Merge remote-tracking branch 'public/pr/1806' into development
diff --git a/.github/issue_template.md b/.github/issue_template.md
index 5e9d83d..7c31353 100644
--- a/.github/issue_template.md
+++ b/.github/issue_template.md
@@ -38,4 +38,4 @@
## Question
-**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb), and preferably file an issue in the [Mbed TLS support forum](https://tls.mbed.org/discussions)**
+**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb), and preferably file an issue in the [Mbed TLS support forum](https://forums.mbed.com/c/mbed-tls)**
diff --git a/.gitignore b/.gitignore
index fee2a31..f40064d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,5 +21,8 @@
*.ilk
*.lib
+# Python build artifacts:
+*.pyc
+
# CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
*.dir/
diff --git a/.pylint b/.pylint
new file mode 100644
index 0000000..934f30b
--- /dev/null
+++ b/.pylint
@@ -0,0 +1,425 @@
+[MASTER]
+
+# A comma-separated list of package or module names from where C extensions may
+# be loaded. Extensions are loading into the active Python interpreter and may
+# run arbitrary code
+extension-pkg-whitelist=
+
+# Add files or directories to the blacklist. They should be base names, not
+# paths.
+ignore=CVS
+
+# Add files or directories matching the regex patterns to the blacklist. The
+# regex matches against base names, not paths.
+ignore-patterns=
+
+# Python code to execute, usually for sys.path manipulation such as
+# pygtk.require().
+#init-hook=
+
+# Use multiple processes to speed up Pylint.
+jobs=1
+
+# List of plugins (as comma separated values of python modules names) to load,
+# usually to register additional checkers.
+load-plugins=
+
+# Pickle collected data for later comparisons.
+persistent=yes
+
+# Specify a configuration file.
+#rcfile=
+
+# Allow loading of arbitrary C extensions. Extensions are imported into the
+# active Python interpreter and may run arbitrary code.
+unsafe-load-any-extension=no
+
+
+[MESSAGES CONTROL]
+
+# Only show warnings with the listed confidence levels. Leave empty to show
+# all. Valid levels: HIGH, INFERENCE, INFERENCE_FAILURE, UNDEFINED
+confidence=
+
+# Disable the message, report, category or checker with the given id(s). You
+# can either give multiple identifiers separated by comma (,) or put this
+# option multiple times (only on the command line, not in the configuration
+# file where it should appear only once).You can also use "--disable=all" to
+# disable everything first and then reenable specific checks. For example, if
+# you want to run only the similarities checker, you can use "--disable=all
+# --enable=similarities". If you want to run only the classes checker, but have
+# no Warning level messages displayed, use"--disable=all --enable=classes
+# --disable=W"
+disable=print-statement,parameter-unpacking,unpacking-in-except,old-raise-syntax,backtick,long-suffix,old-ne-operator,old-octal-literal,import-star-module-level,raw-checker-failed,bad-inline-option,locally-disabled,locally-enabled,file-ignored,suppressed-message,useless-suppression,deprecated-pragma,apply-builtin,basestring-builtin,buffer-builtin,cmp-builtin,coerce-builtin,execfile-builtin,file-builtin,long-builtin,raw_input-builtin,reduce-builtin,standarderror-builtin,unicode-builtin,xrange-builtin,coerce-method,delslice-method,getslice-method,setslice-method,no-absolute-import,old-division,dict-iter-method,dict-view-method,next-method-called,metaclass-assignment,indexing-exception,raising-string,reload-builtin,oct-method,hex-method,nonzero-method,cmp-method,input-builtin,round-builtin,intern-builtin,unichr-builtin,map-builtin-not-iterating,zip-builtin-not-iterating,range-builtin-not-iterating,filter-builtin-not-iterating,using-cmp-argument,eq-without-hash,div-method,idiv-method,rdiv-method,exception-message-attribute,invalid-str-codec,sys-max-int,bad-python3-import,deprecated-string-function,deprecated-str-translate-call
+
+# Enable the message, report, category or checker with the given id(s). You can
+# either give multiple identifier separated by comma (,) or put this option
+# multiple time (only on the command line, not in the configuration file where
+# it should appear only once). See also the "--disable" option for examples.
+enable=
+
+
+[REPORTS]
+
+# Python expression which should return a note less than 10 (10 is the highest
+# note). You have access to the variables errors warning, statement which
+# respectively contain the number of errors / warnings messages and the total
+# number of statements analyzed. This is used by the global evaluation report
+# (RP0004).
+evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10)
+
+# Template used to display messages. This is a python new-style format string
+# used to format the message information. See doc for all details
+#msg-template=
+
+# Set the output format. Available formats are text, parseable, colorized, json
+# and msvs (visual studio).You can also give a reporter class, eg
+# mypackage.mymodule.MyReporterClass.
+output-format=text
+
+# Tells whether to display a full report or only the messages
+reports=no
+
+# Activate the evaluation score.
+score=yes
+
+
+[REFACTORING]
+
+# Maximum number of nested blocks for function / method body
+max-nested-blocks=5
+
+
+[SIMILARITIES]
+
+# Ignore comments when computing similarities.
+ignore-comments=yes
+
+# Ignore docstrings when computing similarities.
+ignore-docstrings=yes
+
+# Ignore imports when computing similarities.
+ignore-imports=no
+
+# Minimum lines number of a similarity.
+min-similarity-lines=4
+
+
+[FORMAT]
+
+# Expected format of line ending, e.g. empty (any line ending), LF or CRLF.
+expected-line-ending-format=
+
+# Regexp for a line that is allowed to be longer than the limit.
+ignore-long-lines=^\s*(# )?<?https?://\S+>?$
+
+# Number of spaces of indent required inside a hanging or continued line.
+indent-after-paren=4
+
+# String used as indentation unit. This is usually " " (4 spaces) or "\t" (1
+# tab).
+indent-string=' '
+
+# Maximum number of characters on a single line.
+max-line-length=79
+
+# Maximum number of lines in a module
+max-module-lines=2000
+
+# List of optional constructs for which whitespace checking is disabled. `dict-
+# separator` is used to allow tabulation in dicts, etc.: {1 : 1,\n222: 2}.
+# `trailing-comma` allows a space between comma and closing bracket: (a, ).
+# `empty-line` allows space-only lines.
+no-space-check=trailing-comma,dict-separator
+
+# Allow the body of a class to be on the same line as the declaration if body
+# contains single statement.
+single-line-class-stmt=no
+
+# Allow the body of an if to be on the same line as the test if there is no
+# else.
+single-line-if-stmt=no
+
+
+[BASIC]
+
+# Naming hint for argument names
+argument-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Regular expression matching correct argument names
+argument-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Naming hint for attribute names
+attr-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Regular expression matching correct attribute names
+attr-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Bad variable names which should always be refused, separated by a comma
+bad-names=foo,bar,baz,toto,tutu,tata
+
+# Naming hint for class attribute names
+class-attribute-name-hint=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$
+
+# Regular expression matching correct class attribute names
+class-attribute-rgx=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$
+
+# Naming hint for class names
+class-name-hint=[A-Z_][a-zA-Z0-9]+$
+
+# Regular expression matching correct class names
+class-rgx=[A-Z_][a-zA-Z0-9]+$
+
+# Naming hint for constant names
+const-name-hint=(([A-Z_][A-Z0-9_]*)|(__.*__))$
+
+# Regular expression matching correct constant names
+const-rgx=(([A-Z_][A-Z0-9_]*)|(__.*__))$
+
+# Minimum line length for functions/classes that require docstrings, shorter
+# ones are exempt.
+docstring-min-length=-1
+
+# Naming hint for function names
+function-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Regular expression matching correct function names
+function-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Good variable names which should always be accepted, separated by a comma
+good-names=i,j,k,ex,Run,_
+
+# Include a hint for the correct naming format with invalid-name
+include-naming-hint=no
+
+# Naming hint for inline iteration names
+inlinevar-name-hint=[A-Za-z_][A-Za-z0-9_]*$
+
+# Regular expression matching correct inline iteration names
+inlinevar-rgx=[A-Za-z_][A-Za-z0-9_]*$
+
+# Naming hint for method names
+method-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Regular expression matching correct method names
+method-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Naming hint for module names
+module-name-hint=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$
+
+# Regular expression matching correct module names
+module-rgx=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$
+
+# Colon-delimited sets of names that determine each other's naming style when
+# the name regexes allow several styles.
+name-group=
+
+# Regular expression which should only match function or class names that do
+# not require a docstring.
+no-docstring-rgx=^_
+
+# List of decorators that produce properties, such as abc.abstractproperty. Add
+# to this list to register other decorators that produce valid properties.
+property-classes=abc.abstractproperty
+
+# Naming hint for variable names
+variable-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+# Regular expression matching correct variable names
+variable-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$
+
+
+[TYPECHECK]
+
+# List of decorators that produce context managers, such as
+# contextlib.contextmanager. Add to this list to register other decorators that
+# produce valid context managers.
+contextmanager-decorators=contextlib.contextmanager
+
+# List of members which are set dynamically and missed by pylint inference
+# system, and so shouldn't trigger E1101 when accessed. Python regular
+# expressions are accepted.
+generated-members=
+
+# Tells whether missing members accessed in mixin class should be ignored. A
+# mixin class is detected if its name ends with "mixin" (case insensitive).
+ignore-mixin-members=yes
+
+# This flag controls whether pylint should warn about no-member and similar
+# checks whenever an opaque object is returned when inferring. The inference
+# can return multiple potential results while evaluating a Python object, but
+# some branches might not be evaluated, which results in partial inference. In
+# that case, it might be useful to still emit no-member and other checks for
+# the rest of the inferred objects.
+ignore-on-opaque-inference=yes
+
+# List of class names for which member attributes should not be checked (useful
+# for classes with dynamically set attributes). This supports the use of
+# qualified names.
+ignored-classes=optparse.Values,thread._local,_thread._local
+
+# List of module names for which member attributes should not be checked
+# (useful for modules/projects where namespaces are manipulated during runtime
+# and thus existing member attributes cannot be deduced by static analysis. It
+# supports qualified module names, as well as Unix pattern matching.
+ignored-modules=
+
+# Show a hint with possible names when a member name was not found. The aspect
+# of finding the hint is based on edit distance.
+missing-member-hint=yes
+
+# The minimum edit distance a name should have in order to be considered a
+# similar match for a missing member name.
+missing-member-hint-distance=1
+
+# The total number of similar names that should be taken in consideration when
+# showing a hint for a missing member.
+missing-member-max-choices=1
+
+
+[VARIABLES]
+
+# List of additional names supposed to be defined in builtins. Remember that
+# you should avoid to define new builtins when possible.
+additional-builtins=
+
+# Tells whether unused global variables should be treated as a violation.
+allow-global-unused-variables=yes
+
+# List of strings which can identify a callback function by name. A callback
+# name must start or end with one of those strings.
+callbacks=cb_,_cb
+
+# A regular expression matching the name of dummy variables (i.e. expectedly
+# not used).
+dummy-variables-rgx=_+$|(_[a-zA-Z0-9_]*[a-zA-Z0-9]+?$)|dummy|^ignored_|^unused_
+
+# Argument names that match this expression will be ignored. Default to name
+# with leading underscore
+ignored-argument-names=_.*|^ignored_|^unused_
+
+# Tells whether we should check for unused import in __init__ files.
+init-import=no
+
+# List of qualified module names which can have objects that can redefine
+# builtins.
+redefining-builtins-modules=six.moves,future.builtins
+
+
+[SPELLING]
+
+# Spelling dictionary name. Available dictionaries: none. To make it working
+# install python-enchant package.
+spelling-dict=
+
+# List of comma separated words that should not be checked.
+spelling-ignore-words=
+
+# A path to a file that contains private dictionary; one word per line.
+spelling-private-dict-file=
+
+# Tells whether to store unknown words to indicated private dictionary in
+# --spelling-private-dict-file option instead of raising a message.
+spelling-store-unknown-words=no
+
+
+[MISCELLANEOUS]
+
+# List of note tags to take in consideration, separated by a comma.
+notes=FIXME,XXX,TODO
+
+
+[LOGGING]
+
+# Logging modules to check that the string format arguments are in logging
+# function parameter format
+logging-modules=logging
+
+
+[CLASSES]
+
+# List of method names used to declare (i.e. assign) instance attributes.
+defining-attr-methods=__init__,__new__,setUp
+
+# List of member names, which should be excluded from the protected access
+# warning.
+exclude-protected=_asdict,_fields,_replace,_source,_make
+
+# List of valid names for the first argument in a class method.
+valid-classmethod-first-arg=cls
+
+# List of valid names for the first argument in a metaclass class method.
+valid-metaclass-classmethod-first-arg=mcs
+
+
+[DESIGN]
+
+# Maximum number of arguments for function / method
+max-args=5
+
+# Maximum number of attributes for a class (see R0902).
+max-attributes=7
+
+# Maximum number of boolean expressions in a if statement
+max-bool-expr=5
+
+# Maximum number of branch for function / method body
+max-branches=12
+
+# Maximum number of locals for function / method body
+max-locals=15
+
+# Maximum number of parents for a class (see R0901).
+max-parents=7
+
+# Maximum number of public methods for a class (see R0904).
+max-public-methods=20
+
+# Maximum number of return / yield for function / method body
+max-returns=6
+
+# Maximum number of statements in function / method body
+max-statements=50
+
+# Minimum number of public methods for a class (see R0903).
+min-public-methods=2
+
+
+[IMPORTS]
+
+# Allow wildcard imports from modules that define __all__.
+allow-wildcard-with-all=no
+
+# Analyse import fallback blocks. This can be used to support both Python 2 and
+# 3 compatible code, which means that the block might have code that exists
+# only in one or another interpreter, leading to false positives when analysed.
+analyse-fallback-blocks=no
+
+# Deprecated modules which should not be used, separated by a comma
+deprecated-modules=regsub,TERMIOS,Bastion,rexec
+
+# Create a graph of external dependencies in the given file (report RP0402 must
+# not be disabled)
+ext-import-graph=
+
+# Create a graph of every (i.e. internal and external) dependencies in the
+# given file (report RP0402 must not be disabled)
+import-graph=
+
+# Create a graph of internal dependencies in the given file (report RP0402 must
+# not be disabled)
+int-import-graph=
+
+# Force import order to recognize a module as part of the standard
+# compatibility libraries.
+known-standard-library=
+
+# Force import order to recognize a module as part of a third party library.
+known-third-party=enchant
+
+
+[EXCEPTIONS]
+
+# Exceptions that will emit a warning when being caught. Defaults to
+# "Exception"
+overgeneral-exceptions=Exception
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 0ade1d4..157eeba 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,5 +1,9 @@
cmake_minimum_required(VERSION 2.6)
-project("mbed TLS" C)
+if(TEST_CPP)
+ project("mbed TLS" C CXX)
+else()
+ project("mbed TLS" C)
+endif()
option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF)
option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF)
@@ -32,6 +36,7 @@
"${NULL_ENTROPY_WARN_L3}"
"${WARNING_BORDER}")
+find_package(PythonInterp)
find_package(Perl)
if(PERL_FOUND)
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 3c6dc74..3433ed0 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -26,38 +26,70 @@
1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it.
1. Mbed TLS is released under the Apache license, and as such, all the added files should include the Apache license header.
-Backports
----------
-Mbed TLS maintains some legacy branches, which are released as LTS versions. Mbed TLS should follow backwards compatibility rules, to fit with existing users. As such, backporting to these branches should be handled according to the following rules:
-
-1. If the contribution is a new feature or enhancement, no backporting is needed.
-1. Bug fixes should be backported to the legacy branches containing these bugs.
-1. Changes in the API do not require backporting. If a bug fix introduced a new API, such as new error codes, the bug fix should be implemented differently in the legacy branch.
+API/ABI Compatibility
+---------------------
+The project aims to minimise the impact on users upgrading to newer versions of the library and it should not be necessary for a user to make any changes to their own code to work with a newer version of the library. Unless the user has made an active decision to use newer features, a newer generation of the library or a change has been necessary due to a security issue or other significant software defect, no modifications to their own code should be necessary. To achieve this, API compatibility is maintained between different versions of Mbed TLS on the main development branch and in LTS (Long Term Support) branches.
-It would be highly appreciated if a contribution would be backported to a legacy branch in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development).
-At the moment, the legacy branches are:
-
-1. [mbedtls-1.3](https://github.com/ARMmbed/mbedtls/tree/mbedtls-1.3)
+To minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change.
+
+Where changes to an existing interface are necessary, functions in the public interface which need to be changed, are marked as 'deprecated'. This is done with the preprocessor symbols `MBEDTLS_DEPRECATED_WARNING` and `MBEDTLS_DEPRECATED_REMOVED`. Then, a new function with a new name but similar if not identical behaviour to the original function containing the necessary changes should be created alongside the existing deprecated function.
+
+When a build is made with the deprecation preprocessor symbols defined, a compiler warning will be generated to warn a user that the function will be removed at some point in the future, notifying users that they should change from the older deprecated function to the newer function at their own convenience.
+
+Therefore, no changes are permitted to the definition of functions in the public interface which will change the API. Instead the interface can only be changed by its extension. As described above, if a function needs to be changed, a new function needs to be created alongside it, with a new name, and whatever change is necessary, such as a new parameter or the addition of a return value.
+
+Periodically, the library will remove deprecated functions from the library which will be a breaking change in the API, but such changes will be made only in a planned, structured way that gives sufficient notice to users of the library.
+
+Long Term Support Branches
+--------------------------
+Mbed TLS maintains several LTS (Long Term Support) branches, which are maintained continuously for a given period. The LTS branches are provided to allow users of the library to have a maintained, stable version of the library which contains only security fixes and fixes for other defects, without encountering additional features or API extensions which may introduce issues or change the code size or RAM usage, which can be significant considerations on some platforms. To allow users to take advantage of the LTS branches, these branches maintain backwards compatibility for both the public API and ABI.
+
+When backporting to these branches please observe the following rules:
+
+ 1. Any change to the library which changes the API or ABI cannot be backported.
+
+ 2. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted.
+
+ 3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be addtional test cases or quality improvements such as changes to build or test scripts.
+
+It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors.
+
+Currently maintained LTS branches are:
+
1. [mbedtls-2.1](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.1)
+2. [mbedtls-2.7](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.7)
+
+
Tests
-----
-As mentioned, tests that show the correctness of the feature or bug fix should be added to the pull request, if no such tests exist.
-Mbed TLS includes an elaborate test suite in `tests/` that initially requires Perl to generate the tests files (e.g. `test_suite_mpi.c`). These files are generated from a `function file` (e.g. `suites/test_suite_mpi.function`) and a `data file` (e.g. `suites/test_suite_mpi.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function.
+As mentioned, tests that show the correctness of the feature or bug fix should be added to the pull request, if no such tests exist.
+
+Mbed TLS includes a comprehensive set of test suites in the `tests/` directory that are dynamically generated to produce the actual test source files (e.g. `test_suite_mpi.c`). These files are generated from a `function file` (e.g. `suites/test_suite_mpi.function`) and a `data file` (e.g. `suites/test_suite_mpi.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function.
+
+[A Knowledge Base article describing how to add additional tests is available on the Mbed TLS website](https://tls.mbed.org/kb/development/test_suites).
+
+A test script `tests/scripts/basic-build-test.sh` is available to show test coverage of the library. New code contributions should provide a similar level of code coverage to that which already exists for the library.
Sample applications, if needed, should be modified as well.
Continuous Integration Tests
----------------------------
-Once a PR has been made, the Continuous Integration (CI) tests are triggered and run. You should follow the result of the CI tests, and fix failures.
+Once a PR has been made, the Continuous Integration (CI) tests are triggered and run. You should follow the result of the CI tests, and fix failures.
+
It is advised to enable the [githooks scripts](https://github.com/ARMmbed/mbedtls/tree/development/tests/git-scripts) prior to pushing your changes, for catching some of the issues as early as possible.
Documentation
-------------
-Mbed TLS should be well documented. If documentation is needed, speak out!
+Mbed TLS is well documented, but if you think documentation is needed, speak out!
1. All interfaces should be documented through Doxygen. New APIs should introduce Doxygen documentation.
-1. Complex parts in the code should include comments.
-1. If needed, a Readme file is advised.
-1. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description.
-1. A [ChangeLog](https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog) entry should be added for this contribution.
+
+2. Complex parts in the code should include comments.
+
+3. If needed, a Readme file is advised.
+
+4. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description.
+
+5. A [ChangeLog](https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog) entry should be added for this contribution.
+
diff --git a/ChangeLog b/ChangeLog
index 027a971..0d74fde 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,212 @@
mbed TLS ChangeLog (Sorted per branch, date)
+= mbed TLS x.x.x branch released xxxx-xx-xx
+
+Features
+ * Add support for temporarily suspending expensive ECC computations after
+ some configurable amount of operations, to be used in single-threaded
+ constrained systems where ECC is time consuming and blocking until
+ completion cannot be tolerated. This is enabled by
+ MBEDTLS_ECP_RESTARTABLE at compile time (disabled by default) and
+ configured by mbedtls_ecp_set_max_ops() at runtime. It applies to new
+ xxx_restartable functions in ECP, ECDSA, PK and X.509 (CRL not supported
+ yet), and to existing functions in ECDH and SSL (currently only
+ implemented client-side, for ECDHE-ECDSA ciphersuites in TLS 1.2,
+ including client authentication).
+
+Bugfix
+ * Fix a bug in the update function for SSL ticket keys which previously
+ invalidated keys of a lifetime of less than a 1s. Fixes #1968.
+ * Fix failure in hmac_drbg in the benchmark sample application, when
+ MBEDTLS_THREADING_C is defined. Found by TrinityTonic, #1095
+
+Changes
+ * Removed support for Yotta as a build tool.
+ * Add tests for session resumption in DTLS.
+ * Close a test gap in (D)TLS between the client side and the server side:
+ test the handling of large packets and small packets on the client side
+ in the same way as on the server side.
+
+= mbed TLS 2.13.1 branch released 2018-09-06
+
+API Changes
+ * Extend the platform module with an abstraction mbedtls_platform_gmtime_r()
+ whose implementation should behave as a thread-safe version of gmtime().
+ This allows users to configure such an implementation at compile time when
+ the target system cannot be deduced automatically, by setting the option
+ MBEDTLS_PLATFORM_GMTIME_R_ALT. At this stage Mbed TLS is only able to
+ automatically select implementations for Windows and POSIX C libraries.
+
+Bugfix
+ * Fix build failures on platforms where only gmtime() is available but
+ neither gmtime_r() nor gmtime_s() are present. Fixes #1907.
+
+= mbed TLS 2.13.0 branch released 2018-08-31
+
+Security
+ * Fix an issue in the X.509 module which could lead to a buffer overread
+ during certificate extensions parsing. In case of receiving malformed
+ input (extensions length field equal to 0), an illegal read of one byte
+ beyond the input buffer is made. Found and analyzed by Nathan Crandall.
+
+Features
+ * Add support for fragmentation of outgoing DTLS handshake messages. This
+ is controlled by the maximum fragment length as set locally or negotiated
+ with the peer, as well as by a new per-connection MTU option, set using
+ mbedtls_ssl_set_mtu().
+ * Add support for auto-adjustment of MTU to a safe value during the
+ handshake when flights do not get through (RFC 6347, section 4.1.1.1,
+ last paragraph).
+ * Add support for packing multiple records within a single datagram,
+ enabled by default.
+ * Add support for buffering out-of-order handshake messages in DTLS.
+ The maximum amount of RAM used for this can be controlled by the
+ compile-time constant MBEDTLS_SSL_DTLS_MAX_BUFFERING defined
+ in mbedtls/config.h.
+
+API Changes
+ * Add function mbedtls_ssl_set_datagram_packing() to configure
+ the use of datagram packing (enabled by default).
+
+Bugfix
+ * Fix a potential memory leak in mbedtls_ssl_setup() function. An allocation
+ failure in the function could lead to other buffers being leaked.
+ * Fixes an issue with MBEDTLS_CHACHAPOLY_C which would not compile if
+ MBEDTLS_ARC4_C and MBEDTLS_CIPHER_NULL_CIPHER weren't also defined. #1890
+ * Fix a memory leak in ecp_mul_comb() if ecp_precompute_comb() fails.
+ Fix contributed by Espressif Systems.
+ * Add ecc extensions only if an ecc based ciphersuite is used.
+ This improves compliance to RFC 4492, and as a result, solves
+ interoperability issues with BouncyCastle. Raised by milenamil in #1157.
+ * Replace printf with mbedtls_printf in the ARIA module. Found by
+ TrinityTonic in #1908.
+ * Fix potential use-after-free in mbedtls_ssl_get_max_frag_len()
+ and mbedtls_ssl_get_record_expansion() after a session reset. Fixes #1941.
+ * Fix a bug that caused SSL/TLS clients to incorrectly abort the handshake
+ with TLS versions 1.1 and earlier when the server requested authentication
+ without providing a list of CAs. This was due to an overly strict bounds
+ check in parsing the CertificateRequest message,
+ introduced in Mbed TLS 2.12.0. Fixes #1954.
+ * Fix a miscalculation of the maximum record expansion in
+ mbedtls_ssl_get_record_expansion() in case of ChachaPoly ciphersuites,
+ or CBC ciphersuites in (D)TLS versions 1.1 or higher. Fixes #1913, #1914.
+ * Fix undefined shifts with negative values in certificates parsing
+ (found by Catena cyber using oss-fuzz)
+ * Fix memory leak and free without initialization in pk_encrypt
+ and pk_decrypt example programs. Reported by Brace Stout. Fixes #1128.
+ * Remove redundant else statement. Raised by irwir. Fixes #1776.
+
+Changes
+ * Copy headers preserving timestamps when doing a "make install".
+ Contributed by xueruini.
+ * Allow the forward declaration of public structs. Contributed by Dawid
+ Drozd. Fixes #1215 raised by randombit.
+ * Improve compatibility with some alternative CCM implementations by using
+ CCM test vectors from RAM.
+ * Add support for buffering of out-of-order handshake messages.
+ * Add warnings to the documentation of the HKDF module to reduce the risk
+ of misusing the mbedtls_hkdf_extract() and mbedtls_hkdf_expand()
+ functions. Fixes #1775. Reported by Brian J. Murray.
