's a family dependency symbol prefix.
+
+ A family dependency symbol prefix is a PSA_WANT_ symbol that needs to be
+ qualified by the key size. If dep is such a symbol, finish it by adjusting
+ the prefix and appending the key size. Other symbols are left unchanged.
+ """
+ return re.sub(r'_FAMILY_(.*)', r'_\1_' + str(bits), dep)
+
+def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]:
+ """Finish any family dependency symbol prefixes.
+
+ Apply `finish_family_dependency` to each element of `dependencies`.
+ """
+ return [finish_family_dependency(dep, bits) for dep in dependencies]
+
+SYMBOLS_WITHOUT_DEPENDENCY = frozenset([
+ 'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies
+ 'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier
+ 'PSA_ALG_ANY_HASH', # only in policies
+ 'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies
+ 'PSA_ALG_KEY_AGREEMENT', # chaining
+ 'PSA_ALG_TRUNCATED_MAC', # modifier
+])
+def automatic_dependencies(*expressions: str) -> List[str]:
+ """Infer dependencies of a test case by looking for PSA_xxx symbols.
+
+ The arguments are strings which should be C expressions. Do not use
+ string literals or comments as this function is not smart enough to
+ skip them.
+ """
+ used = set()
+ for expr in expressions:
+ used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr))
+ used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY)
+ return sorted(psa_want_symbol(name) for name in used)
+
+# A temporary hack: at the time of writing, not all dependency symbols
+# are implemented yet. Skip test cases for which the dependency symbols are
+# not available. Once all dependency symbols are available, this hack must
+# be removed so that a bug in the dependency symbols proprely leads to a test
+# failure.
+def read_implemented_dependencies(filename: str) -> FrozenSet[str]:
+ return frozenset(symbol
+ for line in open(filename)
+ for symbol in re.findall(r'\bPSA_WANT_\w+\b', line))
+IMPLEMENTED_DEPENDENCIES = read_implemented_dependencies('include/psa/crypto_config.h')
+def hack_dependencies_not_implemented(dependencies: List[str]) -> None:
+ if not all(dep.lstrip('!') in IMPLEMENTED_DEPENDENCIES
+ for dep in dependencies):
+ dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET')
+
+
+class Information:
+ """Gather information about PSA constructors."""
+
+ def __init__(self) -> None:
+ self.constructors = self.read_psa_interface()
+
+ @staticmethod
+ def remove_unwanted_macros(
+ constructors: macro_collector.PSAMacroEnumerator
+ ) -> None:
+ # Mbed TLS doesn't support finite-field DH yet and will not support
+ # finite-field DSA. Don't attempt to generate any related test case.
+ constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR')
+ constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY')
+ constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')
+ constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY')
+
+ def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator:
+ """Return the list of known key types, algorithms, etc."""
+ constructors = macro_collector.InputsForTest()
+ header_file_names = ['include/psa/crypto_values.h',
+ 'include/psa/crypto_extra.h']
+ test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data']
+ for header_file_name in header_file_names:
+ constructors.parse_header(header_file_name)
+ for test_cases in test_suites:
+ constructors.parse_test_cases(test_cases)
+ self.remove_unwanted_macros(constructors)
+ constructors.gather_arguments()
+ return constructors
+
+
+def test_case_for_key_type_not_supported(
+ verb: str, key_type: str, bits: int,
+ dependencies: List[str],
+ *args: str,
+ param_descr: str = ''
+) -> test_case.TestCase:
+ """Return one test case exercising a key creation method
+ for an unsupported key type or size.
+ """
+ hack_dependencies_not_implemented(dependencies)
+ tc = test_case.TestCase()
+ short_key_type = re.sub(r'PSA_(KEY_TYPE|ECC_FAMILY)_', r'', key_type)
+ adverb = 'not' if dependencies else 'never'
+ if param_descr:
+ adverb = param_descr + ' ' + adverb
+ tc.set_description('PSA {} {} {}-bit {} supported'
+ .format(verb, short_key_type, bits, adverb))
+ tc.set_dependencies(dependencies)
+ tc.set_function(verb + '_not_supported')
+ tc.set_arguments([key_type] + list(args))
+ return tc
+
+class NotSupported:
+ """Generate test cases for when something is not supported."""
+
+ def __init__(self, info: Information) -> None:
+ self.constructors = info.constructors
+
+ ALWAYS_SUPPORTED = frozenset([
+ 'PSA_KEY_TYPE_DERIVE',
+ 'PSA_KEY_TYPE_RAW_DATA',
+ ])
+ def test_cases_for_key_type_not_supported(
+ self,
+ kt: crypto_knowledge.KeyType,
+ param: Optional[int] = None,
+ param_descr: str = '',
+ ) -> Iterator[test_case.TestCase]:
+ """Return test cases exercising key creation when the given type is unsupported.
+
+ If param is present and not None, emit test cases conditioned on this
+ parameter not being supported. If it is absent or None, emit test cases
+ conditioned on the base type not being supported.
+ """
+ if kt.name in self.ALWAYS_SUPPORTED:
+ # Don't generate test cases for key types that are always supported.
+ # They would be skipped in all configurations, which is noise.
+ return
+ import_dependencies = [('!' if param is None else '') +
+ psa_want_symbol(kt.name)]
+ if kt.params is not None:
+ import_dependencies += [('!' if param == i else '') +
+ psa_want_symbol(sym)
+ for i, sym in enumerate(kt.params)]
+ if kt.name.endswith('_PUBLIC_KEY'):
+ generate_dependencies = []
+ else:
+ generate_dependencies = import_dependencies
+ for bits in kt.sizes_to_test():
+ yield test_case_for_key_type_not_supported(
+ 'import', kt.expression, bits,
+ finish_family_dependencies(import_dependencies, bits),
+ test_case.hex_string(kt.key_material(bits)),
+ param_descr=param_descr,
+ )
+ if not generate_dependencies and param is not None:
+ # If generation is impossible for this key type, rather than
+ # supported or not depending on implementation capabilities,
+ # only generate the test case once.
+ continue
+ yield test_case_for_key_type_not_supported(
+ 'generate', kt.expression, bits,
+ finish_family_dependencies(generate_dependencies, bits),
+ str(bits),
+ param_descr=param_descr,
+ )
+ # To be added: derive
+
+ ECC_KEY_TYPES = ('PSA_KEY_TYPE_ECC_KEY_PAIR',
+ 'PSA_KEY_TYPE_ECC_PUBLIC_KEY')
+
+ def test_cases_for_not_supported(self) -> Iterator[test_case.TestCase]:
+ """Generate test cases that exercise the creation of keys of unsupported types."""
+ for key_type in sorted(self.constructors.key_types):
+ if key_type in self.ECC_KEY_TYPES:
+ continue
+ kt = crypto_knowledge.KeyType(key_type)
+ yield from self.test_cases_for_key_type_not_supported(kt)
+ for curve_family in sorted(self.constructors.ecc_curves):
+ for constr in self.ECC_KEY_TYPES:
+ kt = crypto_knowledge.KeyType(constr, [curve_family])
+ yield from self.test_cases_for_key_type_not_supported(
+ kt, param_descr='type')
+ yield from self.test_cases_for_key_type_not_supported(
+ kt, 0, param_descr='curve')
+
+
+class StorageKey(psa_storage.Key):
+ """Representation of a key for storage format testing."""
+
+ IMPLICIT_USAGE_FLAGS = {
+ 'PSA_KEY_USAGE_SIGN_HASH': 'PSA_KEY_USAGE_SIGN_MESSAGE',
+ 'PSA_KEY_USAGE_VERIFY_HASH': 'PSA_KEY_USAGE_VERIFY_MESSAGE'
+ } #type: Dict[str, str]
+ """Mapping of usage flags to the flags that they imply."""
+
+ def __init__(
+ self,
+ usage: str,
+ without_implicit_usage: Optional[bool] = False,
+ **kwargs
+ ) -> None:
+ """Prepare to generate a key.
+
+ * `usage` : The usage flags used for the key.
+ * `without_implicit_usage`: Flag to defide to apply the usage extension
+ """
+ super().__init__(usage=usage, **kwargs)
+
+ if not without_implicit_usage:
+ for flag, implicit in self.IMPLICIT_USAGE_FLAGS.items():
+ if self.usage.value() & psa_storage.Expr(flag).value() and \
+ self.usage.value() & psa_storage.Expr(implicit).value() == 0:
+ self.usage = psa_storage.Expr(self.usage.string + ' | ' + implicit)
+
+class StorageTestData(StorageKey):
+ """Representation of test case data for storage format testing."""
+
+ def __init__(
+ self,
+ description: str,
+ expected_usage: Optional[str] = None,
+ **kwargs
+ ) -> None:
+ """Prepare to generate test data
+
+ * `description` : used for the the test case names
+ * `expected_usage`: the usage flags generated as the expected usage flags
+ in the test cases. CAn differ from the usage flags
+ stored in the keys because of the usage flags extension.
+ """
+ super().__init__(**kwargs)
+ self.description = description #type: str
+ self.expected_usage = expected_usage if expected_usage else self.usage.string #type: str
+
+class StorageFormat:
+ """Storage format stability test cases."""
+
+ def __init__(self, info: Information, version: int, forward: bool) -> None:
+ """Prepare to generate test cases for storage format stability.
+
+ * `info`: information about the API. See the `Information` class.
+ * `version`: the storage format version to generate test cases for.
+ * `forward`: if true, generate forward compatibility test cases which
+ save a key and check that its representation is as intended. Otherwise
+ generate backward compatibility test cases which inject a key
+ representation and check that it can be read and used.
+ """
+ self.constructors = info.constructors #type: macro_collector.PSAMacroEnumerator
+ self.version = version #type: int
+ self.forward = forward #type: bool
+
+ def make_test_case(self, key: StorageTestData) -> test_case.TestCase:
+ """Construct a storage format test case for the given key.
+
+ If ``forward`` is true, generate a forward compatibility test case:
+ create a key and validate that it has the expected representation.
+ Otherwise generate a backward compatibility test case: inject the
+ key representation into storage and validate that it can be read
+ correctly.
+ """
+ verb = 'save' if self.forward else 'read'
+ tc = test_case.TestCase()
+ tc.set_description('PSA storage {}: {}'.format(verb, key.description))
+ dependencies = automatic_dependencies(
+ key.lifetime.string, key.type.string,
+ key.expected_usage, key.alg.string, key.alg2.string,
+ )
+ dependencies = finish_family_dependencies(dependencies, key.bits)
+ tc.set_dependencies(dependencies)
+ tc.set_function('key_storage_' + verb)
+ if self.forward:
+ extra_arguments = []
+ else:
+ flags = []
+ # Some test keys have the RAW_DATA type and attributes that don't
+ # necessarily make sense. We do this to validate numerical
+ # encodings of the attributes.
+ # Raw data keys have no useful exercise anyway so there is no
+ # loss of test coverage.
+ if key.type.string != 'PSA_KEY_TYPE_RAW_DATA':
+ flags.append('TEST_FLAG_EXERCISE')
+ if 'READ_ONLY' in key.lifetime.string:
+ flags.append('TEST_FLAG_READ_ONLY')
+ extra_arguments = [' | '.join(flags) if flags else '0']
+ tc.set_arguments([key.lifetime.string,
+ key.type.string, str(key.bits),
+ key.expected_usage, key.alg.string, key.alg2.string,
+ '"' + key.material.hex() + '"',
+ '"' + key.hex() + '"',
+ *extra_arguments])
+ return tc
+
+ def key_for_lifetime(
+ self,
+ lifetime: str,
+ ) -> StorageTestData:
+ """Construct a test key for the given lifetime."""
+ short = lifetime
+ short = re.sub(r'PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION',
+ r'', short)
+ short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short)
+ description = 'lifetime: ' + short
+ key = StorageTestData(version=self.version,
+ id=1, lifetime=lifetime,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0,
+ material=b'L',
+ description=description)
+ return key
+
+ def all_keys_for_lifetimes(self) -> Iterator[StorageTestData]:
+ """Generate test keys covering lifetimes."""
+ lifetimes = sorted(self.constructors.lifetimes)
+ expressions = self.constructors.generate_expressions(lifetimes)
+ for lifetime in expressions:
+ # Don't attempt to create or load a volatile key in storage
+ if 'VOLATILE' in lifetime:
+ continue
+ # Don't attempt to create a read-only key in storage,
+ # but do attempt to load one.
+ if 'READ_ONLY' in lifetime and self.forward:
+ continue
+ yield self.key_for_lifetime(lifetime)
+
+ def keys_for_usage_flags(
+ self,
+ usage_flags: List[str],
+ short: Optional[str] = None,
+ test_implicit_usage: Optional[bool] = False
+ ) -> Iterator[StorageTestData]:
+ """Construct a test key for the given key usage."""
+ usage = ' | '.join(usage_flags) if usage_flags else '0'
+ if short is None:
+ short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage)
+ extra_desc = ' with implication' if test_implicit_usage else ''
+ description = 'usage' + extra_desc + ': ' + short
+ key1 = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ expected_usage=usage,
+ usage=usage, alg=0, alg2=0,
+ material=b'K',
+ description=description)
+ yield key1
+
+ if test_implicit_usage:
+ description = 'usage without implication' + ': ' + short
+ key2 = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ without_implicit_usage=True,
+ usage=usage, alg=0, alg2=0,
+ material=b'K',
+ description=description)
+ yield key2
+
+ def generate_keys_for_usage_flags(self, **kwargs) -> Iterator[StorageTestData]:
+ """Generate test keys covering usage flags."""
+ known_flags = sorted(self.constructors.key_usage_flags)
+ yield from self.keys_for_usage_flags(['0'], **kwargs)
+ for usage_flag in known_flags:
+ yield from self.keys_for_usage_flags([usage_flag], **kwargs)
+ for flag1, flag2 in zip(known_flags,
+ known_flags[1:] + [known_flags[0]]):
+ yield from self.keys_for_usage_flags([flag1, flag2], **kwargs)
+
+ def generate_key_for_all_usage_flags(self) -> Iterator[StorageTestData]:
+ known_flags = sorted(self.constructors.key_usage_flags)
+ yield from self.keys_for_usage_flags(known_flags, short='all known')
+
+ def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]:
+ yield from self.generate_keys_for_usage_flags()
+ yield from self.generate_key_for_all_usage_flags()
+
+ def keys_for_type(
+ self,
+ key_type: str,
+ params: Optional[Iterable[str]] = None
+ ) -> Iterator[StorageTestData]:
+ """Generate test keys for the given key type.
+
+ For key types that depend on a parameter (e.g. elliptic curve family),
+ `param` is the parameter to pass to the constructor. Only a single
+ parameter is supported.
+ """
+ kt = crypto_knowledge.KeyType(key_type, params)
+ for bits in kt.sizes_to_test():
+ usage_flags = 'PSA_KEY_USAGE_EXPORT'
+ alg = 0
+ alg2 = 0
+ key_material = kt.key_material(bits)
+ short_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_',
+ r'',
+ kt.expression)
+ description = 'type: {} {}-bit'.format(short_expression, bits)
+ key = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type=kt.expression, bits=bits,
+ usage=usage_flags, alg=alg, alg2=alg2,
+ material=key_material,
+ description=description)
+ yield key
+
+ def all_keys_for_types(self) -> Iterator[StorageTestData]:
+ """Generate test keys covering key types and their representations."""
+ key_types = sorted(self.constructors.key_types)
+ for key_type in self.constructors.generate_expressions(key_types):
+ yield from self.keys_for_type(key_type)
+
+ def keys_for_algorithm(self, alg: str) -> Iterator[StorageTestData]:
+ """Generate test keys for the specified algorithm."""
+ # For now, we don't have information on the compatibility of key
+ # types and algorithms. So we just test the encoding of algorithms,
+ # and not that operations can be performed with them.
+ descr = re.sub(r'PSA_ALG_', r'', alg)
+ descr = re.sub(r',', r', ', re.sub(r' +', r'', descr))
+ usage = 'PSA_KEY_USAGE_EXPORT'
+ key1 = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ usage=usage, alg=alg, alg2=0,
+ material=b'K',
+ description='alg: ' + descr)
+ yield key1
+ key2 = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ usage=usage, alg=0, alg2=alg,
+ material=b'L',
+ description='alg2: ' + descr)
+ yield key2
+
+ def all_keys_for_algorithms(self) -> Iterator[StorageTestData]:
+ """Generate test keys covering algorithm encodings."""
+ algorithms = sorted(self.constructors.algorithms)
+ for alg in self.constructors.generate_expressions(algorithms):
+ yield from self.keys_for_algorithm(alg)
+
+ def generate_all_keys(self) -> Iterator[StorageTestData]:
+ """Generate all keys for the test cases."""
+ yield from self.all_keys_for_lifetimes()
+ yield from self.all_keys_for_usage_flags()
+ yield from self.all_keys_for_types()
+ yield from self.all_keys_for_algorithms()
+
+ def all_test_cases(self) -> Iterator[test_case.TestCase]:
+ """Generate all storage format test cases."""
+ # First build a list of all keys, then construct all the corresponding
+ # test cases. This allows all required information to be obtained in
+ # one go, which is a significant performance gain as the information
+ # includes numerical values obtained by compiling a C program.
+ all_keys = list(self.generate_all_keys())
+ for key in all_keys:
+ if key.location_value() != 0:
+ # Skip keys with a non-default location, because they
+ # require a driver and we currently have no mechanism to
+ # determine whether a driver is available.
+ continue
+ yield self.make_test_case(key)
+
+class StorageFormatForward(StorageFormat):
+ """Storage format stability test cases for forward compatibility."""
+
+ def __init__(self, info: Information, version: int) -> None:
+ super().__init__(info, version, True)
+
+class StorageFormatV0(StorageFormat):
+ """Storage format stability test cases for version 0 compatibility."""
+
+ def __init__(self, info: Information) -> None:
+ super().__init__(info, 0, False)
+
+ def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]:
+ """Generate test keys covering usage flags."""
+ yield from self.generate_keys_for_usage_flags(test_implicit_usage=True)
+ yield from self.generate_key_for_all_usage_flags()
+
+ def keys_for_implicit_usage(
+ self,
+ implyer_usage: str,
+ alg: str,
+ key_type: crypto_knowledge.KeyType
+ ) -> StorageTestData:
+ # pylint: disable=too-many-locals
+ """Generate test keys for the specified implicit usage flag,
+ algorithm and key type combination.
+ """
+ bits = key_type.sizes_to_test()[0]
+ implicit_usage = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage]
+ usage_flags = 'PSA_KEY_USAGE_EXPORT'
+ material_usage_flags = usage_flags + ' | ' + implyer_usage
+ expected_usage_flags = material_usage_flags + ' | ' + implicit_usage
+ alg2 = 0
+ key_material = key_type.key_material(bits)
+ usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage)
+ alg_expression = re.sub(r'PSA_ALG_', r'', alg)
+ alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression))
+ key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_',
+ r'',
+ key_type.expression)
+ description = 'implied by {}: {} {} {}-bit'.format(
+ usage_expression, alg_expression, key_type_expression, bits)
+ key = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type=key_type.expression, bits=bits,
+ usage=material_usage_flags,
+ expected_usage=expected_usage_flags,
+ without_implicit_usage=True,
+ alg=alg, alg2=alg2,
+ material=key_material,
+ description=description)
+ return key
+
+ def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]:
+ # pylint: disable=too-many-locals
+ """Match possible key types for sign algorithms."""
+ # To create a valid combinaton both the algorithms and key types
+ # must be filtered. Pair them with keywords created from its names.
+ incompatible_alg_keyword = frozenset(['RAW', 'ANY', 'PURE'])
+ incompatible_key_type_keywords = frozenset(['MONTGOMERY'])
+ keyword_translation = {
+ 'ECDSA': 'ECC',
+ 'ED[0-9]*.*' : 'EDWARDS'
+ }
+ exclusive_keywords = {
+ 'EDWARDS': 'ECC'
+ }
+ key_types = set(self.constructors.generate_expressions(self.constructors.key_types))
+ algorithms = set(self.constructors.generate_expressions(self.constructors.sign_algorithms))
+ alg_with_keys = {} #type: Dict[str, List[str]]
+ translation_table = str.maketrans('(', '_', ')')
+ for alg in algorithms:
+ # Generate keywords from the name of the algorithm
+ alg_keywords = set(alg.partition('(')[0].split(sep='_')[2:])
+ # Translate keywords for better matching with the key types
+ for keyword in alg_keywords.copy():
+ for pattern, replace in keyword_translation.items():
+ if re.match(pattern, keyword):
+ alg_keywords.remove(keyword)
+ alg_keywords.add(replace)
+ # Filter out incompatible algortihms
+ if not alg_keywords.isdisjoint(incompatible_alg_keyword):
+ continue
+
+ for key_type in key_types:
+ # Generate keywords from the of the key type
+ key_type_keywords = set(key_type.translate(translation_table).split(sep='_')[3:])
+
+ # Remove ambigious keywords
+ for keyword1, keyword2 in exclusive_keywords.items():
+ if keyword1 in key_type_keywords:
+ key_type_keywords.remove(keyword2)
+
+ if key_type_keywords.isdisjoint(incompatible_key_type_keywords) and\
+ not key_type_keywords.isdisjoint(alg_keywords):
+ if alg in alg_with_keys:
+ alg_with_keys[alg].append(key_type)
+ else:
+ alg_with_keys[alg] = [key_type]
+ return alg_with_keys
+
+ def all_keys_for_implicit_usage(self) -> Iterator[StorageTestData]:
+ """Generate test keys for usage flag extensions."""
+ # Generate a key type and algorithm pair for each extendable usage
+ # flag to generate a valid key for exercising. The key is generated
+ # without usage extension to check the extension compatiblity.
+ alg_with_keys = self.gather_key_types_for_sign_alg()
+
+ for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str):
+ for alg in sorted(alg_with_keys):
+ for key_type in sorted(alg_with_keys[alg]):
+ # The key types must be filtered to fit the specific usage flag.
+ kt = crypto_knowledge.KeyType(key_type)
+ if kt.is_valid_for_signature(usage):
+ yield self.keys_for_implicit_usage(usage, alg, kt)
+
+ def generate_all_keys(self) -> Iterator[StorageTestData]:
+ yield from super().generate_all_keys()
+ yield from self.all_keys_for_implicit_usage()
+
+class TestGenerator:
+ """Generate test data."""
+
+ def __init__(self, options) -> None:
+ self.test_suite_directory = self.get_option(options, 'directory',
+ 'tests/suites')
+ self.info = Information()
+
+ @staticmethod
+ def get_option(options, name: str, default: T) -> T:
+ value = getattr(options, name, None)
+ return default if value is None else value
+
+ def filename_for(self, basename: str) -> str:
+ """The location of the data file with the specified base name."""
+ return os.path.join(self.test_suite_directory, basename + '.data')
+
+ def write_test_data_file(self, basename: str,
+ test_cases: Iterable[test_case.TestCase]) -> None:
+ """Write the test cases to a .data file.
+
+ The output file is ``basename + '.data'`` in the test suite directory.
+ """
+ filename = self.filename_for(basename)
+ test_case.write_data_file(filename, test_cases)
+
+ TARGETS = {
+ 'test_suite_psa_crypto_not_supported.generated':
+ lambda info: NotSupported(info).test_cases_for_not_supported(),
+ 'test_suite_psa_crypto_storage_format.current':
+ lambda info: StorageFormatForward(info, 0).all_test_cases(),
+ 'test_suite_psa_crypto_storage_format.v0':
+ lambda info: StorageFormatV0(info).all_test_cases(),
+ } #type: Dict[str, Callable[[Information], Iterable[test_case.TestCase]]]
+
+ def generate_target(self, name: str) -> None:
+ test_cases = self.TARGETS[name](self.info)
+ self.write_test_data_file(name, test_cases)
+
+def main(args):
+ """Command line entry point."""
+ parser = argparse.ArgumentParser(description=__doc__)
+ parser.add_argument('--list', action='store_true',
+ help='List available targets and exit')
+ parser.add_argument('targets', nargs='*', metavar='TARGET',
+ help='Target file to generate (default: all; "-": none)')
+ options = parser.parse_args(args)
+ generator = TestGenerator(options)
+ if options.list:
+ for name in sorted(generator.TARGETS):
+ print(generator.filename_for(name))
+ return
+ if options.targets:
+ # Allow "-" as a special case so you can run
+ # ``generate_psa_tests.py - $targets`` and it works uniformly whether
+ # ``$targets`` is empty or not.
+ options.targets = [os.path.basename(re.sub(r'\.data\Z', r'', target))
+ for target in options.targets
+ if target != '-']
+ else:
+ options.targets = sorted(generator.TARGETS)
+ for target in options.targets:
+ generator.generate_target(target)
+
+if __name__ == '__main__':
+ main(sys.argv[1:])
diff --git a/tests/scripts/list-enum-consts.pl b/tests/scripts/list-enum-consts.pl
index 3d8df10..88a062e 100755
--- a/tests/scripts/list-enum-consts.pl
+++ b/tests/scripts/list-enum-consts.pl
@@ -26,7 +26,7 @@
@ARGV = grep { ! /compat-1\.3\.h/ } <include/mbedtls/*.h>;
push @ARGV, "3rdparty/everest/include/everest/everest.h";
push @ARGV, "3rdparty/everest/include/everest/x25519.h";
-
+push @ARGV, glob("library/*.h");
my @consts;
my $state = 'out';
diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh
index a8617a0..8ed9571 100755
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@@ -22,7 +22,7 @@
exit 1
fi
-HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h tests/include/test/drivers/*.h | egrep -v 'compat-1\.3\.h' )
HEADERS="$HEADERS library/*.h"
HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"
diff --git a/tests/scripts/mbedtls_test.py b/tests/scripts/mbedtls_test.py
index a5d0940..64f12bb 100755
--- a/tests/scripts/mbedtls_test.py
+++ b/tests/scripts/mbedtls_test.py
@@ -38,7 +38,7 @@
import os
import binascii
-from mbed_host_tests import BaseHostTest, event_callback # pylint: disable=import-error
+from mbed_host_tests import BaseHostTest, event_callback # type: ignore # pylint: disable=import-error
class TestDataParserError(Exception):
diff --git a/tests/scripts/scripts_path.py b/tests/scripts/scripts_path.py
new file mode 100644
index 0000000..10bf6f8
--- /dev/null
+++ b/tests/scripts/scripts_path.py
@@ -0,0 +1,28 @@
+"""Add our Python library directory to the module search path.
+
+Usage:
+
+ import scripts_path # pylint: disable=unused-import
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import sys
+
+sys.path.append(os.path.join(os.path.dirname(__file__),
+ os.path.pardir, os.path.pardir,
+ 'scripts'))
diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py
new file mode 100755
index 0000000..61923d8
--- /dev/null
+++ b/tests/scripts/set_psa_test_dependencies.py
@@ -0,0 +1,302 @@
+#!/usr/bin/env python3
+
+"""Edit test cases to use PSA dependencies instead of classic dependencies.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import re
+import sys
+
+CLASSIC_DEPENDENCIES = frozenset([
+ # This list is manually filtered from config.h.
+
+ # Mbed TLS feature support.
+ # Only features that affect what can be done are listed here.
+ # Options that control optimizations or alternative implementations
+ # are omitted.
+ 'MBEDTLS_CIPHER_MODE_CBC',
+ 'MBEDTLS_CIPHER_MODE_CFB',
+ 'MBEDTLS_CIPHER_MODE_CTR',
+ 'MBEDTLS_CIPHER_MODE_OFB',
+ 'MBEDTLS_CIPHER_MODE_XTS',
+ 'MBEDTLS_CIPHER_NULL_CIPHER',
+ 'MBEDTLS_CIPHER_PADDING_PKCS7',
+ 'MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS',
+ 'MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN',
+ 'MBEDTLS_CIPHER_PADDING_ZEROS',
+ #curve#'MBEDTLS_ECP_DP_SECP192R1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_SECP224R1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_SECP256R1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_SECP384R1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_SECP521R1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_SECP192K1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_SECP224K1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_SECP256K1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_BP256R1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_BP384R1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_BP512R1_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_CURVE25519_ENABLED',
+ #curve#'MBEDTLS_ECP_DP_CURVE448_ENABLED',
+ 'MBEDTLS_ECDSA_DETERMINISTIC',
+ #'MBEDTLS_GENPRIME', #needed for RSA key generation
+ 'MBEDTLS_PKCS1_V15',
+ 'MBEDTLS_PKCS1_V21',
+ 'MBEDTLS_SHA512_NO_SHA384',
+
+ # Mbed TLS modules.
+ # Only modules that provide cryptographic mechanisms are listed here.
+ # Platform, data formatting, X.509 or TLS modules are omitted.
+ 'MBEDTLS_AES_C',
+ 'MBEDTLS_ARC4_C',
+ 'MBEDTLS_BIGNUM_C',
+ #cipher#'MBEDTLS_BLOWFISH_C',
+ 'MBEDTLS_CAMELLIA_C',
+ 'MBEDTLS_ARIA_C',
+ 'MBEDTLS_CCM_C',
+ 'MBEDTLS_CHACHA20_C',
+ 'MBEDTLS_CHACHAPOLY_C',
+ 'MBEDTLS_CMAC_C',
+ 'MBEDTLS_CTR_DRBG_C',
+ 'MBEDTLS_DES_C',
+ 'MBEDTLS_DHM_C',
+ 'MBEDTLS_ECDH_C',
+ 'MBEDTLS_ECDSA_C',
+ 'MBEDTLS_ECJPAKE_C',
+ 'MBEDTLS_ECP_C',
+ 'MBEDTLS_ENTROPY_C',
+ 'MBEDTLS_GCM_C',
+ 'MBEDTLS_HKDF_C',
+ 'MBEDTLS_HMAC_DRBG_C',
+ 'MBEDTLS_NIST_KW_C',
+ 'MBEDTLS_MD2_C',
+ 'MBEDTLS_MD4_C',
+ 'MBEDTLS_MD5_C',
+ 'MBEDTLS_PKCS5_C',
+ 'MBEDTLS_PKCS12_C',
+ 'MBEDTLS_POLY1305_C',
+ 'MBEDTLS_RIPEMD160_C',
+ 'MBEDTLS_RSA_C',
+ 'MBEDTLS_SHA1_C',
+ 'MBEDTLS_SHA256_C',
+ 'MBEDTLS_SHA512_C',
+ 'MBEDTLS_XTEA_C',
+])
+
+def is_classic_dependency(dep):
+ """Whether dep is a classic dependency that PSA test cases should not use."""
+ if dep.startswith('!'):
+ dep = dep[1:]
+ return dep in CLASSIC_DEPENDENCIES
+
+def is_systematic_dependency(dep):
+ """Whether dep is a PSA dependency which is determined systematically."""
+ if dep.startswith('PSA_WANT_ECC_'):
+ return False
+ return dep.startswith('PSA_WANT_')
+
+WITHOUT_SYSTEMATIC_DEPENDENCIES = frozenset([
+ 'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # only a modifier
+ 'PSA_ALG_ANY_HASH', # only meaningful in policies
+ 'PSA_ALG_KEY_AGREEMENT', # only a way to combine algorithms
+ 'PSA_ALG_TRUNCATED_MAC', # only a modifier
+ 'PSA_KEY_TYPE_NONE', # not a real key type
+ 'PSA_KEY_TYPE_DERIVE', # always supported, don't list it to reduce noise
+ 'PSA_KEY_TYPE_RAW_DATA', # always supported, don't list it to reduce noise
+ 'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', #only a modifier
+ 'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', #only a modifier
+])
+
+SPECIAL_SYSTEMATIC_DEPENDENCIES = {
+ 'PSA_ALG_ECDSA_ANY': frozenset(['PSA_WANT_ALG_ECDSA']),
+ 'PSA_ALG_RSA_PKCS1V15_SIGN_RAW': frozenset(['PSA_WANT_ALG_RSA_PKCS1V15_SIGN']),
+}
+
+def dependencies_of_symbol(symbol):
+ """Return the dependencies for a symbol that designates a cryptographic mechanism."""
+ if symbol in WITHOUT_SYSTEMATIC_DEPENDENCIES:
+ return frozenset()
+ if symbol in SPECIAL_SYSTEMATIC_DEPENDENCIES:
+ return SPECIAL_SYSTEMATIC_DEPENDENCIES[symbol]
+ if symbol.startswith('PSA_ALG_CATEGORY_') or \
+ symbol.startswith('PSA_KEY_TYPE_CATEGORY_'):
+ # Categories are used in test data when an unsupported but plausible
+ # mechanism number needed. They have no associated dependency.
+ return frozenset()
+ return {symbol.replace('_', '_WANT_', 1)}
+
+def systematic_dependencies(file_name, function_name, arguments):
+ """List the systematically determined dependency for a test case."""
+ deps = set()
+
+ # Run key policy negative tests even if the algorithm to attempt performing
+ # is not supported but in the case where the test is to check an
+ # incompatibility between a requested algorithm for a cryptographic
+ # operation and a key policy. In the latter, we want to filter out the
+ # cases # where PSA_ERROR_NOT_SUPPORTED is returned instead of
+ # PSA_ERROR_NOT_PERMITTED.
+ if function_name.endswith('_key_policy') and \
+ arguments[-1].startswith('PSA_ERROR_') and \
+ arguments[-1] != ('PSA_ERROR_NOT_PERMITTED'):
+ arguments[-2] = ''
+ if function_name == 'copy_fail' and \
+ arguments[-1].startswith('PSA_ERROR_'):
+ arguments[-2] = ''
+ arguments[-3] = ''
+
+ # Storage format tests that only look at how the file is structured and
+ # don't care about the format of the key material don't depend on any
+ # cryptographic mechanisms.
+ if os.path.basename(file_name) == 'test_suite_psa_crypto_persistent_key.data' and \
+ function_name in {'format_storage_data_check',
+ 'parse_storage_data_check'}:
+ return []
+
+ for arg in arguments:
+ for symbol in re.findall(r'PSA_(?:ALG|KEY_TYPE)_\w+', arg):
+ deps.update(dependencies_of_symbol(symbol))
+ return sorted(deps)
+
+def updated_dependencies(file_name, function_name, arguments, dependencies):
+ """Rework the list of dependencies into PSA_WANT_xxx.
+
+ Remove classic crypto dependencies such as MBEDTLS_RSA_C,
+ MBEDTLS_PKCS1_V15, etc.
+
+ Add systematic PSA_WANT_xxx dependencies based on the called function and
+ its arguments, replacing existing PSA_WANT_xxx dependencies.
+ """
+ automatic = systematic_dependencies(file_name, function_name, arguments)
+ manual = [dep for dep in dependencies
+ if not (is_systematic_dependency(dep) or
+ is_classic_dependency(dep))]
+ return automatic + manual
+
+def keep_manual_dependencies(file_name, function_name, arguments):
+ #pylint: disable=unused-argument
+ """Declare test functions with unusual dependencies here."""
+ # If there are no arguments, we can't do any useful work. Assume that if
+ # there are dependencies, they are warranted.
+ if not arguments:
+ return True
+ # When PSA_ERROR_NOT_SUPPORTED is expected, usually, at least one of the
+ # constants mentioned in the test should not be supported. It isn't
+ # possible to determine which one in a systematic way. So let the programmer
+ # decide.
+ if arguments[-1] == 'PSA_ERROR_NOT_SUPPORTED':
+ return True
+ return False
+
+def process_data_stanza(stanza, file_name, test_case_number):
+ """Update PSA crypto dependencies in one Mbed TLS test case.
+
+ stanza is the test case text (including the description, the dependencies,
+ the line with the function and arguments, and optionally comments). Return
+ a new stanza with an updated dependency line, preserving everything else
+ (description, comments, arguments, etc.).
+ """
+ if not stanza.lstrip('\n'):
+ # Just blank lines
+ return stanza
+ # Expect 2 or 3 non-comment lines: description, optional dependencies,
+ # function-and-arguments.
+ content_matches = list(re.finditer(r'^[\t ]*([^\t #].*)$', stanza, re.M))
+ if len(content_matches) < 2:
+ raise Exception('Not enough content lines in paragraph {} in {}'
+ .format(test_case_number, file_name))
+ if len(content_matches) > 3:
+ raise Exception('Too many content lines in paragraph {} in {}'
+ .format(test_case_number, file_name))
+ arguments = content_matches[-1].group(0).split(':')
+ function_name = arguments.pop(0)
+ if keep_manual_dependencies(file_name, function_name, arguments):
+ return stanza
+ if len(content_matches) == 2:
+ # Insert a line for the dependencies. If it turns out that there are
+ # no dependencies, we'll remove that empty line below.
+ dependencies_location = content_matches[-1].start()
+ text_before = stanza[:dependencies_location]
+ text_after = '\n' + stanza[dependencies_location:]
+ old_dependencies = []
+ dependencies_leader = 'depends_on:'
+ else:
+ dependencies_match = content_matches[-2]
+ text_before = stanza[:dependencies_match.start()]
+ text_after = stanza[dependencies_match.end():]
+ old_dependencies = dependencies_match.group(0).split(':')
+ dependencies_leader = old_dependencies.pop(0) + ':'
+ if dependencies_leader != 'depends_on:':
+ raise Exception('Next-to-last line does not start with "depends_on:"'
+ ' in paragraph {} in {}'
+ .format(test_case_number, file_name))
+ new_dependencies = updated_dependencies(file_name, function_name, arguments,
+ old_dependencies)
+ if new_dependencies:
+ stanza = (text_before +
+ dependencies_leader + ':'.join(new_dependencies) +
+ text_after)
+ else:
+ # The dependencies have become empty. Remove the depends_on: line.
+ assert text_after[0] == '\n'
+ stanza = text_before + text_after[1:]
+ return stanza
+
+def process_data_file(file_name, old_content):
+ """Update PSA crypto dependencies in an Mbed TLS test suite data file.
+
+ Process old_content (the old content of the file) and return the new content.
+ """
+ old_stanzas = old_content.split('\n\n')
+ new_stanzas = [process_data_stanza(stanza, file_name, n)
+ for n, stanza in enumerate(old_stanzas, start=1)]
+ return '\n\n'.join(new_stanzas)
+
+def update_file(file_name, old_content, new_content):
+ """Update the given file with the given new content.
+
+ Replace the existing file. The previous version is renamed to *.bak.
+ Don't modify the file if the content was unchanged.
+ """
+ if new_content == old_content:
+ return
+ backup = file_name + '.bak'
+ tmp = file_name + '.tmp'
+ with open(tmp, 'w', encoding='utf-8') as new_file:
+ new_file.write(new_content)
+ os.replace(file_name, backup)
+ os.replace(tmp, file_name)
+
+def process_file(file_name):
+ """Update PSA crypto dependencies in an Mbed TLS test suite data file.
+
+ Replace the existing file. The previous version is renamed to *.bak.
+ Don't modify the file if the content was unchanged.
+ """
+ old_content = open(file_name, encoding='utf-8').read()
+ if file_name.endswith('.data'):
+ new_content = process_data_file(file_name, old_content)
+ else:
+ raise Exception('File type not recognized: {}'
+ .format(file_name))
+ update_file(file_name, old_content, new_content)
+
+def main(args):
+ for file_name in args:
+ process_file(file_name)
+
+if __name__ == '__main__':
+ main(sys.argv[1:])
diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl
index cf4175a..57263a3 100755
--- a/tests/scripts/test-ref-configs.pl
+++ b/tests/scripts/test-ref-configs.pl
@@ -36,8 +36,6 @@
},
'config-no-entropy.h' => {
},
- 'config-psa-crypto.h' => {
- },
'config-suite-b.h' => {
'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS",
},
diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py
index 000c2a7..9bf66f1 100755
--- a/tests/scripts/test_generate_test_code.py
+++ b/tests/scripts/test_generate_test_code.py
@@ -20,21 +20,10 @@
Unit tests for generate_test_code.py
"""
-# pylint: disable=wrong-import-order
-try:
- # Python 2
- from StringIO import StringIO
-except ImportError:
- # Python 3
- from io import StringIO
+from io import StringIO
from unittest import TestCase, main as unittest_main
-try:
- # Python 2
- from mock import patch
-except ImportError:
- # Python 3
- from unittest.mock import patch
-# pylint: enable=wrong-import-order
+from unittest.mock import patch
+
from generate_test_code import gen_dependencies, gen_dependencies_one_line
from generate_test_code import gen_function_wrapper, gen_dispatch
from generate_test_code import parse_until_pattern, GeneratorInputError
@@ -317,25 +306,16 @@
:return: Line read from file.
"""
parent = super(StringIOWrapper, self)
- if getattr(parent, 'next', None):
- # Python 2
- line = parent.next()
- else:
- # Python 3
- line = parent.__next__()
+ line = parent.__next__()
return line
- # Python 3
- __next__ = next
-
- def readline(self, length=0):
+ def readline(self, _length=0):
"""
Wrap the base class readline.
:param length:
:return:
"""
- # pylint: disable=unused-argument
line = super(StringIOWrapper, self).readline()
if line is not None:
self.line_no += 1
@@ -549,38 +529,6 @@
Test suite for testing parse_function_code()
"""
- def assert_raises_regex(self, exp, regex, func, *args):
- """
- Python 2 & 3 portable wrapper of assertRaisesRegex(p)? function.
-
- :param exp: Exception type expected to be raised by cb.
- :param regex: Expected exception message
- :param func: callable object under test
- :param args: variable positional arguments
- """
- parent = super(ParseFunctionCode, self)
-
- # Pylint does not appreciate that the super method called
- # conditionally can be available in other Python version
- # then that of Pylint.
- # Workaround is to call the method via getattr.
- # Pylint ignores that the method got via getattr is
- # conditionally executed. Method has to be a callable.
- # Hence, using a dummy callable for getattr default.
- dummy = lambda *x: None
- # First Python 3 assertRaisesRegex is checked, since Python 2
- # assertRaisesRegexp is also available in Python 3 but is
- # marked deprecated.
- for name in ('assertRaisesRegex', 'assertRaisesRegexp'):
- method = getattr(parent, name, dummy)
- if method is not dummy:
- method(exp, regex, func, *args)
- break
- else:
- raise AttributeError(" 'ParseFunctionCode' object has no attribute"
- " 'assertRaisesRegex' or 'assertRaisesRegexp'"
- )
-
def test_no_function(self):
"""
Test no test function found.
@@ -593,8 +541,8 @@
'''
stream = StringIOWrapper('test_suite_ut.function', data)
err_msg = 'file: test_suite_ut.function - Test functions not found!'
- self.assert_raises_regex(GeneratorInputError, err_msg,
- parse_function_code, stream, [], [])
+ self.assertRaisesRegex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
def test_no_end_case_comment(self):
"""
@@ -609,8 +557,8 @@
stream = StringIOWrapper('test_suite_ut.function', data)
err_msg = r'file: test_suite_ut.function - '\
'end case pattern .*? not found!'
- self.assert_raises_regex(GeneratorInputError, err_msg,
- parse_function_code, stream, [], [])
+ self.assertRaisesRegex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
@patch("generate_test_code.parse_function_arguments")
def test_function_called(self,
@@ -727,8 +675,8 @@
data = 'int entropy_threshold( char * a, data_t * h, int result )'
err_msg = 'file: test_suite_ut.function - Test functions not found!'
stream = StringIOWrapper('test_suite_ut.function', data)
- self.assert_raises_regex(GeneratorInputError, err_msg,
- parse_function_code, stream, [], [])
+ self.assertRaisesRegex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
@patch("generate_test_code.gen_dispatch")
@patch("generate_test_code.gen_dependencies")
diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py
index 4a394a8..07c8ab2 100755
--- a/tests/scripts/test_psa_constant_names.py
+++ b/tests/scripts/test_psa_constant_names.py
@@ -24,353 +24,63 @@
import argparse
from collections import namedtuple
-import itertools
import os
-import platform
import re
import subprocess
import sys
-import tempfile
+from typing import Iterable, List, Optional, Tuple
-class ReadFileLineException(Exception):
- def __init__(self, filename, line_number):
- message = 'in {} at {}'.format(filename, line_number)
- super(ReadFileLineException, self).__init__(message)
- self.filename = filename
- self.line_number = line_number
+import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import c_build_helper
+from mbedtls_dev.macro_collector import InputsForTest, PSAMacroEnumerator
+from mbedtls_dev import typing_util
-class read_file_lines:
- # Dear Pylint, conventionally, a context manager class name is lowercase.
- # pylint: disable=invalid-name,too-few-public-methods
- """Context manager to read a text file line by line.
-
- ```
- with read_file_lines(filename) as lines:
- for line in lines:
- process(line)
- ```
- is equivalent to
- ```
- with open(filename, 'r') as input_file:
- for line in input_file:
- process(line)
- ```
- except that if process(line) raises an exception, then the read_file_lines
- snippet annotates the exception with the file name and line number.
- """
- def __init__(self, filename, binary=False):
- self.filename = filename
- self.line_number = 'entry'
- self.generator = None
- self.binary = binary
- def __enter__(self):
- self.generator = enumerate(open(self.filename,
- 'rb' if self.binary else 'r'))
- return self
- def __iter__(self):
- for line_number, content in self.generator:
- self.line_number = line_number
- yield content
- self.line_number = 'exit'
- def __exit__(self, exc_type, exc_value, exc_traceback):
- if exc_type is not None:
- raise ReadFileLineException(self.filename, self.line_number) \
- from exc_value
-
-class Inputs:
- # pylint: disable=too-many-instance-attributes
- """Accumulate information about macros to test.
-
- This includes macro names as well as information about their arguments
- when applicable.
- """
-
- def __init__(self):
- self.all_declared = set()
- # Sets of names per type
- self.statuses = set(['PSA_SUCCESS'])
- self.algorithms = set(['0xffffffff'])
- self.ecc_curves = set(['0xff'])
- self.dh_groups = set(['0xff'])
- self.key_types = set(['0xffff'])
- self.key_usage_flags = set(['0x80000000'])
- # Hard-coded value for unknown algorithms
- self.hash_algorithms = set(['0x010000fe'])
- self.mac_algorithms = set(['0x02ff00ff'])
- self.ka_algorithms = set(['0x30fc0000'])
- self.kdf_algorithms = set(['0x200000ff'])
- # For AEAD algorithms, the only variability is over the tag length,
- # and this only applies to known algorithms, so don't test an
- # unknown algorithm.
- self.aead_algorithms = set()
- # Identifier prefixes
- self.table_by_prefix = {
- 'ERROR': self.statuses,
- 'ALG': self.algorithms,
- 'ECC_CURVE': self.ecc_curves,
- 'DH_GROUP': self.dh_groups,
- 'KEY_TYPE': self.key_types,
- 'KEY_USAGE': self.key_usage_flags,
- }
- # Test functions
- self.table_by_test_function = {
- # Any function ending in _algorithm also gets added to
- # self.algorithms.
- 'key_type': [self.key_types],
- 'block_cipher_key_type': [self.key_types],
- 'stream_cipher_key_type': [self.key_types],
- 'ecc_key_family': [self.ecc_curves],
- 'ecc_key_types': [self.ecc_curves],
- 'dh_key_family': [self.dh_groups],
- 'dh_key_types': [self.dh_groups],
- 'hash_algorithm': [self.hash_algorithms],
- 'mac_algorithm': [self.mac_algorithms],
- 'cipher_algorithm': [],
- 'hmac_algorithm': [self.mac_algorithms],
- 'aead_algorithm': [self.aead_algorithms],
- 'key_derivation_algorithm': [self.kdf_algorithms],
- 'key_agreement_algorithm': [self.ka_algorithms],
- 'asymmetric_signature_algorithm': [],
- 'asymmetric_signature_wildcard': [self.algorithms],
- 'asymmetric_encryption_algorithm': [],
- 'other_algorithm': [],
- }
- # macro name -> list of argument names
- self.argspecs = {}
- # argument name -> list of values
- self.arguments_for = {
- 'mac_length': ['1', '63'],
- 'tag_length': ['1', '63'],
- }
-
- def get_names(self, type_word):
- """Return the set of known names of values of the given type."""
- return {
- 'status': self.statuses,
- 'algorithm': self.algorithms,
- 'ecc_curve': self.ecc_curves,
- 'dh_group': self.dh_groups,
- 'key_type': self.key_types,
- 'key_usage': self.key_usage_flags,
- }[type_word]
-
- def gather_arguments(self):
- """Populate the list of values for macro arguments.
-
- Call this after parsing all the inputs.
- """
- self.arguments_for['hash_alg'] = sorted(self.hash_algorithms)
- self.arguments_for['mac_alg'] = sorted(self.mac_algorithms)
- self.arguments_for['ka_alg'] = sorted(self.ka_algorithms)
- self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms)
- self.arguments_for['aead_alg'] = sorted(self.aead_algorithms)
- self.arguments_for['curve'] = sorted(self.ecc_curves)
- self.arguments_for['group'] = sorted(self.dh_groups)
-
- @staticmethod
- def _format_arguments(name, arguments):
- """Format a macro call with arguments.."""
- return name + '(' + ', '.join(arguments) + ')'
-
- def distribute_arguments(self, name):
- """Generate macro calls with each tested argument set.
-
- If name is a macro without arguments, just yield "name".
- If name is a macro with arguments, yield a series of
- "name(arg1,...,argN)" where each argument takes each possible
- value at least once.
- """
- try:
- if name not in self.argspecs:
- yield name
- return
- argspec = self.argspecs[name]
- if argspec == []:
- yield name + '()'
- return
- argument_lists = [self.arguments_for[arg] for arg in argspec]
- arguments = [values[0] for values in argument_lists]
- yield self._format_arguments(name, arguments)
- # Dear Pylint, enumerate won't work here since we're modifying
- # the array.
- # pylint: disable=consider-using-enumerate
- for i in range(len(arguments)):
- for value in argument_lists[i][1:]:
- arguments[i] = value
- yield self._format_arguments(name, arguments)
- arguments[i] = argument_lists[0][0]
- except BaseException as e:
- raise Exception('distribute_arguments({})'.format(name)) from e
-
- def generate_expressions(self, names):
- return itertools.chain(*map(self.distribute_arguments, names))
-
- _argument_split_re = re.compile(r' *, *')
- @classmethod
- def _argument_split(cls, arguments):
- return re.split(cls._argument_split_re, arguments)
-
- # Regex for interesting header lines.
- # Groups: 1=macro name, 2=type, 3=argument list (optional).
- _header_line_re = \
- re.compile(r'#define +' +
- r'(PSA_((?:(?:DH|ECC|KEY)_)?[A-Z]+)_\w+)' +
- r'(?:\(([^\n()]*)\))?')
- # Regex of macro names to exclude.
- _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z')
- # Additional excluded macros.
- _excluded_names = set([
- # Macros that provide an alternative way to build the same
- # algorithm as another macro.
- 'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH',
- 'PSA_ALG_FULL_LENGTH_MAC',
- # Auxiliary macro whose name doesn't fit the usual patterns for
- # auxiliary macros.
- 'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE',
- ])
- def parse_header_line(self, line):
- """Parse a C header line, looking for "#define PSA_xxx"."""
- m = re.match(self._header_line_re, line)
- if not m:
- return
- name = m.group(1)
- self.all_declared.add(name)
- if re.search(self._excluded_name_re, name) or \
- name in self._excluded_names:
- return
- dest = self.table_by_prefix.get(m.group(2))
- if dest is None:
- return
- dest.add(name)
- if m.group(3):
- self.argspecs[name] = self._argument_split(m.group(3))
-
- _nonascii_re = re.compile(rb'[^\x00-\x7f]+')
- def parse_header(self, filename):
- """Parse a C header file, looking for "#define PSA_xxx"."""
- with read_file_lines(filename, binary=True) as lines:
- for line in lines:
- line = re.sub(self._nonascii_re, rb'', line).decode('ascii')
- self.parse_header_line(line)
-
- _macro_identifier_re = re.compile(r'[A-Z]\w+')
- def generate_undeclared_names(self, expr):
- for name in re.findall(self._macro_identifier_re, expr):
- if name not in self.all_declared:
- yield name
-
- def accept_test_case_line(self, function, argument):
- #pylint: disable=unused-argument
- undeclared = list(self.generate_undeclared_names(argument))
- if undeclared:
- raise Exception('Undeclared names in test case', undeclared)
- return True
-
- def add_test_case_line(self, function, argument):
- """Parse a test case data line, looking for algorithm metadata tests."""
- sets = []
- if function.endswith('_algorithm'):
- sets.append(self.algorithms)
- if function == 'key_agreement_algorithm' and \
- argument.startswith('PSA_ALG_KEY_AGREEMENT('):
- # We only want *raw* key agreement algorithms as such, so
- # exclude ones that are already chained with a KDF.
- # Keep the expression as one to test as an algorithm.
- function = 'other_algorithm'
- sets += self.table_by_test_function[function]
- if self.accept_test_case_line(function, argument):
- for s in sets:
- s.add(argument)
-
- # Regex matching a *.data line containing a test function call and
- # its arguments. The actual definition is partly positional, but this
- # regex is good enough in practice.
- _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)')
- def parse_test_cases(self, filename):
- """Parse a test case file (*.data), looking for algorithm metadata tests."""
- with read_file_lines(filename) as lines:
- for line in lines:
- m = re.match(self._test_case_line_re, line)
- if m:
- self.add_test_case_line(m.group(1), m.group(2))
-
-def gather_inputs(headers, test_suites, inputs_class=Inputs):
+def gather_inputs(headers: Iterable[str],
+ test_suites: Iterable[str],
+ inputs_class=InputsForTest) -> PSAMacroEnumerator:
"""Read the list of inputs to test psa_constant_names with."""
inputs = inputs_class()
for header in headers:
inputs.parse_header(header)
for test_cases in test_suites:
inputs.parse_test_cases(test_cases)
+ inputs.add_numerical_values()
inputs.gather_arguments()
return inputs
-def remove_file_if_exists(filename):
- """Remove the specified file, ignoring errors."""
- if not filename:
- return
- try:
- os.remove(filename)
- except OSError:
- pass
-
-def run_c(type_word, expressions, include_path=None, keep_c=False):
- """Generate and run a program to print out numerical values for expressions."""
- if include_path is None:
- include_path = []
+def run_c(type_word: str,
+ expressions: Iterable[str],
+ include_path: Optional[str] = None,
+ keep_c: bool = False) -> List[str]:
+ """Generate and run a program to print out numerical values of C expressions."""
if type_word == 'status':
cast_to = 'long'
printf_format = '%ld'
else:
cast_to = 'unsigned long'
printf_format = '0x%08lx'
- c_name = None
- exe_name = None
- try:
- c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(type_word),
- suffix='.c',
- dir='programs/psa')
- exe_suffix = '.exe' if platform.system() == 'Windows' else ''
- exe_name = c_name[:-2] + exe_suffix
- remove_file_if_exists(exe_name)
- c_file = os.fdopen(c_fd, 'w', encoding='ascii')
- c_file.write('/* Generated by test_psa_constant_names.py for {} values */'
- .format(type_word))
- c_file.write('''
-#include <stdio.h>
-#include <psa/crypto.h>
-int main(void)
-{
-''')
- for expr in expressions:
- c_file.write(' printf("{}\\n", ({}) {});\n'
- .format(printf_format, cast_to, expr))
- c_file.write(''' return 0;
-}
-''')
- c_file.close()
- cc = os.getenv('CC', 'cc')
- subprocess.check_call([cc] +
- ['-I' + dir for dir in include_path] +
- ['-o', exe_name, c_name])
- if keep_c:
- sys.stderr.write('List of {} tests kept at {}\n'
- .format(type_word, c_name))
- else:
- os.remove(c_name)
- output = subprocess.check_output([exe_name])
- return output.decode('ascii').strip().split('\n')
- finally:
- remove_file_if_exists(exe_name)
+ return c_build_helper.get_c_expression_values(
+ cast_to, printf_format,
+ expressions,
+ caller='test_psa_constant_names.py for {} values'.format(type_word),
+ file_label=type_word,
+ header='#include <psa/crypto.h>',
+ include_path=include_path,
+ keep_c=keep_c
+ )
NORMALIZE_STRIP_RE = re.compile(r'\s+')
-def normalize(expr):
+def normalize(expr: str) -> str:
"""Normalize the C expression so as not to care about trivial differences.
Currently "trivial differences" means whitespace.
"""
return re.sub(NORMALIZE_STRIP_RE, '', expr)
-def collect_values(inputs, type_word, include_path=None, keep_c=False):
+def collect_values(inputs: InputsForTest,
+ type_word: str,
+ include_path: Optional[str] = None,
+ keep_c: bool = False) -> Tuple[List[str], List[str]]:
"""Generate expressions using known macro names and calculate their values.
Return a list of pairs of (expr, value) where expr is an expression and
@@ -388,12 +98,12 @@
Error = namedtuple('Error',
['type', 'expression', 'value', 'output'])
- def __init__(self, options):
+ def __init__(self, options) -> None:
self.options = options
self.count = 0
- self.errors = []
+ self.errors = [] #type: List[Tests.Error]
- def run_one(self, inputs, type_word):
+ def run_one(self, inputs: InputsForTest, type_word: str) -> None:
"""Test psa_constant_names for the specified type.
Run the program on the names for this type.
@@ -403,9 +113,10 @@
expressions, values = collect_values(inputs, type_word,
include_path=self.options.include,
keep_c=self.options.keep_c)
- output = subprocess.check_output([self.options.program, type_word] +
- values)
- outputs = output.decode('ascii').strip().split('\n')
+ output_bytes = subprocess.check_output([self.options.program,
+ type_word] + values)
+ output = output_bytes.decode('ascii')
+ outputs = output.strip().split('\n')
self.count += len(expressions)
for expr, value, output in zip(expressions, values, outputs):
if self.options.show:
@@ -416,13 +127,13 @@
value=value,
output=output))
- def run_all(self, inputs):
+ def run_all(self, inputs: InputsForTest) -> None:
"""Run psa_constant_names on all the gathered inputs."""
for type_word in ['status', 'algorithm', 'ecc_curve', 'dh_group',
'key_type', 'key_usage']:
self.run_one(inputs, type_word)
- def report(self, out):
+ def report(self, out: typing_util.Writable) -> None:
"""Describe each case where the output is not as expected.
Write the errors to ``out``.
@@ -457,7 +168,7 @@
help='Program to test')
parser.add_argument('--show',
action='store_true',
- help='Keep the intermediate C file')
+ help='Show tested values on stdout')
parser.add_argument('--no-show',
action='store_false', dest='show',
help='Don\'t show tested values (default)')
diff --git a/tests/src/asn1_helpers.c b/tests/src/asn1_helpers.c
new file mode 100644
index 0000000..79aa166
--- /dev/null
+++ b/tests/src/asn1_helpers.c
@@ -0,0 +1,74 @@
+/** \file asn1_helpers.c
+ *
+ * \brief Helper functions for tests that manipulate ASN.1 data.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+
+#include <mbedtls/asn1.h>
+
+int mbedtls_test_asn1_skip_integer( unsigned char **p, const unsigned char *end,
+ size_t min_bits, size_t max_bits,
+ int must_be_odd )
+{
+ size_t len;
+ size_t actual_bits;
+ unsigned char msb;
+ TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len,
+ MBEDTLS_ASN1_INTEGER ),
+ 0 );
+
+ /* Check if the retrieved length doesn't extend the actual buffer's size.
+ * It is assumed here, that end >= p, which validates casting to size_t. */
+ TEST_ASSERT( len <= (size_t)( end - *p) );
+
+ /* Tolerate a slight departure from DER encoding:
+ * - 0 may be represented by an empty string or a 1-byte string.
+ * - The sign bit may be used as a value bit. */
+ if( ( len == 1 && ( *p )[0] == 0 ) ||
+ ( len > 1 && ( *p )[0] == 0 && ( ( *p )[1] & 0x80 ) != 0 ) )
+ {
+ ++( *p );
+ --len;
+ }
+ if( min_bits == 0 && len == 0 )
+ return( 1 );
+ msb = ( *p )[0];
+ TEST_ASSERT( msb != 0 );
+ actual_bits = 8 * ( len - 1 );
+ while( msb != 0 )
+ {
+ msb >>= 1;
+ ++actual_bits;
+ }
+ TEST_ASSERT( actual_bits >= min_bits );
+ TEST_ASSERT( actual_bits <= max_bits );
+ if( must_be_odd )
+ TEST_ASSERT( ( ( *p )[len-1] & 1 ) != 0 );
+ *p += len;
+ return( 1 );
+exit:
+ return( 0 );
+}
+
+#endif /* MBEDTLS_ASN1_PARSE_C */
diff --git a/tests/src/drivers/cipher.c b/tests/src/drivers/cipher.c
deleted file mode 100644
index fa7c6a9..0000000
--- a/tests/src/drivers/cipher.c
+++ /dev/null
@@ -1,611 +0,0 @@
-/*
- * Test driver for cipher functions.
- * Currently only supports multi-part operations using AES-CTR.
- */
-/* Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-#include "psa/crypto.h"
-#include "psa_crypto_core.h"
-#include "mbedtls/cipher.h"
-
-#include "test/drivers/cipher.h"
-
-#include "test/random.h"
-
-#include <string.h>
-
-/* Test driver implements AES-CTR only. Its default behaviour (when its return
- * status is not overridden through the hooks) is to take care of all AES-CTR
- * operations, and return PSA_ERROR_NOT_SUPPORTED for all others.
- * Set test_driver_cipher_hooks.forced_status to PSA_ERROR_NOT_SUPPORTED to use
- * fallback even for AES-CTR. */
-test_driver_cipher_hooks_t test_driver_cipher_hooks = TEST_DRIVER_CIPHER_INIT;
-
-static psa_status_t test_transparent_cipher_oneshot(
- mbedtls_operation_t direction,
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length)
-{
- test_driver_cipher_hooks.hits++;
-
- /* Test driver supports AES-CTR only, to verify operation calls. */
- if( alg != PSA_ALG_CTR ||
- psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- /* If test driver response code is not SUCCESS, we can return early */
- if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_cipher_hooks.forced_status );
-
- /* If test driver output is overridden, we don't need to do actual crypto */
- if( test_driver_cipher_hooks.forced_output != NULL )
- {
- if( output_size < test_driver_cipher_hooks.forced_output_length )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
-
- memcpy( output,
- test_driver_cipher_hooks.forced_output,
- test_driver_cipher_hooks.forced_output_length );
- *output_length = test_driver_cipher_hooks.forced_output_length;
-
- return( test_driver_cipher_hooks.forced_status );
- }
-
- /* Run AES-CTR using the cipher module */
- {
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
- const mbedtls_cipher_info_t *cipher_info =
- mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES,
- key_length * 8,
- MBEDTLS_MODE_CTR );
- mbedtls_cipher_context_t cipher;
- int ret = 0;
- uint8_t temp_output_buffer[16] = {0};
- size_t temp_output_length = 0;
-
- if( direction == MBEDTLS_ENCRYPT )
- {
- /* Oneshot encrypt needs to prepend the IV to the output */
- if( output_size < ( input_length + 16 ) )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- }
- else
- {
- /* Oneshot decrypt has the IV prepended to the input */
- if( output_size < ( input_length - 16 ) )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- }
-
- if( cipher_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- mbedtls_cipher_init( &cipher );
- ret = mbedtls_cipher_setup( &cipher, cipher_info );
- if( ret != 0 )
- goto exit;
-
- ret = mbedtls_cipher_setkey( &cipher,
- key,
- key_length * 8, direction );
- if( ret != 0 )
- goto exit;
-
- if( direction == MBEDTLS_ENCRYPT )
- {
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
- ret = mbedtls_test_rnd_pseudo_rand( &rnd_info,
- temp_output_buffer,
- 16 );
- if( ret != 0 )
- goto exit;
-
- ret = mbedtls_cipher_set_iv( &cipher, temp_output_buffer, 16 );
- }
- else
- ret = mbedtls_cipher_set_iv( &cipher, input, 16 );
-
- if( ret != 0 )
- goto exit;
-
- if( direction == MBEDTLS_ENCRYPT )
- {
- ret = mbedtls_cipher_update( &cipher,
- input, input_length,
- &output[16], output_length );
- if( ret == 0 )
- {
- memcpy( output, temp_output_buffer, 16 );
- *output_length += 16;
- }
- }
- else
- ret = mbedtls_cipher_update( &cipher,
- &input[16], input_length - 16,
- output, output_length );
-
- if( ret != 0 )
- goto exit;
-
- ret = mbedtls_cipher_finish( &cipher,
- temp_output_buffer,
- &temp_output_length );
-
-exit:
- if( ret != 0 )
- {
- *output_length = 0;
- memset(output, 0, output_size);
- }
-
- mbedtls_cipher_free( &cipher );
- return( mbedtls_to_psa_error( ret ) );
- }
-}
-
-psa_status_t test_transparent_cipher_encrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length)
-{
- return (
- test_transparent_cipher_oneshot(
- MBEDTLS_ENCRYPT,
- attributes,
- key, key_length,
- alg,
- input, input_length,
- output, output_size, output_length) );
-}
-
-psa_status_t test_transparent_cipher_decrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length)
-{
- return (
- test_transparent_cipher_oneshot(
- MBEDTLS_DECRYPT,
- attributes,
- key, key_length,
- alg,
- input, input_length,
- output, output_size, output_length) );
-}
-
-static psa_status_t test_transparent_cipher_setup(
- mbedtls_operation_t direction,
- test_transparent_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg)
-{
- const mbedtls_cipher_info_t *cipher_info = NULL;
- int ret = 0;
-
- test_driver_cipher_hooks.hits++;
-
- if( operation->alg != 0 )
- return( PSA_ERROR_BAD_STATE );
-
- /* Wiping the entire struct here, instead of member-by-member. This is useful
- * for the test suite, since it gives a chance of catching memory corruption
- * errors should the core not have allocated (enough) memory for our context
- * struct. */
- memset( operation, 0, sizeof( *operation ) );
-
- /* Allow overriding return value for testing purposes */
- if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_cipher_hooks.forced_status );
-
- /* Test driver supports AES-CTR only, to verify operation calls. */
- if( alg != PSA_ALG_CTR ||
- psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- operation->alg = alg;
- operation->iv_size = 16;
-
- cipher_info = mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES,
- key_length * 8,
- MBEDTLS_MODE_CTR );
- if( cipher_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- mbedtls_cipher_init( &operation->cipher );
- ret = mbedtls_cipher_setup( &operation->cipher, cipher_info );
- if( ret != 0 ) {
- mbedtls_cipher_free( &operation->cipher );
- return( mbedtls_to_psa_error( ret ) );
- }
-
- ret = mbedtls_cipher_setkey( &operation->cipher,
- key,
- key_length * 8, direction );
- if( ret != 0 ) {
- mbedtls_cipher_free( &operation->cipher );
- return( mbedtls_to_psa_error( ret ) );
- }
-
- operation->iv_set = 0;
- operation->iv_required = 1;
- operation->key_set = 1;
-
- return( test_driver_cipher_hooks.forced_status );
-}
-
-psa_status_t test_transparent_cipher_encrypt_setup(
- test_transparent_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg)
-{
- return ( test_transparent_cipher_setup( MBEDTLS_ENCRYPT,
- operation,
- attributes,
- key,
- key_length,
- alg ) );
-}
-
-psa_status_t test_transparent_cipher_decrypt_setup(
- test_transparent_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg)
-{
- return ( test_transparent_cipher_setup( MBEDTLS_DECRYPT,
- operation,
- attributes,
- key,
- key_length,
- alg ) );
-}
-
-psa_status_t test_transparent_cipher_abort(
- test_transparent_cipher_operation_t *operation)
-{
- test_driver_cipher_hooks.hits++;
-
- if( operation->alg == 0 )
- return( PSA_SUCCESS );
- if( operation->alg != PSA_ALG_CTR )
- return( PSA_ERROR_BAD_STATE );
-
- mbedtls_cipher_free( &operation->cipher );
-
- /* Wiping the entire struct here, instead of member-by-member. This is useful
- * for the test suite, since it gives a chance of catching memory corruption
- * errors should the core not have allocated (enough) memory for our context
- * struct. */
- memset( operation, 0, sizeof( *operation ) );
-
- return( PSA_SUCCESS );
-}
-
-psa_status_t test_transparent_cipher_generate_iv(
- test_transparent_cipher_operation_t *operation,
- uint8_t *iv,
- size_t iv_size,
- size_t *iv_length)
-{
- psa_status_t status;
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
- test_driver_cipher_hooks.hits++;
-
- if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_cipher_hooks.forced_status );
-
- if( operation->alg != PSA_ALG_CTR )
- return( PSA_ERROR_BAD_STATE );
-
- if( operation->iv_set || ! operation->iv_required )
- return( PSA_ERROR_BAD_STATE );
-
- if( iv_size < operation->iv_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
-
- status = mbedtls_to_psa_error(
- mbedtls_test_rnd_pseudo_rand( &rnd_info,
- iv,
- operation->iv_size ) );
- if( status != PSA_SUCCESS )
- return( status );
-
- *iv_length = operation->iv_size;
- status = test_transparent_cipher_set_iv( operation, iv, *iv_length );
-
- return( status );
-}
-
-psa_status_t test_transparent_cipher_set_iv(
- test_transparent_cipher_operation_t *operation,
- const uint8_t *iv,
- size_t iv_length)
-{
- psa_status_t status;
-
- test_driver_cipher_hooks.hits++;
-
- if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_cipher_hooks.forced_status );
-
- if( operation->alg != PSA_ALG_CTR )
- return( PSA_ERROR_BAD_STATE );
-
- if( operation->iv_set || ! operation->iv_required )
- return( PSA_ERROR_BAD_STATE );
-
- if( iv_length != operation->iv_size )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
- status = mbedtls_to_psa_error(
- mbedtls_cipher_set_iv( &operation->cipher, iv, iv_length ) );
-
- if( status == PSA_SUCCESS )
- operation->iv_set = 1;
-
- return( status );
-}
-
-psa_status_t test_transparent_cipher_update(
- test_transparent_cipher_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
- psa_status_t status;
-
- test_driver_cipher_hooks.hits++;
-
- if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_cipher_hooks.forced_status );
-
- if( operation->alg != PSA_ALG_CTR )
- return( PSA_ERROR_BAD_STATE );
-
- /* CTR is a stream cipher, so data in and out are always the same size */
- if( output_size < input_length )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
-
- status = mbedtls_to_psa_error(
- mbedtls_cipher_update( &operation->cipher, input,
- input_length, output, output_length ) );
-
- if( status != PSA_SUCCESS )
- return status;
-
- if( test_driver_cipher_hooks.forced_output != NULL )
- {
- if( output_size < test_driver_cipher_hooks.forced_output_length )
- return PSA_ERROR_BUFFER_TOO_SMALL;
-
- memcpy( output,
- test_driver_cipher_hooks.forced_output,
- test_driver_cipher_hooks.forced_output_length );
- *output_length = test_driver_cipher_hooks.forced_output_length;
- }
-
- return( test_driver_cipher_hooks.forced_status );
-}
-
-psa_status_t test_transparent_cipher_finish(
- test_transparent_cipher_operation_t *operation,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
- psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
-
- test_driver_cipher_hooks.hits++;
-
- if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_cipher_hooks.forced_status );
-
- if( operation->alg != PSA_ALG_CTR )
- return( PSA_ERROR_BAD_STATE );
-
- if( ! operation->key_set )
- return( PSA_ERROR_BAD_STATE );
-
- if( operation->iv_required && ! operation->iv_set )
- return( PSA_ERROR_BAD_STATE );
-
- status = mbedtls_to_psa_error(
- mbedtls_cipher_finish( &operation->cipher,
- temp_output_buffer,
- output_length ) );
-
- mbedtls_cipher_free( &operation->cipher );
-
- if( status != PSA_SUCCESS )
- return( status );
-
- if( *output_length == 0 )
- ; /* Nothing to copy. Note that output may be NULL in this case. */
- else if( output_size >= *output_length )
- memcpy( output, temp_output_buffer, *output_length );
- else
- return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-
- if( test_driver_cipher_hooks.forced_output != NULL )
- {
- if( output_size < test_driver_cipher_hooks.forced_output_length )
- return PSA_ERROR_BUFFER_TOO_SMALL;
-
- memcpy( output,
- test_driver_cipher_hooks.forced_output,
- test_driver_cipher_hooks.forced_output_length );
- *output_length = test_driver_cipher_hooks.forced_output_length;
- }
-
- return( test_driver_cipher_hooks.forced_status );
-}
-
-/*
- * opaque versions, to do
- */
-psa_status_t test_opaque_cipher_encrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length)
-{
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) output;
- (void) output_size;
- (void) output_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_decrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length)
-{
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) output;
- (void) output_size;
- (void) output_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_encrypt_setup(
- test_opaque_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg)
-{
- (void) operation;
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) alg;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_decrypt_setup(
- test_opaque_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg)
-{
- (void) operation;
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) alg;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_abort(
- test_opaque_cipher_operation_t *operation)
-{
- (void) operation;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_generate_iv(
- test_opaque_cipher_operation_t *operation,
- uint8_t *iv,
- size_t iv_size,
- size_t *iv_length)
-{
- (void) operation;
- (void) iv;
- (void) iv_size;
- (void) iv_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_set_iv(
- test_opaque_cipher_operation_t *operation,
- const uint8_t *iv,
- size_t iv_length)
-{
- (void) operation;
- (void) iv;
- (void) iv_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_update(
- test_opaque_cipher_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
- (void) operation;
- (void) input;
- (void) input_length;
- (void) output;
- (void) output_size;
- (void) output_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_finish(
- test_opaque_cipher_operation_t *operation,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
- (void) operation;
- (void) output;
- (void) output_size;
- (void) output_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c
new file mode 100644
index 0000000..f95aa6b
--- /dev/null
+++ b/tests/src/drivers/hash.c
@@ -0,0 +1,161 @@
+/*
+ * Test driver for hash entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_hash.h"
+
+#include "test/drivers/hash.h"
+
+mbedtls_test_driver_hash_hooks_t
+ mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT;
+
+psa_status_t mbedtls_test_transparent_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *hash, size_t hash_size, size_t *hash_length )
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_transparent_test_driver_hash_compute(
+ alg, input, input_length,
+ hash, hash_size, hash_length );
+ }
+
+ return( mbedtls_test_driver_hash_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_hash_setup(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_transparent_test_driver_hash_setup( operation, alg );
+ }
+
+ return( mbedtls_test_driver_hash_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_hash_clone(
+ const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
+ mbedtls_transparent_test_driver_hash_operation_t *target_operation )
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_transparent_test_driver_hash_clone( source_operation,
+ target_operation );
+ }
+
+ return( mbedtls_test_driver_hash_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_hash_update(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_transparent_test_driver_hash_update(
+ operation, input, input_length );
+ }
+
+ return( mbedtls_test_driver_hash_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_hash_finish(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length )
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_transparent_test_driver_hash_finish(
+ operation, hash, hash_size, hash_length );
+ }
+
+ return( mbedtls_test_driver_hash_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_hash_abort(
+ mbedtls_transparent_test_driver_hash_operation_t *operation )
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_transparent_test_driver_hash_abort( operation );
+ }
+
+ return( mbedtls_test_driver_hash_hooks.driver_status );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c
deleted file mode 100644
index 00d2b45..0000000
--- a/tests/src/drivers/key_management.c
+++ /dev/null
@@ -1,355 +0,0 @@
-/*
- * Test driver for generating and verifying keys.
- * Currently only supports generating and verifying ECC keys.
- */
-/* Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-#include "psa/crypto.h"
-#include "psa_crypto_core.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/error.h"
-
-#include "test/drivers/key_management.h"
-
-#include "test/random.h"
-
-#include <string.h>
-
-test_driver_key_management_hooks_t test_driver_key_management_hooks =
- TEST_DRIVER_KEY_MANAGEMENT_INIT;
-
-psa_status_t test_transparent_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key, size_t key_size, size_t *key_length )
-{
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \
- !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
- (void)attributes;
-#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR &&
- * !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
- ++test_driver_key_management_hooks.hits;
-
- if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_key_management_hooks.forced_status );
-
- if( test_driver_key_management_hooks.forced_output != NULL )
- {
- if( test_driver_key_management_hooks.forced_output_length > key_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- memcpy( key, test_driver_key_management_hooks.forced_output,
- test_driver_key_management_hooks.forced_output_length );
- *key_length = test_driver_key_management_hooks.forced_output_length;
- return( PSA_SUCCESS );
- }
-
- /* Copied from psa_crypto.c */
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
- if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
- && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
- {
- psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
- psa_get_key_type( attributes ) );
- mbedtls_ecp_group_id grp_id =
- mbedtls_ecc_group_of_psa(
- curve,
- PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id( grp_id );
- mbedtls_ecp_keypair ecp;
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( attributes->domain_parameters_size != 0 )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( curve_info->bit_size != psa_get_key_bits( attributes ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
- mbedtls_ecp_keypair_init( &ecp );
- ret = mbedtls_ecp_gen_key( grp_id, &ecp,
- &mbedtls_test_rnd_pseudo_rand,
- &rnd_info );
- if( ret != 0 )
- {
- mbedtls_ecp_keypair_free( &ecp );
- return( mbedtls_to_psa_error( ret ) );
- }
-
- /* Make sure to use export representation */
- size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) );
- if( key_size < bytes )
- {
- mbedtls_ecp_keypair_free( &ecp );
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- }
- psa_status_t status = mbedtls_to_psa_error(
- mbedtls_mpi_write_binary( &ecp.d, key, bytes ) );
-
- if( status == PSA_SUCCESS )
- {
- *key_length = bytes;
- }
- else
- {
- memset( key, 0, bytes );
- }
-
- mbedtls_ecp_keypair_free( &ecp );
- return( status );
- }
- else
-#endif /* MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR ||
- * MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key, size_t key_size, size_t *key_length )
-{
- (void) attributes;
- (void) key;
- (void) key_size;
- (void) key_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_transparent_validate_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *data,
- size_t data_length,
- size_t *bits )
-{
- ++test_driver_key_management_hooks.hits;
-
- if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_key_management_hooks.forced_status );
-
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
- psa_key_type_t type = psa_get_key_type( attributes );
- if ( PSA_KEY_TYPE_IS_ECC( type ) )
- {
- // Code mostly copied from psa_load_ecp_representation
- psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
- mbedtls_ecp_group_id grp_id;
- mbedtls_ecp_keypair ecp;
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-
- if( psa_get_key_bits( attributes ) == 0 )
- {
- // Attempt auto-detect of curve bit size
- size_t curve_size = data_length;
-
- if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
- PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
- {
- /* A Weierstrass public key is represented as:
- * - The byte 0x04;
- * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
- * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
- * So its data length is 2m+1 where m is the curve size in bits.
- */
- if( ( data_length & 1 ) == 0 )
- return( PSA_ERROR_INVALID_ARGUMENT );
- curve_size = data_length / 2;
-
- /* Montgomery public keys are represented in compressed format, meaning
- * their curve_size is equal to the amount of input. */
-
- /* Private keys are represented in uncompressed private random integer
- * format, meaning their curve_size is equal to the amount of input. */
- }
-
- grp_id = mbedtls_ecc_group_of_psa( curve, curve_size );
- }
- else
- {
- grp_id = mbedtls_ecc_group_of_psa( curve,
- PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
- }
-
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id( grp_id );
-
- if( attributes->domain_parameters_size != 0 )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- *bits = curve_info->bit_size;
-
- mbedtls_ecp_keypair_init( &ecp );
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
- if( status != PSA_SUCCESS )
- goto ecp_exit;
-
- /* Load the key material. */
- if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
- {
- /* Load the public value. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
- data,
- data_length ) );
- if( status != PSA_SUCCESS )
- goto ecp_exit;
-
- /* Check that the point is on the curve. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_check_pubkey( &ecp.grp, &ecp.Q ) );
- }
- else
- {
- /* Load and validate the secret value. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_read_key( ecp.grp.id,
- &ecp,
- data,
- data_length ) );
- }
-
-ecp_exit:
- mbedtls_ecp_keypair_free( &ecp );
- return( status );
- }
- return( PSA_ERROR_NOT_SUPPORTED );
-#else
- (void) attributes;
- (void) data;
- (void) data_length;
- (void) bits;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR ||
- * MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
-}
-
-psa_status_t test_transparent_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- uint8_t *data, size_t data_size, size_t *data_length )
-{
- ++test_driver_key_management_hooks.hits;
-
- if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_key_management_hooks.forced_status );
-
- if( test_driver_key_management_hooks.forced_output != NULL )
- {
- if( test_driver_key_management_hooks.forced_output_length > data_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- memcpy( data, test_driver_key_management_hooks.forced_output,
- test_driver_key_management_hooks.forced_output_length );
- *data_length = test_driver_key_management_hooks.forced_output_length;
- return( PSA_SUCCESS );
- }
-
- if( key == NULL || key_length == 0 )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
- psa_key_type_t keytype = psa_get_key_type( attributes );
- (void) keytype;
-
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
- if( PSA_KEY_TYPE_IS_ECC( keytype ) )
- {
- if( !PSA_KEY_TYPE_IS_KEY_PAIR( keytype ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
- /* Mostly copied from psa_crypto.c */
- mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE;
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- mbedtls_ecp_keypair ecp;
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
- if( attributes->domain_parameters_size != 0 )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- grp_id = mbedtls_ecc_group_of_psa( PSA_KEY_TYPE_ECC_GET_FAMILY( keytype ),
- PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
- if( grp_id == MBEDTLS_ECP_DP_NONE )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- mbedtls_ecp_keypair_init( &ecp );
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
- if( status != PSA_SUCCESS )
- goto ecp_exit;
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_read_key( ecp.grp.id,
- &ecp,
- key,
- key_length ) );
- if( status != PSA_SUCCESS )
- goto ecp_exit;
-
- /* Calculate the public key */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_mul( &ecp.grp, &ecp.Q, &ecp.d, &ecp.grp.G,
- &mbedtls_test_rnd_pseudo_rand,
- &rnd_info ) );
- if( status != PSA_SUCCESS )
- goto ecp_exit;
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_point_write_binary( &ecp.grp, &ecp.Q,
- MBEDTLS_ECP_PF_UNCOMPRESSED,
- data_length,
- data,
- data_size ) );
- if( status != PSA_SUCCESS )
- memset( data, 0, data_size );
-ecp_exit:
- mbedtls_ecp_keypair_free( &ecp );
- return( status );
- }
-#endif /* MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR ||
- * MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
-
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- uint8_t *data, size_t data_size, size_t *data_length )
-{
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) data;
- (void) data_size;
- (void) data_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c
new file mode 100644
index 0000000..759fa78
--- /dev/null
+++ b/tests/src/drivers/platform_builtin_keys.c
@@ -0,0 +1,91 @@
+/** \file platform_builtin_keys.c
+ *
+ * \brief Test driver implementation of the builtin key support
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <psa/crypto.h>
+#include <psa/crypto_extra.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <test/drivers/test_driver.h>
+#endif
+
+typedef struct
+{
+ psa_key_id_t builtin_key_id;
+ psa_key_lifetime_t lifetime;
+ psa_drv_slot_number_t slot_number;
+} mbedtls_psa_builtin_key_description_t;
+
+static const mbedtls_psa_builtin_key_description_t builtin_keys[] = {
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ /* For testing, assign the AES builtin key slot to the boundary values.
+ * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT},
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT},
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT},
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT},
+#else
+ {0, 0, 0}
+#endif
+};
+
+psa_status_t mbedtls_psa_platform_get_builtin_key(
+ mbedtls_svc_key_id_t key_id,
+ psa_key_lifetime_t *lifetime,
+ psa_drv_slot_number_t *slot_number )
+{
+ psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id );
+ const mbedtls_psa_builtin_key_description_t *builtin_key;
+
+ for( size_t i = 0;
+ i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ )
+ {
+ builtin_key = &builtin_keys[i];
+ if( builtin_key->builtin_key_id == app_key_id )
+ {
+ *lifetime = builtin_key->lifetime;
+ *slot_number = builtin_key->slot_number;
+ return( PSA_SUCCESS );
+ }
+ }
+
+ return( PSA_ERROR_DOES_NOT_EXIST );
+}
diff --git a/tests/src/drivers/signature.c b/tests/src/drivers/signature.c
deleted file mode 100644
index cea0351..0000000
--- a/tests/src/drivers/signature.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/*
- * Test driver for signature functions.
- * Currently supports signing and verifying precalculated hashes, using
- * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
- */
-/* Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-#include "psa/crypto.h"
-#include "psa_crypto_core.h"
-#include "mbedtls/ecp.h"
-
-#include "test/drivers/signature.h"
-
-#include "mbedtls/md.h"
-#include "mbedtls/ecdsa.h"
-
-#include "test/random.h"
-
-#include <string.h>
-
-test_driver_signature_hooks_t test_driver_signature_sign_hooks = TEST_DRIVER_SIGNATURE_INIT;
-test_driver_signature_hooks_t test_driver_signature_verify_hooks = TEST_DRIVER_SIGNATURE_INIT;
-
-psa_status_t test_transparent_signature_sign_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size, size_t *signature_length )
-{
- ++test_driver_signature_sign_hooks.hits;
-
- if( test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_signature_sign_hooks.forced_status );
-
- if( test_driver_signature_sign_hooks.forced_output != NULL )
- {
- if( test_driver_signature_sign_hooks.forced_output_length > signature_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- memcpy( signature, test_driver_signature_sign_hooks.forced_output,
- test_driver_signature_sign_hooks.forced_output_length );
- *signature_length = test_driver_signature_sign_hooks.forced_output_length;
- return( PSA_SUCCESS );
- }
-
- psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
- defined(MBEDTLS_SHA256_C)
- if( alg != PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) )
- return( PSA_ERROR_NOT_SUPPORTED );
- mbedtls_ecp_group_id grp_id;
- switch( psa_get_key_type( attributes ) )
- {
- case PSA_ECC_CURVE_SECP_R1:
- switch( psa_get_key_bits( attributes ) )
- {
- case 256:
- grp_id = MBEDTLS_ECP_DP_SECP256R1;
- break;
- case 384:
- grp_id = MBEDTLS_ECP_DP_SECP384R1;
- break;
- case 521:
- grp_id = MBEDTLS_ECP_DP_SECP521R1;
- break;
- default:
- return( PSA_ERROR_NOT_SUPPORTED );
- }
- break;
- default:
- return( PSA_ERROR_NOT_SUPPORTED );
- }
-
- /* Beyond this point, the driver is actually doing the work of
- * calculating the signature. */
-
- status = PSA_ERROR_GENERIC_ERROR;
- int ret = 0;
- mbedtls_mpi r, s;
- mbedtls_mpi_init( &r );
- mbedtls_mpi_init( &s );
- mbedtls_ecp_keypair ecp;
- mbedtls_ecp_keypair_init( &ecp );
- size_t curve_bytes = PSA_BITS_TO_BYTES( ecp.grp.pbits );
-
- MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
- key, key_length ) );
-
- /* Code adapted from psa_ecdsa_sign() in psa_crypto.c. */
- mbedtls_md_type_t md_alg = MBEDTLS_MD_SHA256;
- if( signature_size < 2 * curve_bytes )
- {
- status = PSA_ERROR_BUFFER_TOO_SMALL;
- goto cleanup;
- }
- MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp.grp, &r, &s, &ecp.d,
- hash, hash_length, md_alg ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
- signature,
- curve_bytes ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
- signature + curve_bytes,
- curve_bytes ) );
-cleanup:
- status = mbedtls_to_psa_error( ret );
- mbedtls_mpi_free( &r );
- mbedtls_mpi_free( &s );
- mbedtls_ecp_keypair_free( &ecp );
- if( status == PSA_SUCCESS )
- *signature_length = 2 * curve_bytes;
-#else /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
- defined(MBEDTLS_SHA256_C) */
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) alg;
- (void) hash;
- (void) hash_length;
-#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
- defined(MBEDTLS_SHA256_C) */
-
- return( status );
-}
-
-psa_status_t test_opaque_signature_sign_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size, size_t *signature_length )
-{
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) alg;
- (void) hash;
- (void) hash_length;
- (void) signature;
- (void) signature_size;
- (void) signature_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_transparent_signature_verify_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length )
-{
- ++test_driver_signature_verify_hooks.hits;
-
- if( test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_signature_verify_hooks.forced_status );
-
- psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
- defined(MBEDTLS_SHA256_C)
- if( alg != PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) )
- return( PSA_ERROR_NOT_SUPPORTED );
- mbedtls_ecp_group_id grp_id;
- switch( psa_get_key_type( attributes ) )
- {
- case PSA_ECC_CURVE_SECP_R1:
- switch( psa_get_key_bits( attributes ) )
- {
- case 256:
- grp_id = MBEDTLS_ECP_DP_SECP256R1;
- break;
- case 384:
- grp_id = MBEDTLS_ECP_DP_SECP384R1;
- break;
- case 521:
- grp_id = MBEDTLS_ECP_DP_SECP521R1;
- break;
- default:
- return( PSA_ERROR_NOT_SUPPORTED );
- }
- break;
- default:
- return( PSA_ERROR_NOT_SUPPORTED );
- }
-
- /* Beyond this point, the driver is actually doing the work of
- * calculating the signature. */
-
- status = PSA_ERROR_GENERIC_ERROR;
- int ret = 0;
- mbedtls_mpi r, s;
- mbedtls_mpi_init( &r );
- mbedtls_mpi_init( &s );
- mbedtls_ecp_keypair ecp;
- mbedtls_ecp_keypair_init( &ecp );
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
- size_t curve_bytes = PSA_BITS_TO_BYTES( ecp.grp.pbits );
-
- MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
-
- /* Code adapted from psa_ecdsa_verify() in psa_crypto.c. */
- if( signature_length < 2 * curve_bytes )
- {
- status = PSA_ERROR_BUFFER_TOO_SMALL;
- goto cleanup;
- }
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
- signature,
- curve_bytes ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
- signature + curve_bytes,
- curve_bytes ) );
-
- if( PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( attributes ) ) )
- MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
- key, key_length ) );
- else
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ecp.d, key, key_length ) );
- MBEDTLS_MPI_CHK(
- mbedtls_ecp_mul( &ecp.grp, &ecp.Q, &ecp.d, &ecp.grp.G,
- &mbedtls_test_rnd_pseudo_rand,
- &rnd_info ) );
- }
-
- MBEDTLS_MPI_CHK( mbedtls_ecdsa_verify( &ecp.grp, hash, hash_length,
- &ecp.Q, &r, &s ) );
-cleanup:
- status = mbedtls_to_psa_error( ret );
- mbedtls_mpi_free( &r );
- mbedtls_mpi_free( &s );
- mbedtls_ecp_keypair_free( &ecp );
-#else /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
- defined(MBEDTLS_SHA256_C) */
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) alg;
- (void) hash;
- (void) hash_length;
- (void) signature;
- (void) signature_length;
-#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
- defined(MBEDTLS_SHA256_C) */
-
- return( status );
-}
-
-psa_status_t test_opaque_signature_verify_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length )
-{
- (void) attributes;
- (void) key;
- (void) key_length;
- (void) alg;
- (void) hash;
- (void) hash_length;
- (void) signature;
- (void) signature_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/size.c b/tests/src/drivers/size.c
deleted file mode 100644
index 16a8692..0000000
--- a/tests/src/drivers/size.c
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Test driver for retrieving key context size.
- * Only used by opaque drivers.
- */
-/* Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-
-#include "test/drivers/size.h"
-
-#ifdef TEST_KEY_CONTEXT_SIZE_FUNCTION
-size_t test_size_function(
- const psa_key_type_t key_type,
- const size_t key_bits )
-{
- (void) key_type;
- (void) key_bits;
- return 0;
-}
-#endif /*TEST_KEY_CONTEXT_SIZE_FUNCTION */
-
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c
new file mode 100644
index 0000000..25396c9
--- /dev/null
+++ b/tests/src/drivers/test_driver_aead.c
@@ -0,0 +1,96 @@
+/*
+ * Test driver for AEAD entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_aead.h"
+
+#include "test/drivers/aead.h"
+
+mbedtls_test_driver_aead_hooks_t
+ mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT;
+
+psa_status_t mbedtls_test_transparent_aead_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *plaintext, size_t plaintext_length,
+ uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
+{
+ mbedtls_test_driver_aead_hooks.hits++;
+
+ if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_encrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, plaintext_length,
+ ciphertext, ciphertext_size, ciphertext_length );
+ }
+
+ return( mbedtls_test_driver_aead_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_aead_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *ciphertext, size_t ciphertext_length,
+ uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
+{
+ mbedtls_test_driver_aead_hooks.hits++;
+
+ if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_decrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ ciphertext, ciphertext_length,
+ plaintext, plaintext_size, plaintext_length );
+ }
+
+ return( mbedtls_test_driver_aead_hooks.driver_status );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c
new file mode 100644
index 0000000..6aca193
--- /dev/null
+++ b/tests/src/drivers/test_driver_cipher.c
@@ -0,0 +1,358 @@
+/*
+ * Test driver for cipher functions.
+ * Currently only supports multi-part operations using AES-CTR.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_cipher.h"
+#include "psa_crypto_core.h"
+#include "mbedtls/cipher.h"
+
+#include "test/drivers/cipher.h"
+
+#include "test/random.h"
+
+#include <string.h>
+
+mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks =
+ MBEDTLS_TEST_DRIVER_CIPHER_INIT;
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
+ {
+ if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ memcpy( output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length );
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+ }
+
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+
+ psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) );
+
+ return( mbedtls_transparent_test_driver_cipher_encrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
+ {
+ if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ memcpy( output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length );
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+ }
+
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+
+ return( mbedtls_transparent_test_driver_cipher_decrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ /* Wiping the entire struct here, instead of member-by-member. This is
+ * useful for the test suite, since it gives a chance of catching memory
+ * corruption errors should the core not have allocated (enough) memory for
+ * our context struct. */
+ memset( operation, 0, sizeof( *operation ) );
+
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+
+ return ( mbedtls_transparent_test_driver_cipher_encrypt_setup(
+ operation, attributes, key, key_length, alg ) );
+}
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt_setup(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+
+ return ( mbedtls_transparent_test_driver_cipher_decrypt_setup(
+ operation, attributes, key, key_length, alg ) );
+}
+
+psa_status_t mbedtls_test_transparent_cipher_abort(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if( operation->alg == 0 )
+ return( PSA_SUCCESS );
+
+ mbedtls_transparent_test_driver_cipher_abort( operation );
+
+ /* Wiping the entire struct here, instead of member-by-member. This is
+ * useful for the test suite, since it gives a chance of catching memory
+ * corruption errors should the core not have allocated (enough) memory for
+ * our context struct. */
+ memset( operation, 0, sizeof( *operation ) );
+
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+}
+
+psa_status_t mbedtls_test_transparent_cipher_set_iv(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const uint8_t *iv,
+ size_t iv_length)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+
+ return( mbedtls_transparent_test_driver_cipher_set_iv(
+ operation, iv, iv_length ) );
+}
+
+psa_status_t mbedtls_test_transparent_cipher_update(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
+ {
+ if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+
+ memcpy( output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length );
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+ }
+
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+
+ return( mbedtls_transparent_test_driver_cipher_update(
+ operation, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_test_transparent_cipher_finish(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
+ {
+ if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+
+ memcpy( output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length );
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+ }
+
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+
+ return( mbedtls_transparent_test_driver_cipher_finish(
+ operation, output, output_size, output_length ) );
+}
+
+/*
+ * opaque versions, to do
+ */
+psa_status_t mbedtls_test_opaque_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_opaque_cipher_encrypt_setup(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg)
+{
+ (void) operation;
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt_setup(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg)
+{
+ (void) operation;
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_opaque_cipher_abort(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation )
+{
+ (void) operation;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_opaque_cipher_set_iv(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const uint8_t *iv,
+ size_t iv_length)
+{
+ (void) operation;
+ (void) iv;
+ (void) iv_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_opaque_cipher_update(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_opaque_cipher_finish(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ (void) operation;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c
new file mode 100644
index 0000000..19e1033
--- /dev/null
+++ b/tests/src/drivers/test_driver_key_management.c
@@ -0,0 +1,392 @@
+/*
+ * Test driver for generating and verifying keys.