+
+= mbed TLS 2.12.0 branch released 2018-07-25
+
+Security
+ * Fix a vulnerability in TLS ciphersuites based on CBC and using SHA-384,
+ in (D)TLS 1.0 to 1.2, that allowed an active network attacker to
+ partially recover the plaintext of messages under some conditions by
+ exploiting timing measurements. With DTLS, the attacker could perform
+ this recovery by sending many messages in the same connection. With TLS
+ or if mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only
+ worked if the same secret (for example a HTTP Cookie) has been repeatedly
+ sent over connections manipulated by the attacker. Connections using GCM
+ or CCM instead of CBC, using hash sizes other than SHA-384, or using
+ Encrypt-then-Mac (RFC 7366) were not affected. The vulnerability was
+ caused by a miscalculation (for SHA-384) in a countermeasure to the
+ original Lucky 13 attack. Found by Kenny Paterson, Eyal Ronen and Adi
+ Shamir.
+ * Fix a vulnerability in TLS ciphersuites based on CBC, in (D)TLS 1.0 to
+ 1.2, that allowed a local attacker, able to execute code on the local
+ machine as well as manipulate network packets, to partially recover the
+ plaintext of messages under some conditions by using a cache attack
+ targetting an internal MD/SHA buffer. With TLS or if
+ mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if
+ the same secret (for example a HTTP Cookie) has been repeatedly sent over
+ connections manipulated by the attacker. Connections using GCM or CCM
+ instead of CBC or using Encrypt-then-Mac (RFC 7366) were not affected.
+ Found by Kenny Paterson, Eyal Ronen and Adi Shamir.
+ * Add a counter-measure against a vulnerability in TLS ciphersuites based
+ on CBC, in (D)TLS 1.0 to 1.2, that allowed a local attacker, able to
+ execute code on the local machine as well as manipulate network packets,
+ to partially recover the plaintext of messages under some conditions (see
+ previous entry) by using a cache attack targeting the SSL input record
+ buffer. Connections using GCM or CCM instead of CBC or using
+ Encrypt-then-Mac (RFC 7366) were not affected. Found by Kenny Paterson,
+ Eyal Ronen and Adi Shamir.
+
+Features
+ * Add new crypto primitives from RFC 7539: stream cipher Chacha20, one-time
+ authenticator Poly1305 and AEAD construct Chacha20-Poly1305. Contributed
+ by Daniel King.
+ * Add support for CHACHA20-POLY1305 ciphersuites from RFC 7905.
+ * Add platform support for the Haiku OS. (https://www.haiku-os.org).
+ Contributed by Augustin Cavalier.
+ * Make the receive and transmit buffers independent sizes, for situations
+ where the outgoing buffer can be fixed at a smaller size than the incoming
+ buffer, which can save some RAM. If buffer lengths are kept equal, there
+ is no functional difference. Contributed by Angus Gratton, and also
+ independently contributed again by Paul Sokolovsky.
+ * Add support for key wrapping modes based on AES as defined by
+ NIST SP 800-38F algorithms KW and KWP and by RFC 3394 and RFC 5649.
+
+Bugfix
+ * Fix the key_app_writer example which was writing a leading zero byte which
+ was creating an invalid ASN.1 tag. Found by Aryeh R. Fixes #1257.
+ * Fix compilation error on C++, because of a variable named new.
+ Found and fixed by Hirotaka Niisato in #1783.
+ * Fix "no symbols" warning issued by ranlib when building on Mac OS X. Fix
+ contributed by tabascoeye.
+ * Clarify documentation for mbedtls_ssl_write() to include 0 as a valid
+ return value. Found by @davidwu2000. #839
+ * Fix a memory leak in mbedtls_x509_csr_parse(), found by catenacyber,
+ Philippe Antoine. Fixes #1623.
+ * Remove unused headers included in x509.c. Found by Chris Hanson and fixed
+ by Brendan Shanks. Part of a fix for #992.
+ * Fix compilation error when MBEDTLS_ARC4_C is disabled and
+ MBEDTLS_CIPHER_NULL_CIPHER is enabled. Found by TrinityTonic in #1719.
+ * Added length checks to some TLS parsing functions. Found and fixed by
+ Philippe Antoine from Catena cyber. #1663.
+ * Fix the inline assembly for the MPI multiply helper function for i386 and
+ i386 with SSE2. Found by László Langó. Fixes #1550
+ * Fix namespacing in header files. Remove the `mbedtls` namespacing in
+ the `#include` in the header files. Resolves #857
+ * Fix compiler warning of 'use before initialisation' in
+ mbedtls_pk_parse_key(). Found by Martin Boye Petersen and fixed by Dawid
+ Drozd. #1098
+ * Fix decryption for zero length messages (which contain all padding) when a
+ CBC based ciphersuite is used together with Encrypt-then-MAC. Previously,
+ such a message was wrongly reported as an invalid record and therefore lead
+ to the connection being terminated. Seen most often with OpenSSL using
+ TLS 1.0. Reported by @kFYatek and by Conor Murphy on the forum. Fix
+ contributed by Espressif Systems. Fixes #1632
+ * Fix ssl_client2 example to send application data with 0-length content
+ when the request_size argument is set to 0 as stated in the documentation.
+ Fixes #1833.
+ * Correct the documentation for `mbedtls_ssl_get_session()`. This API has
+ deep copy of the session, and the peer certificate is not lost. Fixes #926.
+ * Fix build using -std=c99. Fixed by Nick Wilson.
+
+Changes
+ * Fail when receiving a TLS alert message with an invalid length, or invalid
+ zero-length messages when using TLS 1.2. Contributed by Espressif Systems.
+ * Change the default behaviour of mbedtls_hkdf_extract() to return an error
+ when calling with a NULL salt and non-zero salt_len. Contributed by
+ Brian J Murray
+ * Change the shebang line in Perl scripts to look up perl in the PATH.
+ Contributed by fbrosson.
+ * Allow overriding the time on Windows via the platform-time abstraction.
+ Fixed by Nick Wilson.
+ * Use gmtime_r/gmtime_s for thread-safety. Fixed by Nick Wilson.
+
= mbed TLS 2.11.0 branch released 2018-06-18
Features
diff --git a/Makefile b/Makefile
index a0fcb2b..78c1acb 100644
--- a/Makefile
+++ b/Makefile
@@ -23,7 +23,7 @@
ifndef WINDOWS
install: no_test
mkdir -p $(DESTDIR)/include/mbedtls
- cp -r include/mbedtls $(DESTDIR)/include
+ cp -rp include/mbedtls $(DESTDIR)/include
mkdir -p $(DESTDIR)/lib
cp -RP library/libmbedtls.* $(DESTDIR)/lib
diff --git a/README.md b/README.md
index a2c3c6f..d7a0e9d 100644
--- a/README.md
+++ b/README.md
@@ -11,47 +11,16 @@
Compiling
---------
-There are currently four active build systems used within Mbed TLS releases:
+There are currently three active build systems used within Mbed TLS releases:
-- yotta
- GNU Make
- CMake
- Microsoft Visual Studio (Microsoft Visual Studio 2010 or later)
The main systems used for development are CMake and GNU Make. Those systems are always complete and up-to-date. The others should reflect all changes present in the CMake and Make build system, although features may not be ported there automatically.
-Yotta, as a build system, is slightly different from the other build systems:
-
-- it provides a minimalistic configuration file by default
-- depending on the yotta target, features of Mbed OS may be used in examples and tests
-
The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx509, and libmbedtls. Note that libmbedtls depends on libmbedx509 and libmbedcrypto, and libmbedx509 depends on libmbedcrypto. As a result, some linkers will expect flags to be in a specific order, for example the GNU linker wants `-lmbedtls -lmbedx509 -lmbedcrypto`. Also, when loading shared libraries using dlopen(), you'll need to load libmbedcrypto first, then libmbedx509, before you can load libmbedtls.
-### Yotta
-
-[yotta](http://yottabuild.org) is a package manager and build system developed by Mbed, and is the build system of Mbed OS 16.03. To install it on your platform, please follow the yotta [installation instructions](http://docs.yottabuild.org/#installing).
-
-Once yotta is installed, you can use it to download the latest version of Mbed TLS from the yotta registry with:
-
- yotta install mbedtls
-
-and build it with:
-
- yotta build
-
-If, on the other hand, you already have a copy of Mbed TLS from a source other than the yotta registry, for example from cloning our GitHub repository, or from downloading a tarball of the standalone edition, then you'll first need to generate the yotta module by running:
-
- yotta/create-module.sh
-
-This should be executed from the root Mbed TLS project directory. This will create the yotta module in the `yotta/module` directory within it. You can then change to that directory and build as usual:
-
- cd yotta/module
- yotta build
-
-In any case, you'll probably want to set the yotta target before building unless it has already been set globally. For more information on using yotta, please consult the [yotta documentation](http://docs.yottabuild.org/).
-
-For more details on the yotta/Mbed OS edition of Mbed TLS, including example programs, please consult the [Readme at the root of the yotta module](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/README.md).
-
### Make
We require GNU Make. To build the library and the sample programs, GNU Make and a C compiler are sufficient. Some of the more advanced build targets require some Unix/Linux tools.
@@ -78,11 +47,11 @@
Setting the variable `SHARED` in your environment will build shared libraries in addition to the static libraries. Setting `DEBUG` gives you a debug build. You can override `CFLAGS` and `LDFLAGS` by setting them in your environment or on the make command line; compiler warning options may be overridden separately using `WARNING_CFLAGS`. Some directory-specific options (for example, `-I` directives) are still preserved.
-Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so it you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overriden from the command line.
+Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overriden from the command line.
Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://tls.mbed.org/kb) for articles on your platform or issue.
-In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS knowledge base](https://tls.mbed.org/kb).
+In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS Knowledge Base](https://tls.mbed.org/kb).
### CMake
@@ -169,7 +138,7 @@
Example programs
----------------
-We've included example programs for a lot of different features and uses in `programs/`. Most programs only focus on a single feature or usage scenario, so keep that in mind when copying parts of the code.
+We've included example programs for a lot of different features and uses in [`programs/`](programs/README.md). Most programs only focus on a single feature or usage scenario, so keep that in mind when copying parts of the code.
Tests
-----
@@ -192,7 +161,7 @@
Porting Mbed TLS
----------------
-Mbed TLS can be ported to many different architectures, OS's and platforms. Before starting a port, you may find the following knowledge base articles useful:
+Mbed TLS can be ported to many different architectures, OS's and platforms. Before starting a port, you may find the following Knowledge Base articles useful:
- [Porting Mbed TLS to a new environment or OS](https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS)
- [What external dependencies does Mbed TLS rely on?](https://tls.mbed.org/kb/development/what-external-dependencies-does-mbedtls-rely-on)
@@ -211,7 +180,7 @@
### Making a Contribution
-1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://tls.mbed.org/discussions) around a feature idea or a bug.
+1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://forums.mbed.com/c/mbed-tls) around a feature idea or a bug.
2. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the "development" branch as a basis.
3. Write a test which shows that the bug was fixed or that the feature works as expected.
4. Send a pull request and bug us until it gets merged and published. Contributions may need some modifications, so work with us to get your change accepted. We will include your name in the ChangeLog :)
diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h
index a783e6b..c9b58dd 100644
--- a/configs/config-ccm-psk-tls1_2.h
+++ b/configs/config-ccm-psk-tls1_2.h
@@ -81,7 +81,7 @@
* both ends of the connection! (See comments in "mbedtls/ssl.h".)
* The optimal size here depends on the typical size of records.
*/
-#define MBEDTLS_SSL_MAX_CONTENT_LEN 512
+#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
#include "mbedtls/check_config.h"
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index ed78eb4..b9f9ec1 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -24,7 +24,7 @@
*/
/**
- * @mainpage mbed TLS v2.11.0 source code documentation
+ * @mainpage mbed TLS v2.13.1 source code documentation
*
* This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index fdeab7a..6be7263 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -28,7 +28,7 @@
# identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces.
-PROJECT_NAME = "mbed TLS v2.11.0"
+PROJECT_NAME = "mbed TLS v2.13.1"
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or
@@ -696,7 +696,7 @@
# Note that relative paths are relative to the directory from which doxygen is
# run.
-EXCLUDE = ../configs ../yotta/module
+EXCLUDE = ../configs
# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or
# directories that are symbolic links (a Unix file system feature) are excluded
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index f6603d5..4c8dab3 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -79,7 +79,7 @@
/**
* \brief The AES context-type definition.
*/
-typedef struct
+typedef struct mbedtls_aes_context
{
int nr; /*!< The number of rounds. */
uint32_t *rk; /*!< AES round keys. */
@@ -98,7 +98,7 @@
/**
* \brief The AES XTS context-type definition.
*/
-typedef struct
+typedef struct mbedtls_aes_xts_context
{
mbedtls_aes_context crypt; /*!< The AES context to use for AES block
encryption or decryption. */
diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h
index f11fc5b..83a7461 100644
--- a/include/mbedtls/arc4.h
+++ b/include/mbedtls/arc4.h
@@ -53,7 +53,7 @@
* security risk. We recommend considering stronger ciphers instead.
*
*/
-typedef struct
+typedef struct mbedtls_arc4_context
{
int x; /*!< permutation index */
int y; /*!< permutation index */
diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h
index bae0621..4a79c13 100644
--- a/include/mbedtls/aria.h
+++ b/include/mbedtls/aria.h
@@ -62,7 +62,7 @@
/**
* \brief The ARIA context-type definition.
*/
-typedef struct
+typedef struct mbedtls_aria_context
{
unsigned char nr; /*!< The number of rounds (12, 14 or 16) */
/*! The ARIA round keys. */
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index 31383b1..732ecbe 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -177,7 +177,7 @@
/**
* \brief MPI structure
*/
-typedef struct
+typedef struct mbedtls_mpi
{
int s; /*!< integer sign */
size_t n; /*!< total # of limbs */
diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h
index 985faa4..eea6882 100644
--- a/include/mbedtls/blowfish.h
+++ b/include/mbedtls/blowfish.h
@@ -55,7 +55,7 @@
/**
* \brief Blowfish context structure
*/
-typedef struct
+typedef struct mbedtls_blowfish_context
{
uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */
uint32_t S[4][256]; /*!< key dependent S-boxes */
diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h
index f4b2b56..6679389 100644
--- a/include/mbedtls/bn_mul.h
+++ b/include/mbedtls/bn_mul.h
@@ -49,7 +49,14 @@
/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
#if defined(__GNUC__) && \
( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 )
-#if defined(__i386__)
+
+/*
+ * Disable use of the i386 assembly code below if option -O0, to disable all
+ * compiler optimisations, is passed, detected with __OPTIMIZE__
+ * This is done as the number of registers used in the assembly code doesn't
+ * work with the -O0 option.
+ */
+#if defined(__i386__) && defined(__OPTIMIZE__)
#define MULADDC_INIT \
asm( \
@@ -142,7 +149,7 @@
"movl %%esi, %3 \n\t" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
- : "eax", "ecx", "edx", "esi", "edi" \
+ : "eax", "ebx", "ecx", "edx", "esi", "edi" \
);
#else
@@ -154,7 +161,7 @@
"movl %%esi, %3 \n\t" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
- : "eax", "ecx", "edx", "esi", "edi" \
+ : "eax", "ebx", "ecx", "edx", "esi", "edi" \
);
#endif /* SSE2 */
#endif /* i386 */
@@ -558,9 +565,8 @@
#endif /* TriCore */
/*
- * gcc -O0 by default uses r7 for the frame pointer, so it complains about our
- * use of r7 below, unless -fomit-frame-pointer is passed. Unfortunately,
- * passing that option is not easy when building with yotta.
+ * Note, gcc -O0 by default uses r7 for the frame pointer, so it complains about
+ * our use of r7 below, unless -fomit-frame-pointer is passed.
*
* On the other hand, -fomit-frame-pointer is implied by any -Ox options with
* x !=0, which we can detect using __OPTIMIZE__ (which is also defined by
diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h
index 7e4721a..fa1e05e 100644
--- a/include/mbedtls/camellia.h
+++ b/include/mbedtls/camellia.h
@@ -51,7 +51,7 @@
/**
* \brief CAMELLIA context structure
*/
-typedef struct
+typedef struct mbedtls_camellia_context
{
int nr; /*!< number of rounds */
uint32_t rk[68]; /*!< CAMELLIA round keys */
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index 5d727e7..e1dc124 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -68,7 +68,8 @@
* \brief The CCM context-type definition. The CCM context is passed
* to the APIs called.
*/
-typedef struct {
+typedef struct mbedtls_ccm_context
+{
mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */
}
mbedtls_ccm_context;
diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h
new file mode 100644
index 0000000..cfea40a
--- /dev/null
+++ b/include/mbedtls/chacha20.h
@@ -0,0 +1,212 @@
+/**
+ * \file chacha20.h
+ *
+ * \brief This file contains ChaCha20 definitions and functions.
+ *
+ * ChaCha20 is a stream cipher that can encrypt and decrypt
+ * information. ChaCha was created by Daniel Bernstein as a variant of
+ * its Salsa cipher https://cr.yp.to/chacha/chacha-20080128.pdf
+ * ChaCha20 is the variant with 20 rounds, that was also standardized
+ * in RFC 7539.
+ *
+ * \author Daniel King <damaki.gh@gmail.com>
+ */
+
+/* Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CHACHA20_H
+#define MBEDTLS_CHACHA20_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdint.h>
+#include <stddef.h>
+
+#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051 /**< Invalid input parameter(s). */
+#define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE -0x0053 /**< Feature not available. For example, s part of the API is not implemented. */
+#define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED -0x0055 /**< Chacha20 hardware accelerator failed. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_CHACHA20_ALT)
+
+typedef struct mbedtls_chacha20_context
+{
+ uint32_t state[16]; /*! The state (before round operations). */
+ uint8_t keystream8[64]; /*! Leftover keystream bytes. */
+ size_t keystream_bytes_used; /*! Number of keystream bytes already used. */
+}
+mbedtls_chacha20_context;
+
+#else /* MBEDTLS_CHACHA20_ALT */
+#include "chacha20_alt.h"
+#endif /* MBEDTLS_CHACHA20_ALT */
+
+/**
+ * \brief This function initializes the specified ChaCha20 context.
+ *
+ * It must be the first API called before using
+ * the context.
+ *
+ * It is usually followed by calls to
+ * \c mbedtls_chacha20_setkey() and
+ * \c mbedtls_chacha20_starts(), then one or more calls to
+ * to \c mbedtls_chacha20_update(), and finally to
+ * \c mbedtls_chacha20_free().
+ *
+ * \param ctx The ChaCha20 context to initialize.
+ */
+void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
+
+/**
+ * \brief This function releases and clears the specified ChaCha20 context.
+ *
+ * \param ctx The ChaCha20 context to clear.
+ */
+void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
+
+/**
+ * \brief This function sets the encryption/decryption key.
+ *
+ * \note After using this function, you must also call
+ * \c mbedtls_chacha20_starts() to set a nonce before you
+ * start encrypting/decrypting data with
+ * \c mbedtls_chacha_update().
+ *
+ * \param ctx The ChaCha20 context to which the key should be bound.
+ * \param key The encryption/decryption key. Must be 32 bytes in length.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.
+ */
+int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
+ const unsigned char key[32] );
+
+/**
+ * \brief This function sets the nonce and initial counter value.
+ *
+ * \note A ChaCha20 context can be re-used with the same key by
+ * calling this function to change the nonce.
+ *
+ * \warning You must never use the same nonce twice with the same key.
+ * This would void any confidentiality guarantees for the
+ * messages encrypted with the same nonce and key.
+ *
+ * \param ctx The ChaCha20 context to which the nonce should be bound.
+ * \param nonce The nonce. Must be 12 bytes in size.
+ * \param counter The initial counter value. This is usually 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is
+ * NULL.
+ */
+int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
+ const unsigned char nonce[12],
+ uint32_t counter );
+
+/**
+ * \brief This function encrypts or decrypts data.
+ *
+ * Since ChaCha20 is a stream cipher, the same operation is
+ * used for encrypting and decrypting data.
+ *
+ * \note The \p input and \p output pointers must either be equal or
+ * point to non-overlapping buffers.
+ *
+ * \note \c mbedtls_chacha20_setkey() and
+ * \c mbedtls_chacha20_starts() must be called at least once
+ * to setup the context before this function can be called.
+ *
+ * \note This function can be called multiple times in a row in
+ * order to encrypt of decrypt data piecewise with the same
+ * key and nonce.
+ *
+ * \param ctx The ChaCha20 context to use for encryption or decryption.
+ * \param size The length of the input data in bytes.
+ * \param input The buffer holding the input data.
+ * This pointer can be NULL if size == 0.
+ * \param output The buffer holding the output data.
+ * Must be able to hold \p size bytes.
+ * This pointer can be NULL if size == 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if the ctx, input, or
+ * output pointers are NULL.
+ */
+int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
+ size_t size,
+ const unsigned char *input,
+ unsigned char *output );
+
+/**
+ * \brief This function encrypts or decrypts data with ChaCha20 and
+ * the given key and nonce.
+ *
+ * Since ChaCha20 is a stream cipher, the same operation is
+ * used for encrypting and decrypting data.
+ *
+ * \warning You must never use the same (key, nonce) pair more than
+ * once. This would void any confidentiality guarantees for
+ * the messages encrypted with the same nonce and key.
+ *
+ * \note The \p input and \p output pointers must either be equal or
+ * point to non-overlapping buffers.
+ *
+ * \param key The encryption/decryption key. Must be 32 bytes in length.
+ * \param nonce The nonce. Must be 12 bytes in size.
+ * \param counter The initial counter value. This is usually 0.
+ * \param size The length of the input data in bytes.
+ * \param input The buffer holding the input data.
+ * This pointer can be NULL if size == 0.
+ * \param output The buffer holding the output data.
+ * Must be able to hold \p size bytes.
+ * This pointer can be NULL if size == 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if key, nonce, input,
+ * or output is NULL.
+ */
+int mbedtls_chacha20_crypt( const unsigned char key[32],
+ const unsigned char nonce[12],
+ uint32_t counter,
+ size_t size,
+ const unsigned char* input,
+ unsigned char* output );
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief The ChaCha20 checkup routine.
+ *
+ * \return \c 0 on success.
+ * \return \c 1 on failure.
+ */
+int mbedtls_chacha20_self_test( int verbose );
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CHACHA20_H */
diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h
new file mode 100644
index 0000000..7de6f4e
--- /dev/null
+++ b/include/mbedtls/chachapoly.h
@@ -0,0 +1,355 @@
+/**
+ * \file chachapoly.h
+ *
+ * \brief This file contains the AEAD-ChaCha20-Poly1305 definitions and
+ * functions.
+ *
+ * ChaCha20-Poly1305 is an algorithm for Authenticated Encryption
+ * with Associated Data (AEAD) that can be used to encrypt and
+ * authenticate data. It is based on ChaCha20 and Poly1305 by Daniel
+ * Bernstein and was standardized in RFC 7539.
+ *
+ * \author Daniel King <damaki.gh@gmail.com>
+ */
+
+/* Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CHACHAPOLY_H
+#define MBEDTLS_CHACHAPOLY_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/* for shared error codes */
+#include "poly1305.h"
+
+#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054 /**< The requested operation is not permitted in the current state. */
+#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056 /**< Authenticated decryption failed: data was not authentic. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef enum
+{
+ MBEDTLS_CHACHAPOLY_ENCRYPT, /**< The mode value for performing encryption. */
+ MBEDTLS_CHACHAPOLY_DECRYPT /**< The mode value for performing decryption. */
+}
+mbedtls_chachapoly_mode_t;
+
+#if !defined(MBEDTLS_CHACHAPOLY_ALT)
+
+#include "chacha20.h"
+
+typedef struct mbedtls_chachapoly_context
+{
+ mbedtls_chacha20_context chacha20_ctx; /**< The ChaCha20 context. */
+ mbedtls_poly1305_context poly1305_ctx; /**< The Poly1305 context. */
+ uint64_t aad_len; /**< The length (bytes) of the Additional Authenticated Data. */
+ uint64_t ciphertext_len; /**< The length (bytes) of the ciphertext. */
+ int state; /**< The current state of the context. */
+ mbedtls_chachapoly_mode_t mode; /**< Cipher mode (encrypt or decrypt). */
+}
+mbedtls_chachapoly_context;
+
+#else /* !MBEDTLS_CHACHAPOLY_ALT */
+#include "chachapoly_alt.h"
+#endif /* !MBEDTLS_CHACHAPOLY_ALT */
+
+/**
+ * \brief This function initializes the specified ChaCha20-Poly1305 context.
+ *
+ * It must be the first API called before using
+ * the context. It must be followed by a call to
+ * \c mbedtls_chachapoly_setkey() before any operation can be
+ * done, and to \c mbedtls_chachapoly_free() once all
+ * operations with that context have been finished.
+ *
+ * In order to encrypt or decrypt full messages at once, for
+ * each message you should make a single call to
+ * \c mbedtls_chachapoly_crypt_and_tag() or
+ * \c mbedtls_chachapoly_auth_decrypt().
+ *
+ * In order to encrypt messages piecewise, for each
+ * message you should make a call to
+ * \c mbedtls_chachapoly_starts(), then 0 or more calls to
+ * \c mbedtls_chachapoly_update_aad(), then 0 or more calls to
+ * \c mbedtls_chachapoly_update(), then one call to
+ * \c mbedtls_chachapoly_finish().
+ *
+ * \warning Decryption with the piecewise API is discouraged! Always
+ * use \c mbedtls_chachapoly_auth_decrypt() when possible!
+ *
+ * If however this is not possible because the data is too
+ * large to fit in memory, you need to:
+ *
+ * - call \c mbedtls_chachapoly_starts() and (if needed)
+ * \c mbedtls_chachapoly_update_aad() as above,
+ * - call \c mbedtls_chachapoly_update() multiple times and
+ * ensure its output (the plaintext) is NOT used in any other
+ * way than placing it in temporary storage at this point,
+ * - call \c mbedtls_chachapoly_finish() to compute the
+ * authentication tag and compared it in constant time to the
+ * tag received with the ciphertext.
+ *
+ * If the tags are not equal, you must immediately discard
+ * all previous outputs of \c mbedtls_chachapoly_update(),
+ * otherwise you can now safely use the plaintext.
+ *
+ * \param ctx The ChachaPoly context to initialize.
+ */
+void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
+
+/**
+ * \brief This function releases and clears the specified ChaCha20-Poly1305 context.
+ *
+ * \param ctx The ChachaPoly context to clear.
+ */
+void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
+
+/**
+ * \brief This function sets the ChaCha20-Poly1305 symmetric encryption key.
+ *
+ * \param ctx The ChaCha20-Poly1305 context to which the key should be
+ * bound.
+ * \param key The 256-bit (32 bytes) key.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if \p ctx or \p key are NULL.
+ */
+int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
+ const unsigned char key[32] );
+
+/**
+ * \brief This function starts a ChaCha20-Poly1305 encryption or
+ * decryption operation.
+ *
+ * \warning You must never use the same nonce twice with the same key.
+ * This would void any confidentiality and authenticity
+ * guarantees for the messages encrypted with the same nonce
+ * and key.
+ *
+ * \note If the context is being used for AAD only (no data to
+ * encrypt or decrypt) then \p mode can be set to any value.
+ *
+ * \warning Decryption with the piecewise API is discouraged, see the
+ * warning on \c mbedtls_chachapoly_init().
+ *
+ * \param ctx The ChaCha20-Poly1305 context.
+ * \param nonce The nonce/IV to use for the message. Must be 12 bytes.
+ * \param mode The operation to perform: #MBEDTLS_CHACHAPOLY_ENCRYPT or
+ * #MBEDTLS_CHACHAPOLY_DECRYPT (discouraged, see warning).
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if \p ctx or \p mac are NULL.
+ */
+int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
+ const unsigned char nonce[12],
+ mbedtls_chachapoly_mode_t mode );
+
+/**
+ * \brief This function feeds additional data to be authenticated
+ * into an ongoing ChaCha20-Poly1305 operation.
+ *
+ * The Additional Authenticated Data (AAD), also called
+ * Associated Data (AD) is only authenticated but not
+ * encrypted nor included in the encrypted output. It is
+ * usually transmitted separately from the ciphertext or
+ * computed locally by each party.
+ *
+ * \note This function is called before data is encrypted/decrypted.
+ * I.e. call this function to process the AAD before calling
+ * \c mbedtls_chachapoly_update().
+ *
+ * You may call this function multiple times to process
+ * an arbitrary amount of AAD. It is permitted to call
+ * this function 0 times, if no AAD is used.
+ *
+ * This function cannot be called any more if data has
+ * been processed by \c mbedtls_chachapoly_update(),
+ * or if the context has been finished.
+ *
+ * \warning Decryption with the piecewise API is discouraged, see the
+ * warning on \c mbedtls_chachapoly_init().
+ *
+ * \param ctx The ChaCha20-Poly1305 context to use.
+ * \param aad_len The length (in bytes) of the AAD. The length has no
+ * restrictions.
+ * \param aad Buffer containing the AAD.
+ * This pointer can be NULL if aad_len == 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if \p ctx or \p aad are NULL.
+ * \return #MBEDTLS_ERR_CHACHAPOLY_BAD_STATE
+ * if the operations has not been started or has been
+ * finished, or if the AAD has been finished.
+ */
+int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
+ const unsigned char *aad,
+ size_t aad_len );
+
+/**
+ * \brief Thus function feeds data to be encrypted or decrypted
+ * into an on-going ChaCha20-Poly1305
+ * operation.
+ *
+ * The direction (encryption or decryption) depends on the
+ * mode that was given when calling
+ * \c mbedtls_chachapoly_starts().
+ *
+ * You may call this function multiple times to process
+ * an arbitrary amount of data. It is permitted to call
+ * this function 0 times, if no data is to be encrypted
+ * or decrypted.
+ *
+ * \warning Decryption with the piecewise API is discouraged, see the
+ * warning on \c mbedtls_chachapoly_init().
+ *
+ * \param ctx The ChaCha20-Poly1305 context to use.
+ * \param len The length (in bytes) of the data to encrypt or decrypt.
+ * \param input The buffer containing the data to encrypt or decrypt.
+ * This pointer can be NULL if len == 0.
+ * \param output The buffer to where the encrypted or decrypted data is written.
+ * Must be able to hold \p len bytes.
+ * This pointer can be NULL if len == 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if \p ctx, \p input, or \p output are NULL.
+ * \return #MBEDTLS_ERR_CHACHAPOLY_BAD_STATE
+ * if the operation has not been started or has been
+ * finished.
+ */
+int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
+ size_t len,
+ const unsigned char *input,
+ unsigned char *output );
+
+/**
+ * \brief This function finished the ChaCha20-Poly1305 operation and
+ * generates the MAC (authentication tag).
+ *
+ * \param ctx The ChaCha20-Poly1305 context to use.
+ * \param mac The buffer to where the 128-bit (16 bytes) MAC is written.
+ *
+ * \warning Decryption with the piecewise API is discouraged, see the
+ * warning on \c mbedtls_chachapoly_init().
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if \p ctx or \p mac are NULL.
+ * \return #MBEDTLS_ERR_CHACHAPOLY_BAD_STATE
+ * if the operation has not been started or has been
+ * finished.
+ */
+int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
+ unsigned char mac[16] );
+
+/**
+ * \brief This function performs a complete ChaCha20-Poly1305
+ * authenticated encryption with the previously-set key.
+ *
+ * \note Before using this function, you must set the key with
+ * \c mbedtls_chachapoly_setkey().
+ *
+ * \warning You must never use the same nonce twice with the same key.
+ * This would void any confidentiality and authenticity
+ * guarantees for the messages encrypted with the same nonce
+ * and key.
+ *
+ * \param ctx The ChaCha20-Poly1305 context to use (holds the key).
+ * \param length The length (in bytes) of the data to encrypt or decrypt.
+ * \param nonce The 96-bit (12 bytes) nonce/IV to use.
+ * \param aad The buffer containing the additional authenticated data (AAD).
+ * This pointer can be NULL if aad_len == 0.
+ * \param aad_len The length (in bytes) of the AAD data to process.
+ * \param input The buffer containing the data to encrypt or decrypt.
+ * This pointer can be NULL if ilen == 0.
+ * \param output The buffer to where the encrypted or decrypted data is written.
+ * This pointer can be NULL if ilen == 0.
+ * \param tag The buffer to where the computed 128-bit (16 bytes) MAC is written.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if one or more of the required parameters are NULL.
+ */
+int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
+ size_t length,
+ const unsigned char nonce[12],
+ const unsigned char *aad,
+ size_t aad_len,
+ const unsigned char *input,
+ unsigned char *output,
+ unsigned char tag[16] );
+
+/**
+ * \brief This function performs a complete ChaCha20-Poly1305
+ * authenticated decryption with the previously-set key.
+ *
+ * \note Before using this function, you must set the key with
+ * \c mbedtls_chachapoly_setkey().
+ *
+ * \param ctx The ChaCha20-Poly1305 context to use (holds the key).
+ * \param length The length (in bytes) of the data to decrypt.
+ * \param nonce The 96-bit (12 bytes) nonce/IV to use.
+ * \param aad The buffer containing the additional authenticated data (AAD).
+ * This pointer can be NULL if aad_len == 0.
+ * \param aad_len The length (in bytes) of the AAD data to process.
+ * \param tag The buffer holding the authentication tag.
+ * \param input The buffer containing the data to decrypt.
+ * This pointer can be NULL if ilen == 0.
+ * \param output The buffer to where the decrypted data is written.
+ * This pointer can be NULL if ilen == 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if one or more of the required parameters are NULL.
+ * \return #MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED
+ * if the data was not authentic.
+ */
+int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
+ size_t length,
+ const unsigned char nonce[12],
+ const unsigned char *aad,
+ size_t aad_len,
+ const unsigned char tag[16],
+ const unsigned char *input,
+ unsigned char *output );
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief The ChaCha20-Poly1305 checkup routine.
+ *
+ * \return \c 0 on success.
+ * \return \c 1 on failure.
+ */
+int mbedtls_chachapoly_self_test( int verbose );
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CHACHAPOLY_H */
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 4689f3a..9e6bb8a 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -87,6 +87,11 @@
#error "MBEDTLS_CMAC_C defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_NIST_KW_C) && \
+ ( !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CIPHER_C) )
+#error "MBEDTLS_NIST_KW_C defined, but not all prerequisites"
+#endif
+
#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECDH_C defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 0a545eb..dfb1541 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -37,7 +37,7 @@
#include <stddef.h>
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
#define MBEDTLS_CIPHER_MODE_AEAD
#endif
@@ -45,7 +45,8 @@
#define MBEDTLS_CIPHER_MODE_WITH_PADDING
#endif
-#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
+ defined(MBEDTLS_CHACHA20_C)
#define MBEDTLS_CIPHER_MODE_STREAM
#endif
@@ -87,6 +88,7 @@
MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */
MBEDTLS_CIPHER_ID_ARC4, /**< The RC4 cipher. */
MBEDTLS_CIPHER_ID_ARIA, /**< The Aria cipher. */
+ MBEDTLS_CIPHER_ID_CHACHA20, /**< The ChaCha20 cipher. */
} mbedtls_cipher_id_t;
/**
@@ -169,6 +171,8 @@
MBEDTLS_CIPHER_AES_256_OFB, /**< AES 256-bit cipher in OFB mode. */
MBEDTLS_CIPHER_AES_128_XTS, /**< AES 128-bit cipher in XTS block mode. */
MBEDTLS_CIPHER_AES_256_XTS, /**< AES 256-bit cipher in XTS block mode. */
+ MBEDTLS_CIPHER_CHACHA20, /**< ChaCha20 stream cipher. */
+ MBEDTLS_CIPHER_CHACHA20_POLY1305, /**< ChaCha20-Poly1305 AEAD cipher. */
} mbedtls_cipher_type_t;
/** Supported cipher modes. */
@@ -183,6 +187,7 @@
MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */
MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */
MBEDTLS_MODE_XTS, /**< The XTS cipher mode. */
+ MBEDTLS_MODE_CHACHAPOLY, /**< The ChaCha-Poly cipher mode. */
} mbedtls_cipher_mode_t;
/** Supported cipher padding types. */
@@ -231,7 +236,8 @@
* Cipher information. Allows calling cipher functions
* in a generic way.
*/
-typedef struct {
+typedef struct mbedtls_cipher_info_t
+{
/** Full cipher identifier. For example,
* MBEDTLS_CIPHER_AES_256_CBC.
*/
@@ -272,7 +278,8 @@
/**
* Generic cipher context.
*/
-typedef struct {
+typedef struct mbedtls_cipher_context_t
+{
/** Information about the associated cipher. */
const mbedtls_cipher_info_t *cipher_info;
@@ -586,11 +593,11 @@
*/
int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/**
* \brief This function adds additional data for AEAD ciphers.
- * Only supported with GCM. Must be called
- * exactly once, after mbedtls_cipher_reset().
+ * Currently supported with GCM and ChaCha20+Poly1305.
+ * Must be called exactly once, after mbedtls_cipher_reset().
*
* \param ctx The generic cipher context.
* \param ad The additional data to use.
@@ -601,7 +608,7 @@
*/
int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len );
-#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/**
* \brief The generic cipher update function. It encrypts or
@@ -659,10 +666,10 @@
int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen );
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/**
* \brief This function writes a tag for AEAD ciphers.
- * Only supported with GCM.
+ * Currently supported with GCM and ChaCha20+Poly1305.
* Must be called after mbedtls_cipher_finish().
*
* \param ctx The generic cipher context.
@@ -677,7 +684,7 @@
/**
* \brief This function checks the tag for AEAD ciphers.
- * Only supported with GCM.
+ * Currently supported with GCM and ChaCha20+Poly1305.
* Must be called after mbedtls_cipher_finish().
*
* \param ctx The generic cipher context.
@@ -689,7 +696,7 @@
*/
int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len );
-#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/**
* \brief The generic all-in-one encryption/decryption function,
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 913c05f..a4fd552 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -28,7 +28,7 @@
#ifndef MBEDTLS_CMAC_H
#define MBEDTLS_CMAC_H
-#include "mbedtls/cipher.h"
+#include "cipher.h"
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
index 600a0f1..213b691 100644
--- a/include/mbedtls/compat-1.3.h
+++ b/include/mbedtls/compat-1.3.h
@@ -1378,7 +1378,8 @@
#define SSL_ANTI_REPLAY_ENABLED MBEDTLS_SSL_ANTI_REPLAY_ENABLED
#define SSL_ARC4_DISABLED MBEDTLS_SSL_ARC4_DISABLED
#define SSL_ARC4_ENABLED MBEDTLS_SSL_ARC4_ENABLED
-#define SSL_BUFFER_LEN MBEDTLS_SSL_BUFFER_LEN
+#define SSL_BUFFER_LEN ( ( ( MBEDTLS_SSL_IN_BUFFER_LEN ) < ( MBEDTLS_SSL_OUT_BUFFER_LEN ) ) \
+ ? ( MBEDTLS_SSL_IN_BUFFER_LEN ) : ( MBEDTLS_SSL_OUT_BUFFER_LEN ) )
#define SSL_CACHE_DEFAULT_MAX_ENTRIES MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES
#define SSL_CACHE_DEFAULT_TIMEOUT MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT
#define SSL_CBC_RECORD_SPLITTING_DISABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 34dbec0..53c1bc9 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -89,6 +89,28 @@
//#define MBEDTLS_NO_UDBL_DIVISION
/**
+ * \def MBEDTLS_NO_64BIT_MULTIPLICATION
+ *
+ * The platform lacks support for 32x32 -> 64-bit multiplication.
+ *
+ * Used in:
+ * library/poly1305.c
+ *
+ * Some parts of the library may use multiplication of two unsigned 32-bit
+ * operands with a 64-bit result in order to speed up computations. On some
+ * platforms, this is not available in hardware and has to be implemented in
+ * software, usually in a library provided by the toolchain.
+ *
+ * Sometimes it is not desirable to have to link to that library. This option
+ * removes the dependency of that library on platforms that lack a hardware
+ * 64-bit multiplier by embedding a software implementation in Mbed TLS.
+ *
+ * Note that depending on the compiler, this may decrease performance compared
+ * to using the library function provided by the toolchain.
+ */
+//#define MBEDTLS_NO_64BIT_MULTIPLICATION
+
+/**
* \def MBEDTLS_HAVE_SSE2
*
* CPU supports SSE2 instruction set.
@@ -115,12 +137,21 @@
/**
* \def MBEDTLS_HAVE_TIME_DATE
*
- * System has time.h and time(), gmtime() and the clock is correct.
+ * System has time.h, time(), and an implementation for
+ * mbedtls_platform_gmtime_r() (see below).
* The time needs to be correct (not necesarily very accurate, but at least
* the date should be correct). This is used to verify the validity period of
* X.509 certificates.
*
* Comment if your system does not have a correct clock.
+ *
+ * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
+ * behaves similarly to the gmtime_r() function from the C standard. Refer to
+ * the documentation for mbedtls_platform_gmtime_r() for more information.
+ *
+ * \note It is possible to configure an implementation for
+ * mbedtls_platform_gmtime_r() at compile-time by using the macro
+ * MBEDTLS_PLATFORM_GMTIME_R_ALT.
*/
#define MBEDTLS_HAVE_TIME_DATE
@@ -279,14 +310,18 @@
//#define MBEDTLS_BLOWFISH_ALT
//#define MBEDTLS_CAMELLIA_ALT
//#define MBEDTLS_CCM_ALT
+//#define MBEDTLS_CHACHA20_ALT
+//#define MBEDTLS_CHACHAPOLY_ALT
//#define MBEDTLS_CMAC_ALT
//#define MBEDTLS_DES_ALT
//#define MBEDTLS_DHM_ALT
//#define MBEDTLS_ECJPAKE_ALT
//#define MBEDTLS_GCM_ALT
+//#define MBEDTLS_NIST_KW_ALT
//#define MBEDTLS_MD2_ALT
//#define MBEDTLS_MD4_ALT
//#define MBEDTLS_MD5_ALT
+//#define MBEDTLS_POLY1305_ALT
//#define MBEDTLS_RIPEMD160_ALT
//#define MBEDTLS_RSA_ALT
//#define MBEDTLS_SHA1_ALT
@@ -643,6 +678,26 @@
#define MBEDTLS_ECP_NIST_OPTIM
/**
+ * \def MBEDTLS_ECP_RESTARTABLE
+ *
+ * Enable "non-blocking" ECC operations that can return early and be resumed.
+ *
+ * This allows various functions to pause by returning
+ * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
+ * order to further progress and eventually complete their operation. This is
+ * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
+ * number of ECC operations a function may perform before pausing; see
+ * mbedtls_ecp_set_max_ops() for more information.
+ *
+ * This is useful in non-threaded environments if you want to avoid blocking
+ * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
+ *
+ * Uncomment this macro to enable restartable ECC computations.
+ */
+//#define MBEDTLS_ECP_RESTARTABLE
+
+/**
* \def MBEDTLS_ECDSA_DETERMINISTIC
*
* Enable deterministic ECDSA (RFC 6979).
@@ -1945,6 +2000,26 @@
#define MBEDTLS_CERTS_C
/**
+ * \def MBEDTLS_CHACHA20_C
+ *
+ * Enable the ChaCha20 stream cipher.
+ *
+ * Module: library/chacha20.c
+ */
+#define MBEDTLS_CHACHA20_C
+
+/**
+ * \def MBEDTLS_CHACHAPOLY_C
+ *
+ * Enable the ChaCha20-Poly1305 AEAD algorithm.
+ *
+ * Module: library/chachapoly.c
+ *
+ * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
+ */
+#define MBEDTLS_CHACHAPOLY_C
+
+/**
* \def MBEDTLS_CIPHER_C
*
* Enable the generic cipher layer.
@@ -2204,6 +2279,19 @@
#define MBEDTLS_HMAC_DRBG_C
/**
+ * \def MBEDTLS_NIST_KW_C
+ *
+ * Enable the Key Wrapping mode for 128-bit block ciphers,
+ * as defined in NIST SP 800-38F. Only KW and KWP modes
+ * are supported. At the moment, only AES is approved by NIST.
+ *
+ * Module: library/nist_kw.c
+ *
+ * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
+ */
+//#define MBEDTLS_NIST_KW_C
+
+/**
* \def MBEDTLS_MD_C
*
* Enable the generic message digest layer.
@@ -2487,6 +2575,16 @@
#define MBEDTLS_PLATFORM_C
/**
+ * \def MBEDTLS_POLY1305_C
+ *
+ * Enable the Poly1305 MAC algorithm.
+ *
+ * Module: library/poly1305.c
+ * Caller: library/chachapoly.c
+ */
+#define MBEDTLS_POLY1305_C
+
+/**
* \def MBEDTLS_RIPEMD160_C
*
* Enable the RIPEMD-160 hash algorithm.
@@ -2896,7 +2994,68 @@
//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
/* SSL options */
-//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
+
+/** \def MBEDTLS_SSL_MAX_CONTENT_LEN
+ *
+ * Maximum fragment length in bytes.
+ *
+ * Determines the size of both the incoming and outgoing TLS I/O buffers.
+ *
+ * Uncommenting MBEDTLS_SSL_IN_CONTENT_LEN and/or MBEDTLS_SSL_OUT_CONTENT_LEN
+ * will override this length by setting maximum incoming and/or outgoing
+ * fragment length, respectively.
+ */
+//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_IN_CONTENT_LEN
+ *
+ * Maximum incoming fragment length in bytes.
+ *
+ * Uncomment to set the size of the inward TLS buffer independently of the
+ * outward buffer.
+ */
+//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
+ *
+ * Maximum outgoing fragment length in bytes.
+ *
+ * Uncomment to set the size of the outward TLS buffer independently of the
+ * inward buffer.
+ *
+ * It is possible to save RAM by setting a smaller outward buffer, while keeping
+ * the default inward 16384 byte buffer to conform to the TLS specification.
+ *
+ * The minimum required outward buffer size is determined by the handshake
+ * protocol's usage. Handshaking will fail if the outward buffer is too small.
+ * The specific size requirement depends on the configured ciphers and any
+ * certificate data which is sent during the handshake.
+ *
+ * For absolute minimum RAM usage, it's best to enable
+ * MBEDTLS_SSL_MAX_FRAGMENT_LENGTH and reduce MBEDTLS_SSL_MAX_CONTENT_LEN. This
+ * reduces both incoming and outgoing buffer sizes. However this is only
+ * guaranteed if the other end of the connection also supports the TLS
+ * max_fragment_len extension. Otherwise the connection may fail.
+ */
+//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
+ *
+ * Maximum number of heap-allocated bytes for the purpose of
+ * DTLS handshake message reassembly and future message buffering.
+ *
+ * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
+ * to account for a reassembled handshake message of maximum size,
+ * together with its reassembly bitmap.
+ *
+ * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
+ * should be sufficient for all practical situations as it allows
+ * to reassembly a large handshake message (such as a certificate)
+ * while buffering multiple smaller handshake messages.
+ *
+ */
+//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
+
//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
@@ -2970,25 +3129,33 @@
*/
//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+/**
+ * Uncomment the macro to let Mbed TLS use your alternate implementation of
+ * mbedtls_platform_gmtime_r(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * gmtime() is not a thread-safe function as defined in the C standard. The
+ * library will try to use safer implementations of this function, such as
+ * gmtime_r() when available. However, if Mbed TLS cannot identify the target
+ * system, the implementation of mbedtls_platform_gmtime_r() will default to
+ * using the standard gmtime(). In this case, calls from the library to
+ * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
+ * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
+ * library are also guarded with this mutex to avoid race conditions. However,
+ * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
+ * unconditionally use the implementation for mbedtls_platform_gmtime_r()
+ * supplied at compile time.
+ */
+//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
+
/* \} name SECTION: Customisation configuration options */
-/* Target and application specific configurations */
-//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h"
-
-#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
-#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
-#endif
-
-/*
+/* Target and application specific configurations
+ *
* Allow user to override any previous default.
*
- * Use two macro names for that, as:
- * - with yotta the prefix YOTTA_CFG_ is forced
- * - without yotta is looks weird to have a YOTTA prefix.
*/
-#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
-#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
-#elif defined(MBEDTLS_USER_CONFIG_FILE)
+#if defined(MBEDTLS_USER_CONFIG_FILE)
#include MBEDTLS_USER_CONFIG_FILE
#endif
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index dcbc047..3a4b7f3 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -36,7 +36,7 @@
#include "aes.h"
#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
+#include "threading.h"
#endif
#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */
@@ -108,7 +108,7 @@
/**
* \brief The CTR_DRBG context structure.
*/
-typedef struct
+typedef struct mbedtls_ctr_drbg_context
{
unsigned char counter[16]; /*!< The counter (V). */
int reseed_counter; /*!< The reseed counter. */
diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h
index 6eb7d03..91d16b6 100644
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@@ -61,7 +61,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-typedef struct
+typedef struct mbedtls_des_context
{
uint32_t sk[32]; /*!< DES subkeys */
}
@@ -70,7 +70,7 @@
/**
* \brief Triple-DES context structure
*/
-typedef struct
+typedef struct mbedtls_des3_context
{
uint32_t sk[96]; /*!< 3DES subkeys */
}
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index 75317a8..3e11789 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -96,7 +96,7 @@
/**
* \brief The DHM context structure.
*/
-typedef struct
+typedef struct mbedtls_dhm_context
{
size_t len; /*!< The size of \p P in Bytes. */
mbedtls_mpi P; /*!< The prime modulus. */
diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h
index 5fdf55a..27f2ffc 100644
--- a/include/mbedtls/ecdh.h
+++ b/include/mbedtls/ecdh.h
@@ -50,9 +50,13 @@
} mbedtls_ecdh_side;
/**
+ *
+ * \warning Performing multiple operations concurrently on the same
+ * ECDSA context is not supported; objects of this type
+ * should not be shared between multiple threads.
* \brief The ECDH context structure.
*/
-typedef struct
+typedef struct mbedtls_ecdh_context
{
mbedtls_ecp_group grp; /*!< The elliptic curve used. */
mbedtls_mpi d; /*!< The private key. */
@@ -63,6 +67,10 @@
mbedtls_ecp_point Vi; /*!< The blinding value. */
mbedtls_ecp_point Vf; /*!< The unblinding value. */
mbedtls_mpi _d; /*!< The previous \p d. */
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ int restart_enabled; /*!< The flag for restartable mode. */
+ mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */
+#endif
}
mbedtls_ecdh_context;
@@ -83,9 +91,8 @@
* \param p_rng The RNG context.
*
* \return \c 0 on success.
- * \return An \c MBEDTLS_ERR_ECP_XXX or
+ * \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure.
- *
*/
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -112,7 +119,7 @@
* \param p_rng The RNG context.
*
* \return \c 0 on success.
- * \return An \c MBEDTLS_ERR_ECP_XXX or
+ * \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure.
*/
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
@@ -155,7 +162,9 @@
* \param p_rng The RNG context.
*
* \return \c 0 on success.
- * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
@@ -197,7 +206,7 @@
* 0: The key of the peer.
*
* \return \c 0 on success.
- * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
+ * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*
*/
int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
@@ -220,7 +229,9 @@
* \param p_rng The RNG context.
*
* \return \c 0 on success.
- * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
@@ -266,13 +277,31 @@
* \param p_rng The RNG context.
*
* \return \c 0 on success.
- * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief This function enables restartable EC computations for this
+ * context. (Default: disabled.)
+ *
+ * \see \c mbedtls_ecp_set_max_ops()
+ *
+ * \note It is not possible to safely disable restartable
+ * computations once enabled, except by free-ing the context,
+ * which cancels possible in-progress operations.
+ *
+ * \param ctx The ECDH context.
+ */
+void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx );
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index ce1a03d..4057828 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -55,16 +55,66 @@
/** The maximal size of an ECDSA signature in Bytes. */
#define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )
-/**
- * \brief The ECDSA context structure.