+ * Currently only supports generating and verifying ECC keys.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_rsa.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/error.h"
+
+#include "test/drivers/key_management.h"
+
+#include "test/random.h"
+
+#include <string.h>
+
+mbedtls_test_driver_key_management_hooks_t
+ mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
+
+const uint8_t mbedtls_test_driver_aes_key[16] =
+ { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
+ 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
+const uint8_t mbedtls_test_driver_ecdsa_key[32] =
+ { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
+ 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
+ 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
+ 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
+const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
+ { 0x04,
+ 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
+ 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
+ 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
+ 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
+ 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
+ 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
+ 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
+ 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
+
+psa_status_t mbedtls_test_transparent_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length )
+{
+ ++mbedtls_test_driver_key_management_hooks.hits;
+
+ if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_key_management_hooks.forced_status );
+
+ if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
+ {
+ if( mbedtls_test_driver_key_management_hooks.forced_output_length >
+ key_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output,
+ mbedtls_test_driver_key_management_hooks.forced_output_length );
+ *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
+ return( PSA_SUCCESS );
+ }
+
+ /* Copied from psa_crypto.c */
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
+ if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
+ && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
+ {
+ return( mbedtls_transparent_test_driver_ecp_generate_key(
+ attributes, key, key_size, key_length ) );
+ }
+ else
+#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */
+
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
+ if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
+ return( mbedtls_transparent_test_driver_rsa_generate_key(
+ attributes, key, key_size, key_length ) );
+ else
+#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
+ {
+ (void)attributes;
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+}
+
+psa_status_t mbedtls_test_opaque_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length )
+{
+ (void) attributes;
+ (void) key;
+ (void) key_size;
+ (void) key_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_transparent_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length,
+ size_t *bits)
+{
+ ++mbedtls_test_driver_key_management_hooks.hits;
+
+ if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_key_management_hooks.forced_status );
+
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t type = psa_get_key_type( attributes );
+
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
+ if( PSA_KEY_TYPE_IS_ECC( type ) )
+ {
+ status = mbedtls_transparent_test_driver_ecp_import_key(
+ attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits );
+ }
+ else
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
+ if( PSA_KEY_TYPE_IS_RSA( type ) )
+ {
+ status = mbedtls_transparent_test_driver_rsa_import_key(
+ attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits );
+ }
+ else
+#endif
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ (void)data;
+ (void)data_length;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)key_buffer_length;
+ (void)bits;
+ (void)type;
+ }
+
+ return( status );
+}
+
+psa_status_t mbedtls_test_opaque_export_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ if( key_length != sizeof( psa_drv_slot_number_t ) )
+ {
+ /* Test driver does not support generic opaque key handling yet. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ /* Assume this is a builtin key based on the key material length. */
+ psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
+
+ switch( slot_number )
+ {
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+ /* This is the ECDSA slot. Verify the key's attributes before
+ * returning the private key. */
+ if( psa_get_key_type( attributes ) !=
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ if( psa_get_key_bits( attributes ) != 256 )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ if( psa_get_key_algorithm( attributes ) !=
+ PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ if( ( psa_get_key_usage_flags( attributes ) &
+ PSA_KEY_USAGE_EXPORT ) == 0 )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+
+ if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ memcpy( data, mbedtls_test_driver_ecdsa_key,
+ sizeof( mbedtls_test_driver_ecdsa_key ) );
+ *data_length = sizeof( mbedtls_test_driver_ecdsa_key );
+ return( PSA_SUCCESS );
+
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
+ /* This is the AES slot. Verify the key's attributes before
+ * returning the key. */
+ if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ if( psa_get_key_bits( attributes ) != 128 )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ if( ( psa_get_key_usage_flags( attributes ) &
+ PSA_KEY_USAGE_EXPORT ) == 0 )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+
+ if( data_size < sizeof( mbedtls_test_driver_aes_key ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ memcpy( data, mbedtls_test_driver_aes_key,
+ sizeof( mbedtls_test_driver_aes_key ) );
+ *data_length = sizeof( mbedtls_test_driver_aes_key );
+ return( PSA_SUCCESS );
+
+ default:
+ return( PSA_ERROR_DOES_NOT_EXIST );
+ }
+}
+
+psa_status_t mbedtls_test_transparent_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ ++mbedtls_test_driver_key_management_hooks.hits;
+
+ if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_key_management_hooks.forced_status );
+
+ if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
+ {
+ if( mbedtls_test_driver_key_management_hooks.forced_output_length >
+ data_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output,
+ mbedtls_test_driver_key_management_hooks.forced_output_length );
+ *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
+ return( PSA_SUCCESS );
+ }
+
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t key_type = psa_get_key_type( attributes );
+
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
+ if( PSA_KEY_TYPE_IS_ECC( key_type ) )
+ {
+ status = mbedtls_transparent_test_driver_ecp_export_public_key(
+ attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length );
+ }
+ else
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
+ if( PSA_KEY_TYPE_IS_RSA( key_type ) )
+ {
+ status = mbedtls_transparent_test_driver_rsa_export_public_key(
+ attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length );
+ }
+ else
+#endif
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)key_type;
+ }
+
+ return( status );
+}
+
+psa_status_t mbedtls_test_opaque_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length )
+{
+ if( key_length != sizeof( psa_drv_slot_number_t ) )
+ {
+ /* Test driver does not support generic opaque key handling yet. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ /* Assume this is a builtin key based on the key material length. */
+ psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
+ switch( slot_number )
+ {
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+ /* This is the ECDSA slot. Verify the key's attributes before
+ * returning the public key. */
+ if( psa_get_key_type( attributes ) !=
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ if( psa_get_key_bits( attributes ) != 256 )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ if( psa_get_key_algorithm( attributes ) !=
+ PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+
+ if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ memcpy( data, mbedtls_test_driver_ecdsa_pubkey,
+ sizeof( mbedtls_test_driver_ecdsa_pubkey ) );
+ *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey );
+ return( PSA_SUCCESS );
+
+ default:
+ return( PSA_ERROR_DOES_NOT_EXIST );
+ }
+}
+
+/* The opaque test driver exposes two built-in keys when builtin key support is
+ * compiled in.
+ * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
+ * key which allows CTR mode.
+ * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
+ * private key which allows ECDSA sign & verify.
+ * The key buffer format for these is the raw format of psa_drv_slot_number_t
+ * (i.e. for an actual driver this would mean 'builtin_key_size' =
+ * sizeof(psa_drv_slot_number_t)).
+ */
+psa_status_t mbedtls_test_opaque_get_builtin_key(
+ psa_drv_slot_number_t slot_number,
+ psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ switch( slot_number )
+ {
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
+ psa_set_key_type( attributes, PSA_KEY_TYPE_AES );
+ psa_set_key_bits( attributes, 128 );
+ psa_set_key_usage_flags(
+ attributes,
+ PSA_KEY_USAGE_ENCRYPT |
+ PSA_KEY_USAGE_DECRYPT |
+ PSA_KEY_USAGE_EXPORT );
+ psa_set_key_algorithm( attributes, PSA_ALG_CTR );
+
+ if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ *( (psa_drv_slot_number_t*) key_buffer ) =
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
+ *key_buffer_length = sizeof( psa_drv_slot_number_t );
+ return( PSA_SUCCESS );
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+ psa_set_key_type(
+ attributes,
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
+ psa_set_key_bits( attributes, 256 );
+ psa_set_key_usage_flags(
+ attributes,
+ PSA_KEY_USAGE_SIGN_HASH |
+ PSA_KEY_USAGE_VERIFY_HASH |
+ PSA_KEY_USAGE_EXPORT );
+ psa_set_key_algorithm(
+ attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) );
+
+ if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ *( (psa_drv_slot_number_t*) key_buffer ) =
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
+ *key_buffer_length = sizeof( psa_drv_slot_number_t );
+ return( PSA_SUCCESS );
+ default:
+ return( PSA_ERROR_DOES_NOT_EXIST );
+ }
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c
new file mode 100644
index 0000000..69af107
--- /dev/null
+++ b/tests/src/drivers/test_driver_mac.c
@@ -0,0 +1,362 @@
+/*
+ * Test driver for MAC entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_mac.h"
+
+#include "test/drivers/mac.h"
+
+mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks =
+ MBEDTLS_TEST_DRIVER_MAC_INIT;
+
+psa_status_t mbedtls_test_transparent_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_transparent_test_driver_mac_compute(
+ attributes, key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_mac_sign_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_transparent_test_driver_mac_sign_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_mac_verify_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_transparent_test_driver_mac_verify_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_mac_update(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_transparent_test_driver_mac_update(
+ operation, input, input_length );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_mac_sign_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_transparent_test_driver_mac_sign_finish(
+ operation, mac, mac_size, mac_length );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_mac_verify_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_transparent_test_driver_mac_verify_finish(
+ operation, mac, mac_length );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_transparent_mac_abort(
+ mbedtls_transparent_test_driver_mac_operation_t *operation )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_transparent_test_driver_mac_abort( operation );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_opaque_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_opaque_test_driver_mac_compute(
+ attributes, key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_opaque_mac_sign_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_opaque_test_driver_mac_sign_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_opaque_mac_verify_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_opaque_test_driver_mac_verify_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_opaque_mac_update(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_opaque_test_driver_mac_update(
+ operation, input, input_length );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_opaque_mac_sign_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_opaque_test_driver_mac_sign_finish(
+ operation, mac, mac_size, mac_length );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_opaque_mac_verify_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_opaque_test_driver_mac_verify_finish(
+ operation, mac, mac_length );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+psa_status_t mbedtls_test_opaque_mac_abort(
+ mbedtls_opaque_test_driver_mac_operation_t *operation )
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS )
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ }
+ else
+ {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_opaque_test_driver_mac_abort( operation );
+ }
+
+ return( mbedtls_test_driver_mac_hooks.driver_status );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c
new file mode 100644
index 0000000..14de831
--- /dev/null
+++ b/tests/src/drivers/test_driver_signature.c
@@ -0,0 +1,376 @@
+/*
+ * Test driver for signature functions.
+ * Currently supports signing and verifying precalculated hashes, using
+ * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_hash.h"
+#include "psa_crypto_rsa.h"
+#include "mbedtls/ecp.h"
+
+#include "test/drivers/signature.h"
+
+#include "mbedtls/md.h"
+#include "mbedtls/ecdsa.h"
+
+#include "test/random.h"
+
+#include <string.h>
+
+mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
+mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
+
+psa_status_t sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
+ if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
+ {
+ return( mbedtls_transparent_test_driver_rsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+ }
+ else
+#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
+
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+ if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
+ {
+ if(
+#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+ PSA_ALG_IS_ECDSA( alg )
+#else
+ PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
+#endif
+ )
+ {
+ return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+ }
+ else
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ }
+ else
+#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
+ * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
+ {
+ (void)attributes;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_size;
+ (void)signature_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+}
+
+psa_status_t verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length )
+{
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
+ if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
+ {
+ return( mbedtls_transparent_test_driver_rsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+ }
+ else
+#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
+
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+ if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
+ {
+ if( PSA_ALG_IS_ECDSA( alg ) )
+ {
+ return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+ }
+ else
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ }
+ else
+#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
+ * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
+ {
+ (void)attributes;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_length;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+}
+
+psa_status_t mbedtls_test_transparent_signature_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t hash_length;
+ uint8_t hash[PSA_HASH_MAX_SIZE];
+
+ ++mbedtls_test_driver_signature_sign_hooks.hits;
+
+ if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_signature_sign_hooks.forced_status );
+
+ if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
+ {
+ if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
+ mbedtls_test_driver_signature_sign_hooks.forced_output_length );
+ *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
+
+ return( PSA_SUCCESS );
+ }
+
+ status = mbedtls_transparent_test_driver_hash_compute(
+ PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
+ hash, sizeof( hash ), &hash_length );
+
+ if( status != PSA_SUCCESS )
+ return status;
+
+ return sign_hash( attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length );
+}
+
+psa_status_t mbedtls_test_opaque_signature_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) signature;
+ (void) signature_size;
+ (void) signature_length;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_transparent_signature_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t hash_length;
+ uint8_t hash[PSA_HASH_MAX_SIZE];
+
+ ++mbedtls_test_driver_signature_verify_hooks.hits;
+
+ if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_signature_verify_hooks.forced_status );
+
+ status = mbedtls_transparent_test_driver_hash_compute(
+ PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
+ hash, sizeof( hash ), &hash_length );
+
+ if( status != PSA_SUCCESS )
+ return status;
+
+ return verify_hash( attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length );
+}
+
+psa_status_t mbedtls_test_opaque_signature_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length )
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) signature;
+ (void) signature_length;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_transparent_signature_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+ ++mbedtls_test_driver_signature_sign_hooks.hits;
+
+ if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_signature_sign_hooks.forced_status );
+
+ if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL )
+ {
+ if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
+ mbedtls_test_driver_signature_sign_hooks.forced_output_length );
+ *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
+ return( PSA_SUCCESS );
+ }
+
+ return sign_hash( attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length );
+}
+
+psa_status_t mbedtls_test_opaque_signature_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length )
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) hash;
+ (void) hash_length;
+ (void) signature;
+ (void) signature_size;
+ (void) signature_length;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t mbedtls_test_transparent_signature_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+ ++mbedtls_test_driver_signature_verify_hooks.hits;
+
+ if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_signature_verify_hooks.forced_status );
+
+ return verify_hash( attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length );
+}
+
+psa_status_t mbedtls_test_opaque_signature_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length )
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) hash;
+ (void) hash_length;
+ (void) signature;
+ (void) signature_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_size.c b/tests/src/drivers/test_driver_size.c
new file mode 100644
index 0000000..d8bcaee
--- /dev/null
+++ b/tests/src/drivers/test_driver_size.c
@@ -0,0 +1,101 @@
+/*
+ * Test driver for retrieving key context size.
+ * Only used by opaque drivers.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+
+#include "test/drivers/size.h"
+#include "psa/crypto.h"
+
+typedef struct {
+ unsigned int context;
+} test_driver_key_context_t;
+
+/*
+ * This macro returns the base size for the key context. It is the size of the
+ * driver specific information stored in each key context.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t )
+
+/*
+ * Number of bytes included in every key context for a key pair.
+ *
+ * This pair size is for an ECC 256-bit private/public key pair.
+ * Based on this value, the size of the private key can be derived by
+ * subtracting the public key size below from this one.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65
+
+/*
+ * Number of bytes included in every key context for a public key.
+ *
+ * For ECC public keys, it needs 257 bits so 33 bytes.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33
+
+/*
+ * Every key context for a symmetric key includes this many times the key size.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0
+
+/*
+ * If this is true for a key pair, the key context includes space for the public key.
+ * If this is false, no additional space is added for the public key.
+ *
+ * For this instance, store the public key with the private one.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1
+
+size_t mbedtls_test_size_function(
+ const psa_key_type_t key_type,
+ const size_t key_bits )
+{
+ size_t key_buffer_size = 0;
+
+ if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) )
+ {
+ int public_key_overhead =
+ ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 )
+ ? PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 );
+ key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE +
+ TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE +
+ public_key_overhead;
+ }
+ else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) )
+ {
+ key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE +
+ TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE;
+ }
+ else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) &&
+ !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) )
+ {
+ key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE +
+ ( TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR *
+ ( ( key_bits + 7 ) / 8 ) );
+ }
+
+ return( key_buffer_size );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/fake_external_rng_for_test.c b/tests/src/fake_external_rng_for_test.c
new file mode 100644
index 0000000..9c2195b
--- /dev/null
+++ b/tests/src/fake_external_rng_for_test.c
@@ -0,0 +1,56 @@
+/** \file fake_external_rng_for_test.c
+ *
+ * \brief Helper functions to test PSA crypto functionality.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <test/fake_external_rng_for_test.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#include <test/random.h>
+#include <psa/crypto.h>
+
+static int test_insecure_external_rng_enabled = 0;
+
+void mbedtls_test_enable_insecure_external_rng( void )
+{
+ test_insecure_external_rng_enabled = 1;
+}
+
+void mbedtls_test_disable_insecure_external_rng( void )
+{
+ test_insecure_external_rng_enabled = 0;
+}
+
+psa_status_t mbedtls_psa_external_get_random(
+ mbedtls_psa_external_random_context_t *context,
+ uint8_t *output, size_t output_size, size_t *output_length )
+{
+ (void) context;
+
+ if( !test_insecure_external_rng_enabled )
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+
+ /* This implementation is for test purposes only!
+ * Use the libc non-cryptographic random generator. */
+ mbedtls_test_rnd_std_rand( NULL, output, output_size );
+ *output_length = output_size;
+ return( PSA_SUCCESS );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
diff --git a/tests/src/helpers.c b/tests/src/helpers.c
index a18f1d4..bf6c1d9 100644
--- a/tests/src/helpers.c
+++ b/tests/src/helpers.c
@@ -44,6 +44,8 @@
static mbedtls_platform_context platform_ctx;
#endif
+mbedtls_test_info_t mbedtls_test_info;
+
/*----------------------------------------------------------------------------*/
/* Helper Functions */
@@ -77,6 +79,42 @@
return( 0 );
}
+void mbedtls_test_fail( const char *test, int line_no, const char* filename )
+{
+ if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED )
+ {
+ /* We've already recorded the test as having failed. Don't
+ * overwrite any previous information about the failure. */
+ return;
+ }
+ mbedtls_test_info.result = MBEDTLS_TEST_RESULT_FAILED;
+ mbedtls_test_info.test = test;
+ mbedtls_test_info.line_no = line_no;
+ mbedtls_test_info.filename = filename;
+}
+
+void mbedtls_test_skip( const char *test, int line_no, const char* filename )
+{
+ mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SKIPPED;
+ mbedtls_test_info.test = test;
+ mbedtls_test_info.line_no = line_no;
+ mbedtls_test_info.filename = filename;
+}
+
+void mbedtls_test_set_step( unsigned long step )
+{
+ mbedtls_test_info.step = step;
+}
+
+void mbedtls_test_info_reset( void )
+{
+ mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SUCCESS;
+ mbedtls_test_info.step = (unsigned long)( -1 );
+ mbedtls_test_info.test = 0;
+ mbedtls_test_info.line_no = 0;
+ mbedtls_test_info.filename = 0;
+}
+
int mbedtls_test_unhexify( unsigned char *obuf,
size_t obufmax,
const char *ibuf,
@@ -244,3 +282,74 @@
}
}
#endif /* MBEDTLS_CHECK_PARAMS */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+void mbedtls_test_err_add_check( int high, int low,
+ const char *file, int line )
+{
+ /* Error codes are always negative (a value of zero is a success) however
+ * their positive opposites can be easier to understand. The following
+ * examples given in comments have been made positive for ease of
+ * understanding. The structure of an error code is such:
+ *
+ * shhhhhhhhlllllll
+ *
+ * s = sign bit.
+ * h = high level error code (includes high level module ID (bits 12..14)
+ * and module-dependent error code (bits 7..11)).
+ * l = low level error code.
+ */
+ if ( high > -0x1000 && high != 0 )
+ /* high < 0001000000000000
+ * No high level module ID bits are set.
+ */
+ {
+ mbedtls_test_fail( "'high' is not a high-level error code",
+ line, file );
+ }
+ else if ( high < -0x7F80 )
+ /* high > 0111111110000000
+ * Error code is greater than the largest allowed high level module ID.
+ */
+ {
+ mbedtls_test_fail( "'high' error code is greater than 15 bits",
+ line, file );
+ }
+ else if ( ( high & 0x7F ) != 0 )
+ /* high & 0000000001111111
+ * Error code contains low level error code bits.
+ */
+ {
+ mbedtls_test_fail( "'high' contains a low-level error code",
+ line, file );
+ }
+ else if ( low < -0x007F )
+ /* low > 0000000001111111
+ * Error code contains high or module level error code bits.
+ */
+ {
+ mbedtls_test_fail( "'low' error code is greater than 7 bits",
+ line, file );
+ }
+ else if ( low > 0 )
+ {
+ mbedtls_test_fail( "'low' error code is greater than zero",
+ line, file );
+ }
+}
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_BIGNUM_C)
+int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s )
+{
+ /* mbedtls_mpi_read_string() currently retains leading zeros.
+ * It always allocates at least one limb for the value 0. */
+ if( s[0] == 0 )
+ {
+ mbedtls_mpi_free( X );
+ return( 0 );
+ }
+ else
+ return( mbedtls_mpi_read_string( X, radix, s ) );
+}
+#endif
diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c
new file mode 100644
index 0000000..d9d841a
--- /dev/null
+++ b/tests/src/psa_crypto_helpers.c
@@ -0,0 +1,130 @@
+/** \file psa_crypto_helpers.c
+ *
+ * \brief Helper functions to test PSA crypto functionality.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <test/psa_crypto_helpers.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+
+#include <psa_crypto_storage.h>
+
+static mbedtls_svc_key_id_t key_ids_used_in_test[9];
+static size_t num_key_ids_used;
+
+int mbedtls_test_uses_key_id( mbedtls_svc_key_id_t key_id )
+{
+ size_t i;
+ if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ) >
+ PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
+ {
+ /* Don't touch key id values that designate non-key files. */
+ return( 1 );
+ }
+ for( i = 0; i < num_key_ids_used ; i++ )
+ {
+ if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) )
+ return( 1 );
+ }
+ if( num_key_ids_used == ARRAY_LENGTH( key_ids_used_in_test ) )
+ return( 0 );
+ key_ids_used_in_test[num_key_ids_used] = key_id;
+ ++num_key_ids_used;
+ return( 1 );
+}
+
+void mbedtls_test_psa_purge_key_storage( void )
+{
+ size_t i;
+ for( i = 0; i < num_key_ids_used; i++ )
+ psa_destroy_persistent_key( key_ids_used_in_test[i] );
+ num_key_ids_used = 0;
+}
+
+void mbedtls_test_psa_purge_key_cache( void )
+{
+ size_t i;
+ for( i = 0; i < num_key_ids_used; i++ )
+ psa_purge_key( key_ids_used_in_test[i] );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+const char *mbedtls_test_helper_is_psa_leaking( void )
+{
+ mbedtls_psa_stats_t stats;
+
+ mbedtls_psa_get_stats( &stats );
+
+ if( stats.volatile_slots != 0 )
+ return( "A volatile slot has not been closed properly." );
+ if( stats.persistent_slots != 0 )
+ return( "A persistent slot has not been closed properly." );
+ if( stats.external_slots != 0 )
+ return( "An external slot has not been closed properly." );
+ if( stats.half_filled_slots != 0 )
+ return( "A half-filled slot has not been cleared properly." );
+ if( stats.locked_slots != 0 )
+ return( "Some slots are still marked as locked." );
+
+ return( NULL );
+}
+
+#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
+/** Name of the file where return statuses are logged by #RECORD_STATUS. */
+#define STATUS_LOG_FILE_NAME "statuses.log"
+
+psa_status_t mbedtls_test_record_status( psa_status_t status,
+ const char *func,
+ const char *file, int line,
+ const char *expr )
+{
+ /* We open the log file on first use.
+ * We never close the log file, so the record_status feature is not
+ * compatible with resource leak detectors such as Asan.
+ */
+ static FILE *log;
+ if( log == NULL )
+ log = fopen( STATUS_LOG_FILE_NAME, "a" );
+ fprintf( log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr );
+ return( status );
+}
+#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+
+psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags )
+{
+ psa_key_usage_t updated_usage = usage_flags;
+
+ if( usage_flags & PSA_KEY_USAGE_SIGN_HASH )
+ updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE;
+
+ if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
+ updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+
+ return( updated_usage );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c
new file mode 100644
index 0000000..e4e55c9
--- /dev/null
+++ b/tests/src/psa_exercise_key.c
@@ -0,0 +1,964 @@
+/** Code to exercise a PSA key object, i.e. validate that it seems well-formed
+ * and can do what it is supposed to do.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <test/psa_exercise_key.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <mbedtls/asn1.h>
+#include <psa/crypto.h>
+
+#include <test/asn1_helpers.h>
+#include <test/psa_crypto_helpers.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+static int lifetime_is_dynamic_secure_element( psa_key_lifetime_t lifetime )
+{
+ return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) !=
+ PSA_KEY_LOCATION_LOCAL_STORAGE );
+}
+#endif
+
+static int check_key_attributes_sanity( mbedtls_svc_key_id_t key )
+{
+ int ok = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_lifetime_t lifetime;
+ mbedtls_svc_key_id_t id;
+ psa_key_type_t type;
+ size_t bits;
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ lifetime = psa_get_key_lifetime( &attributes );
+ id = psa_get_key_id( &attributes );
+ type = psa_get_key_type( &attributes );
+ bits = psa_get_key_bits( &attributes );
+
+ /* Persistence */
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ TEST_ASSERT(
+ ( PSA_KEY_ID_VOLATILE_MIN <=
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) &&
+ ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <=
+ PSA_KEY_ID_VOLATILE_MAX ) );
+ }
+ else
+ {
+ TEST_ASSERT(
+ ( PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) &&
+ ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= PSA_KEY_ID_USER_MAX ) );
+ }
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ /* randomly-generated 64-bit constant, should never appear in test data */
+ psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21;
+ psa_status_t status = psa_get_key_slot_number( &attributes, &slot_number );
+ if( lifetime_is_dynamic_secure_element( lifetime ) )
+ {
+ /* Mbed Crypto currently always exposes the slot number to
+ * applications. This is not mandated by the PSA specification
+ * and may change in future versions. */
+ TEST_EQUAL( status, 0 );
+ TEST_ASSERT( slot_number != 0xec94d4a5058a1a21 );
+ }
+ else
+ {
+ TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT );
+ }
+#endif
+
+ /* Type and size */
+ TEST_ASSERT( type != 0 );
+ TEST_ASSERT( bits != 0 );
+ TEST_ASSERT( bits <= PSA_MAX_KEY_BITS );
+ if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
+ TEST_ASSERT( bits % 8 == 0 );
+
+ /* MAX macros concerning specific key types */
+ if( PSA_KEY_TYPE_IS_ECC( type ) )
+ TEST_ASSERT( bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
+ else if( PSA_KEY_TYPE_IS_RSA( type ) )
+ TEST_ASSERT( bits <= PSA_VENDOR_RSA_MAX_KEY_BITS );
+ TEST_ASSERT( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE );
+
+ ok = 1;
+
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
+ return( ok );
+}
+
+static int exercise_mac_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ const unsigned char input[] = "foo";
+ unsigned char mac[PSA_MAC_MAX_SIZE] = {0};
+ size_t mac_length = sizeof( mac );
+
+ /* Convert wildcard algorithm to exercisable algorithm */
+ if( alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG )
+ {
+ alg = PSA_ALG_TRUNCATED_MAC( alg, PSA_MAC_TRUNCATED_LENGTH( alg ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_SIGN_HASH )
+ {
+ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation,
+ input, sizeof( input ) ) );
+ PSA_ASSERT( psa_mac_sign_finish( &operation,
+ mac, sizeof( mac ),
+ &mac_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_VERIFY_HASH )
+ {
+ psa_status_t verify_status =
+ ( usage & PSA_KEY_USAGE_SIGN_HASH ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation,
+ input, sizeof( input ) ) );
+ TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ),
+ verify_status );
+ }
+
+ return( 1 );
+
+exit:
+ psa_mac_abort( &operation );
+ return( 0 );
+}
+
+static int exercise_cipher_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ unsigned char iv[16] = {0};
+ size_t iv_length = sizeof( iv );
+ const unsigned char plaintext[16] = "Hello, world...";
+ unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof( ciphertext );
+ unsigned char decrypted[sizeof( ciphertext )];
+ size_t part_length;
+
+ if( usage & PSA_KEY_USAGE_ENCRYPT )
+ {
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ PSA_ASSERT( psa_cipher_generate_iv( &operation,
+ iv, sizeof( iv ),
+ &iv_length ) );
+ PSA_ASSERT( psa_cipher_update( &operation,
+ plaintext, sizeof( plaintext ),
+ ciphertext, sizeof( ciphertext ),
+ &ciphertext_length ) );
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ ciphertext + ciphertext_length,
+ sizeof( ciphertext ) - ciphertext_length,
+ &part_length ) );
+ ciphertext_length += part_length;
+ }
+
+ if( usage & PSA_KEY_USAGE_DECRYPT )
+ {
+ psa_status_t status;
+ int maybe_invalid_padding = 0;
+ if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
+ {
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ /* This should be PSA_CIPHER_GET_IV_SIZE but the API doesn't
+ * have this macro yet. */
+ iv_length = PSA_BLOCK_CIPHER_BLOCK_LENGTH(
+ psa_get_key_type( &attributes ) );
+ maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg );
+ psa_reset_key_attributes( &attributes );
+ }
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, iv_length ) );
+ PSA_ASSERT( psa_cipher_update( &operation,
+ ciphertext, ciphertext_length,
+ decrypted, sizeof( decrypted ),
+ &part_length ) );
+ status = psa_cipher_finish( &operation,
+ decrypted + part_length,
+ sizeof( decrypted ) - part_length,
+ &part_length );
+ /* For a stream cipher, all inputs are valid. For a block cipher,
+ * if the input is some aribtrary data rather than an actual
+ ciphertext, a padding error is likely. */
+ if( maybe_invalid_padding )
+ TEST_ASSERT( status == PSA_SUCCESS ||
+ status == PSA_ERROR_INVALID_PADDING );
+ else
+ PSA_ASSERT( status );
+ }
+
+ return( 1 );
+
+exit:
+ psa_cipher_abort( &operation );
+ return( 0 );
+}
+
+static int exercise_aead_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ unsigned char nonce[16] = {0};
+ size_t nonce_length = sizeof( nonce );
+ unsigned char plaintext[16] = "Hello, world...";
+ unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof( ciphertext );
+ size_t plaintext_length = sizeof( ciphertext );
+
+ /* Convert wildcard algorithm to exercisable algorithm */
+ if( alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG )
+ {
+ alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) );
+ }
+
+ /* Default IV length for AES-GCM is 12 bytes */
+ if( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) ==
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ) )
+ {
+ nonce_length = 12;
+ }
+
+ /* IV length for CCM needs to be between 7 and 13 bytes */
+ if( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) ==
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ) )
+ {
+ nonce_length = 12;
+ }
+
+ if( usage & PSA_KEY_USAGE_ENCRYPT )
+ {
+ PSA_ASSERT( psa_aead_encrypt( key, alg,
+ nonce, nonce_length,
+ NULL, 0,
+ plaintext, sizeof( plaintext ),
+ ciphertext, sizeof( ciphertext ),
+ &ciphertext_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_DECRYPT )
+ {
+ psa_status_t verify_status =
+ ( usage & PSA_KEY_USAGE_ENCRYPT ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE );
+ TEST_EQUAL( psa_aead_decrypt( key, alg,
+ nonce, nonce_length,
+ NULL, 0,
+ ciphertext, ciphertext_length,
+ plaintext, sizeof( plaintext ),
+ &plaintext_length ),
+ verify_status );
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+static int exercise_signature_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ if( usage & ( PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ) )
+ {
+ unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
+ size_t payload_length = 16;
+ unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0};
+ size_t signature_length = sizeof( signature );
+ psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+
+ /* If the policy allows signing with any hash, just pick one. */
+ if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && hash_alg == PSA_ALG_ANY_HASH )
+ {
+ #if defined(KNOWN_SUPPORTED_HASH_ALG)
+ hash_alg = KNOWN_SUPPORTED_HASH_ALG;
+ alg ^= PSA_ALG_ANY_HASH ^ hash_alg;
+ #else
+ TEST_ASSERT( ! "No hash algorithm for hash-and-sign testing" );
+ #endif
+ }
+
+ /* Some algorithms require the payload to have the size of
+ * the hash encoded in the algorithm. Use this input size
+ * even for algorithms that allow other input sizes. */
+ if( hash_alg != 0 )
+ payload_length = PSA_HASH_LENGTH( hash_alg );
+
+ if( usage & PSA_KEY_USAGE_SIGN_HASH )
+ {
+ PSA_ASSERT( psa_sign_hash( key, alg,
+ payload, payload_length,
+ signature, sizeof( signature ),
+ &signature_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_VERIFY_HASH )
+ {
+ psa_status_t verify_status =
+ ( usage & PSA_KEY_USAGE_SIGN_HASH ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE );
+ TEST_EQUAL( psa_verify_hash( key, alg,
+ payload, payload_length,
+ signature, signature_length ),
+ verify_status );
+ }
+ }
+
+ if( usage & ( PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ) )
+ {
+ unsigned char message[256] = "Hello, world...";
+ unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0};
+ size_t message_length = 16;
+ size_t signature_length = sizeof( signature );
+
+ if( usage & PSA_KEY_USAGE_SIGN_MESSAGE )
+ {
+ PSA_ASSERT( psa_sign_message( key, alg,
+ message, message_length,
+ signature, sizeof( signature ),
+ &signature_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_VERIFY_MESSAGE )
+ {
+ psa_status_t verify_status =
+ ( usage & PSA_KEY_USAGE_SIGN_MESSAGE ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE );
+ TEST_EQUAL( psa_verify_message( key, alg,
+ message, message_length,
+ signature, signature_length ),
+ verify_status );
+ }
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+static int exercise_asymmetric_encryption_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ unsigned char plaintext[256] = "Hello, world...";
+ unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof( ciphertext );
+ size_t plaintext_length = 16;
+
+ if( usage & PSA_KEY_USAGE_ENCRYPT )
+ {
+ PSA_ASSERT( psa_asymmetric_encrypt( key, alg,
+ plaintext, plaintext_length,
+ NULL, 0,
+ ciphertext, sizeof( ciphertext ),
+ &ciphertext_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_DECRYPT )
+ {
+ psa_status_t status =
+ psa_asymmetric_decrypt( key, alg,
+ ciphertext, ciphertext_length,
+ NULL, 0,
+ plaintext, sizeof( plaintext ),
+ &plaintext_length );
+ TEST_ASSERT( status == PSA_SUCCESS ||
+ ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 &&
+ ( status == PSA_ERROR_INVALID_ARGUMENT ||
+ status == PSA_ERROR_INVALID_PADDING ) ) );
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+int mbedtls_test_psa_setup_key_derivation_wrap(
+ psa_key_derivation_operation_t* operation,
+ mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const unsigned char* input1, size_t input1_length,
+ const unsigned char* input2, size_t input2_length,
+ size_t capacity )
+{
+ PSA_ASSERT( psa_key_derivation_setup( operation, alg ) );
+ if( PSA_ALG_IS_HKDF( alg ) )
+ {
+ PSA_ASSERT( psa_key_derivation_input_bytes( operation,
+ PSA_KEY_DERIVATION_INPUT_SALT,
+ input1, input1_length ) );
+ PSA_ASSERT( psa_key_derivation_input_key( operation,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+ key ) );
+ PSA_ASSERT( psa_key_derivation_input_bytes( operation,
+ PSA_KEY_DERIVATION_INPUT_INFO,
+ input2,
+ input2_length ) );
+ }
+ else if( PSA_ALG_IS_TLS12_PRF( alg ) ||
+ PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
+ {
+ PSA_ASSERT( psa_key_derivation_input_bytes( operation,
+ PSA_KEY_DERIVATION_INPUT_SEED,
+ input1, input1_length ) );
+ PSA_ASSERT( psa_key_derivation_input_key( operation,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+ key ) );
+ PSA_ASSERT( psa_key_derivation_input_bytes( operation,
+ PSA_KEY_DERIVATION_INPUT_LABEL,
+ input2, input2_length ) );
+ }
+ else
+ {
+ TEST_ASSERT( ! "Key derivation algorithm not supported" );
+ }
+
+ if( capacity != SIZE_MAX )
+ PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) );
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+
+static int exercise_key_derivation_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+ unsigned char input1[] = "Input 1";
+ size_t input1_length = sizeof( input1 );
+ unsigned char input2[] = "Input 2";
+ size_t input2_length = sizeof( input2 );
+ unsigned char output[1];
+ size_t capacity = sizeof( output );
+
+ if( usage & PSA_KEY_USAGE_DERIVE )
+ {
+ if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg,
+ input1, input1_length,
+ input2, input2_length,
+ capacity ) )
+ goto exit;
+
+ PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
+ output,
+ capacity ) );
+ PSA_ASSERT( psa_key_derivation_abort( &operation ) );
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+/* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+psa_status_t mbedtls_test_psa_key_agreement_with_self(
+ psa_key_derivation_operation_t *operation,
+ mbedtls_svc_key_id_t key )
+{
+ psa_key_type_t private_key_type;
+ psa_key_type_t public_key_type;
+ size_t key_bits;
+ uint8_t *public_key = NULL;
+ size_t public_key_length;
+ /* Return GENERIC_ERROR if something other than the final call to
+ * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
+ * but it's good enough: callers will report it as a failed test anyway. */
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ private_key_type = psa_get_key_type( &attributes );
+ key_bits = psa_get_key_bits( &attributes );
+ public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
+ public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_key_type, key_bits );
+ ASSERT_ALLOC( public_key, public_key_length );
+ PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length,
+ &public_key_length ) );
+
+ status = psa_key_derivation_key_agreement(
+ operation, PSA_KEY_DERIVATION_INPUT_SECRET, key,
+ public_key, public_key_length );
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( public_key );
+ return( status );
+}
+
+/* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
+ psa_algorithm_t alg,
+ mbedtls_svc_key_id_t key )
+{
+ psa_key_type_t private_key_type;
+ psa_key_type_t public_key_type;
+ size_t key_bits;
+ uint8_t *public_key = NULL;
+ size_t public_key_length;
+ uint8_t output[1024];
+ size_t output_length;
+ /* Return GENERIC_ERROR if something other than the final call to
+ * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
+ * but it's good enough: callers will report it as a failed test anyway. */
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ private_key_type = psa_get_key_type( &attributes );
+ key_bits = psa_get_key_bits( &attributes );
+ public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
+ public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_key_type, key_bits );
+ ASSERT_ALLOC( public_key, public_key_length );
+ PSA_ASSERT( psa_export_public_key( key,
+ public_key, public_key_length,
+ &public_key_length ) );
+
+ status = psa_raw_key_agreement( alg, key,
+ public_key, public_key_length,
+ output, sizeof( output ), &output_length );
+ if ( status == PSA_SUCCESS )
+ {
+ TEST_ASSERT( output_length <=
+ PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( private_key_type,
+ key_bits ) );
+ TEST_ASSERT( output_length <=
+ PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE );
+ }
+
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( public_key );
+ return( status );
+}
+
+static int exercise_raw_key_agreement_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ int ok = 0;
+
+ if( usage & PSA_KEY_USAGE_DERIVE )
+ {
+ /* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+ PSA_ASSERT( mbedtls_test_psa_raw_key_agreement_with_self( alg, key ) );
+ }
+ ok = 1;
+
+exit:
+ return( ok );
+}
+
+static int exercise_key_agreement_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+ unsigned char output[1];
+ int ok = 0;
+
+ if( usage & PSA_KEY_USAGE_DERIVE )
+ {
+ /* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+ PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
+ PSA_ASSERT( mbedtls_test_psa_key_agreement_with_self( &operation, key ) );
+ PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
+ output,
+ sizeof( output ) ) );
+ PSA_ASSERT( psa_key_derivation_abort( &operation ) );
+ }
+ ok = 1;
+
+exit:
+ return( ok );
+}
+
+int mbedtls_test_psa_exported_key_sanity_check(
+ psa_key_type_t type, size_t bits,
+ const uint8_t *exported, size_t exported_length )
+{
+ TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE( type, bits ) );
+
+ if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
+ TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) );
+ else
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+ if( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
+ {
+ uint8_t *p = (uint8_t*) exported;
+ const uint8_t *end = exported + exported_length;
+ size_t len;
+ /* RSAPrivateKey ::= SEQUENCE {
+ * version INTEGER, -- must be 0
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER, -- e
+ * privateExponent INTEGER, -- d
+ * prime1 INTEGER, -- p
+ * prime2 INTEGER, -- q
+ * exponent1 INTEGER, -- d mod (p-1)
+ * exponent2 INTEGER, -- d mod (q-1)
+ * coefficient INTEGER, -- (inverse of q) mod p
+ * }
+ */
+ TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
+ MBEDTLS_ASN1_SEQUENCE |
+ MBEDTLS_ASN1_CONSTRUCTED ), 0 );
+ TEST_EQUAL( p + len, end );
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, 0, 0, 0 ) )
+ goto exit;
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) )
+ goto exit;
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, 2, bits, 1 ) )
+ goto exit;
+ /* Require d to be at least half the size of n. */
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits, 1 ) )
+ goto exit;
+ /* Require p and q to be at most half the size of n, rounded up. */
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
+ goto exit;
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
+ goto exit;
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+ goto exit;
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+ goto exit;
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+ goto exit;
+ TEST_EQUAL( p, end );
+
+ TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
+ }
+ else
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
+ {
+ /* Just the secret value */
+ TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) );
+
+ TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_RSA_C)
+ if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
+ {
+ uint8_t *p = (uint8_t*) exported;
+ const uint8_t *end = exported + exported_length;
+ size_t len;
+ /* RSAPublicKey ::= SEQUENCE {
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER } -- e
+ */
+ TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
+ MBEDTLS_ASN1_SEQUENCE |
+ MBEDTLS_ASN1_CONSTRUCTED ),
+ 0 );
+ TEST_EQUAL( p + len, end );
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) )
+ goto exit;
+ if( ! mbedtls_test_asn1_skip_integer( &p, end, 2, bits, 1 ) )
+ goto exit;
+ TEST_EQUAL( p, end );
+
+
+ TEST_ASSERT( exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( type, bits ) );
+ TEST_ASSERT( exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
+ }
+ else
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
+ {
+
+ TEST_ASSERT( exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( type, bits ) );
+ TEST_ASSERT( exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
+
+ if( PSA_KEY_TYPE_ECC_GET_FAMILY( type ) == PSA_ECC_FAMILY_MONTGOMERY )
+ {
+ /* The representation of an ECC Montgomery public key is
+ * the raw compressed point */
+ TEST_EQUAL( PSA_BITS_TO_BYTES( bits ), exported_length );
+ }
+ else
+ {
+ /* The representation of an ECC Weierstrass public key is:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - where m is the bit size associated with the curve.
+ */
+ TEST_EQUAL( 1 + 2 * PSA_BITS_TO_BYTES( bits ), exported_length );
+ TEST_EQUAL( exported[0], 4 );
+ }
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+
+ {
+ TEST_ASSERT( ! "Sanity check not implemented for this key type" );
+ }
+
+#if defined(MBEDTLS_DES_C)
+ if( type == PSA_KEY_TYPE_DES )
+ {
+ /* Check the parity bits. */
+ unsigned i;
+ for( i = 0; i < bits / 8; i++ )
+ {
+ unsigned bit_count = 0;
+ unsigned m;
+ for( m = 1; m <= 0x100; m <<= 1 )
+ {
+ if( exported[i] & m )
+ ++bit_count;
+ }
+ TEST_ASSERT( bit_count % 2 != 0 );
+ }
+ }
+#endif
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+static int exercise_export_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage )
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ uint8_t *exported = NULL;
+ size_t exported_size = 0;
+ size_t exported_length = 0;
+ int ok = 0;
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+
+ exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
+ psa_get_key_type( &attributes ),
+ psa_get_key_bits( &attributes ) );
+ ASSERT_ALLOC( exported, exported_size );
+
+ if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
+ ! PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( &attributes ) ) )
+ {
+ TEST_EQUAL( psa_export_key( key, exported,
+ exported_size, &exported_length ),
+ PSA_ERROR_NOT_PERMITTED );
+ ok = 1;
+ goto exit;
+ }
+
+ PSA_ASSERT( psa_export_key( key,
+ exported, exported_size,
+ &exported_length ) );
+ ok = mbedtls_test_psa_exported_key_sanity_check(
+ psa_get_key_type( &attributes ), psa_get_key_bits( &attributes ),
+ exported, exported_length );
+
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( exported );
+ return( ok );
+}
+
+static int exercise_export_public_key( mbedtls_svc_key_id_t key )
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_type_t public_type;
+ uint8_t *exported = NULL;
+ size_t exported_size = 0;
+ size_t exported_length = 0;
+ int ok = 0;
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type( &attributes ) ) )
+ {
+ exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
+ psa_get_key_type( &attributes ),
+ psa_get_key_bits( &attributes ) );
+ ASSERT_ALLOC( exported, exported_size );
+
+ TEST_EQUAL( psa_export_public_key( key, exported,
+ exported_size, &exported_length ),
+ PSA_ERROR_INVALID_ARGUMENT );
+ ok = 1;
+ goto exit;
+ }
+
+ public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(
+ psa_get_key_type( &attributes ) );
+ exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type,
+ psa_get_key_bits( &attributes ) );
+ ASSERT_ALLOC( exported, exported_size );
+
+ PSA_ASSERT( psa_export_public_key( key,
+ exported, exported_size,
+ &exported_length ) );
+ ok = mbedtls_test_psa_exported_key_sanity_check(
+ public_type, psa_get_key_bits( &attributes ),
+ exported, exported_length );
+
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( exported );
+ return( ok );
+}
+
+int mbedtls_test_psa_exercise_key( mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ int ok = 0;
+
+ if( ! check_key_attributes_sanity( key ) )
+ return( 0 );
+
+ if( alg == 0 )
+ ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
+ else if( PSA_ALG_IS_MAC( alg ) )
+ ok = exercise_mac_key( key, usage, alg );
+ else if( PSA_ALG_IS_CIPHER( alg ) )
+ ok = exercise_cipher_key( key, usage, alg );
+ else if( PSA_ALG_IS_AEAD( alg ) )
+ ok = exercise_aead_key( key, usage, alg );
+ else if( PSA_ALG_IS_SIGN( alg ) )
+ ok = exercise_signature_key( key, usage, alg );
+ else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
+ ok = exercise_asymmetric_encryption_key( key, usage, alg );
+ else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
+ ok = exercise_key_derivation_key( key, usage, alg );
+ else if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) )
+ ok = exercise_raw_key_agreement_key( key, usage, alg );
+ else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
+ ok = exercise_key_agreement_key( key, usage, alg );
+ else
+ TEST_ASSERT( ! "No code to exercise this category of algorithm" );
+
+ ok = ok && exercise_export_key( key, usage );
+ ok = ok && exercise_export_public_key( key );
+
+exit:
+ return( ok );
+}
+
+psa_key_usage_t mbedtls_test_psa_usage_to_exercise( psa_key_type_t type,
+ psa_algorithm_t alg )
+{
+ if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) )
+ {
+ if( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
+ {
+ if( PSA_ALG_SIGN_GET_HASH( alg ) )
+ return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+ PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:
+ PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH |
+ PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE );
+ }
+ else if( PSA_ALG_IS_SIGN_MESSAGE( alg) )
+ return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+ PSA_KEY_USAGE_VERIFY_MESSAGE :
+ PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE );
+
+ return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+ PSA_KEY_USAGE_VERIFY_HASH :
+ PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH );
+ }
+ else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ||
+ PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
+ {
+ return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+ PSA_KEY_USAGE_ENCRYPT :
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
+ }
+ else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ||
+ PSA_ALG_IS_KEY_AGREEMENT( alg ) )
+ {
+ return( PSA_KEY_USAGE_DERIVE );
+ }
+ else
+ {
+ return( 0 );
+ }
+
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/tests/src/random.c b/tests/src/random.c
index e01bd4d..7f3f401 100644
--- a/tests/src/random.c
+++ b/tests/src/random.c
@@ -35,6 +35,8 @@
#include <test/random.h>
#include <string.h>
+#include <mbedtls/entropy.h>
+
int mbedtls_test_rnd_std_rand( void *rng_state,
unsigned char *output,
size_t len )
@@ -91,8 +93,16 @@
}
if( len - use_len > 0 )
- return( mbedtls_test_rnd_std_rand( NULL, output + use_len,
- len - use_len ) );
+ {
+ if( info->fallback_f_rng != NULL )
+ {
+ return( info->fallback_f_rng( info->fallback_p_rng,
+ output + use_len,
+ len - use_len ) );
+ }
+ else
+ return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+ }
return( 0 );
}
diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c
new file mode 100644
index 0000000..ca91b79
--- /dev/null
+++ b/tests/src/threading_helpers.c
@@ -0,0 +1,223 @@
+/** Mutex usage verification framework. */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+
+#include "mbedtls/threading.h"
+
+/** Mutex usage verification framework.
+ *
+ * The mutex usage verification code below aims to detect bad usage of
+ * Mbed TLS's mutex abstraction layer at runtime. Note that this is solely
+ * about the use of the mutex itself, not about checking whether the mutex
+ * correctly protects whatever it is supposed to protect.
+ *
+ * The normal usage of a mutex is:
+ * ```
+ * digraph mutex_states {
+ * "UNINITIALIZED"; // the initial state
+ * "IDLE";
+ * "FREED";
+ * "LOCKED";
+ * "UNINITIALIZED" -> "IDLE" [label="init"];
+ * "FREED" -> "IDLE" [label="init"];
+ * "IDLE" -> "LOCKED" [label="lock"];
+ * "LOCKED" -> "IDLE" [label="unlock"];
+ * "IDLE" -> "FREED" [label="free"];
+ * }
+ * ```
+ *
+ * All bad transitions that can be unambiguously detected are reported.
+ * An attempt to use an uninitialized mutex cannot be detected in general
+ * since the memory content may happen to denote a valid state. For the same
+ * reason, a double init cannot be detected.
+ * All-bits-zero is the state of a freed mutex, which is distinct from an
+ * initialized mutex, so attempting to use zero-initialized memory as a mutex
+ * without calling the init function is detected.
+ *
+ * The framework attempts to detect missing calls to init and free by counting
+ * calls to init and free. If there are more calls to init than free, this
+ * means that a mutex is not being freed somewhere, which is a memory leak
+ * on platforms where a mutex consumes resources other than the
+ * mbedtls_threading_mutex_t object itself. If there are more calls to free
+ * than init, this indicates a missing init, which is likely to be detected
+ * by an attempt to lock the mutex as well. A limitation of this framework is
+ * that it cannot detect scenarios where there is exactly the same number of
+ * calls to init and free but the calls don't match. A bug like this is
+ * unlikely to happen uniformly throughout the whole test suite though.
+ *
+ * If an error is detected, this framework will report what happened and the
+ * test case will be marked as failed. Unfortunately, the error report cannot
+ * indicate the exact location of the problematic call. To locate the error,
+ * use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error().
+ */
+enum value_of_mutex_is_valid_field
+{
+ /* Potential values for the is_valid field of mbedtls_threading_mutex_t.
+ * Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for
+ * compatibility with threading_mutex_init_pthread() and
+ * threading_mutex_free_pthread(). MUTEX_LOCKED could be any nonzero
+ * value. */
+ MUTEX_FREED = 0, //!< Set by threading_mutex_free_pthread
+ MUTEX_IDLE = 1, //!< Set by threading_mutex_init_pthread and by our unlock
+ MUTEX_LOCKED = 2, //!< Set by our lock
+};
+
+typedef struct
+{
+ void (*init)( mbedtls_threading_mutex_t * );
+ void (*free)( mbedtls_threading_mutex_t * );
+ int (*lock)( mbedtls_threading_mutex_t * );
+ int (*unlock)( mbedtls_threading_mutex_t * );
+} mutex_functions_t;
+static mutex_functions_t mutex_functions;
+
+/** The total number of calls to mbedtls_mutex_init(), minus the total number
+ * of calls to mbedtls_mutex_free().
+ *
+ * Reset to 0 after each test case.
+ */
+static int live_mutexes;
+
+static void mbedtls_test_mutex_usage_error( mbedtls_threading_mutex_t *mutex,
+ const char *msg )
+{
+ (void) mutex;
+ if( mbedtls_test_info.mutex_usage_error == NULL )
+ mbedtls_test_info.mutex_usage_error = msg;
+ mbedtls_fprintf( stdout, "[mutex: %s] ", msg );
+ /* Don't mark the test as failed yet. This way, if the test fails later
+ * for a functional reason, the test framework will report the message
+ * and location for this functional reason. If the test passes,
+ * mbedtls_test_mutex_usage_check() will mark it as failed. */
+}
+
+static void mbedtls_test_wrap_mutex_init( mbedtls_threading_mutex_t *mutex )
+{
+ mutex_functions.init( mutex );
+ if( mutex->is_valid )
+ ++live_mutexes;
+}
+
+static void mbedtls_test_wrap_mutex_free( mbedtls_threading_mutex_t *mutex )
+{
+ switch( mutex->is_valid )
+ {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error( mutex, "free without init or double free" );
+ break;
+ case MUTEX_IDLE:
+ /* Do nothing. The underlying free function will reset is_valid
+ * to 0. */
+ break;
+ case MUTEX_LOCKED:
+ mbedtls_test_mutex_usage_error( mutex, "free without unlock" );
+ break;
+ default:
+ mbedtls_test_mutex_usage_error( mutex, "corrupted state" );
+ break;
+ }
+ if( mutex->is_valid )
+ --live_mutexes;
+ mutex_functions.free( mutex );
+}
+
+static int mbedtls_test_wrap_mutex_lock( mbedtls_threading_mutex_t *mutex )
+{
+ int ret = mutex_functions.lock( mutex );
+ switch( mutex->is_valid )
+ {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error( mutex, "lock without init" );
+ break;
+ case MUTEX_IDLE:
+ if( ret == 0 )
+ mutex->is_valid = 2;
+ break;
+ case MUTEX_LOCKED:
+ mbedtls_test_mutex_usage_error( mutex, "double lock" );
+ break;
+ default:
+ mbedtls_test_mutex_usage_error( mutex, "corrupted state" );
+ break;
+ }
+ return( ret );
+}
+
+static int mbedtls_test_wrap_mutex_unlock( mbedtls_threading_mutex_t *mutex )
+{
+ int ret = mutex_functions.unlock( mutex );
+ switch( mutex->is_valid )
+ {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error( mutex, "unlock without init" );
+ break;
+ case MUTEX_IDLE:
+ mbedtls_test_mutex_usage_error( mutex, "unlock without lock" );
+ break;
+ case MUTEX_LOCKED:
+ if( ret == 0 )
+ mutex->is_valid = MUTEX_IDLE;
+ break;
+ default:
+ mbedtls_test_mutex_usage_error( mutex, "corrupted state" );
+ break;
+ }
+ return( ret );
+}
+
+void mbedtls_test_mutex_usage_init( void )
+{
+ mutex_functions.init = mbedtls_mutex_init;
+ mutex_functions.free = mbedtls_mutex_free;
+ mutex_functions.lock = mbedtls_mutex_lock;
+ mutex_functions.unlock = mbedtls_mutex_unlock;
+ mbedtls_mutex_init = &mbedtls_test_wrap_mutex_init;
+ mbedtls_mutex_free = &mbedtls_test_wrap_mutex_free;
+ mbedtls_mutex_lock = &mbedtls_test_wrap_mutex_lock;
+ mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock;
+}
+
+void mbedtls_test_mutex_usage_check( void )
+{
+ if( live_mutexes != 0 )
+ {
+ /* A positive number (more init than free) means that a mutex resource
+ * is leaking (on platforms where a mutex consumes more than the
+ * mbedtls_threading_mutex_t object itself). The rare case of a
+ * negative number means a missing init somewhere. */
+ mbedtls_fprintf( stdout, "[mutex: %d leaked] ", live_mutexes );
+ live_mutexes = 0;
+ if( mbedtls_test_info.mutex_usage_error == NULL )
+ mbedtls_test_info.mutex_usage_error = "missing free";
+ }
+ if( mbedtls_test_info.mutex_usage_error != NULL &&
+ mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED )
+ {
+ /* Functionally, the test passed. But there was a mutex usage error,
+ * so mark the test as failed after all. */
+ mbedtls_test_fail( "Mutex usage error", __LINE__, __FILE__ );
+ }
+ mbedtls_test_info.mutex_usage_error = NULL;
+}
+
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index fcd73f2..f17f2fd 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -114,8 +114,8 @@
echo "Usage: $0 [options]"
printf " -h|--help\tPrint this help.\n"
printf " -m|--memcheck\tCheck memory leaks and errors.\n"
- printf " -f|--filter\tOnly matching tests are executed (BRE)\n"
- printf " -e|--exclude\tMatching tests are excluded (BRE)\n"
+ printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n"
+ printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n"
printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
printf " -s|--show-numbers\tShow test numbers in front of test names\n"
printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
@@ -178,6 +178,14 @@
;;
esac
+# Read boolean configuration options from config.h for easy and quick
+# testing. Skip non-boolean options (with something other than spaces
+# and a comment after "#define SYMBOL"). The variable contains a
+# space-separated list of symbols.
+CONFIGS_ENABLED=" $(<"$CONFIG_H" \
+ sed -n 's!^ *#define *\([A-Za-z][0-9A-Z_a-z]*\) *\(/*\)*!\1!p' |
+ tr '\n' ' ')"
+
# Skip next test; use this macro to skip tests which are legitimate
# in theory and expected to be re-introduced at some point, but
# aren't expected to succeed at the moment due to problems outside
@@ -188,16 +196,17 @@
# skip next test if the flag is not enabled in config.h
requires_config_enabled() {
- if grep "^#define $1" $CONFIG_H > /dev/null; then :; else
- SKIP_NEXT="YES"
- fi
+ case $CONFIGS_ENABLED in
+ *" $1 "*) :;;
+ *) SKIP_NEXT="YES";;
+ esac
}
# skip next test if the flag is enabled in config.h
requires_config_disabled() {
- if grep "^#define $1" $CONFIG_H > /dev/null; then
- SKIP_NEXT="YES"
- fi
+ case $CONFIGS_ENABLED in
+ *" $1 "*) SKIP_NEXT="YES";;
+ esac
}
get_config_value_or_default() {
@@ -233,12 +242,29 @@
fi
}
-requires_ciphersuite_enabled() {
- if [ -z "$($P_CLI --help 2>/dev/null | grep $1)" ]; then
- SKIP_NEXT="YES"
+requires_config_value_equals() {
+ VAL=$( get_config_value_or_default "$1" )
+ if [ -z "$VAL" ]; then
+ # Should never happen
+ echo "Mbed TLS configuration $1 is not defined"
+ exit 1
+ elif [ "$VAL" -ne "$2" ]; then
+ SKIP_NEXT="YES"
fi
}
+# Space-separated list of ciphersuites supported by this build of
+# Mbed TLS.
+P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
+ grep TLS- |
+ tr -s ' \n' ' ')"
+requires_ciphersuite_enabled() {
+ case $P_CIPHERSUITES in
+ *" $1 "*) :;;
+ *) SKIP_NEXT="YES";;
+ esac
+}
+
# maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...]
# If CMD (call to a TLS client or server program) requires a specific
# ciphersuite, arrange to only run the test case if this ciphersuite is
@@ -281,6 +307,12 @@
fi
}
+# skip next test if either IN_CONTENT_LEN or MAX_CONTENT_LEN are below a value
+requires_max_content_len() {
+ requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" $1
+ requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" $1
+}
+
# skip next test if GnuTLS isn't available
requires_gnutls() {
if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
@@ -359,10 +391,11 @@
}
# Calculate the input & output maximum content lengths set in the config
-MAX_CONTENT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384")
-MAX_IN_LEN=$( ../scripts/config.py get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
-MAX_OUT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
+MAX_CONTENT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_MAX_CONTENT_LEN" )
+MAX_IN_LEN=$( get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN" )
+MAX_OUT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN" )
+# Calculate the maximum content length that fits both
if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
MAX_CONTENT_LEN="$MAX_IN_LEN"
fi
@@ -462,17 +495,21 @@
# is_polar <cmd_line>
is_polar() {
- echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null
+ case "$1" in
+ *ssl_client2*) true;;
+ *ssl_server2*) true;;
+ *) false;;
+ esac
}
# openssl s_server doesn't have -www with DTLS
check_osrv_dtls() {
- if echo "$SRV_CMD" | grep 's_server.*-dtls' >/dev/null; then
- NEEDS_INPUT=1
- SRV_CMD="$( echo $SRV_CMD | sed s/-www// )"
- else
- NEEDS_INPUT=0
- fi
+ case "$SRV_CMD" in
+ *s_server*-dtls*)
+ NEEDS_INPUT=1
+ SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";;
+ *) NEEDS_INPUT=0;;
+ esac
}
# provide input to commands that need it
@@ -627,11 +664,25 @@
# check if the given command uses dtls and sets global variable DTLS
detect_dtls() {
- if echo "$1" | grep 'dtls=1\|-dtls1\|-u' >/dev/null; then
- DTLS=1
- else
- DTLS=0
- fi
+ case "$1" in
+ *dtls=1*|-dtls|-u) DTLS=1;;
+ *) DTLS=0;;
+ esac
+}
+
+# check if the given command uses gnutls and sets global variable CMD_IS_GNUTLS
+is_gnutls() {
+ case "$1" in
+ *gnutls-cli*)
+ CMD_IS_GNUTLS=1
+ ;;
+ *gnutls-serv*)
+ CMD_IS_GNUTLS=1
+ ;;
+ *)
+ CMD_IS_GNUTLS=0
+ ;;
+ esac
}
# Compare file content
@@ -665,8 +716,7 @@
NAME="$1"
shift 1
- if echo "$NAME" | grep "$FILTER" | grep -v "$EXCLUDE" >/dev/null; then :
- else
+ if is_excluded "$NAME"; then
SKIP_NEXT="NO"
# There was no request to run the test, so don't record its outcome.
return
@@ -675,10 +725,11 @@
print_name "$NAME"
# Do we only run numbered tests?
- if [ "X$RUN_TEST_NUMBER" = "X" ]; then :
- elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then :
- else
- SKIP_NEXT="YES"
+ if [ -n "$RUN_TEST_NUMBER" ]; then
+ case ",$RUN_TEST_NUMBER," in
+ *",$TESTS,"*) :;;
+ *) SKIP_NEXT="YES";;
+ esac
fi
# does this test use a proxy?
@@ -696,10 +747,10 @@
shift 3
# Check if test uses files
- TEST_USES_FILES=$(echo "$SRV_CMD $CLI_CMD" | grep "\.\(key\|crt\|pem\)" )
- if [ ! -z "$TEST_USES_FILES" ]; then
- requires_config_enabled MBEDTLS_FS_IO
- fi
+ case "$SRV_CMD $CLI_CMD" in
+ *data_files/*)
+ requires_config_enabled MBEDTLS_FS_IO;;
+ esac
# If the client or serve requires a ciphersuite, check that it's enabled.
maybe_requires_ciphersuite_enabled "$SRV_CMD" "$@"
@@ -726,6 +777,30 @@
esac
fi
+ # update CMD_IS_GNUTLS variable
+ is_gnutls "$SRV_CMD"
+
+ # if the server uses gnutls but doesn't set priority, explicitly
+ # set the default priority
+ if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
+ case "$SRV_CMD" in
+ *--priority*) :;;
+ *) SRV_CMD="$SRV_CMD --priority=NORMAL";;
+ esac
+ fi
+
+ # update CMD_IS_GNUTLS variable
+ is_gnutls "$CLI_CMD"
+
+ # if the client uses gnutls but doesn't set priority, explicitly
+ # set the default priority
+ if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
+ case "$CLI_CMD" in
+ *--priority*) :;;
+ *) CLI_CMD="$CLI_CMD --priority=NORMAL";;
+ esac
+ fi
+
# fix client port
if [ -n "$PXY_CMD" ]; then
CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )
@@ -770,6 +845,7 @@
# terminate the server (and the proxy)
kill $SRV_PID
wait $SRV_PID
+ SRV_RET=$?
if [ -n "$PXY_CMD" ]; then
kill $PXY_PID >/dev/null 2>&1
@@ -803,9 +879,11 @@
fi
fi
- # check server exit code
- if [ $? != 0 ]; then
- fail "server fail"
+ # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't
+ # exit with status 0 when interrupted by a signal, and we don't really
+ # care anyway), in case e.g. the server reports a memory leak.
+ if [ $SRV_RET != 0 ] && is_polar "$SRV_CMD"; then
+ fail "Server exited with status $SRV_RET"
return
fi
@@ -975,7 +1053,7 @@
run_test_memory_after_hanshake_with_mfl()
{
# The test passes if the difference is around 2*(16k-MFL)
- local MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))"
+ MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))"
# Leave some margin for robustness
MEMORY_USAGE_LIMIT="$(( ( MEMORY_USAGE_LIMIT * 110 ) / 100 ))"
@@ -1037,6 +1115,46 @@
get_options "$@"
+# Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell
+# patterns rather than regular expressions, use a case statement instead
+# of calling grep. To keep the optimizer simple, it is incomplete and only
+# detects simple cases: plain substring, everything, nothing.
+#
+# As an exception, the character '.' is treated as an ordinary character
+# if it is the only special character in the string. This is because it's
+# rare to need "any one character", but needing a literal '.' is common
+# (e.g. '-f "DTLS 1.2"').
+need_grep=
+case "$FILTER" in
+ '^$') simple_filter=;;
+ '.*') simple_filter='*';;
+ *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
+ need_grep=1;;
+ *) # No regexp or shell-pattern special character
+ simple_filter="*$FILTER*";;
+esac
+case "$EXCLUDE" in
+ '^$') simple_exclude=;;
+ '.*') simple_exclude='*';;
+ *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
+ need_grep=1;;
+ *) # No regexp or shell-pattern special character
+ simple_exclude="*$EXCLUDE*";;
+esac
+if [ -n "$need_grep" ]; then
+ is_excluded () {
+ ! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE"
+ }
+else
+ is_excluded () {
+ case "$1" in
+ $simple_exclude) true;;
+ $simple_filter) false;;
+ *) true;;
+ esac
+ }
+fi
+
# sanity checks, avoid an avalanche of errors
P_SRV_BIN="${P_SRV%%[ ]*}"
P_CLI_BIN="${P_CLI%%[ ]*}"
@@ -1097,7 +1215,7 @@
P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT"
P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT"
P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}"
-O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
+O_SRV="$O_SRV -accept $SRV_PORT"
O_CLI="$O_CLI -connect localhost:+SRV_PORT"
G_SRV="$G_SRV -p $SRV_PORT"
G_CLI="$G_CLI -p +SRV_PORT"
@@ -1264,8 +1382,13 @@
run_test_psa_force_curve "brainpoolP256r1"
requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED
run_test_psa_force_curve "secp224r1"
-requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED
-run_test_psa_force_curve "secp224k1"
+## SECP224K1 is buggy via the PSA API
+## (https://github.com/ARMmbed/mbedtls/issues/3541),
+## so it is disabled in PSA even when it's enabled in Mbed TLS.
+## The proper dependency would be on PSA_WANT_ECC_SECP_K1_224 but
+## dependencies on PSA symbols in ssl-opt.sh are not implemented yet.
+#requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#run_test_psa_force_curve "secp224k1"
requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED
run_test_psa_force_curve "secp192r1"
requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED
@@ -1356,19 +1479,12 @@
# Tests for SHA-1 support
-requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
run_test "SHA-1 forbidden by default in server certificate" \
"$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
"$P_CLI debug_level=2 allow_sha1=0" \
1 \
-c "The certificate is signed with an unacceptable hash"
-requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-run_test "SHA-1 allowed by default in server certificate" \
- "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
- "$P_CLI debug_level=2 allow_sha1=0" \
- 0
-
run_test "SHA-1 explicitly allowed in server certificate" \
"$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
"$P_CLI allow_sha1=1" \
@@ -1379,19 +1495,12 @@
"$P_CLI allow_sha1=0" \
0
-requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
run_test "SHA-1 forbidden by default in client certificate" \
"$P_SRV auth_mode=required allow_sha1=0" \
"$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1 \
-s "The certificate is signed with an unacceptable hash"
-requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-run_test "SHA-1 allowed by default in client certificate" \
- "$P_SRV auth_mode=required allow_sha1=0" \
- "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
- 0
-
run_test "SHA-1 explicitly allowed in client certificate" \
"$P_SRV auth_mode=required allow_sha1=1" \
"$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
@@ -2298,8 +2407,12 @@
-c "ignoring unexpected CID" \
-s "ignoring unexpected CID"
+# This and the test below it require MAX_CONTENT_LEN to be at least MFL+1, because the
+# tests check that the buffer contents are reallocated when the message is
+# larger than the buffer.
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+requires_max_content_len 513
run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \
"$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
"$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_val=beef" \
@@ -2313,6 +2426,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+requires_max_content_len 1025
run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" \
"$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
"$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_val=beef" \
@@ -3046,15 +3160,6 @@
# Tests for Max Fragment Length extension
-if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
- printf '%s defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}"
- exit 1
-fi
-
-if [ $MAX_CONTENT_LEN -ne 16384 ]; then
- echo "Using non-default maximum content length $MAX_CONTENT_LEN"
-fi
-
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: enabled, default" \
"$P_SRV debug_level=3" \
@@ -3119,7 +3224,7 @@
-s "1 bytes read"
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-run_test "Max fragment length DTLS: disabled, larger message" \
+run_test "Max fragment length, DTLS: disabled, larger message" \
"$P_SRV debug_level=3 dtls=1" \
"$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
1 \
@@ -3129,6 +3234,7 @@
-S "Maximum output fragment length is 16384" \
-c "fragment larger than.*maximum "
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: used by client" \
"$P_SRV debug_level=3" \
@@ -3143,6 +3249,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 1024
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 512, server 1024" \
"$P_SRV debug_level=3 max_frag_len=1024" \
@@ -3157,6 +3264,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 512, server 2048" \
"$P_SRV debug_level=3 max_frag_len=2048" \
@@ -3171,6 +3279,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 512, server 4096" \
"$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3185,6 +3294,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 1024
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 1024, server 512" \
"$P_SRV debug_level=3 max_frag_len=512" \
@@ -3199,6 +3309,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 1024, server 2048" \
"$P_SRV debug_level=3 max_frag_len=2048" \
@@ -3213,6 +3324,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 1024, server 4096" \
"$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3227,6 +3339,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 2048, server 512" \
"$P_SRV debug_level=3 max_frag_len=512" \
@@ -3241,6 +3354,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 2048, server 1024" \
"$P_SRV debug_level=3 max_frag_len=1024" \
@@ -3255,6 +3369,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 2048, server 4096" \
"$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3269,6 +3384,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 4096, server 512" \
"$P_SRV debug_level=3 max_frag_len=512" \
@@ -3283,6 +3399,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 4096, server 1024" \
"$P_SRV debug_level=3 max_frag_len=1024" \
@@ -3297,6 +3414,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 4096, server 2048" \
"$P_SRV debug_level=3 max_frag_len=2048" \
@@ -3311,6 +3429,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: used by server" \
"$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3325,6 +3444,7 @@
-S "server hello, max_fragment_length extension" \
-C "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
requires_gnutls
run_test "Max fragment length: gnutls server" \
@@ -3336,6 +3456,7 @@
-c "client hello, adding max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client, message just fits" \
"$P_SRV debug_level=3" \
@@ -3352,6 +3473,7 @@
-c "2048 bytes written in 1 fragments" \
-s "2048 bytes read"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client, larger message" \
"$P_SRV debug_level=3" \
@@ -3369,6 +3491,7 @@
-s "2048 bytes read" \
-s "297 bytes read"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: DTLS client, larger message" \
"$P_SRV debug_level=3 dtls=1" \
@@ -3480,6 +3603,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "Renegotiation with max fragment length: client 2048, server 512" \
"$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \
"$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -4199,24 +4323,17 @@
-C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed"
-# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its
-# default value (8)
+# This script assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA has its default
+# value, defined here as MAX_IM_CA. Some test cases will be skipped if the
+# library is configured with a different value.
MAX_IM_CA='8'
-MAX_IM_CA_CONFIG=$( ../scripts/config.py get MBEDTLS_X509_MAX_INTERMEDIATE_CA)
-if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
- cat <<EOF
-${CONFIG_H} contains a value for the configuration of
-MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script's
-test value of ${MAX_IM_CA}.
-
-The tests assume this value and if it changes, the tests in this
-script should also be adjusted.
-EOF
- exit 1
-fi
-
+# The tests for the max_int tests can pass with any number higher than MAX_IM_CA
+# because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1
+# tests can pass with any number less than MAX_IM_CA. However, stricter preconditions
+# are in place so that the semantics are consistent with the test description.
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: server max_int chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
@@ -4225,6 +4342,7 @@
0 \
-C "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -4233,6 +4351,7 @@
1 \
-c "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client optional" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -4242,6 +4361,7 @@
1 \
-c "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client none" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -4251,6 +4371,7 @@
0 \
-C "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server default" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
@@ -4259,6 +4380,7 @@
0 \
-S "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server optional" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
@@ -4267,6 +4389,7 @@
1 \
-s "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server required" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
@@ -4275,6 +4398,7 @@
1 \
-s "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: client max_int chain, server required" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
@@ -4452,6 +4576,7 @@
-C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int chain, client default" \
@@ -4462,6 +4587,7 @@
-c "use CA callback for X.509 CRT verification" \
-C "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int+1 chain, client default" \
@@ -4472,6 +4598,7 @@
-c "use CA callback for X.509 CRT verification" \
-c "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int+1 chain, client optional" \
@@ -4483,6 +4610,7 @@
-c "use CA callback for X.509 CRT verification" \
-c "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int+1 chain, server optional" \
@@ -4493,6 +4621,7 @@
-s "use CA callback for X.509 CRT verification" \
-s "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int+1 chain, server required" \
@@ -4503,6 +4632,7 @@
-s "use CA callback for X.509 CRT verification" \
-s "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int chain, server required" \
@@ -5490,6 +5620,20 @@
0 \
-C "DHM prime too short:"
+run_test "DHM size: server 999, client 999, OK" \
+ "$P_SRV dhm_file=data_files/dh.999.pem" \
+ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+ debug_level=1 dhmlen=999" \
+ 0 \
+ -C "DHM prime too short:"
+
+run_test "DHM size: server 1000, client 1000, OK" \
+ "$P_SRV dhm_file=data_files/dh.1000.pem" \
+ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+ debug_level=1 dhmlen=1000" \
+ 0 \
+ -C "DHM prime too short:"
+
run_test "DHM size: server 1000, client default, rejected" \
"$P_SRV dhm_file=data_files/dh.1000.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
@@ -5497,6 +5641,27 @@
1 \
-c "DHM prime too short:"
+run_test "DHM size: server 1000, client 1001, rejected" \
+ "$P_SRV dhm_file=data_files/dh.1000.pem" \
+ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+ debug_level=1 dhmlen=1001" \
+ 1 \
+ -c "DHM prime too short:"
+
+run_test "DHM size: server 999, client 1000, rejected" \
+ "$P_SRV dhm_file=data_files/dh.999.pem" \
+ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+ debug_level=1 dhmlen=1000" \
+ 1 \
+ -c "DHM prime too short:"
+
+run_test "DHM size: server 998, client 999, rejected" \
+ "$P_SRV dhm_file=data_files/dh.998.pem" \
+ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+ debug_level=1 dhmlen=999" \
+ 1 \
+ -c "DHM prime too short:"
+
run_test "DHM size: server default, client 2049, rejected" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
@@ -5852,7 +6017,7 @@
-S "SSL - Verification of the message MAC failed"
server_needs_more_time 1
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: password mismatch, TLS" \
"$P_SRV debug_level=3 ecjpake_pw=bla" \
"$P_CLI debug_level=3 ecjpake_pw=bad \
@@ -5861,7 +6026,7 @@
-C "re-using cached ecjpake parameters" \
-s "SSL - Verification of the message MAC failed"
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: working, DTLS" \
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
"$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
@@ -5870,7 +6035,7 @@
-c "re-using cached ecjpake parameters" \
-S "SSL - Verification of the message MAC failed"
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: working, DTLS, no cookie" \
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \
"$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
@@ -5880,7 +6045,7 @@
-S "SSL - Verification of the message MAC failed"
server_needs_more_time 1
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: password mismatch, DTLS" \
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
"$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \
@@ -5890,7 +6055,7 @@
-s "SSL - Verification of the message MAC failed"
# for tests with configs/config-thread.h
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: working, DTLS, nolog" \
"$P_SRV dtls=1 ecjpake_pw=bla" \
"$P_CLI dtls=1 ecjpake_pw=bla \
@@ -6537,8 +6702,8 @@
-c "Read from server: 1 bytes read"
# A test for extensions in SSLv3
-
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+requires_max_content_len 4096
run_test "SSLv3 with extensions, server side" \
"$P_SRV min_version=ssl3 debug_level=3" \
"$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \
@@ -6787,6 +6952,7 @@
-s "Read from client: $MAX_CONTENT_LEN bytes read"
# Test for large server packets
+# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
run_test "Large server packet SSLv3 StreamCipher" \
"$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
@@ -7808,6 +7974,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 4096
run_test "DTLS fragmenting: none (for reference)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -7828,6 +7995,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: server only (max_frag_len)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -7852,6 +8020,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 4096
run_test "DTLS fragmenting: server only (more) (max_frag_len)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -7872,6 +8041,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=none \
crt_file=data_files/server7_int-ca.crt \
@@ -7899,6 +8069,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
-p "$P_PXY mtu=1110" \
"$P_SRV dtls=1 debug_level=2 auth_mode=none \
@@ -7920,6 +8091,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -7947,6 +8119,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
-p "$P_PXY mtu=1110" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7967,6 +8140,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 4096
run_test "DTLS fragmenting: none (for reference) (MTU)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -7986,6 +8160,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 4096
run_test "DTLS fragmenting: client (MTU)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -8005,6 +8180,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: server (MTU)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -8024,6 +8200,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: both (MTU=1024)" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8046,9 +8223,10 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: both (MTU=512)" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8077,9 +8255,10 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
-p "$P_PXY mtu=508" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8101,9 +8280,10 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
-p "$P_PXY mtu=508" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8127,6 +8307,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8153,9 +8334,10 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8179,6 +8361,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8202,9 +8385,10 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8238,9 +8422,10 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
-p "$P_PXY mtu=1450" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8267,9 +8452,10 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_CHACHAPOLY_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8298,10 +8484,11 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8330,10 +8517,11 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8362,11 +8550,12 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8395,10 +8584,11 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8424,10 +8614,11 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
client_needs_more_time 2
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU + 3d" \
-p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
"$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \
@@ -8448,10 +8639,11 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
client_needs_more_time 2
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
-p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8477,6 +8669,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_gnutls
+requires_max_content_len 2048
run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
"$G_SRV -u" \
"$P_CLI dtls=1 debug_level=2 \
@@ -8492,6 +8685,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
requires_gnutls
+requires_max_content_len 2048
run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \
"$G_SRV -u" \
"$P_CLI dtls=1 debug_level=2 \
@@ -8515,6 +8709,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_gnutls
requires_not_i686
+requires_max_content_len 2048
run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
@@ -8531,6 +8726,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
requires_gnutls
requires_not_i686
+requires_max_content_len 2048
run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
@@ -8544,6 +8740,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_max_content_len 2048
run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
"$O_SRV -dtls1_2 -verify 10" \
"$P_CLI dtls=1 debug_level=2 \
@@ -8558,6 +8755,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+requires_max_content_len 2048
run_test "DTLS fragmenting: openssl server, DTLS 1.0" \
"$O_SRV -dtls1 -verify 10" \
"$P_CLI dtls=1 debug_level=2 \
@@ -8572,6 +8770,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_max_content_len 2048
run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
@@ -8585,6 +8784,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+requires_max_content_len 2048
run_test "DTLS fragmenting: openssl client, DTLS 1.0" \
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
@@ -8604,6 +8804,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$G_NEXT_SRV -u" \
@@ -8621,6 +8822,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$G_NEXT_SRV -u" \
@@ -8638,6 +8840,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 \
@@ -8654,6 +8857,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 \
@@ -8675,6 +8879,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$O_SRV -dtls1_2 -verify 10" \
@@ -8692,6 +8897,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$O_SRV -dtls1 -verify 10" \
@@ -8709,6 +8915,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 \
@@ -8727,6 +8934,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$P_SRV dgram_packing=0 dtls=1 debug_level=2 \
@@ -9807,6 +10015,7 @@
requires_config_enabled MBEDTLS_MEMORY_DEBUG
requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 16384
run_tests_memory_after_hanshake
# Final report
diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index aafcf5c..91ad925 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -5,6 +5,7 @@
#include <test/macros.h>
#include <test/helpers.h>
#include <test/random.h>
+#include <test/psa_crypto_helpers.h>
#include <stdlib.h>
@@ -75,292 +76,8 @@
build */
/*----------------------------------------------------------------------------*/
-/* Macros */
-
-/**
- * \brief This macro tests the expression passed to it as a test step or
- * individual test in a test case.
- *
- * It allows a library function to return a value and return an error
- * code that can be tested.
- *
- * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
- * callback, MBEDTLS_PARAM_FAILED(), will be assumed to be a test
- * failure.
- *
- * This macro is not suitable for negative parameter validation tests,
- * as it assumes the test step will not create an error.
- *
- * Failing the test means:
- * - Mark this test case as failed.
- * - Print a message identifying the failure.
- * - Jump to the \c exit label.
- *
- * This macro expands to an instruction, not an expression.
- * It may jump to the \c exit label.
- *
- * \param TEST The test expression to be tested.
- */
-#define TEST_ASSERT( TEST ) \
- do { \
- if( ! (TEST) ) \
- { \
- test_fail( #TEST, __LINE__, __FILE__ ); \
- goto exit; \
- } \
- } while( 0 )
-
-/** Evaluate two expressions and fail the test case if they have different
- * values.
- *
- * \param expr1 An expression to evaluate.
- * \param expr2 The expected value of \p expr1. This can be any
- * expression, but it is typically a constant.
- */
-#define TEST_EQUAL( expr1, expr2 ) \
- TEST_ASSERT( ( expr1 ) == ( expr2 ) )
-
-/** Allocate memory dynamically and fail the test case if this fails.
- * The allocated memory will be filled with zeros.
- *
- * You must set \p pointer to \c NULL before calling this macro and
- * put `mbedtls_free( pointer )` in the test's cleanup code.
- *
- * If \p length is zero, the resulting \p pointer will be \c NULL.
- * This is usually what we want in tests since API functions are
- * supposed to accept null pointers when a buffer size is zero.
- *
- * This macro expands to an instruction, not an expression.
- * It may jump to the \c exit label.
- *
- * \param pointer An lvalue where the address of the allocated buffer
- * will be stored.
- * This expression may be evaluated multiple times.
- * \param length Number of elements to allocate.
- * This expression may be evaluated multiple times.
- *
- */
-#define ASSERT_ALLOC( pointer, length ) \
- do \
- { \
- TEST_ASSERT( ( pointer ) == NULL ); \
- if( ( length ) != 0 ) \
- { \
- ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
- ( length ) ); \
- TEST_ASSERT( ( pointer ) != NULL ); \
- } \
- } \
- while( 0 )
-
-/** Allocate memory dynamically. If the allocation fails, skip the test case.
- *
- * This macro behaves like #ASSERT_ALLOC, except that if the allocation
- * fails, it marks the test as skipped rather than failed.
- */
-#define ASSERT_ALLOC_WEAK( pointer, length ) \
- do \
- { \
- TEST_ASSERT( ( pointer ) == NULL ); \
- if( ( length ) != 0 ) \
- { \
- ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
- ( length ) ); \
- TEST_ASSUME( ( pointer ) != NULL ); \
- } \
- } \
- while( 0 )
-
-/** Compare two buffers and fail the test case if they differ.
- *
- * This macro expands to an instruction, not an expression.
- * It may jump to the \c exit label.
- *
- * \param p1 Pointer to the start of the first buffer.
- * \param size1 Size of the first buffer in bytes.
- * This expression may be evaluated multiple times.
- * \param p2 Pointer to the start of the second buffer.
- * \param size2 Size of the second buffer in bytes.
- * This expression may be evaluated multiple times.
- */
-#define ASSERT_COMPARE( p1, size1, p2, size2 ) \
- do \
- { \
- TEST_ASSERT( ( size1 ) == ( size2 ) ); \
- if( ( size1 ) != 0 ) \
- TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 ); \
- } \
- while( 0 )
-
-/**
- * \brief This macro tests the expression passed to it and skips the
- * running test if it doesn't evaluate to 'true'.
- *
- * \param TEST The test expression to be tested.
- */
-#define TEST_ASSUME( TEST ) \
- do { \
- if( ! (TEST) ) \
- { \
- test_skip( #TEST, __LINE__, __FILE__ ); \
- goto exit; \
- } \
- } while( 0 )
-
-#if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT)
-/**
- * \brief This macro tests the statement passed to it as a test step or
- * individual test in a test case. The macro assumes the test will fail
- * and will generate an error.
- *
- * It allows a library function to return a value and tests the return
- * code on return to confirm the given error code was returned.
- *
- * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
- * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
- * expected failure, and the test will pass.
- *
- * This macro is intended for negative parameter validation tests,
- * where the failing function may return an error value or call
- * MBEDTLS_PARAM_FAILED() to indicate the error.
- *
- * \param PARAM_ERROR_VALUE The expected error code.
- *
- * \param TEST The test expression to be tested.
- */
-#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST ) \
- do { \
- mbedtls_test_param_failed_expect_call( ); \
- if( ( ( TEST ) != ( PARAM_ERR_VALUE ) ) || \
- ( mbedtls_test_param_failed_check_expected_call( ) != 0 ) ) \
- { \
- test_fail( #TEST, __LINE__, __FILE__ ); \
- goto exit; \
- } \
- mbedtls_test_param_failed_check_expected_call( ); \
- } while( 0 )
-
-/**
- * \brief This macro tests the statement passed to it as a test step or
- * individual test in a test case. The macro assumes the test will fail
- * and will generate an error.
- *
- * It assumes the library function under test cannot return a value and
- * assumes errors can only be indicated byt calls to
- * MBEDTLS_PARAM_FAILED().
- *
- * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
- * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
- * expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test
- * can be made.
- *
- * This macro is intended for negative parameter validation tests,
- * where the failing function can only return an error by calling
- * MBEDTLS_PARAM_FAILED() to indicate the error.
- *
- * \param TEST The test expression to be tested.
- */
-#define TEST_INVALID_PARAM( TEST ) \
- do { \
- memcpy( jmp_tmp, mbedtls_test_param_failed_get_state_buf( ), \
- sizeof( jmp_tmp ) ); \
- if( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) \
- { \
- TEST; \
- test_fail( #TEST, __LINE__, __FILE__ ); \
- goto exit; \
- } \
- mbedtls_test_param_failed_reset_state( ); \
- } while( 0 )
-#endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */
-
-/**
- * \brief This macro tests the statement passed to it as a test step or
- * individual test in a test case. The macro assumes the test will not fail.
- *
- * It assumes the library function under test cannot return a value and
- * assumes errors can only be indicated by calls to
- * MBEDTLS_PARAM_FAILED().
- *
- * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
- * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
- * expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test
- * can be made.
- *
- * This macro is intended to test that functions returning void
- * accept all of the parameter values they're supposed to accept - eg
- * that they don't call MBEDTLS_PARAM_FAILED() when a parameter
- * that's allowed to be NULL happens to be NULL.
- *
- * Note: for functions that return something other that void,
- * checking that they accept all the parameters they're supposed to
- * accept is best done by using TEST_ASSERT() and checking the return
- * value as well.
- *
- * Note: this macro is available even when #MBEDTLS_CHECK_PARAMS is
- * disabled, as it makes sense to check that the functions accept all
- * legal values even if this option is disabled - only in that case,
- * the test is more about whether the function segfaults than about
- * whether it invokes MBEDTLS_PARAM_FAILED().
- *
- * \param TEST The test expression to be tested.
- */
-#define TEST_VALID_PARAM( TEST ) \
- TEST_ASSERT( ( TEST, 1 ) );
-
-/** Allocate memory dynamically and fail the test case if this fails.
- *
- * You must set \p pointer to \c NULL before calling this macro and
- * put `mbedtls_free( pointer )` in the test's cleanup code.
- *
- * If \p length is zero, the resulting \p pointer will be \c NULL.
- * This is usually what we want in tests since API functions are
- * supposed to accept null pointers when a buffer size is zero.
- *
- * This macro expands to an instruction, not an expression.
- * It may jump to the \c exit label.
- *
- * \param pointer An lvalue where the address of the allocated buffer
- * will be stored.
- * This expression may be evaluated multiple times.
- * \param length Number of elements to allocate.
- * This expression may be evaluated multiple times.
- *
- */
-#define ASSERT_ALLOC( pointer, length ) \
- do \
- { \
- TEST_ASSERT( ( pointer ) == NULL ); \
- if( ( length ) != 0 ) \
- { \
- ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
- ( length ) ); \
- TEST_ASSERT( ( pointer ) != NULL ); \
- } \
- } \
- while( 0 )
-
-/*----------------------------------------------------------------------------*/
/* Global variables */
-typedef enum
-{
- TEST_RESULT_SUCCESS = 0,
- TEST_RESULT_FAILED,
- TEST_RESULT_SKIPPED
-} test_result_t;
-
-typedef struct
-{
- test_result_t result;
- const char *test;
- const char *filename;
- int line_no;
- unsigned long step;
-}
-test_info_t;
-static test_info_t test_info;
-
#if defined(MBEDTLS_CHECK_PARAMS)
jmp_buf jmp_tmp;
#endif
@@ -383,40 +100,25 @@
/*----------------------------------------------------------------------------*/
/* Helper Functions */
-/** Set the test step number for failure reports.
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+/** Check that no PSA Crypto key slots are in use.
*
- * Call this function to display "step NNN" in addition to the line number
- * and file name if a test fails. Typically the "step number" is the index
- * of a for loop but it can be whatever you want.
+ * If any slots are in use, mark the current test as failed.
*
- * \param step The step number to report.
+ * \return 0 if the key store is empty, 1 otherwise.
*/
-void test_set_step( unsigned long step )
+int test_fail_if_psa_leaking( int line_no, const char *filename )
{
- test_info.step = step;
-}
-
-void test_fail( const char *test, int line_no, const char* filename )
-{
- if( test_info.result == TEST_RESULT_FAILED )
+ const char *msg = mbedtls_test_helper_is_psa_leaking( );
+ if( msg == NULL )
+ return 0;
+ else
{
- /* We've already recorded the test as having failed. Don't
- * overwrite any previous information about the failure. */
- return;
+ mbedtls_test_fail( msg, line_no, filename );
+ return 1;
}
- test_info.result = TEST_RESULT_FAILED;
- test_info.test = test;
- test_info.line_no = line_no;
- test_info.filename = filename;
}
-
-void test_skip( const char *test, int line_no, const char* filename )
-{
- test_info.result = TEST_RESULT_SKIPPED;
- test_info.test = test;
- test_info.line_no = line_no;
- test_info.filename = filename;
-}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_C) */
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
static int redirect_output( FILE* out_stream, const char* path )
diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
index 872a3a4..a5fd717 100644
--- a/tests/suites/host_test.function
+++ b/tests/suites/host_test.function
@@ -33,7 +33,7 @@
*
* \return 0 if success else 1
*/
-int verify_int( char *str, int *value )
+int verify_int( char *str, int32_t *value )
{
size_t i;
int minus = 0;
@@ -238,7 +238,7 @@
*
* \return 0 for success else 1
*/
-static int convert_params( size_t cnt , char ** params , int * int_params_store )
+static int convert_params( size_t cnt , char ** params , int32_t * int_params_store )
{
char ** cur = params;
char ** out = params;
@@ -360,8 +360,6 @@
/**
* \brief Tests snprintf implementation.
*
- * \param none
- *
* \return 0 for success else 1
*/
static int run_test_snprintf( void )
@@ -428,15 +426,15 @@
* \param unmet_dependencies The array of unmet dependencies.
* \param missing_unmet_dependencies Non-zero if there was a problem tracking
* all unmet dependencies, 0 otherwise.
- * \param ret The test dispatch status (DISPATCH_xxx).
- * \param test_info A pointer to the test info structure.
+ * \param ret The test dispatch status (DISPATCH_xxx).
+ * \param info A pointer to the test info structure.
*/
static void write_outcome_result( FILE *outcome_file,
size_t unmet_dep_count,
int unmet_dependencies[],
int missing_unmet_dependencies,
int ret,
- const test_info_t *info )
+ const mbedtls_test_info_t *info )
{
if( outcome_file == NULL )
return;
@@ -462,10 +460,10 @@
}
switch( info->result )
{
- case TEST_RESULT_SUCCESS:
+ case MBEDTLS_TEST_RESULT_SUCCESS:
mbedtls_fprintf( outcome_file, "PASS;" );
break;
- case TEST_RESULT_SKIPPED:
+ case MBEDTLS_TEST_RESULT_SKIPPED:
mbedtls_fprintf( outcome_file, "SKIP;Runtime skip" );
break;
default:
@@ -522,7 +520,7 @@
char buf[5000];
char *params[50];
/* Store for proccessed integer params. */
- int int_params[50];
+ int32_t int_params[50];
void *pointer;
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
int stdout_fd = -1;
@@ -536,6 +534,10 @@
mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) );
#endif
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ mbedtls_test_mutex_usage_init( );
+#endif
+
/*
* The C standard doesn't guarantee that all-bits-0 is the representation
* of a NULL pointer. We do however use that in our code for initializing
@@ -601,7 +603,7 @@
}
/* Initialize the struct that holds information about the last test */
- memset( &test_info, 0, sizeof( test_info ) );
+ mbedtls_test_info_reset( );
/* Now begin to execute the tests in the testfiles */
for ( testfile_index = 0;
@@ -638,7 +640,8 @@
if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
break;
mbedtls_fprintf( stdout, "%s%.66s",
- test_info.result == TEST_RESULT_FAILED ? "\n" : "", buf );
+ mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ?
+ "\n" : "", buf );
mbedtls_fprintf( stdout, " " );
for( i = strlen( buf ) + 1; i < 67; i++ )
mbedtls_fprintf( stdout, "." );
@@ -682,8 +685,7 @@
// If there are no unmet dependencies execute the test
if( unmet_dep_count == 0 )
{
- test_info.result = TEST_RESULT_SUCCESS;
- test_info.step = (unsigned long)( -1 );
+ mbedtls_test_info_reset( );
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
/* Suppress all output from the library unless we're verbose
@@ -723,7 +725,7 @@
write_outcome_result( outcome_file,
unmet_dep_count, unmet_dependencies,
missing_unmet_dependencies,
- ret, &test_info );
+ ret, &mbedtls_test_info );
if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE )
{
total_skipped++;
@@ -753,11 +755,11 @@
}
else if( ret == DISPATCH_TEST_SUCCESS )
{
- if( test_info.result == TEST_RESULT_SUCCESS )
+ if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS )
{
mbedtls_fprintf( stdout, "PASS\n" );
}
- else if( test_info.result == TEST_RESULT_SKIPPED )
+ else if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SKIPPED )
{
mbedtls_fprintf( stdout, "----\n" );
total_skipped++;
@@ -767,14 +769,15 @@
total_errors++;
mbedtls_fprintf( stdout, "FAILED\n" );
mbedtls_fprintf( stdout, " %s\n at ",
- test_info.test );
- if( test_info.step != (unsigned long)( -1 ) )
+ mbedtls_test_info.test );
+ if( mbedtls_test_info.step != (unsigned long)( -1 ) )
{
mbedtls_fprintf( stdout, "step %lu, ",
- test_info.step );
+ mbedtls_test_info.step );
}
mbedtls_fprintf( stdout, "line %d, %s",
- test_info.line_no, test_info.filename );
+ mbedtls_test_info.line_no,
+ mbedtls_test_info.filename );
}
fflush( stdout );
}
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index 256224e..ac00f45 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -33,6 +33,10 @@
#include "psa/crypto.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_TEST_HOOKS)
+#include "mbedtls/error.h"
+#endif
+
/* Test code may use deprecated identifiers only if the preprocessor symbol
* MBEDTLS_TEST_DEPRECATED is defined. When building tests, set
* MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is
@@ -105,7 +109,7 @@
* Identifiers and check code is generated by script:
* $generator_script
*
- * \param exp_id Dependency identifier.
+ * \param dep_id Dependency identifier.
*
* \return DEPENDENCY_SUPPORTED if set else DEPENDENCY_NOT_SUPPORTED
*/
@@ -129,13 +133,17 @@
/**
* \brief Function pointer type for test function wrappers.
*
+ * A test function wrapper decodes the parameters and passes them to the
+ * underlying test function. Both the wrapper and the underlying function
+ * return void. Test wrappers assume that they are passed a suitable
+ * parameter array and do not perform any error detection.
*
- * \param void ** Pointer to void pointers. Represents an array of test
- * function parameters.
- *
- * \return void
+ * \param param_array The array of parameters. Each element is a `void *`
+ * which the wrapper casts to the correct type and
+ * dereferences. Each wrapper function hard-codes the
+ * number and types of the parameters.
*/
-typedef void (*TestWrapper_t)( void ** );
+typedef void (*TestWrapper_t)( void **param_array );
/**
@@ -158,12 +166,16 @@
* parameter failure callback, to be used. Calls to setjmp()
* can invalidate the state of any local auto variables.
*
- * \param fp Function pointer to the test function
- * \param params Parameters to pass
+ * \param fp Function pointer to the test function.
+ * \param params Parameters to pass to the #TestWrapper_t wrapper function.
*
*/
void execute_function_ptr(TestWrapper_t fp, void **params)
{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ mbedtls_test_enable_insecure_external_rng( );
+#endif
+
#if defined(MBEDTLS_CHECK_PARAMS)
mbedtls_test_param_failed_location_record_t location_record;
@@ -175,22 +187,27 @@
{
/* Unexpected parameter validation error */
mbedtls_test_param_failed_get_location_record( &location_record );
- test_fail( location_record.failure_condition,
- location_record.line,
- location_record.file );
- test_info.result = TEST_RESULT_FAILED;
+ mbedtls_test_fail( location_record.failure_condition,
+ location_record.line,
+ location_record.file );
}
mbedtls_test_param_failed_reset_state( );
#else
fp( params );
#endif
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ mbedtls_test_mutex_usage_check( );
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
}
/**
* \brief Dispatches test functions based on function index.
*
- * \param exp_id Test function index.
+ * \param func_idx Test function index.
+ * \param params The array of parameters to pass to the test function.
+ * It will be decoded by the #TestWrapper_t wrapper function.
*
* \return DISPATCH_TEST_SUCCESS if found
* DISPATCH_TEST_FN_NOT_FOUND if not found
@@ -219,9 +236,10 @@
/**
- * \brief Checks if test function is supported
+ * \brief Checks if test function is supported in this build-time
+ * configuration.
*
- * \param exp_id Test function index.
+ * \param func_idx Test function index.
*
* \return DISPATCH_TEST_SUCCESS if found
* DISPATCH_TEST_FN_NOT_FOUND if not found
@@ -265,6 +283,10 @@
*/
int main( int argc, const char *argv[] )
{
+#if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C)
+ mbedtls_test_hook_error_add = &mbedtls_test_err_add_check;
+#endif
+
int ret = mbedtls_test_platform_setup();
if( ret != 0 )
{
diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function
index 8354b96..637a79d 100644
--- a/tests/suites/target_test.function
+++ b/tests/suites/target_test.function
@@ -384,8 +384,7 @@
while ( 1 )
{
ret = 0;
- test_info.result = TEST_RESULT_SUCCESS;
- test_info.step = (unsigned long)( -1 );
+ mbedtls_test_info_reset( );
data_len = 0;
data = receive_data( &data_len );
@@ -443,7 +442,7 @@
if ( ret )
send_failure( ret );
else
- send_status( test_info.result );
+ send_status( mbedtls_test_info.result );
}
return( 0 );
}
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index 754a167..a90277d 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -210,6 +210,8 @@
/* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as
* otherwise we wouldn't get to the size check we're interested in. */
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
+exit:
+ mbedtls_aes_xts_free( &ctx );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function
index 990f343..414278f 100644
--- a/tests/suites/test_suite_asn1parse.function
+++ b/tests/suites/test_suite_asn1parse.function
@@ -130,7 +130,7 @@
size_t parsed_length;
int ret;
- test_set_step( buffer_size );
+ mbedtls_test_set_step( buffer_size );
/* Allocate a new buffer of exactly the length to parse each time.
* This gives memory sanitizers a chance to catch buffer overreads. */
if( buffer_size == 0 )
@@ -198,7 +198,7 @@
TEST_ASSERT( content > state->input_start );
offset = content - state->input_start;
- test_set_step( offset );
+ mbedtls_test_set_step( offset );
if( *rest == 0 )
return( RET_TRAVERSE_STOP );
@@ -252,7 +252,7 @@
*/
for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ )
{
- test_set_step( buffer_size );
+ mbedtls_test_set_step( buffer_size );
/* Allocate a new buffer of exactly the length to parse each time.
* This gives memory sanitizers a chance to catch buffer overreads. */
ASSERT_ALLOC( buf, buffer_size );
@@ -417,7 +417,7 @@
}
#if defined(MBEDTLS_BIGNUM_C)
- ret = mbedtls_mpi_read_string( &expected_mpi, 16, expected_hex );
+ ret = mbedtls_test_read_mpi( &expected_mpi, 16, expected_hex );
TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA )
{
@@ -594,6 +594,7 @@
unsigned char *p = input->x;
const char *rest = description;
unsigned long n;
+ unsigned int step = 0;
TEST_EQUAL( mbedtls_asn1_get_sequence_of( &p, input->x + input->len,
&head, tag ),
@@ -614,7 +615,7 @@
cur = &head;
while( *rest )
{
- ++test_info.step;
+ mbedtls_test_set_step( step );
TEST_ASSERT( cur != NULL );
TEST_EQUAL( cur->buf.tag, tag );
n = strtoul( rest, (char **) &rest, 0 );
@@ -625,6 +626,7 @@
if( *rest )
++rest;
cur = cur->next;
+ ++step;
}
TEST_ASSERT( cur == NULL );
}
diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function
index 21465c7..8824739 100644
--- a/tests/suites/test_suite_asn1write.function
+++ b/tests/suites/test_suite_asn1write.function
@@ -15,7 +15,7 @@
int generic_write_start_step( generic_write_data_t *data )
{
- test_set_step( data->size );
+ mbedtls_test_set_step( data->size );
ASSERT_ALLOC( data->output, data->size == 0 ? 1 : data->size );
data->end = data->output + data->size;
data->p = data->end;
diff --git a/tests/suites/test_suite_base64.data b/tests/suites/test_suite_base64.data
index da99ffa..3a892f4 100644
--- a/tests/suites/test_suite_base64.data
+++ b/tests/suites/test_suite_base64.data
@@ -151,6 +151,20 @@
Base64 encode hex #4
base64_encode_hex:"01020304050607":"AQIDBAUGBw==":13:0
+# Rotate the bytes around so that they end up at each offset modulo 3 in
+# successive test cases.
+Base64 encode hex all valid input bytes #0
+base64_encode_hex:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w==":345:0
+
+Base64 encode hex all valid input bytes #1
+base64_encode_hex:"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff00":"AQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AA==":345:0
+
+Base64 encode hex all valid input bytes #2
+base64_encode_hex:"02030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff0001":"AgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQ==":345:0
+
+Base64 encode all valid output characters at all offsets
+base64_encode_hex:"00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7effe00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7efd0":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/Q":261:0
+
Base64 decode hex #1
base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":9:0
@@ -166,6 +180,9 @@
Base64 decode hex #5 (buffer too small)
base64_decode_hex:"AQIDBAUGBw==":"01020304050607":6:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+Base64 decode all valid input characters at all offsets
+base64_decode_hex:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/Q":"00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7effe00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7efd0":195:0
+
Base64 Selftest
depends_on:MBEDTLS_SELF_TEST
base64_selftest:
diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function
index dc6ec15..be9b6e8 100644
--- a/tests/suites/test_suite_base64.function
+++ b/tests/suites/test_suite_base64.function
@@ -1,5 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/base64.h"
+#include <test/constant_flow.h>
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -13,13 +14,22 @@
{
unsigned char src_str[1000];
unsigned char dst_str[1000];
- size_t len;
+ size_t len, src_len;
memset(src_str, 0x00, 1000);
memset(dst_str, 0x00, 1000);
strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 );
- TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, strlen( (char *) src_str ) ) == result );
+ src_len = strlen( (char *) src_str );
+
+ TEST_CF_SECRET( src_str, sizeof( src_str ) );
+ TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, src_len) == result );
+ TEST_CF_PUBLIC( src_str, sizeof( src_str ) );
+
+ /* dest_str will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering
+ CF failures by unmarking it. */
+ TEST_CF_PUBLIC( dst_str, len );
+
if( result == 0 )
{
TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 );
@@ -57,7 +67,14 @@
res = mbedtls_test_zero_alloc( dst_buf_size );
+ TEST_CF_SECRET( src->x, src->len );
TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src->x, src->len ) == result );
+ TEST_CF_PUBLIC( src->x, src->len );
+
+ /* res will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering
+ CF failures by unmarking it. */
+ TEST_CF_PUBLIC( res, len );
+
if( result == 0 )
{
TEST_ASSERT( len == strlen( dst ) );
diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index faa7e13..5a3726e 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -201,12 +201,11 @@
unsigned char iv[13];
unsigned char result[50];
mbedtls_ccm_context ctx;
- size_t i, iv_len, tag_len;
+ size_t iv_len, tag_len;
int ret;
mbedtls_ccm_init( &ctx );
- memset( iv, 0x00, sizeof( iv ) );
memset( result, 0x00, sizeof( result ) );
if( sec_level % 4 == 0)
@@ -214,12 +213,10 @@
else
tag_len = 1 << ( sec_level % 4 + 1);
- for( i = 0; i < source_address->len; i++ )
- iv[i] = source_address->x[i];
-
- for( i = 0; i < frame_counter->len; i++ )
- iv[source_address->len + i] = frame_counter->x[i];
-
+ TEST_ASSERT( source_address->len == 8 );
+ TEST_ASSERT( frame_counter->len == 4 );
+ memcpy( iv, source_address->x, source_address->len );
+ memcpy( iv + source_address->len, frame_counter->x, frame_counter->len );
iv[source_address->len + frame_counter->len] = sec_level;
iv_len = sizeof( iv );
@@ -254,7 +251,7 @@
unsigned char iv[13];
unsigned char result[50];
mbedtls_ccm_context ctx;
- size_t i, iv_len, tag_len;
+ size_t iv_len, tag_len;
int ret;
mbedtls_ccm_init( &ctx );
@@ -267,12 +264,10 @@
else
tag_len = 1 << ( sec_level % 4 + 1);
- for( i = 0; i < source_address->len; i++ )
- iv[i] = source_address->x[i];
-
- for( i = 0; i < frame_counter->len; i++ )
- iv[source_address->len + i] = frame_counter->x[i];
-
+ TEST_ASSERT( source_address->len == 8 );
+ TEST_ASSERT( frame_counter->len == 4 );
+ memcpy( iv, source_address->x, source_address->len );
+ memcpy( iv + source_address->len, frame_counter->x, frame_counter->len );
iv[source_address->len + frame_counter->len] = sec_level;
iv_len = sizeof( iv );
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index ea1e9ad..76e474f 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -9,10 +9,65 @@
#include "mbedtls/gcm.h"
#endif
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "test/psa_crypto_helpers.h"
+#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+#define MBEDTLS_CIPHER_AUTH_CRYPT
#endif
+#if defined(MBEDTLS_CIPHER_AUTH_CRYPT)
+/* Helper for resetting key/direction
+ *
+ * The documentation doesn't explicitly say whether calling
+ * mbedtls_cipher_setkey() twice is allowed or not. This currently works with
+ * the default software implementation, but only by accident. It isn't
+ * guaranteed to work with new ciphers or with alternative implementations of
+ * individual ciphers, and it doesn't work with the PSA wrappers. So don't do
+ * it, and instead start with a fresh context.
+ */
+static int cipher_reset_key( mbedtls_cipher_context_t *ctx, int cipher_id,
+ int use_psa, size_t tag_len, const data_t *key, int direction )
+{
+ mbedtls_cipher_free( ctx );
+ mbedtls_cipher_init( ctx );
+
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+ (void) use_psa;
+ (void) tag_len;
+#else
+ if( use_psa == 1 )
+ {
+ TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( ctx,
+ mbedtls_cipher_info_from_type( cipher_id ),
+ tag_len ) );
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ {
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( ctx,
+ mbedtls_cipher_info_from_type( cipher_id ) ) );
+ }
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( ctx, key->x, 8 * key->len,
+ direction ) );
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+/*
+ * Check if a buffer is all-0 bytes:
+ * return 1 if it is,
+ * 0 if it isn't.
+ */
+int buffer_is_all_zero( const uint8_t *buf, size_t size )
+{
+ for( size_t i = 0; i < size; i++ )
+ if( buf[i] != 0 )
+ return 0;
+ return 1;
+}
+#endif /* MBEDTLS_CIPHER_AUTH_CRYPT */
+
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -485,6 +540,108 @@
NULL, valid_size ) );
#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */
+#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+ /* mbedtls_cipher_auth_encrypt_ext */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt_ext( NULL,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size, NULL,
+ valid_size ) );
+
+ /* mbedtls_cipher_auth_decrypt_ext */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt_ext( NULL,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, valid_size, &size_t_var,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size, NULL,
+ valid_size ) );
+#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
+
/* mbedtls_cipher_free() */
TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) );
exit:
@@ -959,129 +1116,338 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */
void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
data_t * ad, data_t * cipher, data_t * tag,
char * result, data_t * clear, int use_psa )
{
- /* Takes an AEAD ciphertext + tag and performs a pair
- * of AEAD decryption and AEAD encryption. It checks that
+ /*
+ * Take an AEAD ciphertext + tag and perform a pair
+ * of AEAD decryption and AEAD encryption. Check that
* this results in the expected plaintext, and that
- * decryption and encryption are inverse to one another. */
+ * decryption and encryption are inverse to one another.
+ *
+ * Do that twice:
+ * - once with legacy functions auth_decrypt/auth_encrypt
+ * - once with new functions auth_decrypt_ext/auth_encrypt_ext
+ * This allows testing both without duplicating test cases.
+ */
int ret;
- unsigned char output[300]; /* Temporary buffer for results of
- * encryption and decryption. */
- unsigned char *output_tag = NULL; /* Temporary buffer for tag in the
- * encryption step. */
+ int using_nist_kw, using_nist_kw_padding;
mbedtls_cipher_context_t ctx;
size_t outlen;
+ unsigned char *cipher_plus_tag = NULL;
+ size_t cipher_plus_tag_len;
+ unsigned char *decrypt_buf = NULL;
+ size_t decrypt_buf_len = 0;
+ unsigned char *encrypt_buf = NULL;
+ size_t encrypt_buf_len = 0;
+
+#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
+ !defined(MBEDTLS_DEPRECATED_REMOVED)
unsigned char *tmp_tag = NULL;
unsigned char *tmp_cipher = NULL;
+ unsigned char *tag_buf = NULL;
+#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
+
+ /* Null pointers are documented as valid for inputs of length 0.
+ * The test framework passes non-null pointers, so set them to NULL.
+ * key, cipher and tag can't be empty. */
+ if( iv->len == 0 )
+ iv->x = NULL;
+ if( ad->len == 0 )
+ ad->x = NULL;
+ if( clear->len == 0 )
+ clear->x = NULL;
mbedtls_cipher_init( &ctx );
- memset( output, 0xFF, sizeof( output ) );
- /* Prepare context */
-#if !defined(MBEDTLS_USE_PSA_CRYPTO)
- (void) use_psa;
-#else
+ /* Initialize PSA Crypto */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( use_psa == 1 )
- {
PSA_ASSERT( psa_crypto_init( ) );
-
- /* PSA requires that the tag immediately follows the ciphertext. */
- tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len );
- TEST_ASSERT( tmp_cipher != NULL );
- tmp_tag = tmp_cipher + cipher->len;
-
- memcpy( tmp_cipher, cipher->x, cipher->len );
- memcpy( tmp_tag, tag->x, tag->len );
-
- TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
- mbedtls_cipher_info_from_type( cipher_id ),
- tag->len ) );
- }
- else
+#else
+ (void) use_psa;
#endif
+
+ /*
+ * Are we using NIST_KW? with padding?
+ */
+ using_nist_kw_padding = cipher_id == MBEDTLS_CIPHER_AES_128_KWP ||
+ cipher_id == MBEDTLS_CIPHER_AES_192_KWP ||
+ cipher_id == MBEDTLS_CIPHER_AES_256_KWP;
+ using_nist_kw = cipher_id == MBEDTLS_CIPHER_AES_128_KW ||
+ cipher_id == MBEDTLS_CIPHER_AES_192_KW ||
+ cipher_id == MBEDTLS_CIPHER_AES_256_KW ||
+ using_nist_kw_padding;
+
+ /****************************************************************
+ * *
+ * Part 1: non-deprecated API *
+ * *
+ ****************************************************************/
+
+ /*
+ * Prepare context for decryption
+ */
+ if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
+ MBEDTLS_DECRYPT ) )
+ goto exit;
+
+ /*
+ * prepare buffer for decryption
+ * (we need the tag appended to the ciphertext)
+ */
+ cipher_plus_tag_len = cipher->len + tag->len;
+ ASSERT_ALLOC( cipher_plus_tag, cipher_plus_tag_len );
+ memcpy( cipher_plus_tag, cipher->x, cipher->len );
+ memcpy( cipher_plus_tag + cipher->len, tag->x, tag->len );
+
+ /*
+ * Compute length of output buffer according to the documentation
+ */
+ if( using_nist_kw )
+ decrypt_buf_len = cipher_plus_tag_len - 8;
+ else
+ decrypt_buf_len = cipher_plus_tag_len - tag->len;
+
+
+ /*
+ * Try decrypting to a buffer that's 1B too small
+ */
+ if( decrypt_buf_len != 0 )
{
- tmp_tag = tag->x;
- tmp_cipher = cipher->x;
- TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
- mbedtls_cipher_info_from_type( cipher_id ) ) );
+ ASSERT_ALLOC( decrypt_buf, decrypt_buf_len - 1 );
+
+ outlen = 0;
+ ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len,
+ ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
+ decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len );
+ TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ mbedtls_free( decrypt_buf );
+ decrypt_buf = NULL;
}
- TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
- MBEDTLS_DECRYPT ) );
+ /*
+ * Authenticate and decrypt, and check result
+ */
+ ASSERT_ALLOC( decrypt_buf, decrypt_buf_len );
- /* decode buffer and check tag->x */
+ outlen = 0;
+ ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len,
+ ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
+ decrypt_buf, decrypt_buf_len, &outlen, tag->len );
- /* Sanity check that we don't use overly long inputs. */
- TEST_ASSERT( sizeof( output ) >= cipher->len );
-
- ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
- tmp_cipher, cipher->len, output, &outlen,
- tmp_tag, tag->len );
-
- /* make sure the message is rejected if it should be */
if( strcmp( result, "FAIL" ) == 0 )
{
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
- goto exit;
+ TEST_ASSERT( buffer_is_all_zero( decrypt_buf, decrypt_buf_len ) );
+ }
+ else
+ {
+ TEST_ASSERT( ret == 0 );
+ ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len );
}
- /* otherwise, make sure it was decrypted properly */
- TEST_ASSERT( ret == 0 );
+ /* Free this, but keep cipher_plus_tag for deprecated function with PSA */
+ mbedtls_free( decrypt_buf );
+ decrypt_buf = NULL;
- TEST_ASSERT( outlen == clear->len );
- TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
+ /*
+ * Encrypt back if test data was authentic
+ */
+ if( strcmp( result, "FAIL" ) != 0 )
+ {
+ /* prepare context for encryption */
+ if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
+ MBEDTLS_ENCRYPT ) )
+ goto exit;
- /* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */
- mbedtls_cipher_free( &ctx );
+ /*
+ * Compute size of output buffer according to documentation
+ */
+ if( using_nist_kw )
+ {
+ encrypt_buf_len = clear->len + 8;
+ if( using_nist_kw_padding && encrypt_buf_len % 8 != 0 )
+ encrypt_buf_len += 8 - encrypt_buf_len % 8;
+ }
+ else
+ {
+ encrypt_buf_len = clear->len + tag->len;
+ }
+
+ /*
+ * Try encrypting with an output buffer that's 1B too small
+ */
+ ASSERT_ALLOC( encrypt_buf, encrypt_buf_len - 1 );
+
+ outlen = 0;
+ ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len,
+ ad->x, ad->len, clear->x, clear->len,
+ encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len );
+ TEST_ASSERT( ret != 0 );
+
+ mbedtls_free( encrypt_buf );
+ encrypt_buf = NULL;
+
+ /*
+ * Encrypt and check the result
+ */
+ ASSERT_ALLOC( encrypt_buf, encrypt_buf_len );
+
+ outlen = 0;
+ ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len,
+ ad->x, ad->len, clear->x, clear->len,
+ encrypt_buf, encrypt_buf_len, &outlen, tag->len );
+ TEST_ASSERT( ret == 0 );
+
+ TEST_ASSERT( outlen == cipher->len + tag->len );
+ TEST_ASSERT( memcmp( encrypt_buf, cipher->x, cipher->len ) == 0 );
+ TEST_ASSERT( memcmp( encrypt_buf + cipher->len,
+ tag->x, tag->len ) == 0 );
+
+ mbedtls_free( encrypt_buf );
+ encrypt_buf = NULL;
+ }
+
+ /****************************************************************
+ * *
+ * Part 2: deprecated API *
+ * *
+ ****************************************************************/
+
+#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
+ !defined(MBEDTLS_DEPRECATED_REMOVED)
+
+ /*
+ * Prepare context for decryption
+ */
+ if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
+ MBEDTLS_DECRYPT ) )
+ goto exit;
+
+ /*
+ * Prepare pointers for decryption
+ */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( use_psa == 1 )
{
- TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
- mbedtls_cipher_info_from_type( cipher_id ),
- tag->len ) );
+ /* PSA requires that the tag immediately follows the ciphertext.
+ * Fortunately, we already have that from testing the new API. */
+ tmp_cipher = cipher_plus_tag;
+ tmp_tag = tmp_cipher + cipher->len;
}
else
-#endif
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
{
- TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
- mbedtls_cipher_info_from_type( cipher_id ) ) );
+ tmp_cipher = cipher->x;
+ tmp_tag = tag->x;
}
- TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
- MBEDTLS_ENCRYPT ) );
- memset( output, 0xFF, sizeof( output ) );
+ /*
+ * Authenticate and decrypt, and check result
+ */
+
+ ASSERT_ALLOC( decrypt_buf, cipher->len );
outlen = 0;
+ ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
+ tmp_cipher, cipher->len, decrypt_buf, &outlen,
+ tmp_tag, tag->len );
- /* Sanity check that we don't use overly long inputs. */
- TEST_ASSERT( sizeof( output ) >= clear->len + tag->len );
+ if( using_nist_kw )
+ {
+ /* NIST_KW with legacy API */
+ TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+ else if( strcmp( result, "FAIL" ) == 0 )
+ {
+ /* unauthentic message */
+ TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
+ TEST_ASSERT( buffer_is_all_zero( decrypt_buf, cipher->len ) );
+ }
+ else
+ {
+ /* authentic message: is the plaintext correct? */
+ TEST_ASSERT( ret == 0 );
+ ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len );
+ }
- output_tag = output + clear->len;
- ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
- clear->x, clear->len, output, &outlen,
- output_tag, tag->len );
- TEST_ASSERT( ret == 0 );
+ mbedtls_free( decrypt_buf );
+ decrypt_buf = NULL;
+ mbedtls_free( cipher_plus_tag );
+ cipher_plus_tag = NULL;
- TEST_ASSERT( outlen == cipher->len );
- TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 );
- TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 );
+ /*
+ * Encrypt back if test data was authentic
+ */
+ if( strcmp( result, "FAIL" ) != 0 )
+ {
+ /* prepare context for encryption */
+ if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
+ MBEDTLS_ENCRYPT ) )
+ goto exit;
+
+ /* prepare buffers for encryption */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( use_psa )
+ {
+ ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len );
+ tmp_cipher = cipher_plus_tag;
+ tmp_tag = cipher_plus_tag + cipher->len;
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ {
+ ASSERT_ALLOC( encrypt_buf, cipher->len );
+ ASSERT_ALLOC( tag_buf, tag->len );
+ tmp_cipher = encrypt_buf;
+ tmp_tag = tag_buf;
+ }
+
+ /*
+ * Encrypt and check the result
+ */
+ outlen = 0;
+ ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
+ clear->x, clear->len, tmp_cipher, &outlen,
+ tmp_tag, tag->len );
+
+ if( using_nist_kw )
+ {
+ TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+ else
+ {
+ TEST_ASSERT( ret == 0 );
+
+ TEST_ASSERT( outlen == cipher->len );
+ if( cipher->len != 0 )
+ TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 );
+ TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 );
+ }
+ }
+
+#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
exit:
mbedtls_cipher_free( &ctx );
+ mbedtls_free( decrypt_buf );
+ mbedtls_free( encrypt_buf );
+ mbedtls_free( cipher_plus_tag );
+#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
+ !defined(MBEDTLS_DEPRECATED_REMOVED)
+ mbedtls_free( tag_buf );
+#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( use_psa == 1 )
- {
- mbedtls_free( tmp_cipher );
PSA_DONE( );
- }
#endif /* MBEDTLS_USE_PSA_CRYPTO */
}
/* END_CASE */
diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data
index eb99b79..6d57442 100644
--- a/tests/suites/test_suite_debug.data
+++ b/tests/suites/test_suite_debug.data
@@ -37,6 +37,27 @@
Debug print buffer #5
mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n"
+Debug print mbedtls_mpi: 0 (empty representation)
+mbedtls_debug_print_mpi:16:"":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
+
+Debug print mbedtls_mpi: 0 (non-empty representation)
+mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
+
+Debug print mbedtls_mpi #2: 3 bits
+mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n"
+
+Debug print mbedtls_mpi: 49 bits
+mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n"
+
+Debug print mbedtls_mpi: 759 bits
+mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print mbedtls_mpi: 764 bits #1
+mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print mbedtls_mpi: 764 bits #2
+mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
Debug print certificate #1 (RSA)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n"
@@ -44,21 +65,3 @@
Debug print certificate #2 (EC)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"
-
-Debug print mbedtls_mpi #1
-mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n"
-
-Debug print mbedtls_mpi #2
-mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n"
-
-Debug print mbedtls_mpi #3
-mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
-
-Debug print mbedtls_mpi #4
-mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
-
-Debug print mbedtls_mpi #5
-mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
-
-Debug print mbedtls_mpi #6
-mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index 377d630..fe5549a 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -179,7 +179,7 @@
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &val, radix, value ) == 0 );
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data
index 4e884f4..4e13e48 100644
--- a/tests/suites/test_suite_dhm.data
+++ b/tests/suites/test_suite_dhm.data
@@ -1,26 +1,116 @@
+Diffie-Hellman full exchange: tiny x_size
+dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0
+
Diffie-Hellman parameter validation
dhm_invalid_params:
-Diffie-Hellman full exchange #1
-dhm_do_dhm:10:"23":10:"5":0
+Diffie-Hellman full exchange: 5-bit, x_size=3
+dhm_do_dhm:10:"23":3:10:"5":0
-Diffie-Hellman full exchange #2
-dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0
+Diffie-Hellman full exchange: 5-bit, x_size=2
+dhm_do_dhm:10:"23":2:10:"5":0
-Diffie-Hellman full exchange #3
-dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":10:"9345098309485093845098340962223981329819812792137312973297123912791271":0
+## Repeat this test case and a few similar ones several times. The RNG state
+## changes, so we get to exercise the code with a few different values.
+Diffie-Hellman full exchange: 5-bit #1
+dhm_do_dhm:10:"23":1:10:"5":0
-Diffie-Hellman trivial subgroup #1
-dhm_do_dhm:10:"23":10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+Diffie-Hellman full exchange: 5-bit #2
+dhm_do_dhm:10:"23":1:10:"5":0
-Diffie-Hellman trivial subgroup #2
-dhm_do_dhm:10:"23":10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+Diffie-Hellman full exchange: 5-bit #3
+dhm_do_dhm:10:"23":1:10:"5":0
+
+Diffie-Hellman full exchange: 5-bit #4
+dhm_do_dhm:10:"23":1:10:"5":0
+
+Diffie-Hellman full exchange: 5-bit #5
+dhm_do_dhm:10:"23":1:10:"5":0
+
+## This is x_size = P_size + 1. Arguably x_size > P_size makes no sense,
+## but it's the current undocumented behavior to treat it the same as when
+## x_size = P_size. If this behavior changes in the future, change the expected
+## return status from 0 to MBEDTLS_ERR_DHM_BAD_INPUT_DATA.
+Diffie-Hellman full exchange: 97-bit, x_size=14
+dhm_do_dhm:10:"93450983094850938450983409623":14:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit #1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit #2
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit #3
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit #4
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit #5
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=12
+dhm_do_dhm:10:"93450983094850938450983409623":12:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=11
+dhm_do_dhm:10:"93450983094850938450983409623":11:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #1
+dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #2
+dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #3
+dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #4
+dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #5
+dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0
+
+Diffie-Hellman full exchange: 286-bit
+dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":36:10:"9345098309485093845098340962223981329819812792137312973297123912791271":0
Diffie-Hellman small modulus
-dhm_do_dhm:10:"3":10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED
+dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Diffie-Hellman zero modulus
-dhm_do_dhm:10:"0":10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=0
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"0":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=-1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P-1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P-2
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409621":0
+
+Diffie-Hellman with G=P
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409623":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P+1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409624":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P+2
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409625":0
+
+Diffie-Hellman: x_size < 0
+dhm_do_dhm:10:"93450983094850938450983409623":-1:10:"9345098304850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman MPI_MAX_SIZE modulus
+dhm_make_public:MBEDTLS_MPI_MAX_SIZE:10:"5":0
+
+Diffie-Hellman MPI_MAX_SIZE + 1 modulus
+dhm_make_public:MBEDTLS_MPI_MAX_SIZE + 1:10:"5":MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Diffie-Hellman load parameters from file [#1]
dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 0a5c617..96ff2ac 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -1,5 +1,68 @@
/* BEGIN_HEADER */
#include "mbedtls/dhm.h"
+
+/* Sanity checks on a Diffie-Hellman parameter: check the length-value
+ * syntax and check that the value is the expected one (taken from the
+ * DHM context by the caller). */
+static int check_dhm_param_output( const mbedtls_mpi *expected,
+ const unsigned char *buffer,
+ size_t size,
+ size_t *offset )
+{
+ size_t n;
+ mbedtls_mpi actual;
+ int ok = 0;
+ mbedtls_mpi_init( &actual );
+
+ ++mbedtls_test_info.step;
+
+ TEST_ASSERT( size >= *offset + 2 );
+ n = ( buffer[*offset] << 8 ) | buffer[*offset + 1];
+ *offset += 2;
+ /* The DHM param output from Mbed TLS has leading zeros stripped, as
+ * permitted but not required by RFC 5246 \S4.4. */
+ TEST_EQUAL( n, mbedtls_mpi_size( expected ) );
+ TEST_ASSERT( size >= *offset + n );
+ TEST_EQUAL( 0, mbedtls_mpi_read_binary( &actual, buffer + *offset, n ) );
+ TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( expected, &actual ) );
+ *offset += n;
+
+ ok = 1;
+exit:
+ mbedtls_mpi_free( &actual );
+ return( ok );
+}
+
+/* Sanity checks on Diffie-Hellman parameters: syntax, range, and comparison
+ * against the context. */
+static int check_dhm_params( const mbedtls_dhm_context *ctx,
+ size_t x_size,
+ const unsigned char *ske, size_t ske_len )
+{
+ size_t offset = 0;
+
+ /* Check that ctx->X and ctx->GX are within range. */
+ TEST_ASSERT( mbedtls_mpi_cmp_int( &ctx->X, 1 ) > 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) < 0 );
+ TEST_ASSERT( mbedtls_mpi_size( &ctx->X ) <= x_size );
+ TEST_ASSERT( mbedtls_mpi_cmp_int( &ctx->GX, 1 ) > 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx->GX, &ctx->P ) < 0 );
+
+ /* Check ske: it must contain P, G and G^X, each prefixed with a
+ * 2-byte size. */
+ if( !check_dhm_param_output( &ctx->P, ske, ske_len, &offset ) )
+ goto exit;
+ if( !check_dhm_param_output( &ctx->G, ske, ske_len, &offset ) )
+ goto exit;
+ if( !check_dhm_param_output( &ctx->GX, ske, ske_len, &offset ) )
+ goto exit;
+ TEST_EQUAL( offset, ske_len );
+
+ return( 1 );
+exit:
+ return( 0 );
+}
+
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -115,7 +178,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void dhm_do_dhm( int radix_P, char *input_P,
+void dhm_do_dhm( int radix_P, char *input_P, int x_size,
int radix_G, char *input_G, int result )
{
mbedtls_dhm_context ctx_srv;
@@ -129,7 +192,7 @@
size_t pub_cli_len = 0;
size_t sec_srv_len;
size_t sec_cli_len;
- int x_size, i;
+ int i;
mbedtls_test_rnd_pseudo_info rnd_info;
mbedtls_dhm_init( &ctx_srv );
@@ -143,19 +206,21 @@
/*
* Set params
*/
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 );
- x_size = mbedtls_mpi_size( &ctx_srv.P );
- pub_cli_len = x_size;
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.G, radix_G, input_G ) == 0 );
+ pub_cli_len = mbedtls_mpi_size( &ctx_srv.P );
/*
* First key exchange
*/
+ mbedtls_test_set_step( 10 );
TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len,
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == result );
if ( result != 0 )
goto exit;
+ if( !check_dhm_params( &ctx_srv, x_size, ske, ske_len ) )
+ goto exit;
ske[ske_len++] = 0;
ske[ske_len++] = 0;
@@ -179,6 +244,7 @@
/* Re-do calc_secret on server a few times to test update of blinding values */
for( i = 0; i < 3; i++ )
{
+ mbedtls_test_set_step( 20 + i );
sec_srv_len = 1000;
TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv,
sizeof( sec_srv ), &sec_srv_len,
@@ -195,9 +261,12 @@
*/
p = ske;
+ mbedtls_test_set_step( 30 );
TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len,
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
+ if( !check_dhm_params( &ctx_srv, x_size, ske, ske_len ) )
+ goto exit;
ske[ske_len++] = 0;
ske[ske_len++] = 0;
TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
@@ -223,6 +292,36 @@
}
/* END_CASE */
+/* BEGIN_CASE */
+void dhm_make_public( int P_bytes, int radix_G, char *input_G, int result )
+{
+ mbedtls_mpi P, G;
+ mbedtls_dhm_context ctx;
+ unsigned char output[MBEDTLS_MPI_MAX_SIZE];
+
+ mbedtls_mpi_init( &P );
+ mbedtls_mpi_init( &G );
+ mbedtls_dhm_init( &ctx );
+
+ TEST_ASSERT( mbedtls_mpi_lset( &P, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_shift_l( &P, ( P_bytes * 8 ) - 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_set_bit( &P, 0, 1 ) == 0 );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &G, radix_G, input_G ) == 0 );
+
+ TEST_ASSERT( mbedtls_dhm_set_group( &ctx, &P, &G ) == 0 );
+ TEST_ASSERT( mbedtls_dhm_make_public( &ctx, (int) mbedtls_mpi_size( &P ),
+ output, sizeof(output),
+ &mbedtls_test_rnd_pseudo_rand,
+ NULL ) == result );
+
+exit:
+ mbedtls_mpi_free( &P );
+ mbedtls_mpi_free( &G );
+ mbedtls_dhm_free( &ctx );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void dhm_file( char * filename, char * p, char * g, int len )
{
@@ -232,8 +331,8 @@
mbedtls_dhm_init( &ctx );
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &G );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, 16, p ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &G, 16, g ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, 16, p ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &G, 16, g ) == 0 );
TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 );
diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function
index 3ab96fa..69197e6 100644
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@@ -240,6 +240,8 @@
rnd_info_A.buf = rnd_buf_A->x;
rnd_info_A.length = rnd_buf_A->len;
+ rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ rnd_info_A.fallback_p_rng = NULL;
/* Fix rnd_buf_A->x by shifting it left if necessary */
if( grp.nbits % 8 != 0 )
@@ -256,6 +258,8 @@
rnd_info_B.buf = rnd_buf_B->x;
rnd_info_B.length = rnd_buf_B->len;
+ rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ rnd_info_B.fallback_p_rng = NULL;
/* Fix rnd_buf_B->x by shifting it left if necessary */
if( grp.nbits % 8 != 0 )
@@ -274,21 +278,21 @@
mbedtls_test_rnd_buffer_rand,
&rnd_info_A ) == 0 );
TEST_ASSERT( ! mbedtls_ecp_is_zero( &qA ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xA_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.X, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yA_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.Y, &check ) == 0 );
TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB,
mbedtls_test_rnd_buffer_rand,
&rnd_info_B ) == 0 );
TEST_ASSERT( ! mbedtls_ecp_is_zero( &qB ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xB_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.X, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yB_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, z_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, z_str ) == 0 );
TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, NULL, NULL ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &check ) == 0 );
TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, NULL, NULL ) == 0 );
@@ -362,9 +366,13 @@
mbedtls_ecdh_init( &srv );
mbedtls_ecdh_init( &cli );
+ rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ rnd_info_A.fallback_p_rng = NULL;
rnd_info_A.buf = dA->x;
rnd_info_A.length = dA->len;
+ rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ rnd_info_B.fallback_p_rng = NULL;
rnd_info_B.buf = dB->x;
rnd_info_B.length = dB->len;
diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data
index 889f684..755a43c 100644
--- a/tests/suites/test_suite_ecdsa.data
+++ b/tests/suites/test_suite_ecdsa.data
@@ -1,6 +1,26 @@
ECDSA Parameter validation
ecdsa_invalid_param:
+ECDSA primitive hash zero #1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP192R1
+
+ECDSA primitive hash zero #2
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP224R1
+
+ECDSA primitive hash zero #3
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP256R1
+
+ECDSA primitive hash zero #4
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP384R1
+
+ECDSA primitive hash zero #5
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP521R1
+
ECDSA primitive random #1
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
ecdsa_prim_random:MBEDTLS_ECP_DP_SECP192R1
@@ -33,6 +53,26 @@
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
ecdsa_prim_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0065FDA3409451DCAB0A0EAD45495112A3D813C17BFD34BDF8C1209D7DF5849120597779060A7FF9D704ADF78B570FFAD6F062E95C7E0C5D5481C5B153B48B375FA1":"0151518F1AF0F563517EDD5485190DF95A4BF57B5CBA4CF2A9A3F6474725A35F7AFE0A6DDEB8BEDBCD6A197E592D40188901CECD650699C9B5E456AEA5ADD19052A8":"006F3B142EA1BFFF7E2837AD44C9E4FF6D2D34C73184BBAD90026DD5E6E85317D9DF45CAD7803C6C20035B2F3FF63AFF4E1BA64D1C077577DA3F4286C58F0AEAE643":"00C1C2B305419F5A41344D7E4359933D734096F556197A9B244342B8B62F46F9373778F9DE6B6497B1EF825FF24F42F9B4A4BD7382CFC3378A540B1B7F0C1B956C2F":"DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F":"0154FD3836AF92D0DCA57DD5341D3053988534FDE8318FC6AAAAB68E2E6F4339B19F2F281A7E0B22C269D93CF8794A9278880ED7DBB8D9362CAEACEE544320552251":"017705A7030290D1CEB605A9A1BB03FF9CDD521E87A696EC926C8C10C8362DF4975367101F67D1CF9BCCBF2F3D239534FA509E70AAC851AE01AAC68D62F866472660":0
+ECDSA write-read hash zero #1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP192R1
+
+ECDSA write-read hash zero #2
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP224R1
+
+ECDSA write-read hash zero #3
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP256R1
+
+ECDSA write-read hash zero #4
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP384R1
+
+ECDSA write-read hash zero #5
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP521R1
+
ECDSA write-read random #1
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
ecdsa_write_read_random:MBEDTLS_ECP_DP_SECP192R1
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index e6da884..d47bb4e 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -205,6 +205,38 @@
/* END_CASE */
/* BEGIN_CASE */
+void ecdsa_prim_zero( int id )
+{
+ mbedtls_ecp_group grp;
+ mbedtls_ecp_point Q;
+ mbedtls_mpi d, r, s;
+ mbedtls_test_rnd_pseudo_info rnd_info;
+ unsigned char buf[MBEDTLS_MD_MAX_SIZE];
+
+ mbedtls_ecp_group_init( &grp );
+ mbedtls_ecp_point_init( &Q );
+ mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
+ memset( buf, 0, sizeof( buf ) );
+
+ TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
+
+ TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ),
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 );
+
+exit:
+ mbedtls_ecp_group_free( &grp );
+ mbedtls_ecp_point_free( &Q );
+ mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void ecdsa_prim_random( int id )
{
mbedtls_ecp_group grp;
@@ -257,9 +289,11 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 );
+ rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ rnd_info.fallback_p_rng = NULL;
rnd_info.buf = rnd_buf->x;
rnd_info.length = rnd_buf->len;
@@ -320,9 +354,9 @@
memset( hash, 0, sizeof( hash ) );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
@@ -347,6 +381,66 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void ecdsa_write_read_zero( int id )
+{
+ mbedtls_ecdsa_context ctx;
+ mbedtls_test_rnd_pseudo_info rnd_info;
+ unsigned char hash[32];
+ unsigned char sig[200];
+ size_t sig_len, i;
+
+ mbedtls_ecdsa_init( &ctx );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
+ memset( hash, 0, sizeof( hash ) );
+ memset( sig, 0x2a, sizeof( sig ) );
+
+ /* generate signing key */
+ TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
+
+ /* generate and write signature, then read and verify it */
+ TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256,
+ hash, sizeof( hash ),
+ sig, &sig_len, &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len ) == 0 );
+
+ /* check we didn't write past the announced length */
+ for( i = sig_len; i < sizeof( sig ); i++ )
+ TEST_ASSERT( sig[i] == 0x2a );
+
+ /* try verification with invalid length */
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len - 1 ) != 0 );
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len + 1 ) != 0 );
+
+ /* try invalid sequence tag */
+ sig[0]++;
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len ) != 0 );
+ sig[0]--;
+
+ /* try modifying r */
+ sig[10]++;
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ sig[10]--;
+
+ /* try modifying s */
+ sig[sig_len - 1]++;
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ sig[sig_len - 1]--;
+
+exit:
+ mbedtls_ecdsa_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
void ecdsa_write_read_random( int id )
{
mbedtls_ecdsa_context ctx;
@@ -491,7 +585,7 @@
memset( sig, 0, sizeof( sig ) );
TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.d, 16, d_str ) == 0 );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
diff --git a/tests/suites/test_suite_ecjpake.data b/tests/suites/test_suite_ecjpake.data
index ffa59e5..fe14f88 100644
--- a/tests/suites/test_suite_ecjpake.data
+++ b/tests/suites/test_suite_ecjpake.data
@@ -56,7 +56,7 @@
read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round one: KKP1: zero-length r
-read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51600":MBEDTLS_ERR_ECP_INVALID_KEY
+read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51600":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round one: KKP1: no data for r
read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51601":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
@@ -104,7 +104,7 @@
read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round one: KKP2: zero-length r
-read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51600":MBEDTLS_ERR_ECP_INVALID_KEY
+read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51600":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round one: KKP2: no data for r
read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51601":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
@@ -170,7 +170,7 @@
read_round_two_cli:"03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c8":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round two client: zero-length r
-read_round_two_cli:"03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c800":MBEDTLS_ERR_ECP_INVALID_KEY
+read_round_two_cli:"03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c800":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round two client: no data for r
read_round_two_cli:"03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c801":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
@@ -224,7 +224,7 @@
read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292d36f0d23e055913f45a52b85dd8a2052e9e129bb4d":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round two server: zero-length r
-read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292d36f0d23e055913f45a52b85dd8a2052e9e129bb4d00":MBEDTLS_ERR_ECP_INVALID_KEY
+read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292d36f0d23e055913f45a52b85dd8a2052e9e129bb4d00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round two server: no data for r
read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292d36f0d23e055913f45a52b85dd8a2052e9e129bb4d20":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index 408a9b7..79912eb 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -36,13 +36,133 @@
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP192R1:19:192:"secp192r1"
-ECP check pubkey Montgomery #1 (too big)
+ECP check pubkey Curve25519 #1 (biggest)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
+
+ECP check pubkey Curve25519 #2 (too big)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"010000000000000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
-ECP check pubkey Montgomery #2 (biggest)
+ECP check pubkey Curve25519 #3 (DoS big)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0100000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve25519 y ignored
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"-1":"1":0
+
+ECP check pubkey Curve25519 z is not 1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve25519 x negative
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"-2":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #2
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #3 (let's call this u)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"b8495f16056286fdb1329ceb8d09da6ac49ff1fae35616aeb8413b7c7aebe0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #4 (let's call this v)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"57119fd0dd4e22d8868e1c58c45c44045bef839c55b1d0b1248c50a3bc959c5f":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #5 p-1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffec":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #6 p
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #7 p+1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffee":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #8 p+u
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"80b8495f16056286fdb1329ceb8d09da6ac49ff1fae35616aeb8413b7c7aebcd":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #9 p+v
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"d7119fd0dd4e22d8868e1c58c45c44045bef839c55b1d0b1248c50a3bc959c4c":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #10 2p-1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd9":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #11 2p
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffda":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #12 2p+1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdb":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 #1 (biggest)
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
+
+ECP check pubkey Curve448 #2 (too big)
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 #3 (DoS big)
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"0100000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 y ignored
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"2":"-1":"1":0
+
+ECP check pubkey Curve448 z is not 1
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 x negative
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"-2":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #1
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #2
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #3 p-1
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #4 p
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #5 p+1
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
ECP check pubkey Koblitz #1 (point not on curve)
depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
@@ -276,6 +396,42 @@
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
mbedtls_ecp_gen_key:MBEDTLS_ECP_DP_SECP192R1
+ECP generate Montgomery key: Curve25519, random in range
+genkey_mx_known_answer:254:"9e020406080a0c0e10121416181a1c1e20222426282a2c2e30323436383a3df0":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8"
+
+ECP generate Montgomery key: Curve25519, clear higher bit
+genkey_mx_known_answer:254:"ff0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8":"7f808101820283038404850586068707880889098a0a8b0b8c0c8d0d8e0e8f78"
+
+ECP generate Montgomery key: Curve25519, clear low bits
+genkey_mx_known_answer:254:"9e020406080a0c0e10121416181a1c1e20222426282a2c2e30323436383a3dff":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8"
+
+ECP generate Montgomery key: Curve25519, random = all-bits-zero
+genkey_mx_known_answer:254:"0000000000000000000000000000000000000000000000000000000000000000":"4000000000000000000000000000000000000000000000000000000000000000"
+
+ECP generate Montgomery key: Curve25519, random = all-bits-one
+genkey_mx_known_answer:254:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8"
+
+ECP generate Montgomery key: Curve25519, not enough entropy
+genkey_mx_known_answer:254:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
+
+ECP generate Montgomery key: Curve448, random in range
+genkey_mx_known_answer:447:"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc":"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc"
+
+ECP generate Montgomery key: Curve448, set high bit
+genkey_mx_known_answer:447:"0f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc":"8f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc"
+
+ECP generate Montgomery key: Curve448, clear low bits
+genkey_mx_known_answer:447:"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536ff":"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc"
+
+ECP generate Montgomery key: Curve448, random = all-bits-zero
+genkey_mx_known_answer:447:"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+ECP generate Montgomery key: Curve448, random = all-bits-one
+genkey_mx_known_answer:447:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc"
+
+ECP generate Montgomery key: Curve448, not enough entropy
+genkey_mx_known_answer:447:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536":""
+
ECP read key #1 (short weierstrass, too small)
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0
@@ -440,15 +596,15 @@
ECP point multiplication Curve25519 (element of order 2: origin) #3
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"00":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"00":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY
ECP point multiplication Curve25519 (element of order 4: 1) #4
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"01":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"01":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY
ECP point multiplication Curve25519 (element of order 8) #5
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"B8495F16056286FDB1329CEB8D09DA6AC49FF1FAE35616AEB8413B7C7AEBE0":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"B8495F16056286FDB1329CEB8D09DA6AC49FF1FAE35616AEB8413B7C7AEBE0":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY
ECP point multiplication rng fail secp256r1
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
@@ -458,6 +614,14 @@
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
ecp_test_mul_rng:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660"
+ECP point muladd secp256r1 #1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd:MBEDTLS_ECP_DP_SECP256R1:"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579":"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1ffffffff20e120e1e1e1e13a4e135157317b79d4ecf329fed4f9eb00dc67dbddae33faca8b6d8a0255b5ce":"04fab65e09aa5dd948320f86246be1d3fc571e7f799d9005170ed5cc868b67598431a668f96aa9fd0b0eb15f0edf4c7fe1be2885eadcb57e3db4fdd093585d3fa6"
+
+ECP point muladd secp256r1 #2
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd:MBEDTLS_ECP_DP_SECP256R1:"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1ffffffff20e120e1e1e1e13a4e135157317b79d4ecf329fed4f9eb00dc67dbddae33faca8b6d8a0255b5ce":"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579":"04fab65e09aa5dd948320f86246be1d3fc571e7f799d9005170ed5cc868b67598431a668f96aa9fd0b0eb15f0edf4c7fe1be2885eadcb57e3db4fdd093585d3fa6"
+
ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE448:"eb7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f98":"a01fc432e5807f17530d1288da125b0cd453d941726436c8bbd9c5222c3da7fa639ce03db8d23b274a0721a1aed5227de6e3b731ccf7089b":"ad997351b6106f36b0d1091b929c4c37213e0d2b97e85ebb20c127691d0dad8f1d8175b0723745e639a3cb7044290b99e0e2a0c27a6a301c":"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":"9d874a5137509a449ad5853040241c5236395435c36424fd560b0cb62b281d285275a740ce32a22dd1740f4aa9161cec95ccc61a18f4ff07"
@@ -508,3 +672,127 @@
ECP restartable muladd secp256r1 max_ops=250
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64
+
+ECP fix_negative: 0, -1, 224
+fix_negative:"00":-1:224
+
+ECP fix_negative: 1, -1, 224
+fix_negative:"01":-1:224
+
+ECP fix_negative: 2^32-1, -1, 224
+fix_negative:"ffffffff":-1:224
+
+ECP fix_negative: 2^32, -1, 224
+fix_negative:"0100000000":-1:224
+
+ECP fix_negative: 2^64-1, -1, 224
+fix_negative:"ffffffffffffffff":-1:224
+
+ECP fix_negative: 2^64, -1, 224
+fix_negative:"010000000000000000":-1:224
+
+ECP fix_negative: 2^128-1, -1, 224
+fix_negative:"ffffffffffffffffffffffffffffffff":-1:224
+
+ECP fix_negative: 2^128, -1, 224
+fix_negative:"0100000000000000000000000000000000":-1:224
+
+ECP fix_negative: 2^128+1, -1, 224
+fix_negative:"0100000000000000000000000000000001":-1:224
+
+ECP fix_negative: 2^224-1, -1, 224
+fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:224
+
+ECP fix_negative: 0, -2, 224
+fix_negative:"00":-2:224
+
+ECP fix_negative: 1, -2, 224
+fix_negative:"01":-2:224
+
+ECP fix_negative: 2^32-1, -2, 224
+fix_negative:"ffffffff":-2:224
+
+ECP fix_negative: 2^32, -2, 224
+fix_negative:"0100000000":-2:224
+
+ECP fix_negative: 2^64-1, -2, 224
+fix_negative:"ffffffffffffffff":-2:224
+
+ECP fix_negative: 2^64, -2, 224
+fix_negative:"010000000000000000":-2:224
+
+ECP fix_negative: 2^128-1, -2, 224
+fix_negative:"ffffffffffffffffffffffffffffffff":-2:224
+
+ECP fix_negative: 2^128, -2, 224
+fix_negative:"0100000000000000000000000000000000":-2:224
+
+ECP fix_negative: 2^128+1, -2, 224
+fix_negative:"0100000000000000000000000000000001":-2:224
+
+ECP fix_negative: 2^224-1, -2, 224
+fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:224
+
+ECP fix_negative: 0, -1, 256
+fix_negative:"00":-1:256
+
+ECP fix_negative: 1, -1, 256
+fix_negative:"01":-1:256
+
+ECP fix_negative: 2^32-1, -1, 256
+fix_negative:"ffffffff":-1:256
+
+ECP fix_negative: 2^32, -1, 256
+fix_negative:"0100000000":-1:256
+
+ECP fix_negative: 2^64-1, -1, 256
+fix_negative:"ffffffffffffffff":-1:256
+
+ECP fix_negative: 2^64, -1, 256
+fix_negative:"010000000000000000":-1:256
+
+ECP fix_negative: 2^128-1, -1, 256
+fix_negative:"ffffffffffffffffffffffffffffffff":-1:256
+
+ECP fix_negative: 2^128, -1, 256
+fix_negative:"0100000000000000000000000000000000":-1:256
+
+ECP fix_negative: 2^128+1, -1, 256
+fix_negative:"0100000000000000000000000000000001":-1:256
+
+ECP fix_negative: 2^256-1, -1, 256
+fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:256
+
+ECP fix_negative: 0, -2, 256
+fix_negative:"00":-2:256
+
+ECP fix_negative: 1, -2, 256
+fix_negative:"01":-2:256
+
+ECP fix_negative: 2^32-1, -2, 256
+fix_negative:"ffffffff":-2:256
+
+ECP fix_negative: 2^32, -2, 256
+fix_negative:"0100000000":-2:256
+
+ECP fix_negative: 2^64-1, -2, 256
+fix_negative:"ffffffffffffffff":-2:256
+
+ECP fix_negative: 2^64, -2, 256
+fix_negative:"010000000000000000":-2:256
+
+ECP fix_negative: 2^128-1, -2, 256
+fix_negative:"ffffffffffffffffffffffffffffffff":-2:256
+
+ECP fix_negative: 2^128, -2, 256
+fix_negative:"0100000000000000000000000000000000":-2:256
+
+ECP fix_negative: 2^128+1, -2, 256
+fix_negative:"0100000000000000000000000000000001":-2:256
+
+ECP fix_negative: 2^256-1, -2, 256
+fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:256
+
+# The first call to fix_negative in the test case of issue #4296.
+ECP fix_negative: #4296.1
+fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 4ee75a6..538c648 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -1,11 +1,21 @@
/* BEGIN_HEADER */
#include "mbedtls/ecp.h"
+#include "ecp_invasive.h"
+
+#if defined(MBEDTLS_TEST_HOOKS) && \
+ ( defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) )
+#define HAVE_FIX_NEGATIVE
+#endif
+
#define ECP_PF_UNKNOWN -1
#define ECP_PT_RESET( x ) \
mbedtls_ecp_point_free( x ); \
mbedtls_ecp_point_init( x );
+
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -376,6 +386,8 @@
TEST_ASSERT( by_id == by_name );
TEST_ASSERT( by_id->bit_size == size );
+ TEST_ASSERT( size <= MBEDTLS_ECP_MAX_BITS );
+ TEST_ASSERT( size <= MBEDTLS_ECP_MAX_BYTES * 8 );
}
/* END_CASE */
@@ -391,9 +403,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret );
@@ -442,13 +454,13 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 );
mbedtls_ecp_set_max_ops( (unsigned) max_ops );
@@ -526,13 +538,13 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &u1, 16, u1_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &u2, 16, u2_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xR, 16, xR_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yR, 16, yR_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &u1, 16, u1_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &u2, 16, u2_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xR, 16, xR_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yR, 16, yR_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q.X, 16, xQ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q.Y, 16, yQ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q.X, 16, xQ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q.Y, 16, yQ_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 );
mbedtls_ecp_set_max_ops( (unsigned) max_ops );
@@ -589,14 +601,14 @@
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yB, 16, yB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yB, 16, yB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 );
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
&mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
@@ -644,11 +656,11 @@
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xS, 16, xS_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xS, 16, xS_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
&mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
@@ -752,6 +764,53 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+void ecp_muladd( int id,
+ data_t *u1_bin, data_t *P1_bin,
+ data_t *u2_bin, data_t *P2_bin,
+ data_t *expected_result )
+{
+ /* Compute R = u1 * P1 + u2 * P2 */
+ mbedtls_ecp_group grp;
+ mbedtls_ecp_point P1, P2, R;
+ mbedtls_mpi u1, u2;
+ uint8_t actual_result[MBEDTLS_ECP_MAX_PT_LEN];
+ size_t len;
+
+ mbedtls_ecp_group_init( &grp );
+ mbedtls_ecp_point_init( &P1 );
+ mbedtls_ecp_point_init( &P2 );
+ mbedtls_ecp_point_init( &R );
+ mbedtls_mpi_init( &u1 );
+ mbedtls_mpi_init( &u2 );
+
+ TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, id ) );
+ TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u1, u1_bin->x, u1_bin->len ) );
+ TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u2, u2_bin->x, u2_bin->len ) );
+ TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P1,
+ P1_bin->x, P1_bin->len ) );
+ TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P2,
+ P2_bin->x, P2_bin->len ) );
+
+ TEST_EQUAL( 0, mbedtls_ecp_muladd( &grp, &R, &u1, &P1, &u2, &P2 ) );
+ TEST_EQUAL( 0, mbedtls_ecp_point_write_binary(
+ &grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED,
+ &len, actual_result, sizeof( actual_result ) ) );
+ TEST_ASSERT( len <= MBEDTLS_ECP_MAX_PT_LEN );
+
+ ASSERT_COMPARE( expected_result->x, expected_result->len,
+ actual_result, len );
+
+exit:
+ mbedtls_ecp_group_free( &grp );
+ mbedtls_ecp_point_free( &P1 );
+ mbedtls_ecp_point_free( &P2 );
+ mbedtls_ecp_point_free( &R );
+ mbedtls_mpi_free( &u1 );
+ mbedtls_mpi_free( &u2 );
+}
+/* END_CASE */
+
/* BEGIN_CASE */
void ecp_fast_mod( int id, char * N_str )
{
@@ -761,7 +820,7 @@
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R );
mbedtls_ecp_group_init( &grp );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, 16, N_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, 16, N_str ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
TEST_ASSERT( grp.modp != NULL );
@@ -800,15 +859,16 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format,
&olen, buf, blen ) == ret );
if( ret == 0 )
{
+ TEST_ASSERT( olen <= MBEDTLS_ECP_MAX_PT_LEN );
TEST_ASSERT( mbedtls_test_hexcmp( buf, out->x, olen, out->len ) == 0 );
}
@@ -831,9 +891,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret );
@@ -875,9 +935,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret );
@@ -1012,7 +1072,7 @@
mbedtls_mpi_init( &d );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, key_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, key_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret );
@@ -1039,7 +1099,7 @@
if( id != MBEDTLS_ECP_DP_NONE )
TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.d, 16, d ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret );
@@ -1152,6 +1212,85 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */
+void fix_negative( data_t *N_bin, int c, int bits )
+{
+ mbedtls_mpi C, M, N;
+
+ mbedtls_mpi_init( &C );
+ mbedtls_mpi_init( &M );
+ mbedtls_mpi_init( &N );
+
+ /* C = - c * 2^bits (positive since c is negative) */
+ TEST_EQUAL( 0, mbedtls_mpi_lset( &C, -c ) );
+ TEST_EQUAL( 0, mbedtls_mpi_shift_l( &C, bits ) );
+
+ TEST_EQUAL( 0, mbedtls_mpi_read_binary( &N, N_bin->x, N_bin->len ) );
+ TEST_EQUAL( 0, mbedtls_mpi_grow( &N, C.n ) );
+
+ /* M = N - C = - ( C - N ) (expected result of fix_negative) */
+ TEST_EQUAL( 0, mbedtls_mpi_sub_mpi( &M, &N, &C ) );
+
+ mbedtls_ecp_fix_negative( &N, c, bits );
+
+ TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( &N, &M ) );
+
+exit:
+ mbedtls_mpi_free( &C );
+ mbedtls_mpi_free( &M );
+ mbedtls_mpi_free( &N );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */
+void genkey_mx_known_answer( int bits, data_t *seed, data_t *expected )
+{
+ mbedtls_test_rnd_buf_info rnd_info;
+ mbedtls_mpi d;
+ int ret;
+ uint8_t *actual = NULL;
+
+ mbedtls_mpi_init( &d );
+ rnd_info.buf = seed->x;
+ rnd_info.length = seed->len;
+ rnd_info.fallback_f_rng = NULL;
+ rnd_info.fallback_p_rng = NULL;
+
+ ASSERT_ALLOC( actual, expected->len );
+
+ ret = mbedtls_ecp_gen_privkey_mx( bits, &d,
+ mbedtls_test_rnd_buffer_rand, &rnd_info );
+
+ if( expected->len == 0 )
+ {
+ /* Expecting an error (happens if there isn't enough randomness) */
+ TEST_ASSERT( ret != 0 );
+ }
+ else
+ {
+ TEST_EQUAL( ret, 0 );
+ TEST_EQUAL( (size_t) bits + 1, mbedtls_mpi_bitlen( &d ) );
+ TEST_EQUAL( 0, mbedtls_mpi_write_binary( &d, actual, expected->len ) );
+ /* Test the exact result. This assumes that the output of the
+ * RNG is used in a specific way, which is overly constraining.
+ * The advantage is that it's easier to test the expected properties
+ * of the generated key:
+ * - The most significant bit must be at a specific positions
+ * (can be enforced by checking the bit-length).
+ * - The least significant bits must have specific values
+ * (can be enforced by checking these bits).
+ * - Other bits must be random (by testing with different RNG outputs,
+ * we validate that those bits are indeed influenced by the RNG). */
+ ASSERT_COMPARE( expected->x, expected->len,
+ actual, expected->len );
+ }
+
+exit:
+ mbedtls_free( actual );
+ mbedtls_mpi_free( &d );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void ecp_selftest( )
{
diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data
index b2d20b4..95bfe66 100644
--- a/tests/suites/test_suite_entropy.data
+++ b/tests/suites/test_suite_entropy.data
@@ -1,3 +1,9 @@
+Entropy init-free-free
+entropy_init_free:0
+
+Entropy init-free-init-free
+entropy_init_free:1
+
Create NV seed_file
nv_seed_file_create:
@@ -7,6 +13,9 @@
Entropy write/update seed file: nonexistent
entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR
+Entropy write/update seed file: base NV seed file
+entropy_write_base_seed_file:0
+
Entropy no sources
entropy_no_sources:
diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function
index d9ea441..e5e88bb 100644
--- a/tests/suites/test_suite_entropy.function
+++ b/tests/suites/test_suite_entropy.function
@@ -134,6 +134,28 @@
* END_DEPENDENCIES
*/
+/* BEGIN_CASE */
+void entropy_init_free( int reinit )
+{
+ mbedtls_entropy_context ctx;
+
+ /* Double free is not explicitly documented to work, but it is convenient
+ * to call mbedtls_entropy_free() unconditionally on an error path without
+ * checking whether it has already been called in the success path. */
+
+ mbedtls_entropy_init( &ctx );
+ mbedtls_entropy_free( &ctx );
+
+ if( reinit )
+ mbedtls_entropy_init( &ctx );
+ mbedtls_entropy_free( &ctx );
+
+ /* This test case always succeeds, functionally speaking. A plausible
+ * bug might trigger an invalid pointer dereference or a memory leak. */
+ goto exit;
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
void entropy_seed_file( char * path, int ret )
{
@@ -149,6 +171,21 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
+void entropy_write_base_seed_file( int ret )
+{
+ mbedtls_entropy_context ctx;
+
+ mbedtls_entropy_init( &ctx );
+
+ TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret );
+ TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret );
+
+exit:
+ mbedtls_entropy_free( &ctx );
+}
+/* END_CASE */
+
/* BEGIN_CASE */
void entropy_no_sources( )
{
@@ -217,6 +254,9 @@
for( j = len; j < sizeof( buf ); j++ )
TEST_ASSERT( acc[j] == 0 );
+
+exit:
+ mbedtls_entropy_free( &ctx );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data
index 212c2f3..2addd23 100644
--- a/tests/suites/test_suite_mpi.data
+++ b/tests/suites/test_suite_mpi.data
@@ -10,21 +10,39 @@
Base test mpi_read_write_string #1
mpi_read_write_string:10:"128":10:"128":100:0:0
+Base test mpi_read_write_string #1 (Leading 0)
+mpi_read_write_string:10:"0128":10:"128":100:0:0
+
Base test mpi_read_write_string #2
mpi_read_write_string:10:"128":16:"80":100:0:0
-Base test mpi_read_write_string #3 (Read zero)
+Base test mpi_read_write_string #3 (Read zero decimal)
mpi_read_write_string:10:"0":10:"0":100:0:0
-Base test mpi_read_write_string #3 (Negative decimal) [#1]
+Base test mpi_read_write_string #3 (Read zero hex)
+mpi_read_write_string:16:"0":16:"00":100:0:0
+
+Base test mpi_read_write_string #3 (Read minus zero decimal)
+mpi_read_write_string:10:"-0":10:"0":100:0:0
+
+Base test mpi_read_write_string #3 (Read minus zero hex)
+mpi_read_write_string:16:"-0":16:"00":100:0:0
+
+Base test mpi_read_write_string #3 (Negative decimal)
mpi_read_write_string:10:"-23":10:"-23":100:0:0
-Base test mpi_read_write_string #3 (Negative hex)
+Base test mpi_read_write_string #3 (Negative decimal, leading 0)
+mpi_read_write_string:10:"-023":10:"-23":100:0:0
+
+Base test mpi_read_write_string #3 (Negative hex -> decimal)
mpi_read_write_string:16:"-20":10:"-32":100:0:0
-Base test mpi_read_write_string #3 (Negative decimal) [#2]
+Base test mpi_read_write_string #3 (Negative hex)
mpi_read_write_string:16:"-23":16:"-23":100:0:0
+Base test mpi_read_write_string #3 (Negative hex, leading 0)
+mpi_read_write_string:16:"-023":16:"-23":100:0:0
+
Base test mpi_read_write_string #4 (Buffer just fits)
mpi_read_write_string:16:"-4":4:"-10":4:0:0
@@ -49,12 +67,18 @@
Test mpi_read_write_string #7
mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0
-Test mpi_read_write_string #8 (Empty MPI -> hex)
-mpi_read_write_string:16:"":16:"00":4:0:0
+Test mpi_read_write_string #8 (Empty MPI hex -> hex)
+mpi_read_write_string:16:"":16:"":4:0:0
-Test mpi_read_write_string #9 (Empty MPI -> dec)
+Test mpi_read_write_string #9 (Empty MPI hex -> dec)
mpi_read_write_string:16:"":10:"0":4:0:0
+Test mpi_read_write_string #8 (Empty MPI dec -> hex)
+mpi_read_write_string:10:"":16:"":4:0:0
+
+Test mpi_read_write_string #9 (Empty MPI dec -> dec)
+mpi_read_write_string:10:"":10:"0":4:0:0
+
Test mpi_write_string #10 (Negative hex with odd number of digits)
mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
@@ -97,6 +121,12 @@
Base test mbedtls_mpi_write_file #1
mbedtls_mpi_write_file:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"data_files/mpi_write"
+Test mbedtls_mpi_lsb: 0 (null)
+mbedtls_mpi_lsb:16:"":0
+
+Test mbedtls_mpi_lsb: 0 (1 limb)
+mbedtls_mpi_lsb:16:"0":0
+
Base test mbedtls_mpi_lsb #1
mbedtls_mpi_lsb:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":2
@@ -127,7 +157,10 @@
Base test mbedtls_mpi_bitlen #6
mbedtls_mpi_bitlen:10:"10":4
-Base test mbedtls_mpi_bitlen #7
+Base test mbedtls_mpi_bitlen: 0 (null)
+mbedtls_mpi_bitlen:10:"":0
+
+Base test mbedtls_mpi_bitlen: 0 (1 limb)
mbedtls_mpi_bitlen:10:"0":0
Base test mbedtls_mpi_cmp_int #1
@@ -175,6 +208,90 @@
Base test mbedtls_mpi_cmp_mpi (Mixed values) #6
mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1
+Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (null)
+mbedtls_mpi_cmp_mpi:10:"":10:"":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"":10:"0":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (null)
+mbedtls_mpi_cmp_mpi:10:"0":10:"":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"0":10:"0":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < positive
+mbedtls_mpi_cmp_mpi:10:"":10:"123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive
+mbedtls_mpi_cmp_mpi:10:"0":10:"123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > negative
+mbedtls_mpi_cmp_mpi:10:"":10:"-123":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative
+mbedtls_mpi_cmp_mpi:10:"0":10:"-123":1
+
+Test mbedtls_mpi_cmp_mpi: positive > 0 (null)
+mbedtls_mpi_cmp_mpi:10:"123":10:"":1
+
+Test mbedtls_mpi_cmp_mpi: positive > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"123":10:"0":1
+
+Test mbedtls_mpi_cmp_mpi: negative < 0 (null)
+mbedtls_mpi_cmp_mpi:10:"-123":10:"":-1
+
+Test mbedtls_mpi_cmp_mpi: negative < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"-123":10:"0":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"":16:"0000000000000000123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"0":16:"0000000000000000123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"":16:"-0000000000000000123":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"0":16:"-0000000000000000123":1
+
+Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (null)
+mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"":1
+
+Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"0":1
+
+Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (null)
+mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"":-1
+
+Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"0":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < large positive
+mbedtls_mpi_cmp_mpi:16:"":16:"1230000000000000000":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < large positive
+mbedtls_mpi_cmp_mpi:16:"0":16:"1230000000000000000":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > large negative
+mbedtls_mpi_cmp_mpi:16:"":16:"-1230000000000000000":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > large negative
+mbedtls_mpi_cmp_mpi:16:"0":16:"-1230000000000000000":1
+
+Test mbedtls_mpi_cmp_mpi: large positive > 0 (null)
+mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"":1
+
+Test mbedtls_mpi_cmp_mpi: large positive > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"0":1
+
+Test mbedtls_mpi_cmp_mpi: large negative < 0 (null)
+mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"":-1
+
+Test mbedtls_mpi_cmp_mpi: large negative < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"0":-1
+
Base test mbedtls_mpi_lt_mpi_ct #1
mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0
@@ -208,6 +325,9 @@
Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage)
mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+Base test mbedtls_mpi_lt_mpi_ct (length=0)
+mbedtls_mpi_lt_mpi_ct:0:"":0:"":0:0
+
Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1
mbedtls_mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0
@@ -280,7 +400,16 @@
Base test mbedtls_mpi_cmp_abs (Negative values) #3
mbedtls_mpi_cmp_abs:10:"-2":10:"-1":1
-Base test mbedtls_mpi_cmp_abs (Zero and Zero) #4
+Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (null)
+mbedtls_mpi_cmp_abs:10:"":10:"":0
+
+Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (1 limb)
+mbedtls_mpi_cmp_abs:10:"":10:"0":0
+
+Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (null)
+mbedtls_mpi_cmp_abs:10:"0":10:"":0
+
+Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (1 limb)
mbedtls_mpi_cmp_abs:10:"0":10:"0":0
Base test mbedtls_mpi_cmp_abs (Mix values) #1
@@ -292,84 +421,261 @@
Base test mbedtls_mpi_cmp_abs (Mix values) #3
mbedtls_mpi_cmp_abs:10:"-2":10:"1":1
-Copy zero (1 limb) to positive (1 limb)
-mbedtls_mpi_copy_sint:0:1500
+Copy large negative to large negative
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
-Copy zero (1 limb) to negative (1 limb)
-mbedtls_mpi_copy_sint:0:-1500
+Copy large negative to large positive
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
-Copy positive (1 limb) to zero (1 limb)
-mbedtls_mpi_copy_sint:1500:0
+Copy large negative to small negative
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-beef"
-Copy negative (1 limb) to zero (1 limb)
-mbedtls_mpi_copy_sint:-1500:0
+Copy large negative to small positive
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"beef"
-Copy positive (1 limb) to negative (1 limb)
-mbedtls_mpi_copy_sint:1500:-42
+Copy large negative to zero (1 limb)
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"0"
-Copy negative (1 limb) to positive (1 limb)
-mbedtls_mpi_copy_sint:-42:1500
+Copy large negative to zero (null)
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":""
+
+Copy large positive to large negative
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Copy large positive to large positive
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Copy large positive to small negative
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-beef"
+
+Copy large positive to small positive
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"beef"
+
+Copy large positive to zero (1 limb)
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"0"
+
+Copy large positive to zero (null)
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":""
+
+Copy small negative to large negative
+mbedtls_mpi_copy:"-bead":"-face1e55ca11ab1ecab005e5"
+
+Copy small negative to large positive
+mbedtls_mpi_copy:"-bead":"face1e55ca11ab1ecab005e5"
+
+Copy small negative to small negative
+mbedtls_mpi_copy:"-bead":"-beef"
+
+Copy small negative to small positive
+mbedtls_mpi_copy:"-bead":"beef"
+
+Copy small negative to zero (1 limb)
+mbedtls_mpi_copy:"-bead":"0"
+
+Copy small negative to zero (null)
+mbedtls_mpi_copy:"-bead":""
+
+Copy small positive to large negative
+mbedtls_mpi_copy:"bead":"-face1e55ca11ab1ecab005e5"
+
+Copy small positive to large positive
+mbedtls_mpi_copy:"bead":"face1e55ca11ab1ecab005e5"
+
+Copy small positive to small negative
+mbedtls_mpi_copy:"bead":"-beef"
+
+Copy small positive to small positive
+mbedtls_mpi_copy:"bead":"beef"
+
+Copy small positive to zero (1 limb)
+mbedtls_mpi_copy:"bead":"0"
+
+Copy small positive to zero (null)
+mbedtls_mpi_copy:"bead":""
+
+Copy zero (1 limb) to large negative
+mbedtls_mpi_copy:"0":"-face1e55ca11ab1ecab005e5"
+
+Copy zero (1 limb) to large positive
+mbedtls_mpi_copy:"0":"face1e55ca11ab1ecab005e5"
+
+Copy zero (1 limb) to small negative
+mbedtls_mpi_copy:"0":"-beef"
+
+Copy zero (1 limb) to small positive
+mbedtls_mpi_copy:"0":"beef"
+
+Copy zero (1 limb) to zero (1 limb)
+mbedtls_mpi_copy:"0":"0"
+
+Copy zero (1 limb) to zero (null)
+mbedtls_mpi_copy:"0":""
+
+Copy zero (null) to large negative
+mbedtls_mpi_copy:"":"-face1e55ca11ab1ecab005e5"
+
+Copy zero (null) to large positive
+mbedtls_mpi_copy:"":"face1e55ca11ab1ecab005e5"
+
+Copy zero (null) to small negative
+mbedtls_mpi_copy:"":"-beef"
+
+Copy zero (null) to small positive
+mbedtls_mpi_copy:"":"beef"
+
+Copy zero (null) to zero (1 limb)
+mbedtls_mpi_copy:"":"0"
Copy zero (null) to zero (null)
-mbedtls_mpi_copy_binary:"":""
+mbedtls_mpi_copy:"":""
-Copy zero (null) to positive (1 limb)
-mbedtls_mpi_copy_binary:"":"1234"
+Copy self: large negative
+mpi_copy_self:"-ca5cadedb01dfaceacc01ade"
-Copy positive (1 limb) to zero (null)
-mbedtls_mpi_copy_binary:"1234":""
+Copy self: large positive
+mpi_copy_self:"ca5cadedb01dfaceacc01ade"
-Copy positive to larger
-mbedtls_mpi_copy_binary:"bead":"ca5cadedb01dfaceacc01ade"
+Copy self: small negative
+mpi_copy_self:"-bead"
-Copy positive to smaller
-mbedtls_mpi_copy_binary:"ca5cadedb01dfaceacc01ade":"bead"
-
-Copy self: positive (1 limb)
-mpi_copy_self:14
+Copy self: small positive
+mpi_copy_self:"bead"
Copy self: zero (1 limb)
-mpi_copy_self:0
+mpi_copy_self:"0"
-Swap zero (1 limb) with positive (1 limb)
-mbedtls_mpi_swap_sint:0:1500
+Copy self: zero (null)
+mpi_copy_self:""
-Swap zero (1 limb) with negative (1 limb)
-mbedtls_mpi_swap_sint:0:-1500
+Swap large negative with large negative
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
-Swap positive (1 limb) with zero (1 limb)
-mbedtls_mpi_swap_sint:1500:0
+Swap large negative with large positive
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
-Swap negative (1 limb) with zero (1 limb)
-mbedtls_mpi_swap_sint:-1500:0
+Swap large negative with small negative
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-beef"
-Swap positive (1 limb) with negative (1 limb)
-mbedtls_mpi_swap_sint:1500:-42
+Swap large negative with small positive
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"beef"
-Swap negative (1 limb) with positive (1 limb)
-mbedtls_mpi_swap_sint:-42:1500
+Swap large negative with zero (1 limb)
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"0"
+
+Swap large negative with zero (null)
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":""
+
+Swap large positive with large negative
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Swap large positive with large positive
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Swap large positive with small negative
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-beef"
+
+Swap large positive with small positive
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"beef"
+
+Swap large positive with zero (1 limb)
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"0"
+
+Swap large positive with zero (null)
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":""
+
+Swap small negative with large negative
+mbedtls_mpi_swap:"-bead":"-face1e55ca11ab1ecab005e5"
+
+Swap small negative with large positive
+mbedtls_mpi_swap:"-bead":"face1e55ca11ab1ecab005e5"
+
+Swap small negative with small negative
+mbedtls_mpi_swap:"-bead":"-beef"
+
+Swap small negative with small positive
+mbedtls_mpi_swap:"-bead":"beef"
+
+Swap small negative with zero (1 limb)
+mbedtls_mpi_swap:"-bead":"0"
+
+Swap small negative with zero (null)
+mbedtls_mpi_swap:"-bead":""
+
+Swap small positive with large negative
+mbedtls_mpi_swap:"bead":"-face1e55ca11ab1ecab005e5"
+
+Swap small positive with large positive
+mbedtls_mpi_swap:"bead":"face1e55ca11ab1ecab005e5"
+
+Swap small positive with small negative
+mbedtls_mpi_swap:"bead":"-beef"
+
+Swap small positive with small positive
+mbedtls_mpi_swap:"bead":"beef"
+
+Swap small positive with zero (1 limb)
+mbedtls_mpi_swap:"bead":"0"
+
+Swap small positive with zero (null)
+mbedtls_mpi_swap:"bead":""
+
+Swap zero (1 limb) with large negative
+mbedtls_mpi_swap:"0":"-face1e55ca11ab1ecab005e5"
+
+Swap zero (1 limb) with large positive
+mbedtls_mpi_swap:"0":"face1e55ca11ab1ecab005e5"
+
+Swap zero (1 limb) with small negative
+mbedtls_mpi_swap:"0":"-beef"
+
+Swap zero (1 limb) with small positive
+mbedtls_mpi_swap:"0":"beef"
+
+Swap zero (1 limb) with zero (1 limb)
+mbedtls_mpi_swap:"0":"0"
+
+Swap zero (1 limb) with zero (null)
+mbedtls_mpi_swap:"0":""
+
+Swap zero (null) with large negative
+mbedtls_mpi_swap:"":"-face1e55ca11ab1ecab005e5"
+
+Swap zero (null) with large positive
+mbedtls_mpi_swap:"":"face1e55ca11ab1ecab005e5"
+
+Swap zero (null) with small negative
+mbedtls_mpi_swap:"":"-beef"
+
+Swap zero (null) with small positive
+mbedtls_mpi_swap:"":"beef"
+
+Swap zero (null) with zero (1 limb)
+mbedtls_mpi_swap:"":"0"
Swap zero (null) with zero (null)
-mbedtls_mpi_swap_binary:"":""
+mbedtls_mpi_swap:"":""
-Swap zero (null) with positive (1 limb)
-mbedtls_mpi_swap_binary:"":"1234"
+Swap self: large negative
+mpi_swap_self:"-ca5cadedb01dfaceacc01ade"
-Swap positive (1 limb) with zero (null)
-mbedtls_mpi_swap_binary:"1234":""
+Swap self: large positive
+mpi_swap_self:"ca5cadedb01dfaceacc01ade"
-Swap positive with larger
-mbedtls_mpi_swap_binary:"bead":"ca5cadedb01dfaceacc01ade"
+Swap self: small negative
+mpi_swap_self:"-bead"
-Swap positive with smaller
-mbedtls_mpi_swap_binary:"ca5cadedb01dfaceacc01ade":"bead"
+Swap self: small positive
+mpi_swap_self:"bead"
-Swap self: 1 limb
-mpi_swap_self:"face"
+Swap self: zero (1 limb)
+mpi_swap_self:"0"
-Swap self: null
+Swap self: zero (null)
mpi_swap_self:""
+Shrink 0 limbs in a buffer of size 0 to 0
+mbedtls_mpi_shrink:0:0:0:0
+
Shrink 2 limbs in a buffer of size 2 to 4
mbedtls_mpi_shrink:2:2:4:4
@@ -394,42 +700,6 @@
Shrink 0 limbs in a buffer of size 4 to 0 yielding 1
mbedtls_mpi_shrink:4:0:0:1
-Test mbedtls_mpi_safe_cond_assign #1
-mbedtls_mpi_safe_cond_assign:+1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #2
-mbedtls_mpi_safe_cond_assign:+1:"FF000000000000000001":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #3
-mbedtls_mpi_safe_cond_assign:+1:"01":+1:"FF000000000000000002"
-
-Test mbedtls_mpi_safe_cond_assign #4
-mbedtls_mpi_safe_cond_assign:+1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #5
-mbedtls_mpi_safe_cond_assign:-1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #6
-mbedtls_mpi_safe_cond_assign:-1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #1
-mbedtls_mpi_safe_cond_swap:+1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #2
-mbedtls_mpi_safe_cond_swap:+1:"FF000000000000000001":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #3
-mbedtls_mpi_safe_cond_swap:+1:"01":+1:"FF000000000000000002"
-
-Test mbedtls_mpi_safe_cond_swap #4
-mbedtls_mpi_safe_cond_swap:+1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #5
-mbedtls_mpi_safe_cond_swap:-1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #6
-mbedtls_mpi_safe_cond_swap:-1:"01":-1:"02"
-
Base test mbedtls_mpi_add_abs #1
mbedtls_mpi_add_abs:10:"12345678":10:"642531":10:"12988209"
@@ -442,6 +712,15 @@
Base test mbedtls_mpi_add_abs #4
mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209"
+Test mbedtls_mpi_add_abs: 0 (null) + 0 (null)
+mbedtls_mpi_add_abs:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_add_abs: 0 (null) + 1
+mbedtls_mpi_add_abs:16:"":16:"01":16:"01"
+
+Test mbedtls_mpi_add_abs: 1 + 0 (null)
+mbedtls_mpi_add_abs:16:"01":16:"":16:"01"
+
Test mbedtls_mpi_add_abs #1
mbedtls_mpi_add_abs:10:"-643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"
@@ -463,6 +742,21 @@
Base test mbedtls_mpi_add_mpi #4
mbedtls_mpi_add_mpi:10:"-12345678":10:"-642531":10:"-12988209"
+Test mbedtls_mpi_add_mpi: 0 (null) + 0 (null)
+mbedtls_mpi_add_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + 1
+mbedtls_mpi_add_mpi:16:"":16:"01":16:"01"
+
+Test mbedtls_mpi_add_mpi: 1 + 0 (null)
+mbedtls_mpi_add_mpi:16:"01":16:"":16:"01"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + -1
+mbedtls_mpi_add_mpi:16:"":16:"-01":16:"-01"
+
+Test mbedtls_mpi_add_mpi: -1 + 0 (null)
+mbedtls_mpi_add_mpi:16:"-01":16:"":16:"-01"
+
Test mbedtls_mpi_add_mpi #1
mbedtls_mpi_add_mpi:10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"735829167410606161590850601304167976688497607296479119740072111384235241328747126510065763883532084601487937110881909725679916932621242907172467691556475037071866553361927361439411910627880345885122142692610250903804554267860479115964668998643528806263534149325837971432443181537363155848647445226342"
@@ -484,18 +778,36 @@
Test mbedtls_mpi_add_int #2
mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
-Base test mbedtls_mpi_sub_abs #1 (Test with larger second input)
+Test mbedtls_mpi_add_int: 0 (null) + 0
+mbedtls_mpi_add_int:16:"":0:16:"0"
+
+Test mbedtls_mpi_add_int: 0 (null) + 1
+mbedtls_mpi_add_int:16:"":1:16:"1"
+
+Base test mbedtls_mpi_sub_abs #1 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-Base test mbedtls_mpi_sub_abs #2 (Test with larger second input)
+Base test mbedtls_mpi_sub_abs #2 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"-5":10:"-7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-Base test mbedtls_mpi_sub_abs #3 (Test with larger second input)
+Base test mbedtls_mpi_sub_abs #3 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"-5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-Base test mbedtls_mpi_sub_abs #4 (Test with larger second input)
+Base test mbedtls_mpi_sub_abs #4 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"5":10:"-7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+Base test mbedtls_mpi_sub_abs #1 (|B| >> |A| with more limbs)
+mbedtls_mpi_sub_abs:10:"5":16:"123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #2 (|B| >> |A| with more limbs)
+mbedtls_mpi_sub_abs:10:"-5":16:"-123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #3 (|B| >> |A| with more limbs)
+mbedtls_mpi_sub_abs:10:"-5":16:"123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #4 (|B| >> |A| with more limbs)
+mbedtls_mpi_sub_abs:10:"5":16:"-123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Base test mbedtls_mpi_sub_abs #1
mbedtls_mpi_sub_abs:10:"7":10:"5":10:"2":0
@@ -508,6 +820,24 @@
Base test mbedtls_mpi_sub_abs #4
mbedtls_mpi_sub_abs:10:"7":10:"-5":10:"2":0
+Test mbedtls_mpi_sub_abs: 0 (null) - 0 (null)
+mbedtls_mpi_sub_abs:16:"":16:"":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 0 (1 limb)
+mbedtls_mpi_sub_abs:16:"":16:"00":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (null)
+mbedtls_mpi_sub_abs:16:"00":16:"":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (1 limb)
+mbedtls_mpi_sub_abs:16:"00":16:"00":16:"":0
+
+Test mbedtls_mpi_sub_abs: 1 - 0 (null)
+mbedtls_mpi_sub_abs:16:"01":16:"":16:"01":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 1
+mbedtls_mpi_sub_abs:16:"":16:"01":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Test mbedtls_mpi_sub_abs #1
mbedtls_mpi_sub_abs:16:"FFFFFFFFFF":16:"01":16:"FFFFFFFFFE":0
@@ -532,6 +862,27 @@
Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction)
mbedtls_mpi_sub_mpi:10:"5":10:"-7":10:"12"
+Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (null)
+mbedtls_mpi_sub_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (1 limb)
+mbedtls_mpi_sub_mpi:16:"":16:"00":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 1
+mbedtls_mpi_sub_mpi:16:"":16:"1":16:"-1"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - -1
+mbedtls_mpi_sub_mpi:16:"":16:"-1":16:"1"
+
+Test mbedtls_mpi_sub_mpi: 0 (1 limb) - 0 (null)
+mbedtls_mpi_sub_mpi:16:"00":16:"":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 1 - 0 (null)
+mbedtls_mpi_sub_mpi:16:"1":16:"":16:"1"
+
+Test mbedtls_mpi_sub_mpi: -1 - 0 (null)
+mbedtls_mpi_sub_mpi:16:"-1":16:"":16:"-1"
+
Test mbedtls_mpi_sub_mpi #1
mbedtls_mpi_sub_mpi:10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"327915410697802206779318867446098822128109620667782593550526818477669115883344571244192531757243908254863191345527661966602498132304629772495811133247475640339722739829047287290977675016498600299425844468565678239514801901107826091797519355347660820341034314686165532823894621049756947818646317646096"
@@ -544,12 +895,30 @@
Test mbedtls_mpi_sub_int #2
mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
+Test mbedtls_mpi_sub_int: 0 (null) - 0
+mbedtls_mpi_sub_int:16:"":0:16:"0"
+
+Test mbedtls_mpi_sub_int: 0 (null) - 1
+mbedtls_mpi_sub_int:16:"":1:16:"-1"
+
+Test mbedtls_mpi_sub_int: 0 (null) - -1
+mbedtls_mpi_sub_int:16:"":-1:16:"1"
+
Test mbedtls_mpi_shift_l #1
mbedtls_mpi_shift_l:10:"64":1:10:"128"
Test mbedtls_mpi_shift_l #2
mbedtls_mpi_shift_l:10:"658385546911733550164516088405238961461880256029834598831972039469421755117818013653494814438931957316403111689187691446941406788869098983929874080332195117465344344350008880118042764943201875870917468833709791733282363323948005998269792207":37:10:"90487820548639020691922304619723076305400961610119884872723190678642804168382367856686134531865643066983017249846286450251272364365605022750900439437595355052945035915579216557330505438734955340526145476988250171181404966718289259743378883640981192704"
+Test mbedtls_mpi_shift_l: 0 (null) <<= 0
+mbedtls_mpi_shift_l:16:"":0:16:"0"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 1
+mbedtls_mpi_shift_l:16:"":1:16:"0"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 64
+mbedtls_mpi_shift_l:16:"":64:16:"0"
+
Test mbedtls_mpi_shift_r #1
mbedtls_mpi_shift_r:10:"128":1:10:"64"
@@ -568,6 +937,15 @@
Test mbedtls_mpi_shift_r #7
mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":128:16:"00"
+Test mbedtls_mpi_shift_r: 0 (null) >>= 0
+mbedtls_mpi_shift_r:16:"":0:16:"0"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 1
+mbedtls_mpi_shift_r:16:"":1:16:"0"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 64
+mbedtls_mpi_shift_r:16:"":64:16:"0"
+
Base test mbedtls_mpi_mul_mpi #1
mbedtls_mpi_mul_mpi:10:"5":10:"7":10:"35"
@@ -580,8 +958,131 @@
Base test mbedtls_mpi_mul_mpi #4
mbedtls_mpi_mul_mpi:10:"-5":10:"-7":10:"35"
+Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (null)
+mbedtls_mpi_mul_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (1 limb)
+mbedtls_mpi_mul_mpi:16:"":16:"00":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 1
+mbedtls_mpi_mul_mpi:16:"":16:"01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * -1
+mbedtls_mpi_mul_mpi:16:"":16:"-01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1
+mbedtls_mpi_mul_mpi:16:"00":16:"-01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null)
+mbedtls_mpi_mul_mpi:16:"00":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 1 * 0 (null)
+mbedtls_mpi_mul_mpi:16:"01":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: -1 * 0 (null)
+mbedtls_mpi_mul_mpi:16:"-01":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb)
+mbedtls_mpi_mul_mpi:16:"-01":16:"00":16:"0"
+
Test mbedtls_mpi_mul_mpi #1
-mbedtls_mpi_mul_mpi:10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188761"
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, B < 0
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, B < 0
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
Test mbedtls_mpi_mul_int #1
mbedtls_mpi_mul_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"=="
@@ -595,15 +1096,45 @@
Test mbedtls_mpi_mul_int #4 (Unsigned, thus failure)
mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"!="
+Test mbedtls_mpi_mul_int: 0 (null) * 0
+mbedtls_mpi_mul_int:16:"":0:16:"":"=="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 1
+mbedtls_mpi_mul_int:16:"":1:16:"":"=="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 0x1234
+mbedtls_mpi_mul_int:16:"":0x1234:16:"":"=="
+
Base test mbedtls_mpi_div_mpi #1
mbedtls_mpi_div_mpi:10:"1000":10:"13":10:"76":10:"12":0
-Base test mbedtls_mpi_div_mpi #2 (Divide by zero)
+Base test mbedtls_mpi_div_mpi #2 (Divide by zero (1 limb))
mbedtls_mpi_div_mpi:10:"1000":10:"0":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+Base test mbedtls_mpi_div_mpi #2 (Divide by zero (null))
+mbedtls_mpi_div_mpi:10:"1000":10:"":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
Base test mbedtls_mpi_div_mpi #3
mbedtls_mpi_div_mpi:10:"1000":10:"-13":10:"-76":10:"12":0
+Test mbedtls_mpi_div_mpi: 0 (null) / 0 (null)
+mbedtls_mpi_div_mpi:16:"":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 0 (1 limb)
+mbedtls_mpi_div_mpi:16:"":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (null)
+mbedtls_mpi_div_mpi:16:"0":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (1 limb)
+mbedtls_mpi_div_mpi:16:"0":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 1
+mbedtls_mpi_div_mpi:16:"":16:"1":16:"":16:"":0
+
+Test mbedtls_mpi_div_mpi: 0 (null) / -1
+mbedtls_mpi_div_mpi:16:"":16:"-1":16:"":16:"":0
+
Test mbedtls_mpi_div_mpi #1
mbedtls_mpi_div_mpi:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":10:"34":10:"592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
@@ -631,10 +1162,22 @@
Test mbedtls_mpi_div_int #2
mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":-34:10:"-592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
+Test mbedtls_mpi_div_int: 0 (null) / 0
+mbedtls_mpi_div_int:16:"":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_int: 0 (1 limb) / 0
+mbedtls_mpi_div_int:16:"00":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_int: 0 (null) / 1
+mbedtls_mpi_div_int:16:"":1:16:"":16:"":0
+
Base test mbedtls_mpi_mod_mpi #1
mbedtls_mpi_mod_mpi:10:"1000":10:"13":10:"12":0
-Base test mbedtls_mpi_mod_mpi #2 (Divide by zero)
+Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (null))
+mbedtls_mpi_mod_mpi:10:"1000":10:"":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (1 limb))
mbedtls_mpi_mod_mpi:10:"1000":10:"0":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
Base test mbedtls_mpi_mod_mpi #3
@@ -646,6 +1189,12 @@
Base test mbedtls_mpi_mod_mpi #5 (Negative modulo)
mbedtls_mpi_mod_mpi:10:"-1000":10:"-13":10:"-12":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+Test mbedtls_mpi_mod_mpi: 0 (null) % 1
+mbedtls_mpi_mod_mpi:16:"":16:"1":16:"":0
+
+Test mbedtls_mpi_mod_mpi: 0 (null) % -1
+mbedtls_mpi_mod_mpi:16:"":16:"-1":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Base test mbedtls_mpi_mod_int #1
mbedtls_mpi_mod_int:10:"1000":13:12:0
@@ -670,32 +1219,103 @@
Base test mbedtls_mpi_mod_int #8 (By 2)
mbedtls_mpi_mod_int:10:"1000":2:0:0
+Test mbedtls_mpi_mod_int: 0 (null) % 1
+mbedtls_mpi_mod_int:16:"":1:0:0
+
+Test mbedtls_mpi_mod_int: 0 (null) % -1
+mbedtls_mpi_mod_int:16:"":-1:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Base test mbedtls_mpi_exp_mod #1
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"":10:"24":0
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"24":0
Base test mbedtls_mpi_exp_mod #2 (Even N)
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_exp_mod #2 (N = 0 (null))
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Base test mbedtls_mpi_exp_mod #3 (Negative N)
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Base test mbedtls_mpi_exp_mod #4 (Negative base)
-mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"":10:"5":0
+mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"5":0
Base test mbedtls_mpi_exp_mod #5 (Negative exponent)
-mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-Base test mbedtls_mpi_exp_mod #7 (Negative base + exponent)
-mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent)
+mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 1 mod 9
+mbedtls_mpi_exp_mod:16:"":16:"01":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 2 mod 9
+mbedtls_mpi_exp_mod:16:"":16:"02":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 1 mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"01":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 2 mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"02":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 1 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"01":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 4 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"04":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 10 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"0a":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 1 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"01":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 4 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"04":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 10 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"0a":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE exponent
+mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:10:"":0
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent
+mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:10:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE modulus
+mbedtls_mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE:10:"":0
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 modulus
+mbedtls_mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE + 1:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE exponent and modulus
+mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:10:"":0
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent and modulus
+mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:MBEDTLS_MPI_MAX_SIZE + 1:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Test mbedtls_mpi_exp_mod #1
-mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0
+depends_on:MPI_MAX_BITS_LARGER_THAN_792
+mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0
Test mbedtls_mpi_exp_mod (Negative base) [#1]
-mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"":10:"1":0
+mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"1":0
Test mbedtls_mpi_exp_mod (Negative base) [#2]
-mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
+depends_on:MPI_MAX_BITS_LARGER_THAN_792
+mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
Base test GCD #1
mbedtls_mpi_gcd:10:"693":10:"609":10:"21"
@@ -706,24 +1326,105 @@
Base test GCD #3
mbedtls_mpi_gcd:10:"768454923":10:"542167814":10:"1"
-Test GCD #1
+Test GCD: 0 (null), 0 (null)
+mbedtls_mpi_gcd:16:"":16:"":16:"0"
+
+Test GCD: 0 (null), 0 (1 limb)
+mbedtls_mpi_gcd:16:"":16:"00":16:"0"
+
+Test GCD: 0 (null), 3
+mbedtls_mpi_gcd:16:"":16:"03":16:"3"
+
+Test GCD: 0 (null), 6
+mbedtls_mpi_gcd:16:"":16:"06":16:"6"
+
+Test GCD: 0 (1 limb), 0 (null)
+mbedtls_mpi_gcd:16:"00":16:"":16:"0"
+
+Test GCD: 0 (1 limb), 3
+mbedtls_mpi_gcd:16:"00":16:"03":16:"3"
+
+Test GCD: 0 (1 limb), 6
+mbedtls_mpi_gcd:16:"00":16:"06":16:"6"
+
+Test GCD: 3, 0 (null)
+mbedtls_mpi_gcd:16:"03":16:"":16:"3"
+
+Test GCD: 3, 0 (1 limb)
+mbedtls_mpi_gcd:16:"03":16:"00":16:"3"
+
+Test GCD: 6, 0 (null)
+mbedtls_mpi_gcd:16:"06":16:"":16:"6"
+
+Test GCD: 6, 0 (1 limb)
+mbedtls_mpi_gcd:16:"06":16:"00":16:"6"
+
+Test GCD: gcd=1, 0 < A < B
mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+Test GCD: gcd=1, 0 < B < A
+mbedtls_mpi_gcd:10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"1"
+
+Test GCD: gcd=1, A > 0, B < 0
+mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=1, A < 0 < B, |A| < |B|
+mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=1, B < A < 0
+mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=2, 0 < A < B
+mbedtls_mpi_gcd:10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"2"
+
+Test GCD: gcd=2, 0 < B < A
+mbedtls_mpi_gcd:10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"2"
+
+Test GCD: gcd=3, 0 < A < B
+mbedtls_mpi_gcd:10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"3"
+
+Test GCD: gcd=3, 0 < B < A
+mbedtls_mpi_gcd:10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"3"
+
+Test GCD: gcd=4, 0 < A < B
+mbedtls_mpi_gcd:10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"4"
+
+Test GCD: gcd=4, 0 < B < A
+mbedtls_mpi_gcd:10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"4"
+
+Test GCD: gcd=6, 0 < A < B
+mbedtls_mpi_gcd:10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"6"
+
+Test GCD: gcd=6, 0 < B < A
+mbedtls_mpi_gcd:10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"6"
+
+Test GCD: 0 < A = B
+mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847"
+
Base test mbedtls_mpi_inv_mod #1
mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0
-Base test mbedtls_mpi_inv_mod #2
+Test mbedtls_mpi_inv_mod: mod 0 (null)
+mbedtls_mpi_inv_mod:10:"3":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_inv_mod: mod 0 (1 limb)
mbedtls_mpi_inv_mod:10:"3":10:"0":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-Base test mbedtls_mpi_inv_mod #3
+Test mbedtls_mpi_inv_mod: mod negative
mbedtls_mpi_inv_mod:10:"3":10:"-11":10:"4":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-Base test mbedtls_mpi_inv_mod #4
+Test mbedtls_mpi_inv_mod: 2^-1 mod 4
mbedtls_mpi_inv_mod:10:"2":10:"4":10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-Base test mbedtls_mpi_inv_mod #5
+Test mbedtls_mpi_inv_mod: mod 1
mbedtls_mpi_inv_mod:10:"3":10:"1":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+Test mbedtls_mpi_inv_mod: 0 (null) ^-1
+mbedtls_mpi_inv_mod:16:"":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_inv_mod: 0 (1 limb) ^-1
+mbedtls_mpi_inv_mod:16:"00":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
Test mbedtls_mpi_inv_mod #1
mbedtls_mpi_inv_mod:16:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":16:"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":16:"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0
@@ -908,6 +1609,9 @@
Test bit getting (Larger and non-existing limb)
mbedtls_mpi_get_bit:10:"49979687":500:0
+Test bit getting in 0 (null)
+mbedtls_mpi_get_bit:10:"":500:0
+
Test bit getting (Value bit 24)
mbedtls_mpi_get_bit:10:"49979687":24:0
@@ -926,6 +1630,12 @@
Test bit set (Add above existing limbs with a 1)
mbedtls_mpi_set_bit:10:"49979687":80:1:10:"1208925819614629224685863":0
+Test bit set (Add to 0 (null) with a 0)
+mbedtls_mpi_set_bit:16:"":65:0:16:"":0
+
+Test bit set (Add to 0 (null) with a 1)
+mbedtls_mpi_set_bit:16:"":65:1:16:"020000000000000000":0
+
Test bit set (Bit index larger than 31 with a 0)
mbedtls_mpi_set_bit:16:"FFFFFFFFFFFFFFFF":32:0:16:"FFFFFFFEFFFFFFFF":0
@@ -935,6 +1645,248 @@
Test bit set (Invalid bit value)
mbedtls_mpi_set_bit:16:"00":5:2:16:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+Fill random: 0 bytes
+mpi_fill_random:0:0:0:0
+
+Fill random: 1 byte, good
+mpi_fill_random:1:1:0:0
+
+Fill random: 2 bytes, good, no leading zero
+mpi_fill_random:2:2:0:0
+
+Fill random: 2 bytes, good, 1 leading zero
+mpi_fill_random:2:256:0:0
+
+Fill random: MAX_SIZE - 7, good
+mpi_fill_random:MBEDTLS_MPI_MAX_SIZE - 7:MBEDTLS_MPI_MAX_SIZE - 7:0:0
+
+Fill random: MAX_SIZE, good
+mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:0:0
+
+Fill random: 0 bytes, previously small >0
+mpi_fill_random:0:0:1:0
+
+Fill random: 0 bytes, previously small <0
+mpi_fill_random:0:0:-1:0
+
+Fill random: 0 bytes, previously large >0
+mpi_fill_random:0:0:65:0
+
+Fill random: 0 bytes, previously large <0
+mpi_fill_random:0:0:-65:0
+
+Fill random: 1 byte, previously small >0
+mpi_fill_random:1:1:1:0
+
+Fill random: 1 byte, previously small <0
+mpi_fill_random:1:1:-1:0
+
+Fill random: 1 byte, previously large >0
+mpi_fill_random:1:1:65:0
+
+Fill random: 1 byte, previously large <0
+mpi_fill_random:1:1:-65:0
+
+Fill random: 9 bytes, previously small >0
+mpi_fill_random:1:1:1:0
+
+Fill random: 9 bytes, previously small <0
+mpi_fill_random:1:1:-1:0
+
+Fill random: 1 byte, RNG failure
+mpi_fill_random:1:0:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 2 bytes, RNG failure after 1 byte
+mpi_fill_random:2:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 4 bytes, RNG failure after 3 bytes
+mpi_fill_random:4:3:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 8 bytes, RNG failure after 7 bytes
+mpi_fill_random:8:7:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 16 bytes, RNG failure after 1 bytes
+mpi_fill_random:16:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 16 bytes, RNG failure after 8 bytes
+mpi_fill_random:16:8:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 16 bytes, RNG failure after 15 bytes
+mpi_fill_random:16:15:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: MAX_SIZE bytes, RNG failure after MAX_SIZE-1 bytes
+mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+MPI random in range: 1..2
+mpi_random_many:1:"02":1000
+
+MPI random in range: 1..3
+mpi_random_many:1:"03":1000
+
+MPI random in range: 1..4
+mpi_random_many:1:"04":1000
+
+MPI random in range: 1..5
+mpi_random_many:1:"05":1000
+
+MPI random in range: 1..6
+mpi_random_many:1:"06":1000
+
+MPI random in range: 1..7
+mpi_random_many:1:"07":1000
+
+MPI random in range: 1..8
+mpi_random_many:1:"08":1000
+
+MPI random in range: 1..9
+mpi_random_many:1:"09":1000
+
+MPI random in range: 1..10
+mpi_random_many:1:"0a":1000
+
+MPI random in range: 1..11
+mpi_random_many:1:"0b":1000
+
+MPI random in range: 1..12
+mpi_random_many:1:"0c":1000
+
+MPI random in range: 1..255
+mpi_random_many:1:"ff":100
+
+MPI random in range: 1..256
+mpi_random_many:1:"0100":100
+
+MPI random in range: 1..257
+mpi_random_many:1:"0101":100
+
+MPI random in range: 1..272
+mpi_random_many:1:"0110":100
+
+MPI random in range: 1..2^64-1
+mpi_random_many:1:"ffffffffffffffff":100
+
+MPI random in range: 1..2^64
+mpi_random_many:1:"010000000000000000":100
+
+MPI random in range: 1..2^64+1
+mpi_random_many:1:"010000000000000001":100
+
+MPI random in range: 1..2^64+2^63
+mpi_random_many:1:"018000000000000000":100
+
+MPI random in range: 1..2^65-1
+mpi_random_many:1:"01ffffffffffffffff":100
+
+MPI random in range: 1..2^65
+mpi_random_many:1:"020000000000000000":100
+
+MPI random in range: 1..2^65+1
+mpi_random_many:1:"020000000000000001":100
+
+MPI random in range: 1..2^65+2^64
+mpi_random_many:1:"030000000000000000":100
+
+MPI random in range: 1..2^66+2^65
+mpi_random_many:1:"060000000000000000":100
+
+MPI random in range: 1..2^71-1
+mpi_random_many:1:"7fffffffffffffffff":100
+
+MPI random in range: 1..2^71
+mpi_random_many:1:"800000000000000000":100
+
+MPI random in range: 1..2^71+1
+mpi_random_many:1:"800000000000000001":100
+
+MPI random in range: 1..2^71+2^70
+mpi_random_many:1:"c00000000000000000":100
+
+MPI random in range: 1..2^72-1
+mpi_random_many:1:"ffffffffffffffffff":100
+
+MPI random in range: 1..2^72
+mpi_random_many:1:"01000000000000000000":100
+
+MPI random in range: 1..2^72+1
+mpi_random_many:1:"01000000000000000001":100
+
+MPI random in range: 1..2^72+2^71
+mpi_random_many:1:"01800000000000000000":100
+
+MPI random in range: 0..1
+mpi_random_many:0:"04":10000
+
+MPI random in range: 0..4
+mpi_random_many:0:"04":10000
+
+MPI random in range: 2..4
+mpi_random_many:2:"04":10000
+
+MPI random in range: 3..4
+mpi_random_many:3:"04":10000
+
+MPI random in range: smaller result
+mpi_random_sizes:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1:0
+
+MPI random in range: same size result (32-bit limbs)
+mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":2:0
+
+MPI random in range: same size result (64-bit limbs)
+mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":1:0
+
+MPI random in range: larger result
+mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":3:0
+
+## The "0 limb in upper bound" tests rely on the fact that
+## mbedtls_mpi_read_binary() bases the size of the MPI on the size of
+## the input, without first checking for leading zeros. If this was
+## not the case, the tests would still pass, but would not exercise
+## the advertised behavior.