- */
-typedef mbedtls_ecp_keypair mbedtls_ecdsa_context;
-
#ifdef __cplusplus
extern "C" {
#endif
/**
+ * \brief The ECDSA context structure.
+ *
+ * \warning Performing multiple operations concurrently on the same
+ * ECDSA context is not supported; objects of this type
+ * should not be shared between multiple threads.
+ */
+typedef mbedtls_ecp_keypair mbedtls_ecdsa_context;
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+
+/**
+ * \brief Internal restart context for ecdsa_verify()
+ *
+ * \note Opaque struct, defined in ecdsa.c
+ */
+typedef struct mbedtls_ecdsa_restart_ver mbedtls_ecdsa_restart_ver_ctx;
+
+/**
+ * \brief Internal restart context for ecdsa_sign()
+ *
+ * \note Opaque struct, defined in ecdsa.c
+ */
+typedef struct mbedtls_ecdsa_restart_sig mbedtls_ecdsa_restart_sig_ctx;
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+/**
+ * \brief Internal restart context for ecdsa_sign_det()
+ *
+ * \note Opaque struct, defined in ecdsa.c
+ */
+typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx;
+#endif
+
+/**
+ * \brief General context for resuming ECDSA operations
+ */
+typedef struct
+{
+ mbedtls_ecp_restart_ctx ecp; /*!< base context for ECP restart and
+ shared administrative info */
+ mbedtls_ecdsa_restart_ver_ctx *ver; /*!< ecdsa_verify() sub-context */
+ mbedtls_ecdsa_restart_sig_ctx *sig; /*!< ecdsa_sign() sub-context */
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+ mbedtls_ecdsa_restart_det_ctx *det; /*!< ecdsa_sign_det() sub-context */
+#endif
+} mbedtls_ecdsa_restart_ctx;
+
+#else /* MBEDTLS_ECP_RESTARTABLE */
+
+/* Now we can declare functions that take a pointer to that */
+typedef void mbedtls_ecdsa_restart_ctx;
+
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+/**
* \brief This function computes the ECDSA signature of a
* previously-hashed message.
*
@@ -205,6 +255,40 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
+/**
+ * \brief This function computes the ECDSA signature and writes it
+ * to a buffer, in a restartable way.
+ *
+ * \see \c mbedtls_ecdsa_write_signature()
+ *
+ * \note This function is like \c mbedtls_ecdsa_write_signature()
+ * but it can return early and restart according to the limit
+ * set with \c mbedtls_ecp_set_max_ops() to reduce blocking.
+ *
+ * \param ctx The ECDSA context.
+ * \param md_alg The message digest that was used to hash the message.
+ * \param hash The message hash.
+ * \param hlen The length of the hash.
+ * \param sig The buffer that holds the signature.
+ * \param slen The length of the signature written.
+ * \param f_rng The RNG function.
+ * \param p_rng The RNG context.
+ * \param rs_ctx The restart context (NULL disables restart).
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ * \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
+ * \c MBEDTLS_ERR_ASN1_XXX error code on failure.
+ */
+int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hlen,
+ unsigned char *sig, size_t *slen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_ecdsa_restart_ctx *rs_ctx );
+
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -289,6 +373,37 @@
const unsigned char *sig, size_t slen );
/**
+ * \brief This function reads and verifies an ECDSA signature,
+ * in a restartable way.
+ *
+ * \see \c mbedtls_ecdsa_read_signature()
+ *
+ * \note This function is like \c mbedtls_ecdsa_read_signature()
+ * but it can return early and restart according to the limit
+ * set with \c mbedtls_ecp_set_max_ops() to reduce blocking.
+ *
+ * \param ctx The ECDSA context.
+ * \param hash The message hash.
+ * \param hlen The size of the hash.
+ * \param sig The signature to read and verify.
+ * \param slen The size of \p sig.
+ * \param rs_ctx The restart context (NULL disables restart).
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid.
+ * \return #MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if there is a valid
+ * signature in \p sig, but its length is less than \p siglen.
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ * \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
+ * error code on failure for any other reason.
+ */
+int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
+ const unsigned char *hash, size_t hlen,
+ const unsigned char *sig, size_t slen,
+ mbedtls_ecdsa_restart_ctx *rs_ctx );
+
+/**
* \brief This function generates an ECDSA keypair on the given curve.
*
* \see ecp.h
@@ -332,6 +447,18 @@
*/
void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief Initialize a restart context
+ */
+void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
+
+/**
+ * \brief Free the components of a restart context
+ */
+void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx );
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h
index cc2b316..59d12f0 100644
--- a/include/mbedtls/ecjpake.h
+++ b/include/mbedtls/ecjpake.h
@@ -68,7 +68,7 @@
* convetion from the Thread v1.0 spec. Correspondance is indicated in the
* description as a pair C: client name, S: server name
*/
-typedef struct
+typedef struct mbedtls_ecjpake_context
{
const mbedtls_md_info_t *md_info; /**< Hash to use */
mbedtls_ecp_group grp; /**< Elliptic curve */
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 3a40798..448549c 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -50,6 +50,7 @@
#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< The buffer contains a valid signature followed by more data. */
#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80 /**< The ECP hardware accelerator failed. */
+#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00 /**< Operation in progress, call again with the same parameters to continue. */
#ifdef __cplusplus
extern "C" {
@@ -92,7 +93,7 @@
/**
* Curve information, for use by other modules.
*/
-typedef struct
+typedef struct mbedtls_ecp_curve_info
{
mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */
uint16_t tls_id; /*!< The TLS NamedCurve identifier. */
@@ -111,7 +112,7 @@
* Otherwise, \p X and \p Y are its standard (affine)
* coordinates.
*/
-typedef struct
+typedef struct mbedtls_ecp_point
{
mbedtls_mpi X; /*!< The X coordinate of the ECP point. */
mbedtls_mpi Y; /*!< The Y coordinate of the ECP point. */
@@ -156,7 +157,7 @@
* reduction. It must return 0 on success and non-zero on failure.
*
*/
-typedef struct
+typedef struct mbedtls_ecp_group
{
mbedtls_ecp_group_id id; /*!< An internal group identifier. */
mbedtls_mpi P; /*!< The prime modulus of the base field. */
@@ -181,6 +182,68 @@
}
mbedtls_ecp_group;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+
+/**
+ * \brief Internal restart context for multiplication
+ *
+ * \note Opaque struct
+ */
+typedef struct mbedtls_ecp_restart_mul mbedtls_ecp_restart_mul_ctx;
+
+/**
+ * \brief Internal restart context for ecp_muladd()
+ *
+ * \note Opaque struct
+ */
+typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx;
+
+/**
+ * \brief General context for resuming ECC operations
+ */
+typedef struct
+{
+ unsigned ops_done; /*!< current ops count */
+ unsigned depth; /*!< call depth (0 = top-level) */
+ mbedtls_ecp_restart_mul_ctx *rsm; /*!< ecp_mul_comb() sub-context */
+ mbedtls_ecp_restart_muladd_ctx *ma; /*!< ecp_muladd() sub-context */
+} mbedtls_ecp_restart_ctx;
+
+/*
+ * Operation counts for restartable functions
+ */
+#define MBEDTLS_ECP_OPS_CHK 3 /*!< basic ops count for ecp_check_pubkey() */
+#define MBEDTLS_ECP_OPS_DBL 8 /*!< basic ops count for ecp_double_jac() */
+#define MBEDTLS_ECP_OPS_ADD 11 /*!< basic ops count for see ecp_add_mixed() */
+#define MBEDTLS_ECP_OPS_INV 120 /*!< empirical equivalent for mpi_mod_inv() */
+
+/**
+ * \brief Internal; for restartable functions in other modules.
+ * Check and update basic ops budget.
+ *
+ * \param grp Group structure
+ * \param rs_ctx Restart context
+ * \param ops Number of basic ops to do
+ *
+ * \return \c 0 if doing \p ops basic ops is still allowed,
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise.
+ */
+int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp,
+ mbedtls_ecp_restart_ctx *rs_ctx,
+ unsigned ops );
+
+/* Utility macro for checking and updating ops budget */
+#define MBEDTLS_ECP_BUDGET( ops ) MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, ops ) );
+
+#else /* MBEDTLS_ECP_RESTARTABLE */
+
+#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */
+
+/* We want to declare restartable versions of existing functions anyway */
+typedef void mbedtls_ecp_restart_ctx;
+
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
/**
* \name SECTION: Module settings
*
@@ -251,7 +314,7 @@
* \note Members are deliberately in the same order as in the
* ::mbedtls_ecdsa_context structure.
*/
-typedef struct
+typedef struct mbedtls_ecp_keypair
{
mbedtls_ecp_group grp; /*!< Elliptic curve and base point */
mbedtls_mpi d; /*!< our secret value */
@@ -270,6 +333,75 @@
*/
#define MBEDTLS_ECP_TLS_NAMED_CURVE 3 /**< The named_curve of ECCurveType. */
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief Set the maximum number of basic operations done in a row.
+ *
+ * If more operations are needed to complete a computation,
+ * #MBEDTLS_ERR_ECP_IN_PROGRESS will be returned by the
+ * function performing the computation. It is then the
+ * caller's responsibility to either call again with the same
+ * parameters until it returns 0 or an error code; or to free
+ * the restart context if the operation is to be aborted.
+ *
+ * It is strictly required that all input parameters and the
+ * restart context be the same on successive calls for the
+ * same operation, but output parameters need not be the
+ * same; they must not be used until the function finally
+ * returns 0.
+ *
+ * This only applies to functions whose documentation
+ * mentions they may return #MBEDTLS_ERR_ECP_IN_PROGRESS (or
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS for functions in the
+ * SSL module). For functions that accept a "restart context"
+ * argument, passing NULL disables restart and makes the
+ * function equivalent to the function with the same name
+ * with \c _restartable removed. For functions in the ECDH
+ * module, restart is disabled unless the function accepts
+ * an "ECDH context" argument and
+ * mbedtls_ecdh_enable_restart() was previously called on
+ * that context. For function in the SSL module, restart is
+ * only enabled for specific sides and key exchanges
+ * (currently only for clients and ECDHE-ECDSA).
+ *
+ * \param max_ops Maximum number of basic operations done in a row.
+ * Default: 0 (unlimited).
+ * Lower (non-zero) values mean ECC functions will block for
+ * a lesser maximum amount of time.
+ *
+ * \note A "basic operation" is defined as a rough equivalent of a
+ * multiplication in GF(p) for the NIST P-256 curve.
+ * As an indication, with default settings, a scalar
+ * multiplication (full run of \c mbedtls_ecp_mul()) is:
+ * - about 3300 basic operations for P-256
+ * - about 9400 basic operations for P-384
+ *
+ * \note Very low values are not always respected: sometimes
+ * functions need to block for a minimum number of
+ * operations, and will do so even if max_ops is set to a
+ * lower value. That minimum depends on the curve size, and
+ * can be made lower by decreasing the value of
+ * \c MBEDTLS_ECP_WINDOW_SIZE. As an indication, here is the
+ * lowest effective value for various curves and values of
+ * that parameter (w for short):
+ * w=6 w=5 w=4 w=3 w=2
+ * P-256 208 208 160 136 124
+ * P-384 682 416 320 272 248
+ * P-521 1364 832 640 544 496
+ *
+ * \note This setting is currently ignored by Curve25519.
+ */
+void mbedtls_ecp_set_max_ops( unsigned max_ops );
+
+/**
+ * \brief Check if restart is enabled (max_ops != 0)
+ *
+ * \return \c 0 if \c max_ops == 0 (restart disabled)
+ * \return \c 1 otherwise (restart enabled)
+ */
+int mbedtls_ecp_restart_is_enabled( void );
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
/**
* \brief This function retrieves the information defined in
* mbedtls_ecp_curve_info() for all supported curves in order
@@ -366,6 +498,18 @@
*/
void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief Initialize a restart context
+ */
+void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
+
+/**
+ * \brief Free the components of a restart context
+ */
+void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
/**
* \brief This function copies the contents of point \p Q into
* point \p P.
@@ -598,6 +742,36 @@
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
+ * \brief This function performs multiplication of a point by
+ * an integer: \p R = \p m * \p P in a restartable way.
+ *
+ * \see mbedtls_ecp_mul()
+ *
+ * \note This function does the same as \c mbedtls_ecp_mul(), but
+ * it can return early and restart according to the limit set
+ * with \c mbedtls_ecp_set_max_ops() to reduce blocking.
+ *
+ * \param grp The ECP group.
+ * \param R The destination point.
+ * \param m The integer by which to multiply.
+ * \param P The point to multiply.
+ * \param f_rng The RNG function.
+ * \param p_rng The RNG context.
+ * \param rs_ctx The restart context (NULL disables restart).
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m is not a valid private
+ * key, or \p P is not a valid public key.
+ * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ */
+int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx );
+
+/**
* \brief This function performs multiplication and addition of two
* points by integers: \p R = \p m * \p P + \p n * \p Q
*
@@ -624,6 +798,39 @@
const mbedtls_mpi *n, const mbedtls_ecp_point *Q );
/**
+ * \brief This function performs multiplication and addition of two
+ * points by integers: \p R = \p m * \p P + \p n * \p Q in a
+ * restartable way.
+ *
+ * \see \c mbedtls_ecp_muladd()
+ *
+ * \note This function works the same as \c mbedtls_ecp_muladd(),
+ * but it can return early and restart according to the limit
+ * set with \c mbedtls_ecp_set_max_ops() to reduce blocking.
+ *
+ * \param grp The ECP group.
+ * \param R The destination point.
+ * \param m The integer by which to multiply \p P.
+ * \param P The point to multiply by \p m.
+ * \param n The integer by which to multiply \p Q.
+ * \param Q The point to be multiplied by \p n.
+ * \param rs_ctx The restart context (NULL disables restart).
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m or \p n are not
+ * valid private keys, or \p P or \p Q are not valid public
+ * keys.
+ * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ */
+int mbedtls_ecp_muladd_restartable(
+ mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
+ mbedtls_ecp_restart_ctx *rs_ctx );
+
+/**
* \brief This function checks that a point is a valid public key
* on this curve.
*
@@ -666,6 +873,23 @@
int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d );
/**
+ * \brief This function generates a private key.
+ *
+ * \param grp The ECP group.
+ * \param d The destination MPI (secret part).
+ * \param f_rng The RNG function.
+ * \param p_rng The RNG parameter.
+ *
+ * \return \c 0 on success.
+ * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
+ * on failure.
+ */
+int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
+ mbedtls_mpi *d,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng );
+
+/**
* \brief This function generates a keypair with a configurable base
* point.
*
diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index a5cb05a..ca06dc3 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -107,7 +107,7 @@
/**
* \brief Entropy source state
*/
-typedef struct
+typedef struct mbedtls_entropy_source_state
{
mbedtls_entropy_f_source_ptr f_source; /**< The entropy source callback */
void * p_source; /**< The callback data pointer */
@@ -120,7 +120,7 @@
/**
* \brief Entropy context structure
*/
-typedef struct
+typedef struct mbedtls_entropy_context
{
int accumulator_started;
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 13397a8..6e26df9 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -62,7 +62,7 @@
* DES 2 0x0032-0x0032 0x0033-0x0033
* CTR_DBRG 4 0x0034-0x003A
* ENTROPY 3 0x003C-0x0040 0x003D-0x003F
- * NET 11 0x0042-0x0052 0x0043-0x0045
+ * NET 13 0x0042-0x0052 0x0043-0x0049
* ARIA 4 0x0058-0x005E
* ASN1 7 0x0060-0x006C
* CMAC 1 0x007A-0x007A
@@ -77,6 +77,9 @@
* SHA1 1 0x0035-0x0035
* SHA256 1 0x0037-0x0037
* SHA512 1 0x0039-0x0039
+ * CHACHA20 3 0x0051-0x0055
+ * POLY1305 3 0x0057-0x005B
+ * CHACHAPOLY 2 0x0054-0x0056
*
* High-level module nr (3 bits - 0x0...-0x7...)
* Name ID Nr of Errors
@@ -87,12 +90,12 @@
* DHM 3 11
* PK 3 15 (Started from top)
* RSA 4 11
- * ECP 4 9 (Started from top)
+ * ECP 4 10 (Started from top)
* MD 5 5
* HKDF 5 1 (Started from top)
* CIPHER 6 8
- * SSL 6 22 (Started from top)
- * SSL 7 31
+ * SSL 6 23 (Started from top)
+ * SSL 7 32
*
* Module dependent error code (5 bits 0x.00.-0x.F8.)
*/
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index 87535ab..d2098eb 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -53,7 +53,8 @@
/**
* \brief The GCM context structure.
*/
-typedef struct {
+typedef struct mbedtls_gcm_context
+{
mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */
uint64_t HL[16]; /*!< Precalculated HTable low. */
uint64_t HH[16]; /*!< Precalculated HTable high. */
diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h
index d4cb3ed..57e8c40 100644
--- a/include/mbedtls/havege.h
+++ b/include/mbedtls/havege.h
@@ -35,7 +35,7 @@
/**
* \brief HAVEGE state structure
*/
-typedef struct
+typedef struct mbedtls_havege_state
{
int PT1, PT2, offset[2];
int pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h
index 6833e72..e6ed7cd 100644
--- a/include/mbedtls/hkdf.h
+++ b/include/mbedtls/hkdf.h
@@ -73,6 +73,11 @@
* \brief Take the input keying material \p ikm and extract from it a
* fixed-length pseudorandom key \p prk.
*
+ * \warning This function should only be used if the security of it has been
+ * studied and established in that particular context (eg. TLS 1.3
+ * key schedule). For standard HKDF security guarantees use
+ * \c mbedtls_hkdf instead.
+ *
* \param md A hash function; md.size denotes the length of the
* hash function output in bytes.
* \param salt An optional salt value (a non-secret random value);
@@ -97,10 +102,15 @@
* \brief Expand the supplied \p prk into several additional pseudorandom
* keys, which is the output of the HKDF.
*
+ * \warning This function should only be used if the security of it has been
+ * studied and established in that particular context (eg. TLS 1.3
+ * key schedule). For standard HKDF security guarantees use
+ * \c mbedtls_hkdf instead.
+ *
* \param md A hash function; md.size denotes the length of the hash
* function output in bytes.
- * \param prk A pseudorandom key of at least md.size bytes. \p prk is usually,
- * the output from the HKDF extract step.
+ * \param prk A pseudorandom key of at least md.size bytes. \p prk is
+ * usually the output from the HKDF extract step.
* \param prk_len The length in bytes of \p prk.
* \param info An optional context and application specific information
* string. This can be a zero-length string.
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index e0821cf..3bc675e 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -27,7 +27,7 @@
#include "md.h"
#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
+#include "threading.h"
#endif
/*
@@ -74,7 +74,7 @@
/**
* HMAC_DRBG context.
*/
-typedef struct
+typedef struct mbedtls_hmac_drbg_context
{
/* Working state: the key K is not stored explicitely,
* but is implied by the HMAC context */
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 6b6f5c5..bf29524 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -80,7 +80,8 @@
/**
* The generic message-digest context.
*/
-typedef struct {
+typedef struct mbedtls_md_context_t
+{
/** Information about the associated message digest. */
const mbedtls_md_info_t *md_info;
diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h
index 08e75b2..a46bddb 100644
--- a/include/mbedtls/md2.h
+++ b/include/mbedtls/md2.h
@@ -55,7 +55,7 @@
* stronger message digests instead.
*
*/
-typedef struct
+typedef struct mbedtls_md2_context
{
unsigned char cksum[16]; /*!< checksum of the data block */
unsigned char state[48]; /*!< intermediate digest state */
diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h
index 8ee4e5c..1672e90 100644
--- a/include/mbedtls/md4.h
+++ b/include/mbedtls/md4.h
@@ -56,7 +56,7 @@
* stronger message digests instead.
*
*/
-typedef struct
+typedef struct mbedtls_md4_context
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[4]; /*!< intermediate digest state */
diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h
index 43ead4b..4c95090 100644
--- a/include/mbedtls/md5.h
+++ b/include/mbedtls/md5.h
@@ -55,7 +55,7 @@
* stronger message digests instead.
*
*/
-typedef struct
+typedef struct mbedtls_md5_context
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[4]; /*!< intermediate digest state */
diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h
index 28ae821..6c13b53 100644
--- a/include/mbedtls/net.h
+++ b/include/mbedtls/net.h
@@ -1,7 +1,7 @@
/**
* \file net.h
*
- * \brief Deprecated header file that includes mbedtls/net_sockets.h
+ * \brief Deprecated header file that includes net_sockets.h
*
* \deprecated Superseded by mbedtls/net_sockets.h
*/
@@ -25,7 +25,7 @@
*/
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#include "mbedtls/net_sockets.h"
+#include "net_sockets.h"
#if defined(MBEDTLS_DEPRECATED_WARNING)
#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h"
#endif /* MBEDTLS_DEPRECATED_WARNING */
diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index 0f9b31e..4c7ef00 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -1,7 +1,23 @@
/**
* \file net_sockets.h
*
- * \brief Network communication functions
+ * \brief Network sockets abstraction layer to integrate Mbed TLS into a
+ * BSD-style sockets API.
+ *
+ * The network sockets module provides an example integration of the
+ * Mbed TLS library into a BSD sockets implementation. The module is
+ * intended to be an example of how Mbed TLS can be integrated into a
+ * networking stack, as well as to be Mbed TLS's network integration
+ * for its supported platforms.
+ *
+ * The module is intended only to be used with the Mbed TLS library and
+ * is not intended to be used by third party application software
+ * directly.
+ *
+ * The supported platforms are as follows:
+ * * Microsoft Windows and Windows CE
+ * * POSIX/Unix platforms including Linux, OS X
+ *
*/
/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
@@ -68,7 +84,7 @@
* (eg two file descriptors for combined IPv4 + IPv6 support, or additional
* structures for hand-made UDP demultiplexing).
*/
-typedef struct
+typedef struct mbedtls_net_context
{
int fd; /**< The underlying file descriptor */
}
diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h
new file mode 100644
index 0000000..5a0f656
--- /dev/null
+++ b/include/mbedtls/nist_kw.h
@@ -0,0 +1,178 @@
+/**
+ * \file nist_kw.h
+ *
+ * \brief This file provides an API for key wrapping (KW) and key wrapping with
+ * padding (KWP) as defined in NIST SP 800-38F.
+ * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf
+ *
+ * Key wrapping specifies a deterministic authenticated-encryption mode
+ * of operation, according to <em>NIST SP 800-38F: Recommendation for
+ * Block Cipher Modes of Operation: Methods for Key Wrapping</em>. Its
+ * purpose is to protect cryptographic keys.
+ *
+ * Its equivalent is RFC 3394 for KW, and RFC 5649 for KWP.
+ * https://tools.ietf.org/html/rfc3394
+ * https://tools.ietf.org/html/rfc5649
+ *
+ */
+/*
+ * Copyright (C) 2018, Arm Limited (or its affiliates), All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_NIST_KW_H
+#define MBEDTLS_NIST_KW_H
+
+#include "cipher.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef enum
+{
+ MBEDTLS_KW_MODE_KW = 0,
+ MBEDTLS_KW_MODE_KWP = 1
+} mbedtls_nist_kw_mode_t;
+
+#if !defined(MBEDTLS_NIST_KW_ALT)
+// Regular implementation
+//
+
+/**
+ * \brief The key wrapping context-type definition. The key wrapping context is passed
+ * to the APIs called.
+ *
+ * \note The definition of this type may change in future library versions.
+ * Don't make any assumptions on this context!
+ */
+typedef struct {
+ mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */
+} mbedtls_nist_kw_context;
+
+#else /* MBEDTLS_NIST_key wrapping_ALT */
+#include "nist_kw_alt.h"
+#endif /* MBEDTLS_NIST_KW_ALT */
+
+/**
+ * \brief This function initializes the specified key wrapping context
+ * to make references valid and prepare the context
+ * for mbedtls_nist_kw_setkey() or mbedtls_nist_kw_free().
+ *
+ * \param ctx The key wrapping context to initialize.
+ *
+ */
+void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
+
+/**
+ * \brief This function initializes the key wrapping context set in the
+ * \p ctx parameter and sets the encryption key.
+ *
+ * \param ctx The key wrapping context.
+ * \param cipher The 128-bit block cipher to use. Only AES is supported.
+ * \param key The Key Encryption Key (KEK).
+ * \param keybits The KEK size in bits. This must be acceptable by the cipher.
+ * \param is_wrap Specify whether the operation within the context is wrapping or unwrapping
+ *
+ * \return \c 0 on success.
+ * \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for any invalid input.
+ * \return \c MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE for 128-bit block ciphers
+ * which are not supported.
+ * \return cipher-specific error code on failure of the underlying cipher.
+ */
+int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
+ mbedtls_cipher_id_t cipher,
+ const unsigned char *key,
+ unsigned int keybits,
+ const int is_wrap );
+
+/**
+ * \brief This function releases and clears the specified key wrapping context
+ * and underlying cipher sub-context.
+ *
+ * \param ctx The key wrapping context to clear.
+ */
+void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
+
+/**
+ * \brief This function encrypts a buffer using key wrapping.
+ *
+ * \param ctx The key wrapping context to use for encryption.
+ * \param mode The key wrapping mode to use (MBEDTLS_KW_MODE_KW or MBEDTLS_KW_MODE_KWP)
+ * \param input The buffer holding the input data.
+ * \param in_len The length of the input data in Bytes.
+ * The input uses units of 8 Bytes called semiblocks.
+ * <ul><li>For KW mode: a multiple of 8 bytes between 16 and 2^57-8 inclusive. </li>
+ * <li>For KWP mode: any length between 1 and 2^32-1 inclusive.</li></ul>
+ * \param[out] output The buffer holding the output data.
+ * <ul><li>For KW mode: Must be at least 8 bytes larger than \p in_len.</li>
+ * <li>For KWP mode: Must be at least 8 bytes larger rounded up to a multiple of
+ * 8 bytes for KWP (15 bytes at most).</li></ul>
+ * \param[out] out_len The number of bytes written to the output buffer. \c 0 on failure.
+ * \param[in] out_size The capacity of the output buffer.
+ *
+ * \return \c 0 on success.
+ * \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.