+MPI random in range: leading 0 limb in upper bound #0
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":0:0
+
+MPI random in range: leading 0 limb in upper bound #1
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":1:0
+
+MPI random in range: leading 0 limb in upper bound #2
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":2:0
+
+MPI random in range: leading 0 limb in upper bound #3
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":3:0
+
+MPI random in range: leading 0 limb in upper bound #4
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":4:0
+
+MPI random in range: previously small >0
+mpi_random_sizes:1:"1234567890":4:1
+
+MPI random in range: previously small <0
+mpi_random_sizes:1:"1234567890":4:-1
+
+MPI random in range: previously large >0
+mpi_random_sizes:1:"1234":4:65
+
+MPI random in range: previously large <0
+mpi_random_sizes:1:"1234":4:-65
+
+MPI random bad arguments: min < 0
+mpi_random_fail:-1:"04":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min = N = 0
+mpi_random_fail:0:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min = N = 1
+mpi_random_fail:1:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min > N = 0
+mpi_random_fail:1:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min > N = 1
+mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min > N = 1, 0 limb in upper bound
+mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
MPI Selftest
depends_on:MBEDTLS_SELF_TEST
mpi_selftest:
diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index 8436742..360916a 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -1,5 +1,22 @@
/* BEGIN_HEADER */
#include "mbedtls/bignum.h"
+#include "mbedtls/entropy.h"
+
+#if MBEDTLS_MPI_MAX_BITS > 792
+#define MPI_MAX_BITS_LARGER_THAN_792
+#endif
+
+/* Check the validity of the sign bit in an MPI object. Reject representations
+ * that are not supported by the rest of the library and indicate a bug when
+ * constructing the value. */
+static int sign_is_valid( const mbedtls_mpi *X )
+{
+ if( X->s != 1 && X->s != -1 )
+ return( 0 ); // invalid sign bit, e.g. 0
+ if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 )
+ return( 0 ); // negative zero
+ return( 1 );
+}
typedef struct mbedtls_test_mpi_random
{
@@ -43,6 +60,66 @@
return( 0 );
}
+
+/* Random generator that is told how many bytes to return. */
+static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len )
+{
+ size_t *bytes_left = state;
+ size_t i;
+ for( i = 0; i < len; i++ )
+ {
+ if( *bytes_left == 0 )
+ return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+ buf[i] = *bytes_left & 0xff;
+ --( *bytes_left );
+ }
+ return( 0 );
+}
+
+/* Test whether bytes represents (in big-endian base 256) a number b that
+ * is significantly above a power of 2. That is, b must not have a long run
+ * of unset bits after the most significant bit.
+ *
+ * Let n be the bit-size of b, i.e. the integer such that 2^n <= b < 2^{n+1}.
+ * This function returns 1 if, when drawing a number between 0 and b,
+ * the probability that this number is at least 2^n is not negligible.
+ * This probability is (b - 2^n) / b and this function checks that this
+ * number is above some threshold A. The threshold value is heuristic and
+ * based on the needs of mpi_random_many().
+ */
+static int is_significantly_above_a_power_of_2( data_t *bytes )
+{
+ const uint8_t *p = bytes->x;
+ size_t len = bytes->len;
+ unsigned x;
+
+ /* Skip leading null bytes */
+ while( len > 0 && p[0] == 0 )
+ {
+ ++p;
+ --len;
+ }
+ /* 0 is not significantly above a power of 2 */
+ if( len == 0 )
+ return( 0 );
+ /* Extract the (up to) 2 most significant bytes */
+ if( len == 1 )
+ x = p[0];
+ else
+ x = ( p[0] << 8 ) | p[1];
+
+ /* Shift the most significant bit of x to position 8 and mask it out */
+ while( ( x & 0xfe00 ) != 0 )
+ x >>= 1;
+ x &= 0x00ff;
+
+ /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above
+ * a power of 2 iff x is significantly above 0 compared to 2^8.
+ * Testing x >= 2^4 amounts to picking A = 1/16 in the function
+ * description above. */
+ return( x >= 0x10 );
+}
+
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -300,6 +377,7 @@
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read );
if( result_read == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write );
if( result_write == 0 )
{
@@ -324,6 +402,7 @@
TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 );
TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
@@ -343,6 +422,7 @@
TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 );
TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
@@ -364,7 +444,7 @@
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
buflen = mbedtls_mpi_size( &X );
if( buflen > (size_t) output_size )
@@ -396,7 +476,7 @@
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
buflen = mbedtls_mpi_size( &X );
if( buflen > (size_t) output_size )
@@ -437,6 +517,7 @@
if( result == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
buflen = mbedtls_mpi_size( &X );
TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 );
@@ -460,7 +541,7 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
file_out = fopen( output_file, "w" );
TEST_ASSERT( file_out != NULL );
@@ -486,7 +567,7 @@
{
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val );
exit:
@@ -501,12 +582,13 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, output_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, output_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result );
if( result == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
}
@@ -521,7 +603,7 @@
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits );
exit:
@@ -535,7 +617,7 @@
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits );
exit:
@@ -550,10 +632,11 @@
mbedtls_mpi A, X, Y, Z;
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -582,8 +665,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A );
exit:
@@ -601,8 +684,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 );
@@ -623,8 +706,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A );
exit:
@@ -633,55 +716,125 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_copy_sint( int input_X, int input_Y )
+void mbedtls_mpi_copy( char *src_hex, char *dst_hex )
{
- mbedtls_mpi X, Y;
+ mbedtls_mpi src, dst, ref;
+ mbedtls_mpi_init( &src );
+ mbedtls_mpi_init( &dst );
+ mbedtls_mpi_init( &ref );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &src, 16, src_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ref, 16, dst_hex ) == 0 );
+
+ /* mbedtls_mpi_copy() */
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_assign(), assignment done */
+ mbedtls_mpi_free( &dst );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_assign(), assignment not done */
+ mbedtls_mpi_free( &dst );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 );
+
+exit:
+ mbedtls_mpi_free( &src );
+ mbedtls_mpi_free( &dst );
+ mbedtls_mpi_free( &ref );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_copy_self( char *input_X )
+{
+ mbedtls_mpi X, A;
+ mbedtls_mpi_init( &A );
+ mbedtls_mpi_init( &X );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, 16, input_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
+
+exit:
+ mbedtls_mpi_free( &A );
+ mbedtls_mpi_free( &X );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_mpi_swap( char *X_hex, char *Y_hex )
+{
+ mbedtls_mpi X, Y, X0, Y0;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
+ mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y0, 16, Y_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 );
+ /* mbedtls_mpi_swap() */
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ mbedtls_mpi_swap( &X, &Y );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_swap(), swap done */
+ mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &Y );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_swap(), swap not done */
+ mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &Y );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 );
exit:
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
+ mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
}
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_copy_binary( data_t *input_X, data_t *input_Y )
+void mpi_swap_self( char *X_hex )
{
- mbedtls_mpi X, Y, X0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 );
+ mbedtls_mpi X, X0;
+ mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 );
+
+ mbedtls_mpi_swap( &X, &X );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
-
exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &X0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_copy_self( int input_X )
-{
- mbedtls_mpi X;
- mbedtls_mpi_init( &X );
-
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
}
/* END_CASE */
@@ -692,10 +845,14 @@
mbedtls_mpi_init( &X );
TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 );
- TEST_ASSERT( used <= before );
- memset( X.p, 0x2a, used * sizeof( mbedtls_mpi_uint ) );
+ if( used > 0 )
+ {
+ size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint );
+ TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 );
+ }
+ TEST_EQUAL( X.n, (size_t) before );
TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 );
- TEST_ASSERT( X.n == (size_t) after );
+ TEST_EQUAL( X.n, (size_t) after );
exit:
mbedtls_mpi_free( &X );
@@ -703,139 +860,28 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_assign( int x_sign, char * x_str, int y_sign,
- char * y_str )
-{
- mbedtls_mpi X, Y, XX;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &XX );
-
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 );
- X.s = x_sign;
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 );
- Y.s = y_sign;
- TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 1 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &XX );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_swap( int x_sign, char * x_str, int y_sign,
- char * y_str )
-{
- mbedtls_mpi X, Y, XX, YY;
-
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- mbedtls_mpi_init( &XX ); mbedtls_mpi_init( &YY );
-
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 );
- X.s = x_sign;
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 );
- Y.s = y_sign;
-
- TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &YY, &Y ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &YY ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &XX ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &YY ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
- mbedtls_mpi_free( &XX ); mbedtls_mpi_free( &YY );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_swap_sint( int input_X, int input_Y )
-{
- mbedtls_mpi X, Y;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_Y ) == 0 );
-
- mbedtls_mpi_swap( &X, &Y );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_swap_binary( data_t *input_X, data_t *input_Y )
-{
- mbedtls_mpi X, Y, X0, Y0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
-
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y0, input_Y->x, input_Y->len ) == 0 );
-
- mbedtls_mpi_swap( &X, &Y );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
- mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_swap_self( data_t *input_X )
-{
- mbedtls_mpi X, X0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
-
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
-
- mbedtls_mpi_swap( &X, &X );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y,
char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -850,18 +896,21 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -877,19 +926,22 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -904,9 +956,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -921,19 +974,22 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -950,23 +1006,26 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_sub_abs( &Z, &X, &Y );
TEST_ASSERT( res == sub_result );
+ TEST_ASSERT( sign_is_valid( &Z ) );
if( res == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result );
+ TEST_ASSERT( sign_is_valid( &X ) );
if( sub_result == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result );
+ TEST_ASSERT( sign_is_valid( &Y ) );
if( sub_result == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
@@ -982,9 +1041,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -999,10 +1059,11 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -1018,9 +1079,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
if( strcmp( result_comparison, "==" ) == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
else if( strcmp( result_comparison, "!=" ) == 0 )
@@ -1043,14 +1105,16 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R );
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 );
res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Q ) );
+ TEST_ASSERT( sign_is_valid( &R ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
}
@@ -1071,13 +1135,15 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A );
mbedtls_mpi_init( &B );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 );
res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Q ) );
+ TEST_ASSERT( sign_is_valid( &R ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
}
@@ -1097,13 +1163,14 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_mod_mpi( &X, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
}
@@ -1121,7 +1188,7 @@
mbedtls_mpi_uint r;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
res = mbedtls_mpi_mod_int( &r, &X, input_Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
@@ -1137,26 +1204,41 @@
/* BEGIN_CASE */
void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E,
char * input_E, int radix_N, char * input_N,
- int radix_RR, char * input_RR, int radix_X,
- char * input_X, int div_result )
+ int radix_X, char * input_X, int exp_result )
{
mbedtls_mpi A, E, N, RR, Z, X;
int res;
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
- if( strlen( input_RR ) )
- TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 );
-
- res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
- TEST_ASSERT( res == div_result );
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL );
+ TEST_ASSERT( res == exp_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Z ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
+ }
+
+ /* Now test again with the speed-up parameter supplied as an output. */
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
+ TEST_ASSERT( res == exp_result );
+ if( res == 0 )
+ {
+ TEST_ASSERT( sign_is_valid( &Z ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
+ }
+
+ /* Now test again with the speed-up parameter supplied in calculated form. */
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
+ TEST_ASSERT( res == exp_result );
+ if( res == 0 )
+ {
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
}
@@ -1167,6 +1249,40 @@
/* END_CASE */
/* BEGIN_CASE */
+void mbedtls_mpi_exp_mod_size( int A_bytes, int E_bytes, int N_bytes,
+ int radix_RR, char * input_RR, int exp_result )
+{
+ mbedtls_mpi A, E, N, RR, Z;
+ mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
+ mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z );
+
+ /* Set A to 2^(A_bytes - 1) + 1 */
+ TEST_ASSERT( mbedtls_mpi_lset( &A, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_shift_l( &A, ( A_bytes * 8 ) - 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_set_bit( &A, 0, 1 ) == 0 );
+
+ /* Set E to 2^(E_bytes - 1) + 1 */
+ TEST_ASSERT( mbedtls_mpi_lset( &E, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_shift_l( &E, ( E_bytes * 8 ) - 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 1 ) == 0 );
+
+ /* Set N to 2^(N_bytes - 1) + 1 */
+ TEST_ASSERT( mbedtls_mpi_lset( &N, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_shift_l( &N, ( N_bytes * 8 ) - 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 );
+
+ if( strlen( input_RR ) )
+ TEST_ASSERT( mbedtls_test_read_mpi( &RR, radix_RR, input_RR ) == 0 );
+
+ TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result );
+
+exit:
+ mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
+ mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void mbedtls_mpi_inv_mod( int radix_X, char * input_X, int radix_Y,
char * input_Y, int radix_A, char * input_A,
int div_result )
@@ -1175,13 +1291,14 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_inv_mod( &Z, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
}
@@ -1197,7 +1314,7 @@
int res;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( res == div_result );
@@ -1257,6 +1374,7 @@
TEST_ASSERT( actual_bits >= (size_t) bits );
TEST_ASSERT( actual_bits <= (size_t) bits + 1 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
mbedtls_test_rnd_std_rand,
@@ -1283,9 +1401,10 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -1300,9 +1419,10 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -1310,6 +1430,212 @@
}
/* END_CASE */
+/* BEGIN_CASE */
+void mpi_fill_random( int wanted_bytes, int rng_bytes,
+ int before, int expected_ret )
+{
+ mbedtls_mpi X;
+ int ret;
+ size_t bytes_left = rng_bytes;
+ mbedtls_mpi_init( &X );
+
+ if( before != 0 )
+ {
+ /* Set X to sign(before) * 2^(|before|-1) */
+ TEST_ASSERT( mbedtls_mpi_lset( &X, before > 0 ? 1 : -1 ) == 0 );
+ if( before < 0 )
+ before = - before;
+ TEST_ASSERT( mbedtls_mpi_shift_l( &X, before - 1 ) == 0 );
+ }
+
+ ret = mbedtls_mpi_fill_random( &X, wanted_bytes,
+ f_rng_bytes_left, &bytes_left );
+ TEST_ASSERT( ret == expected_ret );
+
+ if( expected_ret == 0 )
+ {
+ /* mbedtls_mpi_fill_random is documented to use bytes from the RNG
+ * as a big-endian representation of the number. We know when
+ * our RNG function returns null bytes, so we know how many
+ * leading zero bytes the number has. */
+ size_t leading_zeros = 0;
+ if( wanted_bytes > 0 && rng_bytes % 256 == 0 )
+ leading_zeros = 1;
+ TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros ==
+ (size_t) wanted_bytes );
+ TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ }
+
+exit:
+ mbedtls_mpi_free( &X );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_random_many( int min, data_t *bound_bytes, int iterations )
+{
+ /* Generate numbers in the range 1..bound-1. Do it iterations times.
+ * This function assumes that the value of bound is at least 2 and
+ * that iterations is large enough that a one-in-2^iterations chance
+ * effectively never occurs.
+ */
+
+ mbedtls_mpi upper_bound;
+ size_t n_bits;
+ mbedtls_mpi result;
+ size_t b;
+ /* If upper_bound is small, stats[b] is the number of times the value b
+ * has been generated. Otherwise stats[b] is the number of times a
+ * value with bit b set has been generated. */
+ size_t *stats = NULL;
+ size_t stats_len;
+ int full_stats;
+ size_t i;
+
+ mbedtls_mpi_init( &upper_bound );
+ mbedtls_mpi_init( &result );
+
+ TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
+ bound_bytes->x, bound_bytes->len ) );
+ n_bits = mbedtls_mpi_bitlen( &upper_bound );
+ /* Consider a bound "small" if it's less than 2^5. This value is chosen
+ * to be small enough that the probability of missing one value is
+ * negligible given the number of iterations. It must be less than
+ * 256 because some of the code below assumes that "small" values
+ * fit in a byte. */
+ if( n_bits <= 5 )
+ {
+ full_stats = 1;
+ stats_len = bound_bytes->x[bound_bytes->len - 1];
+ }
+ else
+ {
+ full_stats = 0;
+ stats_len = n_bits;
+ }
+ ASSERT_ALLOC( stats, stats_len );
+
+ for( i = 0; i < (size_t) iterations; i++ )
+ {
+ mbedtls_test_set_step( i );
+ TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
+ mbedtls_test_rnd_std_rand, NULL ) );
+
+ TEST_ASSERT( sign_is_valid( &result ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
+ if( full_stats )
+ {
+ uint8_t value;
+ TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) );
+ TEST_ASSERT( value < stats_len );
+ ++stats[value];
+ }
+ else
+ {
+ for( b = 0; b < n_bits; b++ )
+ stats[b] += mbedtls_mpi_get_bit( &result, b );
+ }
+ }
+
+ if( full_stats )
+ {
+ for( b = min; b < stats_len; b++ )
+ {
+ mbedtls_test_set_step( 1000000 + b );
+ /* Assert that each value has been reached at least once.
+ * This is almost guaranteed if the iteration count is large
+ * enough. This is a very crude way of checking the distribution.
+ */
+ TEST_ASSERT( stats[b] > 0 );
+ }
+ }
+ else
+ {
+ int statistically_safe_all_the_way =
+ is_significantly_above_a_power_of_2( bound_bytes );
+ for( b = 0; b < n_bits; b++ )
+ {
+ mbedtls_test_set_step( 1000000 + b );
+ /* Assert that each bit has been set in at least one result and
+ * clear in at least one result. Provided that iterations is not
+ * too small, it would be extremely unlikely for this not to be
+ * the case if the results are uniformly distributed.
+ *
+ * As an exception, the top bit may legitimately never be set
+ * if bound is a power of 2 or only slightly above.
+ */
+ if( statistically_safe_all_the_way || b != n_bits - 1 )
+ {
+ TEST_ASSERT( stats[b] > 0 );
+ }
+ TEST_ASSERT( stats[b] < (size_t) iterations );
+ }
+ }
+
+exit:
+ mbedtls_mpi_free( &upper_bound );
+ mbedtls_mpi_free( &result );
+ mbedtls_free( stats );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_random_sizes( int min, data_t *bound_bytes, int nlimbs, int before )
+{
+ mbedtls_mpi upper_bound;
+ mbedtls_mpi result;
+
+ mbedtls_mpi_init( &upper_bound );
+ mbedtls_mpi_init( &result );
+
+ if( before != 0 )
+ {
+ /* Set result to sign(before) * 2^(|before|-1) */
+ TEST_ASSERT( mbedtls_mpi_lset( &result, before > 0 ? 1 : -1 ) == 0 );
+ if( before < 0 )
+ before = - before;
+ TEST_ASSERT( mbedtls_mpi_shift_l( &result, before - 1 ) == 0 );
+ }
+
+ TEST_EQUAL( 0, mbedtls_mpi_grow( &result, nlimbs ) );
+ TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
+ bound_bytes->x, bound_bytes->len ) );
+ TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
+ mbedtls_test_rnd_std_rand, NULL ) );
+ TEST_ASSERT( sign_is_valid( &result ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
+
+exit:
+ mbedtls_mpi_free( &upper_bound );
+ mbedtls_mpi_free( &result );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret )
+{
+ mbedtls_mpi upper_bound;
+ mbedtls_mpi result;
+ int actual_ret;
+
+ mbedtls_mpi_init( &upper_bound );
+ mbedtls_mpi_init( &result );
+
+ TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
+ bound_bytes->x, bound_bytes->len ) );
+ actual_ret = mbedtls_mpi_random( &result, min, &upper_bound,
+ mbedtls_test_rnd_std_rand, NULL );
+ TEST_EQUAL( expected_ret, actual_ret );
+
+exit:
+ mbedtls_mpi_free( &upper_bound );
+ mbedtls_mpi_free( &result );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void mpi_selftest( )
{
diff --git a/tests/suites/test_suite_mps.data b/tests/suites/test_suite_mps.data
new file mode 100644
index 0000000..442f321
--- /dev/null
+++ b/tests/suites/test_suite_mps.data
@@ -0,0 +1,125 @@
+MPS Reader: Single step, single round, pausing disabled
+mbedtls_mps_reader_no_pausing_single_step_single_round:0
+
+MPS Reader: Single step, single round, pausing enabled but unused
+mbedtls_mps_reader_no_pausing_single_step_single_round:1
+
+MPS Reader: Single step, multiple rounds, pausing disabled
+mbedtls_mps_reader_no_pausing_single_step_multiple_rounds:0
+
+MPS Reader: Single step, multiple rounds, pausing enabled but unused
+mbedtls_mps_reader_no_pausing_single_step_multiple_rounds:1
+
+MPS Reader: Multiple steps, single round, pausing disabled
+mbedtls_mps_reader_no_pausing_multiple_steps_single_round:0
+
+MPS Reader: Multiple steps, single round, pausing enabled but unused
+mbedtls_mps_reader_no_pausing_multiple_steps_single_round:1
+
+MPS Reader: Multiple steps, multiple rounds, pausing disabled
+mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds:0
+
+MPS Reader: Multiple steps, multiple rounds, pausing enabled but unused
+mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds:1
+
+MPS Reader: Pausing needed but disabled
+mbedtls_mps_reader_pausing_needed_disabled:
+
+MPS Reader: Pausing needed + enabled, but buffer too small
+mbedtls_mps_reader_pausing_needed_buffer_too_small:
+
+MPS Reader: Pausing, repeat single call without commit
+mbedtls_mps_reader_pausing:0
+
+MPS Reader: Pausing, repeat single call with commit
+mbedtls_mps_reader_pausing:1
+
+MPS Reader: Pausing, repeat multiple calls without commit
+mbedtls_mps_reader_pausing:2
+
+MPS Reader: Pausing, repeat multiple calls with commit #0
+mbedtls_mps_reader_pausing:3
+
+MPS Reader: Pausing, repeat multiple calls with commit #1
+mbedtls_mps_reader_pausing:4
+
+MPS Reader: Pausing, repeat multiple calls with commit #2
+mbedtls_mps_reader_pausing:5
+
+MPS Reader: Pausing, feed 50 bytes in 10b + 10b + 80b
+mbedtls_mps_reader_pausing_multiple_feeds:0
+
+MPS Reader: Pausing, feed 50 bytes in 50x1b
+mbedtls_mps_reader_pausing_multiple_feeds:1
+
+MPS Reader: Pausing, feed 50 bytes in 49x1b + 51b
+mbedtls_mps_reader_pausing_multiple_feeds:2
+
+MPS Reader: Reclaim with data remaining #0
+mbedtls_mps_reader_reclaim_data_left:0
+
+MPS Reader: Reclaim with data remaining #1
+mbedtls_mps_reader_reclaim_data_left:1
+
+MPS Reader: Reclaim with data remaining #2
+mbedtls_mps_reader_reclaim_data_left:2
+
+MPS Reader: Reclaim with data remaining, continue fetching
+mbedtls_mps_reader_reclaim_data_left_retry:
+
+MPS Reader: Pausing several times, #0
+mbedtls_mps_reader_multiple_pausing:0
+
+MPS Reader: Pausing several times, #1
+mbedtls_mps_reader_multiple_pausing:1
+
+MPS Reader: Pausing several times, #2
+mbedtls_mps_reader_multiple_pausing:2
+
+MPS Reader: Pausing several times, #3
+mbedtls_mps_reader_multiple_pausing:3
+
+MPS Reader: Random usage, 20 rds, feed 100, get 200, acc 50
+mbedtls_mps_reader_random_usage:20:100:200:50
+
+MPS Reader: Random usage, 1000 rds, feed 10, get 100, acc 80
+mbedtls_mps_reader_random_usage:1000:10:100:80
+
+MPS Reader: Random usage, 10000 rds, feed 1, get 100, acc 80
+mbedtls_mps_reader_random_usage:10000:1:100:80
+
+MPS Reader: Random usage, 100 rds, feed 100, get 1000, acc 500
+mbedtls_mps_reader_random_usage:100:100:1000:500
+
+MPS Reader: Pausing, inconsistent continuation, #0
+mbedtls_reader_inconsistent_usage:0
+
+MPS Reader: Pausing, inconsistent continuation, #1
+mbedtls_reader_inconsistent_usage:1
+
+MPS Reader: Pausing, inconsistent continuation, #2
+mbedtls_reader_inconsistent_usage:2
+
+MPS Reader: Pausing, inconsistent continuation, #3
+mbedtls_reader_inconsistent_usage:3
+
+MPS Reader: Pausing, inconsistent continuation, #4
+mbedtls_reader_inconsistent_usage:4
+
+MPS Reader: Pausing, inconsistent continuation, #5
+mbedtls_reader_inconsistent_usage:5
+
+MPS Reader: Pausing, inconsistent continuation, #6
+mbedtls_reader_inconsistent_usage:6
+
+MPS Reader: Pausing, inconsistent continuation, #7
+mbedtls_reader_inconsistent_usage:7
+
+MPS Reader: Pausing, inconsistent continuation, #8
+mbedtls_reader_inconsistent_usage:8
+
+MPS Reader: Feed with invalid buffer (NULL)
+mbedtls_mps_reader_feed_empty:
+
+MPS Reader: Excess request leading to integer overflow
+mbedtls_mps_reader_reclaim_overflow:
diff --git a/tests/suites/test_suite_mps.function b/tests/suites/test_suite_mps.function
new file mode 100644
index 0000000..9df8a3c
--- /dev/null
+++ b/tests/suites/test_suite_mps.function
@@ -0,0 +1,1148 @@
+/* BEGIN_HEADER */
+
+#include <stdlib.h>
+
+#include "mps_reader.h"
+
+/*
+ * Compile-time configuration for test suite.
+ */
+
+/* Comment/Uncomment this to disable/enable the
+ * testing of the various MPS layers.
+ * This can be useful for time-consuming instrumentation
+ * tasks such as the conversion of E-ACSL annotations
+ * into runtime assertions. */
+#define TEST_SUITE_MPS_READER
+
+/* End of compile-time configuration. */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_no_pausing_single_step_single_round( int with_acc )
+{
+ /* This test exercises the most basic use of the MPS reader:
+ * - The 'producing' layer provides a buffer
+ * - The 'consuming' layer fetches it in a single go.
+ * - After processing, the consuming layer commits the data
+ * and the reader is moved back to producing mode.
+ *
+ * Parameters:
+ * - with_acc: 0 if the reader should be initialized without accumulator.
+ * 1 if the reader should be initialized with accumulator.
+ *
+ * Whether the accumulator is present or not should not matter,
+ * since the consumer's request can be fulfilled from the data
+ * that the producer has provided.
+ */
+ unsigned char bufA[100];
+ unsigned char acc[10];
+ unsigned char *tmp;
+ int paused;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ )
+ bufA[i] = (unsigned char) i;
+
+ /* Preparation (lower layer) */
+ if( with_acc == 0 )
+ mbedtls_mps_reader_init( &rd, NULL, 0 );
+ else
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 );
+ /* Consumption (upper layer) */
+ /* Consume exactly what's available */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 100, bufA, 100 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ /* Wrapup (lower layer) */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, &paused ) == 0 );
+ TEST_ASSERT( paused == 0 );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds( int with_acc )
+{
+ /* This test exercises multiple rounds of the basic use of the MPS reader:
+ * - The 'producing' layer provides a buffer
+ * - The 'consuming' layer fetches it in a single go.
+ * - After processing, the consuming layer commits the data
+ * and the reader is moved back to producing mode.
+ *
+ * Parameters:
+ * - with_acc: 0 if the reader should be initialized without accumulator.
+ * 1 if the reader should be initialized with accumulator.
+ *
+ * Whether the accumulator is present or not should not matter,
+ * since the consumer's request can be fulfilled from the data
+ * that the producer has provided.
+ */
+
+ unsigned char bufA[100], bufB[100];
+ unsigned char acc[10];
+ unsigned char *tmp;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ )
+ bufA[i] = (unsigned char) i;
+ for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ )
+ bufB[i] = ~ ((unsigned char) i);
+
+ /* Preparation (lower layer) */
+ if( with_acc == 0 )
+ mbedtls_mps_reader_init( &rd, NULL, 0 );
+ else
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 );
+ /* Consumption (upper layer) */
+ /* Consume exactly what's available */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 100, bufA, 100 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ /* Preparation */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 );
+ /* Consumption */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 100, bufB, 100 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ /* Wrapup (lower layer) */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_no_pausing_multiple_steps_single_round( int with_acc )
+{
+ /* This test exercises one round of the following:
+ * - The 'producing' layer provides a buffer
+ * - The 'consuming' layer fetches it in multiple calls
+ * to `mbedtls_mps_reader_get()`, without committing in between.
+ * - After processing, the consuming layer commits the data
+ * and the reader is moved back to producing mode.
+ *
+ * Parameters:
+ * - with_acc: 0 if the reader should be initialized without accumulator.
+ * 1 if the reader should be initialized with accumulator.
+ *
+ * Whether the accumulator is present or not should not matter,
+ * since the consumer's requests can be fulfilled from the data
+ * that the producer has provided.
+ */
+
+ /* Lower layer provides data that the upper layer fully consumes
+ * through multiple `get` calls. */
+ unsigned char buf[100];
+ unsigned char acc[10];
+ unsigned char *tmp;
+ mbedtls_mps_size_t tmp_len;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( buf ); i++ )
+ buf[i] = (unsigned char) i;
+
+ /* Preparation (lower layer) */
+ if( with_acc == 0 )
+ mbedtls_mps_reader_init( &rd, NULL, 0 );
+ else
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 );
+ /* Consumption (upper layer) */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, buf, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 70, buf + 10, 70 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, &tmp_len ) == 0 );
+ ASSERT_COMPARE( tmp, tmp_len, buf + 80, 20 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ /* Wrapup (lower layer) */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds( int with_acc )
+{
+ /* This test exercises one round of fetching a buffer in multiple chunks
+ * and passing it back to the producer afterwards, followed by another
+ * single-step sequence of feed-fetch-commit-reclaim.
+ */
+ unsigned char bufA[100], bufB[100];
+ unsigned char acc[10];
+ unsigned char *tmp;
+ mbedtls_mps_size_t tmp_len;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ )
+ bufA[i] = (unsigned char) i;
+ for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ )
+ bufB[i] = ~ ((unsigned char) i);
+
+ /* Preparation (lower layer) */
+ if( with_acc == 0 )
+ mbedtls_mps_reader_init( &rd, NULL, 0 );
+ else
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 );
+ /* Consumption (upper layer) */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 70, bufA + 10, 70 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, &tmp_len ) == 0 );
+ ASSERT_COMPARE( tmp, tmp_len, bufA + 80, 20 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ /* Preparation */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 );
+ /* Consumption */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 100, bufB, 100 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ /* Wrapup */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_pausing_needed_disabled()
+{
+ /* This test exercises the behaviour of the MPS reader when a read request
+ * of the consumer exceeds what has been provided by the producer, and when
+ * no accumulator is available in the reader.
+ *
+ * In this case, we expect the reader to fail.
+ */
+
+ unsigned char buf[100];
+ unsigned char *tmp;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( buf ); i++ )
+ buf[i] = (unsigned char) i;
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, NULL, 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 );
+ /* Consumption (upper layer) */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 50, buf, 50 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+ /* Wrapup (lower layer) */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_pausing_needed_buffer_too_small()
+{
+ /* This test exercises the behaviour of the MPS reader with accumulator
+ * in the situation where a read request goes beyond the bounds of the
+ * current read buffer, _and_ the reader's accumulator is too small to
+ * hold the requested amount of data.
+ *
+ * In this case, we expect mbedtls_mps_reader_reclaim() to fail,
+ * but it should be possible to continue fetching data as if
+ * there had been no excess request via mbedtls_mps_reader_get()
+ * and the call to mbedtls_mps_reader_reclaim() had been rejected
+ * because of data remaining.
+ */
+
+ unsigned char buf[100];
+ unsigned char acc[10];
+ unsigned char *tmp;
+ mbedtls_mps_reader rd;
+ mbedtls_mps_size_t tmp_len;
+
+ for( size_t i=0; (unsigned) i < sizeof( buf ); i++ )
+ buf[i] = (unsigned char) i;
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 );
+ /* Consumption (upper layer) */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 50, buf, 50 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, buf + 50, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+ /* Wrapup (lower layer) */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL );
+
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, &tmp_len ) == 0 );
+ ASSERT_COMPARE( tmp, tmp_len, buf + 50, 50 );
+
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_reclaim_overflow()
+{
+ /* This test exercises the behaviour of the MPS reader with accumulator
+ * in the situation where upon calling mbedtls_mps_reader_reclaim(), the
+ * uncommitted data together with the excess data missing in the last
+ * call to medtls_mps_reader_get() exceeds the bounds of the type
+ * holding the buffer length.
+ */
+
+ unsigned char buf[100];
+ unsigned char acc[50];
+ unsigned char *tmp;
+ mbedtls_mps_reader rd;
+
+ for( size_t i=0; (unsigned) i < sizeof( buf ); i++ )
+ buf[i] = (unsigned char) i;
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 );
+ /* Consumption (upper layer) */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 50, buf, 50 );
+ /* Excess request */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, (mbedtls_mps_size_t) -1, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+ /* Wrapup (lower layer) */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL );
+
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_pausing( int option )
+{
+ /* This test exercises the behaviour of the reader when the
+ * accumulator is used to fulfill a consumer's request.
+ *
+ * More detailed:
+ * - The producer feeds some data.
+ * - The consumer asks for more data than what's available.
+ * - The reader remembers the request and goes back to
+ * producing mode, waiting for more data from the producer.
+ * - The producer provides another chunk of data which is
+ * sufficient to fulfill the original read request.
+ * - The consumer retries the original read request, which
+ * should now succeed.
+ *
+ * This test comes in multiple variants controlled by the
+ * `option` parameter and documented below.
+ */
+
+ unsigned char bufA[100], bufB[100];
+ unsigned char *tmp;
+ unsigned char acc[40];
+ int paused;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ )
+ bufA[i] = (unsigned char) i;
+ for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ )
+ bufB[i] = ~ ((unsigned char) i);
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 );
+
+ /* Consumption (upper layer) */
+ /* Ask for more than what's available. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 80, bufA, 80 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ switch( option )
+ {
+ case 0: /* Single uncommitted fetch at pausing */
+ case 1:
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ break;
+ default: /* Multiple uncommitted fetches at pausing */
+ break;
+ }
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+
+ /* Preparation */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, &paused ) == 0 );
+ TEST_ASSERT( paused == 1 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 );
+
+ /* Consumption */
+ switch( option )
+ {
+ case 0: /* Single fetch at pausing, re-fetch with commit. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ break;
+
+ case 1: /* Single fetch at pausing, re-fetch without commit. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ break;
+
+ case 2: /* Multiple fetches at pausing, repeat without commit. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ break;
+
+ case 3: /* Multiple fetches at pausing, repeat with commit 1. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ break;
+
+ case 4: /* Multiple fetches at pausing, repeat with commit 2. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ break;
+
+ case 5: /* Multiple fetches at pausing, repeat with commit 3. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ break;
+
+ default:
+ TEST_ASSERT( 0 );
+ }
+
+ /* In all cases, fetch the rest of the second buffer. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 90, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 90, bufB + 10, 90 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+
+ /* Wrapup */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_pausing_multiple_feeds( int option )
+{
+ /* This test exercises the behaviour of the MPS reader
+ * in the following situation:
+ * - The consumer has asked for more than what's available, so the
+ * reader pauses and waits for further input data via
+ * `mbedtls_mps_reader_feed()`
+ * - Multiple such calls to `mbedtls_mps_reader_feed()` are necessary
+ * to fulfill the original request, and the reader needs to do
+ * the necessary bookkeeping under the hood.
+ *
+ * This test comes in a few variants differing in the number and
+ * size of feed calls that the producer issues while the reader is
+ * accumulating the necessary data - see the comments below.
+ */
+
+ unsigned char bufA[100], bufB[100];
+ unsigned char *tmp;
+ unsigned char acc[70];
+ mbedtls_mps_reader rd;
+ mbedtls_mps_size_t fetch_len;
+ for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ )
+ bufA[i] = (unsigned char) i;
+ for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ )
+ bufB[i] = ~ ((unsigned char) i);
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 );
+
+ /* Consumption (upper layer) */
+ /* Ask for more than what's available. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 80, bufA, 80 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ /* 20 left, ask for 70 -> 50 overhead */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+
+ /* Preparation */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ switch( option )
+ {
+ case 0: /* 10 + 10 + 80 byte feed */
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, 10 ) ==
+ MBEDTLS_ERR_MPS_READER_NEED_MORE );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 10, 10 ) ==
+ MBEDTLS_ERR_MPS_READER_NEED_MORE );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 20, 80 ) == 0 );
+ break;
+
+ case 1: /* 50 x 1byte */
+ for( size_t num_feed = 0; num_feed < 49; num_feed++ )
+ {
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + num_feed, 1 ) ==
+ MBEDTLS_ERR_MPS_READER_NEED_MORE );
+ }
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 49, 1 ) == 0 );
+ break;
+
+ case 2: /* 49 x 1byte + 51bytes */
+ for( size_t num_feed = 0; num_feed < 49; num_feed++ )
+ {
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + num_feed, 1 ) ==
+ MBEDTLS_ERR_MPS_READER_NEED_MORE );
+ }
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 49, 51 ) == 0 );
+ break;
+
+ default:
+ TEST_ASSERT( 0 );
+ break;
+ }
+
+ /* Consumption */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 20, bufA + 80, 20 );
+ ASSERT_COMPARE( tmp + 20, 50, bufB, 50 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 1000, &tmp, &fetch_len ) == 0 );
+ switch( option )
+ {
+ case 0:
+ TEST_ASSERT( fetch_len == 50 );
+ break;
+
+ case 1:
+ TEST_ASSERT( fetch_len == 0 );
+ break;
+
+ case 2:
+ TEST_ASSERT( fetch_len == 50 );
+ break;
+
+ default:
+ TEST_ASSERT( 0 );
+ break;
+ }
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+
+ /* Wrapup */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_reclaim_data_left( int option )
+{
+ /* This test exercises the behaviour of the MPS reader when a
+ * call to mbedtls_mps_reader_reclaim() is made before all data
+ * provided by the producer has been fetched and committed. */
+
+ unsigned char buf[100];
+ unsigned char *tmp;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( buf ); i++ )
+ buf[i] = (unsigned char) i;
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, NULL, 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 );
+
+ /* Consumption (upper layer) */
+ switch( option )
+ {
+ case 0:
+ /* Fetch (but not commit) the entire buffer. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ), &tmp, NULL )
+ == 0 );
+ ASSERT_COMPARE( tmp, 100, buf, 100 );
+ break;
+
+ case 1:
+ /* Fetch (but not commit) parts of the buffer. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2,
+ &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, sizeof( buf ) / 2, buf, sizeof( buf ) / 2 );
+ break;
+
+ case 2:
+ /* Fetch and commit parts of the buffer, then
+ * fetch but not commit the rest of the buffer. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2,
+ &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, sizeof( buf ) / 2, buf, sizeof( buf ) / 2 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2,
+ &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, sizeof( buf ) / 2,
+ buf + sizeof( buf ) / 2,
+ sizeof( buf ) / 2 );
+ break;
+
+ default:
+ TEST_ASSERT( 0 );
+ break;
+ }
+
+ /* Wrapup */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_DATA_LEFT );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_reclaim_data_left_retry()
+{
+ /* This test exercises the behaviour of the MPS reader when an attempt
+ * by the producer to reclaim the reader fails because of more data pending
+ * to be processed, and the consumer subsequently fetches more data. */
+ unsigned char buf[100];
+ unsigned char *tmp;
+ mbedtls_mps_reader rd;
+
+ for( size_t i=0; (unsigned) i < sizeof( buf ); i++ )
+ buf[i] = (unsigned char) i;
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, NULL, 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 );
+ /* Consumption (upper layer) */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 50, buf, 50 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 50, buf + 50, 50 );
+ /* Preparation */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_DATA_LEFT );
+ /* Consumption */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 50, buf + 50, 50 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ /* Wrapup */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_multiple_pausing( int option )
+{
+ /* This test exercises the behaviour of the MPS reader
+ * in the following situation:
+ * - A read request via `mbedtls_mps_reader_get()` can't
+ * be served and the reader is paused to accumulate
+ * the desired amount of data from the producer.
+ * - Once enough data is available, the consumer successfully
+ * reads the data from the reader, but afterwards exceeds
+ * the available data again - pausing is necessary for a
+ * second time.
+ */
+
+ unsigned char bufA[100], bufB[20], bufC[10];
+ unsigned char *tmp;
+ unsigned char acc[50];
+ mbedtls_mps_size_t tmp_len;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ )
+ bufA[i] = (unsigned char) i;
+ for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ )
+ bufB[i] = ~ ((unsigned char) i);
+ for( size_t i=0; (unsigned) i < sizeof( bufC ); i++ )
+ bufC[i] = ~ ((unsigned char) i);
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 );
+
+ /* Consumption (upper layer) */
+ /* Ask for more than what's available. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 80, bufA, 80 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+
+ /* Preparation */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 );
+
+ switch( option )
+ {
+ case 0: /* Fetch same chunks, commit afterwards, and
+ * then exceed bounds of new buffer; accumulator
+ * large enough. */
+
+ /* Consume */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, &tmp_len ) == 0 );
+ ASSERT_COMPARE( tmp, tmp_len, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+
+ /* Prepare */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufC, sizeof( bufC ) ) == 0 );;
+
+ /* Consume */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufB + 10, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufC, 10 );
+ break;
+
+ case 1: /* Fetch same chunks, commit afterwards, and
+ * then exceed bounds of new buffer; accumulator
+ * not large enough. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 51, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+
+ /* Prepare */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL );
+ break;
+
+ case 2: /* Fetch same chunks, don't commit afterwards, and
+ * then exceed bounds of new buffer; accumulator
+ * large enough. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+
+ /* Prepare */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufC, sizeof( bufC ) ) == 0 );;
+
+ /* Consume */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 20, bufA + 80, 20 );
+ ASSERT_COMPARE( tmp + 20, 20, bufB, 20 );
+ ASSERT_COMPARE( tmp + 40, 10, bufC, 10 );
+ break;
+
+ case 3: /* Fetch same chunks, don't commit afterwards, and
+ * then exceed bounds of new buffer; accumulator
+ * not large enough. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 80, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 10, bufA + 90, 10 );
+ ASSERT_COMPARE( tmp + 10, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 21, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+
+ /* Prepare */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL );
+ break;
+
+ default:
+ TEST_ASSERT( 0 );
+ break;
+ }
+
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER:MBEDTLS_MPS_STATE_VALIDATION */
+void mbedtls_mps_reader_random_usage( int num_out_chunks,
+ int max_chunk_size,
+ int max_request,
+ int acc_size )
+
+{
+ /* Randomly pass a reader object back and forth between lower and
+ * upper layer and let each of them call the respective reader API
+ * functions in a random fashion.
+ *
+ * On the lower layer, we're tracking and concatenating
+ * the data passed to successful feed calls.
+ *
+ * For the upper layer, we track and concatenate buffers
+ * obtained from successful get calls.
+ *
+ * As long as the lower layer calls reclaim at least once, (resetting the
+ * fetched but not-yet-committed data), this should always lead to the same
+ * stream of outgoing/incoming data for the lower/upper layers, even if
+ * most of the random calls fail.
+ *
+ * NOTE: This test uses rand() for random data, which is not optimal.
+ * Instead, it would be better to get the random data from a
+ * static buffer. This both eases reproducibility and allows
+ * simple conversion to a fuzz target.
+ */
+ int ret;
+ unsigned char *acc = NULL;
+ unsigned char *outgoing = NULL, *incoming = NULL;
+ unsigned char *cur_chunk = NULL;
+ size_t cur_out_chunk, out_pos, in_commit, in_fetch;
+ int rand_op; /* Lower layer:
+ * - Reclaim (0)
+ * - Feed (1)
+ * Upper layer:
+ * - Get, do tolerate smaller output (0)
+ * - Get, don't tolerate smaller output (1)
+ * - Commit (2) */
+ int mode = 0; /* Lower layer (0) or Upper layer (1) */
+ int reclaimed = 1; /* Have to call reclaim at least once before
+ * returning the reader to the upper layer. */
+ mbedtls_mps_reader rd;
+
+ if( acc_size > 0 )
+ {
+ ASSERT_ALLOC( acc, acc_size );
+ }
+
+ /* This probably needs to be changed because we want
+ * our tests to be deterministic. */
+ // srand( time( NULL ) );
+
+ ASSERT_ALLOC( outgoing, num_out_chunks * max_chunk_size );
+ ASSERT_ALLOC( incoming, num_out_chunks * max_chunk_size );
+
+ mbedtls_mps_reader_init( &rd, acc, acc_size );
+
+ cur_out_chunk = 0;
+ in_commit = 0;
+ in_fetch = 0;
+ out_pos = 0;
+ while( cur_out_chunk < (unsigned) num_out_chunks )
+ {
+ if( mode == 0 )
+ {
+ /* Choose randomly between reclaim and feed */
+ rand_op = rand() % 2;
+
+ if( rand_op == 0 )
+ {
+ /* Reclaim */
+ ret = mbedtls_mps_reader_reclaim( &rd, NULL );
+
+ if( ret == 0 )
+ {
+ TEST_ASSERT( cur_chunk != NULL );
+ mbedtls_free( cur_chunk );
+ cur_chunk = NULL;
+ }
+ reclaimed = 1;
+ }
+ else
+ {
+ /* Feed reader with a random chunk */
+ unsigned char *tmp = NULL;
+ size_t tmp_size;
+ if( cur_out_chunk == (unsigned) num_out_chunks )
+ continue;
+
+ tmp_size = ( rand() % max_chunk_size ) + 1;
+ ASSERT_ALLOC( tmp, tmp_size );
+
+ TEST_ASSERT( mbedtls_test_rnd_std_rand( NULL, tmp, tmp_size ) == 0 );
+ ret = mbedtls_mps_reader_feed( &rd, tmp, tmp_size );
+
+ if( ret == 0 || ret == MBEDTLS_ERR_MPS_READER_NEED_MORE )
+ {
+ cur_out_chunk++;
+ memcpy( outgoing + out_pos, tmp, tmp_size );
+ out_pos += tmp_size;
+ }
+
+ if( ret == 0 )
+ {
+ TEST_ASSERT( cur_chunk == NULL );
+ cur_chunk = tmp;
+ }
+ else
+ {
+ mbedtls_free( tmp );
+ }
+
+ }
+
+ /* Randomly switch to consumption mode if reclaim
+ * was called at least once. */
+ if( reclaimed == 1 && rand() % 3 == 0 )
+ {
+ in_fetch = 0;
+ mode = 1;
+ }
+ }
+ else
+ {
+ /* Choose randomly between get tolerating fewer data,
+ * get not tolerating fewer data, and commit. */
+ rand_op = rand() % 3;
+ if( rand_op == 0 || rand_op == 1 )
+ {
+ mbedtls_mps_size_t get_size, real_size;
+ unsigned char *chunk_get;
+ get_size = ( rand() % max_request ) + 1;
+ if( rand_op == 0 )
+ {
+ ret = mbedtls_mps_reader_get( &rd, get_size, &chunk_get,
+ &real_size );
+ }
+ else
+ {
+ real_size = get_size;
+ ret = mbedtls_mps_reader_get( &rd, get_size, &chunk_get, NULL );
+ }
+
+ /* Check if output is in accordance with what was written */
+ if( ret == 0 )
+ {
+ memcpy( incoming + in_commit + in_fetch,
+ chunk_get, real_size );
+ TEST_ASSERT( memcmp( incoming + in_commit + in_fetch,
+ outgoing + in_commit + in_fetch,
+ real_size ) == 0 );
+ in_fetch += real_size;
+ }
+ }
+ else if( rand_op == 2 ) /* Commit */
+ {
+ ret = mbedtls_mps_reader_commit( &rd );
+ if( ret == 0 )
+ {
+ in_commit += in_fetch;
+ in_fetch = 0;
+ }
+ }
+
+ /* Randomly switch back to preparation */
+ if( rand() % 3 == 0 )
+ {
+ reclaimed = 0;
+ mode = 0;
+ }
+ }
+ }
+
+ /* Cleanup */
+ mbedtls_mps_reader_free( &rd );
+ mbedtls_free( incoming );
+ mbedtls_free( outgoing );
+ mbedtls_free( acc );
+ mbedtls_free( cur_chunk );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_reader_inconsistent_usage( int option )
+{
+ /* This test exercises the behaviour of the MPS reader
+ * in the following situation:
+ * - The consumer asks for more data than what's available
+ * - The reader is paused and receives more data from the
+ * producer until the original read request can be fulfilled.
+ * - The consumer does not repeat the original request but
+ * requests data in a different way.
+ *
+ * The reader does not guarantee that inconsistent read requests
+ * after pausing will succeed, and this test triggers some cases
+ * where the request fails.
+ */
+
+ unsigned char bufA[100], bufB[100];
+ unsigned char *tmp;
+ unsigned char acc[40];
+ mbedtls_mps_reader rd;
+ int success = 0;
+ for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ )
+ bufA[i] = (unsigned char) i;
+ for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ )
+ bufB[i] = ~ ((unsigned char) i);
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 );
+ /* Consumption (upper layer) */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_OUT_OF_DATA );
+ /* Preparation */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 );
+ /* Consumption */
+ switch( option )
+ {
+ case 0:
+ /* Ask for buffered data in a single chunk, no commit */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 20, bufA + 80, 20 );
+ ASSERT_COMPARE( tmp + 20, 10, bufB, 10 );
+ success = 1;
+ break;
+
+ case 1:
+ /* Ask for buffered data in a single chunk, with commit */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 20, bufA + 80, 20 );
+ ASSERT_COMPARE( tmp + 20, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ success = 1;
+ break;
+
+ case 2:
+ /* Ask for more than was requested when pausing, #1 */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 31, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS );
+ break;
+
+ case 3:
+ /* Ask for more than was requested when pausing #2 */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, (mbedtls_mps_size_t) -1, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS );
+ break;
+
+ case 4:
+ /* Asking for buffered data in different
+ * chunks than before CAN fail. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 15, bufA + 80, 15 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) ==
+ MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS );
+ break;
+
+ case 5:
+ /* Asking for buffered data different chunks
+ * than before NEED NOT fail - no commits */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 15, bufA + 80, 15 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 5, bufA + 95, 5 );
+ ASSERT_COMPARE( tmp + 5, 10, bufB, 10 );
+ success = 1;
+ break;
+
+ case 6:
+ /* Asking for buffered data different chunks
+ * than before NEED NOT fail - intermediate commit */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 15, bufA + 80, 15 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 5, bufA + 95, 5 );
+ ASSERT_COMPARE( tmp + 5, 10, bufB, 10 );
+ success = 1;
+ break;
+
+ case 7:
+ /* Asking for buffered data different chunks
+ * than before NEED NOT fail - end commit */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 15, bufA + 80, 15 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 5, bufA + 95, 5 );
+ ASSERT_COMPARE( tmp + 5, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ success = 1;
+ break;
+
+ case 8:
+ /* Asking for buffered data different chunks
+ * than before NEED NOT fail - intermediate & end commit */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 15, bufA + 80, 15 );
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ ASSERT_COMPARE( tmp, 5, bufA + 95, 5 );
+ ASSERT_COMPARE( tmp + 5, 10, bufB, 10 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+ success = 1;
+ break;
+
+ default:
+ TEST_ASSERT( 0 );
+ break;
+ }
+
+ if( success == 1 )
+ {
+ /* In all succeeding cases, fetch the rest of the second buffer. */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 90, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 90, bufB + 10, 90 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+
+ /* Wrapup */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ }
+
+ /* Wrapup */
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_feed_empty()
+{
+ /* This test exercises the behaviour of the reader when it is
+ * fed with a NULL buffer. */
+ unsigned char buf[100];
+ unsigned char *tmp;
+ mbedtls_mps_reader rd;
+ for( size_t i=0; (unsigned) i < sizeof( buf ); i++ )
+ buf[i] = (unsigned char) i;
+
+ /* Preparation (lower layer) */
+ mbedtls_mps_reader_init( &rd, NULL, 0 );
+
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, NULL, sizeof( buf ) ) ==
+ MBEDTLS_ERR_MPS_READER_INVALID_ARG );
+
+ /* Subsequent feed-calls should still succeed. */
+ TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 );
+
+ /* Consumption (upper layer) */
+ TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 );
+ ASSERT_COMPARE( tmp, 100, buf, 100 );
+ TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 );
+
+ /* Wrapup */
+ TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 );
+ mbedtls_mps_reader_free( &rd );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_net.data b/tests/suites/test_suite_net.data
new file mode 100644
index 0000000..4f516c8
--- /dev/null
+++ b/tests/suites/test_suite_net.data
@@ -0,0 +1,8 @@
+Context init-free-free
+context_init_free:0
+
+Context init-free-init-free
+context_init_free:1
+
+net_poll beyond FD_SETSIZE
+poll_beyond_fd_setsize:
diff --git a/tests/suites/test_suite_net.function b/tests/suites/test_suite_net.function
new file mode 100644
index 0000000..f429fc9
--- /dev/null
+++ b/tests/suites/test_suite_net.function
@@ -0,0 +1,137 @@
+/* BEGIN_HEADER */
+
+#include "mbedtls/net_sockets.h"
+
+#if defined(unix) || defined(__unix__) || defined(__unix) || \
+ defined(__APPLE__) || defined(__QNXNTO__) || \
+ defined(__HAIKU__) || defined(__midipix__)
+#define MBEDTLS_PLATFORM_IS_UNIXLIKE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_IS_UNIXLIKE)
+#include <sys/fcntl.h>
+#include <sys/resource.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <unistd.h>
+#endif
+
+
+#if defined(MBEDTLS_PLATFORM_IS_UNIXLIKE)
+/** Open a file on the given file descriptor.
+ *
+ * This is disruptive if there is already something open on that descriptor.
+ * Caller beware.
+ *
+ * \param ctx An initialized, but unopened socket context.
+ * On success, it refers to the opened file (\p wanted_fd).
+ * \param wanted_fd The desired file descriptor.
+ *
+ * \return \c 0 on succes, a negative error code on error.
+ */
+static int open_file_on_fd( mbedtls_net_context *ctx, int wanted_fd )
+{
+ int got_fd = open( "/dev/null", O_RDONLY );
+ TEST_ASSERT( got_fd >= 0 );
+ if( got_fd != wanted_fd )
+ {
+ TEST_ASSERT( dup2( got_fd, wanted_fd ) >= 0 );
+ TEST_ASSERT( close( got_fd ) >= 0 );
+ }
+ ctx->fd = wanted_fd;
+ return( 0 );
+exit:
+ return( -1 );
+}
+#endif /* MBEDTLS_PLATFORM_IS_UNIXLIKE */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_NET_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void context_init_free( int reinit )
+{
+ mbedtls_net_context ctx;
+
+ mbedtls_net_init( &ctx );
+ mbedtls_net_free( &ctx );
+
+ if( reinit )
+ mbedtls_net_init( &ctx );
+ mbedtls_net_free( &ctx );
+
+ /* This test case always succeeds, functionally speaking. A plausible
+ * bug might trigger an invalid pointer dereference or a memory leak. */
+ goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PLATFORM_IS_UNIXLIKE */
+void poll_beyond_fd_setsize( )
+{
+ /* Test that mbedtls_net_poll does not misbehave when given a file
+ * descriptor greater or equal to FD_SETSIZE. This code is specific to
+ * platforms with a Unix-like select() function, which is where
+ * FD_SETSIZE is a concern. */
+
+ struct rlimit rlim_nofile;
+ int restore_rlim_nofile = 0;
+ int ret;
+ mbedtls_net_context ctx;
+ uint8_t buf[1];
+
+ mbedtls_net_init( &ctx );
+
+ /* On many systems, by default, the maximum permitted file descriptor
+ * number is less than FD_SETSIZE. If so, raise the limit if
+ * possible.
+ *
+ * If the limit can't be raised, a file descriptor opened by the
+ * net_sockets module will be less than FD_SETSIZE, so the test
+ * is not necessary and we mark it as skipped.
+ * A file descriptor could still be higher than FD_SETSIZE if it was
+ * opened before the limit was lowered (which is something an application
+ * might do); but we don't do such things in our test code, so the unit
+ * test will run if it can.
+ */
+ TEST_ASSERT( getrlimit( RLIMIT_NOFILE, &rlim_nofile ) == 0 );
+ if( rlim_nofile.rlim_cur < FD_SETSIZE + 1 )
+ {
+ rlim_t old_rlim_cur = rlim_nofile.rlim_cur;
+ rlim_nofile.rlim_cur = FD_SETSIZE + 1;
+ TEST_ASSUME( setrlimit( RLIMIT_NOFILE, &rlim_nofile ) == 0 );
+ rlim_nofile.rlim_cur = old_rlim_cur;
+ restore_rlim_nofile = 1;
+ }
+
+ TEST_ASSERT( open_file_on_fd( &ctx, FD_SETSIZE ) == 0 );
+
+ /* In principle, mbedtls_net_poll() with valid arguments should succeed.
+ * However, we know that on Unix-like platforms (and others), this function
+ * is implemented on top of select() and fd_set, which do not support
+ * file descriptors greater or equal to FD_SETSIZE. So we expect to hit
+ * this platform limitation.
+ *
+ * If mbedtls_net_poll() does not proprely check that ctx.fd is in range,
+ * it may still happen to return the expected failure code, but if this
+ * is problematic on the particular platform where the code is running,
+ * a memory sanitizer such as UBSan should catch it.
+ */
+ ret = mbedtls_net_poll( &ctx, MBEDTLS_NET_POLL_READ, 0 );
+ TEST_EQUAL( ret, MBEDTLS_ERR_NET_POLL_FAILED );
+
+ /* mbedtls_net_recv_timeout() uses select() and fd_set in the same way. */
+ ret = mbedtls_net_recv_timeout( &ctx, buf, sizeof( buf ), 0 );
+ TEST_EQUAL( ret, MBEDTLS_ERR_NET_POLL_FAILED );
+
+exit:
+ mbedtls_net_free( &ctx );
+ if( restore_rlim_nofile )
+ setrlimit( RLIMIT_NOFILE, &rlim_nofile );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 98016c6..82d1573 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -15,18 +15,6 @@
* unconditionally (https://github.com/ARMmbed/mbedtls/issues/2023). */
#include "psa/crypto.h"
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/psa_util.h"
-#include "test/psa_crypto_helpers.h"
-#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
-#else
-/* Define empty macros so that we can use them in the preamble and teardown
- * of every test function that uses PSA conditionally based on
- * MBEDTLS_USE_PSA_CRYPTO. */
-#define PSA_INIT( ) ( (void) 0 )
-#define PSA_DONE( ) ( (void) 0 )
-#endif
-
#define RSA_KEY_SIZE 512
#define RSA_KEY_LEN 64
@@ -208,7 +196,7 @@
mbedtls_pk_free( &pk ); /* redundant except upon error */
mbedtls_pk_free( &pk2 );
- PSA_DONE( );
+ USE_PSA_DONE( );
}
/* END_CASE */
@@ -682,8 +670,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
@@ -725,8 +713,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
if( digest != MBEDTLS_MD_NONE )
@@ -770,7 +758,7 @@
mbedtls_ecp_keypair *eckey;
mbedtls_pk_init( &pk );
- PSA_INIT( );
+ USE_PSA_INIT( );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
@@ -787,7 +775,7 @@
exit:
mbedtls_pk_free( &pk );
- PSA_DONE( );
+ USE_PSA_DONE( );
}
/* END_CASE */
@@ -813,7 +801,7 @@
TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
@@ -895,8 +883,9 @@
void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret )
{
mbedtls_pk_context pk;
- size_t sig_len;
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+ size_t sig_len, hash_len;
+ mbedtls_md_type_t md = MBEDTLS_MD_SHA256;
+ unsigned char *hash = NULL;
unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
void *rs_ctx = NULL;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
@@ -910,40 +899,43 @@
mbedtls_ecp_set_max_ops( 42000 );
#endif
- mbedtls_pk_init( &pk );
- PSA_INIT( );
+ hash_len = mbedtls_md_get_size( mbedtls_md_info_from_type( md ) );
+ ASSERT_ALLOC( hash, hash_len );
- memset( hash, 0x2a, sizeof hash );
+ mbedtls_pk_init( &pk );
+ USE_PSA_INIT( );
+
+ memset( hash, 0x2a, hash_len );
memset( sig, 0, sizeof sig );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 );
- TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, &sig_len,
+ TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, md,
+ hash, hash_len, sig, &sig_len,
mbedtls_test_rnd_std_rand, NULL, rs_ctx ) == sign_ret );
if( sign_ret == 0 )
TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE );
else
sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
- TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len ) == verify_ret );
+ TEST_ASSERT( mbedtls_pk_verify( &pk, md,
+ hash, hash_len, sig, sig_len ) == verify_ret );
if( verify_ret == 0 )
{
hash[0]++;
- TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len ) != 0 );
+ TEST_ASSERT( mbedtls_pk_verify( &pk, md,
+ hash, hash_len, sig, sig_len ) != 0 );
hash[0]--;
sig[0]++;
- TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len ) != 0 );
+ TEST_ASSERT( mbedtls_pk_verify( &pk, md,
+ hash, hash_len, sig, sig_len ) != 0 );
sig[0]--;
}
- TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
+ TEST_ASSERT( mbedtls_pk_sign( &pk, md, hash, hash_len,
sig, &sig_len,
mbedtls_test_rnd_std_rand,
NULL ) == sign_ret );
@@ -952,19 +944,19 @@
else
sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
- TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret );
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md,
+ hash, hash_len, sig, sig_len, rs_ctx ) == verify_ret );
if( verify_ret == 0 )
{
hash[0]++;
- TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md,
+ hash, hash_len, sig, sig_len, rs_ctx ) != 0 );
hash[0]--;
sig[0]++;
- TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md,
+ hash, hash_len, sig, sig_len, rs_ctx ) != 0 );
sig[0]--;
}
@@ -973,7 +965,8 @@
mbedtls_pk_restart_free( rs_ctx );
#endif
mbedtls_pk_free( &pk );
- PSA_DONE( );
+ mbedtls_free( hash );
+ USE_PSA_DONE( );
}
/* END_CASE */
@@ -997,8 +990,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
output, &olen, sizeof( output ),
@@ -1036,12 +1029,12 @@
rsa = mbedtls_pk_rsa( pk );
/* load public key */
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
/* load private key */
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 );
@@ -1302,6 +1295,6 @@
psa_reset_key_attributes( &attributes );
mbedtls_pk_free( &pk );
- PSA_DONE( );
+ USE_PSA_DONE( );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function
index 068027b..d355340 100644
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@@ -19,6 +19,8 @@
mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, E;
+ info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ info.fallback_p_rng = NULL;
info.buf = rnd_buf->x;
info.length = rnd_buf->len;
@@ -26,8 +28,8 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
@@ -74,10 +76,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
@@ -275,6 +277,8 @@
mbedtls_mpi N, P, Q, E;
mbedtls_test_rnd_buf_info info;
+ info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ info.fallback_p_rng = NULL;
info.buf = rnd_buf->x;
info.length = rnd_buf->len;
@@ -285,10 +289,10 @@
memset( hash_result, 0x00, sizeof( hash_result ) );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
@@ -331,8 +335,8 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
memset( hash_result, 0x00, sizeof( hash_result ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
diff --git a/tests/suites/test_suite_pkcs1_v21.data b/tests/suites/test_suite_pkcs1_v21.data
index 2dde5e9..405e16b 100644
--- a/tests/suites/test_suite_pkcs1_v21.data
+++ b/tests/suites/test_suite_pkcs1_v21.data
@@ -1,885 +1,1042 @@
RSAES-OAEP Encryption Test Vector Int
-pkcs1_rsaes_oaep_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0
+pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0
RSAES-OAEP Encryption Test Vector Data just fits
-pkcs1_rsaes_oaep_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd":"aafd12f659cae63489b479e5076ddec2f06cb58f":"3082f2288fff275213d53168f0a272573cff81837c249dc1f380a12ac124c8f217b700708a1ce7dce154265f31a126ebdd9ed3ef9145ae29124a25f4e65aa52c5a9ff34f6cf4de9ba937ae406dc7d1f277af4f6fb7ea73bfbab2bd397b6b2c53570e173ffcf3b9f0bb96837623a4f87bd81b41446c59e681a2f3da81239e9bdf":0
+pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd":"aafd12f659cae63489b479e5076ddec2f06cb58f":"3082f2288fff275213d53168f0a272573cff81837c249dc1f380a12ac124c8f217b700708a1ce7dce154265f31a126ebdd9ed3ef9145ae29124a25f4e65aa52c5a9ff34f6cf4de9ba937ae406dc7d1f277af4f6fb7ea73bfbab2bd397b6b2c53570e173ffcf3b9f0bb96837623a4f87bd81b41446c59e681a2f3da81239e9bdf":0
RSAES-OAEP Encryption Test Vector Data too long
-pkcs1_rsaes_oaep_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSAES-OAEP Encryption Test Vector 1_1
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0
RSAES-OAEP Encryption Test Vector 1_2
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0
RSAES-OAEP Encryption Test Vector 1_3
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0
RSAES-OAEP Encryption Test Vector 1_4
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0
RSAES-OAEP Encryption Test Vector 1_5
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0
RSAES-OAEP Encryption Test Vector 1_6
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0
RSAES-OAEP Encryption Test Vector 2_1
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0
RSAES-OAEP Encryption Test Vector 2_2
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0
RSAES-OAEP Encryption Test Vector 2_3
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0
RSAES-OAEP Encryption Test Vector 2_4
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0
RSAES-OAEP Encryption Test Vector 2_5
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0
RSAES-OAEP Encryption Test Vector 2_6
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0
RSAES-OAEP Encryption Example 3_1
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0
RSAES-OAEP Encryption Example 3_2
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0
RSAES-OAEP Encryption Example 3_3
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0
RSAES-OAEP Encryption Example 3_4
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0
RSAES-OAEP Encryption Example 3_5
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0
RSAES-OAEP Encryption Example 3_6
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0
RSAES-OAEP Encryption Example 4_1
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0
RSAES-OAEP Encryption Example 4_2
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0
RSAES-OAEP Encryption Example 4_3
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0
RSAES-OAEP Encryption Example 4_4
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0
RSAES-OAEP Encryption Example 4_5
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0
RSAES-OAEP Encryption Example 4_6
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0
RSAES-OAEP Encryption Example 5_1
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0
RSAES-OAEP Encryption Example 5_2
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0
RSAES-OAEP Encryption Example 5_3
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0
RSAES-OAEP Encryption Example 5_4
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0
RSAES-OAEP Encryption Example 5_5
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0
RSAES-OAEP Encryption Example 5_6
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0
RSAES-OAEP Encryption Example 6_1
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0
RSAES-OAEP Encryption Example 6_2
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0
RSAES-OAEP Encryption Example 6_3
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0
RSAES-OAEP Encryption Example 6_4
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0
RSAES-OAEP Encryption Example 6_5
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0
RSAES-OAEP Encryption Example 6_6
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0
RSAES-OAEP Encryption Example 7_1
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0
RSAES-OAEP Encryption Example 7_2
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0
RSAES-OAEP Encryption Example 7_3
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0
RSAES-OAEP Encryption Example 7_4
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0
RSAES-OAEP Encryption Example 7_5
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0
RSAES-OAEP Encryption Example 7_6
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0
RSAES-OAEP Encryption Example 8_1
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0
RSAES-OAEP Encryption Example 8_2
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0
RSAES-OAEP Encryption Example 8_3
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0
RSAES-OAEP Encryption Example 8_4
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0
RSAES-OAEP Encryption Example 8_5
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0
RSAES-OAEP Encryption Example 8_6
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0
RSAES-OAEP Encryption Example 9_1
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0
RSAES-OAEP Encryption Example 9_2
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0
RSAES-OAEP Encryption Example 9_3
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0
RSAES-OAEP Encryption Example 9_4
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0
RSAES-OAEP Encryption Example 9_5
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0
RSAES-OAEP Encryption Example 9_6
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0
RSAES-OAEP Encryption Example 10_1
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0
RSAES-OAEP Encryption Example 10_2
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0
RSAES-OAEP Encryption Example 10_3
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0
RSAES-OAEP Encryption Example 10_4
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0
RSAES-OAEP Encryption Example 10_5
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0
RSAES-OAEP Encryption Example 10_6
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0
RSAES-OAEP Encryption input=NULL with length=0
depends_on:MBEDTLS_SHA1_C
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0
RSAES-OAEP Decryption Test Vector Int
-pkcs1_rsaes_oaep_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0
+pkcs1_rsaes_oaep_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0
RSAES-OAEP Decryption Test Vector 1_1
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0
RSAES-OAEP Decryption Test Vector 1_2
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0
RSAES-OAEP Decryption Test Vector 1_3
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0
RSAES-OAEP Decryption Test Vector 1_4
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0
RSAES-OAEP Decryption Test Vector 1_5
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0
RSAES-OAEP Decryption Test Vector 1_6
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0
RSAES-OAEP Decryption Test Vector 2_1
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0
RSAES-OAEP Decryption Test Vector 2_2
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0
RSAES-OAEP Decryption Test Vector 2_3
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0
RSAES-OAEP Decryption Test Vector 2_4
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0
RSAES-OAEP Decryption Test Vector 2_5
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0
RSAES-OAEP Decryption Test Vector 2_6
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0
RSAES-OAEP Decryption Example 3_1
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0
RSAES-OAEP Decryption Example 3_2
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0
RSAES-OAEP Decryption Example 3_3
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0
RSAES-OAEP Decryption Example 3_4
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0
RSAES-OAEP Decryption Example 3_5
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0
RSAES-OAEP Decryption Example 3_6
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0
RSAES-OAEP Decryption Example 4_1
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0
RSAES-OAEP Decryption Example 4_2
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0
RSAES-OAEP Decryption Example 4_3
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0
RSAES-OAEP Decryption Example 4_4
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0
RSAES-OAEP Decryption Example 4_5
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0
RSAES-OAEP Decryption Example 4_6
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0
RSAES-OAEP Decryption Example 5_1
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0
RSAES-OAEP Decryption Example 5_2
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0
RSAES-OAEP Decryption Example 5_3
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0
RSAES-OAEP Decryption Example 5_4
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0
RSAES-OAEP Decryption Example 5_5
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0
RSAES-OAEP Decryption Example 5_6
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0
RSAES-OAEP Decryption Example 6_1
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0
RSAES-OAEP Decryption Example 6_2
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0
RSAES-OAEP Decryption Example 6_3
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0
RSAES-OAEP Decryption Example 6_4
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0
RSAES-OAEP Decryption Example 6_5
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0
RSAES-OAEP Decryption Example 6_6
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0
RSAES-OAEP Decryption Example 7_1
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0
RSAES-OAEP Decryption Example 7_2
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0
RSAES-OAEP Decryption Example 7_3
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0
RSAES-OAEP Decryption Example 7_4
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0
RSAES-OAEP Decryption Example 7_5
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0
RSAES-OAEP Decryption Example 7_6
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0
RSAES-OAEP Decryption Example 8_1
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0
RSAES-OAEP Decryption Example 8_2
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0
RSAES-OAEP Decryption Example 8_3
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0
RSAES-OAEP Decryption Example 8_4
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0
RSAES-OAEP Decryption Example 8_5
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0
RSAES-OAEP Decryption Example 8_6
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0
RSAES-OAEP Decryption Example 9_1
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0
RSAES-OAEP Decryption Example 9_2
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0
RSAES-OAEP Decryption Example 9_3
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0
RSAES-OAEP Decryption Example 9_4
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0
RSAES-OAEP Decryption Example 9_5
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0
RSAES-OAEP Decryption Example 9_6
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0
RSAES-OAEP Decryption Example 10_1
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0
RSAES-OAEP Decryption Example 10_2
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0
RSAES-OAEP Decryption Example 10_3
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0
RSAES-OAEP Decryption Example 10_4
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0
RSAES-OAEP Decryption Example 10_5
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0
RSAES-OAEP Decryption Example 10_6
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0
RSAES-OAEP Decryption empty output with NULL buffer
depends_on:MBEDTLS_SHA1_C
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0
RSASSA-PSS Signing Test Vector Int
-pkcs1_rsassa_pss_sign:1024:16:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":16:"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":0
+pkcs1_rsassa_pss_sign:1024:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Verification Test Vector Int
-pkcs1_rsassa_pss_verify:1024:16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":0
+pkcs1_rsassa_pss_verify:1024:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":0
RSASSA-PSS Signature RSA-1016, SHA-512: minimum salt size not met
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1016:16:"0e3cb6845e528229e19cfb24611e6859ac1cea7d35992b6e2e796823c52affa03400e42830f90697f084499c3e3587defc19e749e72433dd7b70c28b0c8280b7":16:"0c48f9e45ae38fdb4a5143be37d79a10cd4f1f9782ef26a4848a4449c72cfd712c68350818736385cb4a9ab6db5aef8e96c551039cfcc8915821aee069ed660d":16:"00aee7874a4db2f1510044405db29f14df0f37bbcf61fcbcc994a3d31caaf858a74cc8f2a40ac9a9ce7aa9a0680f62cf9d8d4b827114533fdbf86f16fc9dfe5cbf857d86135519a4611ffc59cb7473861619a78e3ec314715e804cff82d6f32e9f57ddf390563629883bd34f40e8db413209b151cee97d817a5d65c7da54734b":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+pkcs1_rsassa_pss_sign:1016:"0e3cb6845e528229e19cfb24611e6859ac1cea7d35992b6e2e796823c52affa03400e42830f90697f084499c3e3587defc19e749e72433dd7b70c28b0c8280b7":"0c48f9e45ae38fdb4a5143be37d79a10cd4f1f9782ef26a4848a4449c72cfd712c68350818736385cb4a9ab6db5aef8e96c551039cfcc8915821aee069ed660d":"00aee7874a4db2f1510044405db29f14df0f37bbcf61fcbcc994a3d31caaf858a74cc8f2a40ac9a9ce7aa9a0680f62cf9d8d4b827114533fdbf86f16fc9dfe5cbf857d86135519a4611ffc59cb7473861619a78e3ec314715e804cff82d6f32e9f57ddf390563629883bd34f40e8db413209b151cee97d817a5d65c7da54734b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSASSA-PSS Signature RSA-520, SHA-512: no possible salt size
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:520:16:"0feea5f6220fac291b9508ec2ba8ed281eb39aee4d5dc693254106816ebc700ecf":16:"0d68918785c3aafe31eaaa2d8d8156dce645940ff7734a457337a51bd00bc88811":16:"00d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+pkcs1_rsassa_pss_sign:520:"0feea5f6220fac291b9508ec2ba8ed281eb39aee4d5dc693254106816ebc700ecf":"0d68918785c3aafe31eaaa2d8d8156dce645940ff7734a457337a51bd00bc88811":"00d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSASSA-PSS Signature RSA-528, SHA-512: zero salt size
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:528:16:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":16:"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":16:"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSASSA-PSS Signature Example 1_1
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":0
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 1_1 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":0
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":0
RSASSA-PSS Signature Example 1_2
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":0
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 1_2 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":0
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":0
RSASSA-PSS Signature Example 1_3
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":0
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 1_3 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":0
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":0
RSASSA-PSS Signature Example 1_4
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"bc656747fa9eafb3f0":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":0
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"bc656747fa9eafb3f0":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 1_4 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"bc656747fa9eafb3f0":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":0
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"bc656747fa9eafb3f0":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":0
RSASSA-PSS Signature Example 1_5
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":0
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 1_5 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":0
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":0
RSASSA-PSS Signature Example 1_6
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":0
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 1_6 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":0
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":0
RSASSA-PSS Signature Example 2_1
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":0
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 2_1 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":0
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":0
RSASSA-PSS Signature Example 2_2
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":0
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 2_2 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":0
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":0
RSASSA-PSS Signature Example 2_3
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":0
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 2_3 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":0
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":0
RSASSA-PSS Signature Example 2_4
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":0
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 2_4 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":0
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":0
RSASSA-PSS Signature Example 2_5
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":0
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 2_5 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":0
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":0
RSASSA-PSS Signature Example 2_6
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":0
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 2_6 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":0
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":0
RSASSA-PSS Signature Example 3_1
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":0
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 3_1 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":0
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":0
RSASSA-PSS Signature Example 3_2
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":0
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 3_2 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":0
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":0
RSASSA-PSS Signature Example 3_3
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":0
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 3_3 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":0
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":0
RSASSA-PSS Signature Example 3_4
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":0
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 3_4 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":0
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":0
RSASSA-PSS Signature Example 3_5
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":0
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 3_5 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":0
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":0
RSASSA-PSS Signature Example 3_6
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":0
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 3_6 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":0
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":0
RSASSA-PSS Signature Example 4_1
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9fb03b827c8217d9":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":0
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9fb03b827c8217d9":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 4_1 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9fb03b827c8217d9":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":0
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9fb03b827c8217d9":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":0
RSASSA-PSS Signature Example 4_2
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":0
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 4_2 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":0
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":0
RSASSA-PSS Signature Example 4_3
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":0
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 4_3 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":0
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":0
RSASSA-PSS Signature Example 4_4
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":0
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 4_4 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":0
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":0
RSASSA-PSS Signature Example 4_5
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":0
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 4_5 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":0
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":0
RSASSA-PSS Signature Example 4_6
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":0
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 4_6 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":0
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":0
RSASSA-PSS Signature Example 5_1
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":0
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 5_1 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":0
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":0
RSASSA-PSS Signature Example 5_2
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":0
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 5_2 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":0
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":0
RSASSA-PSS Signature Example 5_3
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":0
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 5_3 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":0
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":0
RSASSA-PSS Signature Example 5_4
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"328c659e0a6437433cceb73c14":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":0
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"328c659e0a6437433cceb73c14":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 5_4 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"328c659e0a6437433cceb73c14":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":0
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"328c659e0a6437433cceb73c14":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":0
RSASSA-PSS Signature Example 5_5
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":0
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 5_5 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":0
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":0
RSASSA-PSS Signature Example 5_6
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":0
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 5_6 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":0
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":0
RSASSA-PSS Signature Example 6_1
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":0
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 6_1 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":0
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":0
RSASSA-PSS Signature Example 6_2
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":0
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 6_2 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":0
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":0
RSASSA-PSS Signature Example 6_3
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":0
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 6_3 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":0
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":0
RSASSA-PSS Signature Example 6_4
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":0
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 6_4 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":0
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":0
RSASSA-PSS Signature Example 6_5
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":0
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 6_5 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":0
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":0
RSASSA-PSS Signature Example 6_6
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":0
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 6_6 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":0
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":0
RSASSA-PSS Signature Example 7_1
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":0
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 7_1 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":0
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":0
RSASSA-PSS Signature Example 7_2
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":0
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 7_2 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":0
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":0
RSASSA-PSS Signature Example 7_3
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":0
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 7_3 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":0
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":0
RSASSA-PSS Signature Example 7_4
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":0
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 7_4 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":0
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":0
RSASSA-PSS Signature Example 7_5
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":0
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 7_5 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":0
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":0
RSASSA-PSS Signature Example 7_6
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":0
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 7_6 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":0
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":0
RSASSA-PSS Signature Example 8_1
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":0
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 8_1 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":0
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":0
RSASSA-PSS Signature Example 8_2
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":0
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 8_2 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":0
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":0
RSASSA-PSS Signature Example 8_3
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":0
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 8_3 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":0
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":0
RSASSA-PSS Signature Example 8_4
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":0
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 8_4 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":0
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":0
RSASSA-PSS Signature Example 8_5
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":0
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 8_5 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":0
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":0
RSASSA-PSS Signature Example 8_6
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":0
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 8_6 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":0
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":0
RSASSA-PSS Signature Example 9_1
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":0
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 9_1 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":0
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":0
RSASSA-PSS Signature Example 9_2
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":0
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 9_2 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":0
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":0
RSASSA-PSS Signature Example 9_3
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":0
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 9_3 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":0
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":0
RSASSA-PSS Signature Example 9_4
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":0
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 9_4 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":0
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":0
RSASSA-PSS Signature Example 9_5
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":0
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 9_5 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":0
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":0
RSASSA-PSS Signature Example 9_6
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":0
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 9_6 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":0
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":0
RSASSA-PSS Signature Example 10_1
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":0
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 10_1 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":0
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":0
RSASSA-PSS Signature Example 10_2
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":0
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 10_2 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":0
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":0
RSASSA-PSS Signature Example 10_3
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":0
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 10_3 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":0
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":0
RSASSA-PSS Signature Example 10_4
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":0
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 10_4 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":0
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":0
RSASSA-PSS Signature Example 10_5
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":0
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 10_5 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":0
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":0
RSASSA-PSS Signature Example 10_6
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Signature Example 10_6 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0
RSASSA-PSS Signature verify options #1 (OK)
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0
RSASSA-PSS Signature verify options #2 (ctx_hash none)
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0
RSASSA-PSS Signature verify options #3 (ctx_hash diverging)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_INVALID_PADDING:0
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_INVALID_PADDING:0
RSASSA-PSS Signature verify options #4 (mgf1_hash diverging)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
RSASSA-PSS Signature verify options #5 (wrong msg_hash)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_VERIFY_FAILED:MBEDTLS_ERR_RSA_VERIFY_FAILED
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_VERIFY_FAILED:MBEDTLS_ERR_RSA_VERIFY_FAILED
RSASSA-PSS Signature verify options #6 (wrong expected_salt_len)
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:21:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:21:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
RSASSA-PSS Signature verify options #7 (wrong expected_salt_len)
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:19:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:19:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
RSASSA-PSS Signature verify options #8 (non-default salt_len: max)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:94:"54657374206d657373616765":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":0:0
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:94:"54657374206d657373616765":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":0:0
RSASSA-PSS Signature verify options #9 (non-default salt_len: 0)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
RSASSA-PSS Signature verify options #10 (non-default salt_len: 0, ANY)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
RSASSA-PSS Signature verify options #11 (MGF1 alg != MSG hash alg)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
RSASSA-PSS Signature verify options #12 (MGF1 alg != MSG hash alg, ctx wrong)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_ERR_RSA_INVALID_PADDING:0
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_ERR_RSA_INVALID_PADDING:0
RSASSA-PSS Signature verify options #13 (MGF1 alg != MSG hash alg, arg wrong)
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:MBEDTLS_ERR_RSA_INVALID_PADDING
RSASSA-PSS verify ext, 512-bit key, empty salt, good signature
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:512:16:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":0:0
+pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":0:0
RSASSA-PSS verify ext, 512-bit key, empty salt, bad signature
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:512:16:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf247":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING
+pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf247":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING
RSASSA-PSS verify ext, 522-bit key, SHA-512, empty salt, good signature
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:522:16:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:0
+pkcs1_rsassa_pss_verify_ext:522:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:0
RSASSA-PSS verify ext, 522-bit key, SHA-512, saltlen=64, good signature with saltlen=0
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:522:16:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+pkcs1_rsassa_pss_verify_ext:522:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:MBEDTLS_ERR_RSA_INVALID_PADDING
RSASSA-PSS verify ext, 528-bit key, SHA-512, empty salt, good signature
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:528:16:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:0
+pkcs1_rsassa_pss_verify_ext:528:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:0
RSASSA-PSS verify ext, 528-bit key, SHA-512, saltlen=64, good signature with saltlen=0
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:528:16:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+pkcs1_rsassa_pss_verify_ext:528:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:MBEDTLS_ERR_RSA_INVALID_PADDING
RSASSA-PSS verify ext, 512-bit key, SHA-512 (hash too large)
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:512:16:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSASSA-PSS verify ext, 521-bit key, SHA-512, empty salt, bad signature
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:521:16:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"00471794655837da498cbf27242807b40593a353c707eb22fd2cc5a3259e728ac4f1df676043eeec8e16c1175b3d9ac8cae72ec1d5772dd69de71c5677f19031568e":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"00471794655837da498cbf27242807b40593a353c707eb22fd2cc5a3259e728ac4f1df676043eeec8e16c1175b3d9ac8cae72ec1d5772dd69de71c5677f19031568e":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSASSA-PSS verify ext, 521-bit key, SHA-256, empty salt, good signature
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:521:16:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"41":"009c4941157fa36288e467310b198ab0c615c40963d611ffeef03000549ded809235955ecc57adba44782e9497c004f480ba2b3d58db8335fe0b391075c02c843a6d":0:0
+pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"41":"009c4941157fa36288e467310b198ab0c615c40963d611ffeef03000549ded809235955ecc57adba44782e9497c004f480ba2b3d58db8335fe0b391075c02c843a6d":0:0
RSASSA-PSS verify ext, 521-bit key, SHA-256, empty salt, flipped-highest-bit signature
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:521:16:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"41":"00e11a2403df681c44a1f73f014b6c9ad17847d0b673f7c2a801cee208d10ab5792c10cd0cd495a4b331aaa521409fca7cb1b0d978b3a84cd67e28078b98753e9466":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"41":"00e11a2403df681c44a1f73f014b6c9ad17847d0b673f7c2a801cee208d10ab5792c10cd0cd495a4b331aaa521409fca7cb1b0d978b3a84cd67e28078b98753e9466":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSASSA-PSS verify ext, all-zero padding, automatic salt length
depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:512:16:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":16:"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"":"63a35294577c7e593170378175b7df27c293dae583ec2a971426eb2d66f2af483e897bfae5dc20300a9d61a3644e08c3aee61a463690a3498901563c46041056":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING
+pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"":"63a35294577c7e593170378175b7df27c293dae583ec2a971426eb2d66f2af483e897bfae5dc20300a9d61a3644e08c3aee61a463690a3498901563c46041056":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING
RSASSA-PSS Signature RSA-1024, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1024:16:"00e8f95a716c127d5147dcc241a7c1fe8d5487b3e8b6e95e48a83334d21d00c79ad0a90e29941c0c53065b20059de95e9e406061416f7ac12edca1983b9ee28cc3":16:"00d72348b297e7e5dc4329f6ab874b17982584e0ab43174070a9be983c0f040320d6f893c40d2717cb3044380cb3230b7133621eb1c55a3ea56d0e7cee694b5df3":16:"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":0
+pkcs1_rsassa_pss_sign:1024:"00e8f95a716c127d5147dcc241a7c1fe8d5487b3e8b6e95e48a83334d21d00c79ad0a90e29941c0c53065b20059de95e9e406061416f7ac12edca1983b9ee28cc3":"00d72348b297e7e5dc4329f6ab874b17982584e0ab43174070a9be983c0f040320d6f893c40d2717cb3044380cb3230b7133621eb1c55a3ea56d0e7cee694b5df3":"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Verification RSA-1024, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1022:16:"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":0
+pkcs1_rsassa_pss_verify:1022:"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":0
RSASSA-PSS Signature RSA-1032, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1032:16:"0dfaedb709ada2105223e5e7764a5f31d07ae7a37bdc7b4a56c2499e1173147bcdcb165b8fb01a2528190cb6874656a936491898fca330db8af5a9ed5417268ed7":16:"0c339c56797a90c641292560d0ef675f71ac2c99fcaba6260c38e4f167dfd179eb7a9e255f9bdbc549e4181f9a2a19b1f30a80b292d5ef1ad75b9e658eaa6fb0bb":16:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":0
+pkcs1_rsassa_pss_sign:1032:"0dfaedb709ada2105223e5e7764a5f31d07ae7a37bdc7b4a56c2499e1173147bcdcb165b8fb01a2528190cb6874656a936491898fca330db8af5a9ed5417268ed7":"0c339c56797a90c641292560d0ef675f71ac2c99fcaba6260c38e4f167dfd179eb7a9e255f9bdbc549e4181f9a2a19b1f30a80b292d5ef1ad75b9e658eaa6fb0bb":"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Verification RSA-1032, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1032:16:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":0
+pkcs1_rsassa_pss_verify:1032:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":0
RSASSA-PSS Verification of OpenSSL-generated signature RSA-1032, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1032:16:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"1de40b1c452691dfd8ceb42ecf5f0cbda944d871141b4407c1e30a6657c58c2e496b2a3ad10e025d45ca9606d25602ac1de04af8e0d24aa06e57ec3fea5c961ecf1e0a4e442fda0cdaba42469288cde5d7d0c223facceaf4c7caabe93505acd5664c9b4fae64272af4d5b74326a01724a25fabdb10b177821d2273650a84426dbd":0
+pkcs1_rsassa_pss_verify:1032:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"1de40b1c452691dfd8ceb42ecf5f0cbda944d871141b4407c1e30a6657c58c2e496b2a3ad10e025d45ca9606d25602ac1de04af8e0d24aa06e57ec3fea5c961ecf1e0a4e442fda0cdaba42469288cde5d7d0c223facceaf4c7caabe93505acd5664c9b4fae64272af4d5b74326a01724a25fabdb10b177821d2273650a84426dbd":0
RSASSA-PSS Signature RSA-1040, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1040:16:"00fc7f4b490b4d3ef729db23fb5afbb5f2fc620a472342d8b8ff310cfdc124be76dc22ab6f4be35a38ddd31f24d7f64d310f67ab3a375e83f4e0559e4cb5dc43e875":16:"00d51e8680ab71dc01e1a8a68a298636bb1658cfab8d73ce528a62697722d485ab90cdafc5e27768b761839ff93420458ae55f15a69465dbc0c7b524dc9a385ff925":16:"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":0
+pkcs1_rsassa_pss_sign:1040:"00fc7f4b490b4d3ef729db23fb5afbb5f2fc620a472342d8b8ff310cfdc124be76dc22ab6f4be35a38ddd31f24d7f64d310f67ab3a375e83f4e0559e4cb5dc43e875":"00d51e8680ab71dc01e1a8a68a298636bb1658cfab8d73ce528a62697722d485ab90cdafc5e27768b761839ff93420458ae55f15a69465dbc0c7b524dc9a385ff925":"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Verification RSA-1040, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1040:16:"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":0
+pkcs1_rsassa_pss_verify:1040:"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":0
RSASSA-PSS Signature RSA-1048, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1048:16:"0f39b79809516becc2e3481b6b47584aa2299bd2027ab8a303b9de5b0adcb4a5d38e38edb8c1fac3ea1dbd7e1d50b84323e362cff4df3f5a5182dafa9bb9217a73d7":16:"0d18164f8bd0d58d019998c8cb17c4c0354e62b8a9462acca30816894f982c2ae114e73993e30698930437b4eec44adec24d32ccbcbae7cc4c9f8911b1eb2100685b":16:"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":0
+pkcs1_rsassa_pss_sign:1048:"0f39b79809516becc2e3481b6b47584aa2299bd2027ab8a303b9de5b0adcb4a5d38e38edb8c1fac3ea1dbd7e1d50b84323e362cff4df3f5a5182dafa9bb9217a73d7":"0d18164f8bd0d58d019998c8cb17c4c0354e62b8a9462acca30816894f982c2ae114e73993e30698930437b4eec44adec24d32ccbcbae7cc4c9f8911b1eb2100685b":"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":MBEDTLS_RSA_SALT_LEN_ANY:0
RSASSA-PSS Verification RSA-1048, SHA-512
depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1048:16:"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":0
+pkcs1_rsassa_pss_verify:1048:"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":0
+
+RSASSA-PSS Signature RSA-1024, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"53d859c9f10abf1c00284a4b55bf2bd84d8e313b4f3c35b8dec7bc3afe39b9b8a155418ead1931895769ce2340be2091f2385bbcf10d9e92bcf5d0e2960d10e792e7d865c64e50d19ffa13e52817d7d8d8db34392c2374a2e9b69184f92a4ad9b1b8bae99ca614d204b65a438e38dbbfc8c7cc44ed5677af70ce6c4f951f0244":20:0
+
+RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7b1d37278e549898d4084e2210c4a9961edfe7b5963550cca1904248c8681513539017820f0e9bd074b9f8a067b9fefff7f1fa20bf2d0c75015ff020b2210cc7f79034fedf68e8d44a007abf4dd82c26e8b00393723aea15abfbc22941c8cf79481718c008da713fb8f54cb3fca890bde1137314334b9b0a18515bfa48e5ccd0":20:0
+
+RSASSA-PSS Signature RSA-1024, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"8f16c807bef3ed6f74ee7ff5c360a5428c6c2f105178b58ff7d073e566dad6e7718d3129c768cd5a9666de2b6c947177b45709dc7cd0f43b0ba6fc75578e1196acc15ca3afe4a78c144cb6885c1cc815f7f98925bc04ad2ff20fc1068b045d9450e2a1dcf5a161ceabba2b0b66c7354fdb80fa1d729e5f976387f24a697a7e56":20:0
+
+RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"a833ba31634f8773e4fe6ea0c69e1a23766a939d34b32fc78b774b22e46a646c25e6e1062d234ed48b1aba0f830529ff6afc296cc8dc207bbc15391623beac5f6c3db557ca49d0e42c962de95b5ff548cff970f5c73f439cfe82d3907be60240f56b6a4259cc96dfd8fe02a0bfa26e0223f68214428fff0ae40162198cc5cbd1":20:0
+
+RSASSA-PSS Signature RSA-1536, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"11d9e77da9c83487f7de32110fb0ae0058d86f53e2f6244af9f59acefa90320d6514936534679c836b499cccf1dac6fb9e5cdf0c953b3a5ad44ae60409502694a7c321e33ad3db37f8ab64af98f350e1679966c198d19dc5db5a44463203802a006ffbc06315dbebc48af183ad0333f8da166d3892c033d338ac1a5d1db22815":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"1d85cec0da1a74825ab796480c6e1235808387106ac1411d68f313246c65040111d74a9a45ebae10ac7686fddf4a340c4f9d24685d708bbf7b0ab4563794f5f90e0405b5d7d56c998e996b8bde2b022ae45fecf29a21836fcf362042e77e13cbf67b8a4da3f1e378dfcab2143aa8b9a145c2ee7d593e31626baa47fe623a3c3f859bb63e9336e11c5ff398a6597623318e098230b09e553ba0a4257692a0bc0a1ce1c17b2d541b52d134627229c141d351c16f1bdfe33384a9e163ecaa13e2fa":20:0
+
+RSASSA-PSS Signature RSA-1536, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"b1e973f21303aa0011d416642cecd45511549b45bd22f910e44bdf7a94b960d8169db60d150786b801b465acb6269aa159fa2529837701e5a263a7f89c1ad3bcb5e18ab4b2775cc23eede79a8eb89c774105c60d8a4cc7be9028a5101566c65f565bf8cf337bb5859028a417fbc862408f1a83d918cad4047843e3ab49c4c229":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"8eb2ba2367b8f0b36b566c938b4d9948b4a0a87dd1c8300a160ec024ad0fa37174d1bba2ae6ee8c7fdbb4d172ac9615f1428599030a33515e2925a268b87c867242ccddcce6c9c03045eccbfee5eeb6e0ce2d89a9c51f40c1732927a6c7d283627dd87eca27270b117e658a3cc9d2ca7da46a76097213a7f3e2a58d7c9d306e796eee94809042bc6768d6cca4e003a40529bffa267914a232f315ddedd2768c60877bdcb05c8f2026179713084a0daf8b494959c347fb65a4414034d21c7a750":20:0
+
+RSASSA-PSS Signature RSA-1536, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"b1e973f21303aa0011d416642cecd45511549b45bd22f910e44bdf7a94b960d8169db60d150786b801b465acb6269aa159fa2529837701e5a263a7f89c1ad3bcb5e18ab4b2775cc23eede79a8eb89c774105c60d8a4cc7be9028a5101566c65f565bf8cf337bb5859028a417fbc862408f1a83d918cad4047843e3ab49c4c229":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"9fa4e64bab336017e19015ee7ea1e267bf426633fb2ac5f4d65bc754aba17f7a9f0f1ee2bf0a3b9f2dd354ed8eba596f5ca3e26495ef268658bd247474d3524b11a2953f591f8abb14ef4bcd44dadc36a41f9daef1bf88b7e441160278c8a39945524557b84ce5cdcb79eecbad63658e8470d8dc94b44aad1f04b05400ea04e5f959dd18f6f718311f6dfec98a7e1aaa7ba11771f61448b12d7901a2530e830dccc531fd0dbe222215b3f7b9dafa5fc20d5af15ab312b621d71b2106150a801b":20:0
+
+RSASSA-PSS Signature RSA-1536, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"7224091b8f68b00d49d2ef1bfc5ca7352e852aee73a346768f7b80c8db0f9d24eab767c06b73adbb51808c523229ed56ede04fdd908dc73979264426bb801847c365b4d43be6b38d2ef21bf26d28dfb532eaa87004b3d494daaabfa18377429d45557abfc568cb6b265224637501843b45cabd0d96bc786ffc2e79a2fd9b240c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"32e688063ea24ccb2ca998fb7091877c103ce6576b11a175bc896af454042a5731b91c1c58b4d8e38f0619f6ddc8ced6b5397545f9571a4c90767593d11c00b75eb58a0ae4932265f0ab1790be2c83dff65357a301b3b3e2ee2e3683afe0b4b35ee8b6e58a96b4009c98d8faba75f86ffb548f0501884f3528d8eabad353e28d0132c4c01fa3af5dec922f02eff22020481615e4cd35b9eccfd711cb3b0d65af95c0637d79aaa2433f2854de3560adb284248bac8cbd4717317011a5159c93ed":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"e2b81456c355c3f80a363a85cbf245e85a5ff2435e5548d627b5362242aaca4e4a2fa4c900d2a9319eb7fc7469df2a3586aaa4710e9b7362655c27a3c70210962391b1032dc37201af05951a1fc36baa77e5c888419ab4e8f1546380781468ea16e7254a70b08630e229efc016257210d61846d11ed8743276a5d4017e683813":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"cd1fe0acb89969ae139c178bfef1cc982993521b3a020ec847c89c0cc6c869d970f43f018d495b9e991457e7501a344c33c376fd2efcf05ad6eb2bd0b3c0e7cc3c88a4124398ca16585490a0817a36149cc82cdc01b20e9026261215dd06f9db4e13613c6a569c2187a0e00bc63c281149433ac7f061bd218e79f8eca9dd9c93ebc3cc013bf27aa0bf286e124593e76d3c7012f97ae1d0c4bf5823cf17fe76d505a54cef174add58ae616f47de825049e9916bf2ab7de4d443745763b0c314cfae3a6e57ad475cc5fae47cddcad7b526c2154a15f9ee8eab02f4c36f7a41d7a19b23c5996b627270ceb2c0dbed1a6b6dd2ff94868e073cb7b1a1fa3429e487ae":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"6375755eff8d48afb3263b3b96988a2afd181ba061793ea009783bb1599d03944d987620a2668ac9714d6f2a21f7e5200d63923f42cb32e63301c8de58c70a203910640da967d03f4f6292f6cb199759822790c0c5bcfb1d4faa59465c3db2ea1fffd5e543335632b74745bf1e18473c0a8b4a89def6b27edf0d7d735ee13f887041c9d8a91e62186a9a1e0b1afb48e577f6887ca61b7c1bb26b4a8e2cc464a9af03444b3da5bed08b73f1262bd3d61f4c78f49fac6a3bfc9e8548b4bbe64cce6a6090fc480efd1f36c18c10bc09be9d957a79f707a10577a1bf6e9e2d4849693fa58d8877c8f1e55181955d6c2b94b1d6d9401b5fb80cc32b358934fec2aedb":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"4d41e81fe7729b79c1703ef84bfc5e842050213c31b188b02044f151ea22e026c9aefec05927626ff97910b67459bffde190e086c797dba285659c25f1854e17406b66ac2608e4763d9cd5daabcc1dc100f4738f5dbead59dbf43e532a92fd87792028cd963ea8f75781964c387dff384523e4413b4e853dea98e0c2dd7274df":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"b43d87deefa7df127a717f4065f831c58cd84bf78c916ba52ed32769abd541df52233b8583507c539b1d51e0437ab1a41e17fc1599b92aabdb5b040dc79027c60c9cc3ed3de36aeea28f20360635be5bf654d6c1b7fe6da77d0c45b9ea2802ad22eba182cbed95d33da7f78ac844f4891cebc0396caa2f8daaf55254fdafe98b5fe6c4dd3967d23ea99497060820e108e818cd0aa94e65770bde892c62233b96d87fe545162d6ba077f110274bddacb2a7cbf17d437bfe004b34c3ea24fb46e5ed9cce4de96b0694efd73832ec76e19e5a25c49c5843393ce6b919ea35e4d264e0a0855f518a63c008c183798ca612cd8f75688a09210413e0a23cafcf2d4158":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"252433d4b72a33e1aa444aa9680454e9cdab208637ec2173dcf366d561a6cc65a82b7316e9aa6ef90454bf5d15a4823a49e468d0f1f4678bd547b02acb2ee22088597d3ab59a998346edd86507b6991077496e20daafd1798aa812768eec94446db6398844831b4817177d0865c20133ffe11bbd1aa7c507a21e7403d1684b98":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"2cdb0d5ea5f0aad1f7af8108bff56eec5c0dcd0522c5dc6ae4c6e0f66821cdf698ccfeace65fd6e47f95febd879e580e5ee648972cc265f9a117fc720db4f2545a432eae24a367b0aaa70a011ac8fdec94a95c3cd48cfa7102de8dc26c877e974688b3919de6cf06e27028995ac85da88cb3851a5761e17f215e5c593e13e481088c7d747ecb34d3ce61a5b56eb2a65be5363363294eb365f83c4c709644d857e2ccb14a5851724420fc81178144ef3f9e1138b5750eb7196eba3319d799c3494a7e399115a62b1ca4f1d5da079b495d35fd651a1de78d54000b06bdd3122d7404013f2ed8fdf8a7d012f9812b8e4c2e0b24192d5f899d70a3cc5c7e08c81be7":20:0
+
+RSASSA-PSS Signature RSA-3072, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"1e4f71d67b8041845a6741a2e84b313f035f04d64e8c922e84718d7f0ca9b6d6ce4c50ba46b8d510d691e93c61068c89155693cb8893594307a7b2c22b942011ac004a917af0a91f0ad4853aeec42068a90931d5c1df933e16793f0d714678c6607345a142b124799e38fde4b90b55a4677ec43e21f6a9e858f11ca8094624bb":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7171c74df24272dfe6b34db78f24507a68062bd791f68796d5001be354de6fddab81e9252e151884f4cc1f3cd3e7760e263c0c34e63c557eb32c8336e0cef40855c5e279dbba3170da5a14ac60e4cc8d402633a383b88709f3306fb02708e39f3039e7e614edcb89609c8c71137de5211659a41e9e5682cfe0463f3bc97558d3bf77bd798976f09db69153123923835ac9bbd7648c2773e38b5228640fde6df005e9f44819eca31f41ccddbd45d61ae7e1ed0640f0736f52bf5fc1c62f5430de6a96d5aabccfcfef508ac299c7f3f0f7d222ef1f19b288273690b3275b68f874301afa95d243316284ed117bded69da11f5ce1435dd67717bae82ed468ff1b6ac7f2483397d310ffe91775189f671a82b493039d8c233830d20e290bc9be880a47f0b36bf2e1da2c1f23dafeb9f42d9f084feb808a98e894e8501937ba932594a6d202e20a0afddcef8fa48c1682d3179edebf8ea44ea1216a2f55c305cdf487249010909fa8a21d9ba9e3dbbeec046a823922390b7d902d77ec176bb447b05d":20:0
+
+RSASSA-PSS Signature RSA-3072, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"e2f6dfa5014fee6b1b04108682e85619ded7c4647faf4ae8f19cf6cbd199677fe033859f56906f1979b1b5926df4c8064eddaeaf7c15fa2936b3fcd36bbb3578cce40d2f269fc97fef54b7c71fefabdd419baff6c9cdf7c6a88513e81ed1687fcf92e11e1a82e2e5a6767eed3de1e9e7de9a30ff0ddf27076e99a3d192e1eadc":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3a0622ddff5a0c1f5b545d684054e46211786a2e40627e0cb6795ea0d176f3c97e6536fb64c5eca7b28b7ac52e48e3d50b916d2fccb87d70cd8eda7c15c2308734254716e5b400592cc2e5e033ba27866cb14fefbdcbc35d5d85d4eee8ba6bc2da995e8ebcc27d50c48aa988bf45fde27311a9e2ec029d0fa6fa6d3efea460fc1a90e443d807d209a4c06bf3022d529ab2e4a877325fcccb3f86ac16200ab95628bf0c1c8c70f6fe1a9f288bbc0162a392f40ad1109cdbbaf03d9b2d514a60983874350be9aef886c3c481a66325f137aecb4c82a8a73046dbc1dd8598ffbdb828a3d638f9dd8139a768dcd8d30d79740ef345c1644d03e6fb86a46367f6d82a7a819057ae490e1b100b5842ed385845f379101e37ce604531c61de423df66200d45b7229662fd0ec3572593b09a5213ec14c1d7b2338ca9c763c0d18946f04eaaf57ea2ebc79e093f2fd4c64cb1c1a7f0e888dc2d87a15eb769f56dc180cfe1597cc3e4e1811d4e27852fa188c8fec4fc917d4724d33ce5f3211895cf7e8b8c":20:0
+
+RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3f90aeabfa9a5f00e241f3f65dfe61baf67c1356353042c3566edacb11c7649737e5adf94cfb05f2619aecc8895db45190fbdf35dab01144e207b6f0923927a6148d3f16eaad05e73bccb562dc087e2d82db3dce130a83e8303bd7c3447b3ae4d3700d4763ba6981d82618ac82a6e66423f294781a59b20cc978c79e2d5c103bfb9d47119294c3c85b1d3c45a36897d42e183514cc8edbbfa1be9ef17b78280b5b6214dad79d60db057f22506515b6843ce7d4dd6bd861a889b36164c325147baeed714d7a3f55ae51ef6e6d4ae9e862d677caba1a2df369c23d3ffe33dd42fe707e1fd8ba6283aaa0b570353b48a8e39ff72a09f700e024150ce87c044a3ec745b212ae81aa5743b981a8bb95deb6b3e15c2487f7900178d5840f8e794662706dcdb19bc0bdd56cb7fdf0e21d10b03adac41b749f31bd3e7c4d07d5d4ec8e79d424812b6e83f1c7b59779e58029f9b07da3e77795fcff6ae8bb098b1c00d1d2a5bc0cb005ef3d8aab63ddd883d38bacdc64307e911c6e51946744f361fe978d":20:0
+
+RSASSA-PSS Signature RSA-3072, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e990c8835f18b18562323ba5096a4e7b99bd84899e5cdd1f3badb47cbf93f13678ef81dccc6703d98566c49b6d63eef51b67fcc20cc971ccf63ccaec580db17256a573c6c455b4508153629606ffe7a43e6ba3b1991b99ff5c0968033bec7ec629ba888b6f6c2cb2fb01fbdcfbc5a150abd35f9e6bd9bc82151b770a8dbbbffb":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"607b7731ecb232f9b8e9ea03be28cc1e948acc3ec12a1222ba0f63935440c3effeaf460d7066d260d174d0ed18a9193550000c2fa0119712fb1ab1e27b4e6f5f84be9b63a1ede17a01174060e2d9e46121cc5d10515a342a26649539341eb1b44b82e346a0102e7ca45be3149b5f1444bd7fdf43da441c59deb37da9a223bcd7a8244237bb5404ea532eb470e80891c0fe9403d12734100284e99cfd96de2ab4058529d91bf348c6cbdb7fcfeea3f9925e93efd6adb3ef6946008738f4577a49c42ac0203a2d982fd77cb421ae030b81b97dd04490605179626903471cf68835dd5e4ac41acfe54e048878df89db9c2de5f1e822266c325e0be0991c7f18cd3de4b2110e14f56100e45f8ba19edf917150c2074f379293f73cb587ff77ad63e4cbec9eeaed77ca90261b2813ae8e6533b09b223a68abe2beeec888088ff91fea5c63de3b55238aef018c368f98651572bc7b8cf3d14c15b24bb5534ae07a6c4c9d5ecd0b86961b550859036ba6fa8e50d06228d89bcc943581b26e302795d1e3":20:0
+
+RSASSA-PSS Signature RSA-4096, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"11bafee5c6534fe14d973d2f60a674983434ee03ace7c4f1cd00444b723e455d40ffb722dda97ec25d488159fd79fdfa148620f446d2d353fb78d7aa0f2f1310cc712c6915dc57e7e3d86bd0f67a3b81c4a822b3b67edffd93f1a39a3cb2696d9b558642d6b38157c88d241bb172d3352ce21dc862b391f57eb4d3a26191ef7a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3742d8a9627e2e10145c31a3548977f87f8019b1d9093c42f806c8df5ef7fad8330e2a05846c346cb64d9e8af2cd3806eb0df40cd097b3f8841525786ed53746498aa565f8945cf55e24944e8e3d86eb219f65c3385e1e7d45fe3a403773f3057bf22839d5903cd64c95a417c00b429ee068f0fe8ec17305a122979cabee8c3ad31b597da7c71fa1db3da842f7f7048f4396e1768197ccd84c5d9a0450d66f0bc88da7605cc8cdfe52bce60793704dafea504349ff14c481bea73dd761c848387d12f2d1b9227a959fec8b9eef0e9780cb6a427af946597d7e6059a07d50e878d7ae14eed8b571ac88e1c5d1a00d16c0de1c5148ec5781036676c6355e0cbca06346eebaf6c7de938cedd47a244f908ba1189bfbd97bd2667e8eba95e007a64b165dbfc4bf35878cd606732fd469f922ec141e5bc6a7d5c1875233cff612d336c28466c271764ef94e9c07e701923f1f68f39e2f003487dbe41d5505862eb4e90402e50f7b3cb918ef3eff893d0f00b203e2a511cfea4ca54c043ed0598d022c947cad5129fc47f5e79db97a0eea5afd7bb801a367a7bb8d929de1c12a54865e1e183ed926bb8da9d454c7a52b30cfcfe9ed3479799276f4a65b30f430e61fcf520e46e4eb9bea59ba064e7c9c72c9b58bf4ff633897d3ea46d989cec31ce4fc32e46e5a3d1805c35a30b387fb77afe20dba19be37252e40b252d346b69d3cf2":20:0
+
+RSASSA-PSS Signature RSA-4096, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"466d2621acc8a91c729334f1ca433bdb5605058d4851f86cc8c217fb9625c996f0d0dc64b635c987ccb63a95c0bbc94cac020b815e37cd5ab7c59dbd51eb8d0864123303eb5ef413028383b093daa41831b4364544ee701d67c56bea0eece0096cdc34e6946cb128dea117288cc753a8adc08ec2429d691ea06b8768154f4d01":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"2e512f73d198e623afe019bd4cea9192ff8b24ab555099d31bd52d705fc808229a269bf749c8061a3dc7ffae9ef7c6bdcd8c34910f92f0a0fcd6d73017ca3388ca5e99a1735e005ff5d5eade3ec0ea0c2436f0e78b197c2d999ba4351b9e37a09195504b63a42762bea22d307a0328fc9c80acdc28fc8f4050e25fbd5890233028f97ea3a2669ff4d5f4232c1e48571499af28ed6f5a92e7936de39d913e12c5cef51e25f90a1e903f3f60a6a9cddbc56564b146aca6af6236b899c2cb7223a6941f0beaa3aa787b2333e4f3e66b334b99b90825153ebd0095f27691880f44e4e77135f26df376e261adfe0d8354cfa15b49138d624d9f62a9751221ee0598097891c9864ad3651e89723bc9ec6086f571e199619ceb6720ab5a4998254cb807dce75a5a5203d38a9f5d56adee4239ff50cefe3e927eba91de7e1f8e1ae8b0505c077788372af7d8ef00735cc531fd46dbe86702ac49171f0a921f4626442ae960e972a5594ee3bcbfbf687cd96ed300aa9df1b9487607b5bae0f1abecbc1d2291fe93b9f8a091ffac8469b0f00ba561f0628f5e004ed1fd8713650e147c4b2cab7f4d69a4ad57b145c1e5e4c1412e86fbbda5a6096f66293203207e35098bf94dafff75ed094d10e6034cd22179d94655004fa4bf4de774807b6f5cd27d90255468cf01db7b6f82607df597f72d1f9c9c91d17740a14a4816ae65e63fde480d":20:0
+
+RSASSA-PSS Signature RSA-4096, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"344a458b48d68949ab0effd488443eb54ef367d74e005aec85402a0bb63bcf9ebd2f1b7b1f58f051e56faf46ab71f3def4a1801fc0d076f361dccbcd8a77f78fa929f1ac76985b89cc08f92ab91e680ad1e90d4ac7234b0e3eb3f925dc7713e8a041af64761f33bb09e0c6c7d9d304018dd2f6a18a7f4107c4ce9d5ad4c4896f":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"364ad106da2cec6ce94e141e16af855f6d6e31ac6d7bdb2649695645a3d7f176a9b55f60b861776d49077dcfda4db42bb584767606f90de7289e71f188ff139b138bbd24f7a7f50192a137f2c648e19fe78a836bd2a01d31b248857cd29dbf3d1251c2d4cb339f2ff78add26304fbc3e44f8a2f04b47dc754b984169fba4a091d70f956074880c709ee849a05f8f2dcffee09b221078e98b6e28a965a2d44fcde72c6b27ff0a3def818d80aaba17915d37ad1d72755548310062e73da15a8d2544b311060b404683c00394666dc3a890f60ec9d85b2d0fca8a76fc96c4cfd0e3c4a83594957bac42866c395f8feab3b40c9bc9a675f47a1cd62fc43ebe0fff2bbd239130bbbe5257c5c3756044eb2190db7a309cddc4ef410e9abccd0f93158e0edfab2f0a50e80d814a428f61c531b2b747e64feb41523c5802a53c374f35df21abe67a877d062f56a001b47ee6ab571b0bbe7141e0b49cfdc97a15dc19138863d140cc772074c12b3d751985b7852fe76932be1f44a165f4fe58a341d28c3f86924defab4cf2458ba4cc3fb92558511ceee6d91c672b24b8727b867132bf6b8d7af714ab668f06f046448c1e854ae98e59cf21f2b7370c9378ee0eb34b031f9f4795057557773af0f7fc18ddeec7e95c2ccdd5f66ed224d08fbdfb37995e87f4df9691e499d77afaa8d5b93f3275c43f69edbe37672cf192f94509df0a4e9b":20:0
+
+RSASSA-PSS Signature RSA-4096, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"fc5b9da74a8afff53e53f7558b69fcad8a924d948cace26f6eeea2d96e71d6493cefdeee55ca22de8c504c70e93db5e6b7811c50d9449ead5d28e25254ce9590e09b16918ebc7283e66792f84164b38ddbcd17ca2912fa4a6d3fc81c87828d680ee8ad569f67d52b752131b63ae7e0ea1dfca5cc251cdf90c5bdbbfeb095a81b":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"6edfb6bfb20da2621e7ca0b8e13bfc3801d8bcb43ef3822be960b96a67d3e8afbbe2ef22e206b328ce99dd8f9758052d42a8ee93e16d8e160a50687e8ffce72d258610064ebde4c4cc2ab96c8e516ec2c1eed816c8e6ac537a0570c9eff81a38147bcd8f4747390676f9d755f613687ac59dbac14f69ca6e56a26727699fa11c200eb77339ead56fc6883acf9b92c6deb6f4d79f82ccdc493fedc6165f78c174adcf32941eeb237a4ae369dbbafb4553c98e413823f6f46da0d47d47a164b792aaf1324a8be4f01601bceb809f8c08f3458b1de2c6378cf93fb293212f6bd4a7b1fd1bfa14a1af29575a5ecc4281420179758e96b4465ec07f6cce4e5e5c2307d531e400e494725eb7dceb1d8dac1000d92f62f319534063c01aec9c6ec0c7675351f2883e462b0454db364f03700d6593c9be195fbea5800ebb81578c765409ac2c37f78fabe8783c5d324fa4dfabe4f192866e34037901615304237f08028a75f00a3904bea03219ef9dbfeb48d10ec59d481eb0429cfc9ae835cc578377e61023d5ceedfd3d0a05aceddb274c13782dda9299d6197519e14791208f8d86d63e0ab7fb42a1e14f8f37f49732e23d4b7d4f07cd0bc828649a12748e8d70f53683580bca87290992a349730370bbed6ed743e705759734872c54ff03c1a97037a7b9ee3c8c42d12c3ebe0c1bf3b42854d04a9177d1a24000bd388fa289fd77d5":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-224, Salt Length 15
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"37ddd9901478ae5c16878702cea4a19e786d35582de44ae65a16cd5370fbe3ffdd9e7ee83c7d2f27c8333bbe1754f090059939b1ee3d71e020a675528f48fdb2cbc72c65305b65125c796162e7b07e044ed15af52f52a1febcf4237e6aa42a69e99f0a9159daf924bba12176a57ef4013a5cc0ab5aec83471648005d67d7122e":"463729b3eaf43502d9cff129925681":"7e628bcbe6ff83a937b8961197d8bdbb322818aa8bdf30cdfb67ca6bf025ef6f09a99dba4c3ee2807d0b7c77776cfeff33b68d7e3fa859c4688626b2441897d26e5d6b559dd72a596e7dad7def9278419db375f7c67cee0740394502212ebdd4a6c8d3af6ee2fd696d8523de6908492b7cbf2254f15a348956c19840dc15a3d732ef862b62ede022290de3af11ca5e79a3392fff06f75aca8c88a2de1858b35a216d8f73fd70e9d67958ed39a6f8976fb94ec6e61f238a52f9d42241e8354f89e3ece94d6fa5bfbba1eeb70e1698bff31a685fbe799fb44efe21338ed6eea2129155aabc0943bc9f69a8e58897db6a8abcc2879d5d0c5d3e6dc5eb48cf16dac8":15:0
+
+RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 25
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"833aa2b1dcc77607a44e804ee77d45408586c536861f6648adcd2fb65063368767c55c6fe2f237f6404250d75dec8fa68bcaf3b6e561863ae01c91aa23d80c6999a558a4c4cb317d540cde69f829aad674a89812f4d353689f04648c7020a73941620018295a4ae4083590cc603e801867a51c105a7fb319130f1022de44f13e":"b750587671afd76886e8ffb7865e78f706641b2e4251b48706":"2ca37a3d6abd28c1eaf9bde5e7ac17f1fa799ce1b4b899d19985c2ff7c8ba959fe54e5afb8bc4021a1f1c687eebb8cba800d1c51636b1f68dc3e48f63e2da6bc6d09c6668f68e508c5d8c19bef154759e2f89ade152717370a8944f537578296380d1fe6be809e8b113d2b9d89e6a46f5c333d4fd48770fc1ea1c548104575b84cf071042bfe5acf496392be8351a41c46a2cab0864c4c1c5b5e0c7b27e7b88c69f37ffa7e1a8cd98f343ac84a4ad67025a40ed8f664e9d630337de6e48bb2125e2552123609491f183afd92634487f0b2cf971f2626e88858879d45a29b0fefb66cd41b2e4e968385bd9fc8c7211976bc6bd3e1ad6df60856985a825f4726d2":25:0
+
+RSASSA-PSS Signature RSA-2048, SHA-512, Salt Length 30
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"5f0fe2afa61b628c43ea3b6ba60567b1ae95f682076f01dfb64de011f25e9c4b3602a78b94cecbc14cd761339d2dc320dba504a3c2dcdedb0a78eb493bb11879c31158e5467795163562ec0ca26c19e0531530a815c28f9b52061076e61f831e2fc45b86631ea7d3271444be5dcb513a3d6de457a72afb67b77db65f9bb1c380":"aa10fec3f83b7a97e092877a5bf9081283f502a0a46b50e395ab983a49ac":"5e0712bb363e5034ef6b23c119e3b498644445faab5a4c0b4e217e4c832ab34c142d7f81dbf8affdb2dacefabb2f83524c5aa883fc5f06e528b232d90fbea9ca08ae5ac180d477eaed27d137e2b51bd613b69c543d555bfc7cd81a4f795753c8c64c6b5d2acd9e26d6225f5b26e4e66a945fd6477a277b580dbeaa46d0be498df9a093392926c905641945ec5b9597525e449af3743f80554788fc358bc0401a968ff98aaf34e50b352751f32274750ff5c1fba503050204cec9c77deede7f8fa20845d95f5177030bc91d51f26f29d2a65b870dc72b81e5ef9eeef990d7c7145bbf1a3bc7aedd19fa7cbb020756525f1802216c13296fd6aac11bf2d2d90494":30:0
+
+RSASSA-PSS Signature RSA-3072, SHA-512, Salt Length 62
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:3072:"dd553696db8ccb107609b8917e688bdd8373a8926bc9d114c1c77f7958070e236ca1bd2025ded59a71093b63afbfce39e92bde9ffca983959e7c3e18d75650612258c24eebb61a1b4a68603a2721e3e2483d6da27475a228b1341c78f140948b5c922822ccaed76dae338dddec1e4c5c34b9c53f34a09ff0b2b61a62254e73e6f0ac8013edc2cfa7ecbeb86fcc7309cb0f5b5eddb707af4b9337d34d672af413f3b6efd11e3b49c978f06a356f6f4e0ea50a90797fe32ccaa983547ff18ea167":"c1e3089e1bea1141638ca912da01c134f67231a2f737d97e28486e004a43e9c5592ff968ee18109fc71aa4c1a97aa88ece5c4734352bc0c1f67726bc4aac59c19301f23a705be5b3f7825fb284e58a950d795f63d18fe72231eaba9d6a5f90866f8dd34b2b0dfc132db8348efa5a62634e5584a788aebbf073ccb4f3e9f5cde8d0c2e831412485c7f8cf1473abffabcc5d51d8a2a87a22f39d1a250b3cb66d90c573669071aeba9b1080dc079243094a9ae0e5a62e4e8b653cb57f54f4eeaf3d":"a7a1882a7fb896786034d07fb1b9f6327c27bdd7ce6fe39c285ae3b6c34259adc0dc4f7b9c7dec3ca4a20d3407339eedd7a12a421da18f5954673cac2ff059156ecc73c6861ec761e6a0f2a5a033a6768c6a42d8b459e1b4932349e84efd92df59b45935f3d0e30817c66201aa99d07ae36c5d74f408d69cc08f044151ff4960e531360cb19077833adf7bce77ecfaa133c0ccc63c93b856814569e0b9884ee554061b9a20ab46c38263c094dae791aa61a17f8d16f0e85b7e5ce3b067ece89e20bc4e8f1ae814b276d234e04f4e766f501da74ea7e3817c24ea35d016676cece652b823b051625573ca92757fc720d254ecf1dcbbfd21d98307561ecaab545480c7c52ad7e9fa6b597f5fe550559c2fe923205ac1761a99737ca02d7b19822e008a8969349c87fb874c81620e38f613c8521f0381fe5ba55b74827dad3e1cf2aa29c6933629f2b286ad11be88fa6436e7e3f64a75e3595290dc0d1cd5eee7aaac54959cc53bd5a934a365e72dd81a2bd4fb9a67821bffedf2ef2bd94913de8b":"1415a7":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"44240ce519f00239bd66ba03c84d3160b1ce39e3932866e531a62b1c37cf4170c3dc4809236fb1ade181db49fc9c7ccd794b433d1ad0bc056e14738e0ae45c0e155972a40a989fa4b9bcdc308f11990818835fa2c256b47ee4173fb4fed22ccf4385d2dd54d593c74f0004df08134eb8965dd53a122317f59b95d6b69d017958":"2d0c49b20789f39502eefd092a2b6a9b2757c1456147569a685fca4492a8d5b0e6234308385d3d629644ca37e3399616c266f199b6521a9987b2be9ee783":"8f47abc2326e22cf62404508b442e81ad45afff7274096b9a13e478cdd0a72f99a76bf517f1bb0f872a523d8c588d4402569e948fd6a108ae1a45c65830828a10e94d432765314ba82ead310fc87ac99a5b39f30ab8820bf69e6934a9c1c915c19f36ea7717eaff7af67b4991315b1873ba929bedf18a975be808e7aa14a6726126c79cc93f69541c5cefdeb5b67ec279d8f5a446583e4b4faed1685140ee4b3b757c8ff4a1ef9cd76a88e05319ee62003d2d77290c94c579b0ca2ab0deb3176ef10a3fdb85c80ffbc9e2a665a23744fc836f9a9a103cd9fb756952356a2f1acdd68a645e20179006558b5d4d0b9b0bd3adf5e290f49dae60b9d19920953ea8bb237d5b3dcfe149a60f12a4ee3a889b33bcd3a3b753d610757cbcd093dd5a734255333689695ab636963e3d215a8e77ff31973718a4944a1e9e44f45754d39f6fa431c53f9a2ef36e16a5f70636eb5fba54e15c20a714f2809a7cff4b8dc1165f836607eb5a5a3bb0c4567eee26941fef46fb41e73b565c0cf8c72e404221264":62:0
+
+RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length 0
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"ac777fd1f72fb4598b30ec1d343488e83bc03cac3380492225efad8c0d7e2c15a0031b8e027bf4e80747ce3de188b405dfeec2b4b5439599bef733a120fd80532e0fcc0629f86cc990e312b2b73ee1f3586198bf81f3af05ef0cfbed3d1b5c620927d2084f31847784c2ba8d55a0f038a5eaf8c2ea85ea81eebdc0fe1f0d75c1":0:0
+
+RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length = max
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"6708ae77c8c32056d89d8186f1d74d84a02cf69a084516c3525901e7c2c8359c1e8939f95b1184ca8e57508a28673243f1580f0eaef13a8eb64c9b78c8a5c2249f7601faa9a55743d056c08bbf213bd5d461e134078b11458a76707fe80df58ca477c2455665734cb498dde2a87065d8bdb8851f7943f4c38ae243752dc79da3":94:0
+
+RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length = max+1
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"":95:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = 0
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"293c65933fb46e6bc50d9c34a266a5e1b9e3b3ff3c99c691a88eb2d1b652ab28144e9e6a18468995febb5ce84b38efb295b1ebf1b7b4b7bce29c35dfbdc81b0944bdb3cdba914215de4380cf5226c6c7af172bf82dbebade614d710be5b4256d588d12d3a0f4494b863b09e8962bbc1d97cdaebd92d40a0485476178acbb943d1bec59aabfb60a15b1cb8f17f600fc10ec1f97148ecacca4b3715ec173e641525a1331b1b5b504bc9f930b7061f10e63509d2223c49c3050bab6edba11dc426a8b5dbfdb31b43ab3dedc392f3d4d0401f67b83cdb59e592dbedad5ed407854310e1304b4e998b8e4074caafba6fb006335c64666758401a508813d307f466e3a":0:0
+
+RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = max
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3f04e3159073f7ad2fe70738168779091facbabfc4df54d6f49c7c7849a2e888a6cb9d363e94e46d7ceba692721f9b92cc56519035a5662941e2a18a8489122b55af6193444501c030a752a3c6ed3592438623782c89a16d6c42f8f0cc0a1b21ba7db4fec2b5bef35c109623fdcbb54151d8b97d625bebce9de3be69edda8aa7573fa519f4630c5173a274716d29b2bf026b3c64c62732640af0cdf8ca589f2197453b8ba847dc1cea508d577a3f167caa53e0717a12d58502a27dcdfa1cee9161291d0a71f9265b4ab3":"558dcb8c4ed92d22618fb2169a552bf5ada493ad66890639caecce025839f44d2f8b7004d70586296fd94278e478dfbb63a6867f3fd909a558cca1fba1b329a3f230c2874886eb0b5a3de01e02100a939f216a07a445f9e8f7279b8cc31966de23c912c477bed5ac99996f09ec817bd02acb671310b33d5a9bf79bfc14a0e38abef9169c01e7743a408868f42705743023ec7892c2e437b918b40d873d99c56faa58543a8eb41d91d38ab8ca5165b95ac84b30624a6517b2893f432c63d34352059c9a6ad3353fe3859d0b51a971e3d58a287612b1a7b6eeb76b7101850f809960c1c137ea396ede4c570817bef93b2ff901c2d175909f48a6b6a73dc3aa6cef":222:0
+
+RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = max+1
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":223:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length 0
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7289bf65540f4925c608e62c8d077789828560945a27fd3f3918e4258b38be488d54b546bfe46d56e519583e77fbf3988538e26fd05793cea925934d714e748a23c429356d3c09e51e08d425923e4237c0f00c3c9f77d8544b8e089d265497a683c2f19b80776671ad36d1cadd38e24c3049461f3d3d964ddc9afdf1d4b9022a":0:0
+
+RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length max
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13bc5bd8f242a193ead499173ae97c2313d53874c791b13e0adda0ee89fef3668b5f3f7d91d1117cb5aa93e":"a063080224f2659a25ce69417f3240779712d93a69461eb7712c137ed5d4ed7c8490b3e4e7e70e560921da59899a542d1f28db68c1247fd7a0db983ded9f6db9a8d9445c28ba3e4afffb4ed6fd4c93e774082a6dadc8052f3d48cb899d63b9a82f34315f999deb065da600207ea78bfd199e2249f86a55c79761933ee87337aa":62:0
+
+RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length max+1
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":63:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length 0
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"9110b39c1ffc2d8a5f24e965e3985b06871c2be23e677bb3ea879b7b6b25c327ebdd9434387cfe5f64bcb6900a5c8395549e3681390583786b709257ff0ad90507a02ec6abb40e33dec80097322876a84ee98b1fe79ced62ba4f983bb9b52758bf9856098af527924ea83291762b179894f1fab6d8c9867b0244393fa32b5871836fa4446b247153bc117ccaf7cd51c5ec026bcaf9b634182cd19a0eb95ec40dd5e4274750c9ee3b1379fb339fa4ed8348b104936396355bea0a00337b83f47d2fd7e7353f3009752f970eebc1bbade601b912f7b0984bccc68941ed23bd31fcd23a7d0f2b0cfaabdb3d361969f485e5d198442661ee71eef258ae9fc27a19d995a5695c668f9ab78622486d6ccfe4ae11de9240588fafbc75f8bd0d04de5f2959c126b7c672eac8bb65031ea22ebb4a4e36c12f427d2dc4619eb30ef1c90ec951337a364566f0d2e32f311b425a68fd5277a85dc8d8041ab2a0165c39fd4e39160498d5eae98965e8745b77390e5ddeff0aeffc0fb18839455d524826a1f366":0:0
+
+RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length max
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3fe26ee600cfb2d187384e529f280485cf84830af8cb015878cb7c4c74ad6ab38fd8998fa74b612e84af8123d785a8a60a2bb002f7b15a6f7cd6bbf18325a412fd3ea2a48903d30db2543089d9d82fe304dfe5fb903f6a0d1625fe994aa2ac47e04eeb6a51be770312a88cec80bbcf849ab57f2af4e9370a0e35a458d8509fb89e8b22ef499af25c427e48c2391747d3ccc6fdc1b035cbbe6a6f1742bfb6fb5d411d4c8bb73ee7f9bc2fbcf54603c813c9c6d479fb9f38650f4fa8ce05a32c47c078d278b7b97173e82d692e303141faf71573f2b5ab58c4fa009200a3be47633719dbeed24d61ba7acae8abfc2aa5f33f18e6f4c43eb8be3e4bbee1090544401e202ef06d90aae75a939256bd374afc5030f1146ea9d2acf4918dfe96d13eb5f16da55efd504657e3d8aea010f89c60288d74963746422bd7cf":"57a5511992b30d39e150b6a7a760a74136db0a24bc635f3a700a74f865a7c9c0ed2e2e196022a6d17ad7c2d3f12946828458015beffb0c0652de2cc9c3366aaeb7634c5d6ccbdf6c7c93b8feff21a7d2831ac3ee73fd98f9c972dcb833ac61323b77ec249db0e4fb9bf33c71aef9d2aaef40aafab2cb3870f0224c8d0c3ada2abb9d3dd601a038594d290177277a8b791ebcc211d7e5379323a633c62fe9cc2394bd7a977a604122ee9799e5368cc17e1af1795046e76899aa6e7be8f27b1a3e96daa81784d967e9a36cf1912936d7ae11f80aed79c27c53237e7fa009daf9240fb205f83e8c6f8f57d3c3520e0e60213a203432c18d92979b13555ce6eab075ddb38b6d820e378ac4e3afcb3d57e5c6d3c11f165745996fdb61e36b842c6ec81d6437073fe9fc96a4dbc3b188ca766a7f7ef786f39729cadcc5700fb0fffeca0eb0bc47243783f129917948df9bee23da83fadadfa87708e0a839a62965a5d2b9a7cd16b4675cef6afc8fbc2615d97d11ede47f4dfd83e74847dc184ccdc4fd":334:0
+
+RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length max + 1
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":335:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Sign. RSA-520 SHA-512: Salt Len. 0, no possible salt size
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:520:"0feea5f6220fac291b9508ec2ba8ed281eb39aee4d5dc693254106816ebc700ecf":"0d68918785c3aafe31eaaa2d8d8156dce645940ff7734a457337a51bd00bc88811":"00d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Sign. RSA-528 SHA-512: Salt Len. 0, only room for empty salt
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"5bf02a1ff652052be266d0630fb802bde71d363904e2e001267dba592c88e755befb9b8004ecf1c5de07ad8cd260ede04971b201d524434e657396d6bfd8917def84":0:0
+
+RSASSA-PSS Sign. RSA-528 SHA-512: Salt Len. 1, only room for empty salt
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":1:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function
index c28cf08..c23a4ad 100644
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@@ -9,9 +9,8 @@
*/
/* BEGIN_CASE */
-void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N,
- int radix_E, char * input_E, int hash,
- data_t * message_str, data_t * rnd_buf,
+void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E,
+ int hash, data_t * message_str, data_t * rnd_buf,
data_t * result_str, int result )
{
unsigned char output[256];
@@ -19,6 +18,8 @@
mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, E;
+ info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ info.fallback_p_rng = NULL;
info.buf = rnd_buf->x;
info.length = rnd_buf->len;
@@ -26,8 +27,8 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
@@ -41,8 +42,7 @@
output ) == result );
if( result == 0 )
{
- TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
- ctx.len, result_str->len ) == 0 );
+ ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len );
}
exit:
@@ -52,11 +52,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P,
- int radix_Q, char * input_Q, int radix_N,
- char * input_N, int radix_E, char * input_E,
- int hash, data_t * result_str,
- char * seed, data_t * message_str,
+void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q,
+ data_t * input_N, data_t * input_E, int hash,
+ data_t * result_str, char * seed, data_t * message_str,
int result )
{
unsigned char output[64];
@@ -74,10 +72,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &P, input_P->x, input_P->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &Q, input_Q->x, input_Q->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
@@ -104,9 +102,7 @@
sizeof( output ) ) == result );
if( result == 0 )
{
- TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
- output_len,
- result_str->len ) == 0 );
+ ASSERT_COMPARE( output, output_len, result_str->x, result_str->len );
}
}
@@ -118,18 +114,20 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q,
- char * input_Q, int radix_N, char * input_N,
- int radix_E, char * input_E, int digest, int hash,
- data_t * message_str, data_t * rnd_buf,
- data_t * result_str, int result )
+void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q,
+ data_t * input_N, data_t * input_E, int digest,
+ int hash, data_t * message_str, data_t * rnd_buf,
+ data_t * result_str, int fixed_salt_length,
+ int result )
{
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
- unsigned char output[256];
+ unsigned char output[512];
mbedtls_rsa_context ctx;
mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, P, Q, E;
+ info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+ info.fallback_p_rng = NULL;
info.buf = rnd_buf->x;
info.length = rnd_buf->len;
@@ -140,28 +138,39 @@
memset( hash_result, 0x00, sizeof( hash_result ) );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &P, input_P->x, input_P->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &Q, input_Q->x, input_Q->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
if( mbedtls_md_info_from_type( digest ) != NULL )
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
- TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
- &info, MBEDTLS_RSA_PRIVATE, digest, 0,
- hash_result, output ) == result );
+ if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY)
+ {
+ TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
+ &info, MBEDTLS_RSA_PRIVATE, digest, 0,
+ hash_result, output ) == result );
+ if( result == 0 )
+ {
+ ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len );
+ }
+
+ info.buf = rnd_buf->x;
+ info.length = rnd_buf->len;
+ }
+
+ TEST_ASSERT( mbedtls_rsa_rsassa_pss_sign_ext( &ctx, &mbedtls_test_rnd_buffer_rand,
+ &info, digest, 0, hash_result,
+ fixed_salt_length, output ) == result );
if( result == 0 )
{
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
- ctx.len, result_str->len ) == 0 );
+ ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len );
}
exit:
@@ -172,10 +181,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N,
- int radix_E, char * input_E, int digest,
- int hash, data_t * message_str, char * salt,
- data_t * result_str, int result )
+void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E,
+ int digest, int hash, data_t * message_str,
+ char * salt, data_t * result_str, int result )
{
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
mbedtls_rsa_context ctx;
@@ -186,8 +194,8 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
memset( hash_result, 0x00, sizeof( hash_result ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
@@ -206,8 +214,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsassa_pss_verify_ext( int mod, int radix_N, char * input_N,
- int radix_E, char * input_E,
+void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E,
int msg_digest_id, int ctx_hash,
int mgf_hash, int salt_len,
data_t * message_str,
@@ -223,8 +230,8 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash );
memset( hash_result, 0x00, sizeof( hash_result ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data
index 91d5197..4964bfa 100644
--- a/tests/suites/test_suite_pkparse.data
+++ b/tests/suites/test_suite_pkparse.data
@@ -989,7 +989,7 @@
pk_parse_public_keyfile_ec:"data_files/ec_bp512_pub.pem":0
Parse EC Key #1 (SEC1 DER)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0
Parse EC Key #2 (SEC1 PEM)
@@ -1005,15 +1005,15 @@
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.der":"NULL":0
Parse EC Key #4a (PKCS8 DER, no public key)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopub.der":"NULL":0
Parse EC Key #4b (PKCS8 DER, no public key, with parameters)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopubparam.der":"NULL":0
Parse EC Key #4c (PKCS8 DER, with parameters)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.der":"NULL":0
Parse EC Key #5 (PKCS8 PEM)
@@ -1069,7 +1069,7 @@
pk_parse_keyfile_ec:"data_files/ec_bp512_prv.pem":"NULL":0
Parse EC Key #15 (SEC1 DER, secp256k1, SpecifiedECDomain)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED
pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0
Key ASN1 (No data)
diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function
index 43c275e..2bad4ed 100644
--- a/tests/suites/test_suite_pkwrite.function
+++ b/tests/suites/test_suite_pkwrite.function
@@ -17,7 +17,7 @@
unsigned char check_buf[5000];
int ret;
FILE *f;
- size_t ilen;
+ size_t ilen, pem_len, buf_index;
memset( buf, 0, sizeof( buf ) );
memset( check_buf, 0, sizeof( check_buf ) );
@@ -28,12 +28,20 @@
ret = mbedtls_pk_write_pubkey_pem( &key, buf, sizeof( buf ));
TEST_ASSERT( ret == 0 );
+ pem_len = strlen( (char *) buf );
+
+ // check that the rest of the buffer remains clear
+ for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
+ {
+ TEST_ASSERT( buf[buf_index] == 0 );
+ }
+
f = fopen( key_file, "r" );
TEST_ASSERT( f != NULL );
ilen = fread( check_buf, 1, sizeof( check_buf ), f );
fclose( f );
- TEST_ASSERT( ilen == strlen( (char *) buf ) );
+ TEST_ASSERT( ilen == pem_len );
TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 );
exit:
@@ -49,7 +57,7 @@
unsigned char check_buf[5000];
int ret;
FILE *f;
- size_t ilen;
+ size_t ilen, pem_len, buf_index;
memset( buf, 0, sizeof( buf ) );
memset( check_buf, 0, sizeof( check_buf ) );
@@ -60,6 +68,14 @@
ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf ));
TEST_ASSERT( ret == 0 );
+ pem_len = strlen( (char *) buf );
+
+ // check that the rest of the buffer remains clear
+ for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
+ {
+ TEST_ASSERT( buf[buf_index] == 0 );
+ }
+
f = fopen( key_file, "r" );
TEST_ASSERT( f != NULL );
ilen = fread( check_buf, 1, sizeof( check_buf ), f );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d3dca7b..fb70707 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1,33 +1,6 @@
PSA compile-time sanity checks
static_checks:
-PSA key attributes structure
-attributes_set_get:0xffff1234:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
-
-PSA key attributes: id only
-persistence_attributes:0x1234:0x5678:-1:-1:0:0x1234:0x5678:PSA_KEY_LIFETIME_PERSISTENT
-
-PSA key attributes: lifetime=3 only
-persistence_attributes:-1:0:3:-1:0:0:0:3
-
-PSA key attributes: id then back to volatile
-persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE
-
-PSA key attributes: id then back to non local volatile
-persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1):-1:0:0:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1)
-
-PSA key attributes: id then lifetime
-persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3
-
-PSA key attributes: lifetime then id
-persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3
-
-PSA key attributes: non local volatile lifetime then id
-persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,3):0x1235:0x5679:0x1235:0x5679:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT,3)
-
-PSA key attributes: slot number
-slot_number_attribute:
-
PSA import/export raw: 1 bytes
import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1
@@ -38,120 +11,114 @@
import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
PSA import/export AES-128
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:128:0:PSA_SUCCESS:1
PSA import/export AES-192
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:192:0:PSA_SUCCESS:1
PSA import/export AES-256
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:256:0:PSA_SUCCESS:1
PSA import: bad usage flag
import_with_policy:PSA_KEY_TYPE_RAW_DATA:0x40000000:0:PSA_ERROR_INVALID_ARGUMENT
-PSA import: invalid type (0)
-import_with_policy:PSA_KEY_TYPE_NONE:0:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA import: invalid type (PSA_KEY_TYPE_CATEGORY_MASK)
-import_with_policy:PSA_KEY_TYPE_CATEGORY_MASK:0:0:PSA_ERROR_NOT_SUPPORTED
-
PSA import AES: bad key size
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_KEY_TYPE_AES
import_with_data:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT
PSA import/export RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1
PSA import/export RSA public key: good, larger buffer (+1 byte)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1
PSA import/export RSA public key: good, larger buffer (*2-1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:161:PSA_SUCCESS:1
PSA import/export RSA public key: good, larger buffer (*2)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS:1
PSA import/export RSA public key: good, larger buffer (*2+1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:163:PSA_SUCCESS:1
PSA import/export RSA public key: export buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
PSA import/export RSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1
PSA import/export RSA keypair: good, larger buffer (+1 byte)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1
PSA import/export RSA keypair: good, larger buffer (*2-1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:609:PSA_SUCCESS:1
PSA import/export RSA keypair: good, larger buffer (*2)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:610:PSA_SUCCESS:1
PSA import/export RSA keypair: good, larger buffer (*2+1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:611:PSA_SUCCESS:1
PSA import/export RSA keypair: export buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
PSA import/export RSA keypair: trailing garbage ignored
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_SUCCESS:0
PSA import RSA keypair: truncated
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
PSA import RSA keypair: public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
import_with_data:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
PSA import RSA public key: key pair
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_INVALID_ARGUMENT
PSA import RSA keypair: valid key but EC
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
PSA import/export-public RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
PSA import/export-public RSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
PSA import/export-public RSA public key: buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
PSA import/export-public RSA keypair: buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
PSA import/export RSA public key: 1016-bit (good)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1
PSA import/export RSA keypair: 1016-bit (good)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1
PSA import RSA public key: 1022-bit (not supported)
@@ -171,121 +138,121 @@
import_with_data:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED
PSA import/export EC secp224r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224
import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1
PSA import/export-public EC secp224r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224
import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
PSA import/export EC secp256r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
PSA import/export-public EC secp256r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
PSA import/export EC secp384r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384
import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
PSA import/export-public EC secp384r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384
import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
PSA import/export EC secp521r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521
import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
PSA import/export-public EC secp521r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521
import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
PSA import/export EC brainpool256r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256
import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
PSA import/export-public EC brainpool256r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256
import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
PSA import/export EC brainpool384r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384
import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
PSA import/export-public EC brainpool384r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384
import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
PSA import/export EC brainpool512r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512
import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1
PSA import/export-public EC brainpool512r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512
import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
PSA import/export EC curve25519 key pair: good (already properly masked)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1
PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:0
PSA import/export-public EC curve25519: accept unmasked input
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
PSA import/export-public EC curve25519: accept masked input
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
PSA import/export-public: cannot export-public a symmetric key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:""
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c"
PSA import/export EC secp256r1 public key: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
PSA import/export EC secp521r1 public key: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521
import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
PSA import/export EC brainpoolP256r1 public key: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256
import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
PSA import/export curve25519 public key: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1
PSA import/export AES key: policy forbids export
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1
PSA import/export HMAC key: policy forbids export
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1
PSA import/export RSA keypair: policy forbids export (crypt)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
PSA import/export RSA keypair: policy forbids export (sign)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1
# Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS
# extension which we may drop in the future.
PSA import/export RSA public key: import PEM
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0
PSA import/export RSA keypair: import PEM
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0
PSA import: reject raw data key of length 0
@@ -300,68 +267,86 @@
# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
import_with_data:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
-PSA import EC keypair: DER format
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+PSA import EC keypair: explicit bit-size=255 for secp256r1
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):255:PSA_ERROR_NOT_SUPPORTED
-PSA import EC keypair: too short
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+PSA import EC keypair: explicit bit-size=521 for secp521r1 (good)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521
+import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_SUCCESS
-PSA import EC keypair: public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+PSA import EC keypair: explicit bit-size=528 for secp521r1 (bad)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521
+import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):528:PSA_ERROR_NOT_SUPPORTED
+
+PSA import EC keypair: explicit bit-size, DER format
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size, too short
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13e":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size, too long (00 start)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"0049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size, too long (00 end)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee00":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size, public key
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: implicit bit-size, not a valid length
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_NOT_SUPPORTED
PSA import EC keypair: secp256r1, all-bits-zero (bad)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: secp256r1, d == n - 1 (good)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_SUCCESS
PSA import EC keypair: secp256r1, d == n (bad)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: secp256r1, d > n (bad)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC public key: key pair
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
-PSA import EC keypair: valid key but RSA
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
-import_with_data:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
PSA import AES: bits=0 ok
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_KEY_TYPE_AES
import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:0:PSA_SUCCESS
PSA import AES: bits=128 ok
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_KEY_TYPE_AES
import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_SUCCESS
PSA import AES: bits=256 wrong
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_KEY_TYPE_AES
import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_ERROR_INVALID_ARGUMENT
PSA import AES: bits=256 ok
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_KEY_TYPE_AES
import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_SUCCESS
PSA import AES: bits=128 wrong
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_KEY_TYPE_AES
import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_ERROR_INVALID_ARGUMENT
PSA import large key: raw, 65528 bits (ok)
-depends_on:HAVE_RAM_AVAILABLE_128K
import_large_key:PSA_KEY_TYPE_RAW_DATA:8191:PSA_SUCCESS
PSA import large key: raw, 65536 bits (not supported)
-depends_on:HAVE_RAM_AVAILABLE_128K
import_large_key:PSA_KEY_TYPE_RAW_DATA:8192:PSA_ERROR_NOT_SUPPORTED
PSA import RSA key pair: maximum size exceeded
@@ -373,413 +358,726 @@
import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
PSA key policy: AES ECB
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECB_NO_PADDING
PSA key policy: AES CBC
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING
-PSA key policy: ECC SECP256R1, sign
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+PSA key policy: ECC SECP256R1, SIGN_HASH -> SIGN_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY
-PSA key policy: ECC SECP256R1, sign+verify
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+PSA key policy: ECC SECP256R1, VERIFY_HASH -> VERIFY_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
+
+PSA key policy: ECC SECP256R1, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
+PSA key policy: ECC SECP256R1, {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY
+
+PSA key policy: ECC SECP256R1, SIGN_MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy: ECC SECP256R1, VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy: ECC SECP256R1, SIGN+VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
Key attributes initializers zero properly
key_attributes_init:
-PSA key policy: MAC, sign | verify
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+PSA key policy: MAC, SIGN_HASH -> SIGN_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
-PSA key policy: MAC, wrong algorithm
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224)
+PSA key policy: MAC, VERIFY_HASH -> VERIFY_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
-PSA key policy: MAC, alg=0 in policy
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+PSA key policy: MAC, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
-PSA key policy: MAC, ANY_HASH in policy is not meaningful
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+PSA key policy: MAC, {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
-PSA key policy: MAC, sign but not verify
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+PSA key policy: MAC, SIGN_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
-PSA key policy: MAC, verify but not sign
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+PSA key policy: MAC, VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key policy: MAC, SIGN+VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
PSA key policy: MAC, neither sign nor verify
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, wrong algorithm
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, alg=0 in policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, ANY_HASH in policy is not meaningful
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, tag length > min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, tag length = min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, tag length < min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: CMAC, sign-verify, tag length > min-length policy
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_SUCCESS
+
+PSA key policy: CMAC, sign-verify, tag length = min-length policy
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_SUCCESS
+
+PSA key policy: CMAC, sign-verify, tag length < min-length policy
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, default tag length > min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, default tag length = min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, default tag length < min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different hash base)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different algorithm)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, min-length policy used as algorithm
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key policy: HMAC, sign-verify, tag length > exact-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, tag length = exact-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, tag length < exact-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED
PSA key policy: cipher, encrypt | decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
PSA key policy: cipher, wrong algorithm
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_NO_PADDING
PSA key policy: cipher, encrypt but not decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
PSA key policy: cipher, decrypt but not encrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
PSA key policy: cipher, neither encrypt nor decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_key_policy:0:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
PSA key policy: cipher, alg=0 in policy
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
PSA key policy: AEAD, encrypt | decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
PSA key policy: AEAD, wrong algorithm
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_GCM_C
-aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_GCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_GCM:PSA_ERROR_NOT_PERMITTED
PSA key policy: AEAD, alg=0 in policy
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_CCM:PSA_ERROR_NOT_PERMITTED
PSA key policy: AEAD, encrypt but not decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
PSA key policy: AEAD, decrypt but not encrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
PSA key policy: AEAD, neither encrypt nor decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:0:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:0:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, tag length > min-length policy, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:8:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length = min-length policy, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length < min-length policy, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, tag length > min-length policy, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":12:8:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 8):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length = min-length policy, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":12:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 4):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length < min-length policy, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":12:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 4):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, default tag length > min-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
+
+PSA key policy: AEAD, default tag length = min-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
+
+PSA key policy: AEAD, default tag length < min-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 17):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, min-length policy, unmatched base alg
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 4):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, min-length policy used as algorithm
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:8:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_ERROR_NOT_SUPPORTED
+
+PSA key policy: AEAD, tag length > exact-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:8:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, tag length = exact-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length < exact-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_ERROR_NOT_PERMITTED
PSA key policy: asymmetric encryption, encrypt | decrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
PSA key policy: asymmetric encryption, alg=0 in policy
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
PSA key policy: asymmetric encryption, encrypt but not decrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
PSA key policy: asymmetric encryption, decrypt but not encrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
PSA key policy: asymmetric encryption, neither encrypt nor decrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
-PSA key policy: asymmetric signature, sign | verify
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify hash, ECDSA SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE
+
+PSA key policy: asymmetric signature, verify, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wrong algorithm family
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wrong hash algorithm
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, alg=0 in policy
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, sign but not verify
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE
PSA key policy: asymmetric signature, verify but not sign
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, neither sign nor verify
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:0
+
+PSA key policy: asymmetric signature for message, sign | verify
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature for message, wrong algorithm family
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature for message, wildcard in policy, wrong algorithm family
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature for message, wildcard in policy, ECDSA SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature for message, wildcard in policy, PKCS#1v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature for message, wrong hash algorithm
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature for message, alg=0 in policy
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature for message, sign but not verify
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE
+
+PSA key policy: asymmetric signature for message, verify but not sign
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: derive via HKDF, permitted
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
PSA key policy: derive via TLS 1.2 PRF, permitted
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
PSA key policy: derive via HKDF, not permitted
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
PSA key policy: derive via TLS 1.2 PRF, not permitted
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
PSA key policy: derive via HKDF, wrong algorithm
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256
derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
PSA key policy: derive via TLS 1.2 PRF, wrong algorithm
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
PSA key policy: agreement + KDF, permitted
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_SUCCESS
PSA key policy: agreement + KDF, not permitted
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_PERMITTED
PSA key policy: agreement + KDF, wrong agreement algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_PERMITTED
PSA key policy: agreement + KDF, wrong KDF algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)):PSA_ERROR_NOT_PERMITTED
PSA key policy: agreement + KDF, key permits raw agreement
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_SUCCESS
PSA key policy: raw agreement, permitted
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_SUCCESS
PSA key policy: raw agreement, not permitted
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_ERROR_NOT_PERMITTED
PSA key policy: raw agreement, wrong algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH:PSA_ERROR_NOT_PERMITTED
PSA key policy: raw agreement, key permits raw agreement, but algorithm is not raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECDH_C
raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
PSA key policy: raw agreement, key specifies KDF
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_ERROR_NOT_PERMITTED
PSA key policy algorithm2: CTR, CBC
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
-PSA key policy algorithm2: ECDH, ECDSA
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C
-key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY
+PSA key policy algorithm2: ECDH, ECDSA, HASH usage
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy algorithm2: ECDH, ECDSA, HASH+MESSAGE usage
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy algorithm2: ECDH, ECDSA, MESSAGE usage
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
Copy key: raw, 1 byte
copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0
Copy key: AES, copy attributes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
Copy key: AES, same usage flags
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
Copy key: AES, fewer usage flags (-EXPORT)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
Copy key: AES, fewer usage flags (-COPY)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
Copy key: AES, 1 more usage flag
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
Copy key: AES, 2 more usage flags
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
Copy key: AES, intersect usage flags #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
Copy key: AES, intersect usage flags #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
Copy key: RSA key pair, same usage flags
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, extended usage flags
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, fewer usage flags
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, more usage flags
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, intersect usage flags #0
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, intersect usage flags #1
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, wildcard algorithm in source
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, wildcard algorithm in target
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, wildcard algorithm in source and target
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0
Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+
+Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
Copy key: source=ECDSA+ECDH, target=ECDSA+0
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0
Copy key: source=ECDSA+ECDH, target=0+ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH
Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
Copy fail: raw data, no COPY flag
-copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_NOT_PERMITTED
+copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED
Copy key: AES, no COPY flag
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_ERROR_NOT_PERMITTED
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED
Copy fail: AES, incompatible target policy
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=MAC, target=MAC extended usage flags
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0
+
+Copy key: source=MAC min-length, target=MAC length > min-length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+
+Copy key: source=MAC min-length, target=MAC length = min-length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+
+Copy fail: source=MAC min-length, target=MAC length < min-length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=MAC min-length, target=MAC min-length, src > tgt
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+
+Copy key: source=MAC min-length, target=MAC min-length, src = tgt
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+
+Copy key: source=MAC min-length, target=MAC min-length, src < tgt
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+
+Copy fail: source=MAC, target=MAC min-length > length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=MAC, target=MAC min-length = length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+
+Copy key: source=MAC, target=MAC min-length < length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+
+Copy key: source=AEAD min-length, target=AEAD length > min-length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0
+
+Copy key: source=AEAD min-length, target=AEAD length = min-length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0
+
+Copy fail: source=AEAD min-length, target=AEAD length < min-length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=AEAD min-length, target=AEAD min-length, src > tgt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0
+
+Copy key: source=AEAD min-length, target=AEAD min-length, src = tgt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0
+
+Copy key: source=AEAD min-length, target=AEAD min-length, src < tgt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0
+
+Copy fail: source=AEAD, target=AEAD min-length > length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=AEAD, target=AEAD min-length = length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0
+
+Copy key: source=AEAD, target=AEAD min-length < length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0
Copy fail: RSA, incompatible target policy (source wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy fail: RSA, incompatible target policy (target wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy fail: RSA, incompatible target policy (source and target wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy fail: RSA, ANY_HASH is not meaningful with OAEP
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy fail: incorrect type in attributes
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy fail: incorrect size in attributes
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_INVALID_ARGUMENT
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: AES, invalid persistent key identifier in attributes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: AES, invalid lifetime (unknown location) in attributes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT, 11):PSA_ERROR_INVALID_ARGUMENT
Hash operation object initializers zero properly
hash_operation_init:
PSA hash setup: good, SHA-1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS
PSA hash setup: good, SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_setup:PSA_ALG_SHA_224:PSA_SUCCESS
PSA hash setup: good, SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS
PSA hash setup: good, SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_setup:PSA_ALG_SHA_384:PSA_SUCCESS
PSA hash setup: good, SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS
PSA hash setup: good, MD2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_setup:PSA_ALG_MD2:PSA_SUCCESS
PSA hash setup: good, MD4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_setup:PSA_ALG_MD4:PSA_SUCCESS
PSA hash setup: good, MD5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_setup:PSA_ALG_MD5:PSA_SUCCESS
PSA hash setup: good, RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_setup:PSA_ALG_RIPEMD160:PSA_SUCCESS
PSA hash setup: bad (unknown hash algorithm)
@@ -791,11 +1089,10 @@
hash_setup:PSA_ALG_ANY_HASH:PSA_ERROR_NOT_SUPPORTED
PSA hash setup: bad (not a hash algorithm)
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
PSA hash: bad order function calls
-depends_on:MBEDTLS_SHA256_C
hash_bad_order:
PSA hash verify: bad arguments
@@ -811,14 +1108,15 @@
hash_compute_fail:PSA_ALG_ANY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED
PSA hash compute: bad algorithm (not a hash)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
hash_compute_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":32:PSA_ERROR_INVALID_ARGUMENT
PSA hash compute: output buffer empty
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compute_fail:PSA_ALG_SHA_256:"":0:PSA_ERROR_BUFFER_TOO_SMALL
PSA hash compute: output buffer too small
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compute_fail:PSA_ALG_SHA_256:"":31:PSA_ERROR_BUFFER_TOO_SMALL
PSA hash compare: bad algorithm (unknown hash)
@@ -828,66 +1126,67 @@
hash_compare_fail:PSA_ALG_ANY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED
PSA hash compare: bad algorithm (not a hash)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
hash_compare_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_ARGUMENT
PSA hash compare: hash of a prefix
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compare_fail:PSA_ALG_SHA_256:"00":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_SIGNATURE
PSA hash compare: hash with flipped bit
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854":PSA_ERROR_INVALID_SIGNATURE
PSA hash compare: hash with trailing garbage
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85500":PSA_ERROR_INVALID_SIGNATURE
PSA hash compare: truncated hash
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8":PSA_ERROR_INVALID_SIGNATURE
PSA hash compare: empty hash
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compare_fail:PSA_ALG_SHA_256:"":"":PSA_ERROR_INVALID_SIGNATURE
PSA hash compare: good
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_SUCCESS
PSA hash compute: good, SHA-1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_compute_compare:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
PSA hash compute: good, SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_compute_compare:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
PSA hash compute: good, SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_compute_compare:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
PSA hash compute: good, SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_compute_compare:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
PSA hash compute: good, SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_compute_compare:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
PSA hash compute: good, MD2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_compute_compare:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
PSA hash compute: good, MD4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_compute_compare:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
PSA hash compute: good, MD5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_compute_compare:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
PSA hash compute: good, RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_compute_compare:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
PSA hash clone: source state
@@ -900,18 +1199,23 @@
mac_operation_init:
PSA MAC setup: good, HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
PSA MAC setup: good, AES-CMAC
-depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_SUCCESS
-PSA MAC setup: bad algorithm (unknown MAC algorithm)
+PSA MAC setup: bad algorithm (HMAC without specified hash)
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
+PSA MAC setup: bad algorithm (unsupported HMAC hash algorithm)
+depends_on:!PSA_WANT_ALG_MD2
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
PSA MAC setup: bad algorithm (not a MAC algorithm)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
PSA MAC setup: truncated MAC too small (1 byte)
@@ -919,17 +1223,17 @@
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 1 ):PSA_ERROR_NOT_SUPPORTED
PSA MAC setup: truncated MAC too large (33 bytes for SHA-256)
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 33 ):PSA_ERROR_INVALID_ARGUMENT
PSA MAC setup: invalid key type, HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
PSA MAC setup: incompatible key HMAC for CMAC
-depends_on:MBEDTLS_CMAC_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
PSA MAC setup: algorithm known but not supported, long key
depends_on:!MBEDTLS_MD5_C
@@ -940,206 +1244,221 @@
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
PSA MAC: bad order function calls
-depends_on:MBEDTLS_SHA256_C
mac_bad_order:
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
PSA MAC sign: HMAC-SHA-224, truncated to 28 bytes (actual size)
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
PSA MAC verify: HMAC-SHA-224, truncated to 28 bytes (actual size)
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
PSA MAC sign: HMAC-SHA-512, truncated to 64 bytes (actual size)
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
PSA MAC verify: HMAC-SHA-512, truncated to 64 bytes (actual size)
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
PSA MAC sign: HMAC-SHA-224, truncated to 27 bytes
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
PSA MAC verify: HMAC-SHA-224, truncated to 27 bytes
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
PSA MAC sign: HMAC-SHA-512, truncated to 63 bytes
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
PSA MAC verify: HMAC-SHA-512, truncated to 63 bytes
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
PSA MAC sign: HMAC-SHA-224, truncated to 4 bytes
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
PSA MAC verify: HMAC-SHA-224, truncated to 4 bytes
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
PSA MAC sign: HMAC-SHA-512, truncated to 4 bytes
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
PSA MAC verify: HMAC-SHA-512, truncated to 4 bytes
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
+PSA MAC sign: CMAC-3DES (CAVP vector #95)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_sign:PSA_KEY_TYPE_DES:"7c34e67a2a8fef581cc4f7dceaea130dad52c189739e401f":PSA_ALG_CMAC:"eb3365a0a9d141270334065547418fe64c47823c024082b94d54a66d149f2af1":"e1d7c3736739e726"
+
+PSA MAC verify: CMAC-3DES (CAVP vector #95)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_verify:PSA_KEY_TYPE_DES:"7c34e67a2a8fef581cc4f7dceaea130dad52c189739e401f":PSA_ALG_CMAC:"eb3365a0a9d141270334065547418fe64c47823c024082b94d54a66d149f2af1":"e1d7c3736739e726"
+
+PSA MAC: CMAC-3DES-2key (not supported in PSA)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_setup:PSA_KEY_TYPE_DES:"89fe91f1c1ef2f01efc4c18f5715894c":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC: CMAC-DES (not supported in PSA)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_setup:PSA_KEY_TYPE_DES:"89fe91f1c1ef2f01":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+
PSA MAC sign: CMAC-AES-128
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
PSA MAC verify: CMAC-AES-128
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
PSA MAC sign: CMAC-AES-128, truncated to 16 bytes (actual size)
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
PSA MAC verify: CMAC-AES-128, truncated to 16 bytes (actual size)
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
PSA MAC sign: CMAC-AES-128, truncated to 15 bytes
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
PSA MAC verify: CMAC-AES-128, truncated to 15 bytes
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
PSA MAC sign: CMAC-AES-128, truncated to 4 bytes
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
PSA MAC verify: CMAC-AES-128, truncated to 4 bytes
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
Cipher operation object initializers zero properly
cipher_operation_init:
PSA cipher setup: good, AES-CTR
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS
PSA cipher setup: bad algorithm (unknown cipher algorithm)
@@ -1147,7 +1466,7 @@
cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED
PSA cipher setup: bad algorithm (not a cipher algorithm)
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
PSA cipher setup: invalid key type, CTR
@@ -1161,331 +1480,530 @@
cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
PSA cipher: bad order function calls
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_bad_order:
-PSA symmetric encrypt: AES-ECB, 0 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS
+PSA cipher: incorrect key type (HMAC)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+cipher_bad_key:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f"
-PSA symmetric encrypt: AES-ECB, 16 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+PSA cipher: incorrect key type (RSA)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_bad_key:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
-PSA symmetric encrypt: AES-ECB, 32 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS
+PSA cipher: incorrect key type (ECC Family Sep R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+cipher_bad_key:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320"
-PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+PSA cipher encrypt: without initialization
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":PSA_ERROR_BAD_STATE
-PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
+PSA cipher encrypt: invalid key type
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
-PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+PSA cipher encrypt: incompatible key ARC4 for CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARC4
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_encrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_ARC4:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher encrypt: bad algorithm (unknown cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher encrypt: bad algorithm (not a cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_MD4:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric encrypt: AES-ECB, input too short (15 bytes)
-depends_on:MBEDTLS_AES_C
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric encrypt: AES-CBC-nopad, input too short
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
-PSA symmetric encrypt: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":""
-PSA symmetric encrypt: AES-CTR, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+PSA symmetric encrypt: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97"
-PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
-
-PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
-
-PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
+PSA symmetric encrypt: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1"
PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":"5d0652429c5b0ac7":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7"
PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":"817ca7d69b80d86a":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a"
-PSA symmetric decrypt: AES-ECB, 0 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric decrypt: AES-ECB, 16 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric decrypt: AES-ECB, 32 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
-PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
-PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
+PSA symmetric encrypt validation: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9"
+
+PSA symmetric encrypt validation: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9"
+
+PSA symmetric encrypt validation: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9"
+
+PSA symmetric encrypt multipart: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":32:32:0:"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:0:0:"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":0:0:0:"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt multipart: AES-CBC-nopad, input too short
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"64f917b0152f8f05":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 2-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 3-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS
+
+PSA cipher decrypt: without initialization
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":"":PSA_ERROR_BAD_STATE
+
+PSA cipher decrypt: invalid key type
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: incompatible key ARC4 for CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARC4
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_decrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_ARC4:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: bad algorithm (unknown cipher algorithm)
+cipher_decrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: bad algorithm (not a cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_MD4:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT
-
-PSA symmetric decrypt: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-ECB, input too short (15 bytes)
-depends_on:MBEDTLS_AES_C
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":""
+
+PSA symmetric decrypt: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f"
+
+PSA symmetric decrypt: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97"
+
+PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric decrypt: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2"
PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9"
PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9"
PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9"
PSA symmetric decrypt: 2-key 3DES-ECB, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3"
PSA symmetric decrypt: 3-key 3DES-ECB, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3"
+
+PSA symmetric decrypt multipart: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":32:32:0:"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":16:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":16:0:0:"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:0:"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":0:0:0:"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: AES-CBC-nopad, input too short (5 bytes)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 2-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":8:8:0:"c78e2b38139610e3":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 3-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":8:8:0:"c78e2b38139610e3":PSA_SUCCESS
PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
cipher_verify_output:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
cipher_verify_output:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
PSA symmetric encrypt/decrypt: AES-CTR
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
PSA symmetric encryption multipart: AES-ECB, 16+16 bytes
-depends_on:MBEDTLS_AES_C
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
PSA symmetric encryption multipart: AES-ECB, 13+19 bytes
-depends_on:MBEDTLS_AES_C
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
PSA symmetric encryption multipart: AES-ECB, 24+12 bytes
-depends_on:MBEDTLS_AES_C
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 16+16 bytes
-depends_on:MBEDTLS_AES_C
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 11+21 bytes
-depends_on:MBEDTLS_AES_C
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 28+4 bytes
-depends_on:MBEDTLS_AES_C
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encrypt/decrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 16 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 15 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15
+
+PSA symmetric encrypt/decrypt multipart: AES-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
-PSA symmetric encrypt: ChaCha20, K=0 N=0
-depends_on:MBEDTLS_CHACHA20_C
-cipher_encrypt:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS
+PSA symmetric encrypt validation: ChaCha20, K=0 N=0
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
-PSA symmetric encrypt: ChaCha20, K=rand N=rand
-depends_on:MBEDTLS_CHACHA20_C
-cipher_encrypt:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
+PSA symmetric encrypt validation: ChaCha20, K=rand N=rand
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+PSA symmetric encrypt multipart: ChaCha20, K=0 N=0
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: ChaCha20, K=rand N=rand
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
PSA symmetric encryption multipart: ChaCha20, 14+50 bytes
-depends_on:MBEDTLS_CHACHA20_C
-cipher_encrypt_multipart:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4"
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
-PSA symmetric decrypt: ChaCha20, K=rand N=rand
-depends_on:MBEDTLS_CHACHA20_C
-cipher_decrypt:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
+PSA symmetric decrypt multipart: ChaCha20, K=rand N=rand
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
PSA symmetric decryption multipart: ChaCha20, 14+50 bytes
-depends_on:MBEDTLS_CHACHA20_C
-cipher_decrypt_multipart:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4"
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
PSA AEAD encrypt/decrypt: DES-CCM not supported
@@ -1493,191 +2011,359 @@
aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED
PSA AEAD encrypt: AES-CCM, 23 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
PSA AEAD encrypt: AES-CCM, 24 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
PSA AEAD encrypt: AES-CCM, 24 bytes, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
PSA AEAD encrypt: AES-CCM, 24 bytes, T=6
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
PSA AEAD encrypt: AES-CCM, 24 bytes, T=8
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
PSA AEAD encrypt: AES-CCM, 24 bytes, T=10
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
PSA AEAD encrypt: AES-CCM, 24 bytes, T=12
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
PSA AEAD encrypt: AES-CCM, 24 bytes, T=14
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
PSA AEAD encrypt: AES-CCM, 24 bytes, T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
PSA AEAD decrypt: AES-CCM, 39 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
PSA AEAD decrypt, AES-CCM, 40 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA AEAD decrypt: AES-CCM, 24 bytes, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA AEAD decrypt: AES-CCM, 24 bytes, T=6
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA AEAD decrypt: AES-CCM, 24 bytes, T=8
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA AEAD decrypt: AES-CCM, 24 bytes, T=10
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA AEAD decrypt: AES-CCM, 24 bytes, T=12
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA AEAD decrypt: AES-CCM, 24 bytes, T=14
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA AEAD decrypt: AES-CCM, 24 bytes, T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA AEAD decrypt: AES-CCM, invalid signature
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
PSA AEAD decrypt: AES-CCM, invalid signature, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
PSA AEAD decrypt: AES-CCM, T=4, tag is truncated tag for T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
PSA AEAD decrypt: AES-CCM, invalid tag length 0
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA AEAD decrypt: AES-CCM, invalid tag length 2
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA AEAD decrypt: AES-CCM, invalid tag length 15
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA AEAD decrypt: AES-CCM, invalid tag length 18
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
+PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes, 12 byte nonce , 1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"E462C58482FE8264AEEB7231":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt, AES GCM, 19 bytes, 12 byte nonce , 2
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"E462C58482FE8264AEEB7231":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
+
PSA AEAD encrypt, AES-GCM, 128 bytes #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
PSA AEAD encrypt, AES-GCM, 128 bytes #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f"
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f"
PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a"
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a"
PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=0, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"ab2265b4c168955561f04315":"":"":"f149e2b5f0adaa9842ca5f45b768a8fc"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=16, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"41c5da8667ef725220ffe39ae0ac590ac9fca729ab60ada0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"05ad13a5e2c2ab667e1a6fbc":"8b5c124bef6e2f0fe4d8c95cd5fa4cf1":"":"204bdb1bd62154bf08922aaa54eed705"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=20, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"093ef7551ebbff8eb0c0a8a4a62b198f0c2e838de10eeeee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"e656e93930ed5210ba3f0322":"3da22dacfd11b21b0a713157f60aec0cd22f1add":"":"1b2d2764573e20ae640bf29d48e5fe05"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=48, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"31389612d244c9792a510eca3f9c94f9f48c97ed67ae965a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"df6b54ec8b58114df5b09279":"0863bec42ee93385efbec665adfc46dafcd793f29e859e3b531c15b168f1888dd13e905cd7d5bc03f9f1f6495717df62":"":"77e5682a49243d5b9016eb1adafa2d"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":"69482957e6be5c54882d00314e0259cf191e9f29bef63a26860c1e020a21137e"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=8,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"c50ac59e50556e47b834380018c0dc0380af9df3bf6714e6":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"f303bf4b6cfbba7104cd9436":"":"d3f3f57033df30c22860231334b099cb":"2269c72d77f2b6f9d57da1820ec5a5d3d62d4491e3e4e9e7"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=14,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"8ef391e4b7a2fe05b959be27823357080f963ed2f64b9e59":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0080052a2a5bb0e95222a419":"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":"88d674044031414af7ba9da8b89dd68e69897d99d8e1706f38c613896c18"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=4,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"1cb5a0db778d3eb430b2816ceef9e455f519a8977b074183":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"c1df5e9e2e3165c54242a306":"7134e5ddc396c2a8a7da23906c8f7b40":"636871d4c0aae3da7b55abd8b5f21297":"14eb02562aa1d963d0033626cdc8a5c8972f4bdf"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=20, TAG=13,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"45148f42669f8ab8fad689d9b9180e39d7ea8fc95696297e":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"5afcb134acc78b4eb9d11e79":"aec409e5fd82e50b824ebc1f45e75188d80615c6":"3d952be11deb421b56e0ce9d7ce99553":"077c0d53869869e191df116fd7baa8a293d2b577a29b0953c91b5d3b9d"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=48, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"5255428457fe75e64447971ec5af0d13c5b60a07ee2d07b0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"40cb6ebafc202f82223db097":"b2da2bd05ab1f3e39613efc8d80c5d0f240ee08f6abad5791649e9c1d0f48fa3dc59c1e535d1db1a4d3fa2263f5a1117":"fdd8a462c86d4365c8bfee0e25fc8a62":"9ca4a6d08267038f6f7999c84105bb5eaf8f7b3b9310ec688e033088a03482"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"516c33929df5a3284ff463d7":"":"":"bdc1ac884d332457a1d2664f168c76f0"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=12,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"98ebf7a58db8b8371d9069171190063cc1fdc1927e49a3385f890d41a838619c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"3e6db953bd4e641de644e50a":"":"":"2fb9c3e41fff24ef07437c47"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"3a8efa1cd74bbab5448f9945":"519fee519d25c7a304d6c6aa1897ee1eb8c59655":"":"f6d47505ec96c98a42dc3ae719877b87"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=13,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a7c928738b89c3258b910ac31bc465338b2e133b143fd52d9c9859eb1d01f2a0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"a483a7e94fbb2d694d3c4a8d":"bdb613cd3c2f0edd37b3ed43041bacb949ee51fa":"":"5233f95bdcf5d666fb957acdcb"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"16a5b58a1dbb273a8fc6a4af722d46dbb898dd86ab128cb93d8388a8647a80a3":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"59e0c40d6675923cf5e004d5":"5b4b4ffc9c66bd394abeed3f03b695b949b3b69a42198cc3bfad971174915df913b967ccf36ee1f001f54efbcd117b68":"":"d57e27914ecb4a764359d3c0f8d4d6"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=4,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"5dd13092dd695b90ab835ed6343031c4cdb710d32f4d3804d72b46d921fcfa18":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"1de4bd816c8ec6bffc1e6453":"1b63d6278702abacf8b6c2faf542a808659fd5da03cdc1061a8593ea8ce9fc8ff54ffef6ebf3e15f7a832b4ae750a6ce":"":"72901467"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"b6ac8e4963f49207ffd6374c":"":"722ee47da4b77424733546c2d400c4e5":"1224dfefb72a20d49e09256908874979882eafea22adf8dbed06a2265f907b"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=12,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"b33b0e4c5b9f7ef77cec1a29ed5844bda3853238bdf7766e7645029931f169f0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"f226d65e8654fdf5193ed721":"":"bcf48ddcfe9d011a1003973d68d2d78a":"d2eb20898a301b5d8e69e9926272021393af01abb6a970047a7fc010"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=16, TAG=14,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"c6e126a65faec77ab62318e30d8a50c39a664670039a66ae5a6874201bc68f9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0ba5193b2d3a8378d67163ce":"5844b289dc74327f9fd93f7aae1c3d39":"c37aada3d4408e880d47e41df77da9b9":"b5cd7563989b460a2fe187e90c41fc3179c73d0d1e3a4484909969de93b0"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=48, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"2e6942d537f1a98444c2f9dbdb5d8db42a503a00a17b57d516399569e044a703":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"7eb67721581ed52cfcfc2c4d":"a96cc73451502c7278b467ac85d5fc14fc1a2f51bc685645b173f0cd9af02d383095de063e6eaa50374ce9bc951e9e61":"e5f410fe939e79b7ad33fbd3aaf5856f":"727f5e19a5582e5782bbbe73517f0c04c492319abf12b03b380724ff1483a3"
PSA AEAD decrypt, AES-GCM, 144 bytes #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
PSA AEAD decrypt, AES-GCM, 144 bytes #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
PSA AEAD decrypt, AES-GCM, 144 bytes, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
PSA AEAD decrypt, AES-GCM, 144 bytes, T=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
PSA AEAD decrypt, AES-GCM, 144 bytes, T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
PSA AEAD decrypt, AES-GCM, invalid signature
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
PSA AEAD decrypt, AES-GCM, T=15 but passing 16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE
PSA AEAD decrypt: AES-GCM, invalid tag length 0
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA AEAD decrypt: AES-GCM, invalid tag length 2
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA AEAD decrypt: AES-GCM, invalid tag length 18
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=0, TAG=16
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"0e5d6e68f82f32bea3f0b69498c1a31ef6d955cd3d27a2a8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"caf72ee1e62e1001e8cfbc63":"":"db1a74ffb5f7de26f5742e0942b1b9cb":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=48, TAG=14
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"e79fb7defce4f650402e6b521170686d3eb2a0b9514f3a64":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"40e0d2d836c0519e7042419b":"41c5b5d971c0723bc1b63a259fe7e06c2961de1241bc34c13965f43636e4da3da8c75ed5956abe3a42f3039af005925a":"434ff68f2436f48418fd69f52158":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=0, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"e41d1f533d5b342ffe434b94b1372683bfd5d9d8cb79f9ee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"5fe11a596dfcd3a305c1d711":"":"1847f64fff986476d1d2f758692f856da4a0ff98c0c1101694c84fd86680c9":"b03c2c20f758a93a8d1220232ad87098":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=20, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"8e7da473c057a2a4669a0d22bf9b7c9913fba48930ca0c9b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"f9ff8ef80d76c50f9ca0e9ff":"f141bae18a1b54f065554fd34aa02c91c90f505c":"5deb093b6e7c766a64bb9d5170af1ff8bf130b64eebdce06a9bdb2cf1da15a":"b22b2dcdcc18adc30d16297b84b459d8":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=12
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"01bf150add51bb11623e3bfbebd62a7ea81c5b192b8eb6de":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"dfacbc6791b785d324c646b7":"e35412a625324257bef35399a7eacca34fec2d2d24166e6bb3e94d96f5c57599ded45e2a74503f07116caa1692398a07":"77579db3c6da769e17731faac4732d7cce65d960a49f94f6b583e54a":"7e5fd8b595ddc4753676107951d900e2":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=8
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"551266c4ed166fe1c43761927801ed50cb9c0b3864fc97df":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"e711afbeccd567f866340abb":"562d1697237ebc563941076d459727dfa094eb9ac00d30ed5836825d163dd27517c7660a01056b2d868c7fc5d0343830":"2b54cc27f6ee71882e8b1ead207d2b042d262e87eac97b58":"37245449db8f72b1ecdb420f629d3d80":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=0, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"78fa4a2a5b5b1b1d9580ea527f2e1653e9336e15cc5462f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"98b774f7110e0bea624b487f":"":"a642aabed8b99e15e297ee705a40c3e2e506cb889727b327b7e044a8":"496909523f574b205d757659c5":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=16, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"61f4c2e55d729c4657e503dfe2b604e2853675dbdeb0982a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"0c4d5548aa2d8d54964e1e63":"5affdf8886dabb14790aff3dbfcbdd80":"0d4eacc3db304f46cb7a9eba6ec105bf86d9dc0639b7cebbd5260f47":"b6e056de521a27266dffbc0d96":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=20, TAG=13
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"73245c4f115a74fe71d6fefb9094c57c75f28033a3c7372b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"536a82485999b93b0bb7ef24":"64dcad870a42eeec0730fd7a7e4154638a85d739":"29333e87bfe65d0e37da2936f695824d4e3f37fab3b8e2b868f6":"f6d56f8c86f27d957fa63aea22":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=48, TAG=4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"9002e74638e09dd1f091439518e1460cdd5905bd9e1a37ae":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"76c81a95d24be5c8bac63b50":"aa3ae4531aaac8f3eb07f748712c55a680bc8df5cf845edc66d09049500b41688b8023f5746879b45bdd586af29c4ede":"31bf37acbc53ca3fdbc9e5eaaebbb85a7f":"bd94b34511bc65ae47684805cb":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=0, TAG=16
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"f5a2b27c74355872eb3ef6c5feafaa740e6ae990d9d48c3bd9bb8235e589f010":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"58d2240f580a31c1d24948e9":"":"15e051a5e4a5f5da6cea92e2ebee5bac":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=16, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"3395a1485315c5b5e6353acb05ae9499c440a2e9f5c57494662f827235ea314c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"3b7e632571602456b49880f0":"f283f80226dacb69c8af089ec6b59e81":"84c8beff4b0d160ee68ac613097f51":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=20, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4dc46ca55c1c1fcb4720c274c0e675c2ac5bf93d8dd5e951ca9f6b61f884edc9":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"6473ab77dc885127422f5594":"e2cf8172ab4cf77eba45cd2c8ff939b938080a90":"8d6351f18d873242204c20144e2b83":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=48, TAG=14
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a7f95798434f9a0fe6fd8acd30b8bad96dbdcfacee4594f01cbf26479be7d154":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"9ef5a77b02137b46e8461d09":"5595a16fa12d4dcdba6b128480dce2d39c1211c3fb6068cde6013f6a80dfcda5eb92af8879e40ee9c177fd0e446fc8ca":"3bfd3d99fe2063e8ef8255519fe0":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=16
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4c8ebfe1444ec1b2d503c6986659af2c94fafe945f72c1e8486a5acfedb8a0f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"473360e0ad24889959858995":"":"d2c78110ac7e8f107c0df0570bd7c90cc26a379b6d98ef2852ead8ce83a833a7":"7789b41cb3ee548814ca0b388c10b343":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"57805f98aae1b8b64bb49756529ab8181b3ada674a90c55422e9eb26c48bcd7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"9735945d8ca161777206632a":"":"58375442ab1c0e6a8952c83d128d9fc5f45bb315":"4860116a6d2deb9bf794bfd6ac5bbbd6":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=16, TAG=8
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"f913bb823a1d0c10b0b72d56866907b893f2266f15de1abc17f93600824db55a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"d4fe686a14592b6ca1bd6b42":"e35d880c1c53688eb83869de9dd8a473":"35af9b502ea6b56269f896bf98affdd59c2aa418b38bc7fd":"ff426dd751190ff826e8b4a0792d746e":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=20, TAG=14
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"74e9d9d7cd0728cea94e169af485f21f9d2447e022f16008f803dcf5c4f7cc0c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"ecba39edc96667da726122c0":"ae9ab021f86f5b81bb2e0fcbd4b855e1501e9f82":"e5745ce0e02dbba05363b548c3ac7047eacca7e61db6f72fc9b9e5bdb2bb":"0a0b284515694188b6b6c15bc8a09036":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=0, TAG=14
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"60667fce64b8c7169ddf45f335e46951248f69abc4e0f4f292d0ffe3dfd5219f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"1057322a39f08ef761c3c8fc":"":"501b033c841acb430c52d88fe9cb44c751f2f1641d1e801a534ac8":"f386b28e7eb4c2fb8eb5dc66a2":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=20, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"e67590da399cbcdcddcc56110562ade8665b50287a8ab38e8b9ee7520531b560":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"2c36ab6b686a66fba1805196":"823493d42f4f60b2d1433ad75eccaafd7e7c7d12":"cff6b6f03c67152f3ce1030653d9bd9a6559f5b04b48d77c2a1fc364":"da1c61fbfcdb73445ad4c7d889":PSA_SUCCESS
PSA AEAD encrypt: ChaCha20-Poly1305 (RFC7539)
-depends_on:MBEDTLS_CHACHAPOLY_C
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691"
PSA AEAD encrypt: ChaCha20-Poly1305 (zero-length input)
-depends_on:MBEDTLS_CHACHAPOLY_C
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"":"a0784d7a4716f3feb4f64e7f4b39bf04"
PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, good tag)
-depends_on:MBEDTLS_CHACHAPOLY_C
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_SUCCESS
PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, bad tag)
-depends_on:MBEDTLS_CHACHAPOLY_C
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600690":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_SIGNATURE
PSA AEAD decrypt: ChaCha20-Poly1305 (good tag, zero-length input)
-depends_on:MBEDTLS_CHACHAPOLY_C
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"a0784d7a4716f3feb4f64e7f4b39bf04":"":PSA_SUCCESS
PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
@@ -1686,429 +2372,661 @@
PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20)
depends_on:MBEDTLS_CHACHA20_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20:"":"":"":PSA_ERROR_NOT_SUPPORTED
+aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_NOT_SUPPORTED
PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128
PSA signature size: RSA keypair, 1024 bits, PSS
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128
PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
PSA import/exercise RSA keypair, PKCS#1 v1.5 raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
PSA import/exercise RSA keypair, PSS-SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
PSA import/exercise RSA public key, PKCS#1 v1.5 raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
PSA import/exercise RSA public key, PSS-SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
PSA import/exercise: ECP SECP256R1 keypair, ECDSA
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA_ANY
PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
PSA import/exercise: ECP SECP256R1 keypair, ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDH
PSA import/exercise: HKDF SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_HKDF(PSA_ALG_SHA_256)
PSA import/exercise: TLS 1.2 PRF SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
-PSA sign: RSA PKCS#1 v1.5, raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
+PSA sign hash: RSA PKCS#1 v1.5, raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
-PSA sign: RSA PKCS#1 v1.5 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+PSA sign hash: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
-PSA sign: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+PSA sign hash: deterministic ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
-PSA sign: deterministic ECDSA SECP256R1 SHA-384
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca"
+PSA sign hash: deterministic ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca"
-PSA sign: deterministic ECDSA SECP384R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f"
+PSA sign hash: deterministic ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f"
-PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
+PSA sign hash: RSA PKCS#1 v1.5 SHA-256, wrong hash size
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
-PSA sign: RSA PKCS#1 v1.5, invalid hash (wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-# Arguably the error should be INVALID_ARGUMENT, but NOT_SUPPORTED is simpler
-# to implement.