+ * \return cipher-specific error code on failure of the underlying cipher.
+ */
+int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
+ const unsigned char *input, size_t in_len,
+ unsigned char *output, size_t* out_len, size_t out_size );
+
+/**
+ * \brief This function decrypts a buffer using key wrapping.
+ *
+ * \param ctx The key wrapping context to use for decryption.
+ * \param mode The key wrapping mode to use (MBEDTLS_KW_MODE_KW or MBEDTLS_KW_MODE_KWP)
+ * \param input The buffer holding the input data.
+ * \param in_len The length of the input data in Bytes.
+ * The input uses units of 8 Bytes called semiblocks.
+ * The input must be a multiple of semiblocks.
+ * <ul><li>For KW mode: a multiple of 8 bytes between 24 and 2^57 inclusive. </li>
+ * <li>For KWP mode: a multiple of 8 bytes between 16 and 2^32 inclusive.</li></ul>
+ * \param[out] output The buffer holding the output data.
+ * The output buffer's minimal length is 8 bytes shorter than \p in_len.
+ * \param[out] out_len The number of bytes written to the output buffer. \c 0 on failure.
+ * For KWP mode, the length could be up to 15 bytes shorter than \p in_len,
+ * depending on how much padding was added to the data.
+ * \param[in] out_size The capacity of the output buffer.
+ *
+ * \return \c 0 on success.
+ * \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.
+ * \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext.
+ * \return cipher-specific error code on failure of the underlying cipher.
+ */
+int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
+ const unsigned char *input, size_t in_len,
+ unsigned char *output, size_t* out_len, size_t out_size);
+
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+/**
+ * \brief The key wrapping checkup routine.
+ *
+ * \return \c 0 on success.
+ * \return \c 1 on failure.
+ */
+int mbedtls_nist_kw_self_test( int verbose );
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_NIST_KW_H */
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index 408645e..6fbd018 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -97,6 +97,8 @@
/* ISO arc for standard certificate and CRL extensions */
#define MBEDTLS_OID_ID_CE MBEDTLS_OID_ISO_CCITT_DS "\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */
+#define MBEDTLS_OID_NIST_ALG MBEDTLS_OID_GOV "\x03\x04" /** { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) */
+
/**
* Private Internet Extensions
* { iso(1) identified-organization(3) dod(6) internet(1)
@@ -219,12 +221,12 @@
#define MBEDTLS_OID_DIGEST_ALG_MD4 MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */
#define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
-#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_GOV "\x03\x04\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
-#define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_GOV "\x03\x04\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
-#define MBEDTLS_OID_DIGEST_ALG_SHA384 MBEDTLS_OID_GOV "\x03\x04\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA384 MBEDTLS_OID_NIST_ALG "\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */
-#define MBEDTLS_OID_DIGEST_ALG_SHA512 MBEDTLS_OID_GOV "\x03\x04\x02\x03" /**< id-mbedtls_sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA512 MBEDTLS_OID_NIST_ALG "\x02\x03" /**< id-mbedtls_sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */
#define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */
@@ -241,8 +243,21 @@
*/
#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
#define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
+#define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */
/*
+ * Key Wrapping algorithms
+ */
+/*
+ * RFC 5649
+ */
+#define MBEDTLS_OID_AES128_KW MBEDTLS_OID_AES "\x05" /** id-aes128-wrap OBJECT IDENTIFIER ::= { aes 5 } */
+#define MBEDTLS_OID_AES128_KWP MBEDTLS_OID_AES "\x08" /** id-aes128-wrap-pad OBJECT IDENTIFIER ::= { aes 8 } */
+#define MBEDTLS_OID_AES192_KW MBEDTLS_OID_AES "\x19" /** id-aes192-wrap OBJECT IDENTIFIER ::= { aes 25 } */
+#define MBEDTLS_OID_AES192_KWP MBEDTLS_OID_AES "\x1c" /** id-aes192-wrap-pad OBJECT IDENTIFIER ::= { aes 28 } */
+#define MBEDTLS_OID_AES256_KW MBEDTLS_OID_AES "\x2d" /** id-aes256-wrap OBJECT IDENTIFIER ::= { aes 45 } */
+#define MBEDTLS_OID_AES256_KWP MBEDTLS_OID_AES "\x30" /** id-aes256-wrap-pad OBJECT IDENTIFIER ::= { aes 48 } */
+/*
* PKCS#5 OIDs
*/
#define MBEDTLS_OID_PKCS5_PBKDF2 MBEDTLS_OID_PKCS5 "\x0c" /**< id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} */
@@ -388,7 +403,8 @@
/**
* \brief Base OID descriptor structure
*/
-typedef struct {
+typedef struct mbedtls_oid_descriptor_t
+{
const char *asn1; /*!< OID ASN.1 representation */
size_t asn1_len; /*!< length of asn1 */
const char *name; /*!< official name (e.g. from RFC) */
diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h
index 2cf4c0a..fa82f7b 100644
--- a/include/mbedtls/pem.h
+++ b/include/mbedtls/pem.h
@@ -51,7 +51,7 @@
/**
* \brief PEM context structure
*/
-typedef struct
+typedef struct mbedtls_pem_context
{
unsigned char *buf; /*!< buffer for decoded data */
size_t buflen; /*!< length of the buffer */
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index ee06b2f..9ec33da 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -87,7 +87,7 @@
* \brief Options for RSASSA-PSS signature verification.
* See \c mbedtls_rsa_rsassa_pss_verify_ext()
*/
-typedef struct
+typedef struct mbedtls_pk_rsassa_pss_options
{
mbedtls_md_type_t mgf1_hash_id;
int expected_salt_len;
@@ -107,7 +107,7 @@
/**
* \brief Item to send to the debug module
*/
-typedef struct
+typedef struct mbedtls_pk_debug_item
{
mbedtls_pk_debug_type type;
const char *name;
@@ -125,12 +125,26 @@
/**
* \brief Public key container
*/
-typedef struct
+typedef struct mbedtls_pk_context
{
- const mbedtls_pk_info_t * pk_info; /**< Public key informations */
+ const mbedtls_pk_info_t * pk_info; /**< Public key information */
void * pk_ctx; /**< Underlying public key context */
} mbedtls_pk_context;
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief Context for resuming operations
+ */
+typedef struct
+{
+ const mbedtls_pk_info_t * pk_info; /**< Public key information */
+ void * rs_ctx; /**< Underlying restart context */
+} mbedtls_pk_restart_ctx;
+#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+/* Now we can declare functions that take a pointer to that */
+typedef void mbedtls_pk_restart_ctx;
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
#if defined(MBEDTLS_RSA_C)
/**
* Quick access to an RSA context inside a PK context.
@@ -190,6 +204,18 @@
*/
void mbedtls_pk_free( mbedtls_pk_context *ctx );
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief Initialize a restart context
+ */
+void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
+
+/**
+ * \brief Free the components of a restart context
+ */
+void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
/**
* \brief Initialize a PK context with the information given
* and allocates the type-specific PK subcontext.
@@ -287,6 +313,32 @@
const unsigned char *sig, size_t sig_len );
/**
+ * \brief Restartable version of \c mbedtls_pk_verify()
+ *
+ * \note Performs the same job as \c mbedtls_pk_verify(), but can
+ * return early and restart according to the limit set with
+ * \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
+ * operations. For RSA, same as \c mbedtls_pk_verify().
+ *
+ * \param ctx PK context to use
+ * \param md_alg Hash algorithm used (see notes)
+ * \param hash Hash of the message to sign
+ * \param hash_len Hash length or 0 (see notes)
+ * \param sig Signature to verify
+ * \param sig_len Signature length
+ * \param rs_ctx Restart context (NULL to disable restart)
+ *
+ * \return See \c mbedtls_pk_verify(), or
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ */
+int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len,
+ mbedtls_pk_restart_ctx *rs_ctx );
+
+/**
* \brief Verify signature, with options.
* (Includes verification of the padding depending on type.)
*
@@ -350,6 +402,35 @@
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
+ * \brief Restartable version of \c mbedtls_pk_sign()
+ *
+ * \note Performs the same job as \c mbedtls_pk_sign(), but can
+ * return early and restart according to the limit set with
+ * \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
+ * operations. For RSA, same as \c mbedtls_pk_sign().
+ *
+ * \param ctx PK context to use - must hold a private key
+ * \param md_alg Hash algorithm used (see notes)
+ * \param hash Hash of the message to sign
+ * \param hash_len Hash length or 0 (see notes)
+ * \param sig Place to write the signature
+ * \param sig_len Number of bytes written
+ * \param f_rng RNG function
+ * \param p_rng RNG parameter
+ * \param rs_ctx Restart context (NULL to disable restart)
+ *
+ * \return See \c mbedtls_pk_sign(), or
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ */
+int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_pk_restart_ctx *rs_ctx );
+
+/**
* \brief Decrypt message (including padding if relevant).
*
* \param ctx PK context to use - must hold a private key
diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h
index 3dae0fc..48b7a5f 100644
--- a/include/mbedtls/pk_internal.h
+++ b/include/mbedtls/pk_internal.h
@@ -59,6 +59,21 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ /** Verify signature (restartable) */
+ int (*verify_rs_func)( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len,
+ void *rs_ctx );
+
+ /** Make signature (restartable) */
+ int (*sign_rs_func)( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng, void *rs_ctx );
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
/** Decrypt message */
int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
@@ -80,6 +95,14 @@
/** Free the given context */
void (*ctx_free_func)( void *ctx );
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ /** Allocate the restart context */
+ void * (*rs_alloc_func)( void );
+
+ /** Free the restart context */
+ void (*rs_free_func)( void *rs_ctx );
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
/** Interface with the debug module */
void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items );
diff --git a/include/mbedtls/pkcs11.h b/include/mbedtls/pkcs11.h
index bf65c55..02427dd 100644
--- a/include/mbedtls/pkcs11.h
+++ b/include/mbedtls/pkcs11.h
@@ -50,7 +50,8 @@
/**
* Context for PKCS #11 private keys.
*/
-typedef struct {
+typedef struct mbedtls_pkcs11_context
+{
pkcs11h_certificate_t pkcs11h_cert;
int len;
} mbedtls_pkcs11_context;
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 9d9c529..a40a64f 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -40,7 +40,7 @@
#endif
#if defined(MBEDTLS_HAVE_TIME)
-#include "mbedtls/platform_time.h"
+#include "platform_time.h"
#endif
#ifdef __cplusplus
@@ -315,7 +315,8 @@
* \note This structure may be used to assist platform-specific
* setup or teardown operations.
*/
-typedef struct {
+typedef struct mbedtls_platform_context
+{
char dummy; /**< A placeholder member, as empty structs are not portable. */
}
mbedtls_platform_context;
diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h
index 84f0732..164a1a0 100644
--- a/include/mbedtls/platform_util.h
+++ b/include/mbedtls/platform_util.h
@@ -25,7 +25,17 @@
#ifndef MBEDTLS_PLATFORM_UTIL_H
#define MBEDTLS_PLATFORM_UTIL_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include <stddef.h>
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+#include "mbedtls/platform_time.h"
+#include <time.h>
+#endif /* MBEDTLS_HAVE_TIME_DATE */
#ifdef __cplusplus
extern "C" {
@@ -55,6 +65,37 @@
*/
void mbedtls_platform_zeroize( void *buf, size_t len );
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+/**
+ * \brief Platform-specific implementation of gmtime_r()
+ *
+ * The function is a thread-safe abstraction that behaves
+ * similarly to the gmtime_r() function from Unix/POSIX.
+ *
+ * Mbed TLS will try to identify the underlying platform and
+ * make use of an appropriate underlying implementation (e.g.
+ * gmtime_r() for POSIX and gmtime_s() for Windows). If this is
+ * not possible, then gmtime() will be used. In this case, calls
+ * from the library to gmtime() will be guarded by the mutex
+ * mbedtls_threading_gmtime_mutex if MBEDTLS_THREADING_C is
+ * enabled. It is recommended that calls from outside the library
+ * are also guarded by this mutex.
+ *
+ * If MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, then Mbed TLS will
+ * unconditionally use the alternative implementation for
+ * mbedtls_platform_gmtime_r() supplied by the user at compile time.
+ *
+ * \param tt Pointer to an object containing time (in seconds) since the
+ * epoch to be converted
+ * \param tm_buf Pointer to an object where the results will be stored
+ *
+ * \return Pointer to an object of type struct tm on success, otherwise
+ * NULL
+ */
+struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
+ struct tm *tm_buf );
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h
new file mode 100644
index 0000000..c490cdf
--- /dev/null
+++ b/include/mbedtls/poly1305.h
@@ -0,0 +1,181 @@
+/**
+ * \file poly1305.h
+ *
+ * \brief This file contains Poly1305 definitions and functions.
+ *
+ * Poly1305 is a one-time message authenticator that can be used to
+ * authenticate messages. Poly1305-AES was created by Daniel
+ * Bernstein https://cr.yp.to/mac/poly1305-20050329.pdf The generic
+ * Poly1305 algorithm (not tied to AES) was also standardized in RFC
+ * 7539.
+ *
+ * \author Daniel King <damaki.gh@gmail.com>
+ */
+
+/* Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_POLY1305_H
+#define MBEDTLS_POLY1305_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdint.h>
+#include <stddef.h>
+
+#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057 /**< Invalid input parameter(s). */
+#define MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE -0x0059 /**< Feature not available. For example, s part of the API is not implemented. */
+#define MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED -0x005B /**< Poly1305 hardware accelerator failed. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_POLY1305_ALT)
+
+typedef struct mbedtls_poly1305_context
+{
+ uint32_t r[4]; /** The value for 'r' (low 128 bits of the key). */
+ uint32_t s[4]; /** The value for 's' (high 128 bits of the key). */
+ uint32_t acc[5]; /** The accumulator number. */
+ uint8_t queue[16]; /** The current partial block of data. */
+ size_t queue_len; /** The number of bytes stored in 'queue'. */
+}
+mbedtls_poly1305_context;
+
+#else /* MBEDTLS_POLY1305_ALT */
+#include "poly1305_alt.h"
+#endif /* MBEDTLS_POLY1305_ALT */
+
+/**
+ * \brief This function initializes the specified Poly1305 context.
+ *
+ * It must be the first API called before using
+ * the context.
+ *
+ * It is usually followed by a call to
+ * \c mbedtls_poly1305_starts(), then one or more calls to
+ * \c mbedtls_poly1305_update(), then one call to
+ * \c mbedtls_poly1305_finish(), then finally
+ * \c mbedtls_poly1305_free().
+ *
+ * \param ctx The Poly1305 context to initialize.
+ */
+void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx );
+
+/**
+ * \brief This function releases and clears the specified Poly1305 context.
+ *
+ * \param ctx The Poly1305 context to clear.
+ */
+void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx );
+
+/**
+ * \brief This function sets the one-time authentication key.
+ *
+ * \warning The key must be unique and unpredictable for each
+ * invocation of Poly1305.
+ *
+ * \param ctx The Poly1305 context to which the key should be bound.
+ * \param key The buffer containing the 256-bit key.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if ctx or key are NULL.
+ */
+int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
+ const unsigned char key[32] );
+
+/**
+ * \brief This functions feeds an input buffer into an ongoing
+ * Poly1305 computation.
+ *
+ * It is called between \c mbedtls_cipher_poly1305_starts() and
+ * \c mbedtls_cipher_poly1305_finish().
+ * It can be called repeatedly to process a stream of data.
+ *
+ * \param ctx The Poly1305 context to use for the Poly1305 operation.
+ * \param ilen The length of the input data (in bytes). Any value is accepted.
+ * \param input The buffer holding the input data.
+ * This pointer can be NULL if ilen == 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if ctx or input are NULL.
+ */
+int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief This function generates the Poly1305 Message
+ * Authentication Code (MAC).
+ *
+ * \param ctx The Poly1305 context to use for the Poly1305 operation.
+ * \param mac The buffer to where the MAC is written. Must be big enough
+ * to hold the 16-byte MAC.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if ctx or mac are NULL.
+ */
+int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
+ unsigned char mac[16] );
+
+/**
+ * \brief This function calculates the Poly1305 MAC of the input
+ * buffer with the provided key.
+ *
+ * \warning The key must be unique and unpredictable for each
+ * invocation of Poly1305.
+ *
+ * \param key The buffer containing the 256-bit key.
+ * \param ilen The length of the input data (in bytes). Any value is accepted.
+ * \param input The buffer holding the input data.
+ * This pointer can be NULL if ilen == 0.
+ * \param mac The buffer to where the MAC is written. Must be big enough
+ * to hold the 16-byte MAC.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA
+ * if key, input, or mac are NULL.
+ */
+int mbedtls_poly1305_mac( const unsigned char key[32],
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char mac[16] );
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief The Poly1305 checkup routine.
+ *
+ * \return \c 0 on success.
+ * \return \c 1 on failure.
+ */
+int mbedtls_poly1305_self_test( int verbose );
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_POLY1305_H */
diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h
index a0dac0c..0c8e568 100644
--- a/include/mbedtls/ripemd160.h
+++ b/include/mbedtls/ripemd160.h
@@ -46,7 +46,7 @@
/**
* \brief RIPEMD-160 context structure
*/
-typedef struct
+typedef struct mbedtls_ripemd160_context
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[5]; /*!< intermediate digest state */
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 19eb2ee..6eea5af 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -92,7 +92,7 @@
* is deprecated. All manipulation should instead be done through
* the public interface functions.
*/
-typedef struct
+typedef struct mbedtls_rsa_context
{
int ver; /*!< Always 0.*/
size_t len; /*!< The size of \p N in Bytes. */
diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h
index 65a124c..7a19da0 100644
--- a/include/mbedtls/sha1.h
+++ b/include/mbedtls/sha1.h
@@ -58,7 +58,7 @@
* stronger message digests instead.
*
*/
-typedef struct
+typedef struct mbedtls_sha1_context
{
uint32_t total[2]; /*!< The number of Bytes processed. */
uint32_t state[5]; /*!< The intermediate digest state. */
diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index adf31a8..33aff28 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h
@@ -53,7 +53,7 @@
* checksum calculations. The choice between these two is
* made in the call to mbedtls_sha256_starts_ret().
*/
-typedef struct
+typedef struct mbedtls_sha256_context
{
uint32_t total[2]; /*!< The number of Bytes processed. */
uint32_t state[8]; /*!< The intermediate digest state. */
diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h
index 5bb83f4..0145890 100644
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@@ -52,7 +52,7 @@
* checksum calculations. The choice between these two is
* made in the call to mbedtls_sha512_starts_ret().
*/
-typedef struct
+typedef struct mbedtls_sha512_context
{
uint64_t total[2]; /*!< The number of Bytes processed. */
uint64_t state[8]; /*!< The intermediate digest state. */
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 4513550..e8f664a 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -62,7 +62,7 @@
#endif
#if defined(MBEDTLS_HAVE_TIME)
-#include "mbedtls/platform_time.h"
+#include "platform_time.h"
#endif
/*
@@ -121,6 +121,8 @@
#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600 /**< Couldn't set the hash for verifying CertificateVerify */
#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */
#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */
+#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */
+#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */
/*
* Various constants
@@ -220,7 +222,7 @@
#endif
/*
- * Maxium fragment length in bytes,
+ * Maximum fragment length in bytes,
* determines the size of each of the two internal I/O buffers.
*
* Note: the RFC defines the default size of SSL / TLS messages. If you
@@ -234,6 +236,22 @@
#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
#endif
+#if !defined(MBEDTLS_SSL_IN_CONTENT_LEN)
+#define MBEDTLS_SSL_IN_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN
+#endif
+
+#if !defined(MBEDTLS_SSL_OUT_CONTENT_LEN)
+#define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN
+#endif
+
+/*
+ * Maximum number of heap-allocated bytes for the purpose of
+ * DTLS handshake message reassembly and future message buffering.
+ */
+#if !defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING)
+#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
+#endif
+
/* \} name SECTION: Module settings */
/*
@@ -1014,14 +1032,14 @@
int renego_records_seen; /*!< Records since renego request, or with DTLS,
number of retransmissions of request if
renego_max_records is < 0 */
-#endif
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */
int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
unsigned badmac_seen; /*!< records with a bad MAC received */
-#endif
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
mbedtls_ssl_send_t *f_send; /*!< Callback for network send */
mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */
@@ -1077,11 +1095,11 @@
uint16_t in_epoch; /*!< DTLS epoch for incoming records */
size_t next_record_offset; /*!< offset of the next record in datagram
(equal to in_left if none) */
-#endif
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
uint64_t in_window_top; /*!< last validated record seq_num */
uint64_t in_window; /*!< bitmask for replay detection */
-#endif
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
size_t in_hslen; /*!< current handshake message length,
including the handshake header */
@@ -1090,6 +1108,11 @@
int keep_current_message; /*!< drop or reuse current message
on next call to record layer? */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ uint8_t disable_datagram_packing; /*!< Disable packing multiple records
+ * within a single datagram. */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
/*
* Record layer (outgoing data)
*/
@@ -1104,12 +1127,18 @@
size_t out_msglen; /*!< record header: message length */
size_t out_left; /*!< amount of data not yet written */
+ unsigned char cur_out_ctr[8]; /*!< Outgoing record sequence number. */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ uint16_t mtu; /*!< path mtu, used to fragment outgoing messages */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
#if defined(MBEDTLS_ZLIB_SUPPORT)
unsigned char *compress_buf; /*!< zlib data buffer */
-#endif
+#endif /* MBEDTLS_ZLIB_SUPPORT */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
signed char split_done; /*!< current record already splitted? */
-#endif
+#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
/*
* PKI layer
@@ -1122,11 +1151,11 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
char *hostname; /*!< expected peer CN for verification
(and SNI if available) */
-#endif
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_ALPN)
const char *alpn_chosen; /*!< negotiated protocol */
-#endif
+#endif /* MBEDTLS_SSL_ALPN */
/*
* Information for DTLS hello verify
@@ -1134,7 +1163,7 @@
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
unsigned char *cli_id; /*!< transport-level ID of the client */
size_t cli_id_len; /*!< length of cli_id */
-#endif
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
/*
* Secure renegotiation
@@ -1146,7 +1175,7 @@
size_t verify_data_len; /*!< length of verify data stored */
char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */
char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */
-#endif
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
};
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
@@ -1366,6 +1395,52 @@
mbedtls_ssl_recv_t *f_recv,
mbedtls_ssl_recv_timeout_t *f_recv_timeout );
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+/**
+ * \brief Set the Maximum Tranport Unit (MTU).
+ * Special value: 0 means unset (no limit).
+ * This represents the maximum size of a datagram payload
+ * handled by the transport layer (usually UDP) as determined
+ * by the network link and stack. In practice, this controls
+ * the maximum size datagram the DTLS layer will pass to the
+ * \c f_send() callback set using \c mbedtls_ssl_set_bio().
+ *
+ * \note The limit on datagram size is converted to a limit on
+ * record payload by subtracting the current overhead of
+ * encapsulation and encryption/authentication if any.
+ *
+ * \note This can be called at any point during the connection, for
+ * example when a Path Maximum Transfer Unit (PMTU)
+ * estimate becomes available from other sources,
+ * such as lower (or higher) protocol layers.
+ *
+ * \note This setting only controls the size of the packets we send,
+ * and does not restrict the size of the datagrams we're
+ * willing to receive. Client-side, you can request the
+ * server to use smaller records with \c
+ * mbedtls_ssl_conf_max_frag_len().
+ *
+ * \note If both a MTU and a maximum fragment length have been
+ * configured (or negotiated with the peer), the resulting
+ * lower limit on record payload (see first note) is used.
+ *
+ * \note This can only be used to decrease the maximum size
+ * of datagrams (hence records, see first note) sent. It
+ * cannot be used to increase the maximum size of records over
+ * the limit set by #MBEDTLS_SSL_OUT_CONTENT_LEN.
+ *
+ * \note Values lower than the current record layer expansion will
+ * result in an error when trying to send data.
+ *
+ * \note Using record compression together with a non-zero MTU value
+ * will result in an error when trying to send data.
+ *
+ * \param ssl SSL context
+ * \param mtu Value of the path MTU in bytes
+ */
+void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu );
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
/**
* \brief Set the timeout period for mbedtls_ssl_read()
* (Default: no timeout.)
@@ -1749,6 +1824,38 @@
#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+/**
+ * \brief Allow or disallow packing of multiple handshake records
+ * within a single datagram.
+ *
+ * \param ssl The SSL context to configure.
+ * \param allow_packing This determines whether datagram packing may
+ * be used or not. A value of \c 0 means that every
+ * record will be sent in a separate datagram; a
+ * value of \c 1 means that, if space permits,
+ * multiple handshake messages (including CCS) belonging to
+ * a single flight may be packed within a single datagram.
+ *
+ * \note This is enabled by default and should only be disabled
+ * for test purposes, or if datagram packing causes
+ * interoperability issues with peers that don't support it.
+ *
+ * \note Allowing datagram packing reduces the network load since
+ * there's less overhead if multiple messages share the same
+ * datagram. Also, it increases the handshake efficiency
+ * since messages belonging to a single datagram will not
+ * be reordered in transit, and so future message buffering
+ * or flight retransmission (if no buffering is used) as
+ * means to deal with reordering are needed less frequently.
+ *
+ * \note Application records are not affected by this option and
+ * are currently always sent in separate datagrams.
+ *
+ */
+void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl,
+ unsigned allow_packing );
+
/**
* \brief Set retransmit timeout values for the DTLS handshake.
* (DTLS only, no effect on TLS.)
@@ -2418,12 +2525,25 @@
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
/**
* \brief Set the maximum fragment length to emit and/or negotiate
- * (Default: MBEDTLS_SSL_MAX_CONTENT_LEN, usually 2^14 bytes)
+ * (Default: the smaller of MBEDTLS_SSL_IN_CONTENT_LEN and
+ * MBEDTLS_SSL_OUT_CONTENT_LEN, usually 2^14 bytes)
* (Server: set maximum fragment length to emit,
* usually negotiated by the client during handshake
* (Client: set maximum fragment length to emit *and*
* negotiate with the server during handshake)
*
+ * \note With TLS, this currently only affects ApplicationData (sent
+ * with \c mbedtls_ssl_read()), not handshake messages.