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_NOT_SUPPORTED
+PSA sign hash: RSA PKCS#1 v1.5, invalid hash (wildcard)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT
-PSA sign: RSA PKCS#1 v1.5 raw, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT
+PSA sign hash: RSA PKCS#1 v1.5 raw, input too large
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT
-PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
+PSA sign hash: RSA PKCS#1 v1.5 SHA-256, output buffer too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
-PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
+PSA sign hash: RSA PSS SHA-256, wrong hash length (0 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":127:PSA_ERROR_INVALID_ARGUMENT
-PSA sign: RSA PKCS#1 v1.5 SHA-256, empty output buffer
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL
+PSA sign hash: RSA PSS SHA-256, wrong hash length (129 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":127:PSA_ERROR_INVALID_ARGUMENT
-PSA sign: deterministic ECDSA SECP256R1 SHA-256, empty output buffer
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL
+PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
-PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+PSA sign hash: RSA PKCS#1 v1.5 SHA-256, empty output buffer
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL
-PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, empty output buffer
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL
-PSA sign: invalid key type, signing with a public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+PSA sign hash: deterministic ECDSA SECP256R1, invalid hash algorithm (0)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-PSA sign: invalid algorithm for ECC key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+PSA sign hash: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-PSA sign/verify: RSA PKCS#1 v1.5, raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263"
+PSA sign hash: invalid key type, signing with a public key
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-PSA sign/verify: RSA PKCS#1 v1.5 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+PSA sign hash: invalid algorithm for ECC key
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-PSA sign/verify: RSA PSS SHA-256, 0 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):""
+PSA sign hash: deterministic ECDSA not supported
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_ERROR_NOT_SUPPORTED
-PSA sign/verify: RSA PSS SHA-256, 32 bytes (hash size)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+PSA sign/verify hash: RSA PKCS#1 v1.5, raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263"
-PSA sign/verify: RSA PSS SHA-256, 129 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+PSA sign/verify hash: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
-PSA sign/verify: randomized ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+PSA sign/verify hash: RSA PSS SHA-256, 32 bytes (hash size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
-PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
-PSA sign/verify: randomized ECDSA SECP256R1 SHA-384
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
+PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
-PSA sign/verify: deterministic ECDSA SECP256R1 SHA-384
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
+PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
-PSA sign/verify: randomized ECDSA SECP384R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
-PSA sign/verify: deterministic ECDSA SECP384R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+PSA sign/verify hash: randomized ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
-PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+PSA sign/verify hash: deterministic ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
-PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash length
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
+PSA verify hash with keypair: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong hash length
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: RSA PSS SHA-256, good signature, 0 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d"
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7"
+PSA verify hash: RSA PSS SHA-256, good signature, 32 bytes (hash size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7"
-PSA verify: RSA PSS SHA-256, good signature, 129 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308"
+PSA verify hash: RSA PSS SHA-256, wrong hash length (0 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d":PSA_ERROR_INVALID_ARGUMENT
-PSA verify: ECDSA SECP256R1, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+PSA verify hash: RSA PSS SHA-256, wrong hash length (129 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308":PSA_ERROR_INVALID_ARGUMENT
-PSA verify with keypair: ECDSA SECP256R1, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+PSA verify hash: ECDSA SECP256R1, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
-PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash with keypair: ECDSA SECP256R1, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
-PSA verify: ECDSA SECP256R1, wrong signature of correct size
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: ECDSA SECP256R1, wrong signature (empty)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: ECDSA SECP256R1, wrong signature of correct size
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: ECDSA SECP256R1, wrong signature (truncated)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: ECDSA SECP256R1, wrong signature (empty)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: ECDSA SECP256R1, wrong signature (trailing junk)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: ECDSA SECP256R1, wrong signature (truncated)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: ECDSA SECP256R1, wrong signature (leading junk)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+PSA verify hash: ECDSA SECP256R1, wrong signature (trailing junk)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE
-PSA verify: invalid algorithm for ECC key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
+PSA verify hash: ECDSA SECP256R1, wrong signature (leading junk)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: invalid algorithm for ECC key
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA sign message: deterministic ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548"
+
+PSA sign message: deterministic ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263":"7ea712a20e3a8cbe0c6e64195362ba7635bbe78af51ddedd7a5fd858395250c592654c35d3b0614ae0e3b329c25cf5b4a5fcb243af3e3ad15c8446fe401be066"
+
+PSA sign message: deterministic ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C
+sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"3548ea85eb66d756ae90fd64a3104b5b9a17aa282f8722409762e9da4811ec5d3060a97d3450b4bc484cd21ac588f563c4873843506fed8609b7d093db0e9a2496c36995ee74c906528af6898feb502f45bfb1e9ccf371416c68d32bb5ebc1b6"
+
+PSA sign message: RSA PKCS#1 v1.5, invalid hash (wildcard)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"616263":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: RSA PKCS#1 v1.5, invalid hash algorithm (0)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(0):"616263":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: RSA PKCS#1 v1.5 SHA-256, output buffer too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":127:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign message: RSA PKCS#1 v1.5 SHA-256, empty output buffer
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign message: RSA PKCS#1 v1.5 without hash
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: RSA PKCS#1 v1.5 SHA-256, invalid key type
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: ECDSA SECP256R1 SHA-256, invalid hash (wildcard)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"616263":64:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: ECDSA SECP256R1 SHA-256, invalid hash algorithm (0)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(0):"616263":64:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: ECDSA SECP256R1 SHA-256, output buffer too small
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":63:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign message: ECDSA SECP256R1 SHA-256, empty output buffer
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign message: ECDSA SECP256R1 SHA-256, invalid key type
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":64:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: invalid algorithm for ECC key
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: deterministic ECDSA not supported
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":96:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign message: ECDSA without hash
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"616263":96:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign/verify message: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: RSA PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: RSA PSS SHA-256, 0 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):""
+
+PSA sign/verify message: RSA PSS SHA-256, 32 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: RSA PSS SHA-256, 128 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: RSA PSS SHA-256, 129 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 0 bytes
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):""
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 32 bytes
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 64 bytes
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 65 bytes
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"616263"
+
+PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263"
+
+PSA sign/verify message: randomized ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: deterministic ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263"
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify message with keypair: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify message: RSA PSS SHA-256, good signature, 0 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"50c06249deb97228e277b51d3e3542a6e5c140d6f6d1cb8a3dff53b5ce6e6fcb39d0767703174135208adf5d75399dd7525702b275153e7605ec38b65d33337bb9bbeb8c392ee22e3e9c0dafa43074a8205e17df2106bedd7bf6f1ada702aeb2ce04864c0ca9ec31964f9a957d8ebb9abc82454ad37c541e9b4d9842436c14a4"
+
+PSA verify message: RSA PSS SHA-256, good signature, 32 bytes (hash size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d"
+
+PSA verify message: RSA PSS SHA-256, good signature, 128 bytes (signature size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5"
+
+PSA verify message: RSA PSS SHA-256, good signature, 129 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"43286cc0fc599603fbb0cd1fd70c3a17b08d2adf4f90202dddfa4b9d74be8c720bbb1c714665466de6452d401ca061b68225785ff387c2615f03c81351cc3838cd3014a031a4f4c9f70bba06f504c6a9942ac2dbfed2329e590d526a9be26b4025a6d7c4151b4e795cfe756c9a8a5e8fa9228a6f5f6f427a5a070e5c0ea69830"
+
+PSA verify message: ECDSA SECP256R1 SHA-256, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b"
+
+PSA verify message with keypair: ECDSA SECP256R1 SHA-256, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b"
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 without hash
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify message: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"304502200b295f3dc3ac2bde92f550b7e73a2de15a753b4ebc761c521a32d1ed9bf5800a022100fe7301254058347c3dec7768f62dfc63f7c049d28bfdd1d6712126fd888e9f04":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature of correct size
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf00":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature (empty)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature (truncated)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature (trailing junk)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0bff":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature (leading junk)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"ff0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: invalid algorithm for ECC key
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify message: ECDSA without hash
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"":"":PSA_ERROR_INVALID_ARGUMENT
PSA encrypt: RSA PKCS#1 v1.5, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
PSA encrypt: RSA OAEP-SHA-256, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
PSA encrypt: RSA OAEP-SHA-256, good, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS
PSA encrypt: RSA OAEP-SHA-384, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
PSA encrypt: RSA OAEP-SHA-384, good, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS
PSA encrypt: RSA PKCS#1 v1.5, key pair
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
PSA encrypt: RSA OAEP-SHA-256, key pair
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
PSA encrypt: RSA PKCS#1 v1.5, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT
PSA encrypt: RSA PKCS#1 v1.5: salt not allowed
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT
PSA encrypt: RSA OAEP-SHA-384, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT
PSA encrypt: invalid algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
PSA encrypt: RSA PKCS#1 v1.5: invalid key type
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C
asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":""
PSA encrypt-decrypt: RSA OAEP-SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
PSA encrypt-decrypt: RSA OAEP-SHA-256, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00"
PSA encrypt-decrypt: RSA OAEP-SHA-384
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
PSA decrypt: RSA PKCS#1 v1.5: good #1
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
PSA decrypt: RSA PKCS#1 v1.5: good #2
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, output too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":0:PSA_ERROR_BUFFER_TOO_SMALL
PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":""
PSA decrypt: RSA OAEP-SHA-256, 0 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":""
PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":""
PSA decrypt: RSA OAEP-SHA-256, 30 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765"
PSA decrypt: RSA OAEP-SHA-384, 30 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING
PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING
PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING
PSA decrypt: RSA PKCS#1 v1.5, invalid padding
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":128:PSA_ERROR_INVALID_PADDING
PSA decrypt: RSA PKCS#1 v1.5: salt not allowed
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT
PSA decrypt: RSA OAEP-SHA-256, invalid padding
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING
PSA decrypt: invalid algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
PSA decrypt: RSA OAEP, invalid key type (RSA public key)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":16:PSA_ERROR_INVALID_ARGUMENT
PSA decrypt: RSA PKCS#1 v1.5, input too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT
PSA decrypt: RSA PKCS#1 v1.5, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
PSA decrypt: RSA OAEP-SHA-256, input too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT
PSA decrypt: RSA OAEP-SHA-256, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
Crypto derivation operation object initializers zero properly
key_derivation_init:
PSA key derivation setup: HKDF-SHA-256, good case
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_SUCCESS
PSA key derivation setup: HKDF-SHA-512, good case
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_SUCCESS
PSA key derivation setup: TLS 1.2 PRF SHA-256, good case
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_setup:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_SUCCESS
PSA key derivation setup: not a key derivation algorithm (HMAC)
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
PSA key derivation setup: algorithm from bad hash
@@ -2120,503 +3038,618 @@
derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED
PSA key derivation: HKDF-SHA-256, good case, direct output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+PSA key derivation: HKDF-SHA-256, good case, omitted salt
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, info first
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, info after salt
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, omitted salt, info first
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
PSA key derivation: HKDF-SHA-256, good case, key output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
PSA key derivation: HKDF-SHA-512, good case
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
PSA key derivation: HKDF-SHA-256, bad key type
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: HKDF-SHA-256, bad key type, key output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
# Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation
# detail.
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
PSA key derivation: HKDF-SHA-256, direct secret, direct output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
PSA key derivation: HKDF-SHA-256, direct empty secret, direct output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
PSA key derivation: HKDF-SHA-256, direct secret, key output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
PSA key derivation: HKDF-SHA-256, direct empty secret, key output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
+PSA key derivation: HKDF-SHA-256, missing secret, key output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
+
PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
PSA key derivation: HKDF-SHA-256, RAW_DATA key as info
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
PSA key derivation: HKDF-SHA-256, DERIVE key as salt, direct output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: HKDF-SHA-256, DERIVE key as salt, key output
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
# Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation
# detail.
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_BAD_STATE
PSA key derivation: HKDF-SHA-256, DERIVE key as info
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+PSA key derivation: HKDF-SHA-256, salt after secret
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, missing secret
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, missing info
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate salt step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, direct)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, key)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (key, direct)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (key, key)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate info step (non-consecutive)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate info step (consecutive)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, reject label step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, reject seed step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
PSA key derivation: TLS 1.2 PRF SHA-256, good case
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, missing label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, missing label and secret
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, no inputs
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
PSA key derivation: TLS 1.2 PRF SHA-256, key first
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, key first
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
PSA key derivation: TLS 1.2 PRF SHA-256, label first
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: TLS 1.2 PRF SHA-256, early label
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: TLS 1.2 PRF SHA-256, double seed
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: TLS 1.2 PRF SHA-256, double key
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: TLS 1.2 PRF SHA-256, bad key type
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: TLS 1.2 PRF SHA-256, direct secret
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
PSA key derivation: TLS 1.2 PRF SHA-256, direct empty secret
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as seed
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as label
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as seed
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as label
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes)
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, info first
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
PSA key derivation: ECDH on P256 with HKDF-SHA256, key output
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_SUCCESS
-PSA key derivation: HKDF invalid state (double generate + read past capacity)
-depends_on:MBEDTLS_SHA256_C
-test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256)
+PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-PSA key derivation: TLS 1.2 PRF invalid state (double generate + read past capacity)
-depends_on:MBEDTLS_SHA256_C
-test_derive_invalid_key_derivation_state:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-PSA key derivation: invalid state (call read/get_capacity after init and abort)
-depends_on:MBEDTLS_SHA256_C
-test_derive_invalid_key_derivation_tests:
+PSA key derivation over capacity: HKDF
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key derivation over capacity: TLS 1.2 PRF
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_over_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA key derivation: actions without setup
+derive_actions_without_setup:
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865"
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":""
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858"
PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":""
PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":""
PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":""
PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":""
PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":""
PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
# Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":""
PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66"
PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b"
PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":""
PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f"
PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5"
# Test case manually extracted from debug output of TLS-PSK run
# Label: "master secret"
# Salt: Concatenation of ClientHello.Random and ServerHello.Random
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":""
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":""
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
PSA key derivation: HKDF SHA-256, request maximum capacity
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
PSA key derivation: HKDF SHA-1, request maximum capacity
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
PSA key derivation: HKDF SHA-256, request too much capacity
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256):255 * 32 + 1:PSA_ERROR_INVALID_ARGUMENT
PSA key derivation: HKDF SHA-1, request too much capacity
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_1):255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT
PSA key derivation: over capacity 42: output 42+1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff"
PSA key derivation: over capacity 42: output 41+2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff"
PSA key derivation: over capacity 42: output 43+0
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":""
PSA key derivation: over capacity 42: output 43+1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff"
PSA key derivation: HKDF SHA-256, read maximum capacity minus 1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1
PSA key derivation: HKDF SHA-256, read maximum capacity
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1
PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
PSA key derivation: HKDF SHA-256, exercise AES128-CTR
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
PSA key derivation: HKDF SHA-256, exercise AES256-CTR
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
PSA key derivation: HKDF SHA-256, exercise DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256)
PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES128-CTR
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES256-CTR
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
PSA key derivation: TLS 1.2 PRF SHA-256, exercise DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: TLS 1.2 PRF SHA-256, exercise 2-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: TLS 1.2 PRF SHA-256, exercise 3-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: TLS 1.2 PRF SHA-256, exercise HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_HMAC
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256)
PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256)
PSA key derivation: HKDF SHA-256, derive key export, 16+32
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32
PSA key derivation: HKDF SHA-256, derive key export, 1+41
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 16+32
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32
PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
PSA key derivation: invalid type (0)
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_INVALID_ARGUMENT:0
PSA key derivation: invalid type (PSA_KEY_TYPE_CATEGORY_MASK)
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_INVALID_ARGUMENT:0
PSA key derivation: invalid length (0)
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT:0
PSA key derivation: invalid length (7 bits)
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:7:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:7:PSA_ERROR_INVALID_ARGUMENT:0
PSA key derivation: raw data, 8 bits
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS:0
PSA key derivation: invalid length (9 bits)
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT:0
# This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes
# and not expected to be raised any time soon) is less than the maximum
# output from HKDF-SHA512 (255*64 = 16320 bytes).
PSA key derivation: largest possible key
-depends_on:MBEDTLS_SHA512_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS:PSA_SUCCESS:1
PSA key derivation: key too large
-depends_on:MBEDTLS_SHA512_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED:0
PSA key agreement setup: ECDH + HKDF-SHA-256: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
PSA key agreement setup: ECDH + HKDF-SHA-256: good, key algorithm broader than required
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDH:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
PSA key agreement setup: ECDH + HKDF-SHA-256: key algorithm KDF mismatch
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_512)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_PERMITTED
PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ff":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384
key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: ECDH, unknown KDF
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECDH_C
key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
PSA key agreement setup: bad key agreement algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: KDF instead of a key agreement algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_HKDF(PSA_ALG_SHA_256):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
PSA raw key agreement: ECDH SECP256R1 (RFC 5903)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
PSA raw key agreement: ECDH SECP384R1 (RFC 5903)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746"
PSA raw key agreement: ECDH SECP521R1 (RFC 5903)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea"
PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b"
PSA raw key agreement: ECDH brainpoolP384r1 (RFC 7027)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42"
PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f"
PSA raw key agreement: X25519 (RFC 7748: Alice)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":"de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"
PSA raw key agreement: X25519 (RFC 7748: Bob)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb":"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":""
PSA generate random: 0 bytes
@@ -2646,115 +3679,109 @@
PSA generate random: 2*MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes
generate_random:2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1
-PSA generate key: bad type (0)
-generate_key:PSA_KEY_TYPE_NONE:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: bad type (PSA_KEY_TYPE_CATEGORY_MASK)
-generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
-
PSA generate key: bad type (RSA public key)
-generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED:0
PSA generate key: raw data, 0 bits: invalid argument
# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-generate_key:PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
+generate_key:PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
PSA generate key: raw data, 7 bits: invalid argument
-generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
+generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
PSA generate key: raw data, 8 bits
-generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
PSA generate key: raw data, 9 bits: invalid argument
-generate_key:PSA_KEY_TYPE_RAW_DATA:9:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
+generate_key:PSA_KEY_TYPE_RAW_DATA:9:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
PSA generate key: raw data, (MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
-generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
PSA generate key: raw data, (2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
-generate_key:PSA_KEY_TYPE_RAW_DATA:(2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_RAW_DATA:(2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
-PSA generate key: raw data, 65528 bits (ok)
-depends_on:HAVE_RAM_AVAILABLE_128K
-generate_key:PSA_KEY_TYPE_RAW_DATA:65528:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+PSA generate key: raw data, 65528 bits (large key, ok if it fits)
+generate_key:PSA_KEY_TYPE_RAW_DATA:65528:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:1
PSA generate key: raw data, 65536 bits (not supported)
-generate_key:PSA_KEY_TYPE_RAW_DATA:65536:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
+generate_key:PSA_KEY_TYPE_RAW_DATA:65536:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED:0
PSA generate key: AES, 128 bits, CTR
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS:0
PSA generate key: AES, 128 bits, GCM
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS:0
PSA generate key: DES, 64 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS:0
PSA generate key: DES, 128 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS:0
PSA generate key: DES, 192 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS:0
PSA generate key: invalid key size: AES, 64 bits
-depends_on:MBEDTLS_AES_C
-generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT:0
PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0
PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0
PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:0
PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS:0
PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS:0
PSA generate key: RSA, 0 bits: invalid
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT:0
PSA generate key: RSA, 1022 bits: not supported
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0
PSA generate key: RSA, 1023 bits: not supported
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0
PSA generate key: RSA, maximum size exceeded
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0
PSA generate key: ECC, SECP256R1, good
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0
PSA generate key: ECC, SECP256R1, incorrect bit size
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
# INVALID_ARGUMENT would make more sense, but our code as currently structured
# doesn't fully relate the curve with its size.
-generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED:0
PSA generate key: ECC, Curve25519, good
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
-generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0
PSA generate key: RSA, default e
generate_key_rsa:512:"":PSA_SUCCESS
@@ -2775,15 +3802,15 @@
generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT
PSA import persistent key: raw data, 8 bits
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"2a":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY
PSA import persistent key: AES, 128 bits, exportable
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY
PSA import persistent key: AES, 128 bits, non-exportable
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:IMPORT_KEY
PSA generate persistent key: raw data, 8 bits, exportable
@@ -2791,25 +3818,24 @@
persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:GENERATE_KEY
PSA generate persistent key: AES, 128 bits, exportable
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY
PSA generate persistent key: AES, 128 bits, non-exportable
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY
PSA generate persistent key: DES, 64 bits, exportable
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY
PSA generate persistent key: RSA, 1024 bits, exportable
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY
PSA generate persistent key: ECC, SECP256R1, exportable
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY
PSA derive persistent key: HKDF SHA-256, exportable
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 8e71610..c2c94c1 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -9,118 +9,24 @@
* uses mbedtls_ctr_drbg internally. */
#include "mbedtls/ctr_drbg.h"
-#include "test/psa_crypto_helpers.h"
-
-/* Tests that require more than 128kB of RAM plus change have this symbol
- * as a dependency. Currently we always define this symbol, so the tests
- * are always executed. In the future we should make this conditional
- * so that tests that require a lot of memory are skipped on constrained
- * platforms. */
-#define HAVE_RAM_AVAILABLE_128K
-
#include "psa/crypto.h"
#include "psa_crypto_slot_management.h"
+#include "test/asn1_helpers.h"
+#include "test/psa_crypto_helpers.h"
+#include "test/psa_exercise_key.h"
+
+/* If this comes up, it's a bug in the test code or in the test data. */
+#define UNUSED 0xdeadbeef
+
+/* Assert that an operation is (not) active.
+ * This serves as a proxy for checking if the operation is aborted. */
+#define ASSERT_OPERATION_IS_ACTIVE( operation ) TEST_ASSERT( operation.id != 0 )
+#define ASSERT_OPERATION_IS_INACTIVE( operation ) TEST_ASSERT( operation.id == 0 )
+
/** An invalid export length that will never be set by psa_export_key(). */
static const size_t INVALID_EXPORT_LENGTH = ~0U;
-/* A hash algorithm that is known to be supported.
- *
- * This is used in some smoke tests.
- */
-#if defined(MBEDTLS_MD2_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2
-#elif defined(MBEDTLS_MD4_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4
-#elif defined(MBEDTLS_MD5_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
-/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
- * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
- * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
- * implausible anyway. */
-#elif defined(MBEDTLS_SHA1_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
-#elif defined(MBEDTLS_SHA256_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
-#elif defined(MBEDTLS_SHA512_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384
-#elif defined(MBEDTLS_SHA3_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256
-#else
-#undef KNOWN_SUPPORTED_HASH_ALG
-#endif
-
-/* A block cipher that is known to be supported.
- *
- * For simplicity's sake, stick to block ciphers with 16-byte blocks.
- */
-#if defined(MBEDTLS_AES_C)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES
-#elif defined(MBEDTLS_ARIA_C)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA
-#elif defined(MBEDTLS_CAMELLIA_C)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA
-#undef KNOWN_SUPPORTED_BLOCK_CIPHER
-#endif
-
-/* A MAC mode that is known to be supported.
- *
- * It must either be HMAC with #KNOWN_SUPPORTED_HASH_ALG or
- * a block cipher-based MAC with #KNOWN_SUPPORTED_BLOCK_CIPHER.
- *
- * This is used in some smoke tests.
- */
-#if defined(KNOWN_SUPPORTED_HASH_ALG)
-#define KNOWN_SUPPORTED_MAC_ALG ( PSA_ALG_HMAC( KNOWN_SUPPORTED_HASH_ALG ) )
-#define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC
-#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C)
-#define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC
-#define KNOWN_SUPPORTED_MAC_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
-#else
-#undef KNOWN_SUPPORTED_MAC_ALG
-#undef KNOWN_SUPPORTED_MAC_KEY_TYPE
-#endif
-
-/* A cipher algorithm and key type that are known to be supported.
- *
- * This is used in some smoke tests.
- */
-#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CTR)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR
-#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CBC)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING
-#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CFB)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB
-#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_OFB)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB
-#else
-#undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
-#endif
-#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG)
-#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
-#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
-#elif defined(MBEDTLS_RC4_C)
-#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4
-#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4
-#else
-#undef KNOWN_SUPPORTED_CIPHER_ALG
-#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-int lifetime_is_dynamic_secure_element( psa_key_lifetime_t lifetime )
-{
- return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) !=
- PSA_KEY_LOCATION_LOCAL_STORAGE );
-}
-#else
-int lifetime_is_secure_element( psa_key_lifetime_t lifetime )
-{
- (void) lifetime;
- return( 0 );
-}
-#endif
-
/** Test if a buffer contains a constant byte value.
*
* `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`.
@@ -227,80 +133,6 @@
return( len );
}
-int check_key_attributes_sanity( mbedtls_svc_key_id_t key )
-{
- int ok = 0;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_lifetime_t lifetime;
- mbedtls_svc_key_id_t id;
- psa_key_type_t type;
- psa_key_type_t bits;
-
- PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
- lifetime = psa_get_key_lifetime( &attributes );
- id = psa_get_key_id( &attributes );
- type = psa_get_key_type( &attributes );
- bits = psa_get_key_bits( &attributes );
-
- /* Persistence */
- if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
- {
- TEST_ASSERT(
- ( PSA_KEY_ID_VOLATILE_MIN <=
- MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) &&
- ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <=
- PSA_KEY_ID_VOLATILE_MAX ) );
- }
- else
- {
- TEST_ASSERT(
- ( PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) &&
- ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= PSA_KEY_ID_USER_MAX ) );
- }
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- /* randomly-generated 64-bit constant, should never appear in test data */
- psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21;
- psa_status_t status = psa_get_key_slot_number( &attributes, &slot_number );
- if( lifetime_is_dynamic_secure_element( lifetime ) )
- {
- /* Mbed Crypto currently always exposes the slot number to
- * applications. This is not mandated by the PSA specification
- * and may change in future versions. */
- TEST_EQUAL( status, 0 );
- TEST_ASSERT( slot_number != 0xec94d4a5058a1a21 );
- }
- else
- {
- TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT );
- }
-#endif
-
- /* Type and size */
- TEST_ASSERT( type != 0 );
- TEST_ASSERT( bits != 0 );
- TEST_ASSERT( bits <= PSA_MAX_KEY_BITS );
- if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
- TEST_ASSERT( bits % 8 == 0 );
-
- /* MAX macros concerning specific key types */
- if( PSA_KEY_TYPE_IS_ECC( type ) )
- TEST_ASSERT( bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
- else if( PSA_KEY_TYPE_IS_RSA( type ) )
- TEST_ASSERT( bits <= PSA_VENDOR_RSA_MAX_KEY_BITS );
- TEST_ASSERT( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) <= PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE );
-
- ok = 1;
-
-exit:
- /*
- * Key attributes may have been returned by psa_get_key_attributes()
- * thus reset them as required.
- */
- psa_reset_key_attributes( &attributes );
-
- return( ok );
-}
-
int exercise_mac_setup( psa_key_type_t key_type,
const unsigned char *key_bytes,
size_t key_length,
@@ -368,836 +200,6 @@
return( 0 );
}
-static int exercise_mac_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
- const unsigned char input[] = "foo";
- unsigned char mac[PSA_MAC_MAX_SIZE] = {0};
- size_t mac_length = sizeof( mac );
-
- if( usage & PSA_KEY_USAGE_SIGN_HASH )
- {
- PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
- PSA_ASSERT( psa_mac_update( &operation,
- input, sizeof( input ) ) );
- PSA_ASSERT( psa_mac_sign_finish( &operation,
- mac, sizeof( mac ),
- &mac_length ) );
- }
-
- if( usage & PSA_KEY_USAGE_VERIFY_HASH )
- {
- psa_status_t verify_status =
- ( usage & PSA_KEY_USAGE_SIGN_HASH ?
- PSA_SUCCESS :
- PSA_ERROR_INVALID_SIGNATURE );
- PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
- PSA_ASSERT( psa_mac_update( &operation,
- input, sizeof( input ) ) );
- TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ),
- verify_status );
- }
-
- return( 1 );
-
-exit:
- psa_mac_abort( &operation );
- return( 0 );
-}
-
-static int exercise_cipher_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
- unsigned char iv[16] = {0};
- size_t iv_length = sizeof( iv );
- const unsigned char plaintext[16] = "Hello, world...";
- unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)";
- size_t ciphertext_length = sizeof( ciphertext );
- unsigned char decrypted[sizeof( ciphertext )];
- size_t part_length;
-
- if( usage & PSA_KEY_USAGE_ENCRYPT )
- {
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
- PSA_ASSERT( psa_cipher_generate_iv( &operation,
- iv, sizeof( iv ),
- &iv_length ) );
- PSA_ASSERT( psa_cipher_update( &operation,
- plaintext, sizeof( plaintext ),
- ciphertext, sizeof( ciphertext ),
- &ciphertext_length ) );
- PSA_ASSERT( psa_cipher_finish( &operation,
- ciphertext + ciphertext_length,
- sizeof( ciphertext ) - ciphertext_length,
- &part_length ) );
- ciphertext_length += part_length;
- }
-
- if( usage & PSA_KEY_USAGE_DECRYPT )
- {
- psa_status_t status;
- int maybe_invalid_padding = 0;
- if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
- {
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
- /* This should be PSA_CIPHER_GET_IV_SIZE but the API doesn't
- * have this macro yet. */
- iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE(
- psa_get_key_type( &attributes ) );
- maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg );
- psa_reset_key_attributes( &attributes );
- }
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
- PSA_ASSERT( psa_cipher_set_iv( &operation,
- iv, iv_length ) );
- PSA_ASSERT( psa_cipher_update( &operation,
- ciphertext, ciphertext_length,
- decrypted, sizeof( decrypted ),
- &part_length ) );
- status = psa_cipher_finish( &operation,
- decrypted + part_length,
- sizeof( decrypted ) - part_length,
- &part_length );
- /* For a stream cipher, all inputs are valid. For a block cipher,
- * if the input is some aribtrary data rather than an actual
- ciphertext, a padding error is likely. */
- if( maybe_invalid_padding )
- TEST_ASSERT( status == PSA_SUCCESS ||
- status == PSA_ERROR_INVALID_PADDING );
- else
- PSA_ASSERT( status );
- }
-
- return( 1 );
-
-exit:
- psa_cipher_abort( &operation );
- return( 0 );
-}
-
-static int exercise_aead_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- unsigned char nonce[16] = {0};
- size_t nonce_length = sizeof( nonce );
- unsigned char plaintext[16] = "Hello, world...";
- unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)";
- size_t ciphertext_length = sizeof( ciphertext );
- size_t plaintext_length = sizeof( ciphertext );
-
- if( usage & PSA_KEY_USAGE_ENCRYPT )
- {
- PSA_ASSERT( psa_aead_encrypt( key, alg,
- nonce, nonce_length,
- NULL, 0,
- plaintext, sizeof( plaintext ),
- ciphertext, sizeof( ciphertext ),
- &ciphertext_length ) );
- }
-
- if( usage & PSA_KEY_USAGE_DECRYPT )
- {
- psa_status_t verify_status =
- ( usage & PSA_KEY_USAGE_ENCRYPT ?
- PSA_SUCCESS :
- PSA_ERROR_INVALID_SIGNATURE );
- TEST_EQUAL( psa_aead_decrypt( key, alg,
- nonce, nonce_length,
- NULL, 0,
- ciphertext, ciphertext_length,
- plaintext, sizeof( plaintext ),
- &plaintext_length ),
- verify_status );
- }
-
- return( 1 );
-
-exit:
- return( 0 );
-}
-
-static int exercise_signature_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
- size_t payload_length = 16;
- unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0};
- size_t signature_length = sizeof( signature );
- psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
-
- /* If the policy allows signing with any hash, just pick one. */
- if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && hash_alg == PSA_ALG_ANY_HASH )
- {
-#if defined(KNOWN_SUPPORTED_HASH_ALG)
- hash_alg = KNOWN_SUPPORTED_HASH_ALG;
- alg ^= PSA_ALG_ANY_HASH ^ hash_alg;
-#else
- test_fail( "No hash algorithm for hash-and-sign testing", __LINE__, __FILE__ );
- return( 1 );
-#endif
- }
-
- if( usage & PSA_KEY_USAGE_SIGN_HASH )
- {
- /* Some algorithms require the payload to have the size of
- * the hash encoded in the algorithm. Use this input size
- * even for algorithms that allow other input sizes. */
- if( hash_alg != 0 )
- payload_length = PSA_HASH_SIZE( hash_alg );
- PSA_ASSERT( psa_sign_hash( key, alg,
- payload, payload_length,
- signature, sizeof( signature ),
- &signature_length ) );
- }
-
- if( usage & PSA_KEY_USAGE_VERIFY_HASH )
- {
- psa_status_t verify_status =
- ( usage & PSA_KEY_USAGE_SIGN_HASH ?
- PSA_SUCCESS :
- PSA_ERROR_INVALID_SIGNATURE );
- TEST_EQUAL( psa_verify_hash( key, alg,
- payload, payload_length,
- signature, signature_length ),
- verify_status );
- }
-
- return( 1 );
-
-exit:
- return( 0 );
-}
-
-static int exercise_asymmetric_encryption_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- unsigned char plaintext[256] = "Hello, world...";
- unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)";
- size_t ciphertext_length = sizeof( ciphertext );
- size_t plaintext_length = 16;
-
- if( usage & PSA_KEY_USAGE_ENCRYPT )
- {
- PSA_ASSERT( psa_asymmetric_encrypt( key, alg,
- plaintext, plaintext_length,
- NULL, 0,
- ciphertext, sizeof( ciphertext ),
- &ciphertext_length ) );
- }
-
- if( usage & PSA_KEY_USAGE_DECRYPT )
- {
- psa_status_t status =
- psa_asymmetric_decrypt( key, alg,
- ciphertext, ciphertext_length,
- NULL, 0,
- plaintext, sizeof( plaintext ),
- &plaintext_length );
- TEST_ASSERT( status == PSA_SUCCESS ||
- ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 &&
- ( status == PSA_ERROR_INVALID_ARGUMENT ||
- status == PSA_ERROR_INVALID_PADDING ) ) );
- }
-
- return( 1 );
-
-exit:
- return( 0 );
-}
-
-static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation,
- mbedtls_svc_key_id_t key,
- psa_algorithm_t alg,
- unsigned char* input1, size_t input1_length,
- unsigned char* input2, size_t input2_length,
- size_t capacity )
-{
- PSA_ASSERT( psa_key_derivation_setup( operation, alg ) );
- if( PSA_ALG_IS_HKDF( alg ) )
- {
- PSA_ASSERT( psa_key_derivation_input_bytes( operation,
- PSA_KEY_DERIVATION_INPUT_SALT,
- input1, input1_length ) );
- PSA_ASSERT( psa_key_derivation_input_key( operation,
- PSA_KEY_DERIVATION_INPUT_SECRET,
- key ) );
- PSA_ASSERT( psa_key_derivation_input_bytes( operation,
- PSA_KEY_DERIVATION_INPUT_INFO,
- input2,
- input2_length ) );
- }
- else if( PSA_ALG_IS_TLS12_PRF( alg ) ||
- PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
- {
- PSA_ASSERT( psa_key_derivation_input_bytes( operation,
- PSA_KEY_DERIVATION_INPUT_SEED,
- input1, input1_length ) );
- PSA_ASSERT( psa_key_derivation_input_key( operation,
- PSA_KEY_DERIVATION_INPUT_SECRET,
- key ) );
- PSA_ASSERT( psa_key_derivation_input_bytes( operation,
- PSA_KEY_DERIVATION_INPUT_LABEL,
- input2, input2_length ) );
- }
- else
- {
- TEST_ASSERT( ! "Key derivation algorithm not supported" );
- }
-
- if( capacity != SIZE_MAX )
- PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) );
-
- return( 1 );
-
-exit:
- return( 0 );
-}
-
-
-static int exercise_key_derivation_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
- unsigned char input1[] = "Input 1";
- size_t input1_length = sizeof( input1 );
- unsigned char input2[] = "Input 2";
- size_t input2_length = sizeof( input2 );
- unsigned char output[1];
- size_t capacity = sizeof( output );
-
- if( usage & PSA_KEY_USAGE_DERIVE )
- {
- if( !setup_key_derivation_wrap( &operation, key, alg,
- input1, input1_length,
- input2, input2_length, capacity ) )
- goto exit;
-
- PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
- output,
- capacity ) );
- PSA_ASSERT( psa_key_derivation_abort( &operation ) );
- }
-
- return( 1 );
-
-exit:
- return( 0 );
-}
-
-/* We need two keys to exercise key agreement. Exercise the
- * private key against its own public key. */
-static psa_status_t key_agreement_with_self(
- psa_key_derivation_operation_t *operation,
- mbedtls_svc_key_id_t key )
-{
- psa_key_type_t private_key_type;
- psa_key_type_t public_key_type;
- size_t key_bits;
- uint8_t *public_key = NULL;
- size_t public_key_length;
- /* Return GENERIC_ERROR if something other than the final call to
- * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
- * but it's good enough: callers will report it as a failed test anyway. */
- psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
- PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
- private_key_type = psa_get_key_type( &attributes );
- key_bits = psa_get_key_bits( &attributes );
- public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
- public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
- ASSERT_ALLOC( public_key, public_key_length );
- PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length,
- &public_key_length ) );
-
- status = psa_key_derivation_key_agreement(
- operation, PSA_KEY_DERIVATION_INPUT_SECRET, key,
- public_key, public_key_length );
-exit:
- /*
- * Key attributes may have been returned by psa_get_key_attributes()
- * thus reset them as required.
- */
- psa_reset_key_attributes( &attributes );
-
- mbedtls_free( public_key );
- return( status );
-}
-
-/* We need two keys to exercise key agreement. Exercise the
- * private key against its own public key. */
-static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg,
- mbedtls_svc_key_id_t key )
-{
- psa_key_type_t private_key_type;
- psa_key_type_t public_key_type;
- size_t key_bits;
- uint8_t *public_key = NULL;
- size_t public_key_length;
- uint8_t output[1024];
- size_t output_length;
- /* Return GENERIC_ERROR if something other than the final call to
- * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
- * but it's good enough: callers will report it as a failed test anyway. */
- psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
- PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
- private_key_type = psa_get_key_type( &attributes );
- key_bits = psa_get_key_bits( &attributes );
- public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
- public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
- ASSERT_ALLOC( public_key, public_key_length );
- PSA_ASSERT( psa_export_public_key( key,
- public_key, public_key_length,
- &public_key_length ) );
-
- status = psa_raw_key_agreement( alg, key,
- public_key, public_key_length,
- output, sizeof( output ), &output_length );
-exit:
- /*
- * Key attributes may have been returned by psa_get_key_attributes()
- * thus reset them as required.
- */
- psa_reset_key_attributes( &attributes );
-
- mbedtls_free( public_key );
- return( status );
-}
-
-static int exercise_raw_key_agreement_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- int ok = 0;
-
- if( usage & PSA_KEY_USAGE_DERIVE )
- {
- /* We need two keys to exercise key agreement. Exercise the
- * private key against its own public key. */
- PSA_ASSERT( raw_key_agreement_with_self( alg, key ) );
- }
- ok = 1;
-
-exit:
- return( ok );
-}
-
-static int exercise_key_agreement_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
- unsigned char output[1];
- int ok = 0;
-
- if( usage & PSA_KEY_USAGE_DERIVE )
- {
- /* We need two keys to exercise key agreement. Exercise the
- * private key against its own public key. */
- PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
- PSA_ASSERT( key_agreement_with_self( &operation, key ) );
- PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
- output,
- sizeof( output ) ) );
- PSA_ASSERT( psa_key_derivation_abort( &operation ) );
- }
- ok = 1;
-
-exit:
- return( ok );
-}
-
-int asn1_skip_integer( unsigned char **p, const unsigned char *end,
- size_t min_bits, size_t max_bits,
- int must_be_odd )
-{
- size_t len;
- size_t actual_bits;
- unsigned char msb;
- TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len,
- MBEDTLS_ASN1_INTEGER ),
- 0 );
-
- /* Check if the retrieved length doesn't extend the actual buffer's size.
- * It is assumed here, that end >= p, which validates casting to size_t. */
- TEST_ASSERT( len <= (size_t)( end - *p) );
-
- /* Tolerate a slight departure from DER encoding:
- * - 0 may be represented by an empty string or a 1-byte string.
- * - The sign bit may be used as a value bit. */
- if( ( len == 1 && ( *p )[0] == 0 ) ||
- ( len > 1 && ( *p )[0] == 0 && ( ( *p )[1] & 0x80 ) != 0 ) )
- {
- ++( *p );
- --len;
- }
- if( min_bits == 0 && len == 0 )
- return( 1 );
- msb = ( *p )[0];
- TEST_ASSERT( msb != 0 );
- actual_bits = 8 * ( len - 1 );
- while( msb != 0 )
- {
- msb >>= 1;
- ++actual_bits;
- }
- TEST_ASSERT( actual_bits >= min_bits );
- TEST_ASSERT( actual_bits <= max_bits );
- if( must_be_odd )
- TEST_ASSERT( ( ( *p )[len-1] & 1 ) != 0 );
- *p += len;
- return( 1 );
-exit:
- return( 0 );
-}
-
-static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
- uint8_t *exported, size_t exported_length )
-{
- if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
- TEST_EQUAL( exported_length, ( bits + 7 ) / 8 );
- else
- TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, bits ) );
-
-#if defined(MBEDTLS_DES_C)
- if( type == PSA_KEY_TYPE_DES )
- {
- /* Check the parity bits. */
- unsigned i;
- for( i = 0; i < bits / 8; i++ )
- {
- unsigned bit_count = 0;
- unsigned m;
- for( m = 1; m <= 0x100; m <<= 1 )
- {
- if( exported[i] & m )
- ++bit_count;
- }
- TEST_ASSERT( bit_count % 2 != 0 );
- }
- }
- else
-#endif
-
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
- if( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
- {
- uint8_t *p = exported;
- uint8_t *end = exported + exported_length;
- size_t len;
- /* RSAPrivateKey ::= SEQUENCE {
- * version INTEGER, -- must be 0
- * modulus INTEGER, -- n
- * publicExponent INTEGER, -- e
- * privateExponent INTEGER, -- d
- * prime1 INTEGER, -- p
- * prime2 INTEGER, -- q
- * exponent1 INTEGER, -- d mod (p-1)
- * exponent2 INTEGER, -- d mod (q-1)
- * coefficient INTEGER, -- (inverse of q) mod p
- * }
- */
- TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
- MBEDTLS_ASN1_SEQUENCE |
- MBEDTLS_ASN1_CONSTRUCTED ), 0 );
- TEST_EQUAL( p + len, end );
- if( ! asn1_skip_integer( &p, end, 0, 0, 0 ) )
- goto exit;
- if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
- goto exit;
- if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
- goto exit;
- /* Require d to be at least half the size of n. */
- if( ! asn1_skip_integer( &p, end, bits / 2, bits, 1 ) )
- goto exit;
- /* Require p and q to be at most half the size of n, rounded up. */
- if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
- goto exit;
- if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
- goto exit;
- if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
- goto exit;
- if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
- goto exit;
- if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
- goto exit;
- TEST_EQUAL( p, end );
- }
- else
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
- if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
- {
- /* Just the secret value */
- TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) );
- }
- else
-#endif /* MBEDTLS_ECP_C */
-
- if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
- {
- uint8_t *p = exported;
- uint8_t *end = exported + exported_length;
-#if defined(MBEDTLS_RSA_C)
- if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
- {
- size_t len;
- /* RSAPublicKey ::= SEQUENCE {
- * modulus INTEGER, -- n
- * publicExponent INTEGER } -- e
- */
- TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
- MBEDTLS_ASN1_SEQUENCE |
- MBEDTLS_ASN1_CONSTRUCTED ),
- 0 );
- TEST_EQUAL( p + len, end );
- if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
- goto exit;
- if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
- goto exit;
- TEST_EQUAL( p, end );
- }
- else
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
- if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
- {
- if( PSA_KEY_TYPE_ECC_GET_FAMILY( type ) == PSA_ECC_FAMILY_MONTGOMERY )
- {
- /* The representation of an ECC Montgomery public key is
- * the raw compressed point */
- TEST_EQUAL( p + PSA_BITS_TO_BYTES( bits ), end );
- }
- else
- {
- /* The representation of an ECC Weierstrass public key is:
- * - The byte 0x04;
- * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
- * - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
- * - where m is the bit size associated with the curve.
- */
- TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end );
- TEST_EQUAL( p[0], 4 );
- }
- }
- else
-#endif /* MBEDTLS_ECP_C */
- {
- char message[47];
- mbedtls_snprintf( message, sizeof( message ),
- "No sanity check for public key type=0x%08lx",
- (unsigned long) type );
- test_fail( message, __LINE__, __FILE__ );
- (void) p;
- (void) end;
- return( 0 );
- }
- }
- else
-
- {
- /* No sanity checks for other types */
- }
-
- return( 1 );
-
-exit:
- return( 0 );
-}
-
-static int exercise_export_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage )
-{
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- uint8_t *exported = NULL;
- size_t exported_size = 0;
- size_t exported_length = 0;
- int ok = 0;
-
- PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-
- if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
- ! PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( &attributes ) ) )
- {
- TEST_EQUAL( psa_export_key( key, NULL, 0, &exported_length ),
- PSA_ERROR_NOT_PERMITTED );
- ok = 1;
- goto exit;
- }
-
- exported_size = PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( &attributes ),
- psa_get_key_bits( &attributes ) );
- ASSERT_ALLOC( exported, exported_size );
-
- PSA_ASSERT( psa_export_key( key,
- exported, exported_size,
- &exported_length ) );
- ok = exported_key_sanity_check( psa_get_key_type( &attributes ),
- psa_get_key_bits( &attributes ),
- exported, exported_length );
-
-exit:
- /*
- * Key attributes may have been returned by psa_get_key_attributes()
- * thus reset them as required.
- */
- psa_reset_key_attributes( &attributes );
-
- mbedtls_free( exported );
- return( ok );
-}
-
-static int exercise_export_public_key( mbedtls_svc_key_id_t key )
-{
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_type_t public_type;
- uint8_t *exported = NULL;
- size_t exported_size = 0;
- size_t exported_length = 0;
- int ok = 0;
-
- PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
- if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type( &attributes ) ) )
- {
- TEST_EQUAL( psa_export_public_key( key, NULL, 0, &exported_length ),
- PSA_ERROR_INVALID_ARGUMENT );
- return( 1 );
- }
-
- public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(
- psa_get_key_type( &attributes ) );
- exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type,
- psa_get_key_bits( &attributes ) );
- ASSERT_ALLOC( exported, exported_size );
-
- PSA_ASSERT( psa_export_public_key( key,
- exported, exported_size,
- &exported_length ) );
- ok = exported_key_sanity_check( public_type,
- psa_get_key_bits( &attributes ),
- exported, exported_length );
-
-exit:
- /*
- * Key attributes may have been returned by psa_get_key_attributes()
- * thus reset them as required.
- */
- psa_reset_key_attributes( &attributes );
-
- mbedtls_free( exported );
- return( ok );
-}
-
-/** Do smoke tests on a key.
- *
- * Perform one of each operation indicated by \p alg (decrypt/encrypt,
- * sign/verify, or derivation) that is permitted according to \p usage.
- * \p usage and \p alg should correspond to the expected policy on the
- * key.
- *
- * Export the key if permitted by \p usage, and check that the output
- * looks sensible. If \p usage forbids export, check that
- * \p psa_export_key correctly rejects the attempt. If the key is
- * asymmetric, also check \p psa_export_public_key.
- *
- * If the key fails the tests, this function calls the test framework's
- * `test_fail` function and returns false. Otherwise this function returns
- * true. Therefore it should be used as follows:
- * ```
- * if( ! exercise_key( ... ) ) goto exit;
- * ```
- *
- * \param key The key to exercise. It should be capable of performing
- * \p alg.
- * \param usage The usage flags to assume.
- * \param alg The algorithm to exercise.
- *
- * \retval 0 The key failed the smoke tests.
- * \retval 1 The key passed the smoke tests.
- */
-static int exercise_key( mbedtls_svc_key_id_t key,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
-{
- int ok;
-
- if( ! check_key_attributes_sanity( key ) )
- return( 0 );
-
- if( alg == 0 )
- ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
- else if( PSA_ALG_IS_MAC( alg ) )
- ok = exercise_mac_key( key, usage, alg );
- else if( PSA_ALG_IS_CIPHER( alg ) )
- ok = exercise_cipher_key( key, usage, alg );
- else if( PSA_ALG_IS_AEAD( alg ) )
- ok = exercise_aead_key( key, usage, alg );
- else if( PSA_ALG_IS_SIGN( alg ) )
- ok = exercise_signature_key( key, usage, alg );
- else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
- ok = exercise_asymmetric_encryption_key( key, usage, alg );
- else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
- ok = exercise_key_derivation_key( key, usage, alg );
- else if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) )
- ok = exercise_raw_key_agreement_key( key, usage, alg );
- else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
- ok = exercise_key_agreement_key( key, usage, alg );
- else
- {
- char message[40];
- mbedtls_snprintf( message, sizeof( message ),
- "No code to exercise alg=0x%08lx",
- (unsigned long) alg );
- test_fail( message, __LINE__, __FILE__ );
- ok = 0;
- }
-
- ok = ok && exercise_export_key( key, usage );
- ok = ok && exercise_export_public_key( key );
-
- return( ok );
-}
-
-static psa_key_usage_t usage_to_exercise( psa_key_type_t type,
- psa_algorithm_t alg )
-{
- if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) )
- {
- return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
- PSA_KEY_USAGE_VERIFY_HASH :
- PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH );
- }
- else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ||
- PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
- {
- return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
- PSA_KEY_USAGE_ENCRYPT :
- PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
- }
- else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ||
- PSA_ALG_IS_KEY_AGREEMENT( alg ) )
- {
- return( PSA_KEY_USAGE_DERIVE );
- }
- else
- {
- return( 0 );
- }
-
-}
-
static int test_operations_on_invalid_key( mbedtls_svc_key_id_t key )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -1211,7 +213,7 @@
psa_set_key_algorithm( &attributes, PSA_ALG_CTR );
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
TEST_EQUAL( psa_get_key_attributes( key, &attributes ),
- PSA_ERROR_DOES_NOT_EXIST );
+ PSA_ERROR_INVALID_HANDLE );
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL(
@@ -1223,10 +225,10 @@
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
TEST_EQUAL( psa_export_key( key, buffer, sizeof( buffer ), &length ),
- PSA_ERROR_DOES_NOT_EXIST );
+ PSA_ERROR_INVALID_HANDLE );
TEST_EQUAL( psa_export_public_key( key,
buffer, sizeof( buffer ), &length ),
- PSA_ERROR_DOES_NOT_EXIST );
+ PSA_ERROR_INVALID_HANDLE );
ok = 1;
@@ -1352,127 +354,6 @@
/* END_CASE */
/* BEGIN_CASE */
-void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg,
- int usage_flags_arg, int alg_arg,
- int type_arg, int bits_arg )
-{
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
- psa_key_lifetime_t lifetime = lifetime_arg;
- psa_key_usage_t usage_flags = usage_flags_arg;
- psa_algorithm_t alg = alg_arg;
- psa_key_type_t type = type_arg;
- size_t bits = bits_arg;
-
- TEST_EQUAL(
- MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
- TEST_EQUAL(
- MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
- TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
- TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
- TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
- TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
-
- psa_set_key_id( &attributes, id );
- psa_set_key_lifetime( &attributes, lifetime );
- psa_set_key_usage_flags( &attributes, usage_flags );
- psa_set_key_algorithm( &attributes, alg );
- psa_set_key_type( &attributes, type );
- psa_set_key_bits( &attributes, bits );
-
- TEST_ASSERT( mbedtls_svc_key_id_equal(
- psa_get_key_id( &attributes ), id ) );
- TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
- TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
- TEST_EQUAL( psa_get_key_type( &attributes ), type );
- TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
-
- psa_reset_key_attributes( &attributes );
-
- TEST_EQUAL(
- MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
- TEST_EQUAL(
- MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
- TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
- TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
- TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
- TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void persistence_attributes( int id1_arg, int owner_id1_arg, int lifetime_arg,
- int id2_arg, int owner_id2_arg,
- int expected_id_arg, int expected_owner_id_arg,
- int expected_lifetime_arg )
-{
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- mbedtls_svc_key_id_t id1 =
- mbedtls_svc_key_id_make( owner_id1_arg, id1_arg );
- psa_key_lifetime_t lifetime = lifetime_arg;
- mbedtls_svc_key_id_t id2 =
- mbedtls_svc_key_id_make( owner_id2_arg, id2_arg );
- mbedtls_svc_key_id_t expected_id =
- mbedtls_svc_key_id_make( expected_owner_id_arg, expected_id_arg );
- psa_key_lifetime_t expected_lifetime = expected_lifetime_arg;
-
- if( id1_arg != -1 )
- psa_set_key_id( &attributes, id1 );
- if( lifetime_arg != -1 )
- psa_set_key_lifetime( &attributes, lifetime );
- if( id2_arg != -1 )
- psa_set_key_id( &attributes, id2 );
-
- TEST_ASSERT( mbedtls_svc_key_id_equal(
- psa_get_key_id( &attributes ), expected_id ) );
- TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */
-void slot_number_attribute( )
-{
- psa_key_slot_number_t slot_number = 0xdeadbeef;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
- /* Initially, there is no slot number. */
- TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
- PSA_ERROR_INVALID_ARGUMENT );
-
- /* Test setting a slot number. */
- psa_set_key_slot_number( &attributes, 0 );
- PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
- TEST_EQUAL( slot_number, 0 );
-
- /* Test changing the slot number. */
- psa_set_key_slot_number( &attributes, 42 );
- PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
- TEST_EQUAL( slot_number, 42 );
-
- /* Test clearing the slot number. */
- psa_clear_key_slot_number( &attributes );
- TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
- PSA_ERROR_INVALID_ARGUMENT );
-
- /* Clearing again should have no effect. */
- psa_clear_key_slot_number( &attributes );
- TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
- PSA_ERROR_INVALID_ARGUMENT );
-
- /* Test that reset clears the slot number. */
- psa_set_key_slot_number( &attributes, 42 );
- PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
- TEST_EQUAL( slot_number, 42 );
- psa_reset_key_attributes( &attributes );
- TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
- PSA_ERROR_INVALID_ARGUMENT );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
void import_with_policy( int type_arg,
int usage_arg, int alg_arg,
int expected_status_arg )
@@ -1502,7 +383,8 @@
PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
- TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage );
+ TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ),
+ mbedtls_test_update_key_usage_flags( usage ) );
TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg );
ASSERT_NO_SLOT_NUMBER( &got_attributes );
@@ -1579,9 +461,9 @@
size_t buffer_size = byte_size + 1;
size_t n;
- /* It would be better to skip the test than fail it if the allocation
- * fails, but the test framework doesn't support this yet. */
- ASSERT_ALLOC( buffer, buffer_size );
+ /* Skip the test case if the target running the test cannot
+ * accomodate large keys due to heap size constraints */
+ ASSERT_ALLOC_WEAK( buffer, buffer_size );
memset( buffer, 'K', byte_size );
PSA_ASSERT( psa_crypto_init( ) );
@@ -1590,6 +472,7 @@
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
psa_set_key_type( &attributes, type );
status = psa_import_key( &attributes, buffer, byte_size, &key );
+ TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY );
TEST_EQUAL( status, expected_status );
if( status == PSA_SUCCESS )
@@ -1717,7 +600,11 @@
goto destroy;
}
- if( ! exercise_export_key( key, usage_arg ) )
+ /* Run sanity checks on the exported key. For non-canonical inputs,
+ * this validates the canonical representations. For canonical inputs,
+ * this doesn't directly validate the implementation, but it still helps
+ * by cross-validating the test data with the sanity check code. */
+ if( ! mbedtls_test_psa_exercise_key( key, usage_arg, 0 ) )
goto exit;
if( canonical_input )
@@ -1735,7 +622,10 @@
reexported, reexported_length );
PSA_ASSERT( psa_destroy_key( key2 ) );
}
- TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, psa_get_key_bits( &got_attributes ) ) );
+ TEST_ASSERT( exported_length <=
+ PSA_EXPORT_KEY_OUTPUT_SIZE( type,
+ psa_get_key_bits( &got_attributes ) ) );
+ TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
destroy:
/* Destroy the key */
@@ -1795,7 +685,11 @@
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
bits = psa_get_key_bits( &attributes );
TEST_ASSERT( expected_public_key->len <=
- PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) );
+ PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, bits ) );
+ TEST_ASSERT( expected_public_key->len <=
+ PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type, bits ) );
+ TEST_ASSERT( expected_public_key->len <=
+ PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
exported, exported_length );
}
@@ -1823,7 +717,7 @@
psa_key_type_t type = type_arg;
size_t bits = bits_arg;
psa_algorithm_t alg = alg_arg;
- psa_key_usage_t usage = usage_to_exercise( type, alg );
+ psa_key_usage_t usage = mbedtls_test_psa_usage_to_exercise( type, alg );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -1842,7 +736,7 @@
TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits );
/* Do something with the key according to its type and permitted usage. */
- if( ! exercise_key( key, usage, alg ) )
+ if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) )
goto exit;
PSA_ASSERT( psa_destroy_key( key ) );
@@ -1911,7 +805,9 @@
int usage_arg, int alg_arg )
{
test_effective_key_attributes( type_arg, type_arg, bits_arg, bits_arg,
- usage_arg, usage_arg, alg_arg, alg_arg );
+ usage_arg,
+ mbedtls_test_update_key_usage_flags( usage_arg ),
+ alg_arg, alg_arg );
goto exit;
}
/* END_CASE */
@@ -1952,16 +848,22 @@
/* END_CASE */
/* BEGIN_CASE */
-void mac_key_policy( int policy_usage,
- int policy_alg,
- int key_type,
+void mac_key_policy( int policy_usage_arg,
+ int policy_alg_arg,
+ int key_type_arg,
data_t *key_data,
- int exercise_alg )
+ int exercise_alg_arg,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t policy_alg = policy_alg_arg;
+ psa_algorithm_t exercise_alg = exercise_alg_arg;
+ psa_key_usage_t policy_usage = policy_usage_arg;
psa_status_t status;
+ psa_status_t expected_status = expected_status_arg;
unsigned char mac[PSA_MAC_MAX_SIZE];
PSA_ASSERT( psa_crypto_init( ) );
@@ -1973,21 +875,23 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
status = psa_mac_sign_setup( &operation, key, exercise_alg );
- if( policy_alg == exercise_alg &&
- ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 )
- PSA_ASSERT( status );
- else
+ if( ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) == 0 )
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ else
+ TEST_EQUAL( status, expected_status );
+
psa_mac_abort( &operation );
memset( mac, 0, sizeof( mac ) );
status = psa_mac_verify_setup( &operation, key, exercise_alg );
- if( policy_alg == exercise_alg &&
- ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
- PSA_ASSERT( status );
- else
+ if( ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) == 0 )
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ else
+ TEST_EQUAL( status, expected_status );
exit:
psa_mac_abort( &operation );
@@ -1997,7 +901,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_key_policy( int policy_usage,
+void cipher_key_policy( int policy_usage_arg,
int policy_alg,
int key_type,
data_t *key_data,
@@ -2006,6 +910,7 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_usage_t policy_usage = policy_usage_arg;
psa_status_t status;
PSA_ASSERT( psa_crypto_init( ) );
@@ -2017,6 +922,10 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* Check if no key usage flag implication is done */
+ TEST_EQUAL( policy_usage,
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
status = psa_cipher_encrypt_setup( &operation, key, exercise_alg );
if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
@@ -2040,17 +949,20 @@
/* END_CASE */
/* BEGIN_CASE */
-void aead_key_policy( int policy_usage,
+void aead_key_policy( int policy_usage_arg,
int policy_alg,
int key_type,
data_t *key_data,
int nonce_length_arg,
int tag_length_arg,
- int exercise_alg )
+ int exercise_alg,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_usage_t policy_usage = policy_usage_arg;
psa_status_t status;
+ psa_status_t expected_status = expected_status_arg;
unsigned char nonce[16] = {0};
size_t nonce_length = nonce_length_arg;
unsigned char tag[16];
@@ -2069,15 +981,18 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* Check if no key usage implication is done */
+ TEST_EQUAL( policy_usage,
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
status = psa_aead_encrypt( key, exercise_alg,
nonce, nonce_length,
NULL, 0,
NULL, 0,
tag, tag_length,
&output_length );
- if( policy_alg == exercise_alg &&
- ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
- PSA_ASSERT( status );
+ if( ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
+ TEST_EQUAL( status, expected_status );
else
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
@@ -2088,11 +1003,12 @@
tag, tag_length,
NULL, 0,
&output_length );
- if( policy_alg == exercise_alg &&
- ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
+ if( ( policy_usage & PSA_KEY_USAGE_DECRYPT ) == 0 )
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ else if( expected_status == PSA_SUCCESS )
TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
else
- TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ TEST_EQUAL( status, expected_status );
exit:
psa_destroy_key( key );
@@ -2101,7 +1017,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void asymmetric_encryption_key_policy( int policy_usage,
+void asymmetric_encryption_key_policy( int policy_usage_arg,
int policy_alg,
int key_type,
data_t *key_data,
@@ -2109,6 +1025,7 @@
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_usage_t policy_usage = policy_usage_arg;
psa_status_t status;
size_t key_bits;
size_t buffer_length;
@@ -2124,6 +1041,10 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* Check if no key usage implication is done */
+ TEST_EQUAL( policy_usage,
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
@@ -2168,15 +1089,18 @@
/* END_CASE */
/* BEGIN_CASE */
-void asymmetric_signature_key_policy( int policy_usage,
+void asymmetric_signature_key_policy( int policy_usage_arg,
int policy_alg,
int key_type,
data_t *key_data,
int exercise_alg,
- int payload_length_arg )
+ int payload_length_arg,
+ int expected_usage_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_usage_t policy_usage = policy_usage_arg;
+ psa_key_usage_t expected_usage = expected_usage_arg;
psa_status_t status;
unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
/* If `payload_length_arg > 0`, `exercise_alg` is supposed to be
@@ -2188,6 +1112,11 @@
unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0};
size_t signature_length;
+ /* Check if all implicit usage flags are deployed
+ in the expected usage flags. */
+ TEST_EQUAL( expected_usage,
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, policy_usage );
@@ -2197,11 +1126,13 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage );
+
status = psa_sign_hash( key, exercise_alg,
payload, payload_length,
signature, sizeof( signature ),
&signature_length );
- if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 )
+ if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 )
PSA_ASSERT( status );
else
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
@@ -2210,11 +1141,33 @@
status = psa_verify_hash( key, exercise_alg,
payload, payload_length,
signature, sizeof( signature ) );
- if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
+ if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
else
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ if( PSA_ALG_IS_HASH_AND_SIGN( exercise_alg ) &&
+ PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( exercise_alg ) ) )
+ {
+ status = psa_sign_message( key, exercise_alg,
+ payload, payload_length,
+ signature, sizeof( signature ),
+ &signature_length );
+ if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+ memset( signature, 0, sizeof( signature ) );
+ status = psa_verify_message( key, exercise_alg,
+ payload, payload_length,
+ signature, sizeof( signature ) );
+ if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_MESSAGE ) != 0 )
+ TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ }
+
exit:
psa_destroy_key( key );
PSA_DONE( );
@@ -2295,7 +1248,7 @@
&key ) );
PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) );
- status = key_agreement_with_self( &operation, key );
+ status = mbedtls_test_psa_key_agreement_with_self( &operation, key );
TEST_EQUAL( status, expected_status );
@@ -2327,14 +1280,16 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* Update the usage flags to obtain implicit usage flags */
+ usage = mbedtls_test_update_key_usage_flags( usage );
PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage );
TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &got_attributes ), alg2 );
- if( ! exercise_key( key, usage, alg ) )
+ if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) )
goto exit;
- if( ! exercise_key( key, usage, alg2 ) )
+ if( ! mbedtls_test_psa_exercise_key( key, usage, alg2 ) )
goto exit;
exit:
@@ -2373,7 +1328,7 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
- status = raw_key_agreement_with_self( exercise_alg, key );
+ status = mbedtls_test_psa_raw_key_agreement_with_self( exercise_alg, key );
TEST_EQUAL( status, expected_status );
@@ -2456,9 +1411,10 @@
ASSERT_COMPARE( material->x, material->len,
export_buffer, length );
}
- if( ! exercise_key( target_key, expected_usage, expected_alg ) )
+
+ if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg ) )
goto exit;
- if( ! exercise_key( target_key, expected_usage, expected_alg2 ) )
+ if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg2 ) )
goto exit;
PSA_ASSERT( psa_destroy_key( target_key ) );
@@ -2483,12 +1439,14 @@
int target_type_arg, int target_bits_arg,
int target_usage_arg,
int target_alg_arg, int target_alg2_arg,
+ int target_id_arg, int target_lifetime_arg,
int expected_status_arg )
{
psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT;
mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, target_id_arg );
PSA_ASSERT( psa_crypto_init( ) );
@@ -2502,6 +1460,8 @@
&source_key ) );
/* Prepare the target attributes. */
+ psa_set_key_id( &target_attributes, key_id );
+ psa_set_key_lifetime( &target_attributes, target_lifetime_arg );
psa_set_key_type( &target_attributes, target_type_arg );
psa_set_key_bits( &target_attributes, target_bits_arg );
psa_set_key_usage_flags( &target_attributes, target_usage_arg );
@@ -2643,9 +1603,9 @@
/* Compute with tight buffer */
PSA_ASSERT( psa_hash_compute( alg, input->x, input->len,
- output, PSA_HASH_SIZE( alg ),
+ output, PSA_HASH_LENGTH( alg ),
&output_length ) );
- TEST_EQUAL( output_length, PSA_HASH_SIZE( alg ) );
+ TEST_EQUAL( output_length, PSA_HASH_LENGTH( alg ) );
ASSERT_COMPARE( output, output_length,
expected_output->x, expected_output->len );
@@ -2653,7 +1613,7 @@
PSA_ASSERT( psa_hash_compute( alg, input->x, input->len,
output, sizeof( output ),
&output_length ) );
- TEST_EQUAL( output_length, PSA_HASH_SIZE( alg ) );
+ TEST_EQUAL( output_length, PSA_HASH_LENGTH( alg ) );
ASSERT_COMPARE( output, output_length,
expected_output->x, expected_output->len );
@@ -2674,7 +1634,7 @@
/* Compare with corrupted value */
for( i = 0; i < output_length; i++ )
{
- test_set_step( i );
+ mbedtls_test_set_step( i );
output[i] ^= 1;
TEST_EQUAL( psa_hash_compare( alg, input->x, input->len,
output, output_length ),
@@ -2687,7 +1647,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
void hash_bad_order( )
{
psa_algorithm_t alg = PSA_ALG_SHA_256;
@@ -2705,15 +1665,28 @@
/* Call setup twice in a row. */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_hash_setup( &operation, alg ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_hash_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call update without calling setup beforehand. */
TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_hash_abort( &operation ) );
+ /* Check that update calls abort on error. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ operation.id = UINT_MAX;
+ ASSERT_OPERATION_IS_ACTIVE( operation );
+ TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
+
/* Call update after finish. */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
PSA_ASSERT( psa_hash_finish( &operation,
@@ -2739,11 +1712,14 @@
/* Call verify twice in a row. */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
PSA_ASSERT( psa_hash_verify( &operation,
valid_hash, sizeof( valid_hash ) ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
TEST_EQUAL( psa_hash_verify( &operation,
valid_hash, sizeof( valid_hash ) ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_hash_abort( &operation ) );
/* Call finish without calling setup beforehand. */
@@ -2775,7 +1751,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
void hash_verify_bad_args( )
{
psa_algorithm_t alg = PSA_ALG_SHA_256;
@@ -2785,15 +1761,19 @@
0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb };
- size_t expected_size = PSA_HASH_SIZE( alg );
+ size_t expected_size = PSA_HASH_LENGTH( alg );
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
PSA_ASSERT( psa_crypto_init( ) );
/* psa_hash_verify with a smaller hash than expected */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ),
PSA_ERROR_INVALID_SIGNATURE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* psa_hash_verify with a non-matching hash */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
@@ -2810,12 +1790,12 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
void hash_finish_bad_args( )
{
psa_algorithm_t alg = PSA_ALG_SHA_256;
unsigned char hash[PSA_HASH_MAX_SIZE];
- size_t expected_size = PSA_HASH_SIZE( alg );
+ size_t expected_size = PSA_HASH_LENGTH( alg );
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
size_t hash_len;
@@ -2832,7 +1812,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
void hash_clone_source_state( )
{
psa_algorithm_t alg = PSA_ALG_SHA_256;
@@ -2877,7 +1857,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
void hash_clone_target_state( )
{
psa_algorithm_t alg = PSA_ALG_SHA_256;
@@ -2989,7 +1969,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_HMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 */
void mac_bad_order( )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -3036,9 +2016,12 @@
/* Call setup twice in a row. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_mac_sign_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_mac_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call update after sign finish. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
@@ -3084,19 +2067,25 @@
/* Setup sign but try verify. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_mac_verify_finish( &operation,
verify_mac, sizeof( verify_mac ) ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_mac_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Setup verify but try sign. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_mac_sign_finish( &operation,
sign_mac, sizeof( sign_mac ),
&sign_mac_length ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_mac_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_destroy_key( key ) );
@@ -3119,7 +2108,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t *actual_mac = NULL;
size_t mac_buffer_size =
- PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg );
+ PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg );
size_t mac_length = 0;
const size_t output_sizes_to_test[] = {
0,
@@ -3130,7 +2119,7 @@
};
TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
- /* We expect PSA_MAC_FINAL_SIZE to be exact. */
+ /* We expect PSA_MAC_LENGTH to be exact. */
TEST_ASSERT( expected_mac->len == mac_buffer_size );
PSA_ASSERT( psa_crypto_init( ) );
@@ -3149,10 +2138,24 @@
( output_size >= expected_mac->len ? PSA_SUCCESS :
PSA_ERROR_BUFFER_TOO_SMALL );
- test_set_step( output_size );
+ mbedtls_test_set_step( output_size );
ASSERT_ALLOC( actual_mac, output_size );
- /* Calculate the MAC. */
+ /* Calculate the MAC, one-shot case. */
+ TEST_EQUAL( psa_mac_compute( key, alg,
+ input->x, input->len,
+ actual_mac, output_size, &mac_length ),
+ expected_status );
+ if( expected_status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( expected_mac->x, expected_mac->len,
+ actual_mac, mac_length );
+ }
+
+ if( output_size > 0 )
+ memset( actual_mac, 0, output_size );
+
+ /* Calculate the MAC, multi-part case. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -3204,7 +2207,11 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
- /* Test the correct MAC. */
+ /* Verify correct MAC, one-shot case. */
+ PSA_ASSERT( psa_mac_verify( key, alg, input->x, input->len,
+ expected_mac->x, expected_mac->len ) );
+
+ /* Verify correct MAC, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -3212,7 +2219,14 @@
expected_mac->x,
expected_mac->len ) );
- /* Test a MAC that's too short. */
+ /* Test a MAC that's too short, one-shot case. */
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ expected_mac->x,
+ expected_mac->len - 1 ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+ /* Test a MAC that's too short, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -3221,9 +2235,15 @@
expected_mac->len - 1 ),
PSA_ERROR_INVALID_SIGNATURE );
- /* Test a MAC that's too long. */
+ /* Test a MAC that's too long, one-shot case. */
ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 );
memcpy( perturbed_mac, expected_mac->x, expected_mac->len );
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ perturbed_mac, expected_mac->len + 1 ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+ /* Test a MAC that's too long, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -3235,8 +2255,14 @@
/* Test changing one byte. */
for( size_t i = 0; i < expected_mac->len; i++ )
{
- test_set_step( i );
+ mbedtls_test_set_step( i );
perturbed_mac[i] ^= 1;
+
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ perturbed_mac, expected_mac->len ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -3306,7 +2332,7 @@
psa_status_t expected_status = expected_status_arg;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_status_t status;
-#if defined(KNOWN_SUPPORTED_MAC_ALG)
+#if defined(KNOWN_SUPPORTED_CIPHER_ALG)
const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk";
#endif
@@ -3334,7 +2360,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_PKCS7 */
void cipher_bad_order( )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -3342,14 +2368,14 @@
psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
- unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
+ unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 };
const uint8_t key_data[] = {
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa };
const uint8_t text[] = {
0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
0xbb, 0xbb, 0xbb, 0xbb };
- uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
+ uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 };
size_t length = 0;
PSA_ASSERT( psa_crypto_init( ) );
@@ -3361,15 +2387,21 @@
/* Call encrypt setup twice in a row. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_encrypt_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call decrypt setup twice in a row. */
PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_decrypt_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Generate an IV without calling setup beforehand. */
TEST_EQUAL( psa_cipher_generate_iv( &operation,
@@ -3383,11 +2415,14 @@
PSA_ASSERT( psa_cipher_generate_iv( &operation,
buffer, sizeof( buffer ),
&length ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_generate_iv( &operation,
buffer, sizeof( buffer ),
&length ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Generate an IV after it's already set. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@@ -3409,10 +2444,13 @@
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Set an IV after it's already generated. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@@ -3433,12 +2471,16 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Call update without an IV where an IV is required. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_update( &operation,
text, sizeof( text ),
buffer, sizeof( buffer ),
&length ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call update after finish. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@@ -3463,10 +2505,13 @@
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
/* Not calling update means we are encrypting an empty buffer, which is OK
* for cipher modes with padding. */
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_finish( &operation,
buffer, sizeof( buffer ), &length ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call finish twice in a row. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@@ -3488,10 +2533,11 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_encrypt( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input, data_t *expected_output,
- int expected_status_arg )
+void cipher_encrypt_fail( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *input,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status;
@@ -3500,8 +2546,137 @@
psa_status_t expected_status = expected_status_arg;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if ( PSA_ERROR_BAD_STATE != expected_status )
+ {
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg,
+ input->len );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ }
+
+ status = psa_cipher_encrypt( key, alg, input->x, input->len, output,
+ output_buffer_size, &output_length );
+
+ TEST_EQUAL( status, expected_status );
+
+exit:
+ mbedtls_free( output );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_alg_without_iv( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *input,
+ data_t *expected_output )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output,
+ output_buffer_size, &output_length ) );
+ TEST_ASSERT( output_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
+ TEST_ASSERT( output_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, output_length );
+exit:
+ mbedtls_free( output );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_bad_key( int alg_arg, int key_type_arg, data_t *key_data )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_type_t key_type = key_type_arg;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ /* Usage of either of these two size macros would cause divide by zero
+ * with incorrect key types previously. Input length should be irrelevant
+ * here. */
+ TEST_EQUAL( PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, 16 ),
+ 0 );
+ TEST_EQUAL( PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, 16 ), 0 );
+
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ /* Should fail due to invalid alg type (to support invalid key type).
+ * Encrypt or decrypt will end up in the same place. */
+ status = psa_cipher_encrypt_setup( &operation, key, alg );
+
+ TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT );
+
+exit:
+ psa_cipher_abort( &operation );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_validation( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *input )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg );
+ unsigned char *output1 = NULL;
+ size_t output1_buffer_size = 0;
+ size_t output1_length = 0;
+ unsigned char *output2 = NULL;
+ size_t output2_buffer_size = 0;
+ size_t output2_length = 0;
size_t function_output_length = 0;
- size_t total_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -3511,42 +2686,55 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
+ output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
+ output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) +
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
+ ASSERT_ALLOC( output1, output1_buffer_size );
+ ASSERT_ALLOC( output2, output2_buffer_size );
+
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* The one-shot cipher encryption uses generated iv so validating
+ the output is not possible. Validating with multipart encryption. */
+ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1,
+ output1_buffer_size, &output1_length ) );
+ TEST_ASSERT( output1_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
+ TEST_ASSERT( output1_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
+
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-
- if( iv->len > 0 )
- {
- PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- }
-
- output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
- ASSERT_ALLOC( output, output_buffer_size );
+ PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) );
PSA_ASSERT( psa_cipher_update( &operation,
input->x, input->len,
- output, output_buffer_size,
+ output2, output2_buffer_size,
&function_output_length ) );
- total_output_length += function_output_length;
- status = psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length );
- total_output_length += function_output_length;
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
+ output2_length += function_output_length;
- TEST_EQUAL( status, expected_status );
- if( expected_status == PSA_SUCCESS )
- {
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
- }
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ output2 + output2_length,
+ output2_buffer_size - output2_length,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
+ output2_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size,
+ output2, output2_length );
exit:
psa_cipher_abort( &operation );
- mbedtls_free( output );
+ mbedtls_free( output1 );
+ mbedtls_free( output2 );
psa_destroy_key( key );
PSA_DONE( );
}
@@ -3558,11 +2746,14 @@
data_t *input,
int first_part_size_arg,
int output1_length_arg, int output2_length_arg,
- data_t *expected_output )
+ data_t *expected_output,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ psa_status_t status;
+ psa_status_t expected_status = expected_status_arg;
size_t first_part_size = first_part_size_arg;
size_t output1_length = output1_length_arg;
size_t output2_length = output2_length_arg;
@@ -3589,8 +2780,8 @@
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
}
- output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) +
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -3598,24 +2789,50 @@
output, output_buffer_size,
&function_output_length ) );
TEST_ASSERT( function_output_length == output1_length );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) );
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x + first_part_size,
- input->len - first_part_size,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_ASSERT( function_output_length == output2_length );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
+ if( first_part_size < input->len )
+ {
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ ( output_buffer_size == 0 ? NULL :
+ output + total_output_length ),
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length == output2_length );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
+ alg,
+ input->len - first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
+ total_output_length += function_output_length;
+ }
+
+ status = psa_cipher_finish( &operation,
+ ( output_buffer_size == 0 ? NULL :
+ output + total_output_length ),
+ output_buffer_size - total_output_length,
+ &function_output_length );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
+ total_output_length += function_output_length;
+ TEST_EQUAL( status, expected_status );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, total_output_length );
+ }
exit:
psa_cipher_abort( &operation );
@@ -3631,11 +2848,14 @@
data_t *input,
int first_part_size_arg,
int output1_length_arg, int output2_length_arg,
- data_t *expected_output )
+ data_t *expected_output,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ psa_status_t status;
+ psa_status_t expected_status = expected_status_arg;
size_t first_part_size = first_part_size_arg;
size_t output1_length = output1_length_arg;
size_t output2_length = output2_length_arg;
@@ -3662,8 +2882,8 @@
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
}
- output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) +
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -3672,86 +2892,47 @@
output, output_buffer_size,
&function_output_length ) );
TEST_ASSERT( function_output_length == output1_length );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x + first_part_size,
- input->len - first_part_size,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_ASSERT( function_output_length == output2_length );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
-
-exit:
- psa_cipher_abort( &operation );
- mbedtls_free( output );
- psa_destroy_key( key );
- PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_decrypt( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input, data_t *expected_output,
- int expected_status_arg )
-{
- mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
- psa_status_t status;
- psa_key_type_t key_type = key_type_arg;
- psa_algorithm_t alg = alg_arg;
- psa_status_t expected_status = expected_status_arg;
- unsigned char *output = NULL;
- size_t output_buffer_size = 0;
- size_t function_output_length = 0;
- size_t total_output_length = 0;
- psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
- PSA_ASSERT( psa_crypto_init( ) );
-
- psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
- psa_set_key_algorithm( &attributes, alg );
- psa_set_key_type( &attributes, key_type );
-
- PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &key ) );
-
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
-
- if( iv->len > 0 )
+ if( first_part_size < input->len )
{
- PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ ( output_buffer_size == 0 ? NULL :
+ output + total_output_length ),
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length == output2_length );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
+ alg,
+ input->len - first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
+ total_output_length += function_output_length;
}
- output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
- ASSERT_ALLOC( output, output_buffer_size );
-
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x, input->len,
- output, output_buffer_size,
- &function_output_length ) );
- total_output_length += function_output_length;
status = psa_cipher_finish( &operation,
- output + total_output_length,
+ ( output_buffer_size == 0 ? NULL :
+ output + total_output_length ),
output_buffer_size - total_output_length,
&function_output_length );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
total_output_length += function_output_length;
TEST_EQUAL( status, expected_status );
if( expected_status == PSA_SUCCESS )
{
PSA_ASSERT( psa_cipher_abort( &operation ) );
+
ASSERT_COMPARE( expected_output->x, expected_output->len,
output, total_output_length );
}
@@ -3765,25 +2946,132 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_verify_output( int alg_arg, int key_type_arg,
+void cipher_decrypt_fail( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
+ data_t *input_arg,
+ int expected_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_status_t status;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char *input = NULL;
+ size_t input_buffer_size = 0;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if ( PSA_ERROR_BAD_STATE != expected_status )
+ {
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ }
+
+ /* Allocate input buffer and copy the iv and the plaintext */
+ input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len );
+ if ( input_buffer_size > 0 )
+ {
+ ASSERT_ALLOC( input, input_buffer_size );
+ memcpy( input, iv->x, iv->len );
+ memcpy( input + iv->len, input_arg->x, input_arg->len );
+ }
+
+ output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output,
+ output_buffer_size, &output_length );
+ TEST_EQUAL( status, expected_status );
+
+exit:
+ mbedtls_free( input );
+ mbedtls_free( output );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
+ data_t *input_arg,
+ data_t *expected_output )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *input = NULL;
+ size_t input_buffer_size = 0;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ /* Allocate input buffer and copy the iv and the plaintext */
+ input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len );
+ if ( input_buffer_size > 0 )
+ {
+ ASSERT_ALLOC( input, input_buffer_size );
+ memcpy( input, iv->x, iv->len );
+ memcpy( input + iv->len, input_arg->x, input_arg->len );
+ }
+
+ output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ PSA_ASSERT( psa_cipher_decrypt( key, alg, input, input_buffer_size, output,
+ output_buffer_size, &output_length ) );
+ TEST_ASSERT( output_length <=
+ PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ) );
+ TEST_ASSERT( output_length <=
+ PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input_buffer_size ) );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, output_length );
+exit:
+ mbedtls_free( input );
+ mbedtls_free( output );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_verify_output( int alg_arg,
+ int key_type_arg,
data_t *key_data,
data_t *input )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
- unsigned char iv[16] = {0};
- size_t iv_size = 16;
- size_t iv_length = 0;
unsigned char *output1 = NULL;
size_t output1_size = 0;
size_t output1_length = 0;
unsigned char *output2 = NULL;
size_t output2_size = 0;
size_t output2_length = 0;
- size_t function_output_length = 0;
- psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT;
- psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
PSA_ASSERT( psa_crypto_init( ) );
@@ -3794,59 +3082,31 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
-
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) );
-
- if( alg != PSA_ALG_ECB_NO_PADDING )
- {
- PSA_ASSERT( psa_cipher_generate_iv( &operation1,
- iv, iv_size,
- &iv_length ) );
- }
- output1_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
ASSERT_ALLOC( output1, output1_size );
- PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
- output1, output1_size,
- &output1_length ) );
- PSA_ASSERT( psa_cipher_finish( &operation1,
- output1 + output1_length,
- output1_size - output1_length,
- &function_output_length ) );
-
- output1_length += function_output_length;
-
- PSA_ASSERT( psa_cipher_abort( &operation1 ) );
+ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len,
+ output1, output1_size,
+ &output1_length ) );
+ TEST_ASSERT( output1_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
+ TEST_ASSERT( output1_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
output2_size = output1_length;
ASSERT_ALLOC( output2, output2_size );
- if( iv_length > 0 )
- {
- PSA_ASSERT( psa_cipher_set_iv( &operation2,
- iv, iv_length ) );
- }
-
- PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
- output2, output2_size,
- &output2_length ) );
- function_output_length = 0;
- PSA_ASSERT( psa_cipher_finish( &operation2,
- output2 + output2_length,
- output2_size - output2_length,
- &function_output_length ) );
-
- output2_length += function_output_length;
-
- PSA_ASSERT( psa_cipher_abort( &operation2 ) );
+ PSA_ASSERT( psa_cipher_decrypt( key, alg, output1, output1_length,
+ output2, output2_size,
+ &output2_length ) );
+ TEST_ASSERT( output2_length <=
+ PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
+ TEST_ASSERT( output2_length <=
+ PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
ASSERT_COMPARE( input->x, input->len, output2, output2_length );
exit:
- psa_cipher_abort( &operation1 );
- psa_cipher_abort( &operation2 );
mbedtls_free( output1 );
mbedtls_free( output2 );
psa_destroy_key( key );
@@ -3898,8 +3158,9 @@
&iv_length ) );
}
- output1_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
+ TEST_ASSERT( output1_buffer_size <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
ASSERT_ALLOC( output1, output1_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -3907,6 +3168,10 @@
PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
output1, output1_buffer_size,
&function_output_length ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
output1_length += function_output_length;
PSA_ASSERT( psa_cipher_update( &operation1,
@@ -3914,17 +3179,31 @@
input->len - first_part_size,
output1, output1_buffer_size,
&function_output_length ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
+ alg,
+ input->len - first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len - first_part_size ) );
output1_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation1,
output1 + output1_length,
output1_buffer_size - output1_length,
&function_output_length ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
output1_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation1 ) );
output2_buffer_size = output1_length;
+ TEST_ASSERT( output2_buffer_size <=
+ PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
+ TEST_ASSERT( output2_buffer_size <=
+ PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
ASSERT_ALLOC( output2, output2_buffer_size );
if( iv_length > 0 )
@@ -3936,6 +3215,10 @@
PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
output2, output2_buffer_size,
&function_output_length ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
output2_length += function_output_length;
PSA_ASSERT( psa_cipher_update( &operation2,
@@ -3943,12 +3226,22 @@
output1_length - first_part_size,
output2, output2_buffer_size,
&function_output_length ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
+ alg,
+ output1_length - first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length - first_part_size ) );
output2_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation2,
output2 + output2_length,
output2_buffer_size - output2_length,
&function_output_length ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
output2_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation2 ) );
@@ -3976,23 +3269,16 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
unsigned char *output_data = NULL;
size_t output_size = 0;
size_t output_length = 0;
unsigned char *output_data2 = NULL;
size_t output_length2 = 0;
- size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_status_t expected_result = expected_result_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- output_size = input_data->len + tag_length;
- /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
- * should be exact. */
- if( expected_result != PSA_ERROR_INVALID_ARGUMENT )
- TEST_EQUAL( output_size,
- PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
- ASSERT_ALLOC( output_data, output_size );
-
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
@@ -4001,15 +3287,41 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
- TEST_EQUAL( psa_aead_encrypt( key, alg,
- nonce->x, nonce->len,
- additional_data->x,
- additional_data->len,
- input_data->x, input_data->len,
- output_data, output_size,
- &output_length ),
- expected_result );
+ output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+ * should be exact. */
+ if( expected_result != PSA_ERROR_INVALID_ARGUMENT &&
+ expected_result != PSA_ERROR_NOT_SUPPORTED )
+ {
+ TEST_EQUAL( output_size,
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
+ TEST_ASSERT( output_size <=
+ PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
+ }
+ ASSERT_ALLOC( output_data, output_size );
+
+ status = psa_aead_encrypt( key, alg,
+ nonce->x, nonce->len,
+ additional_data->x,
+ additional_data->len,
+ input_data->x, input_data->len,
+ output_data, output_size,
+ &output_length );
+
+ /* If the operation is not supported, just skip and not fail in case the
+ * encryption involves a common limitation of cryptography hardwares and
+ * an alternative implementation. */
+ if( status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 );
+ MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len );
+ }
+
+ TEST_EQUAL( status, expected_result );
if( PSA_SUCCESS == expected_result )
{
@@ -4018,7 +3330,10 @@
/* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
* should be exact. */
TEST_EQUAL( input_data->len,
- PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) );
+ PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, output_length ) );
+
+ TEST_ASSERT( input_data->len <=
+ PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) );
TEST_EQUAL( psa_aead_decrypt( key, alg,
nonce->x, nonce->len,
@@ -4052,18 +3367,12 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
unsigned char *output_data = NULL;
size_t output_size = 0;
size_t output_length = 0;
- size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
- output_size = input_data->len + tag_length;
- /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
- * should be exact. */
- TEST_EQUAL( output_size,
- PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
- ASSERT_ALLOC( output_data, output_size );
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
PSA_ASSERT( psa_crypto_init( ) );
@@ -4073,14 +3382,36 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
- PSA_ASSERT( psa_aead_encrypt( key, alg,
- nonce->x, nonce->len,
- additional_data->x, additional_data->len,
- input_data->x, input_data->len,
- output_data, output_size,
- &output_length ) );
+ output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+ * should be exact. */
+ TEST_EQUAL( output_size,
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
+ TEST_ASSERT( output_size <=
+ PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
+ ASSERT_ALLOC( output_data, output_size );
+ status = psa_aead_encrypt( key, alg,
+ nonce->x, nonce->len,
+ additional_data->x, additional_data->len,
+ input_data->x, input_data->len,
+ output_data, output_size,
+ &output_length );
+
+ /* If the operation is not supported, just skip and not fail in case the
+ * encryption involves a common limitation of cryptography hardwares and
+ * an alternative implementation. */
+ if( status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 );
+ MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len );
+ }
+
+ PSA_ASSERT( status );
ASSERT_COMPARE( expected_result->x, expected_result->len,
output_data, output_length );
@@ -4103,20 +3434,13 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
unsigned char *output_data = NULL;
size_t output_size = 0;
size_t output_length = 0;
- size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t expected_result = expected_result_arg;
-
- output_size = input_data->len - tag_length;
- /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
- * should be exact. */
- if( expected_result != PSA_ERROR_INVALID_ARGUMENT )
- TEST_EQUAL( output_size,
- PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, input_data->len ) );
- ASSERT_ALLOC( output_data, output_size );
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
PSA_ASSERT( psa_crypto_init( ) );
@@ -4126,15 +3450,41 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
- TEST_EQUAL( psa_aead_decrypt( key, alg,
- nonce->x, nonce->len,
- additional_data->x,
- additional_data->len,
- input_data->x, input_data->len,
- output_data, output_size,
- &output_length ),
- expected_result );
+ output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ if( expected_result != PSA_ERROR_INVALID_ARGUMENT &&
+ expected_result != PSA_ERROR_NOT_SUPPORTED )
+ {
+ /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
+ * should be exact. */
+ TEST_EQUAL( output_size,
+ PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
+ TEST_ASSERT( output_size <=
+ PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
+ }
+ ASSERT_ALLOC( output_data, output_size );
+
+ status = psa_aead_decrypt( key, alg,
+ nonce->x, nonce->len,
+ additional_data->x,
+ additional_data->len,
+ input_data->x, input_data->len,
+ output_data, output_size,
+ &output_length );
+
+ /* If the operation is not supported, just skip and not fail in case the
+ * decryption involves a common limitation of cryptography hardwares and
+ * an alternative implementation. */
+ if( status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 );
+ MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len );
+ }
+
+ TEST_EQUAL( status, expected_result );
if( expected_result == PSA_SUCCESS )
ASSERT_COMPARE( expected_data->x, expected_data->len,
@@ -4169,9 +3519,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void sign_deterministic( int key_type_arg, data_t *key_data,
- int alg_arg, data_t *input_data,
- data_t *output_data )
+void sign_hash_deterministic( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *input_data,
+ data_t *output_data )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
@@ -4235,9 +3585,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void sign_fail( int key_type_arg, data_t *key_data,
- int alg_arg, data_t *input_data,
- int signature_size_arg, int expected_status_arg )
+void sign_hash_fail( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *input_data,
+ int signature_size_arg, int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
@@ -4290,8 +3640,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void sign_verify( int key_type_arg, data_t *key_data,
- int alg_arg, data_t *input_data )
+void sign_verify_hash( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *input_data )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
@@ -4361,9 +3711,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void asymmetric_verify( int key_type_arg, data_t *key_data,
- int alg_arg, data_t *hash_data,
- data_t *signature_data )
+void verify_hash( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *hash_data,
+ data_t *signature_data )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
@@ -4401,10 +3751,10 @@
/* END_CASE */
/* BEGIN_CASE */
-void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
- int alg_arg, data_t *hash_data,
- data_t *signature_data,
- int expected_status_arg )
+void verify_hash_fail( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *hash_data,
+ data_t *signature_data,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
@@ -4442,6 +3792,239 @@
/* END_CASE */
/* BEGIN_CASE */
+void sign_message_deterministic( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input_data,
+ data_t *output_data )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
+ unsigned char *signature = NULL;
+ size_t signature_size;
+ size_t signature_length = 0xdeadbeef;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
+ signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg );
+ TEST_ASSERT( signature_size != 0 );
+ TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE );
+ ASSERT_ALLOC( signature, signature_size );
+
+ PSA_ASSERT( psa_sign_message( key, alg,
+ input_data->x, input_data->len,
+ signature, signature_size,
+ &signature_length ) );
+
+ ASSERT_COMPARE( output_data->x, output_data->len,
+ signature, signature_length );
+
+exit:
+ psa_reset_key_attributes( &attributes );
+
+ psa_destroy_key( key );
+ mbedtls_free( signature );
+ PSA_DONE( );
+
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_message_fail( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input_data,
+ int signature_size_arg,
+ int expected_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t signature_size = signature_size_arg;
+ psa_status_t actual_status;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char *signature = NULL;
+ size_t signature_length = 0xdeadbeef;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ ASSERT_ALLOC( signature, signature_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ actual_status = psa_sign_message( key, alg,
+ input_data->x, input_data->len,
+ signature, signature_size,
+ &signature_length );
+ TEST_EQUAL( actual_status, expected_status );
+ /* The value of *signature_length is unspecified on error, but
+ * whatever it is, it should be less than signature_size, so that
+ * if the caller tries to read *signature_length bytes without
+ * checking the error code then they don't overflow a buffer. */
+ TEST_ASSERT( signature_length <= signature_size );
+
+exit:
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ mbedtls_free( signature );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_verify_message( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input_data )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
+ unsigned char *signature = NULL;
+ size_t signature_size;
+ size_t signature_length = 0xdeadbeef;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE |
+ PSA_KEY_USAGE_VERIFY_MESSAGE );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
+ signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg );
+ TEST_ASSERT( signature_size != 0 );
+ TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE );
+ ASSERT_ALLOC( signature, signature_size );
+
+ PSA_ASSERT( psa_sign_message( key, alg,
+ input_data->x, input_data->len,
+ signature, signature_size,
+ &signature_length ) );
+ TEST_ASSERT( signature_length <= signature_size );
+ TEST_ASSERT( signature_length > 0 );
+
+ PSA_ASSERT( psa_verify_message( key, alg,
+ input_data->x, input_data->len,
+ signature, signature_length ) );
+
+ if( input_data->len != 0 )
+ {
+ /* Flip a bit in the input and verify that the signature is now
+ * detected as invalid. Flip a bit at the beginning, not at the end,
+ * because ECDSA may ignore the last few bits of the input. */
+ input_data->x[0] ^= 1;
+ TEST_EQUAL( psa_verify_message( key, alg,
+ input_data->x, input_data->len,
+ signature, signature_length ),
+ PSA_ERROR_INVALID_SIGNATURE );
+ }
+
+exit:
+ psa_reset_key_attributes( &attributes );
+
+ psa_destroy_key( key );
+ mbedtls_free( signature );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void verify_message( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input_data,
+ data_t *signature_data )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ TEST_ASSERT( signature_data->len <= PSA_SIGNATURE_MAX_SIZE );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ PSA_ASSERT( psa_verify_message( key, alg,
+ input_data->x, input_data->len,
+ signature_data->x, signature_data->len ) );
+
+exit:
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void verify_message_fail( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *hash_data,
+ data_t *signature_data,
+ int expected_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t actual_status;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ actual_status = psa_verify_message( key, alg,
+ hash_data->x, hash_data->len,
+ signature_data->x,
+ signature_data->len );
+ TEST_EQUAL( actual_status, expected_status );
+
+exit:
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void asymmetric_encrypt( int key_type_arg,
data_t *key_data,
int alg_arg,
@@ -4474,7 +4057,9 @@
/* Determine the maximum output length */
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
+
output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
+ TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE );
ASSERT_ALLOC( output, output_size );
/* Encrypt the input */
@@ -4546,9 +4131,15 @@
/* Determine the maximum ciphertext length */
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
+
output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
+ TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE );
ASSERT_ALLOC( output, output_size );
+
output2_size = input_data->len;
+ TEST_ASSERT( output2_size <=
+ PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ) );
+ TEST_ASSERT( output2_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE );
ASSERT_ALLOC( output2, output2_size );
/* We test encryption by checking that encrypt-then-decrypt gives back
@@ -4596,14 +4187,12 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
unsigned char *output = NULL;
size_t output_size = 0;
size_t output_length = ~0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- output_size = expected_data->len;
- ASSERT_ALLOC( output, output_size );
-
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
@@ -4613,6 +4202,14 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
+ /* Determine the maximum ciphertext length */
+ output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
+ TEST_ASSERT( output_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE );
+ ASSERT_ALLOC( output, output_size );
+
PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
input_data->x, input_data->len,
label->x, label->len,
@@ -4815,7 +4412,12 @@
for( i = 0; i < ARRAY_LENGTH( steps ); i++ )
{
- if( key_types[i] != PSA_KEY_TYPE_NONE )
+ mbedtls_test_set_step( i );
+ if( steps[i] == 0 )
+ {
+ /* Skip this step */
+ }
+ else if( key_types[i] != PSA_KEY_TYPE_NONE )
{
psa_set_key_type( &attributes, key_types[i] );
PSA_ASSERT( psa_import_key( &attributes,
@@ -4826,7 +4428,8 @@
{
// When taking a private key as secret input, use key agreement
// to add the shared secret to the derivation
- TEST_EQUAL( key_agreement_with_self( &operation, keys[i] ),
+ TEST_EQUAL( mbedtls_test_psa_key_agreement_with_self(
+ &operation, keys[i] ),
expected_statuses[i] );
}
else
@@ -4873,7 +4476,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void test_derive_invalid_key_derivation_state( int alg_arg )
+void derive_over_capacity( int alg_arg )
{
psa_algorithm_t alg = alg_arg;
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -4901,10 +4504,10 @@
&key ) );
/* valid key derivation */
- if( !setup_key_derivation_wrap( &operation, key, alg,
- input1, input1_length,
- input2, input2_length,
- capacity ) )
+ if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg,
+ input1, input1_length,
+ input2, input2_length,
+ capacity ) )
goto exit;
/* state of operation shouldn't allow additional generation */
@@ -4924,7 +4527,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void test_derive_invalid_key_derivation_tests( )
+void derive_actions_without_setup( )
{
uint8_t output_buffer[16];
size_t buffer_size = 16;
@@ -5009,6 +4612,14 @@
PSA_ASSERT( psa_import_key( &attributes,
inputs[i]->x, inputs[i]->len,
&keys[i] ) );
+
+ if ( PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
+ {
+ PSA_ASSERT( psa_get_key_attributes( keys[i], &attributes ) );
+ TEST_ASSERT( PSA_BITS_TO_BYTES( psa_get_key_bits( &attributes ) ) <=
+ PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE );
+ }
+
PSA_ASSERT( psa_key_derivation_input_key(
&operation, steps[i], keys[i] ) );
break;
@@ -5093,10 +4704,10 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
- if( !setup_key_derivation_wrap( &operation, key, alg,
- input1->x, input1->len,
- input2->x, input2->len,
- requested_capacity ) )
+ if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg,
+ input1->x, input1->len,
+ input2->x, input2->len,
+ requested_capacity ) )
goto exit;
PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
@@ -5162,9 +4773,10 @@
&base_key ) );
/* Derive a key. */
- if ( setup_key_derivation_wrap( &operation, base_key, alg,
- input1->x, input1->len,
- input2->x, input2->len, capacity ) )
+ if ( mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg,
+ input1->x, input1->len,
+ input2->x, input2->len,
+ capacity ) )
goto exit;
psa_set_key_usage_flags( &attributes, derived_usage );
@@ -5180,7 +4792,7 @@
TEST_EQUAL( psa_get_key_bits( &got_attributes ), derived_bits );
/* Exercise the derived key. */
- if( ! exercise_key( derived_key, derived_usage, derived_alg ) )
+ if( ! mbedtls_test_psa_exercise_key( derived_key, derived_usage, derived_alg ) )
goto exit;
exit:
@@ -5229,9 +4841,10 @@
&base_key ) );
/* Derive some material and output it. */
- if( !setup_key_derivation_wrap( &operation, base_key, alg,
- input1->x, input1->len,
- input2->x, input2->len, capacity ) )
+ if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg,
+ input1->x, input1->len,
+ input2->x, input2->len,
+ capacity ) )
goto exit;
PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
@@ -5240,9 +4853,10 @@
PSA_ASSERT( psa_key_derivation_abort( &operation ) );
/* Derive the same output again, but this time store it in key objects. */
- if( !setup_key_derivation_wrap( &operation, base_key, alg,
- input1->x, input1->len,
- input2->x, input2->len, capacity ) )
+ if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg,
+ input1->x, input1->len,
+ input2->x, input2->len,
+ capacity ) )
goto exit;
psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT );
@@ -5282,7 +4896,8 @@
void derive_key( int alg_arg,
data_t *key_data, data_t *input1, data_t *input2,
int type_arg, int bits_arg,
- int expected_status_arg )
+ int expected_status_arg,
+ int is_large_output )
{
mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -5302,18 +4917,24 @@
PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len,
&base_key ) );
- if( !setup_key_derivation_wrap( &operation, base_key, alg,
- input1->x, input1->len,
- input2->x, input2->len, SIZE_MAX ) )
+ if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg,
+ input1->x, input1->len,
+ input2->x, input2->len,
+ SIZE_MAX ) )
goto exit;
psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT );
psa_set_key_algorithm( &derived_attributes, 0 );
psa_set_key_type( &derived_attributes, type );
psa_set_key_bits( &derived_attributes, bits );
- TEST_EQUAL( psa_key_derivation_output_key( &derived_attributes, &operation,
- &derived_key ),
- expected_status );
+
+ psa_status_t status =
+ psa_key_derivation_output_key( &derived_attributes,
+ &operation,
+ &derived_key );
+ if( is_large_output > 0 )
+ TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY );
+ TEST_EQUAL( status, expected_status );
exit:
psa_key_derivation_abort( &operation );
@@ -5384,6 +5005,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
unsigned char *output = NULL;
size_t output_length = ~0;
+ size_t key_bits;
ASSERT_ALLOC( output, expected_output->len );
PSA_ASSERT( psa_crypto_init( ) );
@@ -5395,12 +5017,19 @@
our_key_data->x, our_key_data->len,
&our_key ) );
+ PSA_ASSERT( psa_get_key_attributes( our_key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
PSA_ASSERT( psa_raw_key_agreement( alg, our_key,
peer_key_data->x, peer_key_data->len,
output, expected_output->len,
&output_length ) );
ASSERT_COMPARE( output, output_length,
expected_output->x, expected_output->len );
+ TEST_ASSERT( output_length <=
+ PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ) );
+ TEST_ASSERT( output_length <=
+ PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE );
exit:
mbedtls_free( output );
@@ -5533,7 +5162,6 @@
void generate_random( int bytes_arg )
{
size_t bytes = bytes_arg;
- const unsigned char trail[] = "don't overwrite me";
unsigned char *output = NULL;
unsigned char *changed = NULL;
size_t i;
@@ -5541,9 +5169,8 @@
TEST_ASSERT( bytes_arg >= 0 );
- ASSERT_ALLOC( output, bytes + sizeof( trail ) );
+ ASSERT_ALLOC( output, bytes );
ASSERT_ALLOC( changed, bytes );
- memcpy( output + bytes, trail, sizeof( trail ) );
PSA_ASSERT( psa_crypto_init( ) );
@@ -5556,10 +5183,6 @@
memset( output, 0, bytes );
PSA_ASSERT( psa_generate_random( output, bytes ) );
- /* Check that no more than bytes have been overwritten */
- ASSERT_COMPARE( output + bytes, sizeof( trail ),
- trail, sizeof( trail ) );
-
for( i = 0; i < bytes; i++ )
{
if( output[i] != 0 )
@@ -5587,7 +5210,8 @@
int bits_arg,
int usage_arg,
int alg_arg,
- int expected_status_arg )
+ int expected_status_arg,
+ int is_large_key )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = type_arg;
@@ -5606,7 +5230,11 @@
psa_set_key_bits( &attributes, bits );
/* Generate a key */
- TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status );
+ psa_status_t status = psa_generate_key( &attributes, &key );
+
+ if( is_large_key > 0 )
+ TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY );
+ TEST_EQUAL( status , expected_status );
if( expected_status != PSA_SUCCESS )
goto exit;
@@ -5616,7 +5244,7 @@
TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits );
/* Do something with the key according to its type and permitted usage. */
- if( ! exercise_key( key, usage, alg ) )
+ if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) )
goto exit;
exit:
@@ -5631,7 +5259,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 */
+/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:MBEDTLS_GENPRIME */
void generate_key_rsa( int bits_arg,
data_t *e_arg,
int expected_status_arg )
@@ -5645,7 +5273,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t *exported = NULL;
size_t exported_size =
- PSA_KEY_EXPORT_MAX_SIZE( PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits );
+ PSA_EXPORT_KEY_OUTPUT_SIZE( PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits );
size_t exported_length = SIZE_MAX;
uint8_t *e_read_buffer = NULL;
int is_default_public_exponent = 0;
@@ -5688,7 +5316,7 @@
ASSERT_COMPARE( e_read_buffer, e_read_length, e_arg->x, e_arg->len );
/* Do something with the key according to its type and permitted usage. */
- if( ! exercise_key( key, usage, alg ) )
+ if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) )
goto exit;
/* Export the key and check the public exponent. */
@@ -5706,7 +5334,7 @@
TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_SEQUENCE |
MBEDTLS_ASN1_CONSTRUCTED ) );
- TEST_ASSERT( asn1_skip_integer( &p, end, bits, bits, 1 ) );
+ TEST_ASSERT( mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) );
TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_INTEGER ) );
if( len >= 1 && p[0] == 0 )
@@ -5756,7 +5384,7 @@
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
unsigned char *first_export = NULL;
unsigned char *second_export = NULL;
- size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
+ size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE( type, bits );
size_t first_exported_length;
size_t second_exported_length;
@@ -5788,6 +5416,7 @@
break;
case DERIVE_KEY:
+#if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256)
{
/* Create base key */
psa_algorithm_t derive_alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 );
@@ -5814,7 +5443,14 @@
PSA_ASSERT( psa_destroy_key( base_key ) );
base_key = MBEDTLS_SVC_KEY_ID_INIT;
}
- break;
+#else
+ TEST_ASSUME( ! "KDF not supported in this configuration" );
+#endif
+ break;
+
+ default:
+ TEST_ASSERT( ! "generation_method not implemented in test" );
+ break;
}
psa_reset_key_attributes( &attributes );
@@ -5842,7 +5478,8 @@
PSA_KEY_LIFETIME_PERSISTENT );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( usage_flags ) );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
/* Export the key again if permitted by the key policy. */
@@ -5856,7 +5493,7 @@
}
/* Do something with the key according to its type and permitted usage. */
- if( ! exercise_key( key, usage_flags, alg ) )
+ if( ! mbedtls_test_psa_exercise_key( key, usage_flags, alg ) )
goto exit;
exit:
diff --git a/tests/suites/test_suite_psa_crypto_attributes.data b/tests/suites/test_suite_psa_crypto_attributes.data
new file mode 100644
index 0000000..a710971
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_attributes.data
@@ -0,0 +1,27 @@
+PSA key attributes structure
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+attributes_set_get:0xffff1234:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
+
+PSA key attributes: id only
+persistence_attributes:0x1234:0x5678:-1:-1:0:0x1234:0x5678:PSA_KEY_LIFETIME_PERSISTENT
+
+PSA key attributes: lifetime=3 only
+persistence_attributes:-1:0:3:-1:0:0:0:3
+
+PSA key attributes: id then back to volatile
+persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE
+
+PSA key attributes: id then back to non local volatile
+persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1):-1:0:0:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1)
+
+PSA key attributes: id then lifetime
+persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3
+
+PSA key attributes: lifetime then id
+persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3
+
+PSA key attributes: non local volatile lifetime then id
+persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,3):0x1235:0x5679:0x1235:0x5679:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT,3)
+
+PSA key attributes: slot number
+slot_number_attribute:
diff --git a/tests/suites/test_suite_psa_crypto_attributes.function b/tests/suites/test_suite_psa_crypto_attributes.function
new file mode 100644
index 0000000..ce34fae
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_attributes.function
@@ -0,0 +1,129 @@
+/* BEGIN_HEADER */
+#include "psa/crypto.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_CLIENT
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg,
+ int usage_flags_arg, int alg_arg,
+ int type_arg, int bits_arg )
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_usage_t usage_flags = usage_flags_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_type_t type = type_arg;
+ size_t bits = bits_arg;
+
+ TEST_EQUAL(
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
+ TEST_EQUAL(
+ MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
+ TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
+ TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
+ TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
+ TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
+
+ psa_set_key_id( &attributes, id );
+ psa_set_key_lifetime( &attributes, lifetime );
+ psa_set_key_usage_flags( &attributes, usage_flags );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, type );
+ psa_set_key_bits( &attributes, bits );
+
+ TEST_ASSERT( mbedtls_svc_key_id_equal(
+ psa_get_key_id( &attributes ), id ) );
+ TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
+ TEST_EQUAL( psa_get_key_type( &attributes ), type );
+ TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
+
+ psa_reset_key_attributes( &attributes );
+
+ TEST_EQUAL(
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
+ TEST_EQUAL(
+ MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
+ TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
+ TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
+ TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
+ TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistence_attributes( int id1_arg, int owner_id1_arg, int lifetime_arg,
+ int id2_arg, int owner_id2_arg,
+ int expected_id_arg, int expected_owner_id_arg,
+ int expected_lifetime_arg )
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_svc_key_id_t id1 =
+ mbedtls_svc_key_id_make( owner_id1_arg, id1_arg );
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ mbedtls_svc_key_id_t id2 =
+ mbedtls_svc_key_id_make( owner_id2_arg, id2_arg );
+ mbedtls_svc_key_id_t expected_id =
+ mbedtls_svc_key_id_make( expected_owner_id_arg, expected_id_arg );
+ psa_key_lifetime_t expected_lifetime = expected_lifetime_arg;
+
+ if( id1_arg != -1 )
+ psa_set_key_id( &attributes, id1 );
+ if( lifetime_arg != -1 )
+ psa_set_key_lifetime( &attributes, lifetime );
+ if( id2_arg != -1 )
+ psa_set_key_id( &attributes, id2 );
+
+ TEST_ASSERT( mbedtls_svc_key_id_equal(
+ psa_get_key_id( &attributes ), expected_id ) );
+ TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */
+void slot_number_attribute( )
+{
+ psa_key_slot_number_t slot_number = 0xdeadbeef;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ /* Initially, there is no slot number. */
+ TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
+ PSA_ERROR_INVALID_ARGUMENT );
+
+ /* Test setting a slot number. */
+ psa_set_key_slot_number( &attributes, 0 );
+ PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
+ TEST_EQUAL( slot_number, 0 );
+
+ /* Test changing the slot number. */
+ psa_set_key_slot_number( &attributes, 42 );
+ PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
+ TEST_EQUAL( slot_number, 42 );
+
+ /* Test clearing the slot number. */
+ psa_clear_key_slot_number( &attributes );
+ TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
+ PSA_ERROR_INVALID_ARGUMENT );
+
+ /* Clearing again should have no effect. */
+ psa_clear_key_slot_number( &attributes );
+ TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
+ PSA_ERROR_INVALID_ARGUMENT );
+
+ /* Test that reset clears the slot number. */
+ psa_set_key_slot_number( &attributes, 42 );
+ PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
+ TEST_EQUAL( slot_number, 42 );
+ psa_reset_key_attributes( &attributes );
+ TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
+ PSA_ERROR_INVALID_ARGUMENT );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
index 2b1400b..ead7a69 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -1,32 +1,68 @@
sign_hash through transparent driver: calculate in driver
-ecdsa_sign:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
+ecdsa_sign_hash:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
sign_hash through transparent driver: fallback
-ecdsa_sign:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+ecdsa_sign_hash:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
sign_hash through transparent driver: error
-ecdsa_sign:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR
+ecdsa_sign_hash:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR
sign_hash through transparent driver: fake
-ecdsa_sign:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS
+ecdsa_sign_hash:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS
verify_hash using private key through transparent driver: calculate in driver
-ecdsa_verify:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
+ecdsa_verify_hash:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
verify_hash using private key through transparent driver: fallback
-ecdsa_verify:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+ecdsa_verify_hash:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
verify_hash using private key through transparent driver: error
-ecdsa_verify:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
+ecdsa_verify_hash:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
verify_hash using public key through transparent driver: calculate in driver
-ecdsa_verify:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
+ecdsa_verify_hash:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
verify_hash using public key through transparent driver: fallback
-ecdsa_verify:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+ecdsa_verify_hash:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
verify_hash using public key through transparent driver: error
-ecdsa_verify:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
+ecdsa_verify_hash:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
+
+sign_message through transparent driver: calculate in driver
+ecdsa_sign_message:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS
+
+sign_message through transparent driver: fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+ecdsa_sign_message:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS
+
+sign_message through transparent driver: error
+ecdsa_sign_message:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_ERROR_GENERIC_ERROR
+
+sign_message through transparent driver: fake
+ecdsa_sign_message:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS
+
+verify_message using private key through transparent driver: calculate in driver
+ecdsa_verify_message:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS
+
+verify_message using private key through transparent driver: fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+ecdsa_verify_message:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS
+
+verify_message using private key through transparent driver: error
+ecdsa_verify_message:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR
+
+verify_message using public key through transparent driver: calculate in driver
+ecdsa_verify_message:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS
+
+verify_message using public key through transparent driver: fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+ecdsa_verify_message:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS
+
+verify_message using public key through transparent driver: error
+ecdsa_verify_message:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR
generate_key through transparent driver: fake
generate_key:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_SUCCESS
@@ -35,153 +71,370 @@
generate_key:PSA_SUCCESS:"":PSA_SUCCESS
generate_key through transparent driver: fallback
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR
generate_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_SUCCESS
+generate_key through transparent driver: fallback not available
+depends_on:!MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR
+generate_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_ERROR_NOT_SUPPORTED
+
generate_key through transparent driver: error
generate_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR
validate key through transparent driver: good private key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
validate key through transparent driver: good public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
validate key through transparent driver: fallback private key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
validate key through transparent driver: fallback public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
validate key through transparent driver: error
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
export_key private to public through driver: fake
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
export_key:PSA_SUCCESS:"0102030405":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_SUCCESS
export_key private to public through driver: in-driver
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
export_key:PSA_SUCCESS:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
export_key private to public through driver: fallback
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
export_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
export_key private to public through driver: error
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR
-PSA symmetric encrypt: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric encrypt: AES-CTR, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
-PSA symmetric encrypt: AES-CTR, 16 bytes, fallback
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric encrypt: AES-CTR, 15 bytes, fallback
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
-PSA symmetric encrypt: AES-CTR, 16 bytes, fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
-PSA symmetric encrypt: AES-CTR, 15 bytes, fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, fallback
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+
PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
Cipher driver: negative testing on all entry points
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_entry_points:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_SUCCESS
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, fallback
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, INSUFFICIENT_MEMORY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_SUCCESS
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, fallback
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, INSUFFICIENT_MEMORY
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA AEAD decrypt: AES-CCM, 39 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 39 bytes, fallback
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD decrypt: AES-CCM, 39 bytes, INSUFFICIENT_MEMORY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #1, fallback
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA MAC sign, through driver: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_SUCCESS
+
+PSA MAC sign, fallback: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_BUILTIN_ALG_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC sign, driver reports error: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_ERROR_GENERIC_ERROR
+
+PSA MAC sign, through driver: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_ACCEL_ALG_CMAC
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_SUCCESS
+
+PSA MAC sign, fallback: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC sign, driver reports error: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_GENERIC_ERROR
+
+PSA MAC verify, through driver: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_SUCCESS
+
+PSA MAC verify, fallback: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_BUILTIN_ALG_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC verify, driver reports error: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_ERROR_GENERIC_ERROR
+
+PSA MAC verify, through driver: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_ACCEL_ALG_CMAC
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_SUCCESS
+
+PSA MAC verify, fallback: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC verify, driver reports error: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_GENERIC_ERROR
+
+PSA opaque driver builtin key export: AES
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: AES (registered to ID_MAX-1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: AES (registered to ID_MAX)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: key ID out of range (ID_MIN - 1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE
+
+PSA opaque driver builtin key export: key ID out of range (ID_MAX + 1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE
+
+PSA opaque driver builtin key export: secp256r1
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"dc7d9d26d67a4f632c34c2dc0b6986183882c206df04cdb7d69aabe28be4f81a":PSA_SUCCESS
+
+PSA opaque driver builtin pubkey export: secp256r1
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_SUCCESS
+
+PSA opaque driver builtin pubkey export: not a public key
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_ERROR_INVALID_ARGUMENT
+
+Hash compute: SHA-256, computed by the driver
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS
+
+Hash compute: SHA-256, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+Hash compute: SHA-256, no fallback
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
+
+Hash compute: SHA-256, INSUFFICIENT_MEMORY
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY
+
+Hash multi-part setup: SHA-256, computed by the driver
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS
+
+Hash multi-part setup: SHA-256, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+Hash multi-part setup: SHA-256, no fallback
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
+
+Hash multi-part setup: SHA-256, INSUFFICIENT_MEMORY
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY
+
+Hash multi-part update: SHA-256, update successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash multi-part update: SHA-256, update failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
+
+Hash multi-part finish: SHA-256, finish successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash multi-part finish: SHA-256, finish failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
+
+Hash clone: SHA-256, clone successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash clone: SHA-256, clone failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index 6d20eff..6d78ad5 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -1,6 +1,4 @@
/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
-
#include "test/drivers/test_driver.h"
/* END_HEADER */
@@ -9,13 +7,13 @@
* END_DEPENDENCIES
*/
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void ecdsa_sign( int force_status_arg,
- data_t *key_input,
- data_t *data_input,
- data_t *expected_output,
- int fake_output,
- int expected_status_arg )
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */
+void ecdsa_sign_hash( int force_status_arg,
+ data_t *key_input,
+ data_t *data_input,
+ data_t *expected_output,
+ int fake_output,
+ int expected_status_arg )
{
psa_status_t force_status = force_status_arg;
psa_status_t expected_status = expected_status_arg;
@@ -25,22 +23,25 @@
uint8_t signature[64];
size_t signature_length = 0xdeadbeef;
psa_status_t actual_status;
- test_driver_signature_sign_hooks = test_driver_signature_hooks_init();
+ mbedtls_test_driver_signature_sign_hooks =
+ mbedtls_test_driver_signature_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_type( &attributes,
- PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) );
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
psa_set_key_algorithm( &attributes, alg );
psa_import_key( &attributes,
key_input->x, key_input->len,
&key );
- test_driver_signature_sign_hooks.forced_status = force_status;
+ mbedtls_test_driver_signature_sign_hooks.forced_status = force_status;
if( fake_output == 1 )
{
- test_driver_signature_sign_hooks.forced_output = expected_output->x;
- test_driver_signature_sign_hooks.forced_output_length = expected_output->len;
+ mbedtls_test_driver_signature_sign_hooks.forced_output =
+ expected_output->x;
+ mbedtls_test_driver_signature_sign_hooks.forced_output_length =
+ expected_output->len;
}
actual_status = psa_sign_hash( key, alg,
@@ -53,37 +54,39 @@
ASSERT_COMPARE( signature, signature_length,
expected_output->x, expected_output->len );
}
- TEST_EQUAL( test_driver_signature_sign_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 );
exit:
psa_reset_key_attributes( &attributes );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_signature_sign_hooks = test_driver_signature_hooks_init();
+ mbedtls_test_driver_signature_sign_hooks =
+ mbedtls_test_driver_signature_hooks_init();
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void ecdsa_verify( int force_status_arg,
- int register_public_key,
- data_t *key_input,
- data_t *data_input,
- data_t *signature_input,
- int expected_status_arg )
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */
+void ecdsa_verify_hash( int force_status_arg,
+ int register_public_key,
+ data_t *key_input,
+ data_t *data_input,
+ data_t *signature_input,
+ int expected_status_arg )
{
psa_status_t force_status = force_status_arg;
psa_status_t expected_status = expected_status_arg;
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 );
+ psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 );
psa_status_t actual_status;
- test_driver_signature_verify_hooks = test_driver_signature_hooks_init();
+ mbedtls_test_driver_signature_verify_hooks =
+ mbedtls_test_driver_signature_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
if( register_public_key )
{
psa_set_key_type( &attributes,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_CURVE_SECP_R1 ) );
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
psa_set_key_algorithm( &attributes, alg );
psa_import_key( &attributes,
@@ -93,7 +96,7 @@
else
{
psa_set_key_type( &attributes,
- PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) );
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
psa_set_key_algorithm( &attributes, alg );
psa_import_key( &attributes,
@@ -101,23 +104,142 @@
&key );
}
- test_driver_signature_verify_hooks.forced_status = force_status;
+ mbedtls_test_driver_signature_verify_hooks.forced_status = force_status;
actual_status = psa_verify_hash( key, alg,
data_input->x, data_input->len,
signature_input->x, signature_input->len );
TEST_EQUAL( actual_status, expected_status );
- TEST_EQUAL( test_driver_signature_verify_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 );
exit:
psa_reset_key_attributes( &attributes );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_signature_verify_hooks = test_driver_signature_hooks_init();
+ mbedtls_test_driver_signature_verify_hooks =
+ mbedtls_test_driver_signature_hooks_init();
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */
+void ecdsa_sign_message( int force_status_arg,
+ data_t *key_input,
+ data_t *data_input,
+ data_t *expected_output,
+ int fake_output,
+ int expected_status_arg )
+{
+ psa_status_t force_status = force_status_arg;
+ psa_status_t expected_status = expected_status_arg;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 );
+ uint8_t signature[64];
+ size_t signature_length = 0xdeadbeef;
+ psa_status_t actual_status;
+ mbedtls_test_driver_signature_sign_hooks =
+ mbedtls_test_driver_signature_hooks_init();
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ psa_set_key_type( &attributes,
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_import_key( &attributes,
+ key_input->x, key_input->len,
+ &key );
+
+ mbedtls_test_driver_signature_sign_hooks.forced_status = force_status;
+ if( fake_output == 1 )
+ {
+ mbedtls_test_driver_signature_sign_hooks.forced_output =
+ expected_output->x;
+ mbedtls_test_driver_signature_sign_hooks.forced_output_length =
+ expected_output->len;
+ }
+
+ actual_status = psa_sign_message( key, alg,
+ data_input->x, data_input->len,
+ signature, sizeof( signature ),
+ &signature_length );
+ TEST_EQUAL( actual_status, expected_status );
+ if( expected_status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( signature, signature_length,
+ expected_output->x, expected_output->len );
+ }
+ /* In the builtin algorithm the driver is called twice. */
+ TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits,
+ force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 );
+
+exit:
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ PSA_DONE( );
+ mbedtls_test_driver_signature_sign_hooks =
+ mbedtls_test_driver_signature_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */
+void ecdsa_verify_message( int force_status_arg,
+ int register_public_key,
+ data_t *key_input,
+ data_t *data_input,
+ data_t *signature_input,
+ int expected_status_arg )
+{
+ psa_status_t force_status = force_status_arg;
+ psa_status_t expected_status = expected_status_arg;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 );
+ psa_status_t actual_status;
+ mbedtls_test_driver_signature_verify_hooks =
+ mbedtls_test_driver_signature_hooks_init();
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ if( register_public_key )
+ {
+ psa_set_key_type( &attributes,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ) );
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_import_key( &attributes,
+ key_input->x, key_input->len,
+ &key );
+ }
+ else
+ {
+ psa_set_key_type( &attributes,
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_import_key( &attributes,
+ key_input->x, key_input->len,
+ &key );
+ }
+
+ mbedtls_test_driver_signature_verify_hooks.forced_status = force_status;
+
+ actual_status = psa_verify_message( key, alg,
+ data_input->x, data_input->len,
+ signature_input->x, signature_input->len );
+ TEST_EQUAL( actual_status, expected_status );
+ /* In the builtin algorithm the driver is called twice. */
+ TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits,
+ force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 );
+
+exit:
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ PSA_DONE( );
+ mbedtls_test_driver_signature_verify_hooks =
+ mbedtls_test_driver_signature_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */
void generate_key( int force_status_arg,
data_t *fake_output,
int expected_status_arg )
@@ -132,28 +254,33 @@
psa_status_t actual_status;
uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0};
size_t actual_output_length;
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
psa_set_key_type( &attributes,
- PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) );
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
psa_set_key_bits( &attributes, 256 );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT );
psa_set_key_algorithm( &attributes, alg );
if( fake_output->len > 0 )
{
- expected_output = test_driver_key_management_hooks.forced_output = fake_output->x;
- expected_output_length = test_driver_key_management_hooks.forced_output_length =
+ expected_output =
+ mbedtls_test_driver_key_management_hooks.forced_output =
+ fake_output->x;
+
+ expected_output_length =
+ mbedtls_test_driver_key_management_hooks.forced_output_length =
fake_output->len;
}
- test_driver_key_management_hooks.hits = 0;
- test_driver_key_management_hooks.forced_status = force_status;
+ mbedtls_test_driver_key_management_hooks.hits = 0;
+ mbedtls_test_driver_key_management_hooks.forced_status = force_status;
PSA_ASSERT( psa_crypto_init( ) );
actual_status = psa_generate_key( &attributes, &key );
- TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 );
TEST_EQUAL( actual_status, expected_status );
if( actual_status == PSA_SUCCESS )
@@ -180,11 +307,12 @@
psa_reset_key_attributes( &attributes );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */
void validate_key( int force_status_arg,
int key_type_arg,
data_t *key_input,
@@ -196,29 +324,31 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t actual_status;
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
psa_set_key_type( &attributes,
key_type );
psa_set_key_bits( &attributes, 0 );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
- test_driver_key_management_hooks.forced_status = force_status;
+ mbedtls_test_driver_key_management_hooks.forced_status = force_status;
PSA_ASSERT( psa_crypto_init( ) );
actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key );
- TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 );
TEST_EQUAL( actual_status, expected_status );
exit:
psa_reset_key_attributes( &attributes );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */
void export_key( int force_status_arg,
data_t *fake_output,
int key_in_type_arg,
@@ -238,7 +368,8 @@
psa_status_t actual_status;
uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = {0};
size_t actual_output_length;
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
psa_set_key_type( &attributes, input_key_type );
psa_set_key_bits( &attributes, 256 );
@@ -249,8 +380,12 @@
if( fake_output->len > 0 )
{
- expected_output_ptr = test_driver_key_management_hooks.forced_output = fake_output->x;
- expected_output_length = test_driver_key_management_hooks.forced_output_length =
+ expected_output_ptr =
+ mbedtls_test_driver_key_management_hooks.forced_output =
+ fake_output->x;
+
+ expected_output_length =
+ mbedtls_test_driver_key_management_hooks.forced_output_length =
fake_output->len;
}
else
@@ -259,8 +394,8 @@
expected_output_length = expected_output->len;
}
- test_driver_key_management_hooks.hits = 0;
- test_driver_key_management_hooks.forced_status = force_status;
+ mbedtls_test_driver_key_management_hooks.hits = 0;
+ mbedtls_test_driver_key_management_hooks.forced_status = force_status;
if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) )
actual_status = psa_export_public_key( handle, actual_output, sizeof(actual_output), &actual_output_length );
@@ -270,7 +405,7 @@
if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) &&
!PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( input_key_type ) )
- TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 );
if( actual_status == PSA_SUCCESS )
{
@@ -281,32 +416,139 @@
psa_reset_key_attributes( &attributes );
psa_destroy_key( handle );
PSA_DONE( );
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
}
/* END_CASE */
/* BEGIN_CASE */
-void cipher_encrypt( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input, data_t *expected_output,
- int mock_output_arg,
- int force_status_arg,
- int expected_status_arg )
+void cipher_encrypt_validation( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *input )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
- psa_status_t status;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg );
+ unsigned char *output1 = NULL;
+ size_t output1_buffer_size = 0;
+ size_t output1_length = 0;
+ unsigned char *output2 = NULL;
+ size_t output2_buffer_size = 0;
+ size_t output2_length = 0;
+ size_t function_output_length = 0;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
+ output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) +
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
+ ASSERT_ALLOC( output1, output1_buffer_size );
+ ASSERT_ALLOC( output2, output2_buffer_size );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1,
+ output1_buffer_size, &output1_length ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x, input->len,
+ output2, output2_buffer_size,
+ &function_output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ output2_length += function_output_length;
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ output2 + output2_length,
+ output2_buffer_size - output2_length,
+ &function_output_length ) );
+ /* Finish will have called abort as well, so expecting two hits here */
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ output2_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+ // driver function should've been called as part of the finish() core routine
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
+ ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size,
+ output2, output2_length );
+
+exit:
+ psa_cipher_abort( &operation );
+ mbedtls_free( output1 );
+ mbedtls_free( output2 );
+ psa_destroy_key( key );
+ PSA_DONE( );
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_multipart( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
+ data_t *input,
+ int first_part_size_arg,
+ int output1_length_arg,
+ int output2_length_arg,
+ data_t *expected_output,
+ int mock_output_arg,
+ int force_status_arg,
+ int expected_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t status;
psa_status_t expected_status = expected_status_arg;
psa_status_t force_status = force_status_arg;
+ size_t first_part_size = first_part_size_arg;
+ size_t output1_length = output1_length_arg;
+ size_t output2_length = output2_length_arg;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
size_t function_output_length = 0;
size_t total_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
- test_driver_cipher_hooks.forced_status = force_status;
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks.forced_status = force_status;
+
+ /* Test operation initialization */
+ mbedtls_psa_cipher_operation_t mbedtls_operation =
+ MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+
+ mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation =
+ MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT;
+
+ mbedtls_opaque_test_driver_cipher_operation_t opaque_operation =
+ MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT;
+
+ operation.ctx.mbedtls_ctx = mbedtls_operation;
+ operation.ctx.transparent_test_driver_ctx = tranparent_operation;
+ operation.ctx.opaque_test_driver_ctx = opaque_operation;
PSA_ASSERT( psa_crypto_init( ) );
@@ -318,53 +560,69 @@
&key ) );
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
if( mock_output_arg )
{
- test_driver_cipher_hooks.forced_output = expected_output->x;
- test_driver_cipher_hooks.forced_output_length = expected_output->len;
+ mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x, input->len,
+ TEST_ASSERT( first_part_size <= input->len );
+ PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
output, output_buffer_size,
&function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ TEST_ASSERT( function_output_length == output1_length );
+ total_output_length += function_output_length;
+
+ if( first_part_size < input->len )
+ {
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ TEST_ASSERT( function_output_length == output2_length );
+ total_output_length += function_output_length;
+ }
if( mock_output_arg )
{
- test_driver_cipher_hooks.forced_output = NULL;
- test_driver_cipher_hooks.forced_output_length = 0;
+ mbedtls_test_driver_cipher_hooks.forced_output = NULL;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
}
- total_output_length += function_output_length;
- status = psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length );
+ status = psa_cipher_finish( &operation,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length );
/* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
-
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0 ;
total_output_length += function_output_length;
-
TEST_EQUAL( status, expected_status );
+
if( expected_status == PSA_SUCCESS )
{
PSA_ASSERT( psa_cipher_abort( &operation ) );
- // driver function should've been called as part of the finish() core routine
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
+
ASSERT_COMPARE( expected_output->x, expected_output->len,
output, total_output_length );
}
@@ -374,21 +632,30 @@
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
}
/* END_CASE */
/* BEGIN_CASE */
-void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
+void cipher_decrypt_multipart( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
data_t *input,
int first_part_size_arg,
- int output1_length_arg, int output2_length_arg,
- data_t *expected_output )
+ int output1_length_arg,
+ int output2_length_arg,
+ data_t *expected_output,
+ int mock_output_arg,
+ int force_status_arg,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ psa_status_t status;
+ psa_status_t expected_status = expected_status_arg;
+ psa_status_t force_status = force_status_arg;
size_t first_part_size = first_part_size_arg;
size_t output1_length = output1_length_arg;
size_t output2_length = output2_length_arg;
@@ -398,92 +665,22 @@
size_t total_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks.forced_status = force_status;
- PSA_ASSERT( psa_crypto_init( ) );
+ /* Test operation initialization */
+ mbedtls_psa_cipher_operation_t mbedtls_operation =
+ MBEDTLS_PSA_CIPHER_OPERATION_INIT;
- psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
- psa_set_key_algorithm( &attributes, alg );
- psa_set_key_type( &attributes, key_type );
+ mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation =
+ MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT;
- PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &key ) );
+ mbedtls_opaque_test_driver_cipher_operation_t opaque_operation =
+ MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT;
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
-
- PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
-
- output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
- ASSERT_ALLOC( output, output_buffer_size );
-
- TEST_ASSERT( first_part_size <= input->len );
- PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
- output, output_buffer_size,
- &function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
-
- TEST_ASSERT( function_output_length == output1_length );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x + first_part_size,
- input->len - first_part_size,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
- TEST_ASSERT( function_output_length == output2_length );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- /* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- test_driver_cipher_hooks.hits = 0 ;
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
-
-exit:
- psa_cipher_abort( &operation );
- mbedtls_free( output );
- psa_destroy_key( key );
- PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input,
- int first_part_size_arg,
- int output1_length_arg, int output2_length_arg,
- data_t *expected_output )
-{
- mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
- psa_key_type_t key_type = key_type_arg;
- psa_algorithm_t alg = alg_arg;
- size_t first_part_size = first_part_size_arg;
- size_t output1_length = output1_length_arg;
- size_t output2_length = output2_length_arg;
- unsigned char *output = NULL;
- size_t output_buffer_size = 0;
- size_t function_output_length = 0;
- size_t total_output_length = 0;
- psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ operation.ctx.mbedtls_ctx = mbedtls_operation;
+ operation.ctx.transparent_test_driver_ctx = tranparent_operation;
+ operation.ctx.opaque_test_driver_ctx = opaque_operation;
PSA_ASSERT( psa_crypto_init( ) );
@@ -495,65 +692,90 @@
&key ) );
PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
+ if( mock_output_arg )
+ {
+ mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
+ }
+
TEST_ASSERT( first_part_size <= input->len );
PSA_ASSERT( psa_cipher_update( &operation,
input->x, first_part_size,
output, output_buffer_size,
&function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
TEST_ASSERT( function_output_length == output1_length );
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x + first_part_size,
- input->len - first_part_size,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
- TEST_ASSERT( function_output_length == output2_length );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
+ if( first_part_size < input->len )
+ {
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ TEST_ASSERT( function_output_length == output2_length );
+ total_output_length += function_output_length;
+ }
+
+ if( mock_output_arg )
+ {
+ mbedtls_test_driver_cipher_hooks.forced_output = NULL;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
+ }
+
+ status = psa_cipher_finish( &operation,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length );
/* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( status, expected_status );
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, total_output_length );
+ }
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
}
/* END_CASE */
/* BEGIN_CASE */
-void cipher_decrypt( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input, data_t *expected_output,
+void cipher_decrypt( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
+ data_t *input_arg,
+ data_t *expected_output,
int mock_output_arg,
int force_status_arg,
int expected_status_arg )
@@ -564,14 +786,14 @@
psa_algorithm_t alg = alg_arg;
psa_status_t expected_status = expected_status_arg;
psa_status_t force_status = force_status_arg;
+ unsigned char *input = NULL;
+ size_t input_buffer_size = 0;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
- size_t function_output_length = 0;
- size_t total_output_length = 0;
- psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ size_t output_length = 0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
- test_driver_cipher_hooks.forced_status = force_status;
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks.forced_status = force_status;
PSA_ASSERT( psa_crypto_init( ) );
@@ -579,66 +801,46 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
+ /* Allocate input buffer and copy the iv and the plaintext */
+ input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len );
+ if ( input_buffer_size > 0 )
+ {
+ ASSERT_ALLOC( input, input_buffer_size );
+ memcpy( input, iv->x, iv->len );
+ memcpy( input + iv->len, input_arg->x, input_arg->len );
+ }
+
+ output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size );
+ ASSERT_ALLOC( output, output_buffer_size );
+
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
-
- PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
-
- output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
- ASSERT_ALLOC( output, output_buffer_size );
-
if( mock_output_arg )
{
- test_driver_cipher_hooks.forced_output = expected_output->x;
- test_driver_cipher_hooks.forced_output_length = expected_output->len;
+ mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x, input->len,
- output, output_buffer_size,
- &function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output,
+ output_buffer_size, &output_length );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- if( mock_output_arg )
- {
- test_driver_cipher_hooks.forced_output = NULL;
- test_driver_cipher_hooks.forced_output_length = 0;
- }
-
- total_output_length += function_output_length;
- status = psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length );
- /* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
-
- total_output_length += function_output_length;
TEST_EQUAL( status, expected_status );
if( expected_status == PSA_SUCCESS )
{
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
+ output, output_length );
}
exit:
- psa_cipher_abort( &operation );
+ mbedtls_free( input );
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
}
/* END_CASE */
@@ -656,7 +858,7 @@
size_t function_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
ASSERT_ALLOC( output, input->len + 16 );
output_buffer_size = input->len + 16;
@@ -671,136 +873,136 @@
&key ) );
/* Test setup call, encrypt */
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_encrypt_setup( &operation, key, alg );
/* When setup fails, it shouldn't call any further entry points */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
/* Test setup call failure, decrypt */
status = psa_cipher_decrypt_setup( &operation, key, alg );
/* When setup fails, it shouldn't call any further entry points */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
/* Test IV setting failure */
- test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation, key, alg );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
/* When setting the IV fails, it should call abort too */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
/* Failure should prevent further operations from executing on the driver */
- test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
psa_cipher_abort( &operation );
/* Test IV generation failure */
- test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation, key, alg );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length );
/* When generating the IV fails, it should call abort too */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
/* Failure should prevent further operations from executing on the driver */
- test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
psa_cipher_abort( &operation );
/* Test update failure */
- test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation, key, alg );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
/* When the update call fails, it should call abort too */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
/* Failure should prevent further operations from executing on the driver */
- test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
psa_cipher_abort( &operation );
/* Test finish failure */
- test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation, key, alg );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_finish( &operation,
output + function_output_length,
output_buffer_size - function_output_length,
&function_output_length );
/* When the finish call fails, it should call abort too */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
/* Failure should prevent further operations from executing on the driver */
- test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
psa_cipher_abort( &operation );
exit:
@@ -808,6 +1010,731 @@
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt( int key_type_arg, data_t *key_data,
+ int alg_arg,
+ data_t *nonce,
+ data_t *additional_data,
+ data_t *input_data,
+ data_t *expected_result,
+ int forced_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
+ psa_status_t forced_status = forced_status_arg;
+ unsigned char *output_data = NULL;
+ size_t output_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
+ output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+ * should be exact. */
+ TEST_EQUAL( output_size,
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
+ TEST_ASSERT( output_size <=
+ PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
+ ASSERT_ALLOC( output_data, output_size );
+
+ mbedtls_test_driver_aead_hooks.forced_status = forced_status;
+ status = psa_aead_encrypt( key, alg,
+ nonce->x, nonce->len,
+ additional_data->x, additional_data->len,
+ input_data->x, input_data->len,
+ output_data, output_size,
+ &output_length );
+ TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status );
+
+ TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ?
+ PSA_SUCCESS : forced_status );
+
+ if( status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( expected_result->x, expected_result->len,
+ output_data, output_length );
+ }
+
+exit:
+ psa_destroy_key( key );
+ mbedtls_free( output_data );
+ PSA_DONE( );
+ mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_decrypt( int key_type_arg, data_t *key_data,
+ int alg_arg,
+ data_t *nonce,
+ data_t *additional_data,
+ data_t *input_data,
+ data_t *expected_data,
+ int forced_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
+ psa_status_t forced_status = forced_status_arg;
+ unsigned char *output_data = NULL;
+ size_t output_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
+ output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ ASSERT_ALLOC( output_data, output_size );
+
+ mbedtls_test_driver_aead_hooks.forced_status = forced_status;
+ status = psa_aead_decrypt( key, alg,
+ nonce->x, nonce->len,
+ additional_data->x,
+ additional_data->len,
+ input_data->x, input_data->len,
+ output_data, output_size,
+ &output_length );
+ TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status );
+
+ TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ?
+ PSA_SUCCESS : forced_status );
+
+ if( status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( expected_data->x, expected_data->len,
+ output_data, output_length );
+ }
+
+exit:
+ psa_destroy_key( key );
+ mbedtls_free( output_data );
+ PSA_DONE( );
+ mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_sign( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input,
+ data_t *expected_mac,
+ int forced_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ uint8_t *actual_mac = NULL;
+ size_t mac_buffer_size =
+ PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg );
+ size_t mac_length = 0;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t forced_status = forced_status_arg;
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+
+ TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
+ /* We expect PSA_MAC_LENGTH to be exact. */
+ TEST_ASSERT( expected_mac->len == mac_buffer_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ ASSERT_ALLOC( actual_mac, mac_buffer_size );
+ mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+ /*
+ * Calculate the MAC, one-shot case.
+ */
+ status = psa_mac_compute( key, alg,
+ input->x, input->len,
+ actual_mac, mac_buffer_size,
+ &mac_length );
+
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( forced_status, status );
+
+ if( mac_buffer_size > 0 )
+ memset( actual_mac, 0, mac_buffer_size );
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+ mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+ /*
+ * Calculate the MAC, multipart case.
+ */
+ status = psa_mac_sign_setup( &operation, key, alg );
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( forced_status, status );
+
+ status = psa_mac_update( &operation,
+ input->x, input->len );
+ if( forced_status == PSA_SUCCESS )
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 );
+ else
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( PSA_ERROR_BAD_STATE, status );
+
+ status = psa_mac_sign_finish( &operation,
+ actual_mac, mac_buffer_size,
+ &mac_length );
+ if( forced_status == PSA_SUCCESS )
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 );
+ else
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( PSA_ERROR_BAD_STATE, status );
+
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+ if( forced_status == PSA_SUCCESS )
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 );
+ else
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+
+ if( forced_status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( expected_mac->x, expected_mac->len,
+ actual_mac, mac_length );
+ }
+
+ mbedtls_free( actual_mac );
+ actual_mac = NULL;
+
+exit:
+ psa_mac_abort( &operation );
+ psa_destroy_key( key );
+ PSA_DONE( );
+ mbedtls_free( actual_mac );
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_verify( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input,
+ data_t *expected_mac,
+ int forced_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_status_t forced_status = forced_status_arg;
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+
+ TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+ /*
+ * Verify the MAC, one-shot case.
+ */
+ status = psa_mac_verify( key, alg,
+ input->x, input->len,
+ expected_mac->x, expected_mac->len );
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( forced_status, status );
+
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+ mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+ /*
+ * Verify the MAC, multi-part case.
+ */
+ status = psa_mac_verify_setup( &operation, key, alg );
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( forced_status, status );
+
+ status = psa_mac_update( &operation,
+ input->x, input->len );
+ if( forced_status == PSA_SUCCESS )
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 );
+ else
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( PSA_ERROR_BAD_STATE, status );
+
+ status = psa_mac_verify_finish( &operation,
+ expected_mac->x,
+ expected_mac->len );
+ if( forced_status == PSA_SUCCESS )
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 );
+ else
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( PSA_ERROR_BAD_STATE, status );
+
+
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+ if( forced_status == PSA_SUCCESS )
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 );
+ else
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+
+exit:
+ psa_mac_abort( &operation );
+ psa_destroy_key( key );
+ PSA_DONE( );
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+void builtin_key_export( int builtin_key_id_arg,
+ int builtin_key_type_arg,
+ int builtin_key_bits_arg,
+ int builtin_key_algorithm_arg,
+ data_t *expected_output,
+ int expected_status_arg )
+{
+ psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg;
+ psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg;
+ psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg;
+ size_t builtin_key_bits = (size_t) builtin_key_bits_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id );
+ uint8_t* output_buffer = NULL;
+ size_t output_size = 0;
+ psa_status_t actual_status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ ASSERT_ALLOC( output_buffer, expected_output->len );
+
+ actual_status = psa_export_key( key, output_buffer, expected_output->len, &output_size );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( actual_status );
+ TEST_EQUAL( output_size, expected_output->len );
+ ASSERT_COMPARE( output_buffer, output_size,
+ expected_output->x, expected_output->len );
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits );
+ TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type );
+ TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg );
+ }
+ else
+ {
+ if( actual_status != expected_status )
+ fprintf( stderr, "Expected %d but got %d\n", expected_status, actual_status );
+ TEST_EQUAL( actual_status, expected_status );
+ TEST_EQUAL( output_size, 0 );
+ }
+
+exit:
+ mbedtls_free( output_buffer );
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+void builtin_pubkey_export( int builtin_key_id_arg,
+ int builtin_key_type_arg,
+ int builtin_key_bits_arg,
+ int builtin_key_algorithm_arg,
+ data_t *expected_output,
+ int expected_status_arg )
+{
+ psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg;
+ psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg;
+ psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg;
+ size_t builtin_key_bits = (size_t) builtin_key_bits_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id );
+ uint8_t* output_buffer = NULL;
+ size_t output_size = 0;
+ psa_status_t actual_status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ ASSERT_ALLOC( output_buffer, expected_output->len );
+
+ actual_status = psa_export_public_key( key, output_buffer, expected_output->len, &output_size );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( actual_status );
+ TEST_EQUAL( output_size, expected_output->len );
+ ASSERT_COMPARE( output_buffer, output_size,
+ expected_output->x, expected_output->len );
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits );
+ TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type );
+ TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg );
+ }
+ else
+ {
+ TEST_EQUAL( actual_status, expected_status );
+ TEST_EQUAL( output_size, 0 );
+ }
+
+exit:
+ mbedtls_free( output_buffer );
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_compute( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg,
+ int expected_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char *output = NULL;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ TEST_EQUAL( psa_hash_compute( alg, input->x, input->len,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ), expected_status );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+ }
+
+exit:
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_setup( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg,
+ int expected_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char *output = NULL;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+ TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits,
+ forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ PSA_ASSERT( psa_hash_finish( &operation,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits,
+ forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+ }
+
+exit:
+ psa_hash_abort( &operation );
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_update( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ unsigned char *output = NULL;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /*
+ * Update inactive operation, the driver shouldn't be called.
+ */
+ TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 );
+
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+ TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ),
+ forced_status );
+ /* One or two more calls to the driver interface: update or update + abort */
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits,
+ forced_status == PSA_SUCCESS ? 2 : 3 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( forced_status == PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ PSA_ASSERT( psa_hash_finish( &operation,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ) );
+ /* Two calls to the driver interface: update + abort */
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+ }
+
+exit:
+ psa_hash_abort( &operation );
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_finish( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ unsigned char *output = NULL;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /*
+ * Finish inactive operation, the driver shouldn't be called.
+ */
+ TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ),
+ &output_length ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 );
+
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+ TEST_EQUAL( psa_hash_finish( &operation,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ),
+ forced_status );
+ /* Two more calls to the driver interface: finish + abort */
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( forced_status == PSA_SUCCESS )
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+
+exit:
+ psa_hash_abort( &operation );
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_clone( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ unsigned char *output = NULL;
+ psa_hash_operation_t source_operation = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /*
+ * Clone inactive operation, the driver shouldn't be called.
+ */
+ TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 );
+
+ PSA_ASSERT( psa_hash_setup( &source_operation, alg ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+ TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ),
+ forced_status );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits,
+ forced_status == PSA_SUCCESS ? 2 : 3 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( forced_status == PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ PSA_ASSERT( psa_hash_update( &target_operation,
+ input->x, input->len ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ PSA_ASSERT( psa_hash_finish( &target_operation,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 3 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+ }
+
+exit:
+ psa_hash_abort( &source_operation );
+ psa_hash_abort( &target_operation );
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
index 61593e9..49d3f69 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.data
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -1,3 +1,30 @@
+PSA external RNG failure: generate random and key
+external_rng_failure_generate:
+
+# When verifying the impact of a forced RNG failure, depend on the built-in
+# implementation of the algorithm that uses randomization, whether it's
+# because the algorithm is randomized or because our implementation uses
+# randomization for (e.g.) blinding. An external implementation could use
+# its own randomness source which is not affected by the forced failure of
+# the RNG driver.
+# Key types and non-randomized auxilary algorithms (in practice, hashes) can
+# use an external implementation.
+PSA external RNG failure: randomized ECDSA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256
+external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:32
+
+PSA external RNG failure: deterministic ECDSA (software implementation)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_SECP_R1_256
+external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):32
+
+PSA external RNG failure: RSA-PSS
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS
+external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):32
+
+PSA external RNG failure: RSA PKCS#1v1.5 (software implementation)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN
+external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:32
+
PSA validate entropy injection: good, minimum size
validate_entropy_seed_injection:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_ERROR_NOT_PERMITTED
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 66c241e..4dcbb36 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -1,19 +1,23 @@
/* BEGIN_HEADER */
#include <stdint.h>
+#include <string.h>
+
+#include <psa/crypto.h>
#include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h"
-#include "test/psa_crypto_helpers.h"
+/* Calculating the minimum allowed entropy size in bytes */
+#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+
#if defined(MBEDTLS_PSA_ITS_FILE_C)
#include <stdio.h>
#else
#include <psa/internal_trusted_storage.h>
#endif
-/* Calculating the minimum allowed entropy size in bytes */
-#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
-
/* Remove the entropy seed file. Since the library does not expose a way
* to do this (it would be a security risk if such a function was ever
* accessible in production), implement this functionality in a white-box
@@ -30,14 +34,89 @@
#endif
}
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
/* END_HEADER */
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_INJECT_ENTROPY
- * END_DEPENDENCIES
- */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void external_rng_failure_generate( )
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
+ psa_set_key_bits( &attributes, 128 );
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ uint8_t output[1];
-/* BEGIN_CASE */
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_generate_random( output, sizeof( output ) ) );
+ PSA_ASSERT( psa_generate_key( &attributes, &key ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
+
+ mbedtls_test_disable_insecure_external_rng( );
+ TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
+ psa_generate_random( output, sizeof( output ) ) );
+ TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
+ psa_generate_key( &attributes, &key ) );
+
+exit:
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void external_rng_failure_sign( int key_type, data_t *key_data, int alg,
+ int input_size_arg )
+{
+ /* This test case is only expected to pass if the signature mechanism
+ * requires randomness, either because it is a randomized signature
+ * or because the implementation uses blinding. */
+
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_set_key_type( &attributes, key_type );
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
+ psa_set_key_algorithm( &attributes, alg );
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ size_t input_size = input_size_arg;
+ uint8_t *input = NULL;
+ uint8_t *signature = NULL;
+ size_t signature_size = PSA_SIGNATURE_MAX_SIZE;
+ size_t signature_length;
+
+ ASSERT_ALLOC( input, input_size );
+ ASSERT_ALLOC( signature, signature_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ PSA_ASSERT( psa_sign_hash( key, alg,
+ input, input_size,
+ signature, signature_size,
+ &signature_length ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
+
+ mbedtls_test_disable_insecure_external_rng( );
+ /* Import the key again, because for RSA Mbed TLS caches blinding values
+ * in the key object and this could perturb the test. */
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
+ psa_sign_hash( key, alg,
+ input, input_size,
+ signature, signature_size,
+ &signature_length ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
+
+exit:
+ psa_destroy_key( key );
+ PSA_DONE( );
+ mbedtls_free( input );
+ mbedtls_free( signature );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
void validate_entropy_seed_injection( int seed_length_a,
int expected_status_a,
int seed_length_b,
@@ -81,7 +160,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
void run_entropy_inject_with_crypto_init( )
{
psa_status_t status;
diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 0e2d1b0..67158d0 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -1,587 +1,587 @@
PSA hash finish: SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
PSA hash finish: SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
PSA hash finish: SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
PSA hash finish: SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
PSA hash finish: SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
PSA hash finish: SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
PSA hash finish: SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
PSA hash finish: SHA-1 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
PSA hash finish: SHA-1 Test Vector NIST CAVS #9
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
PSA hash finish: SHA-1 Test Vector NIST CAVS #10
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
PSA hash finish: SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
PSA hash finish: SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
PSA hash finish: SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
PSA hash finish: SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
PSA hash finish: SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
PSA hash finish: SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
PSA hash finish: SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
PSA hash finish: SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
PSA hash finish: SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
PSA hash finish: SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
PSA hash finish: SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
PSA hash finish: SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
PSA hash finish: SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
PSA hash finish: SHA-256 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
PSA hash finish: SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
PSA hash finish: SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
PSA hash finish: SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
PSA hash finish: SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
PSA hash finish: SHA-384 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
PSA hash finish: SHA-384 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
PSA hash finish: SHA-384 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
PSA hash finish: SHA-384 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
PSA hash finish: SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
PSA hash finish: SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
PSA hash finish: SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
PSA hash finish: SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
PSA hash finish: SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
PSA hash finish: SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
PSA hash finish: SHA-512 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
PSA hash finish: SHA-512 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
PSA hash finish: MD2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
PSA hash finish: MD2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
PSA hash finish: MD2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
PSA hash finish: MD2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
PSA hash finish: MD2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
PSA hash finish: MD2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
PSA hash finish: MD2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
PSA hash finish: MD4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
PSA hash finish: MD4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
PSA hash finish: MD4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
PSA hash finish: MD4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
PSA hash finish: MD4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
PSA hash finish: MD4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
PSA hash finish: MD4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
PSA hash finish: MD5 Test vector RFC1321 #1
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
PSA hash finish: MD5 Test vector RFC1321 #2
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
PSA hash finish: MD5 Test vector RFC1321 #3
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
PSA hash finish: MD5 Test vector RFC1321 #4
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
PSA hash finish: MD5 Test vector RFC1321 #5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
PSA hash finish: MD5 Test vector RFC1321 #6
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
PSA hash finish: MD5 Test vector RFC1321 #7
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
PSA hash finish: RIPEMD160 Test vector from paper #1
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
PSA hash finish: RIPEMD160 Test vector from paper #2
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
PSA hash finish: RIPEMD160 Test vector from paper #3
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
PSA hash finish: RIPEMD160 Test vector from paper #4
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
PSA hash finish: RIPEMD160 Test vector from paper #5
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
PSA hash finish: RIPEMD160 Test vector from paper #6
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
PSA hash finish: RIPEMD160 Test vector from paper #7
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
PSA hash finish: RIPEMD160 Test vector from paper #8
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
PSA hash verify: SHA-1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"
PSA hash verify: SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57"
PSA hash verify: SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
PSA hash verify: SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a"
PSA hash verify: SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
PSA hash verify: MD2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
PSA hash verify: MD4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
PSA hash verify: MD5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
PSA hash verify: RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #9
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
PSA hash multi part: SHA-1 Test Vector NIST CAVS #10
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
PSA hash multi part: SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
PSA hash multi part: SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
PSA hash multi part: SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
PSA hash multi part: SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
PSA hash multi part: SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
PSA hash multi part: SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
PSA hash multi part: SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
PSA hash multi part: SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
PSA hash multi part: SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
PSA hash multi part: SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
PSA hash multi part: SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
PSA hash multi part: SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
PSA hash multi part: SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
PSA hash multi part: SHA-256 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
PSA hash multi part: SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
PSA hash multi part: SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
PSA hash multi part: SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
PSA hash multi part: SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
PSA hash multi part: SHA-384 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
PSA hash multi part: SHA-384 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
PSA hash multi part: SHA-384 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
PSA hash multi part: SHA-384 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
PSA hash multi part: SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
PSA hash multi part: SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
PSA hash multi part: SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
PSA hash multi part: SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
PSA hash multi part: SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
PSA hash multi part: SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
PSA hash multi part: SHA-512 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
PSA hash multi part: SHA-512 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
PSA hash multi part: MD2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
PSA hash multi part: MD2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
PSA hash multi part: MD2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
PSA hash multi part: MD2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
PSA hash multi part: MD2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
PSA hash multi part: MD2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
PSA hash multi part: MD2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
PSA hash multi part: MD4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
PSA hash multi part: MD4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
PSA hash multi part: MD4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
PSA hash multi part: MD4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
PSA hash multi part: MD4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
PSA hash multi part: MD4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
PSA hash multi part: MD4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
PSA hash multi part: MD5 Test vector RFC1321 #1
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
PSA hash multi part: MD5 Test vector RFC1321 #2
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
PSA hash multi part: MD5 Test vector RFC1321 #3
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
PSA hash multi part: MD5 Test vector RFC1321 #4
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
PSA hash multi part: MD5 Test vector RFC1321 #5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
PSA hash multi part: MD5 Test vector RFC1321 #6
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
PSA hash multi part: MD5 Test vector RFC1321 #7
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
PSA hash multi part: RIPEMD160 Test vector from paper #1
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
PSA hash multi part: RIPEMD160 Test vector from paper #2
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
PSA hash multi part: RIPEMD160 Test vector from paper #3
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
PSA hash multi part: RIPEMD160 Test vector from paper #4
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
PSA hash multi part: RIPEMD160 Test vector from paper #5
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
PSA hash multi part: RIPEMD160 Test vector from paper #6
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
PSA hash multi part: RIPEMD160 Test vector from paper #7
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
PSA hash multi part: RIPEMD160 Test vector from paper #8
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index 1bc9331..b0da2bf 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -2,8 +2,6 @@
#include <stdint.h>
-#include "test/psa_crypto_helpers.h"
-
/* END_HEADER */
/* BEGIN_DEPENDENCIES
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 62ef6e2..40efb87 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -1,7 +1,6 @@
/* BEGIN_HEADER */
#include <stdint.h>
-#include "test/psa_crypto_helpers.h"
/* Some tests in this module configure entropy sources. */
#include "psa_crypto_invasive.h"
@@ -11,11 +10,23 @@
#define ENTROPY_MIN_NV_SEED_SIZE \
MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
+#include "psa_crypto_random_impl.h"
+#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+/* PSA crypto uses the HMAC_DRBG module. It reads from the entropy source twice:
+ * once for the initial entropy and once for a nonce. The nonce length is
+ * half the entropy length. For SHA-256, SHA-384 or SHA-512, the
+ * entropy length is 256 per the documentation of mbedtls_hmac_drbg_seed(),
+ * and PSA crypto doesn't support other hashes for HMAC_DRBG. */
+#define ENTROPY_NONCE_LEN ( 256 / 2 )
+#else
/* PSA crypto uses the CTR_DRBG module. In some configurations, it needs
* to read from the entropy source twice: once for the initial entropy
* and once for a nonce. */
#include "mbedtls/ctr_drbg.h"
#define ENTROPY_NONCE_LEN MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN
+#endif
+
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
typedef struct
{
@@ -118,6 +129,8 @@
MBEDTLS_ENTROPY_SOURCE_STRONG );
}
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -125,7 +138,7 @@
* END_DEPENDENCIES
*/
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
void create_nv_seed( )
{
static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE];
@@ -201,7 +214,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
{
psa_status_t expected_init_status = expected_init_status_arg;
@@ -222,7 +235,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
void fake_entropy_source( int threshold,
int amount1,
int amount2,
@@ -262,7 +275,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
void entropy_from_nv_seed( int seed_size_arg,
int expected_init_status_arg )
{
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index 14979d3..526f0f7 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -1,286 +1,335 @@
Hash: MD2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
hash_algorithm:PSA_ALG_MD2:16
Hash: MD4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
hash_algorithm:PSA_ALG_MD4:16
Hash: MD5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
hash_algorithm:PSA_ALG_MD5:16
Hash: RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
hash_algorithm:PSA_ALG_RIPEMD160:20
Hash: SHA-1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
hash_algorithm:PSA_ALG_SHA_1:20
Hash: SHA-2 SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
hash_algorithm:PSA_ALG_SHA_224:28
Hash: SHA-2 SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
hash_algorithm:PSA_ALG_SHA_256:32
Hash: SHA-2 SHA-384
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_384
hash_algorithm:PSA_ALG_SHA_384:48
Hash: SHA-2 SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
hash_algorithm:PSA_ALG_SHA_512:64
MAC: HMAC-MD2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
MAC: HMAC-MD4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
MAC: HMAC-MD5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
MAC: HMAC-RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64
MAC: HMAC-SHA-1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64
MAC: HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64
MAC: HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64
MAC: HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128
MAC: HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
MAC: CBC_MAC-AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
MAC: CBC_MAC-AES-192
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
MAC: CBC_MAC-AES-256
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
MAC: CBC_MAC-3DES
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_C
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
MAC: CMAC-AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
MAC: CMAC-AES-192
-depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
MAC: CMAC-AES-256
-depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
MAC: CMAC-3DES
-depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
-Cipher: ARC4
-depends_on:MBEDTLS_ARC4_C
-cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER
-
-Cipher: ChaCha20
-depends_on:MBEDTLS_CHACHA20_C
-cipher_algorithm:PSA_ALG_CHACHA20:ALG_IS_STREAM_CIPHER
+Cipher: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER
+cipher_algorithm:PSA_ALG_STREAM_CIPHER:ALG_IS_STREAM_CIPHER
Cipher: CTR
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR
+depends_on:PSA_WANT_ALG_CTR:MBEDTLS_CIPHER_C
cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
Cipher: CFB
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CFB
+depends_on:PSA_WANT_ALG_CFB:MBEDTLS_CIPHER_C
cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
Cipher: OFB
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_OFB
+depends_on:PSA_WANT_ALG_OFB:MBEDTLS_CIPHER_C
cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
Cipher: ECB-nopad
-depends_on:MBEDTLS_CIPHER_C
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:MBEDTLS_CIPHER_C
cipher_algorithm:PSA_ALG_ECB_NO_PADDING:0
Cipher: CBC-nopad
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_CIPHER_C
cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
Cipher: CBC-PKCS#7
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:MBEDTLS_CIPHER_C
cipher_algorithm:PSA_ALG_CBC_PKCS7:0
Cipher: XTS
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_XTS
+depends_on:PSA_WANT_ALG_XTS:MBEDTLS_CIPHER_C
cipher_algorithm:PSA_ALG_XTS:0
-AEAD: CCM
-depends_on:MBEDTLS_CCM_C
-aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16
+AEAD: CCM-AES-128
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128
-AEAD: GCM
-depends_on:MBEDTLS_GCM_C
-aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16
+AEAD: CCM-AES-192
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192
+
+AEAD: CCM-AES-256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256
+
+AEAD: CCM-CAMELLIA-128
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128
+
+AEAD: CCM-CAMELLIA-192
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192
+
+AEAD: CCM-CAMELLIA-256
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256
+
+AEAD: GCM-AES-128
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128
+
+AEAD: GCM-AES-192
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192
+
+AEAD: GCM-AES-256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256
+
+AEAD: GCM-CAMELLIA-128
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128
+
+AEAD: GCM-CAMELLIA-192
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192
+
+AEAD: GCM-CAMELLIA-256
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256
AEAD: ChaCha20_Poly1305
-depends_on:MBEDTLS_CHACHAPOLY_C
-aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16:PSA_KEY_TYPE_CHACHA20:256
Asymmetric signature: RSA PKCS#1 v1.5 raw
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN
Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN
Asymmetric signature: RSA PSS SHA-256
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_HASH_AND_SIGN
Asymmetric signature: randomized ECDSA (no hashing)
-depends_on:MBEDTLS_ECDSA_C
+depends_on:PSA_WANT_ALG_ECDSA
asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
Asymmetric signature: SHA-256 + randomized ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256
asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
Asymmetric signature: SHA-256 + deterministic ECDSA using SHA-256
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
+Asymmetric signature: pure EdDSA
+depends_on:PSA_WANT_ALG_EDDSA
+asymmetric_signature_algorithm:PSA_ALG_PURE_EDDSA:0
+
+Asymmetric signature: Ed25519ph
+depends_on:PSA_WANT_ALG_EDDSA
+asymmetric_signature_algorithm:PSA_ALG_ED25519PH:ALG_IS_HASH_EDDSA | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: Ed448ph
+depends_on:PSA_WANT_ALG_EDDSA
+asymmetric_signature_algorithm:PSA_ALG_ED448PH:ALG_IS_HASH_EDDSA | ALG_IS_HASH_AND_SIGN
+
Asymmetric signature: RSA PKCS#1 v1.5 with wildcard hash
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
asymmetric_signature_wildcard:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PKCS1V15_SIGN
Asymmetric signature: RSA PSS with wildcard hash
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
+depends_on:PSA_WANT_ALG_RSA_PSS
asymmetric_signature_wildcard:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PSS
Asymmetric signature: randomized ECDSA with wildcard hash
-depends_on:MBEDTLS_ECDSA_C
+depends_on:PSA_WANT_ALG_ECDSA
asymmetric_signature_wildcard:PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
Asymmetric signature: deterministic ECDSA with wildcard hash
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA
asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
Asymmetric encryption: RSA PKCS#1 v1.5
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
Asymmetric encryption: RSA OAEP using SHA-256
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256
asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
Key derivation: HKDF using SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
Key derivation: HKDF using SHA-384
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_384 ):ALG_IS_HKDF
Key derivation: TLS 1.2 PRF using SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PRF
Key derivation: TLS 1.2 PRF using SHA-384
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_384 ):ALG_IS_TLS12_PRF
Key derivation: TLS 1.2 PSK-to-MS using SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
key_derivation_algorithm:PSA_ALG_TLS12_PSK_TO_MS( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PSK_TO_MS
Key derivation: TLS 1.2 PSK-to-MS using SHA-384
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
key_derivation_algorithm:PSA_ALG_TLS12_PSK_TO_MS( PSA_ALG_SHA_384 ):ALG_IS_TLS12_PSK_TO_MS
Key agreement: FFDH, raw output
-depends_on:MBEDTLS_DHM_C
+depends_on:PSA_WANT_ALG_FFDH
key_agreement_algorithm:PSA_ALG_FFDH:ALG_IS_FFDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_FFDH:PSA_ALG_CATEGORY_KEY_DERIVATION
Key agreement: FFDH, HKDF using SHA-256
-depends_on:MBEDTLS_DHM_C
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
Key agreement: FFDH, HKDF using SHA-384
-depends_on:MBEDTLS_DHM_C
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 )
Key agreement: ECDH, raw output
-depends_on:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH
key_agreement_algorithm:PSA_ALG_ECDH:ALG_IS_ECDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_ECDH:PSA_ALG_CATEGORY_KEY_DERIVATION
Key agreement: ECDH, HKDF using SHA-256
-depends_on:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
Key agreement: ECDH, HKDF using SHA-384
-depends_on:MBEDTLS_ECDH_C
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 )
Key type: raw data
key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
Key type: HMAC
+depends_on:PSA_WANT_KEY_TYPE_HMAC
key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED
Key type: secret for key derivation
key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
Block cipher key type: AES
-depends_on:MBEDTLS_AES_C
+depends_on:PSA_WANT_KEY_TYPE_AES
block_cipher_key_type:PSA_KEY_TYPE_AES:16
Block cipher key type: DES
-depends_on:MBEDTLS_DES_C
+depends_on:PSA_WANT_KEY_TYPE_DES
block_cipher_key_type:PSA_KEY_TYPE_DES:8
Block cipher key type: Camellia
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16
Stream cipher key type: ARC4
-depends_on:MBEDTLS_ARC4_C
+depends_on:PSA_WANT_KEY_TYPE_ARC4
stream_cipher_key_type:PSA_KEY_TYPE_ARC4
Stream cipher key type: ChaCha20
-depends_on:MBEDTLS_CHACHA20_C
+depends_on:PSA_WANT_KEY_TYPE_CHACHA20
stream_cipher_key_type:PSA_KEY_TYPE_CHACHA20
Key type: RSA public key
-depends_on:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
Key type: RSA key pair
-depends_on:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
key_type:PSA_KEY_TYPE_RSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_RSA
ECC key family: SECP K1
@@ -307,5 +356,44 @@
ECC key family: Montgomery (Curve25519, Curve448)
ecc_key_family:PSA_ECC_FAMILY_MONTGOMERY
+ECC key family: Twisted Edwards (Ed25519, Ed448)
+ecc_key_family:PSA_ECC_FAMILY_TWISTED_EDWARDS
+
DH group family: RFC 7919
dh_key_family:PSA_DH_FAMILY_RFC7919
+
+Lifetime: VOLATILE
+lifetime:PSA_KEY_LIFETIME_VOLATILE:KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: PERSISTENT
+lifetime:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: volatile, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: default, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: 2, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):0:2:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: 254, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):0:254:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: read-only, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: volatile, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0x123456):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:0x123456
+
+Lifetime: default, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0x123456):0:PSA_KEY_PERSISTENCE_DEFAULT:0x123456
+
+Lifetime: 2, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, 0x123456):0:2:0x123456
+
+Lifetime: 254, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, 0x123456):0:254:0x123456
+
+Lifetime: read-only, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, 0x123456):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:0x123456
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 7c0929e..7bf1e28 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -9,6 +9,7 @@
#endif
#include "psa/crypto.h"
+#include "psa_crypto_invasive.h"
/* Flags for algorithm classification macros. There is a flag for every
* algorithm classification macro PSA_ALG_IS_xxx except for the
@@ -29,16 +30,17 @@
#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 )
#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 )
#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 )
-#define ALG_IS_HASH_AND_SIGN ( 1u << 14 )
-#define ALG_IS_RSA_OAEP ( 1u << 15 )
-#define ALG_IS_HKDF ( 1u << 16 )
-#define ALG_IS_FFDH ( 1u << 17 )
-#define ALG_IS_ECDH ( 1u << 18 )
-#define ALG_IS_WILDCARD ( 1u << 19 )
-#define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 20 )
-#define ALG_IS_AEAD_ON_BLOCK_CIPHER ( 1u << 21 )
-#define ALG_IS_TLS12_PRF ( 1u << 22 )
-#define ALG_IS_TLS12_PSK_TO_MS ( 1u << 23 )
+#define ALG_IS_HASH_EDDSA ( 1u << 14 )
+#define ALG_IS_HASH_AND_SIGN ( 1u << 15 )
+#define ALG_IS_RSA_OAEP ( 1u << 16 )
+#define ALG_IS_HKDF ( 1u << 17 )
+#define ALG_IS_FFDH ( 1u << 18 )
+#define ALG_IS_ECDH ( 1u << 19 )
+#define ALG_IS_WILDCARD ( 1u << 20 )
+#define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 21 )
+#define ALG_IS_AEAD_ON_BLOCK_CIPHER ( 1u << 22 )
+#define ALG_IS_TLS12_PRF ( 1u << 23 )
+#define ALG_IS_TLS12_PSK_TO_MS ( 1u << 24 )
/* Flags for key type classification macros. There is a flag for every
* key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
@@ -53,8 +55,21 @@
#define KEY_TYPE_IS_ECC ( 1u << 6 )
#define KEY_TYPE_IS_DH ( 1u << 7 )
-#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
- TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
+/* Flags for lifetime classification macros. There is a flag for every
+ * lifetime classification macro PSA_KEY_LIFETIME_IS_xxx. The name of the
+ * flag is the name of the classification macro without the PSA_ prefix. */
+#define KEY_LIFETIME_IS_VOLATILE ( 1u << 0 )
+#define KEY_LIFETIME_IS_READ_ONLY ( 1u << 1 )
+
+#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
+ do \
+ { \
+ if( ( flags ) & ( flag ) ) \
+ TEST_ASSERT( PSA_##flag( alg ) ); \
+ else \
+ TEST_ASSERT( ! PSA_##flag( alg ) ); \
+ } \
+ while( 0 )
/* Check the parity of value.
*
@@ -96,6 +111,7 @@
TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_EDDSA, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
@@ -156,12 +172,17 @@
algorithm_classification( alg, classification_flags );
/* Length */
- TEST_EQUAL( length, PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
+ TEST_EQUAL( length, PSA_MAC_LENGTH( key_type, key_bits, alg ) );
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C)
+ PSA_ASSERT( psa_mac_key_can_do( alg, key_type ) );
+#endif
exit: ;
}
void aead_algorithm_core( psa_algorithm_t alg, int classification_flags,
+ psa_key_type_t key_type, size_t key_bits,
size_t tag_length )
{
/* Algorithm classification */
@@ -176,7 +197,7 @@
algorithm_classification( alg, classification_flags );
/* Tag length */
- TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( alg ) );
+ TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg ) );
exit: ;
}
@@ -184,7 +205,7 @@
/* END_HEADER */
/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * depends_on:MBEDTLS_PSA_CRYPTO_CLIENT
* END_DEPENDENCIES
*/
@@ -226,7 +247,7 @@
TEST_EQUAL( PSA_ALG_HKDF_GET_HASH( hkdf_alg ), alg );
/* Hash length */
- TEST_EQUAL( length, PSA_HASH_SIZE( alg ) );
+ TEST_EQUAL( length, PSA_HASH_LENGTH( alg ) );
TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
}
/* END_CASE */
@@ -263,6 +284,52 @@
PSA_ALG_TRUNCATED_MAC( alg, length - 1) );
TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ),
PSA_ALG_TRUNCATED_MAC( alg, length ) );
+
+ /* Check that calling PSA_ALG_TRUNCATED_MAC on an algorithm
+ * earlier constructed with PSA_ALG_AT_LEAST_THIS_LENGTH_MAC gives the
+ * length of the outer truncation (even if the outer length is smaller
+ * than the inner length). */
+ TEST_EQUAL( PSA_ALG_TRUNCATED_MAC(
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), 1 ),
+ PSA_ALG_TRUNCATED_MAC( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_TRUNCATED_MAC(
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), length - 1 ),
+ PSA_ALG_TRUNCATED_MAC( alg, length - 1) );
+ TEST_EQUAL( PSA_ALG_TRUNCATED_MAC(
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), length ),
+ PSA_ALG_TRUNCATED_MAC( alg, length ) );
+ }
+
+ /* At-leat-this-length versions */
+ for( n = 1; n <= length; n++ )
+ {
+ psa_algorithm_t policy_alg = PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, n );
+ mac_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD,
+ key_type, key_bits, n );
+ TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( policy_alg ), alg );
+ /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC twice gives the
+ * length of the outer truncation (even if the outer length is smaller
+ * than the inner length). */
+ TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, 1 ),
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, length - 1 ),
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length - 1) );
+ TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, length ),
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length ) );
+
+ /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC on an algorithm
+ * earlier constructed with PSA_ALG_TRUNCATED_MAC gives the length of
+ * the outer truncation (even if the outer length is smaller than the
+ * inner length). */
+ TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(
+ PSA_ALG_TRUNCATED_MAC( policy_alg, n ), 1),
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(
+ PSA_ALG_TRUNCATED_MAC( policy_alg, n ), length - 1 ),
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length - 1) );
+ TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(
+ PSA_ALG_TRUNCATED_MAC( policy_alg, n ), length ),
+ PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length ) );
}
}
/* END_CASE */
@@ -314,30 +381,82 @@
/* BEGIN_CASE */
void aead_algorithm( int alg_arg, int classification_flags,
- int tag_length_arg )
+ int tag_length_arg,
+ int key_type_arg, int key_bits_arg )
{
psa_algorithm_t alg = alg_arg;
size_t tag_length = tag_length_arg;
size_t n;
+ psa_key_type_t key_type = key_type_arg;
+ size_t key_bits = key_bits_arg;
- aead_algorithm_core( alg, classification_flags, tag_length );
+ aead_algorithm_core( alg, classification_flags,
+ key_type, key_bits, tag_length );
/* Truncated versions */
for( n = 1; n <= tag_length; n++ )
{
- psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n );
- aead_algorithm_core( truncated_alg, classification_flags, n );
- TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ),
+ psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, n );
+ aead_algorithm_core( truncated_alg, classification_flags,
+ key_type, key_bits, n );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( truncated_alg ),
alg );
- /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives
+ /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG twice gives
* the length of the outer truncation (even if the outer length is
* smaller than the inner length). */
- TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ),
- PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) );
- TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ),
- PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) );
- TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ),
- PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, 1 ),
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, tag_length - 1 ),
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length - 1) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, tag_length ),
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length ) );
+
+ /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG on an algorithm
+ * earlier constructed with PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG
+ * gives the length of the outer truncation (even if the outer length is
+ * smaller than the inner length). */
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG(
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), 1 ),
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG(
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), tag_length - 1 ),
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length - 1) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG(
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), tag_length ),
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length ) );
+ }
+
+ /* At-leat-this-length versions */
+ for( n = 1; n <= tag_length; n++ )
+ {
+ psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, n );
+ aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD,
+ key_type, key_bits, n );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( policy_alg ),
+ alg );
+ /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG twice
+ * gives the length of the outer truncation (even if the outer length is
+ * smaller than the inner length). */
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, 1 ),
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, tag_length - 1 ),
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length - 1) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, tag_length ),
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length ) );
+
+ /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG on an
+ * algorithm earlier constructed with PSA_ALG_AEAD_WITH_SHORTENED_TAG
+ * gives the length of the outer truncation (even if the outer length is
+ * smaller than the inner length). */
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), 1),
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), tag_length - 1 ),
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length - 1) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), tag_length ),
+ PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length ) );
}
}
/* END_CASE */
@@ -483,7 +602,11 @@
TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK,
PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
- TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ), block_size );
+ TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size );
+
+ /* Check that the block size is a power of 2. This is required, at least,
+ for PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h. */
+ TEST_ASSERT( ( ( block_size - 1 ) & block_size ) == 0 );
}
/* END_CASE */
@@ -496,11 +619,11 @@
TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK,
PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
- TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ), 1 );
+ TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), 1 );
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
+/* BEGIN_CASE depends_on:PSA_KEY_TYPE_ECC_PUBLIC_KEY:PSA_KEY_TYPE_ECC_KEY_PAIR */
void ecc_key_family( int curve_arg )
{
psa_ecc_family_t curve = curve_arg;
@@ -533,3 +656,20 @@
TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group );
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void lifetime( int lifetime_arg, int classification_flags,
+ int persistence_arg, int location_arg )
+{
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_persistence_t persistence = persistence_arg;
+ psa_key_location_t location = location_arg;
+ unsigned flags = classification_flags;
+
+ TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_VOLATILE, lifetime, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_READ_ONLY, lifetime, flags );
+
+ TEST_EQUAL( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime ), persistence );
+ TEST_EQUAL( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ), location );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_not_supported.function b/tests/suites/test_suite_psa_crypto_not_supported.function
new file mode 100644
index 0000000..e3253d8
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_not_supported.function
@@ -0,0 +1,52 @@
+/* BEGIN_HEADER */
+
+#include "psa/crypto.h"
+#include "test/psa_crypto_helpers.h"
+
+#define INVALID_KEY_ID mbedtls_svc_key_id_make( 0, 0xfedcba98 )
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void import_not_supported( int key_type, data_t *key_material )
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_svc_key_id_t key_id = INVALID_KEY_ID;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ psa_set_key_type( &attributes, key_type );
+ TEST_EQUAL( psa_import_key( &attributes,
+ key_material->x, key_material->len,
+ &key_id ),
+ PSA_ERROR_NOT_SUPPORTED );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( key_id, MBEDTLS_SVC_KEY_ID_INIT ) );
+
+exit:
+ psa_destroy_key( key_id );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_not_supported( int key_type, int bits )
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_svc_key_id_t key_id = INVALID_KEY_ID;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ psa_set_key_type( &attributes, key_type );
+ psa_set_key_bits( &attributes, bits );
+ TEST_EQUAL( psa_generate_key( &attributes, &key_id ),
+ PSA_ERROR_NOT_SUPPORTED );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( key_id, MBEDTLS_SVC_KEY_ID_INIT ) );
+
+exit:
+ psa_destroy_key( key_id );
+ PSA_DONE( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_not_supported.generated.data b/tests/suites/test_suite_psa_crypto_not_supported.generated.data
new file mode 100644
index 0000000..e39c8ed
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_not_supported.generated.data
@@ -0,0 +1,1022 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+PSA import AES 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461"
+
+PSA generate AES 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+generate_not_supported:PSA_KEY_TYPE_AES:128
+
+PSA import AES 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a0646174614865726500697320"
+
+PSA generate AES 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+generate_not_supported:PSA_KEY_TYPE_AES:192
+
+PSA import AES 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate AES 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+generate_not_supported:PSA_KEY_TYPE_AES:256
+
+PSA import ARC4 8-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+import_not_supported:PSA_KEY_TYPE_ARC4:"48"
+
+PSA generate ARC4 8-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+generate_not_supported:PSA_KEY_TYPE_ARC4:8
+
+PSA import ARC4 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+import_not_supported:PSA_KEY_TYPE_ARC4:"48657265006973206b6579a064617461"
+
+PSA generate ARC4 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+generate_not_supported:PSA_KEY_TYPE_ARC4:128
+
+PSA import ARC4 2048-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+import_not_supported:PSA_KEY_TYPE_ARC4:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate ARC4 2048-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+generate_not_supported:PSA_KEY_TYPE_ARC4:2048
+
+PSA import CAMELLIA 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461"
+
+PSA generate CAMELLIA 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+generate_not_supported:PSA_KEY_TYPE_CAMELLIA:128
+
+PSA import CAMELLIA 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a0646174614865726500697320"
+
+PSA generate CAMELLIA 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+generate_not_supported:PSA_KEY_TYPE_CAMELLIA:192
+
+PSA import CAMELLIA 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate CAMELLIA 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+generate_not_supported:PSA_KEY_TYPE_CAMELLIA:256
+
+PSA import CHACHA20 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CHACHA20
+import_not_supported:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate CHACHA20 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CHACHA20
+generate_not_supported:PSA_KEY_TYPE_CHACHA20:256
+
+PSA import DES 64-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901"
+
+PSA generate DES 64-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+generate_not_supported:PSA_KEY_TYPE_DES:64
+
+PSA import DES 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902"
+
+PSA generate DES 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+generate_not_supported:PSA_KEY_TYPE_DES:128
+
+PSA import DES 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902644573206b457904"
+
+PSA generate DES 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+generate_not_supported:PSA_KEY_TYPE_DES:192
+
+PSA import HMAC 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461"
+
+PSA generate HMAC 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:128
+
+PSA import HMAC 160-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265"
+
+PSA generate HMAC 160-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:160
+
+PSA import HMAC 224-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a0"
+
+PSA generate HMAC 224-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:224
+
+PSA import HMAC 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate HMAC 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:256
+
+PSA import HMAC 384-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate HMAC 384-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:384
+
+PSA import HMAC 512-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate HMAC 512-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:512
+
+PSA import RSA_KEY_PAIR 1024-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA generate RSA_KEY_PAIR 1024-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1024
+
+PSA import RSA_KEY_PAIR 1536-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+PSA generate RSA_KEY_PAIR 1536-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1536
+
+PSA import RSA_PUBLIC_KEY 1024-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA generate RSA_PUBLIC_KEY 1024-bit never supported
+generate_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024
+
+PSA import RSA_PUBLIC_KEY 1536-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+PSA generate RSA_PUBLIC_KEY 1536-bit never supported
+generate_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255
+
+PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448
+
+PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255
+
+PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448
+
+PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_255
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+PSA generate ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255
+
+PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_448
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e"
+
+PSA generate ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448
+
+PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_255
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_448
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e"
+
+PSA import ECC_KEY_PAIR(SECP_K1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192
+
+PSA import ECC_KEY_PAIR(SECP_K1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224
+
+PSA import ECC_KEY_PAIR(SECP_K1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256
+
+PSA import ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192
+
+PSA import ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224
+
+PSA import ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_192
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+PSA generate ECC_PUBLIC_KEY(SECP_K1) 192-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_224
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+PSA generate ECC_PUBLIC_KEY(SECP_K1) 224-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+PSA generate ECC_PUBLIC_KEY(SECP_K1) 256-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_192
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_224
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+PSA import ECC_KEY_PAIR(SECP_R1) 225-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225
+
+PSA import ECC_KEY_PAIR(SECP_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256
+
+PSA import ECC_KEY_PAIR(SECP_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384
+
+PSA import ECC_KEY_PAIR(SECP_R1) 521-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521
+
+PSA import ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225
+
+PSA import ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256
+
+PSA import ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384
+
+PSA import ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+PSA generate ECC_PUBLIC_KEY(SECP_R1) 225-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+PSA generate ECC_PUBLIC_KEY(SECP_R1) 256-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+PSA generate ECC_PUBLIC_KEY(SECP_R1) 384-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_521
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+PSA generate ECC_PUBLIC_KEY(SECP_R1) 521-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_521
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+PSA import ECC_KEY_PAIR(SECP_R2) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160
+
+PSA import ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160
+
+PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+PSA generate ECC_PUBLIC_KEY(SECP_R2) 160-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160
+
+PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+PSA import ECC_KEY_PAIR(SECT_K1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163
+
+PSA import ECC_KEY_PAIR(SECT_K1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233
+
+PSA import ECC_KEY_PAIR(SECT_K1) 239-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239
+
+PSA import ECC_KEY_PAIR(SECT_K1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283
+
+PSA import ECC_KEY_PAIR(SECT_K1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409
+
+PSA import ECC_KEY_PAIR(SECT_K1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571
+
+PSA import ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163
+
+PSA import ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233
+
+PSA import ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239
+
+PSA import ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283
+
+PSA import ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409
+
+PSA import ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+PSA generate ECC_PUBLIC_KEY(SECT_K1) 163-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+PSA generate ECC_PUBLIC_KEY(SECT_K1) 233-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+PSA generate ECC_PUBLIC_KEY(SECT_K1) 239-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+PSA generate ECC_PUBLIC_KEY(SECT_K1) 283-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+PSA generate ECC_PUBLIC_KEY(SECT_K1) 409-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+PSA generate ECC_PUBLIC_KEY(SECT_K1) 571-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+PSA import ECC_KEY_PAIR(SECT_R1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163
+
+PSA import ECC_KEY_PAIR(SECT_R1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233
+
+PSA import ECC_KEY_PAIR(SECT_R1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283
+
+PSA import ECC_KEY_PAIR(SECT_R1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409
+
+PSA import ECC_KEY_PAIR(SECT_R1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571
+
+PSA import ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163
+
+PSA import ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233
+
+PSA import ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283
+
+PSA import ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409
+
+PSA import ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+PSA generate ECC_PUBLIC_KEY(SECT_R1) 163-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+PSA generate ECC_PUBLIC_KEY(SECT_R1) 233-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+PSA generate ECC_PUBLIC_KEY(SECT_R1) 283-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+PSA generate ECC_PUBLIC_KEY(SECT_R1) 409-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+PSA generate ECC_PUBLIC_KEY(SECT_R1) 571-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+PSA import ECC_KEY_PAIR(SECT_R2) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34"
+
+PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163
+
+PSA import ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34"
+
+PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163
+
+PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+PSA generate ECC_PUBLIC_KEY(SECT_R2) 163-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163
+
+PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255
+
+PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448
+
+PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255
+
+PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448
+
+PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+PSA generate ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255
+
+PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+PSA generate ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type never supported
+generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448
+
+PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+# End of automatically generated file.
diff --git a/tests/suites/test_suite_psa_crypto_not_supported.misc.data b/tests/suites/test_suite_psa_crypto_not_supported.misc.data
new file mode 100644
index 0000000..2c3673e
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_not_supported.misc.data
@@ -0,0 +1,11 @@
+PSA import PSA_KEY_TYPE_NONE never supported
+import_not_supported:PSA_KEY_TYPE_NONE:"1234"
+
+PSA generate PSA_KEY_TYPE_NONE never supported
+generate_not_supported:PSA_KEY_TYPE_NONE:16
+
+PSA import PSA_KEY_TYPE_CATEGORY_SYMMETRIC never supported
+import_not_supported:PSA_KEY_TYPE_CATEGORY_SYMMETRIC:"1234"
+
+PSA generate PSA_KEY_TYPE_CATEGORY_SYMMETRIC never supported
+generate_not_supported:PSA_KEY_TYPE_CATEGORY_SYMMETRIC:16
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data
index 93f0fc0..b250634 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.data
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -1,26 +1,32 @@
Format for storage: RSA private key
-format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN
+format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000700000006620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN
Format for storage: AES-128 key
-format_storage_data_check:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0
+format_storage_data_check:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800000030000000250050000000010000000404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0
Parse storage: RSA private key
-parse_storage_data_check:"505341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS
+parse_storage_data_check:"505341004b455900000000000100000001700004010000000000000700000006620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS
Parse storage: AES-128 key
-parse_storage_data_check:"505341004b45590000000000010000000024800000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_SUCCESS
+parse_storage_data_check:"505341004b45590000000000010000000024800000030000000250050000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_SUCCESS
Parse storage: wrong version
-parse_storage_data_check:"505341004b455900ffffffff0100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b455900ffffffff0100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
Parse storage: data too big
-parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
Parse storage: bad magic
-parse_storage_data_check:"645341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"645341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
Parse storage: truncated magic
-parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
+
+Parse storage: truncated header
+parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010620200":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
+
+Parse storage: truncated key
+parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
# Not specific to files, but only run this test in an environment where the maximum size could be reached.
Save maximum-size persistent raw key
@@ -31,85 +37,94 @@
save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE + 1:PSA_ERROR_NOT_SUPPORTED
Persistent key destroy
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
persistent_key_destroy:2:1:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
Persistent key destroy after restart
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
persistent_key_destroy:17:1:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
Persistent key import (RSA)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS
Persistent key import with restart (RSA)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS
Persistent key import (RSA) invalid key id (VENDOR_MIN)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
+persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
Persistent key import (RSA) invalid key id (VOLATILE_MIN)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
+persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
Persistent key import (RSA) invalid key id (VENDOR_MAX)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
+persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
Persistent key import garbage data, should fail
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT
import/export persistent raw key: 1 byte
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:0
import/export persistent key RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:0
import/export persistent key RSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:0
import/export persistent raw key file not exist: 1 byte
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:1
import/export persistent key RSA public key file not exist: 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:1
import/export persistent key RSA keypair file not exist: 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:1
import/export-persistent symmetric key: 16 bytes
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0
import/export persistent raw key with restart: 1 byte
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:0
import/export persistent key RSA public key with restart: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:0
import/export persistent key RSA keypair with restart: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:0
import/export persistent raw key file not exist with restart: 1 byte
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:1
import/export persistent key RSA public key file not exist with restart: 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:1
import/export persistent key RSA keypair file not exist with restart: 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:1
import/export-persistent symmetric key with restart: 16 bytes
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0
+
+Destroy invalid id: 0
+destroy_nonexistent:0:PSA_SUCCESS
+
+Destroy non-existent key
+destroy_nonexistent:1:PSA_ERROR_INVALID_HANDLE
+
+Destroy invalid id: 0xffffffff
+destroy_nonexistent:0xffffffff:PSA_ERROR_INVALID_HANDLE
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 8e10158..bd9b9c9 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -9,7 +9,6 @@
#include <stdint.h>
-#include "test/psa_crypto_helpers.h"
#include "psa_crypto_slot_management.h"
#include "psa_crypto_storage.h"
@@ -324,3 +323,18 @@
psa_destroy_persistent_key( key_id );
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void destroy_nonexistent( int id_arg, int expected_status_arg )
+{
+ mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
+ psa_status_t expected_status = expected_status_arg;
+
+ PSA_INIT( );
+
+ TEST_EQUAL( expected_status, psa_destroy_key( id ) );
+
+exit:
+ PSA_DONE( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
index 18d1d74..a57e9b3 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
@@ -148,40 +148,40 @@
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:-1:PSA_ERROR_NOT_SUPPORTED
Key registration: key id out of range
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_ARGUMENT
Key registration: key id min vendor
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_ERROR_INVALID_ARGUMENT
Key registration: key id max vendor except volatile
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_ERROR_INVALID_ARGUMENT
Key registration: key id min volatile
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN:1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN:1:PSA_ERROR_INVALID_ARGUMENT
Key registration: key id max volatile
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MAX:1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MAX:1:PSA_ERROR_INVALID_ARGUMENT
Import-sign-verify: sign in driver, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Import-sign-verify: sign in driver then export_public, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Import-sign-verify: sign in software, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Generate-sign-verify: sign in driver, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Generate-sign-verify: sign in driver then export_public, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Generate-sign-verify: sign in software, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index 1add9b4..79d658f 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -1,5 +1,4 @@
/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
#include "psa/crypto_se_driver.h"
#include "psa_crypto_se.h"
@@ -46,7 +45,7 @@
do { \
if( ! (TEST) ) \
{ \
- test_fail( #TEST, __LINE__, __FILE__ ); \
+ mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \
return( PSA_ERROR_DETECTED_BY_DRIVER ); \
} \
} while( 0 )
@@ -62,7 +61,7 @@
do { \
if( ! (TEST) ) \
{ \
- test_fail( #TEST, __LINE__, __FILE__ ); \
+ mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \
status = PSA_ERROR_DETECTED_BY_DRIVER; \
goto exit; \
} \
@@ -73,10 +72,10 @@
* Run the code \p expr. If this returns \p expected_status,
* do nothing. If this returns #PSA_ERROR_DETECTED_BY_DRIVER,
* jump directly to the `exit` label. If this returns any other
- * status, call test_fail() then jump to `exit`.