+ * With DTLS, this affects both ApplicationData and handshake.
+ *
+ * \note This sets the maximum length for a record's payload,
+ * excluding record overhead that will be added to it, see
+ * \c mbedtls_ssl_get_record_expansion().
+ *
+ * \note For DTLS, it is also possible to set a limit for the total
+ * size of daragrams passed to the transport layer, including
+ * record overhead, see \c mbedtls_ssl_set_mtu().
+ *
* \param conf SSL configuration
* \param mfl_code Code for maximum fragment length (allowed values:
* MBEDTLS_SSL_MAX_FRAG_LEN_512, MBEDTLS_SSL_MAX_FRAG_LEN_1024,
@@ -2686,6 +2806,9 @@
* \brief Return the (maximum) number of bytes added by the record
* layer: header + encryption/MAC overhead (inc. padding)
*
+ * \note This function is not available (always returns an error)
+ * when record compression is enabled.
+ *
* \param ssl SSL context
*
* \return Current maximum record expansion in bytes, or
@@ -2700,12 +2823,8 @@
* This is the value negotiated with peer if any,
* or the locally configured value.
*
- * \note With DTLS, \c mbedtls_ssl_write() will return an error if
- * called with a larger length value.
- * With TLS, \c mbedtls_ssl_write() will fragment the input if
- * necessary and return the number of bytes written; it is up
- * to the caller to call \c mbedtls_ssl_write() again in
- * order to send the remaining bytes if any.
+ * \sa mbedtls_ssl_conf_max_frag_len()
+ * \sa mbedtls_ssl_get_max_record_payload()
*
* \param ssl SSL context
*
@@ -2714,6 +2833,34 @@
size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl );
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+/**
+ * \brief Return the current maximum outgoing record payload in bytes.
+ * This takes into account the config.h setting \c
+ * MBEDTLS_SSL_OUT_CONTENT_LEN, the configured and negotiated
+ * max fragment length extension if used, and for DTLS the
+ * path MTU as configured and current record expansion.
+ *
+ * \note With DTLS, \c mbedtls_ssl_write() will return an error if
+ * called with a larger length value.
+ * With TLS, \c mbedtls_ssl_write() will fragment the input if
+ * necessary and return the number of bytes written; it is up
+ * to the caller to call \c mbedtls_ssl_write() again in
+ * order to send the remaining bytes if any.
+ *
+ * \note This function is not available (always returns an error)
+ * when record compression is enabled.
+ *
+ * \sa mbedtls_ssl_set_mtu()
+ * \sa mbedtls_ssl_get_max_frag_len()
+ * \sa mbedtls_ssl_get_record_expansion()
+ *
+ * \param ssl SSL context
+ *
+ * \return Current maximum payload for an outgoing record,
+ * or a negative error code.
+ */
+int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl );
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**
* \brief Return the peer certificate from the current connection
@@ -2737,7 +2884,6 @@
* \brief Save session in order to resume it later (client-side only)
* Session data is copied to presented session structure.
*
- * \warning Currently, peer certificate is lost in the operation.
*
* \param ssl SSL context
* \param session session context
@@ -2745,7 +2891,18 @@
* \return 0 if successful,
* MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed,
* MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
- * arguments are otherwise invalid
+ * arguments are otherwise invalid.
+ *
+ * \note Only the server certificate is copied, and not the full chain,
+ * so you should not attempt to validate the certificate again
+ * by calling \c mbedtls_x509_crt_verify() on it.
+ * Instead, you should use the results from the verification
+ * in the original handshake by calling \c mbedtls_ssl_get_verify_result()
+ * after loading the session again into a new SSL context
+ * using \c mbedtls_ssl_set_session().
+ *
+ * \note Once the session object is not needed anymore, you should
+ * free it by calling \c mbedtls_ssl_session_free().
*
* \sa mbedtls_ssl_set_session()
*/
@@ -2757,35 +2914,50 @@
*
* \param ssl SSL context
*
- * \return 0 if successful, or
- * MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or
- * MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED (see below), or
- * a specific SSL error code.
+ * \return \c 0 if successful.
+ * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE
+ * if the handshake is incomplete and waiting for data to
+ * be available for reading from or writing to the underlying
+ * transport - in this case you must call this function again
+ * when the underlying transport is ready for the operation.
+ * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous
+ * operation is in progress (see
+ * mbedtls_ssl_conf_async_private_cb()) - in this case you
+ * must call this function again when the operation is ready.
+ * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic
+ * operation is in progress (see mbedtls_ecp_set_max_ops()) -
+ * in this case you must call this function again to complete
+ * the handshake when you're done attending other tasks.
+ * \return #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED if DTLS is in use
+ * and the client did not demonstrate reachability yet - in
+ * this case you must stop using the context (see below).
+ * \return Another SSL error code - in this case you must stop using
+ * the context (see below).
*
- * If this function returns MBEDTLS_ERR_SSL_WANT_READ, the
- * handshake is unfinished and no further data is available
- * from the underlying transport. In this case, you must call
- * the function again at some later stage.
+ * \warning If this function returns something other than
+ * \c 0,
+ * #MBEDTLS_ERR_SSL_WANT_READ,
+ * #MBEDTLS_ERR_SSL_WANT_WRITE,
+ * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS,
+ * you must stop using the SSL context for reading or writing,
+ * and either free it or call \c mbedtls_ssl_session_reset()
+ * on it before re-using it for a new connection; the current
+ * connection must be closed.
+ *
+ * \note If DTLS is in use, then you may choose to handle
+ * #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging
+ * purposes, as it is an expected return value rather than an
+ * actual error, but you still need to reset/free the context.
*
* \note Remarks regarding event-driven DTLS:
- * If the function returns MBEDTLS_ERR_SSL_WANT_READ, no datagram
+ * If the function returns #MBEDTLS_ERR_SSL_WANT_READ, no datagram
* from the underlying transport layer is currently being processed,
* and it is safe to idle until the timer or the underlying transport
* signal a new event. This is not true for a successful handshake,
* in which case the datagram of the underlying transport that is
* currently being processed might or might not contain further
* DTLS records.
- *
- * \note If this function returns something other than 0 or
- * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using
- * the SSL context for reading or writing, and either free it or
- * call \c mbedtls_ssl_session_reset() on it before re-using it
- * for a new connection; the current connection must be closed.
- *
- * \note If DTLS is in use, then you may choose to handle
- * MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging
- * purposes, as it is an expected return value rather than an
- * actual error, but you still need to reset/free the context.
*/
int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
@@ -2793,20 +2965,21 @@
* \brief Perform a single step of the SSL handshake
*
* \note The state of the context (ssl->state) will be at
- * the next state after execution of this function. Do not
+ * the next state after this function returns \c 0. Do not
* call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER.
*
- * \note If this function returns something other than 0 or
- * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using
- * the SSL context for reading or writing, and either free it or
- * call \c mbedtls_ssl_session_reset() on it before re-using it
- * for a new connection; the current connection must be closed.
- *
* \param ssl SSL context
*
- * \return 0 if successful, or
- * MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or
- * a specific SSL error code.
+ * \return See mbedtls_ssl_handshake().
+ *
+ * \warning If this function returns something other than \c 0,
+ * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE,
+ * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using
+ * the SSL context for reading or writing, and either free it
+ * or call \c mbedtls_ssl_session_reset() on it before
+ * re-using it for a new connection; the current connection
+ * must be closed.
*/
int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl );
@@ -2821,13 +2994,18 @@
* \param ssl SSL context
*
* \return 0 if successful, or any mbedtls_ssl_handshake() return
- * value.
+ * value except #MBEDTLS_ERR_SSL_CLIENT_RECONNECT that can't
+ * happen during a renegotiation.
*
- * \note If this function returns something other than 0 or
- * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using
- * the SSL context for reading or writing, and either free it or
- * call \c mbedtls_ssl_session_reset() on it before re-using it
- * for a new connection; the current connection must be closed.
+ * \warning If this function returns something other than \c 0,
+ * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE,
+ * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using
+ * the SSL context for reading or writing, and either free it
+ * or call \c mbedtls_ssl_session_reset() on it before
+ * re-using it for a new connection; the current connection
+ * must be closed.
+ *
*/
int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl );
#endif /* MBEDTLS_SSL_RENEGOTIATION */
@@ -2839,42 +3017,56 @@
* \param buf buffer that will hold the data
* \param len maximum number of bytes to read
*
- * \return One of the following:
- * - 0 if the read end of the underlying transport was closed,
- * - the (positive) number of bytes read, or
- * - a negative error code on failure.
+ * \return The (positive) number of bytes read if successful.
+ * \return \c 0 if the read end of the underlying transport was closed
+ * - in this case you must stop using the context (see below).
+ * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE
+ * if the handshake is incomplete and waiting for data to
+ * be available for reading from or writing to the underlying
+ * transport - in this case you must call this function again
+ * when the underlying transport is ready for the operation.
+ * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous
+ * operation is in progress (see
+ * mbedtls_ssl_conf_async_private_cb()) - in this case you
+ * must call this function again when the operation is ready.
+ * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic
+ * operation is in progress (see mbedtls_ecp_set_max_ops()) -
+ * in this case you must call this function again to complete
+ * the handshake when you're done attending other tasks.
+ * \return #MBEDTLS_ERR_SSL_CLIENT_RECONNECT if we're at the server
+ * side of a DTLS connection and the client is initiating a
+ * new connection using the same source port. See below.
+ * \return Another SSL error code - in this case you must stop using
+ * the context (see below).
*
- * If MBEDTLS_ERR_SSL_WANT_READ is returned, no application data
- * is available from the underlying transport. In this case,
- * the function needs to be called again at some later stage.
+ * \warning If this function returns something other than
+ * a positive value,
+ * #MBEDTLS_ERR_SSL_WANT_READ,
+ * #MBEDTLS_ERR_SSL_WANT_WRITE,
+ * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS,
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or
+ * #MBEDTLS_ERR_SSL_CLIENT_RECONNECT,
+ * you must stop using the SSL context for reading or writing,
+ * and either free it or call \c mbedtls_ssl_session_reset()
+ * on it before re-using it for a new connection; the current
+ * connection must be closed.
*
- * If MBEDTLS_ERR_SSL_WANT_WRITE is returned, a write is pending
- * but the underlying transport isn't available for writing. In this
- * case, the function needs to be called again at some later stage.
- *
- * When this function return MBEDTLS_ERR_SSL_CLIENT_RECONNECT
+ * \note When this function returns #MBEDTLS_ERR_SSL_CLIENT_RECONNECT
* (which can only happen server-side), it means that a client
* is initiating a new connection using the same source port.
* You can either treat that as a connection close and wait
* for the client to resend a ClientHello, or directly
* continue with \c mbedtls_ssl_handshake() with the same
- * context (as it has beeen reset internally). Either way, you
- * should make sure this is seen by the application as a new
+ * context (as it has been reset internally). Either way, you
+ * must make sure this is seen by the application as a new
* connection: application state, if any, should be reset, and
* most importantly the identity of the client must be checked
* again. WARNING: not validating the identity of the client
* again, or not transmitting the new identity to the
* application layer, would allow authentication bypass!
*
- * \note If this function returns something other than a positive value
- * or MBEDTLS_ERR_SSL_WANT_READ/WRITE or MBEDTLS_ERR_SSL_CLIENT_RECONNECT,
- * you must stop using the SSL context for reading or writing,
- * and either free it or call \c mbedtls_ssl_session_reset() on it
- * before re-using it for a new connection; the current connection
- * must be closed.
- *
* \note Remarks regarding event-driven DTLS:
- * - If the function returns MBEDTLS_ERR_SSL_WANT_READ, no datagram
+ * - If the function returns #MBEDTLS_ERR_SSL_WANT_READ, no datagram
* from the underlying transport layer is currently being processed,
* and it is safe to idle until the timer or the underlying transport
* signal a new event.
@@ -2903,21 +3095,41 @@
* \param buf buffer holding the data
* \param len how many bytes must be written
*
- * \return the number of bytes actually written (may be less than len),
- * or MBEDTLS_ERR_SSL_WANT_WRITE or MBEDTLS_ERR_SSL_WANT_READ,
- * or another negative error code.
+ * \return The (non-negative) number of bytes actually written if
+ * successful (may be less than \p len).
+ * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE
+ * if the handshake is incomplete and waiting for data to
+ * be available for reading from or writing to the underlying
+ * transport - in this case you must call this function again
+ * when the underlying transport is ready for the operation.
+ * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous
+ * operation is in progress (see
+ * mbedtls_ssl_conf_async_private_cb()) - in this case you
+ * must call this function again when the operation is ready.
+ * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic
+ * operation is in progress (see mbedtls_ecp_set_max_ops()) -
+ * in this case you must call this function again to complete
+ * the handshake when you're done attending other tasks.
+ * \return Another SSL error code - in this case you must stop using
+ * the context (see below).
*
- * \note If this function returns something other than a positive value
- * or MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using
- * the SSL context for reading or writing, and either free it or
- * call \c mbedtls_ssl_session_reset() on it before re-using it
- * for a new connection; the current connection must be closed.
+ * \warning If this function returns something other than
+ * a non-negative value,
+ * #MBEDTLS_ERR_SSL_WANT_READ,
+ * #MBEDTLS_ERR_SSL_WANT_WRITE,
+ * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS,
+ * you must stop using the SSL context for reading or writing,
+ * and either free it or call \c mbedtls_ssl_session_reset()
+ * on it before re-using it for a new connection; the current
+ * connection must be closed.
*
- * \note When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ,
+ * \note When this function returns #MBEDTLS_ERR_SSL_WANT_WRITE/READ,
* it must be called later with the *same* arguments,
- * until it returns a positive value. When the function returns
- * MBEDTLS_ERR_SSL_WANT_WRITE there may be some partial
- * data in the output buffer, however this is not yet sent.
+ * until it returns a value greater that or equal to 0. When
+ * the function returns #MBEDTLS_ERR_SSL_WANT_WRITE there may be
+ * some partial data in the output buffer, however this is not
+ * yet sent.
*
* \note If the requested length is greater than the maximum
* fragment length (either the built-in limit or the one set
@@ -2926,6 +3138,9 @@
* - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned.
* \c mbedtls_ssl_get_max_frag_len() may be used to query the
* active maximum fragment length.
+ *
+ * \note Attempting to write 0 bytes will result in an empty TLS
+ * application record being sent.
*/
int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len );
@@ -3018,6 +3233,9 @@
* \brief Free referenced items in an SSL session including the
* peer certificate and clear memory
*
+ * \note A session object can be freed even if the SSL context
+ * that was used to retrieve the session is still in use.
+ *
* \param session SSL session
*/
void mbedtls_ssl_session_free( mbedtls_ssl_session *session );
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index 7d5eba0..cda8b48 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -271,6 +271,15 @@
#define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF /**< experimental */
+/* RFC 7905 */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9 /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA /**< TLS 1.2 */
+#define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE /**< TLS 1.2 */
+
/* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange.
* Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below
*/
diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h
index 80b65bb..6a0ad4f 100644
--- a/include/mbedtls/ssl_cookie.h
+++ b/include/mbedtls/ssl_cookie.h
@@ -50,7 +50,7 @@
/**
* \brief Context for the default cookie functions.
*/
-typedef struct
+typedef struct mbedtls_ssl_cookie_ctx
{
mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */
#if !defined(MBEDTLS_HAVE_TIME)
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index f48fe90..97abb9f 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -93,6 +93,14 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+/* Shorthand for restartable ECC */
+#if defined(MBEDTLS_ECP_RESTARTABLE) && \
+ defined(MBEDTLS_SSL_CLI_C) && \
+ defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+#define MBEDTLS_SSL__ECP_RESTARTABLE
+#endif
+
#define MBEDTLS_SSL_INITIAL_HANDSHAKE 0
#define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS 1 /* In progress */
#define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */
@@ -143,32 +151,76 @@
#define MBEDTLS_SSL_PADDING_ADD 0
#endif
-#define MBEDTLS_SSL_PAYLOAD_LEN ( MBEDTLS_SSL_MAX_CONTENT_LEN \
- + MBEDTLS_SSL_COMPRESSION_ADD \
- + MBEDTLS_MAX_IV_LENGTH \
- + MBEDTLS_SSL_MAC_ADD \
- + MBEDTLS_SSL_PADDING_ADD \
- )
+#define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD + \
+ MBEDTLS_MAX_IV_LENGTH + \
+ MBEDTLS_SSL_MAC_ADD + \
+ MBEDTLS_SSL_PADDING_ADD \
+ )
+
+#define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
+ ( MBEDTLS_SSL_IN_CONTENT_LEN ) )
+
+#define MBEDTLS_SSL_OUT_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
+ ( MBEDTLS_SSL_OUT_CONTENT_LEN ) )
+
+/* The maximum number of buffered handshake messages. */
+#define MBEDTLS_SSL_MAX_BUFFERED_HS 4
+
+/* Maximum length we can advertise as our max content length for
+ RFC 6066 max_fragment_length extension negotiation purposes
+ (the lesser of both sizes, if they are unequal.)
+ */
+#define MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ( \
+ (MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN) \
+ ? ( MBEDTLS_SSL_OUT_CONTENT_LEN ) \
+ : ( MBEDTLS_SSL_IN_CONTENT_LEN ) \
+ )
/*
* Check that we obey the standard's message size bounds
*/
#if MBEDTLS_SSL_MAX_CONTENT_LEN > 16384
-#error Bad configuration - record content too large.
+#error "Bad configuration - record content too large."
#endif
-#if MBEDTLS_SSL_PAYLOAD_LEN > 16384 + 2048
-#error Bad configuration - protected record payload too large.
+#if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN
+#error "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
#endif
+#if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN
+#error "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
+#endif
+
+#if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048
+#error "Bad configuration - incoming protected record payload too large."
+#endif
+
+#if MBEDTLS_SSL_OUT_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048
+#error "Bad configuration - outgoing protected record payload too large."
+#endif
+
+/* Calculate buffer sizes */
+
/* Note: Even though the TLS record header is only 5 bytes
long, we're internally using 8 bytes to store the
implicit sequence number. */
#define MBEDTLS_SSL_HEADER_LEN 13
-#define MBEDTLS_SSL_BUFFER_LEN \
- ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_PAYLOAD_LEN ) )
+#define MBEDTLS_SSL_IN_BUFFER_LEN \
+ ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) )
+
+#define MBEDTLS_SSL_OUT_BUFFER_LEN \
+ ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) )
+
+#ifdef MBEDTLS_ZLIB_SUPPORT
+/* Compression buffer holds both IN and OUT buffers, so should be size of the larger */
+#define MBEDTLS_SSL_COMPRESS_BUFFER_LEN ( \
+ ( MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN ) \
+ ? MBEDTLS_SSL_IN_BUFFER_LEN \
+ : MBEDTLS_SSL_OUT_BUFFER_LEN \
+ )
+#endif
/*
* TLS extension flags (for extensions with outgoing ServerHello content
@@ -243,7 +295,18 @@
mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ int ecrs_enabled; /*!< Handshake supports EC restart? */
+ mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */
+ enum { /* this complements ssl->state with info on intra-state operations */
+ ssl_ecrs_none = 0, /*!< nothing going on (yet) */
+ ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */
+ ssl_ecrs_ske_start_processing, /*!< ServerKeyExchange: pk_verify() */
+ ssl_ecrs_cke_ecdh_calc_secret, /*!< ClientKeyExchange: ECDH step 2 */
+ ssl_ecrs_crt_vrfy_sign, /*!< CertificateVerify: pk_sign() */
+ } ecrs_state; /*!< current (or last) operation */
+ size_t ecrs_n; /*!< place for saving a length */
+#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS)
unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */
unsigned int in_msg_seq; /*!< Incoming handshake sequence number */
@@ -253,18 +316,45 @@
unsigned char verify_cookie_len; /*!< Cli: cookie length
Srv: flag for sending a cookie */
- unsigned char *hs_msg; /*!< Reassembled handshake message */
-
uint32_t retransmit_timeout; /*!< Current value of timeout */
unsigned char retransmit_state; /*!< Retransmission state */
- mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */
- mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */
+ mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */
+ mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */
+ unsigned char *cur_msg_p; /*!< Position in current message */
unsigned int in_flight_start_seq; /*!< Minimum message sequence in the
flight being received */
mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for
resending messages */
unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter
for resending messages */
+
+ struct
+ {
+ size_t total_bytes_buffered; /*!< Cumulative size of heap allocated
+ * buffers used for message buffering. */
+
+ uint8_t seen_ccs; /*!< Indicates if a CCS message has
+ * been seen in the current flight. */
+
+ struct mbedtls_ssl_hs_buffer
+ {
+ unsigned is_valid : 1;
+ unsigned is_fragmented : 1;
+ unsigned is_complete : 1;
+ unsigned char *data;
+ size_t data_len;
+ } hs[MBEDTLS_SSL_MAX_BUFFERED_HS];
+
+ struct
+ {
+ unsigned char *data;
+ size_t len;
+ unsigned epoch;
+ } future_record;
+
+ } buffering;
+
+ uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */
#endif /* MBEDTLS_SSL_PROTO_DTLS */
/*
@@ -323,6 +413,8 @@
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
};
+typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer;
+
/*
* This structure contains a full set of runtime transform parameters
* either in negotiation or active.
@@ -437,7 +529,6 @@
void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl );
int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl );
int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl );
void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl );
@@ -449,7 +540,10 @@
* of the logic of (D)TLS from the implementation
* of the secure transport.
*
- * \param ssl SSL context to use
+ * \param ssl The SSL context to use.
+ * \param update_hs_digest This indicates if the handshake digest
+ * should be automatically updated in case
+ * a handshake message is found.
*
* \return 0 or non-zero error code.
*
@@ -515,10 +609,12 @@
* following the above definition.
*
*/
-int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
+ unsigned update_hs_digest );
int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
-int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush );
int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
@@ -627,6 +723,7 @@
void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl );
#endif
/* Visible for testing purposes only */
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index 93ad46a..b2686df 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -44,7 +44,7 @@
/**
* \brief Information for session ticket protection
*/
-typedef struct
+typedef struct mbedtls_ssl_ticket_key
{
unsigned char name[4]; /*!< random key identifier */
uint32_t generation_time; /*!< key generation timestamp (seconds) */
@@ -55,7 +55,7 @@
/**
* \brief Context for session ticket handling functions
*/
-typedef struct
+typedef struct mbedtls_ssl_ticket_context
{
mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */
unsigned char active; /*!< index of the currently active key */
diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h
index aeea5d0..75298bf 100644
--- a/include/mbedtls/threading.h
+++ b/include/mbedtls/threading.h
@@ -42,7 +42,7 @@
#if defined(MBEDTLS_THREADING_PTHREAD)
#include <pthread.h>
-typedef struct
+typedef struct mbedtls_threading_mutex_t
{
pthread_mutex_t mutex;
char is_valid;
@@ -99,9 +99,17 @@
#if defined(MBEDTLS_FS_IO)
extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex;
#endif
-#if defined(MBEDTLS_HAVE_TIME_DATE)
+
+#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+/* This mutex may or may not be used in the default definition of
+ * mbedtls_platform_gmtime_r(), but in order to determine that,
+ * we need to check POSIX features, hence modify _POSIX_C_SOURCE.
+ * With the current approach, this declaration is orphaned, lacking
+ * an accompanying definition, in case mbedtls_platform_gmtime_r()
+ * doesn't need it, but that's not a problem. */
extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex;
-#endif
+#endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */
+
#endif /* MBEDTLS_THREADING_C */
#ifdef __cplusplus
diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h
index bbcb906..a965fe0 100644
--- a/include/mbedtls/timing.h
+++ b/include/mbedtls/timing.h
@@ -51,7 +51,7 @@
/**
* \brief Context for mbedtls_timing_set/get_delay()
*/
-typedef struct
+typedef struct mbedtls_timing_delay_context
{
struct mbedtls_timing_hr_time timer;
uint32_t int_ms;
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index c8050b9..326b8bd 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -39,17 +39,17 @@
* Major, Minor, Patchlevel
*/
#define MBEDTLS_VERSION_MAJOR 2
-#define MBEDTLS_VERSION_MINOR 11
-#define MBEDTLS_VERSION_PATCH 0
+#define MBEDTLS_VERSION_MINOR 13
+#define MBEDTLS_VERSION_PATCH 1
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
-#define MBEDTLS_VERSION_NUMBER 0x020B0000
-#define MBEDTLS_VERSION_STRING "2.11.0"
-#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.11.0"
+#define MBEDTLS_VERSION_NUMBER 0x020D0100
+#define MBEDTLS_VERSION_STRING "2.13.1"
+#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.13.1"
#if defined(MBEDTLS_VERSION_C)
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index ac23cff..afeefca 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -105,7 +105,7 @@
*
* All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
*/
-typedef struct
+typedef struct mbedtls_x509_crt_profile
{
uint32_t allowed_mds; /**< MDs for signatures */
uint32_t allowed_pks; /**< PK algs for signatures */
@@ -143,6 +143,63 @@
}
mbedtls_x509write_cert;
+/**
+ * Item in a verification chain: cert and flags for it
+ */
+typedef struct {
+ mbedtls_x509_crt *crt;
+ uint32_t flags;
+} mbedtls_x509_crt_verify_chain_item;
+
+/**
+ * Max size of verification chain: end-entity + intermediates + trusted root
+ */
+#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 )
+
+/**
+ * Verification chain as built by \c mbedtls_crt_verify_chain()
+ */
+typedef struct
+{
+ mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE];
+ unsigned len;
+} mbedtls_x509_crt_verify_chain;
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+
+/**
+ * \brief Context for resuming X.509 verify operations
+ */
+typedef struct
+{
+ /* for check_signature() */
+ mbedtls_pk_restart_ctx pk;
+
+ /* for find_parent_in() */
+ mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */
+ mbedtls_x509_crt *fallback_parent;
+ int fallback_signature_is_good;
+
+ /* for find_parent() */
+ int parent_is_trusted; /* -1 if find_parent is not in progress */
+
+ /* for verify_chain() */
+ enum {
+ x509_crt_rs_none,
+ x509_crt_rs_find_parent,
+ } in_progress; /* none if no operation is in progress */
+ int self_cnt;
+ mbedtls_x509_crt_verify_chain ver_chain;
+
+} mbedtls_x509_crt_restart_ctx;
+
+#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+/* Now we can declare functions that take a pointer to that */
+typedef void mbedtls_x509_crt_restart_ctx;
+
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**
* Default security profile. Should provide a good balance between security
@@ -353,6 +410,37 @@
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy );
+/**
+ * \brief Restartable version of \c mbedtls_crt_verify_with_profile()
+ *
+ * \note Performs the same job as \c mbedtls_crt_verify_with_profile()
+ * but can return early and restart according to the limit
+ * set with \c mbedtls_ecp_set_max_ops() to reduce blocking.
+ *
+ * \param crt a certificate (chain) to be verified
+ * \param trust_ca the list of trusted CAs
+ * \param ca_crl the list of CRLs for trusted CAs
+ * \param profile security profile for verification
+ * \param cn expected Common Name (can be set to
+ * NULL if the CN must not be verified)
+ * \param flags result of the verification
+ * \param f_vrfy verification function
+ * \param p_vrfy verification parameter
+ * \param rs_ctx restart context (NULL to disable restart)
+ *
+ * \return See \c mbedtls_crt_verify_with_profile(), or
+ * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * operations was reached: see \c mbedtls_ecp_set_max_ops().
+ */
+int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
+ mbedtls_x509_crt *trust_ca,
+ mbedtls_x509_crl *ca_crl,
+ const mbedtls_x509_crt_profile *profile,
+ const char *cn, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy,
+ mbedtls_x509_crt_restart_ctx *rs_ctx );
+
#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
/**
* \brief Check usage of certificate against keyUsage extension.
@@ -424,6 +512,18 @@
* \param crt Certificate chain to free
*/
void mbedtls_x509_crt_free( mbedtls_x509_crt *crt );
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief Initialize a restart context
+ */
+void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx );
+
+/**
+ * \brief Free the components of a restart context
+ */
+void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/* \} name */
diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h
index 8df708a..c70c3fe 100644
--- a/include/mbedtls/xtea.h
+++ b/include/mbedtls/xtea.h
@@ -50,7 +50,7 @@
/**
* \brief XTEA context structure
*/
-typedef struct
+typedef struct mbedtls_xtea_context
{
uint32_t k[4]; /*!< key */
}
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 5243baf..275eda3 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -14,6 +14,8 @@
blowfish.c
camellia.c
ccm.c
+ chacha20.c
+ chachapoly.c
cipher.c
cipher_wrap.c
cmac.c
@@ -38,6 +40,7 @@
md5.c
md_wrap.c
memory_buffer_alloc.c
+ nist_kw.c
oid.c
padlock.c
pem.c
@@ -49,6 +52,7 @@
pkwrite.c
platform.c
platform_util.c
+ poly1305.c
ripemd160.c
rsa.c
rsa_internal.c
@@ -98,6 +102,17 @@
set(libs ${libs} ws2_32)
endif(WIN32)
+if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
+ SET(CMAKE_C_ARCHIVE_CREATE "<CMAKE_AR> Scr <TARGET> <LINK_FLAGS> <OBJECTS>")
+ SET(CMAKE_CXX_ARCHIVE_CREATE "<CMAKE_AR> Scr <TARGET> <LINK_FLAGS> <OBJECTS>")
+ SET(CMAKE_C_ARCHIVE_FINISH "<CMAKE_RANLIB> -no_warning_for_no_symbols -c <TARGET>")
+ SET(CMAKE_CXX_ARCHIVE_FINISH "<CMAKE_RANLIB> -no_warning_for_no_symbols -c <TARGET>")
+endif()
+
+if(HAIKU)
+ set(libs ${libs} network)
+endif(HAIKU)
+
if(USE_PKCS11_HELPER_LIBRARY)
set(libs ${libs} pkcs11-helper)
endif(USE_PKCS11_HELPER_LIBRARY)
@@ -144,15 +159,15 @@
if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(mbedcrypto SHARED ${src_crypto})
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.11.0 SOVERSION 3)
+ set_target_properties(mbedcrypto PROPERTIES VERSION 2.13.1 SOVERSION 3)
target_link_libraries(mbedcrypto ${libs})
add_library(mbedx509 SHARED ${src_x509})
- set_target_properties(mbedx509 PROPERTIES VERSION 2.11.0 SOVERSION 0)
+ set_target_properties(mbedx509 PROPERTIES VERSION 2.13.1 SOVERSION 0)
target_link_libraries(mbedx509 ${libs} mbedcrypto)
add_library(mbedtls SHARED ${src_tls})
- set_target_properties(mbedtls PROPERTIES VERSION 2.11.0 SOVERSION 11)
+ set_target_properties(mbedtls PROPERTIES VERSION 2.13.1 SOVERSION 12)
target_link_libraries(mbedtls ${libs} mbedx509)
install(TARGETS mbedtls mbedx509 mbedcrypto
diff --git a/library/Makefile b/library/Makefile
index f7eb896..430c598 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -21,6 +21,10 @@
# if were running on Windows build for Windows
ifdef WINDOWS
WINDOWS_BUILD=1
+else ifeq ($(shell uname -s),Darwin)
+ifeq ($(AR),ar)
+APPLE_BUILD ?= 1
+endif
endif
# To compile as a shared library:
@@ -31,27 +35,39 @@
endif
endif
-SOEXT_TLS=so.11
+SOEXT_TLS=so.12
SOEXT_X509=so.0
SOEXT_CRYPTO=so.3
-# Set DLEXT=dylib to compile as a shared library for Mac OS X
-DLEXT ?= so
-
# Set AR_DASH= (empty string) to use an ar implentation that does not accept
# the - prefix for command line options (e.g. llvm-ar)
AR_DASH ?= -
-# Windows shared library extension:
+ARFLAGS = $(AR_DASH)src
+ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
+ARFLAGS = $(AR_DASH)Src
+RLFLAGS = -no_warning_for_no_symbols -c
+RL ?= ranlib
+endif
+endif
+
+DLEXT ?= so
ifdef WINDOWS_BUILD
-DLEXT=dll
+# Windows shared library extension:
+DLEXT = dll
+else ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
+# Mac OS X shared library extension:
+DLEXT = dylib
+endif
endif
OBJS_CRYPTO= aes.o aesni.o arc4.o \
- asn1parse.o asn1write.o base64.o \
- bignum.o blowfish.o camellia.o \
- aria.o \
- ccm.o cipher.o cipher_wrap.o \
+ aria.o asn1parse.o asn1write.o \
+ base64.o bignum.o blowfish.o \
+ camellia.o ccm.o chacha20.o \
+ chachapoly.o cipher.o cipher_wrap.o \
cmac.o ctr_drbg.o des.o \
dhm.o ecdh.o ecdsa.o \
ecjpake.o ecp.o \
@@ -60,15 +76,15 @@
hkdf.o \
hmac_drbg.o md.o md2.o \
md4.o md5.o md_wrap.o \
- memory_buffer_alloc.o oid.o \
- padlock.o pem.o pk.o \
- pk_wrap.o pkcs12.o pkcs5.o \
- pkparse.o pkwrite.o platform.o \
- platform_util.o ripemd160.o rsa_internal.o \
- rsa.o sha1.o sha256.o \
- sha512.o threading.o timing.o \
- version.o version_features.o \
- xtea.o
+ memory_buffer_alloc.o nist_kw.o \
+ oid.o padlock.o pem.o \
+ pk.o pk_wrap.o pkcs12.o \
+ pkcs5.o pkparse.o pkwrite.o \
+ platform.o platform_util.o poly1305.o \
+ ripemd160.o rsa_internal.o rsa.o \
+ sha1.o sha256.o sha512.o \
+ threading.o timing.o version.o \
+ version_features.o xtea.o
OBJS_X509= certs.o pkcs11.o x509.o \
x509_create.o x509_crl.o x509_crt.o \
@@ -97,9 +113,13 @@
# tls
libmbedtls.a: $(OBJS_TLS)
echo " AR $@"
- $(AR) $(AR_DASH)rc $@ $(OBJS_TLS)
+ $(AR) $(ARFLAGS) $@ $(OBJS_TLS)
+ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
echo " RL $@"
- $(AR) $(AR_DASH)s $@
+ $(RL) $(RLFLAGS) $@
+endif
+endif
libmbedtls.$(SOEXT_TLS): $(OBJS_TLS) libmbedx509.so
echo " LD $@"
@@ -120,9 +140,13 @@
# x509
libmbedx509.a: $(OBJS_X509)
echo " AR $@"
- $(AR) $(AR_DASH)rc $@ $(OBJS_X509)
+ $(AR) $(ARFLAGS) $@ $(OBJS_X509)
+ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
echo " RL $@"
- $(AR) $(AR_DASH)s $@
+ $(RL) $(RLFLAGS) $@
+endif
+endif
libmbedx509.$(SOEXT_X509): $(OBJS_X509) libmbedcrypto.so
echo " LD $@"
@@ -143,9 +167,13 @@
# crypto
libmbedcrypto.a: $(OBJS_CRYPTO)
echo " AR $@"
- $(AR) $(AR_DASH)rc $@ $(OBJS_CRYPTO)
+ $(AR) $(ARFLAGS) $@ $(OBJS_CRYPTO)
+ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
echo " RL $@"
- $(AR) $(AR_DASH)s $@
+ $(RL) $(RLFLAGS) $@
+endif
+endif
libmbedcrypto.$(SOEXT_CRYPTO): $(OBJS_CRYPTO)
echo " LD $@"
diff --git a/library/aria.c b/library/aria.c
index e9bcd6d..ca9e147 100644
--- a/library/aria.c
+++ b/library/aria.c
@@ -875,11 +875,11 @@
#define ARIA_SELF_TEST_IF_FAIL \
{ \
if( verbose ) \
- printf( "failed\n" ); \
+ mbedtls_printf( "failed\n" ); \
return( 1 ); \
} else { \
if( verbose ) \
- printf( "passed\n" ); \
+ mbedtls_printf( "passed\n" ); \
}
/*
@@ -908,7 +908,7 @@
{
/* test ECB encryption */
if( verbose )
- printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i );
+ mbedtls_printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i );
mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i );
mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk );
if( memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) != 0 )
@@ -916,14 +916,14 @@
/* test ECB decryption */
if( verbose )
- printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i );
+ mbedtls_printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i );
mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i );
mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk );
if( memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) != 0 )
ARIA_SELF_TEST_IF_FAIL;
}
if( verbose )
- printf( "\n" );
+ mbedtls_printf( "\n" );
/*
* Test set 2
@@ -933,7 +933,7 @@
{
/* Test CBC encryption */
if( verbose )
- printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i );
+ mbedtls_printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i );
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
memset( buf, 0x55, sizeof( buf ) );
@@ -944,7 +944,7 @@
/* Test CBC decryption */
if( verbose )
- printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i );
+ mbedtls_printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i );
mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i );
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
memset( buf, 0xAA, sizeof( buf ) );
@@ -954,7 +954,7 @@
ARIA_SELF_TEST_IF_FAIL;
}
if( verbose )
- printf( "\n" );
+ mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CBC */
@@ -963,7 +963,7 @@
{
/* Test CFB encryption */
if( verbose )
- printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i );
+ mbedtls_printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i );
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
memset( buf, 0x55, sizeof( buf ) );
@@ -975,7 +975,7 @@
/* Test CFB decryption */
if( verbose )
- printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i );
+ mbedtls_printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i );
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
memset( buf, 0xAA, sizeof( buf ) );
@@ -986,7 +986,7 @@
ARIA_SELF_TEST_IF_FAIL;
}
if( verbose )
- printf( "\n" );
+ mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -994,7 +994,7 @@
{
/* Test CTR encryption */
if( verbose )
- printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i );
+ mbedtls_printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i );
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0
memset( buf, 0x55, sizeof( buf ) );
@@ -1006,7 +1006,7 @@
/* Test CTR decryption */
if( verbose )
- printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i );
+ mbedtls_printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i );
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0
memset( buf, 0xAA, sizeof( buf ) );
@@ -1017,7 +1017,7 @@
ARIA_SELF_TEST_IF_FAIL;
}
if( verbose )
- printf( "\n" );
+ mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
return( 0 );
diff --git a/library/ccm.c b/library/ccm.c
index 804eaf8..90cab8e 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -381,7 +381,8 @@
*/
#define NB_TESTS 3
-
+#define CCM_SELFTEST_PT_MAX_LEN 24
+#define CCM_SELFTEST_CT_MAX_LEN 32
/*
* The data is the same for all tests, only the used length changes
*/
@@ -401,7 +402,7 @@
0x10, 0x11, 0x12, 0x13
};
-static const unsigned char msg[] = {
+static const unsigned char msg[CCM_SELFTEST_PT_MAX_LEN] = {
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
@@ -412,7 +413,7 @@
static const size_t msg_len[NB_TESTS] = { 4, 16, 24 };
static const size_t tag_len[NB_TESTS] = { 4, 6, 8 };
-static const unsigned char res[NB_TESTS][32] = {
+static const unsigned char res[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
{ 0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
{ 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
@@ -426,7 +427,13 @@
int mbedtls_ccm_self_test( int verbose )
{
mbedtls_ccm_context ctx;
- unsigned char out[32];
+ /*
+ * Some hardware accelerators require the input and output buffers
+ * would be in RAM, because the flash is not accessible.
+ * Use buffers on the stack to hold the test vectors data.
+ */
+ unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN];
+ unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN];
size_t i;
int ret;
@@ -445,27 +452,32 @@
if( verbose != 0 )
mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
+ memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
+ memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
+ memcpy( plaintext, msg, msg_len[i] );
+
ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i],
- iv, iv_len[i], ad, add_len[i],
- msg, out,
- out + msg_len[i], tag_len[i] );
+ iv, iv_len[i], ad, add_len[i],
+ plaintext, ciphertext,
+ ciphertext + msg_len[i], tag_len[i] );
if( ret != 0 ||
- memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 )
+ memcmp( ciphertext, res[i], msg_len[i] + tag_len[i] ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
}
+ memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
- iv, iv_len[i], ad, add_len[i],
- res[i], out,
- res[i] + msg_len[i], tag_len[i] );
+ iv, iv_len[i], ad, add_len[i],
+ ciphertext, plaintext,
+ ciphertext + msg_len[i], tag_len[i] );
if( ret != 0 ||
- memcmp( out, msg, msg_len[i] ) != 0 )
+ memcmp( plaintext, msg, msg_len[i] ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
diff --git a/library/chacha20.c b/library/chacha20.c
new file mode 100644
index 0000000..d14a51e
--- /dev/null
+++ b/library/chacha20.c
@@ -0,0 +1,570 @@
+/**
+ * \file chacha20.c
+ *
+ * \brief ChaCha20 cipher.
+ *
+ * \author Daniel King <damaki.gh@gmail.com>
+ *
+ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CHACHA20_C)
+
+#include "mbedtls/chacha20.h"
+#include "mbedtls/platform_util.h"
+
+#include <stddef.h>
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_CHACHA20_ALT)
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+ !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#define BYTES_TO_U32_LE( data, offset ) \
+ ( (uint32_t) data[offset] \
+ | (uint32_t) ( (uint32_t) data[( offset ) + 1] << 8 ) \
+ | (uint32_t) ( (uint32_t) data[( offset ) + 2] << 16 ) \
+ | (uint32_t) ( (uint32_t) data[( offset ) + 3] << 24 ) \
+ )
+
+#define ROTL32( value, amount ) \
+ ( (uint32_t) ( value << amount ) | ( value >> ( 32 - amount ) ) )
+
+#define CHACHA20_CTR_INDEX ( 12U )
+
+#define CHACHA20_BLOCK_SIZE_BYTES ( 4U * 16U )
+
+/**
+ * \brief ChaCha20 quarter round operation.
+ *
+ * The quarter round is defined as follows (from RFC 7539):
+ * 1. a += b; d ^= a; d <<<= 16;
+ * 2. c += d; b ^= c; b <<<= 12;
+ * 3. a += b; d ^= a; d <<<= 8;
+ * 4. c += d; b ^= c; b <<<= 7;
+ *
+ * \param state ChaCha20 state to modify.
+ * \param a The index of 'a' in the state.
+ * \param b The index of 'b' in the state.
+ * \param c The index of 'c' in the state.
+ * \param d The index of 'd' in the state.
+ */
+static inline void chacha20_quarter_round( uint32_t state[16],
+ size_t a,
+ size_t b,
+ size_t c,
+ size_t d )
+{
+ /* a += b; d ^= a; d <<<= 16; */
+ state[a] += state[b];
+ state[d] ^= state[a];
+ state[d] = ROTL32( state[d], 16 );
+
+ /* c += d; b ^= c; b <<<= 12 */
+ state[c] += state[d];
+ state[b] ^= state[c];
+ state[b] = ROTL32( state[b], 12 );
+
+ /* a += b; d ^= a; d <<<= 8; */
+ state[a] += state[b];
+ state[d] ^= state[a];
+ state[d] = ROTL32( state[d], 8 );
+
+ /* c += d; b ^= c; b <<<= 7; */
+ state[c] += state[d];
+ state[b] ^= state[c];
+ state[b] = ROTL32( state[b], 7 );
+}
+
+/**
+ * \brief Perform the ChaCha20 inner block operation.
+ *
+ * This function performs two rounds: the column round and the
+ * diagonal round.
+ *
+ * \param state The ChaCha20 state to update.
+ */
+static void chacha20_inner_block( uint32_t state[16] )
+{
+ chacha20_quarter_round( state, 0, 4, 8, 12 );
+ chacha20_quarter_round( state, 1, 5, 9, 13 );
+ chacha20_quarter_round( state, 2, 6, 10, 14 );
+ chacha20_quarter_round( state, 3, 7, 11, 15 );
+
+ chacha20_quarter_round( state, 0, 5, 10, 15 );
+ chacha20_quarter_round( state, 1, 6, 11, 12 );
+ chacha20_quarter_round( state, 2, 7, 8, 13 );
+ chacha20_quarter_round( state, 3, 4, 9, 14 );
+}
+
+/**
+ * \brief Generates a keystream block.
+ *
+ * \param initial_state The initial ChaCha20 state (key, nonce, counter).
+ * \param keystream Generated keystream bytes are written to this buffer.