+ * status, call mbedtls_test_fail() then jump to `exit`.
*
* The special case for #PSA_ERROR_DETECTED_BY_DRIVER is because in this
- * case, the test driver code is expected to have called test_fail()
+ * case, the test driver code is expected to have called mbedtls_test_fail()
* already, so we make sure not to overwrite the failure information.
*/
#define PSA_ASSERT_VIA_DRIVER( expr, expected_status ) \
@@ -86,7 +85,7 @@
goto exit; \
if( PSA_ASSERT_VIA_DRIVER_status != ( expected_status ) ) \
{ \
- test_fail( #expr, __LINE__, __FILE__ ); \
+ mbedtls_test_fail( #expr, __LINE__, __FILE__ ); \
goto exit; \
} \
} while( 0 )
@@ -293,8 +292,8 @@
{
psa_status_t status;
size_t required_storage =
- PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( attributes ),
- psa_get_key_bits( attributes ) );
+ PSA_EXPORT_KEY_OUTPUT_SIZE( psa_get_key_type( attributes ),
+ psa_get_key_bits( attributes ) );
DRIVER_ASSERT_RETURN( *pubkey_length == 0 );
if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
@@ -768,41 +767,12 @@
return( ok );
}
-static mbedtls_svc_key_id_t key_ids_used_in_test[10];
-static size_t num_key_ids_used;
-
-/* Record a key id as potentially used in a test case. */
-static int test_uses_key_id( mbedtls_svc_key_id_t key_id )
-{
- size_t i;
-
- for( i = 0; i < num_key_ids_used ; i++ )
- {
- if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) )
- return( 1 );
- }
-
- if( num_key_ids_used >= ARRAY_LENGTH( key_ids_used_in_test ) )
- return( 0 );
-
- key_ids_used_in_test[num_key_ids_used] = key_id;
- ++num_key_ids_used;
-
- return( 1 );
-}
-
-#define TEST_USES_KEY_ID( key_id ) \
- TEST_ASSERT( test_uses_key_id( key_id ) )
-
static void psa_purge_storage( void )
{
- size_t i;
+ /* The generic code in mbedtls_test_psa_purge_key_storage()
+ * (which is called by PSA_DONE()) doesn't take care of things that are
+ * specific to dynamic secure elements. */
psa_key_location_t location;
-
- for( i = 0; i < num_key_ids_used; i++ )
- psa_destroy_persistent_key( key_ids_used_in_test[i] );
- num_key_ids_used = 0;
-
/* Purge the transaction file. */
psa_crypto_stop_transaction( );
/* Purge driver persistent data. */
@@ -1497,6 +1467,7 @@
( validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED );
}
+ mbedtls_test_set_step( 1 );
PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LOCATION, &driver ) );
PSA_ASSERT( psa_crypto_init( ) );
@@ -1526,7 +1497,8 @@
PSA_ASSERT( psa_purge_key( id ) );
/* Restart and try again. */
- PSA_DONE( );
+ mbedtls_test_set_step( 2 );
+ PSA_SESSION_DONE( );
PSA_ASSERT( psa_register_se_driver( location, &driver ) );
PSA_ASSERT( psa_crypto_init( ) );
if( ! check_key_attributes( id, &attributes ) )
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
index 629c924..12c58eb 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
@@ -1,5 +1,4 @@
/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
#include "psa/crypto_se_driver.h"
#include "psa_crypto_se.h"
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index 396cdfb..1477734 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -47,37 +47,58 @@
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
Persistent slot: ECP keypair (ECDSA, exportable), close
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING
Persistent slot: ECP keypair (ECDSA, exportable), close+restart
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
Persistent slot: ECP keypair (ECDSA, exportable), purge
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING
Persistent slot: ECP keypair (ECDSA, exportable), restart
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close
-depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart
-depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), purge
-depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart
-depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
+Persistent slot, check after closing, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
+
+Persistent slot, check after closing and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot, check after destroying, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
+
+Persistent slot, check after destroying and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
+
+Persistent slot, check after purging, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
+
+Persistent slot, check after purging and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN
+
+Persistent slot, check after restart with live handle, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
+
Attempt to overwrite: close before
create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE
@@ -89,15 +110,15 @@
Open failure: invalid identifier (0)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:0:PSA_ERROR_INVALID_HANDLE
+open_fail:0:PSA_ERROR_DOES_NOT_EXIST
Open failure: invalid identifier (random seed UID)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE
+open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_DOES_NOT_EXIST
Open failure: invalid identifier (reserved range)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_HANDLE
+open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_DOES_NOT_EXIST
Open failure: invalid identifier (implementation range)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
@@ -107,30 +128,39 @@
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
open_fail:1:PSA_ERROR_DOES_NOT_EXIST
-Create failure: invalid lifetime
-create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
-
-Create failure: invalid key id (0)
+Create failure: read-only key
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_HANDLE
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid location for a persistent key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0xbad10cU):1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid location for a volatile key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0xbad10cU):0:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (0) for a persistent key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (1) for a volatile key
create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (random seed UID)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (reserved range)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_HANDLE
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (implementation range)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_HANDLE
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_ARGUMENT
Open not supported
-depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C:!MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
open_fail:1:PSA_ERROR_NOT_SUPPORTED
Create not supported
@@ -157,32 +187,32 @@
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10001:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
Copy persistent to persistent with enrollment algorithm
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x100000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0x100000:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
Copy volatile to occupied
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
Copy persistent to occupied
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
Copy persistent to same
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f"
invalid handle: 0
-invalid_handle:INVALID_HANDLE_0:PSA_SUCCESS:PSA_ERROR_INVALID_HANDLE
+invalid_handle:INVALID_HANDLE_0:PSA_SUCCESS
invalid handle: never opened
-invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT_EXIST
+invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_INVALID_HANDLE
invalid handle: already closed
-invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT_EXIST
+invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_INVALID_HANDLE
invalid handle: huge
-invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE
+invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE
Open many transient keys
many_transient_keys:42
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 57d4789..aa3ce28 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -1,7 +1,6 @@
/* BEGIN_HEADER */
#include <stdint.h>
-#include "test/psa_crypto_helpers.h"
#include "psa_crypto_slot_management.h"
#include "psa_crypto_storage.h"
@@ -44,51 +43,6 @@
INVALID_HANDLE_HUGE,
} invalid_handle_construction_t;
-/* All test functions that create persistent keys must call
- * `TEST_USES_KEY_ID( key_id )` before creating a persistent key with this
- * identifier, and must call psa_purge_key_storage() in their cleanup
- * code. */
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-static mbedtls_svc_key_id_t key_ids_used_in_test[9];
-static size_t num_key_ids_used;
-
-/* Record a key id as potentially used in a test case. */
-static int test_uses_key_id( mbedtls_svc_key_id_t key_id )
-{
- size_t i;
- if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ) >
- PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
- {
- /* Don't touch key id values that designate non-key files. */
- return( 1 );
- }
- for( i = 0; i < num_key_ids_used ; i++ )
- {
- if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) )
- return( 1 );
- }
- if( num_key_ids_used == ARRAY_LENGTH( key_ids_used_in_test ) )
- return( 0 );
- key_ids_used_in_test[num_key_ids_used] = key_id;
- ++num_key_ids_used;
- return( 1 );
-}
-#define TEST_USES_KEY_ID( key_id ) \
- TEST_ASSERT( test_uses_key_id( key_id ) )
-
-/* Destroy all key ids that may have been created by the current test case. */
-static void psa_purge_key_storage( void )
-{
- size_t i;
- for( i = 0; i < num_key_ids_used; i++ )
- psa_destroy_persistent_key( key_ids_used_in_test[i] );
- num_key_ids_used = 0;
-}
-#else
-#define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) )
-#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-
/** Apply \p invalidate_method to invalidate the specified key:
* close it, destroy it, or do nothing;
*/
@@ -132,7 +86,7 @@
case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
/* All keys must have been closed. */
- PSA_DONE( );
+ PSA_SESSION_DONE( );
break;
case INVALIDATE_BY_SHUTDOWN:
/* Some keys may remain behind, and we're testing that this
@@ -169,6 +123,7 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_test_set_step( 1 );
PSA_ASSERT( psa_crypto_init( ) );
/* Import a key. */
@@ -215,6 +170,7 @@
psa_reset_key_attributes( &attributes );
/* Do something that invalidates the key. */
+ mbedtls_test_set_step( 2 );
if( ! invalidate_key( invalidate_method, key ) )
goto exit;
if( ! invalidate_psa( invalidate_method ) )
@@ -222,8 +178,8 @@
/* Test that the key is now invalid. */
TEST_EQUAL( psa_get_key_attributes( key, &attributes ),
- PSA_ERROR_DOES_NOT_EXIST );
- TEST_EQUAL( psa_close_key( key ), PSA_ERROR_DOES_NOT_EXIST );
+ PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_close_key( key ), PSA_ERROR_INVALID_HANDLE );
exit:
/*
@@ -264,6 +220,7 @@
TEST_USES_KEY_ID( id );
+ mbedtls_test_set_step( 1 );
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_id( &attributes, id );
@@ -285,7 +242,8 @@
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), id ) );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( usage_flags ) );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
@@ -304,7 +262,8 @@
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), id ) );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( usage_flags ) );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
@@ -313,6 +272,7 @@
* Do something that wipes key data in volatile memory or destroy the
* key.
*/
+ mbedtls_test_set_step( 2 );
if( ! invalidate_key( invalidate_method, id ) )
goto exit;
if( ! invalidate_psa( invalidate_method ) )
@@ -335,7 +295,8 @@
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ),
psa_get_key_id( &read_attributes ) ) );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( usage_flags ) );
TEST_EQUAL( psa_get_key_algorithm( &attributes ),
psa_get_key_algorithm( &read_attributes ) );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ),
@@ -344,9 +305,9 @@
psa_get_key_type( &read_attributes ) );
TEST_EQUAL( psa_get_key_bits( &attributes ),
psa_get_key_bits( &read_attributes ) );
+ ASSERT_ALLOC( reexported, key_data->len );
if( usage_flags & PSA_KEY_USAGE_EXPORT )
{
- ASSERT_ALLOC( reexported, key_data->len );
PSA_ASSERT( psa_export_key( id, reexported, key_data->len,
&reexported_length ) );
ASSERT_COMPARE( key_data->x, key_data->len,
@@ -354,7 +315,8 @@
}
else
{
- TEST_EQUAL( psa_export_key( id, NULL, 0, &reexported_length ),
+ TEST_EQUAL( psa_export_key( id, reexported,
+ key_data->len, &reexported_length ),
PSA_ERROR_NOT_PERMITTED );
}
PSA_ASSERT( psa_close_key( handle ) );
@@ -367,10 +329,10 @@
* existing key.
*/
TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ),
- PSA_ERROR_DOES_NOT_EXIST );
- TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_DOES_NOT_EXIST );
+ PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE );
TEST_EQUAL( psa_get_key_attributes( id, &read_attributes ),
- PSA_ERROR_DOES_NOT_EXIST );
+ PSA_ERROR_INVALID_HANDLE );
break;
}
@@ -383,7 +345,6 @@
psa_reset_key_attributes( &read_attributes );
PSA_DONE( );
- psa_purge_key_storage( );
mbedtls_free( reexported );
}
/* END_CASE */
@@ -457,7 +418,6 @@
psa_reset_key_attributes( &attributes );
PSA_DONE( );
- psa_purge_key_storage( );
}
/* END_CASE */
@@ -516,9 +476,6 @@
exit:
PSA_DONE( );
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- psa_purge_key_storage( );
-#endif
}
/* END_CASE */
@@ -654,9 +611,6 @@
PSA_DONE( );
mbedtls_free( export_buffer );
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- psa_purge_key_storage( );
-#endif
}
/* END_CASE */
@@ -772,21 +726,17 @@
PSA_DONE( );
mbedtls_free( export_buffer );
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- psa_purge_key_storage( );
-#endif
}
/* END_CASE */
/* BEGIN_CASE */
void invalid_handle( int handle_construction,
- int close_status_arg, int usage_status_arg )
+ int close_status_arg )
{
psa_key_handle_t valid_handle = PSA_KEY_HANDLE_INIT;
psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT;
psa_key_id_t key_id;
psa_status_t close_status = close_status_arg;
- psa_status_t usage_status = usage_status_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t material[1] = "a";
@@ -845,7 +795,7 @@
/* Attempt to use the invalid handle. */
TEST_EQUAL( psa_get_key_attributes( invalid_handle, &attributes ),
- usage_status );
+ PSA_ERROR_INVALID_HANDLE );
TEST_EQUAL( psa_close_key( invalid_handle ), close_status );
TEST_EQUAL( psa_destroy_key( invalid_handle ), close_status );
@@ -933,9 +883,9 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
/*
- * Create PSA_KEY_SLOT_COUNT persistent keys.
+ * Create MBEDTLS_PSA_KEY_SLOT_COUNT persistent keys.
*/
- for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
+ for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
{
key = mbedtls_svc_key_id_make( i, i + 1 );
psa_set_key_id( &attributes, key );
@@ -951,7 +901,7 @@
* is removed from the RAM key slots. This makes room to store its
* description in RAM.
*/
- i = PSA_KEY_SLOT_COUNT;
+ i = MBEDTLS_PSA_KEY_SLOT_COUNT;
key = mbedtls_svc_key_id_make( i, i + 1 );
psa_set_key_id( &attributes, key );
psa_set_key_lifetime( &attributes, lifetime );
@@ -966,15 +916,15 @@
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( returned_key_id ) ) );
/*
- * Check that we can export all ( PSA_KEY_SLOT_COUNT + 1 ) keys,
+ * Check that we can export all ( MBEDTLS_PSA_KEY_SLOT_COUNT + 1 ) keys,
* that they have the expected value and destroy them. In that process,
* the description of the persistent key that was evicted from the RAM
* slots when creating the last key is restored in a RAM slot to export
* its value.
*/
- for( i = 0; i <= PSA_KEY_SLOT_COUNT; i++ )
+ for( i = 0; i <= MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
{
- if( i < PSA_KEY_SLOT_COUNT )
+ if( i < MBEDTLS_PSA_KEY_SLOT_COUNT )
key = mbedtls_svc_key_id_make( i, i + 1 );
else
key = returned_key_id;
@@ -1005,9 +955,9 @@
mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
mbedtls_svc_key_id_t *keys = NULL;
- TEST_ASSERT( PSA_KEY_SLOT_COUNT >= 1 );
+ TEST_ASSERT( MBEDTLS_PSA_KEY_SLOT_COUNT >= 1 );
- ASSERT_ALLOC( keys, PSA_KEY_SLOT_COUNT );
+ ASSERT_ALLOC( keys, MBEDTLS_PSA_KEY_SLOT_COUNT );
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes,
@@ -1027,10 +977,10 @@
TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) );
/*
- * Create PSA_KEY_SLOT_COUNT volatile keys
+ * Create MBEDTLS_PSA_KEY_SLOT_COUNT volatile keys
*/
psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE );
- for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
+ for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
{
PSA_ASSERT( psa_import_key( &attributes,
(uint8_t *) &i, sizeof( i ),
@@ -1050,12 +1000,12 @@
* Check we can export the volatile key created last and that it has the
* expected value. Then, destroy it.
*/
- PSA_ASSERT( psa_export_key( keys[PSA_KEY_SLOT_COUNT - 1],
+ PSA_ASSERT( psa_export_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1],
exported, sizeof( exported ),
&exported_length ) );
- i = PSA_KEY_SLOT_COUNT - 1;
+ i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1;
ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) );
- PSA_ASSERT( psa_destroy_key( keys[PSA_KEY_SLOT_COUNT - 1] ) );
+ PSA_ASSERT( psa_destroy_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1] ) );
/*
* Check that we can now access the persistent key again.
@@ -1078,7 +1028,7 @@
* Check we can export the remaining volatile keys and that they have the
* expected values.
*/
- for( i = 0; i < ( PSA_KEY_SLOT_COUNT - 1 ); i++ )
+ for( i = 0; i < ( MBEDTLS_PSA_KEY_SLOT_COUNT - 1 ); i++ )
{
PSA_ASSERT( psa_export_key( keys[i],
exported, sizeof( exported ),
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.current.data b/tests/suites/test_suite_psa_crypto_storage_format.current.data
new file mode 100644
index 0000000..ec74aba
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_storage_format.current.data
@@ -0,0 +1,1907 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+PSA storage save: lifetime: (DEFAULT, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c"
+
+PSA storage save: lifetime: (2, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c"
+
+PSA storage save: lifetime: (254, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c"
+
+PSA storage save: lifetime: PERSISTENT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c"
+
+PSA storage save: usage: 0
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b"
+
+PSA storage save: usage: COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b"
+
+PSA storage save: usage: DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b"
+
+PSA storage save: usage: DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b"
+
+PSA storage save: usage: ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b"
+
+PSA storage save: usage: EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b"
+
+PSA storage save: usage: SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b"
+
+PSA storage save: usage: SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b"
+
+PSA storage save: usage: VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b"
+
+PSA storage save: usage: VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b"
+
+PSA storage save: usage: COPY | DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b"
+
+PSA storage save: usage: DECRYPT | DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b"
+
+PSA storage save: usage: DERIVE | ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b"
+
+PSA storage save: usage: ENCRYPT | EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b"
+
+PSA storage save: usage: EXPORT | SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b"
+
+PSA storage save: usage: SIGN_HASH | SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b"
+
+PSA storage save: usage: SIGN_MESSAGE | VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b"
+
+PSA storage save: usage: VERIFY_HASH | VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b"
+
+PSA storage save: usage: VERIFY_MESSAGE | COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b"
+
+PSA storage save: usage: all known
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800037f00000000000000000000010000004b"
+
+PSA storage save: type: AES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461"
+
+PSA storage save: type: AES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320"
+
+PSA storage save: type: AES 256-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA storage save: type: ARC4 8-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048"
+
+PSA storage save: type: ARC4 128-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461"
+
+PSA storage save: type: ARC4 2048-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA storage save: type: CAMELLIA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461"
+
+PSA storage save: type: CAMELLIA 192-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320"
+
+PSA storage save: type: CAMELLIA 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA storage save: type: CHACHA20 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CHACHA20
+key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA storage save: type: DERIVE 120-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174"
+
+PSA storage save: type: DERIVE 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461"
+
+PSA storage save: type: DES 64-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901"
+
+PSA storage save: type: DES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902"
+
+PSA storage save: type: DES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904"
+
+PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 224-bit
+depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 384-bit
+depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 521-bit
+depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+PSA storage save: type: ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 239-bit
+depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+PSA storage save: type: ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit
+depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit
+depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit
+depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit
+depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit
+depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit
+depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit
+depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+PSA storage save: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+PSA storage save: type: HMAC 128-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461"
+
+PSA storage save: type: HMAC 160-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265"
+
+PSA storage save: type: HMAC 224-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+PSA storage save: type: HMAC 256-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA storage save: type: HMAC 384-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA storage save: type: HMAC 512-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA storage save: type: RAW_DATA 8-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048"
+
+PSA storage save: type: RAW_DATA 40-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500"
+
+PSA storage save: type: RAW_DATA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461"
+
+PSA storage save: type: RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA storage save: type: RSA_KEY_PAIR 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+PSA storage save: type: RSA_PUBLIC_KEY 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA storage save: type: RSA_PUBLIC_KEY 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b"
+
+PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c"
+
+PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b"
+
+PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c"
+
+PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b"
+
+PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c"
+
+PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b"
+
+PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c"
+
+PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CCM, 1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b"
+
+PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c"
+
+PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b"
+
+PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c"
+
+PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(GCM, 1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b"
+
+PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(GCM, 1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c"
+
+PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CCM, 63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b"
+
+PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c"
+
+PSA storage save: alg: ANY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b"
+
+PSA storage save: alg2: ANY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000180810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000280810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c"
+
+PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b"
+
+PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c"
+
+PSA storage save: alg: CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b"
+
+PSA storage save: alg2: CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c"
+
+PSA storage save: alg: CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b"
+
+PSA storage save: alg2: CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c"
+
+PSA storage save: alg: CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b"
+
+PSA storage save: alg2: CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c"
+
+PSA storage save: alg: CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b"
+
+PSA storage save: alg2: CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c"
+
+PSA storage save: alg: CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b"
+
+PSA storage save: alg2: CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c"
+
+PSA storage save: alg: CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b"
+
+PSA storage save: alg2: CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c"
+
+PSA storage save: alg: CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b"
+
+PSA storage save: alg2: CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c"
+
+PSA storage save: alg: CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b"
+
+PSA storage save: alg2: CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000105000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000205000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000107000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000207000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c"
+
+PSA storage save: alg: DETERMINISTIC_ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b"
+
+PSA storage save: alg2: DETERMINISTIC_ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c"
+
+PSA storage save: alg: DSA(MD2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000104000600000000010000004b"
+
+PSA storage save: alg2: DSA(MD2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001040006010000004c"
+
+PSA storage save: alg: DSA(MD4)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000204000600000000010000004b"
+
+PSA storage save: alg2: DSA(MD4)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002040006010000004c"
+
+PSA storage save: alg: DSA(MD5)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b"
+
+PSA storage save: alg2: DSA(MD5)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c"
+
+PSA storage save: alg: DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b"
+
+PSA storage save: alg2: DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c"
+
+PSA storage save: alg: DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b"
+
+PSA storage save: alg2: DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c"
+
+PSA storage save: alg: DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b"
+
+PSA storage save: alg2: DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c"
+
+PSA storage save: alg: DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b"
+
+PSA storage save: alg2: DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c"
+
+PSA storage save: alg: DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b"
+
+PSA storage save: alg2: DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c"
+
+PSA storage save: alg: DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b"
+
+PSA storage save: alg2: DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c"
+
+PSA storage save: alg: ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b"
+
+PSA storage save: alg2: ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c"
+
+PSA storage save: alg: ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b"
+
+PSA storage save: alg2: ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c"
+
+PSA storage save: alg: ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000106000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001060006010000004c"
+
+PSA storage save: alg: ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000206000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002060006010000004c"
+
+PSA storage save: alg: ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c"
+
+PSA storage save: alg: ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c"
+
+PSA storage save: alg: ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c"
+
+PSA storage save: alg: ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c"
+
+PSA storage save: alg: ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c"
+
+PSA storage save: alg: ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c"
+
+PSA storage save: alg: ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c"
+
+PSA storage save: alg: ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b"
+
+PSA storage save: alg2: ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c"
+
+PSA storage save: alg: ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b"
+
+PSA storage save: alg2: ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c"
+
+PSA storage save: alg: ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b"
+
+PSA storage save: alg2: ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c"
+
+PSA storage save: alg: ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b"
+
+PSA storage save: alg2: ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c"
+
+PSA storage save: alg: FFDH
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b"
+
+PSA storage save: alg2: FFDH
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c"
+
+PSA storage save: alg: GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b"
+
+PSA storage save: alg2: GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c"
+
+PSA storage save: alg: HKDF(MD2)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000101000800000000010000004b"
+
+PSA storage save: alg2: HKDF(MD2)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001010008010000004c"
+
+PSA storage save: alg: HKDF(MD4)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000201000800000000010000004b"
+
+PSA storage save: alg2: HKDF(MD4)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002010008010000004c"
+
+PSA storage save: alg: HKDF(MD5)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b"
+
+PSA storage save: alg2: HKDF(MD5)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c"
+
+PSA storage save: alg: HKDF(RIPEMD160)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b"
+
+PSA storage save: alg2: HKDF(RIPEMD160)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c"
+
+PSA storage save: alg: HKDF(SHA_1)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b"
+
+PSA storage save: alg2: HKDF(SHA_1)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c"
+
+PSA storage save: alg: HKDF(SHA_224)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b"
+
+PSA storage save: alg2: HKDF(SHA_224)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c"
+
+PSA storage save: alg: HKDF(SHA_256)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b"
+
+PSA storage save: alg2: HKDF(SHA_256)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c"
+
+PSA storage save: alg: HKDF(SHA_384)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b"
+
+PSA storage save: alg2: HKDF(SHA_384)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c"
+
+PSA storage save: alg: HKDF(SHA_512)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b"
+
+PSA storage save: alg2: HKDF(SHA_512)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c"
+
+PSA storage save: alg: HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000100800300000000010000004b"
+
+PSA storage save: alg2: HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001008003010000004c"
+
+PSA storage save: alg: HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000200800300000000010000004b"
+
+PSA storage save: alg2: HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002008003010000004c"
+
+PSA storage save: alg: HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b"
+
+PSA storage save: alg2: HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c"
+
+PSA storage save: alg: HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b"
+
+PSA storage save: alg2: HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c"
+
+PSA storage save: alg: HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b"
+
+PSA storage save: alg2: HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c"
+
+PSA storage save: alg: HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b"
+
+PSA storage save: alg2: HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c"
+
+PSA storage save: alg: HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b"
+
+PSA storage save: alg2: HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c"
+
+PSA storage save: alg: HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b"
+
+PSA storage save: alg2: HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c"
+
+PSA storage save: alg: HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b"
+
+PSA storage save: alg2: HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c"
+
+PSA storage save: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b"
+
+PSA storage save: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c"
+
+PSA storage save: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b"
+
+PSA storage save: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c"
+
+PSA storage save: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b"
+
+PSA storage save: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c"
+
+PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b"
+
+PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c"
+
+PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b"
+
+PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c"
+
+PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b"
+
+PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c"
+
+PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b"
+
+PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c"
+
+PSA storage save: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b"
+
+PSA storage save: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c"
+
+PSA storage save: alg: MD2
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD2:0x0000:"4b":"505341004b455900000000000100000001100800010000000100000200000000010000004b"
+
+PSA storage save: alg2: MD2
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD2:"4c":"505341004b455900000000000100000001100800010000000000000001000002010000004c"
+
+PSA storage save: alg: MD4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD4:0x0000:"4b":"505341004b455900000000000100000001100800010000000200000200000000010000004b"
+
+PSA storage save: alg2: MD4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD4:"4c":"505341004b455900000000000100000001100800010000000000000002000002010000004c"
+
+PSA storage save: alg: MD5
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b"
+
+PSA storage save: alg2: MD5
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c"
+
+PSA storage save: alg: OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b"
+
+PSA storage save: alg2: OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c"
+
+PSA storage save: alg: PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b"
+
+PSA storage save: alg2: PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c"
+
+PSA storage save: alg: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b"
+
+PSA storage save: alg2: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c"
+
+PSA storage save: alg: RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030007010000004c"
+
+PSA storage save: alg: RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030007010000004c"
+
+PSA storage save: alg: RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c"
+
+PSA storage save: alg: RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c"
+
+PSA storage save: alg: RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c"
+
+PSA storage save: alg: RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c"
+
+PSA storage save: alg: RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c"
+
+PSA storage save: alg: RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c"
+
+PSA storage save: alg: RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b"
+
+PSA storage save: alg2: RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c"
+
+PSA storage save: alg: RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b"
+
+PSA storage save: alg2: RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c"
+
+PSA storage save: alg: RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030006010000004c"
+
+PSA storage save: alg: RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030006010000004c"
+
+PSA storage save: alg: RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c"
+
+PSA storage save: alg: RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c"
+
+PSA storage save: alg: RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c"
+
+PSA storage save: alg: RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c"
+
+PSA storage save: alg: RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c"
+
+PSA storage save: alg: RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c"
+
+PSA storage save: alg: RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c"
+
+PSA storage save: alg: RSA_PSS(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b"
+
+PSA storage save: alg2: RSA_PSS(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c"
+
+PSA storage save: alg: SHA3_224
+depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b"
+
+PSA storage save: alg2: SHA3_224
+depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c"
+
+PSA storage save: alg: SHA3_256
+depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b"
+
+PSA storage save: alg2: SHA3_256
+depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c"
+
+PSA storage save: alg: SHA3_384
+depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b"
+
+PSA storage save: alg2: SHA3_384
+depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c"
+
+PSA storage save: alg: SHA3_512
+depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b"
+
+PSA storage save: alg2: SHA3_512
+depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c"
+
+PSA storage save: alg: SHAKE256_512
+depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b"
+
+PSA storage save: alg2: SHAKE256_512
+depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c"
+
+PSA storage save: alg: SHA_1
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b"
+
+PSA storage save: alg2: SHA_1
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c"
+
+PSA storage save: alg: SHA_224
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b"
+
+PSA storage save: alg2: SHA_224
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c"
+
+PSA storage save: alg: SHA_256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b"
+
+PSA storage save: alg2: SHA_256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c"
+
+PSA storage save: alg: SHA_384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b"
+
+PSA storage save: alg2: SHA_384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c"
+
+PSA storage save: alg: SHA_512
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b"
+
+PSA storage save: alg2: SHA_512
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c"
+
+PSA storage save: alg: SHA_512_224
+depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b"
+
+PSA storage save: alg2: SHA_512_224
+depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c"
+
+PSA storage save: alg: SHA_512_256
+depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b"
+
+PSA storage save: alg2: SHA_512_256
+depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c"
+
+PSA storage save: alg: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b"
+
+PSA storage save: alg2: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c"
+
+PSA storage save: alg: TLS12_PRF(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020008010000004c"
+
+PSA storage save: alg: TLS12_PRF(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020008010000004c"
+
+PSA storage save: alg: TLS12_PRF(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c"
+
+PSA storage save: alg: TLS12_PRF(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c"
+
+PSA storage save: alg: TLS12_PRF(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c"
+
+PSA storage save: alg: TLS12_PRF(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c"
+
+PSA storage save: alg: TLS12_PRF(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c"
+
+PSA storage save: alg: TLS12_PRF(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c"
+
+PSA storage save: alg: TLS12_PRF(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PRF(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c"
+
+PSA storage save: alg: TLS12_PSK_TO_MS(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b"
+
+PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(CBC_MAC, 1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(CBC_MAC, 1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(CMAC, 1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(CMAC, 1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(MD2), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000100810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(MD2), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(MD4), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000200810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(MD4), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(MD5), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(MD5), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(RIPEMD160), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(RIPEMD160), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_1), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_1), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_224), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_224), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_256), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_256), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_384), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_384), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_512), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_512), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c"
+
+PSA storage save: alg: TRUNCATED_MAC(CBC_MAC, 63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b"
+
+PSA storage save: alg2: TRUNCATED_MAC(CBC_MAC, 63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c"
+
+PSA storage save: alg: XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b"
+
+PSA storage save: alg2: XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c"
+
+# End of automatically generated file.
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function
new file mode 100644
index 0000000..b90ef6e
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_storage_format.function
@@ -0,0 +1,235 @@
+/* BEGIN_HEADER */
+
+#include <psa/crypto.h>
+
+#include <test/psa_crypto_helpers.h>
+#include <test/psa_exercise_key.h>
+
+#include <psa_crypto_its.h>
+
+#define TEST_FLAG_EXERCISE 0x00000001
+#define TEST_FLAG_READ_ONLY 0x00000002
+
+/** Write a key with the given attributes and key material to storage.
+ * Test that it has the expected representation.
+ *
+ * On error, including if the key representation in storage differs,
+ * mark the test case as failed and return 0. On success, return 1.
+ */
+static int test_written_key( const psa_key_attributes_t *attributes,
+ const data_t *material,
+ psa_storage_uid_t uid,
+ const data_t *expected_representation )
+{
+ mbedtls_svc_key_id_t created_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+ uint8_t *actual_representation = NULL;
+ size_t length;
+ struct psa_storage_info_t storage_info;
+ int ok = 0;
+
+ /* Create a key with the given parameters. */
+ PSA_ASSERT( psa_import_key( attributes, material->x, material->len,
+ &created_key_id ) );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( attributes ),
+ created_key_id ) );
+
+ /* Check that the key is represented as expected. */
+ PSA_ASSERT( psa_its_get_info( uid, &storage_info ) );
+ TEST_EQUAL( storage_info.size, expected_representation->len );
+ ASSERT_ALLOC( actual_representation, storage_info.size );
+ PSA_ASSERT( psa_its_get( uid, 0, storage_info.size,
+ actual_representation, &length ) );
+ ASSERT_COMPARE( expected_representation->x, expected_representation->len,
+ actual_representation, length );
+
+ ok = 1;
+
+exit:
+ mbedtls_free( actual_representation );
+ return( ok );
+}
+
+/** Check if a key is exportable. */
+static int can_export( const psa_key_attributes_t *attributes )
+{
+ if( psa_get_key_usage_flags( attributes ) & PSA_KEY_USAGE_EXPORT )
+ return( 1 );
+ else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( attributes ) ) )
+ return( 1 );
+ else
+ return( 0 );
+}
+
+/** Write a key with the given representation to storage, then check
+ * that it has the given attributes and (if exportable) key material.
+ *
+ * On error, including if the key representation in storage differs,
+ * mark the test case as failed and return 0. On success, return 1.
+ */
+static int test_read_key( const psa_key_attributes_t *expected_attributes,
+ const data_t *expected_material,
+ psa_storage_uid_t uid,
+ const data_t *representation,
+ int flags )
+{
+ psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_svc_key_id_t key_id = psa_get_key_id( expected_attributes );
+ struct psa_storage_info_t storage_info;
+ int ok = 0;
+ uint8_t *exported_material = NULL;
+ size_t length;
+
+ /* Prime the storage with a key file. */
+ PSA_ASSERT( psa_its_set( uid, representation->len, representation->x, 0 ) );
+
+ /* Check that the injected key exists and looks as expected. */
+ PSA_ASSERT( psa_get_key_attributes( key_id, &actual_attributes ) );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( key_id,
+ psa_get_key_id( &actual_attributes ) ) );
+ TEST_EQUAL( psa_get_key_lifetime( expected_attributes ),
+ psa_get_key_lifetime( &actual_attributes ) );
+ TEST_EQUAL( psa_get_key_type( expected_attributes ),
+ psa_get_key_type( &actual_attributes ) );
+ TEST_EQUAL( psa_get_key_bits( expected_attributes ),
+ psa_get_key_bits( &actual_attributes ) );
+ TEST_EQUAL( psa_get_key_usage_flags( expected_attributes ),
+ psa_get_key_usage_flags( &actual_attributes ) );
+ TEST_EQUAL( psa_get_key_algorithm( expected_attributes ),
+ psa_get_key_algorithm( &actual_attributes ) );
+ TEST_EQUAL( psa_get_key_enrollment_algorithm( expected_attributes ),
+ psa_get_key_enrollment_algorithm( &actual_attributes ) );
+ if( can_export( expected_attributes ) )
+ {
+ ASSERT_ALLOC( exported_material, expected_material->len );
+ PSA_ASSERT( psa_export_key( key_id,
+ exported_material, expected_material->len,
+ &length ) );
+ ASSERT_COMPARE( expected_material->x, expected_material->len,
+ exported_material, length );
+ }
+
+ if( flags & TEST_FLAG_EXERCISE )
+ {
+ TEST_ASSERT( mbedtls_test_psa_exercise_key(
+ key_id,
+ psa_get_key_usage_flags( expected_attributes ),
+ psa_get_key_algorithm( expected_attributes ) ) );
+ }
+
+
+ if( flags & TEST_FLAG_READ_ONLY )
+ {
+ /* Read-only keys cannot be removed through the API.
+ * The key will be removed through ITS in the cleanup code below. */
+ TEST_EQUAL( PSA_ERROR_NOT_PERMITTED, psa_destroy_key( key_id ) );
+ }
+ else
+ {
+ /* Destroy the key. Confirm through direct access to the storage. */
+ PSA_ASSERT( psa_destroy_key( key_id ) );
+ TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST,
+ psa_its_get_info( uid, &storage_info ) );
+ }
+
+ ok = 1;
+
+exit:
+ psa_reset_key_attributes( &actual_attributes );
+ psa_its_remove( uid );
+ mbedtls_free( exported_material );
+ return( ok );
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void key_storage_save( int lifetime_arg, int type_arg, int bits_arg,
+ int usage_arg, int alg_arg, int alg2_arg,
+ data_t *material,
+ data_t *representation )
+{
+ /* Forward compatibility: save a key in the current format and
+ * check that it has the expected format so that future versions
+ * will still be able to read it. */
+
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_type_t type = type_arg;
+ size_t bits = bits_arg;
+ psa_key_usage_t usage = usage_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_algorithm_t alg2 = alg2_arg;
+ mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 0, 1 );
+ psa_storage_uid_t uid = 1;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_INIT( );
+ TEST_USES_KEY_ID( key_id );
+
+ psa_set_key_lifetime( &attributes, lifetime );
+ psa_set_key_id( &attributes, key_id );
+ psa_set_key_type( &attributes, type );
+ psa_set_key_bits( &attributes, bits );
+ psa_set_key_usage_flags( &attributes, usage );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_enrollment_algorithm( &attributes, alg2 );
+
+ /* This is the current storage format. Test that we know exactly how
+ * the key is stored. The stability of the test data in future
+ * versions of Mbed TLS will guarantee that future versions
+ * can read back what this version wrote. */
+ TEST_ASSERT( test_written_key( &attributes, material,
+ uid, representation ) );
+
+exit:
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key_id );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_storage_read( int lifetime_arg, int type_arg, int bits_arg,
+ int usage_arg, int alg_arg, int alg2_arg,
+ data_t *material,
+ data_t *representation, int flags )
+{
+ /* Backward compatibility: read a key in the format of a past version
+ * and check that this version can use it. */
+
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_type_t type = type_arg;
+ size_t bits = bits_arg;
+ psa_key_usage_t usage = usage_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_algorithm_t alg2 = alg2_arg;
+ mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 0, 1 );
+ psa_storage_uid_t uid = 1;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_INIT( );
+ TEST_USES_KEY_ID( key_id );
+
+ psa_set_key_lifetime( &attributes, lifetime );
+ psa_set_key_id( &attributes, key_id );
+ psa_set_key_type( &attributes, type );
+ psa_set_key_bits( &attributes, bits );
+ psa_set_key_usage_flags( &attributes, usage );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_enrollment_algorithm( &attributes, alg2 );
+
+ /* Test that we can use a key with the given representation. This
+ * guarantees backward compatibility with keys that were stored by
+ * past versions of Mbed TLS. */
+ TEST_ASSERT( test_read_key( &attributes, material,
+ uid, representation, flags ) );
+
+exit:
+ psa_reset_key_attributes( &attributes );
+ PSA_DONE( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.misc.data b/tests/suites/test_suite_psa_crypto_storage_format.misc.data
new file mode 100644
index 0000000..48e3804
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_storage_format.misc.data
@@ -0,0 +1,11 @@
+# The following two manually crafted test cases are redundant with
+# systematically generated test cases, but useful to have as an anchor when
+# debugging changes to the test code or to the test case generation.
+
+PSA storage read: AES-GCM+CTR
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:PSA_WANT_ALG_CTR
+key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f":1
+
+PSA storage save: AES-GCM+CTR
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f"
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.v0.data b/tests/suites/test_suite_psa_crypto_storage_format.v0.data
new file mode 100644
index 0000000..3dedaf1
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_storage_format.v0.data
@@ -0,0 +1,2239 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+PSA storage read: lifetime: (DEFAULT, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0
+
+PSA storage read: lifetime: (READ_ONLY, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000ff00000001100800010000000000000000000000010000004c":TEST_FLAG_READ_ONLY
+
+PSA storage read: lifetime: (2, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c":0
+
+PSA storage read: lifetime: (254, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c":0
+
+PSA storage read: lifetime: PERSISTENT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0
+
+PSA storage read: usage with implication: 0
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0
+
+PSA storage read: usage without implication: 0
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0
+
+PSA storage read: usage without implication: COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0
+
+PSA storage read: usage without implication: DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0
+
+PSA storage read: usage with implication: DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0
+
+PSA storage read: usage without implication: DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0
+
+PSA storage read: usage without implication: ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0
+
+PSA storage read: usage with implication: EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0
+
+PSA storage read: usage without implication: EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
+
+PSA storage read: usage without implication: SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0
+
+PSA storage read: usage without implication: SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0
+
+PSA storage read: usage with implication: VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
+
+PSA storage read: usage without implication: VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0
+
+PSA storage read: usage without implication: VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0
+
+PSA storage read: usage with implication: COPY | DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0
+
+PSA storage read: usage without implication: COPY | DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0
+
+PSA storage read: usage with implication: DECRYPT | DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0
+
+PSA storage read: usage without implication: DECRYPT | DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0
+
+PSA storage read: usage with implication: DERIVE | ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0
+
+PSA storage read: usage without implication: DERIVE | ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0
+
+PSA storage read: usage with implication: ENCRYPT | EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0
+
+PSA storage read: usage without implication: ENCRYPT | EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0
+
+PSA storage read: usage with implication: EXPORT | SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b":0
+
+PSA storage read: usage without implication: EXPORT | SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: SIGN_HASH | SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
+
+PSA storage read: usage without implication: SIGN_HASH | SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
+
+PSA storage read: usage with implication: SIGN_MESSAGE | VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b":0
+
+PSA storage read: usage without implication: SIGN_MESSAGE | VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002400000000000000000000010000004b":0
+
+PSA storage read: usage with implication: VERIFY_HASH | VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
+
+PSA storage read: usage without implication: VERIFY_HASH | VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
+
+PSA storage read: usage with implication: VERIFY_MESSAGE | COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0
+
+PSA storage read: usage without implication: VERIFY_MESSAGE | COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0
+
+PSA storage read: usage: all known
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800037f00000000000000000000010000004b":0
+
+PSA storage read: type: AES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: AES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+PSA storage read: type: AES 256-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ARC4 8-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ARC4 128-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ARC4 2048-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: CAMELLIA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: CAMELLIA 192-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+PSA storage read: type: CAMELLIA 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: CHACHA20 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CHACHA20
+key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: DERIVE 120-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174":TEST_FLAG_EXERCISE
+
+PSA storage read: type: DERIVE 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: DES 64-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901":TEST_FLAG_EXERCISE
+
+PSA storage read: type: DES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE
+
+PSA storage read: type: DES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 224-bit
+depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 384-bit
+depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 521-bit
+depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 239-bit
+depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit
+depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit
+depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit
+depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit
+depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit
+depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit
+depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit
+depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE
+
+PSA storage read: type: HMAC 128-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: HMAC 160-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+PSA storage read: type: HMAC 224-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+PSA storage read: type: HMAC 256-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: HMAC 384-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: HMAC 512-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: type: RAW_DATA 8-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048":0
+
+PSA storage read: type: RAW_DATA 40-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500":0
+
+PSA storage read: type: RAW_DATA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461":0
+
+PSA storage read: type: RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: type: RSA_KEY_PAIR 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+PSA storage read: type: RSA_PUBLIC_KEY 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+PSA storage read: type: RSA_PUBLIC_KEY 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b":0
+
+PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c":0
+
+PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b":0
+
+PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c":0
+
+PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b":0
+
+PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c":0
+
+PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b":0
+
+PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c":0
+
+PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CCM, 1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b":0
+
+PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c":0
+
+PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b":0
+
+PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c":0
+
+PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(GCM, 1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b":0
+
+PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(GCM, 1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c":0
+
+PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CCM, 63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b":0
+
+PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c":0
+
+PSA storage read: alg: ANY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b":0
+
+PSA storage read: alg2: ANY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000180810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000280810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c":0
+
+PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b":0
+
+PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c":0
+
+PSA storage read: alg: CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b":0
+
+PSA storage read: alg2: CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c":0
+
+PSA storage read: alg: CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b":0
+
+PSA storage read: alg2: CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c":0
+
+PSA storage read: alg: CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b":0
+
+PSA storage read: alg2: CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c":0
+
+PSA storage read: alg: CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b":0
+
+PSA storage read: alg2: CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c":0
+
+PSA storage read: alg: CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b":0
+
+PSA storage read: alg2: CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c":0
+
+PSA storage read: alg: CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b":0
+
+PSA storage read: alg2: CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c":0
+
+PSA storage read: alg: CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b":0
+
+PSA storage read: alg2: CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c":0
+
+PSA storage read: alg: CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b":0
+
+PSA storage read: alg2: CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000105000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000205000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000107000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000207000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c":0
+
+PSA storage read: alg: DETERMINISTIC_ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b":0
+
+PSA storage read: alg2: DETERMINISTIC_ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c":0
+
+PSA storage read: alg: DSA(MD2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000104000600000000010000004b":0
+
+PSA storage read: alg2: DSA(MD2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001040006010000004c":0
+
+PSA storage read: alg: DSA(MD4)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000204000600000000010000004b":0
+
+PSA storage read: alg2: DSA(MD4)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002040006010000004c":0
+
+PSA storage read: alg: DSA(MD5)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b":0
+
+PSA storage read: alg2: DSA(MD5)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c":0
+
+PSA storage read: alg: DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b":0
+
+PSA storage read: alg2: DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c":0
+
+PSA storage read: alg: DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b":0
+
+PSA storage read: alg2: DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c":0
+
+PSA storage read: alg: DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b":0
+
+PSA storage read: alg2: DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c":0
+
+PSA storage read: alg: DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b":0
+
+PSA storage read: alg2: DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c":0
+
+PSA storage read: alg: DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b":0
+
+PSA storage read: alg2: DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c":0
+
+PSA storage read: alg: DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b":0
+
+PSA storage read: alg2: DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c":0
+
+PSA storage read: alg: ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b":0
+
+PSA storage read: alg2: ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c":0
+
+PSA storage read: alg: ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b":0
+
+PSA storage read: alg2: ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c":0
+
+PSA storage read: alg: ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000106000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001060006010000004c":0
+
+PSA storage read: alg: ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000206000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002060006010000004c":0
+
+PSA storage read: alg: ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c":0
+
+PSA storage read: alg: ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c":0
+
+PSA storage read: alg: ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c":0
+
+PSA storage read: alg: ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c":0
+
+PSA storage read: alg: ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c":0
+
+PSA storage read: alg: ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c":0
+
+PSA storage read: alg: ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c":0
+
+PSA storage read: alg: ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c":0
+
+PSA storage read: alg: ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b":0
+
+PSA storage read: alg2: ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c":0
+
+PSA storage read: alg: ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b":0
+
+PSA storage read: alg2: ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c":0
+
+PSA storage read: alg: ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b":0
+
+PSA storage read: alg2: ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c":0
+
+PSA storage read: alg: FFDH
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b":0
+
+PSA storage read: alg2: FFDH
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c":0
+
+PSA storage read: alg: GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b":0
+
+PSA storage read: alg2: GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c":0
+
+PSA storage read: alg: HKDF(MD2)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000101000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(MD2)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001010008010000004c":0
+
+PSA storage read: alg: HKDF(MD4)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000201000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(MD4)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002010008010000004c":0
+
+PSA storage read: alg: HKDF(MD5)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(MD5)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c":0
+
+PSA storage read: alg: HKDF(RIPEMD160)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(RIPEMD160)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c":0
+
+PSA storage read: alg: HKDF(SHA_1)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(SHA_1)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c":0
+
+PSA storage read: alg: HKDF(SHA_224)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(SHA_224)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c":0
+
+PSA storage read: alg: HKDF(SHA_256)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(SHA_256)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c":0
+
+PSA storage read: alg: HKDF(SHA_384)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(SHA_384)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c":0
+
+PSA storage read: alg: HKDF(SHA_512)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b":0
+
+PSA storage read: alg2: HKDF(SHA_512)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c":0
+
+PSA storage read: alg: HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000100800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001008003010000004c":0
+
+PSA storage read: alg: HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000200800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002008003010000004c":0
+
+PSA storage read: alg: HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c":0
+
+PSA storage read: alg: HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c":0
+
+PSA storage read: alg: HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c":0
+
+PSA storage read: alg: HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c":0
+
+PSA storage read: alg: HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c":0
+
+PSA storage read: alg: HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c":0
+
+PSA storage read: alg: HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b":0
+
+PSA storage read: alg2: HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c":0
+
+PSA storage read: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b":0
+
+PSA storage read: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c":0
+
+PSA storage read: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b":0
+
+PSA storage read: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c":0
+
+PSA storage read: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b":0
+
+PSA storage read: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c":0
+
+PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b":0
+
+PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c":0
+
+PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b":0
+
+PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c":0
+
+PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b":0
+
+PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c":0
+
+PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b":0
+
+PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c":0
+
+PSA storage read: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b":0
+
+PSA storage read: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c":0
+
+PSA storage read: alg: MD2
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD2:0x0000:"4b":"505341004b455900000000000100000001100800010000000100000200000000010000004b":0
+
+PSA storage read: alg2: MD2
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD2:"4c":"505341004b455900000000000100000001100800010000000000000001000002010000004c":0
+
+PSA storage read: alg: MD4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD4:0x0000:"4b":"505341004b455900000000000100000001100800010000000200000200000000010000004b":0
+
+PSA storage read: alg2: MD4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD4:"4c":"505341004b455900000000000100000001100800010000000000000002000002010000004c":0
+
+PSA storage read: alg: MD5
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b":0
+
+PSA storage read: alg2: MD5
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c":0
+
+PSA storage read: alg: OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b":0
+
+PSA storage read: alg2: OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c":0
+
+PSA storage read: alg: PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b":0
+
+PSA storage read: alg2: PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c":0
+
+PSA storage read: alg: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b":0
+
+PSA storage read: alg2: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c":0
+
+PSA storage read: alg: RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030007010000004c":0
+
+PSA storage read: alg: RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030007010000004c":0
+
+PSA storage read: alg: RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c":0
+
+PSA storage read: alg: RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c":0
+
+PSA storage read: alg: RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c":0
+
+PSA storage read: alg: RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c":0
+
+PSA storage read: alg: RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c":0
+
+PSA storage read: alg: RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c":0
+
+PSA storage read: alg: RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b":0
+
+PSA storage read: alg2: RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c":0
+
+PSA storage read: alg: RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c":0
+
+PSA storage read: alg: RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c":0
+
+PSA storage read: alg: RSA_PSS(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b":0
+
+PSA storage read: alg2: RSA_PSS(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c":0
+
+PSA storage read: alg: SHA3_224
+depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b":0
+
+PSA storage read: alg2: SHA3_224
+depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c":0
+
+PSA storage read: alg: SHA3_256
+depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b":0
+
+PSA storage read: alg2: SHA3_256
+depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c":0
+
+PSA storage read: alg: SHA3_384
+depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b":0
+
+PSA storage read: alg2: SHA3_384
+depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c":0
+
+PSA storage read: alg: SHA3_512
+depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b":0
+
+PSA storage read: alg2: SHA3_512
+depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c":0
+
+PSA storage read: alg: SHAKE256_512
+depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b":0
+
+PSA storage read: alg2: SHAKE256_512
+depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c":0
+
+PSA storage read: alg: SHA_1
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b":0
+
+PSA storage read: alg2: SHA_1
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c":0
+
+PSA storage read: alg: SHA_224
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b":0
+
+PSA storage read: alg2: SHA_224
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c":0
+
+PSA storage read: alg: SHA_256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b":0
+
+PSA storage read: alg2: SHA_256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c":0
+
+PSA storage read: alg: SHA_384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b":0
+
+PSA storage read: alg2: SHA_384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c":0
+
+PSA storage read: alg: SHA_512
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b":0
+
+PSA storage read: alg2: SHA_512
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c":0
+
+PSA storage read: alg: SHA_512_224
+depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b":0
+
+PSA storage read: alg2: SHA_512_224
+depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c":0
+
+PSA storage read: alg: SHA_512_256
+depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b":0
+
+PSA storage read: alg2: SHA_512_256
+depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c":0
+
+PSA storage read: alg: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b":0
+
+PSA storage read: alg2: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c":0
+
+PSA storage read: alg: TLS12_PRF(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020008010000004c":0
+
+PSA storage read: alg: TLS12_PRF(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020008010000004c":0
+
+PSA storage read: alg: TLS12_PRF(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c":0
+
+PSA storage read: alg: TLS12_PRF(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c":0
+
+PSA storage read: alg: TLS12_PRF(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c":0
+
+PSA storage read: alg: TLS12_PRF(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c":0
+
+PSA storage read: alg: TLS12_PRF(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c":0
+
+PSA storage read: alg: TLS12_PRF(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c":0
+
+PSA storage read: alg: TLS12_PRF(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PRF(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c":0
+
+PSA storage read: alg: TLS12_PSK_TO_MS(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b":0
+
+PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(CBC_MAC, 1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(CBC_MAC, 1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(CMAC, 1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(CMAC, 1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(MD2), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000100810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(MD2), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(MD4), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000200810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(MD4), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(MD5), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(MD5), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(RIPEMD160), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(RIPEMD160), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_1), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_1), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_224), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_224), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_256), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_256), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_384), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_384), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_512), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_512), 1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c":0
+
+PSA storage read: alg: TRUNCATED_MAC(CBC_MAC, 63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b":0
+
+PSA storage read: alg2: TRUNCATED_MAC(CBC_MAC, 63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c":0
+
+PSA storage read: alg: XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b":0
+
+PSA storage read: alg2: XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c":0
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012000000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ED448PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001200000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(MD2) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000001008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(MD4) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000002008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(MD5) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(RIPEMD160) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_1) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_224) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_256) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_384) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_512) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PUBLIC_KEY 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PUBLIC_KEY 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+# End of automatically generated file.
diff --git a/tests/suites/test_suite_psa_its.data b/tests/suites/test_suite_psa_its.data
index 63ca129..9057a1a 100644
--- a/tests/suites/test_suite_psa_its.data
+++ b/tests/suites/test_suite_psa_its.data
@@ -63,3 +63,9 @@
Get 1 byte of 10 at -1: out of range
get_at:0:"40414243444546474849":-1:1:PSA_ERROR_INVALID_ARGUMENT
+
+Overwrite ITS header magic
+get_fail:0:"40414243444546474849":1:0:PSA_ERROR_DATA_CORRUPT
+
+Truncate ITS header
+get_fail:0:"40414243444546474849":0:1:PSA_ERROR_DATA_CORRUPT
diff --git a/tests/suites/test_suite_psa_its.function b/tests/suites/test_suite_psa_its.function
index a7ce7b1..fb9ce07 100644
--- a/tests/suites/test_suite_psa_its.function
+++ b/tests/suites/test_suite_psa_its.function
@@ -17,6 +17,7 @@
#define PSA_ITS_STORAGE_FILENAME_LENGTH \
( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \
16 + /*UID (64-bit number in hex)*/ \
+ 16 + /*UID (64-bit number in hex)*/ \
sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \
1 /*terminating null byte*/ )
#define PSA_ITS_STORAGE_TEMP \
@@ -231,3 +232,56 @@
cleanup( );
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void get_fail( int uid_arg, data_t *data,
+ int overwrite_magic, int cut_header,
+ int expected_status )
+{
+ psa_storage_uid_t uid = uid_arg;
+ unsigned char *buffer = NULL;
+ psa_status_t status;
+ size_t n;
+ size_t ret_len = 0;
+ char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
+ FILE *stream = NULL;
+ char bad_char = 'X';
+
+ PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) );
+
+ psa_its_fill_filename( uid, filename );
+ stream = fopen( filename, "rb+" );
+ TEST_ASSERT( NULL != stream );
+ if( 0 != overwrite_magic )
+ {
+ /* Overwrite the 1st byte of the file, the ITS magic number */
+ TEST_ASSERT( fseek( stream, 0, SEEK_SET ) == 0 );
+ n = fwrite( &bad_char, 1, 1, stream );
+ TEST_ASSERT( 1 == n );
+ }
+ if( 0 != cut_header )
+ {
+ /* Reopen file and truncate it to 0 byte by specifying the 'w' flag */
+ stream = freopen( filename, "wb", stream );
+ TEST_ASSERT( NULL != stream );
+ }
+ fclose( stream );
+ stream = NULL;
+
+ status = psa_its_get( uid, 0, 0, buffer, &ret_len );
+ TEST_ASSERT( status == (psa_status_t) expected_status );
+ TEST_ASSERT( 0 == ret_len );
+ PSA_ASSERT( psa_its_remove( uid ) );
+
+ /* Check if the file is really deleted. */
+ stream = fopen( filename, "rb" );
+ TEST_ASSERT( NULL == stream );
+
+exit:
+ if( stream != NULL )
+ fclose( stream );
+
+ mbedtls_free( buffer );
+ cleanup( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_random.data b/tests/suites/test_suite_random.data
new file mode 100644
index 0000000..c23d922
--- /dev/null
+++ b/tests/suites/test_suite_random.data
@@ -0,0 +1,55 @@
+Generate random twice with CTR_DRBG
+random_twice_with_ctr_drbg:
+
+Generate random twice with HMAC_DRBG(SHA-1)
+depends_on:MBEDTLS_SHA1_C
+random_twice_with_hmac_drbg:MBEDTLS_MD_SHA1
+
+Generate random twice with HMAC_DRBG(SHA-256)
+depends_on:MBEDTLS_SHA256_C
+random_twice_with_hmac_drbg:MBEDTLS_MD_SHA256
+
+Generate random twice with HMAC_DRBG(SHA-512)
+depends_on:MBEDTLS_SHA512_C
+random_twice_with_hmac_drbg:MBEDTLS_MD_SHA512
+
+Generate random twice with PSA classic wrapper
+random_twice_with_psa_from_classic:
+
+Generate random twice with PSA API
+random_twice_with_psa_from_psa:
+
+# This bad-usage test case currently crashes in the default configuration
+# because CTR_DRBG crashes when given an unseeded context. This is arguably
+# a good thing because it prevents misuse of mbedtls_psa_get_random().
+#PSA classic wrapper: PSA not active
+#mbedtls_psa_get_random_no_init:
+
+PSA classic wrapper: 0 bytes
+mbedtls_psa_get_random_length:0
+
+PSA classic wrapper: 1 byte
+mbedtls_psa_get_random_length:1
+
+PSA classic wrapper: 256 bytes
+mbedtls_psa_get_random_length:256
+
+# An external RNG is supposed to handle arbitrary request lengths. Test it
+# with something larger than any RNG call made by Mbed TLS itself expects.
+# CTR_DRBG and HMAC_DRBG have their own maximum request lengths which may
+# be lower than the value chosen here and are tested separately.
+PSA classic wrapper: external RNG large
+depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+mbedtls_psa_get_random_length:1024
+
+PSA classic wrapper: CTR_DRBG max
+depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG:MBEDTLS_CTR_DRBG_C
+mbedtls_psa_get_random_length:MBEDTLS_CTR_DRBG_MAX_REQUEST
+
+PSA classic wrapper: HMAC_DRBG max
+depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG:!MBEDTLS_CTR_DRBG_C:MBEDTLS_HMAC_DRBG_C
+mbedtls_psa_get_random_length:MBEDTLS_HMAC_DRBG_MAX_REQUEST
+
+PSA classic wrapper: ECDSA signature (SECP256R1)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_psa_get_random_ecdsa_sign:MBEDTLS_ECP_DP_SECP256R1
diff --git a/tests/suites/test_suite_random.function b/tests/suites/test_suite_random.function
new file mode 100644
index 0000000..37fa36e
--- /dev/null
+++ b/tests/suites/test_suite_random.function
@@ -0,0 +1,202 @@
+/* BEGIN_HEADER */
+
+/* Test random generation as a whole. */
+
+#include "mbedtls/bignum.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/psa_util.h"
+#include "psa/crypto.h"
+
+/* How many bytes to generate in each test case for repeated generation.
+ * This must be high enough that the probability of generating the same
+ * output twice is infinitesimal, but low enough that random generators
+ * are willing to deliver that much. */
+#define OUTPUT_SIZE 32
+
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_CTR_DRBG_C */
+void random_twice_with_ctr_drbg( )
+{
+ mbedtls_entropy_context entropy;
+ mbedtls_ctr_drbg_context drbg;
+ unsigned char output1[OUTPUT_SIZE];
+ unsigned char output2[OUTPUT_SIZE];
+
+ /* First round */
+ mbedtls_entropy_init( &entropy );
+ mbedtls_ctr_drbg_init( &drbg );
+ TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg,
+ mbedtls_entropy_func, &entropy,
+ NULL, 0 ) );
+ TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg,
+ output1, sizeof( output1 ) ) );
+ mbedtls_ctr_drbg_free( &drbg );
+ mbedtls_entropy_free( &entropy );
+
+ /* Second round */
+ mbedtls_entropy_init( &entropy );
+ mbedtls_ctr_drbg_init( &drbg );
+ TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg,
+ mbedtls_entropy_func, &entropy,
+ NULL, 0 ) );
+ TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg,
+ output2, sizeof( output2 ) ) );
+ mbedtls_ctr_drbg_free( &drbg );
+ mbedtls_entropy_free( &entropy );
+
+ /* The two rounds must generate different random data. */
+ TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
+
+exit:
+ mbedtls_ctr_drbg_free( &drbg );
+ mbedtls_entropy_free( &entropy );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_HMAC_DRBG_C */
+void random_twice_with_hmac_drbg( int md_type )
+{
+ mbedtls_entropy_context entropy;
+ mbedtls_hmac_drbg_context drbg;
+ unsigned char output1[OUTPUT_SIZE];
+ unsigned char output2[OUTPUT_SIZE];
+ const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
+
+ /* First round */
+ mbedtls_entropy_init( &entropy );
+ mbedtls_hmac_drbg_init( &drbg );
+ TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info,
+ mbedtls_entropy_func, &entropy,
+ NULL, 0 ) );
+ TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg,
+ output1, sizeof( output1 ) ) );
+ mbedtls_hmac_drbg_free( &drbg );
+ mbedtls_entropy_free( &entropy );
+
+ /* Second round */
+ mbedtls_entropy_init( &entropy );
+ mbedtls_hmac_drbg_init( &drbg );
+ TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info,
+ mbedtls_entropy_func, &entropy,
+ NULL, 0 ) );
+ TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg,
+ output2, sizeof( output2 ) ) );
+ mbedtls_hmac_drbg_free( &drbg );
+ mbedtls_entropy_free( &entropy );
+
+ /* The two rounds must generate different random data. */
+ TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
+
+exit:
+ mbedtls_hmac_drbg_free( &drbg );
+ mbedtls_entropy_free( &entropy );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void random_twice_with_psa_from_classic( )
+{
+ unsigned char output1[OUTPUT_SIZE];
+ unsigned char output2[OUTPUT_SIZE];
+
+ /* First round */
+ PSA_ASSERT( psa_crypto_init( ) );
+ TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
+ output1, sizeof( output1 ) ) );
+ PSA_DONE( );
+
+ /* Second round */
+ PSA_ASSERT( psa_crypto_init( ) );
+ TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
+ output2, sizeof( output2 ) ) );
+ PSA_DONE( );
+
+ /* The two rounds must generate different random data. */
+ TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
+
+exit:
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void random_twice_with_psa_from_psa( )
+{
+ unsigned char output1[OUTPUT_SIZE];
+ unsigned char output2[OUTPUT_SIZE];
+
+ /* First round */
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_generate_random( output1, sizeof( output1 ) ) );
+ PSA_DONE( );
+
+ /* Second round */
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_generate_random( output2, sizeof( output2 ) ) );
+ PSA_DONE( );
+
+ /* The two rounds must generate different random data. */
+ TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
+
+exit:
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
+void mbedtls_psa_get_random_no_init( )
+{
+ unsigned char output[1];
+
+ TEST_ASSERT( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
+ output, sizeof( output ) ) != 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
+void mbedtls_psa_get_random_length( int n )
+{
+ unsigned char *output = NULL;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ ASSERT_ALLOC( output, n );
+
+ TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
+ output, n ) );
+exit:
+ mbedtls_free( output );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */
+void mbedtls_psa_get_random_ecdsa_sign( int curve )
+{
+ mbedtls_ecp_group grp;
+ mbedtls_mpi d, r, s;
+ unsigned char buf[] = "This is not a hash.";
+
+ mbedtls_ecp_group_init( &grp );
+ mbedtls_mpi_init( &d );
+ mbedtls_mpi_init( &r );
+ mbedtls_mpi_init( &s );
+
+ TEST_EQUAL( 0, mbedtls_mpi_lset( &d, 123456789 ) );
+ TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, curve ) );
+ PSA_ASSERT( psa_crypto_init( ) );
+ TEST_EQUAL( 0, mbedtls_ecdsa_sign( &grp, &r, &s, &d,
+ buf, sizeof( buf ),
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE ) );
+exit:
+ mbedtls_mpi_free( &d );
+ mbedtls_mpi_free( &r );
+ mbedtls_mpi_free( &s );
+ mbedtls_ecp_group_free( &grp );
+ PSA_DONE( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index 30919f3..2da814d 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -1,6 +1,12 @@
RSA parameter validation
rsa_invalid_param:
+RSA init-free-free
+rsa_init_free:0
+
+RSA init-free-init-free
+rsa_init_free:1
+
RSA PKCS1 Verify v1.5 CAVS #1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
# Good padding but wrong hash
@@ -383,12 +389,18 @@
RSA Private (Data larger than N)
mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+RSA Private (Data = 0 )
+mbedtls_rsa_private:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0
+
RSA Public (Correct)
mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0
RSA Public (Data larger than N)
mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+RSA Public (Data = 0)
+mbedtls_rsa_public:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0
+
RSA Generate Key - 128bit key
mbedtls_rsa_gen_key:128:3:0
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 6c73e39..2d7fb8e 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -338,6 +338,28 @@
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+ mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
+ 0, sizeof( buf ), buf,
+ MBEDTLS_RSA_SALT_LEN_ANY,
+ buf ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+ mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
+ 0, sizeof( buf ), NULL,
+ MBEDTLS_RSA_SALT_LEN_ANY,
+ buf ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+ mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
+ 0, sizeof( buf ), buf,
+ MBEDTLS_RSA_SALT_LEN_ANY,
+ NULL ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+ mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
+ MBEDTLS_MD_SHA1,
+ 0, NULL,
+ MBEDTLS_RSA_SALT_LEN_ANY,
+ buf ) );
+
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
valid_mode,
0, sizeof( buf ), buf,
@@ -467,6 +489,29 @@
/* END_CASE */
/* BEGIN_CASE */
+void rsa_init_free( int reinit )
+{
+ mbedtls_rsa_context ctx;
+
+ /* Double free is not explicitly documented to work, but we rely on it
+ * even inside the library so that you can call mbedtls_rsa_free()
+ * unconditionally on an error path without checking whether it has
+ * already been called in the success path. */
+
+ mbedtls_rsa_init( &ctx, 0, 0 );
+ mbedtls_rsa_free( &ctx );
+
+ if( reinit )
+ mbedtls_rsa_init( &ctx, 0, 0 );
+ mbedtls_rsa_free( &ctx );
+
+ /* This test case always succeeds, functionally speaking. A plausible
+ * bug might trigger an invalid pointer dereference or a memory leak. */
+ goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
int digest, int mod, int radix_P, char * input_P,
int radix_Q, char * input_Q, int radix_N,
@@ -487,10 +532,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -533,8 +578,8 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( hash_result, 0x00, sizeof( hash_result ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
@@ -571,10 +616,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -642,8 +687,8 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -706,8 +751,8 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -747,8 +792,8 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -795,10 +840,10 @@
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -841,14 +886,16 @@
mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
+
+ /* Check test data consistency */
+ TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
if( result == 0 )
{
@@ -900,17 +947,19 @@
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
+
+ /* Check test data consistency */
+ TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
/* repeat three times to test updating of blinding values */
for( i = 0; i < 3; i++ )
{
@@ -976,11 +1025,11 @@
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
@@ -1008,36 +1057,36 @@
ctx.len = mod / 8;
if( strlen( input_P ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
}
if( strlen( input_Q ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
}
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
}
if( strlen( input_D ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
}
#if !defined(MBEDTLS_RSA_NO_CRT)
if( strlen( input_DP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
}
if( strlen( input_DQ ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
}
if( strlen( input_QP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
}
#else
((void) radix_DP); ((void) input_DP);
@@ -1072,45 +1121,45 @@
if( strlen( input_Npub ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
}
if( strlen( input_Epub ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
}
if( strlen( input_P ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
}
if( strlen( input_Q ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
}
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
}
if( strlen( input_D ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
}
#if !defined(MBEDTLS_RSA_NO_CRT)
if( strlen( input_DP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
}
if( strlen( input_DQ ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
}
if( strlen( input_QP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
}
#else
((void) radix_DP); ((void) input_DP);
@@ -1171,11 +1220,11 @@
mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
if( corrupt )
TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
@@ -1212,10 +1261,10 @@
mbedtls_mpi_init( &E );
mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
if( corrupt )
{
@@ -1298,19 +1347,19 @@
(const unsigned char *) pers, strlen( pers ) ) == 0 );
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
if( !successive )
{
@@ -1442,19 +1491,19 @@
/* Setup RSA context */
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx,
strlen( input_N ) ? &N : NULL,
@@ -1562,19 +1611,19 @@
strlen( pers ) ) == 0 );
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
have_P ? &P : NULL,
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 6e653ff..e9501e4 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -10503,7 +10503,7 @@
SSL TLS 1.3 Key schedule: Derive-Secret( ., "c hs traffic", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03"::32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
+ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "s hs traffic", hash)
# Vector from RFC 8448
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index f377ffa..3eeea44 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -1354,7 +1354,8 @@
t_in->taglen = 8;
break;
default:
- return( 1 );
+ ret = 1;
+ goto cleanup;
}
break;
@@ -1374,7 +1375,8 @@
t_in->taglen = 8;
break;
default:
- return( 1 );
+ ret = 1;
+ goto cleanup;
}
break;
@@ -1395,11 +1397,13 @@
t_in->maclen = 10;
break;
default:
- return( 1 );
+ ret = 1;
+ goto cleanup;
}
break;
default:
- return( 1 );
+ ret = 1;
+ goto cleanup;
break;
}
@@ -2658,7 +2662,7 @@
void ssl_message_mock_uninitialized( )
{
enum { MSGLEN = 10 };
- unsigned char message[MSGLEN], received[MSGLEN];
+ unsigned char message[MSGLEN] = {0}, received[MSGLEN];
mbedtls_mock_socket client, server;
mbedtls_test_message_queue server_queue, client_queue;
mbedtls_test_message_socket_context server_context, client_context;
@@ -3609,7 +3613,7 @@
*/
for( i = block_size; i < buflen; i++ )
{
- test_set_step( i );
+ mbedtls_test_set_step( i );
/* Restore correct pre-encryption record */
rec = rec_save;
@@ -3646,7 +3650,7 @@
*/
for( i = padlen; i <= pad_max_len; i++ )
{
- test_set_step( i );
+ mbedtls_test_set_step( i );
/* Restore correct pre-encryption record */
rec = rec_save;
@@ -3832,9 +3836,7 @@
if( output == NULL )
goto exit;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
+ USE_PSA_INIT( );
TEST_ASSERT( mbedtls_ssl_tls_prf( type, secret->x, secret->len,
label, random->x, random->len,
@@ -3848,6 +3850,7 @@
exit:
mbedtls_free( output );
+ USE_PSA_DONE( );
}
/* END_CASE */
@@ -4466,7 +4469,7 @@
*/
for( max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++ )
{
- test_set_step( max_in_len * 10000 );
+ mbedtls_test_set_step( max_in_len * 10000 );
/* Use allocated in buffer to catch overreads */
ASSERT_ALLOC( data, max_in_len );
@@ -4474,7 +4477,7 @@
min_in_len = max_in_len > 255 ? max_in_len - 255 : 0;
for( in_len = min_in_len; in_len <= max_in_len; in_len++ )
{
- test_set_step( max_in_len * 10000 + in_len );
+ mbedtls_test_set_step( max_in_len * 10000 + in_len );
/* Set up dummy data and add_data */
rec_num++;
@@ -4531,7 +4534,7 @@
for( secret = offset_min; secret <= (size_t) offset_max; secret++ )
{
- test_set_step( (int) secret );
+ mbedtls_test_set_step( (int) secret );
TEST_CF_SECRET( &secret, sizeof( secret ) );
mbedtls_ssl_cf_memcpy_offset( dst, src, secret,
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index bb26246..9d4ae17 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -1,8 +1,8 @@
Check compiletime library version
-check_compiletime_version:"2.24.0"
+check_compiletime_version:"2.27.0"
Check runtime library version
-check_runtime_version:"2.24.0"
+check_runtime_version:"2.27.0"
Check for MBEDTLS_VERSION_C
check_feature:"MBEDTLS_VERSION_C":0
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index bfdbab2..f60a46b 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -559,12 +559,8 @@
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL"
-X509 CRT verification #14 (Valid Cert SHA1 Digest allowed in compile-time default profile)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"":"NULL"
-
X509 CRT verification #14 (Valid Cert SHA1 Digest forbidden in default profile)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL"
X509 CRT verification #15 (Valid Cert SHA224 Digest)
@@ -2652,6 +2648,10 @@
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
x509parse_crt_file:"data_files/server7_trailing_space.crt":0
+X509 File parse (Algorithm Params Tag mismatch)
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
+x509parse_crt_file:"data_files/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH
+
X509 Get time (UTC no issues)
depends_on:MBEDTLS_X509_USE_C
x509_get_time:MBEDTLS_ASN1_UTC_TIME:"500101000000Z":0:1950:1:1:0:0:0
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 2bba4e2..29d28f7 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -7,6 +7,7 @@
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
#include "mbedtls/base64.h"
+#include "mbedtls/error.h"
#include "string.h"
#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19
@@ -320,18 +321,18 @@
ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE );
if( ret != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( *p + len != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/*
* Cannot be an empty sequence.
*/
if( len == 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
while( *p < end )
{
@@ -342,13 +343,13 @@
*/
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
policy_end = *p + len;
if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
/*
* Recognize exclusively the policy with OID 1
@@ -366,7 +367,7 @@
{
if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
/*
* Skip the optional policy qualifiers.
*/
@@ -374,13 +375,13 @@
}
if( *p != policy_end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( parse_ret );
}
@@ -388,7 +389,8 @@
memcmp( new_oid->p, oid->p, oid->len ) == 0 )
return( 0 );
else
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/* END_HEADER */
@@ -610,14 +612,12 @@
char * cn_name = NULL;
const mbedtls_x509_crt_profile *profile;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
mbedtls_x509_crt_init( &crt );
mbedtls_x509_crt_init( &ca );
mbedtls_x509_crl_init( &crl );
+ USE_PSA_INIT( );
+
if( strcmp( cn_name_str, "NULL" ) != 0 )
cn_name = cn_name_str;
@@ -669,6 +669,7 @@
mbedtls_x509_crt_free( &crt );
mbedtls_x509_crt_free( &ca );
mbedtls_x509_crl_free( &crl );
+ USE_PSA_DONE( );
}
/* END_CASE */
@@ -712,14 +713,12 @@
uint32_t flags = 0;
verify_print_context vrfy_ctx;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
mbedtls_x509_crt_init( &crt );
mbedtls_x509_crt_init( &ca );
verify_print_init( &vrfy_ctx );
+ USE_PSA_INIT( );
+
TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
@@ -737,6 +736,7 @@
exit:
mbedtls_x509_crt_free( &crt );
mbedtls_x509_crt_free( &ca );
+ USE_PSA_DONE( );
}
/* END_CASE */
@@ -1024,10 +1024,6 @@
uint32_t flags;
mbedtls_x509_crt trusted, chain;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
/*
* We expect chain_dir to contain certificates 00.crt, 01.crt, etc.
* with NN.crt signed by NN-1.crt
@@ -1036,6 +1032,8 @@
mbedtls_x509_crt_init( &trusted );
mbedtls_x509_crt_init( &chain );
+ USE_PSA_INIT( );
+
/* Load trusted root */
TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, ca_file ) == 0 );
@@ -1055,6 +1053,7 @@
exit:
mbedtls_x509_crt_free( &chain );
mbedtls_x509_crt_free( &trusted );
+ USE_PSA_DONE( );
}
/* END_CASE */
@@ -1069,13 +1068,11 @@
mbedtls_x509_crt trusted, chain;
const mbedtls_x509_crt_profile *profile = NULL;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
mbedtls_x509_crt_init( &chain );
mbedtls_x509_crt_init( &trusted );
+ USE_PSA_INIT( );
+
while( ( act = mystrsep( &chain_paths, " " ) ) != NULL )
TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 );
TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 );
@@ -1100,6 +1097,7 @@
exit:
mbedtls_x509_crt_free( &trusted );
mbedtls_x509_crt_free( &chain );
+ USE_PSA_DONE( );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index b3f209e..e0f80be 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -56,35 +56,43 @@
Certificate write check Server1 SHA1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0:0
Certificate write check Server1 SHA1, key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0:0
Certificate write check Server1 SHA1, ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0
Certificate write check Server1 SHA1, version 1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0
+
+Certificate write check Server1 SHA1, CA
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":0:1
Certificate write check Server1 SHA1, RSA_ALT
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1:0
Certificate write check Server1 SHA1, RSA_ALT, key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0
Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0
Certificate write check Server1 SHA1, RSA_ALT, version 1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0
+
+Certificate write check Server1 SHA1, RSA_ALT, CA
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1
X509 String to Names #1
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 9f2007d..ce475e6 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -6,25 +6,6 @@
#include "mbedtls/oid.h"
#include "mbedtls/rsa.h"
-/* These are the same depends as the test function x509_crs_check_opaque(),
- * the only function using PSA here. Using a weaker condition would result in
- * warnings about the static functions defined in psa_crypto_helpers.h being
- * unused. */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_PEM_WRITE_C) && \
- defined(MBEDTLS_X509_CSR_WRITE_C)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#include "test/psa_crypto_helpers.h"
-#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
-#else
-/* Define empty macros so that we can use them in the preamble and teardown
- * of every test function that uses PSA conditionally based on
- * MBEDTLS_USE_PSA_CRYPTO. */
-#define PSA_INIT( ) ( (void) 0 )
-#define PSA_DONE( ) ( (void) 0 )
-#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
-
#if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output,
@@ -104,7 +85,7 @@
unsigned char buf[4096];
unsigned char check_buf[4000];
int ret;
- size_t olen = 0, pem_len = 0;
+ size_t olen = 0, pem_len = 0, buf_index;
int der_len = -1;
FILE *f;
const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
@@ -130,6 +111,11 @@
pem_len = strlen( (char *) buf );
+ for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
+ {
+ TEST_ASSERT( buf[buf_index] == 0 );
+ }
+
f = fopen( cert_req_check_file, "r" );
TEST_ASSERT( f != NULL );
olen = fread( check_buf, 1, sizeof( check_buf ), f );
@@ -214,7 +200,7 @@
char *serial_str, char *not_before, char *not_after,
int md_type, int key_usage, int set_key_usage,
int cert_type, int set_cert_type, int auth_ident,
- int ver, char *cert_check_file, int rsa_alt )
+ int ver, char *cert_check_file, int rsa_alt, int is_ca )
{
mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
mbedtls_pk_context *key = &issuer_key;
@@ -224,7 +210,7 @@
unsigned char check_buf[5000];
mbedtls_mpi serial;
int ret;
- size_t olen = 0, pem_len = 0;
+ size_t olen = 0, pem_len = 0, buf_index = 0;
int der_len = -1;
FILE *f;
mbedtls_test_rnd_pseudo_info rnd_info;
@@ -260,7 +246,7 @@
(void) rsa_alt;
#endif
- TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &serial, 10, serial_str ) == 0 );
if( ver != -1 )
mbedtls_x509write_crt_set_version( &crt, ver );
@@ -277,7 +263,9 @@
if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 )
{
- TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
+ /* For the CA case, a path length of -1 means unlimited. */
+ TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, is_ca,
+ (is_ca ? -1 : 0) ) == 0 );
TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 );
if( auth_ident )
TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 );
@@ -293,6 +281,12 @@
pem_len = strlen( (char *) buf );
+ // check that the rest of the buffer remains clear
+ for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
+ {
+ TEST_ASSERT( buf[buf_index] == 0 );
+ }
+
f = fopen( cert_check_file, "r" );
TEST_ASSERT( f != NULL );
olen = fread( check_buf, 1, sizeof( check_buf ), f );
diff --git a/visualc/VS2010/aescrypt2.vcxproj b/visualc/VS2010/aescrypt2.vcxproj
deleted file mode 100644
index 0707e12..0000000
--- a/visualc/VS2010/aescrypt2.vcxproj
+++ /dev/null
@@ -1,167 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
- <ItemGroup Label="ProjectConfigurations">
- <ProjectConfiguration Include="Debug|Win32">
- <Configuration>Debug</Configuration>
- <Platform>Win32</Platform>
- </ProjectConfiguration>
- <ProjectConfiguration Include="Debug|x64">
- <Configuration>Debug</Configuration>
- <Platform>x64</Platform>
- </ProjectConfiguration>
- <ProjectConfiguration Include="Release|Win32">
- <Configuration>Release</Configuration>
- <Platform>Win32</Platform>
- </ProjectConfiguration>
- <ProjectConfiguration Include="Release|x64">
- <Configuration>Release</Configuration>
- <Platform>x64</Platform>
- </ProjectConfiguration>
- </ItemGroup>
- <ItemGroup>
- <ClCompile Include="..\..\programs\aes\aescrypt2.c" />
- </ItemGroup>
- <ItemGroup>
- <ProjectReference Include="mbedTLS.vcxproj">
- <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
- <LinkLibraryDependencies>true</LinkLibraryDependencies>
- </ProjectReference>
- </ItemGroup>
- <PropertyGroup Label="Globals">
- <ProjectGuid>{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}</ProjectGuid>
- <Keyword>Win32Proj</Keyword>
- <RootNamespace>aescrypt2</RootNamespace>
- </PropertyGroup>
- <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
- <ConfigurationType>Application</ConfigurationType>
- <UseDebugLibraries>true</UseDebugLibraries>
- <CharacterSet>Unicode</CharacterSet>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
- <ConfigurationType>Application</ConfigurationType>
- <UseDebugLibraries>true</UseDebugLibraries>
- <CharacterSet>Unicode</CharacterSet>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
- <ConfigurationType>Application</ConfigurationType>
- <UseDebugLibraries>false</UseDebugLibraries>
- <WholeProgramOptimization>true</WholeProgramOptimization>
- <CharacterSet>Unicode</CharacterSet>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
- <ConfigurationType>Application</ConfigurationType>
- <UseDebugLibraries>false</UseDebugLibraries>
- <WholeProgramOptimization>true</WholeProgramOptimization>
- <CharacterSet>Unicode</CharacterSet>
- </PropertyGroup>
- <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
- <ImportGroup Label="ExtensionSettings">
- </ImportGroup>
- <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
- <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
- </ImportGroup>
- <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
- <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
- </ImportGroup>
- <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
- <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
- </ImportGroup>
- <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
- <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
- </ImportGroup>
- <PropertyGroup Label="UserMacros" />
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
- <LinkIncremental>true</LinkIncremental>
- <IntDir>$(Configuration)\$(TargetName)\</IntDir>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
- <LinkIncremental>true</LinkIncremental>
- <IntDir>$(Configuration)\$(TargetName)\</IntDir>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
- <LinkIncremental>false</LinkIncremental>
- <IntDir>$(Configuration)\$(TargetName)\</IntDir>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
- <LinkIncremental>false</LinkIncremental>
- <IntDir>$(Configuration)\$(TargetName)\</IntDir>
- </PropertyGroup>
- <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
- <ClCompile>
- <WarningLevel>Level3</WarningLevel>
- <Optimization>Disabled</Optimization>
- <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
- <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
- </ClCompile>
- <Link>
- <SubSystem>Console</SubSystem>
- <GenerateDebugInformation>true</GenerateDebugInformation>
- <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
- <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
- </Link>
- <ProjectReference>
- <LinkLibraryDependencies>false</LinkLibraryDependencies>
- </ProjectReference>
- </ItemDefinitionGroup>
- <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
- <ClCompile>
- <WarningLevel>Level3</WarningLevel>
- <Optimization>Disabled</Optimization>
- <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
- <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
- </ClCompile>
- <Link>
- <SubSystem>Console</SubSystem>
- <GenerateDebugInformation>true</GenerateDebugInformation>
- <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
- <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
- </Link>
- <ProjectReference>
- <LinkLibraryDependencies>false</LinkLibraryDependencies>
- </ProjectReference>
- </ItemDefinitionGroup>
- <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
- <ClCompile>
- <WarningLevel>Level3</WarningLevel>
- <Optimization>MaxSpeed</Optimization>
- <FunctionLevelLinking>true</FunctionLevelLinking>
- <IntrinsicFunctions>true</IntrinsicFunctions>
- <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
- <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
- </ClCompile>
- <Link>
- <SubSystem>Console</SubSystem>
- <GenerateDebugInformation>true</GenerateDebugInformation>
- <EnableCOMDATFolding>true</EnableCOMDATFolding>
- <OptimizeReferences>true</OptimizeReferences>
- <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
- <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
- </Link>
- </ItemDefinitionGroup>
- <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
- <ClCompile>
- <WarningLevel>Level3</WarningLevel>
- <Optimization>MaxSpeed</Optimization>
- <FunctionLevelLinking>true</FunctionLevelLinking>
- <IntrinsicFunctions>true</IntrinsicFunctions>
- <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
- <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
- </ClCompile>
- <Link>
- <SubSystem>Console</SubSystem>
- <GenerateDebugInformation>true</GenerateDebugInformation>
- <EnableCOMDATFolding>true</EnableCOMDATFolding>
- <OptimizeReferences>true</OptimizeReferences>
- <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
- <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
- </Link>
- </ItemDefinitionGroup>
- <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
- <ImportGroup Label="ExtensionTargets">
- </ImportGroup>
-</Project>
diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln
index 26219dd..d1e884e 100644
--- a/visualc/VS2010/mbedTLS.sln
+++ b/visualc/VS2010/mbedTLS.sln
@@ -3,11 +3,6 @@
# Visual C++ Express 2010
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "aescrypt2", "aescrypt2.vcxproj", "{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}"
- ProjectSection(ProjectDependencies) = postProject
- {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
- EndProjectSection
-EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypt_and_hash", "crypt_and_hash.vcxproj", "{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}"
ProjectSection(ProjectDependencies) = postProject
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
@@ -279,14 +274,6 @@
{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.Build.0 = Release|Win32
{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.ActiveCfg = Release|x64
{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.Build.0 = Release|x64
- {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.ActiveCfg = Debug|Win32
- {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.Build.0 = Debug|Win32
- {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.ActiveCfg = Debug|x64
- {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.Build.0 = Debug|x64
- {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.ActiveCfg = Release|Win32
- {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.Build.0 = Release|Win32
- {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.ActiveCfg = Release|x64
- {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.Build.0 = Release|x64
{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.ActiveCfg = Debug|Win32
{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.Build.0 = Debug|Win32
{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.ActiveCfg = Debug|x64
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 0af4145..cd68bb0 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -222,11 +222,13 @@
<ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
<ClInclude Include="..\..\include\mbedtls\xtea.h" />
<ClInclude Include="..\..\include\psa\crypto.h" />
- <ClInclude Include="..\..\include\psa\crypto_accel_driver.h" />
+ <ClInclude Include="..\..\include\psa\crypto_builtin_composites.h" />
+ <ClInclude Include="..\..\include\psa\crypto_builtin_primitives.h" />
<ClInclude Include="..\..\include\psa\crypto_compat.h" />
<ClInclude Include="..\..\include\psa\crypto_config.h" />
<ClInclude Include="..\..\include\psa\crypto_driver_common.h" />
- <ClInclude Include="..\..\include\psa\crypto_entropy_driver.h" />
+ <ClInclude Include="..\..\include\psa\crypto_driver_contexts_composites.h" />
+ <ClInclude Include="..\..\include\psa\crypto_driver_contexts_primitives.h" />
<ClInclude Include="..\..\include\psa\crypto_extra.h" />
<ClInclude Include="..\..\include\psa\crypto_platform.h" />
<ClInclude Include="..\..\include\psa\crypto_se_driver.h" />
@@ -234,25 +236,42 @@
<ClInclude Include="..\..\include\psa\crypto_struct.h" />
<ClInclude Include="..\..\include\psa\crypto_types.h" />
<ClInclude Include="..\..\include\psa\crypto_values.h" />
+ <ClInclude Include="..\..\tests\include\test\asn1_helpers.h" />
<ClInclude Include="..\..\tests\include\test\constant_flow.h" />
+ <ClInclude Include="..\..\tests\include\test\fake_external_rng_for_test.h" />
<ClInclude Include="..\..\tests\include\test\helpers.h" />
<ClInclude Include="..\..\tests\include\test\macros.h" />
<ClInclude Include="..\..\tests\include\test\psa_crypto_helpers.h" />
+ <ClInclude Include="..\..\tests\include\test\psa_exercise_key.h" />
<ClInclude Include="..\..\tests\include\test\psa_helpers.h" />
<ClInclude Include="..\..\tests\include\test\random.h" />
+ <ClInclude Include="..\..\tests\include\test\drivers\aead.h" />
<ClInclude Include="..\..\tests\include\test\drivers\cipher.h" />
+ <ClInclude Include="..\..\tests\include\test\drivers\hash.h" />
<ClInclude Include="..\..\tests\include\test\drivers\key_management.h" />
+ <ClInclude Include="..\..\tests\include\test\drivers\mac.h" />
<ClInclude Include="..\..\tests\include\test\drivers\signature.h" />
<ClInclude Include="..\..\tests\include\test\drivers\size.h" />
<ClInclude Include="..\..\tests\include\test\drivers\test_driver.h" />
<ClInclude Include="..\..\library\check_crypto_config.h" />
<ClInclude Include="..\..\library\common.h" />
+ <ClInclude Include="..\..\library\ecp_invasive.h" />
+ <ClInclude Include="..\..\library\mps_common.h" />
+ <ClInclude Include="..\..\library\mps_error.h" />
+ <ClInclude Include="..\..\library\mps_reader.h" />
+ <ClInclude Include="..\..\library\mps_trace.h" />
+ <ClInclude Include="..\..\library\psa_crypto_aead.h" />
+ <ClInclude Include="..\..\library\psa_crypto_cipher.h" />
<ClInclude Include="..\..\library\psa_crypto_core.h" />
<ClInclude Include="..\..\library\psa_crypto_driver_wrappers.h" />
+ <ClInclude Include="..\..\library\psa_crypto_ecp.h" />
+ <ClInclude Include="..\..\library\psa_crypto_hash.h" />
<ClInclude Include="..\..\library\psa_crypto_invasive.h" />
<ClInclude Include="..\..\library\psa_crypto_its.h" />
+ <ClInclude Include="..\..\library\psa_crypto_mac.h" />
+ <ClInclude Include="..\..\library\psa_crypto_random_impl.h" />
+ <ClInclude Include="..\..\library\psa_crypto_rsa.h" />
<ClInclude Include="..\..\library\psa_crypto_se.h" />
- <ClInclude Include="..\..\library\psa_crypto_service_integration.h" />
<ClInclude Include="..\..\library\psa_crypto_slot_management.h" />
<ClInclude Include="..\..\library\psa_crypto_storage.h" />
<ClInclude Include="..\..\library\ssl_invasive.h" />
@@ -301,6 +320,8 @@
<ClCompile Include="..\..\library\md4.c" />
<ClCompile Include="..\..\library\md5.c" />
<ClCompile Include="..\..\library\memory_buffer_alloc.c" />
+ <ClCompile Include="..\..\library\mps_reader.c" />
+ <ClCompile Include="..\..\library\mps_trace.c" />
<ClCompile Include="..\..\library\net_sockets.c" />
<ClCompile Include="..\..\library\nist_kw.c" />
<ClCompile Include="..\..\library\oid.c" />
@@ -317,7 +338,14 @@
<ClCompile Include="..\..\library\platform_util.c" />
<ClCompile Include="..\..\library\poly1305.c" />
<ClCompile Include="..\..\library\psa_crypto.c" />
+ <ClCompile Include="..\..\library\psa_crypto_aead.c" />
+ <ClCompile Include="..\..\library\psa_crypto_cipher.c" />
+ <ClCompile Include="..\..\library\psa_crypto_client.c" />
<ClCompile Include="..\..\library\psa_crypto_driver_wrappers.c" />
+ <ClCompile Include="..\..\library\psa_crypto_ecp.c" />
+ <ClCompile Include="..\..\library\psa_crypto_hash.c" />
+ <ClCompile Include="..\..\library\psa_crypto_mac.c" />
+ <ClCompile Include="..\..\library\psa_crypto_rsa.c" />
<ClCompile Include="..\..\library\psa_crypto_se.c" />
<ClCompile Include="..\..\library\psa_crypto_slot_management.c" />
<ClCompile Include="..\..\library\psa_crypto_storage.c" />
@@ -349,8 +377,21 @@
<ClCompile Include="..\..\library\x509write_crt.c" />
<ClCompile Include="..\..\library\x509write_csr.c" />
<ClCompile Include="..\..\library\xtea.c" />
+ <ClCompile Include="..\..\tests\src\asn1_helpers.c" />
+ <ClCompile Include="..\..\tests\src\fake_external_rng_for_test.c" />
<ClCompile Include="..\..\tests\src\helpers.c" />
+ <ClCompile Include="..\..\tests\src\psa_crypto_helpers.c" />
+ <ClCompile Include="..\..\tests\src\psa_exercise_key.c" />
<ClCompile Include="..\..\tests\src\random.c" />
+ <ClCompile Include="..\..\tests\src\threading_helpers.c" />
+ <ClCompile Include="..\..\tests\src\drivers\hash.c" />
+ <ClCompile Include="..\..\tests\src\drivers\platform_builtin_keys.c" />
+ <ClCompile Include="..\..\tests\src\drivers\test_driver_aead.c" />
+ <ClCompile Include="..\..\tests\src\drivers\test_driver_cipher.c" />
+ <ClCompile Include="..\..\tests\src\drivers\test_driver_key_management.c" />
+ <ClCompile Include="..\..\tests\src\drivers\test_driver_mac.c" />
+ <ClCompile Include="..\..\tests\src\drivers\test_driver_signature.c" />
+ <ClCompile Include="..\..\tests\src\drivers\test_driver_size.c" />
<ClCompile Include="..\..\3rdparty\everest\library\everest.c" />
<ClCompile Include="..\..\3rdparty\everest\library\Hacl_Curve25519_joined.c" />
<ClCompile Include="..\..\3rdparty\everest\library\x25519.c" />
diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj
index 9021602..9884f23 100644
--- a/visualc/VS2010/ssl_client2.vcxproj
+++ b/visualc/VS2010/ssl_client2.vcxproj
@@ -21,6 +21,7 @@
<ItemGroup>
<ClCompile Include="..\..\programs\ssl\ssl_client2.c" />
<ClCompile Include="..\..\programs\test\query_config.c" />
+ <ClCompile Include="..\..\programs\ssl\ssl_test_lib.c" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="mbedTLS.vcxproj">
diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj
index 61eedaa..d8f3e59 100644
--- a/visualc/VS2010/ssl_server2.vcxproj
+++ b/visualc/VS2010/ssl_server2.vcxproj
@@ -21,6 +21,7 @@
<ItemGroup>
<ClCompile Include="..\..\programs\ssl\ssl_server2.c" />
<ClCompile Include="..\..\programs\test\query_config.c" />
+ <ClCompile Include="..\..\programs\ssl\ssl_test_lib.c" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="mbedTLS.vcxproj">