+ */
+static void chacha20_block( const uint32_t initial_state[16],
+ unsigned char keystream[64] )
+{
+ uint32_t working_state[16];
+ size_t i;
+
+ memcpy( working_state,
+ initial_state,
+ CHACHA20_BLOCK_SIZE_BYTES );
+
+ for( i = 0U; i < 10U; i++ )
+ chacha20_inner_block( working_state );
+
+ working_state[ 0] += initial_state[ 0];
+ working_state[ 1] += initial_state[ 1];
+ working_state[ 2] += initial_state[ 2];
+ working_state[ 3] += initial_state[ 3];
+ working_state[ 4] += initial_state[ 4];
+ working_state[ 5] += initial_state[ 5];
+ working_state[ 6] += initial_state[ 6];
+ working_state[ 7] += initial_state[ 7];
+ working_state[ 8] += initial_state[ 8];
+ working_state[ 9] += initial_state[ 9];
+ working_state[10] += initial_state[10];
+ working_state[11] += initial_state[11];
+ working_state[12] += initial_state[12];
+ working_state[13] += initial_state[13];
+ working_state[14] += initial_state[14];
+ working_state[15] += initial_state[15];
+
+ for( i = 0U; i < 16; i++ )
+ {
+ size_t offset = i * 4U;
+
+ keystream[offset ] = (unsigned char)( working_state[i] );
+ keystream[offset + 1U] = (unsigned char)( working_state[i] >> 8 );
+ keystream[offset + 2U] = (unsigned char)( working_state[i] >> 16 );
+ keystream[offset + 3U] = (unsigned char)( working_state[i] >> 24 );
+ }
+
+ mbedtls_platform_zeroize( working_state, sizeof( working_state ) );
+}
+
+void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx )
+{
+ if( ctx != NULL )
+ {
+ mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) );
+ mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) );
+
+ /* Initially, there's no keystream bytes available */
+ ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
+ }
+}
+
+void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx )
+{
+ if( ctx != NULL )
+ {
+ mbedtls_platform_zeroize( ctx, sizeof( mbedtls_chacha20_context ) );
+ }
+}
+
+int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
+ const unsigned char key[32] )
+{
+ if( ( ctx == NULL ) || ( key == NULL ) )
+ {
+ return( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ }
+
+ /* ChaCha20 constants - the string "expand 32-byte k" */
+ ctx->state[0] = 0x61707865;
+ ctx->state[1] = 0x3320646e;
+ ctx->state[2] = 0x79622d32;
+ ctx->state[3] = 0x6b206574;
+
+ /* Set key */
+ ctx->state[4] = BYTES_TO_U32_LE( key, 0 );
+ ctx->state[5] = BYTES_TO_U32_LE( key, 4 );
+ ctx->state[6] = BYTES_TO_U32_LE( key, 8 );
+ ctx->state[7] = BYTES_TO_U32_LE( key, 12 );
+ ctx->state[8] = BYTES_TO_U32_LE( key, 16 );
+ ctx->state[9] = BYTES_TO_U32_LE( key, 20 );
+ ctx->state[10] = BYTES_TO_U32_LE( key, 24 );
+ ctx->state[11] = BYTES_TO_U32_LE( key, 28 );
+
+ return( 0 );
+}
+
+int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
+ const unsigned char nonce[12],
+ uint32_t counter )
+{
+ if( ( ctx == NULL ) || ( nonce == NULL ) )
+ {
+ return( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ }
+
+ /* Counter */
+ ctx->state[12] = counter;
+
+ /* Nonce */
+ ctx->state[13] = BYTES_TO_U32_LE( nonce, 0 );
+ ctx->state[14] = BYTES_TO_U32_LE( nonce, 4 );
+ ctx->state[15] = BYTES_TO_U32_LE( nonce, 8 );
+
+ mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) );
+
+ /* Initially, there's no keystream bytes available */
+ ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
+
+ return( 0 );
+}
+
+int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
+ size_t size,
+ const unsigned char *input,
+ unsigned char *output )
+{
+ size_t offset = 0U;
+ size_t i;
+
+ if( ctx == NULL )
+ {
+ return( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ }
+ else if( ( size > 0U ) && ( ( input == NULL ) || ( output == NULL ) ) )
+ {
+ /* input and output pointers are allowed to be NULL only if size == 0 */
+ return( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ }
+
+ /* Use leftover keystream bytes, if available */
+ while( size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES )
+ {
+ output[offset] = input[offset]
+ ^ ctx->keystream8[ctx->keystream_bytes_used];
+
+ ctx->keystream_bytes_used++;
+ offset++;
+ size--;
+ }
+
+ /* Process full blocks */
+ while( size >= CHACHA20_BLOCK_SIZE_BYTES )
+ {
+ /* Generate new keystream block and increment counter */
+ chacha20_block( ctx->state, ctx->keystream8 );
+ ctx->state[CHACHA20_CTR_INDEX]++;
+
+ for( i = 0U; i < 64U; i += 8U )
+ {
+ output[offset + i ] = input[offset + i ] ^ ctx->keystream8[i ];
+ output[offset + i+1] = input[offset + i+1] ^ ctx->keystream8[i+1];
+ output[offset + i+2] = input[offset + i+2] ^ ctx->keystream8[i+2];
+ output[offset + i+3] = input[offset + i+3] ^ ctx->keystream8[i+3];
+ output[offset + i+4] = input[offset + i+4] ^ ctx->keystream8[i+4];
+ output[offset + i+5] = input[offset + i+5] ^ ctx->keystream8[i+5];
+ output[offset + i+6] = input[offset + i+6] ^ ctx->keystream8[i+6];
+ output[offset + i+7] = input[offset + i+7] ^ ctx->keystream8[i+7];
+ }
+
+ offset += CHACHA20_BLOCK_SIZE_BYTES;
+ size -= CHACHA20_BLOCK_SIZE_BYTES;
+ }
+
+ /* Last (partial) block */
+ if( size > 0U )
+ {
+ /* Generate new keystream block and increment counter */
+ chacha20_block( ctx->state, ctx->keystream8 );
+ ctx->state[CHACHA20_CTR_INDEX]++;
+
+ for( i = 0U; i < size; i++)
+ {
+ output[offset + i] = input[offset + i] ^ ctx->keystream8[i];
+ }
+
+ ctx->keystream_bytes_used = size;
+
+ }
+
+ return( 0 );
+}
+
+int mbedtls_chacha20_crypt( const unsigned char key[32],
+ const unsigned char nonce[12],
+ uint32_t counter,
+ size_t data_len,
+ const unsigned char* input,
+ unsigned char* output )
+{
+ mbedtls_chacha20_context ctx;
+ int ret;
+
+ mbedtls_chacha20_init( &ctx );
+
+ ret = mbedtls_chacha20_setkey( &ctx, key );
+ if( ret != 0 )
+ goto cleanup;
+
+ ret = mbedtls_chacha20_starts( &ctx, nonce, counter );
+ if( ret != 0 )
+ goto cleanup;
+
+ ret = mbedtls_chacha20_update( &ctx, data_len, input, output );
+
+cleanup:
+ mbedtls_chacha20_free( &ctx );
+ return( ret );
+}
+
+#endif /* !MBEDTLS_CHACHA20_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char test_keys[2][32] =
+{
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ },
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
+ }
+};
+
+static const unsigned char test_nonces[2][12] =
+{
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00
+ },
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x02
+ }
+};
+
+static const uint32_t test_counters[2] =
+{
+ 0U,
+ 1U
+};
+
+static const unsigned char test_input[2][375] =
+{
+ {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ },
+ {
+ 0x41, 0x6e, 0x79, 0x20, 0x73, 0x75, 0x62, 0x6d,
+ 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x20, 0x74,
+ 0x6f, 0x20, 0x74, 0x68, 0x65, 0x20, 0x49, 0x45,
+ 0x54, 0x46, 0x20, 0x69, 0x6e, 0x74, 0x65, 0x6e,
+ 0x64, 0x65, 0x64, 0x20, 0x62, 0x79, 0x20, 0x74,
+ 0x68, 0x65, 0x20, 0x43, 0x6f, 0x6e, 0x74, 0x72,
+ 0x69, 0x62, 0x75, 0x74, 0x6f, 0x72, 0x20, 0x66,
+ 0x6f, 0x72, 0x20, 0x70, 0x75, 0x62, 0x6c, 0x69,
+ 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x61,
+ 0x73, 0x20, 0x61, 0x6c, 0x6c, 0x20, 0x6f, 0x72,
+ 0x20, 0x70, 0x61, 0x72, 0x74, 0x20, 0x6f, 0x66,
+ 0x20, 0x61, 0x6e, 0x20, 0x49, 0x45, 0x54, 0x46,
+ 0x20, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65,
+ 0x74, 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x20,
+ 0x6f, 0x72, 0x20, 0x52, 0x46, 0x43, 0x20, 0x61,
+ 0x6e, 0x64, 0x20, 0x61, 0x6e, 0x79, 0x20, 0x73,
+ 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e, 0x74,
+ 0x20, 0x6d, 0x61, 0x64, 0x65, 0x20, 0x77, 0x69,
+ 0x74, 0x68, 0x69, 0x6e, 0x20, 0x74, 0x68, 0x65,
+ 0x20, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
+ 0x20, 0x6f, 0x66, 0x20, 0x61, 0x6e, 0x20, 0x49,
+ 0x45, 0x54, 0x46, 0x20, 0x61, 0x63, 0x74, 0x69,
+ 0x76, 0x69, 0x74, 0x79, 0x20, 0x69, 0x73, 0x20,
+ 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x64, 0x65, 0x72,
+ 0x65, 0x64, 0x20, 0x61, 0x6e, 0x20, 0x22, 0x49,
+ 0x45, 0x54, 0x46, 0x20, 0x43, 0x6f, 0x6e, 0x74,
+ 0x72, 0x69, 0x62, 0x75, 0x74, 0x69, 0x6f, 0x6e,
+ 0x22, 0x2e, 0x20, 0x53, 0x75, 0x63, 0x68, 0x20,
+ 0x73, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e,
+ 0x74, 0x73, 0x20, 0x69, 0x6e, 0x63, 0x6c, 0x75,
+ 0x64, 0x65, 0x20, 0x6f, 0x72, 0x61, 0x6c, 0x20,
+ 0x73, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e,
+ 0x74, 0x73, 0x20, 0x69, 0x6e, 0x20, 0x49, 0x45,
+ 0x54, 0x46, 0x20, 0x73, 0x65, 0x73, 0x73, 0x69,
+ 0x6f, 0x6e, 0x73, 0x2c, 0x20, 0x61, 0x73, 0x20,
+ 0x77, 0x65, 0x6c, 0x6c, 0x20, 0x61, 0x73, 0x20,
+ 0x77, 0x72, 0x69, 0x74, 0x74, 0x65, 0x6e, 0x20,
+ 0x61, 0x6e, 0x64, 0x20, 0x65, 0x6c, 0x65, 0x63,
+ 0x74, 0x72, 0x6f, 0x6e, 0x69, 0x63, 0x20, 0x63,
+ 0x6f, 0x6d, 0x6d, 0x75, 0x6e, 0x69, 0x63, 0x61,
+ 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x6d, 0x61,
+ 0x64, 0x65, 0x20, 0x61, 0x74, 0x20, 0x61, 0x6e,
+ 0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20, 0x6f,
+ 0x72, 0x20, 0x70, 0x6c, 0x61, 0x63, 0x65, 0x2c,
+ 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x61,
+ 0x72, 0x65, 0x20, 0x61, 0x64, 0x64, 0x72, 0x65,
+ 0x73, 0x73, 0x65, 0x64, 0x20, 0x74, 0x6f
+ }
+};
+
+static const unsigned char test_output[2][375] =
+{
+ {
+ 0x76, 0xb8, 0xe0, 0xad, 0xa0, 0xf1, 0x3d, 0x90,
+ 0x40, 0x5d, 0x6a, 0xe5, 0x53, 0x86, 0xbd, 0x28,
+ 0xbd, 0xd2, 0x19, 0xb8, 0xa0, 0x8d, 0xed, 0x1a,
+ 0xa8, 0x36, 0xef, 0xcc, 0x8b, 0x77, 0x0d, 0xc7,
+ 0xda, 0x41, 0x59, 0x7c, 0x51, 0x57, 0x48, 0x8d,
+ 0x77, 0x24, 0xe0, 0x3f, 0xb8, 0xd8, 0x4a, 0x37,
+ 0x6a, 0x43, 0xb8, 0xf4, 0x15, 0x18, 0xa1, 0x1c,
+ 0xc3, 0x87, 0xb6, 0x69, 0xb2, 0xee, 0x65, 0x86
+ },
+ {
+ 0xa3, 0xfb, 0xf0, 0x7d, 0xf3, 0xfa, 0x2f, 0xde,
+ 0x4f, 0x37, 0x6c, 0xa2, 0x3e, 0x82, 0x73, 0x70,
+ 0x41, 0x60, 0x5d, 0x9f, 0x4f, 0x4f, 0x57, 0xbd,
+ 0x8c, 0xff, 0x2c, 0x1d, 0x4b, 0x79, 0x55, 0xec,
+ 0x2a, 0x97, 0x94, 0x8b, 0xd3, 0x72, 0x29, 0x15,
+ 0xc8, 0xf3, 0xd3, 0x37, 0xf7, 0xd3, 0x70, 0x05,
+ 0x0e, 0x9e, 0x96, 0xd6, 0x47, 0xb7, 0xc3, 0x9f,
+ 0x56, 0xe0, 0x31, 0xca, 0x5e, 0xb6, 0x25, 0x0d,
+ 0x40, 0x42, 0xe0, 0x27, 0x85, 0xec, 0xec, 0xfa,
+ 0x4b, 0x4b, 0xb5, 0xe8, 0xea, 0xd0, 0x44, 0x0e,
+ 0x20, 0xb6, 0xe8, 0xdb, 0x09, 0xd8, 0x81, 0xa7,
+ 0xc6, 0x13, 0x2f, 0x42, 0x0e, 0x52, 0x79, 0x50,
+ 0x42, 0xbd, 0xfa, 0x77, 0x73, 0xd8, 0xa9, 0x05,
+ 0x14, 0x47, 0xb3, 0x29, 0x1c, 0xe1, 0x41, 0x1c,
+ 0x68, 0x04, 0x65, 0x55, 0x2a, 0xa6, 0xc4, 0x05,
+ 0xb7, 0x76, 0x4d, 0x5e, 0x87, 0xbe, 0xa8, 0x5a,
+ 0xd0, 0x0f, 0x84, 0x49, 0xed, 0x8f, 0x72, 0xd0,
+ 0xd6, 0x62, 0xab, 0x05, 0x26, 0x91, 0xca, 0x66,
+ 0x42, 0x4b, 0xc8, 0x6d, 0x2d, 0xf8, 0x0e, 0xa4,
+ 0x1f, 0x43, 0xab, 0xf9, 0x37, 0xd3, 0x25, 0x9d,
+ 0xc4, 0xb2, 0xd0, 0xdf, 0xb4, 0x8a, 0x6c, 0x91,
+ 0x39, 0xdd, 0xd7, 0xf7, 0x69, 0x66, 0xe9, 0x28,
+ 0xe6, 0x35, 0x55, 0x3b, 0xa7, 0x6c, 0x5c, 0x87,
+ 0x9d, 0x7b, 0x35, 0xd4, 0x9e, 0xb2, 0xe6, 0x2b,
+ 0x08, 0x71, 0xcd, 0xac, 0x63, 0x89, 0x39, 0xe2,
+ 0x5e, 0x8a, 0x1e, 0x0e, 0xf9, 0xd5, 0x28, 0x0f,
+ 0xa8, 0xca, 0x32, 0x8b, 0x35, 0x1c, 0x3c, 0x76,
+ 0x59, 0x89, 0xcb, 0xcf, 0x3d, 0xaa, 0x8b, 0x6c,
+ 0xcc, 0x3a, 0xaf, 0x9f, 0x39, 0x79, 0xc9, 0x2b,
+ 0x37, 0x20, 0xfc, 0x88, 0xdc, 0x95, 0xed, 0x84,
+ 0xa1, 0xbe, 0x05, 0x9c, 0x64, 0x99, 0xb9, 0xfd,
+ 0xa2, 0x36, 0xe7, 0xe8, 0x18, 0xb0, 0x4b, 0x0b,
+ 0xc3, 0x9c, 0x1e, 0x87, 0x6b, 0x19, 0x3b, 0xfe,
+ 0x55, 0x69, 0x75, 0x3f, 0x88, 0x12, 0x8c, 0xc0,
+ 0x8a, 0xaa, 0x9b, 0x63, 0xd1, 0xa1, 0x6f, 0x80,
+ 0xef, 0x25, 0x54, 0xd7, 0x18, 0x9c, 0x41, 0x1f,
+ 0x58, 0x69, 0xca, 0x52, 0xc5, 0xb8, 0x3f, 0xa3,
+ 0x6f, 0xf2, 0x16, 0xb9, 0xc1, 0xd3, 0x00, 0x62,
+ 0xbe, 0xbc, 0xfd, 0x2d, 0xc5, 0xbc, 0xe0, 0x91,
+ 0x19, 0x34, 0xfd, 0xa7, 0x9a, 0x86, 0xf6, 0xe6,
+ 0x98, 0xce, 0xd7, 0x59, 0xc3, 0xff, 0x9b, 0x64,
+ 0x77, 0x33, 0x8f, 0x3d, 0xa4, 0xf9, 0xcd, 0x85,
+ 0x14, 0xea, 0x99, 0x82, 0xcc, 0xaf, 0xb3, 0x41,
+ 0xb2, 0x38, 0x4d, 0xd9, 0x02, 0xf3, 0xd1, 0xab,
+ 0x7a, 0xc6, 0x1d, 0xd2, 0x9c, 0x6f, 0x21, 0xba,
+ 0x5b, 0x86, 0x2f, 0x37, 0x30, 0xe3, 0x7c, 0xfd,
+ 0xc4, 0xfd, 0x80, 0x6c, 0x22, 0xf2, 0x21
+ }
+};
+
+static const size_t test_lengths[2] =
+{
+ 64U,
+ 375U
+};
+
+#define ASSERT( cond, args ) \
+ do \
+ { \
+ if( ! ( cond ) ) \
+ { \
+ if( verbose != 0 ) \
+ mbedtls_printf args; \
+ \
+ return( -1 ); \
+ } \
+ } \
+ while( 0 )
+
+int mbedtls_chacha20_self_test( int verbose )
+{
+ unsigned char output[381];
+ unsigned i;
+ int ret;
+
+ for( i = 0U; i < 2U; i++ )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " ChaCha20 test %u ", i );
+
+ ret = mbedtls_chacha20_crypt( test_keys[i],
+ test_nonces[i],
+ test_counters[i],
+ test_lengths[i],
+ test_input[i],
+ output );
+
+ ASSERT( 0 == ret, ( "error code: %i\n", ret ) );
+
+ ASSERT( 0 == memcmp( output, test_output[i], test_lengths[i] ),
+ ( "failed (output)\n" ) );
+
+ if( verbose != 0 )
+ mbedtls_printf( "passed\n" );
+ }
+
+ if( verbose != 0 )
+ mbedtls_printf( "\n" );
+
+ return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* !MBEDTLS_CHACHA20_C */
diff --git a/library/chachapoly.c b/library/chachapoly.c
new file mode 100644
index 0000000..860f877
--- /dev/null
+++ b/library/chachapoly.c
@@ -0,0 +1,547 @@
+/**
+ * \file chachapoly.c
+ *
+ * \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539.
+ *
+ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_CHACHAPOLY_ALT)
+
+#define CHACHAPOLY_STATE_INIT ( 0 )
+#define CHACHAPOLY_STATE_AAD ( 1 )
+#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */
+#define CHACHAPOLY_STATE_FINISHED ( 3 )
+
+/**
+ * \brief Adds nul bytes to pad the AAD for Poly1305.
+ *
+ * \param ctx The ChaCha20-Poly1305 context.
+ */
+static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
+{
+ uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U );
+ unsigned char zeroes[15];
+
+ if( partial_block_len == 0U )
+ return( 0 );
+
+ memset( zeroes, 0, sizeof( zeroes ) );
+
+ return( mbedtls_poly1305_update( &ctx->poly1305_ctx,
+ zeroes,
+ 16U - partial_block_len ) );
+}
+
+/**
+ * \brief Adds nul bytes to pad the ciphertext for Poly1305.
+ *
+ * \param ctx The ChaCha20-Poly1305 context.
+ */
+static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx )
+{
+ uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U );
+ unsigned char zeroes[15];
+
+ if( partial_block_len == 0U )
+ return( 0 );
+
+ memset( zeroes, 0, sizeof( zeroes ) );
+ return( mbedtls_poly1305_update( &ctx->poly1305_ctx,
+ zeroes,
+ 16U - partial_block_len ) );
+}
+
+void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx )
+{
+ if( ctx != NULL )
+ {
+ mbedtls_chacha20_init( &ctx->chacha20_ctx );
+ mbedtls_poly1305_init( &ctx->poly1305_ctx );
+ ctx->aad_len = 0U;
+ ctx->ciphertext_len = 0U;
+ ctx->state = CHACHAPOLY_STATE_INIT;
+ ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT;
+ }
+}
+
+void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx )
+{
+ if( ctx != NULL )
+ {
+ mbedtls_chacha20_free( &ctx->chacha20_ctx );
+ mbedtls_poly1305_free( &ctx->poly1305_ctx );
+ ctx->aad_len = 0U;
+ ctx->ciphertext_len = 0U;
+ ctx->state = CHACHAPOLY_STATE_INIT;
+ ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT;
+ }
+}
+
+int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
+ const unsigned char key[32] )
+{
+ int ret;
+
+ if( ( ctx == NULL ) || ( key == NULL ) )
+ {
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+
+ ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key );
+
+ return( ret );
+}
+
+int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
+ const unsigned char nonce[12],
+ mbedtls_chachapoly_mode_t mode )
+{
+ int ret;
+ unsigned char poly1305_key[64];
+
+ if( ( ctx == NULL ) || ( nonce == NULL ) )
+ {
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+
+ /* Set counter = 0, will be update to 1 when generating Poly1305 key */
+ ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U );
+ if( ret != 0 )
+ goto cleanup;
+
+ /* Generate the Poly1305 key by getting the ChaCha20 keystream output with
+ * counter = 0. This is the same as encrypting a buffer of zeroes.
+ * Only the first 256-bits (32 bytes) of the key is used for Poly1305.
+ * The other 256 bits are discarded.
+ */
+ memset( poly1305_key, 0, sizeof( poly1305_key ) );
+ ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ),
+ poly1305_key, poly1305_key );
+ if( ret != 0 )
+ goto cleanup;
+
+ ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key );
+
+ if( ret == 0 )
+ {
+ ctx->aad_len = 0U;
+ ctx->ciphertext_len = 0U;
+ ctx->state = CHACHAPOLY_STATE_AAD;
+ ctx->mode = mode;
+ }
+
+cleanup:
+ mbedtls_platform_zeroize( poly1305_key, 64U );
+ return( ret );
+}
+
+int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
+ const unsigned char *aad,
+ size_t aad_len )
+{
+ if( ctx == NULL )
+ {
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+ else if( ( aad_len > 0U ) && ( aad == NULL ) )
+ {
+ /* aad pointer is allowed to be NULL if aad_len == 0 */
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+ else if( ctx->state != CHACHAPOLY_STATE_AAD )
+ {
+ return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+ }
+
+ ctx->aad_len += aad_len;
+
+ return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad, aad_len ) );
+}
+
+int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
+ size_t len,
+ const unsigned char *input,
+ unsigned char *output )
+{
+ int ret;
+
+ if( ctx == NULL )
+ {
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+ else if( ( len > 0U ) && ( ( input == NULL ) || ( output == NULL ) ) )
+ {
+ /* input and output pointers are allowed to be NULL if len == 0 */
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+ else if( ( ctx->state != CHACHAPOLY_STATE_AAD ) &&
+ ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) )
+ {
+ return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+ }
+
+ if( ctx->state == CHACHAPOLY_STATE_AAD )
+ {
+ ctx->state = CHACHAPOLY_STATE_CIPHERTEXT;
+
+ ret = chachapoly_pad_aad( ctx );
+ if( ret != 0 )
+ return( ret );
+ }
+
+ ctx->ciphertext_len += len;
+
+ if( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT )
+ {
+ ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output );
+ if( ret != 0 )
+ return( ret );
+
+ ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, output, len );
+ if( ret != 0 )
+ return( ret );
+ }
+ else /* DECRYPT */
+ {
+ ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, input, len );
+ if( ret != 0 )
+ return( ret );
+
+ ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output );
+ if( ret != 0 )
+ return( ret );
+ }
+
+ return( 0 );
+}
+
+int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
+ unsigned char mac[16] )
+{
+ int ret;
+ unsigned char len_block[16];
+
+ if( ( ctx == NULL ) || ( mac == NULL ) )
+ {
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+ else if( ctx->state == CHACHAPOLY_STATE_INIT )
+ {
+ return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+ }
+
+ if( ctx->state == CHACHAPOLY_STATE_AAD )
+ {
+ ret = chachapoly_pad_aad( ctx );
+ if( ret != 0 )
+ return( ret );
+ }
+ else if( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT )
+ {
+ ret = chachapoly_pad_ciphertext( ctx );
+ if( ret != 0 )
+ return( ret );
+ }
+
+ ctx->state = CHACHAPOLY_STATE_FINISHED;
+
+ /* The lengths of the AAD and ciphertext are processed by
+ * Poly1305 as the final 128-bit block, encoded as little-endian integers.
+ */
+ len_block[ 0] = (unsigned char)( ctx->aad_len );
+ len_block[ 1] = (unsigned char)( ctx->aad_len >> 8 );
+ len_block[ 2] = (unsigned char)( ctx->aad_len >> 16 );
+ len_block[ 3] = (unsigned char)( ctx->aad_len >> 24 );
+ len_block[ 4] = (unsigned char)( ctx->aad_len >> 32 );
+ len_block[ 5] = (unsigned char)( ctx->aad_len >> 40 );
+ len_block[ 6] = (unsigned char)( ctx->aad_len >> 48 );
+ len_block[ 7] = (unsigned char)( ctx->aad_len >> 56 );
+ len_block[ 8] = (unsigned char)( ctx->ciphertext_len );
+ len_block[ 9] = (unsigned char)( ctx->ciphertext_len >> 8 );
+ len_block[10] = (unsigned char)( ctx->ciphertext_len >> 16 );
+ len_block[11] = (unsigned char)( ctx->ciphertext_len >> 24 );
+ len_block[12] = (unsigned char)( ctx->ciphertext_len >> 32 );
+ len_block[13] = (unsigned char)( ctx->ciphertext_len >> 40 );
+ len_block[14] = (unsigned char)( ctx->ciphertext_len >> 48 );
+ len_block[15] = (unsigned char)( ctx->ciphertext_len >> 56 );
+
+ ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U );
+ if( ret != 0 )
+ return( ret );
+
+ ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac );
+
+ return( ret );
+}
+
+static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx,
+ mbedtls_chachapoly_mode_t mode,
+ size_t length,
+ const unsigned char nonce[12],
+ const unsigned char *aad,
+ size_t aad_len,
+ const unsigned char *input,
+ unsigned char *output,
+ unsigned char tag[16] )
+{
+ int ret;
+
+ ret = mbedtls_chachapoly_starts( ctx, nonce, mode );
+ if( ret != 0 )
+ goto cleanup;
+
+ ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len );
+ if( ret != 0 )
+ goto cleanup;
+
+ ret = mbedtls_chachapoly_update( ctx, length, input, output );
+ if( ret != 0 )
+ goto cleanup;
+
+ ret = mbedtls_chachapoly_finish( ctx, tag );
+
+cleanup:
+ return( ret );
+}
+
+int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
+ size_t length,
+ const unsigned char nonce[12],
+ const unsigned char *aad,
+ size_t aad_len,
+ const unsigned char *input,
+ unsigned char *output,
+ unsigned char tag[16] )
+{
+ return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT,
+ length, nonce, aad, aad_len,
+ input, output, tag ) );
+}
+
+int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
+ size_t length,
+ const unsigned char nonce[12],
+ const unsigned char *aad,
+ size_t aad_len,
+ const unsigned char tag[16],
+ const unsigned char *input,
+ unsigned char *output )
+{
+ int ret;
+ unsigned char check_tag[16];
+ size_t i;
+ int diff;
+
+ if( tag == NULL )
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ if( ( ret = chachapoly_crypt_and_tag( ctx,
+ MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce,
+ aad, aad_len, input, output, check_tag ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ /* Check tag in "constant-time" */
+ for( diff = 0, i = 0; i < sizeof( check_tag ); i++ )
+ diff |= tag[i] ^ check_tag[i];
+
+ if( diff != 0 )
+ {
+ mbedtls_platform_zeroize( output, length );
+ return( MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED );
+ }
+
+ return( 0 );
+}
+
+#endif /* MBEDTLS_CHACHAPOLY_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char test_key[1][32] =
+{
+ {
+ 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
+ 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
+ 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
+ }
+};
+
+static const unsigned char test_nonce[1][12] =
+{
+ {
+ 0x07, 0x00, 0x00, 0x00, /* 32-bit common part */
+ 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47 /* 64-bit IV */
+ }
+};
+
+static const unsigned char test_aad[1][12] =
+{
+ {
+ 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3,
+ 0xc4, 0xc5, 0xc6, 0xc7
+ }
+};
+
+static const size_t test_aad_len[1] =
+{
+ 12U
+};
+
+static const unsigned char test_input[1][114] =
+{
+ {
+ 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61,
+ 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c,
+ 0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20,
+ 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73,
+ 0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39,
+ 0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63,
+ 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66,
+ 0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f,
+ 0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20,
+ 0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20,
+ 0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75,
+ 0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73,
+ 0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f,
+ 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69,
+ 0x74, 0x2e
+ }
+};
+
+static const unsigned char test_output[1][114] =
+{
+ {
+ 0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb,
+ 0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2,
+ 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe,
+ 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6,
+ 0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12,
+ 0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b,
+ 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29,
+ 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36,
+ 0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c,
+ 0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58,
+ 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94,
+ 0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc,
+ 0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d,
+ 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b,
+ 0x61, 0x16
+ }
+};
+
+static const size_t test_input_len[1] =
+{
+ 114U
+};
+
+static const unsigned char test_mac[1][16] =
+{
+ {
+ 0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a,
+ 0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91
+ }
+};
+
+#define ASSERT( cond, args ) \
+ do \
+ { \
+ if( ! ( cond ) ) \
+ { \
+ if( verbose != 0 ) \
+ mbedtls_printf args; \
+ \
+ return( -1 ); \
+ } \
+ } \
+ while( 0 )
+
+int mbedtls_chachapoly_self_test( int verbose )
+{
+ mbedtls_chachapoly_context ctx;
+ unsigned i;
+ int ret;
+ unsigned char output[200];
+ unsigned char mac[16];
+
+ for( i = 0U; i < 1U; i++ )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " ChaCha20-Poly1305 test %u ", i );
+
+ mbedtls_chachapoly_init( &ctx );
+
+ ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] );
+ ASSERT( 0 == ret, ( "setkey() error code: %i\n", ret ) );
+
+ ret = mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ test_input_len[i],
+ test_nonce[i],
+ test_aad[i],
+ test_aad_len[i],
+ test_input[i],
+ output,
+ mac );
+
+ ASSERT( 0 == ret, ( "crypt_and_tag() error code: %i\n", ret ) );
+
+ ASSERT( 0 == memcmp( output, test_output[i], test_input_len[i] ),
+ ( "failure (wrong output)\n" ) );
+
+ ASSERT( 0 == memcmp( mac, test_mac[i], 16U ),
+ ( "failure (wrong MAC)\n" ) );
+
+ mbedtls_chachapoly_free( &ctx );
+
+ if( verbose != 0 )
+ mbedtls_printf( "passed\n" );
+ }
+
+ if( verbose != 0 )
+ mbedtls_printf( "\n" );
+
+ return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CHACHAPOLY_C */
diff --git a/library/cipher.c b/library/cipher.c
index 2d85228..7ae6c4a 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -38,6 +38,10 @@
#include <stdlib.h>
#include <string.h>
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#include "mbedtls/chachapoly.h"
+#endif
+
#if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h"
#endif
@@ -46,6 +50,10 @@
#include "mbedtls/ccm.h"
#endif
+#if defined(MBEDTLS_CHACHA20_C)
+#include "mbedtls/chacha20.h"
+#endif
+
#if defined(MBEDTLS_CMAC_C)
#include "mbedtls/cmac.h"
#endif
@@ -57,9 +65,25 @@
#define mbedtls_free free
#endif
-#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
-#define MBEDTLS_CIPHER_MODE_STREAM
-#endif
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+/* Compare the contents of two buffers in constant time.
+ * Returns 0 if the contents are bitwise identical, otherwise returns
+ * a non-zero value.
+ * This is currently only used by GCM and ChaCha20+Poly1305.
+ */
+static int mbedtls_constant_time_memcmp( const void *v1, const void *v2, size_t len )
+{
+ const unsigned char *p1 = (const unsigned char*) v1;
+ const unsigned char *p2 = (const unsigned char*) v2;
+ size_t i;
+ unsigned char diff;
+
+ for( diff = 0, i = 0; i < len; i++ )
+ diff |= p1[i] ^ p2[i];
+
+ return (int)diff;
+}
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
static int supported_init = 0;
@@ -232,6 +256,18 @@
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
+#if defined(MBEDTLS_CHACHA20_C)
+ if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
+ {
+ if ( 0 != mbedtls_chacha20_starts( (mbedtls_chacha20_context*)ctx->cipher_ctx,
+ iv,
+ 0U ) ) /* Initial counter value */
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+ }
+#endif
+
memcpy( ctx->iv, iv, actual_iv_size );
ctx->iv_size = actual_iv_size;
@@ -248,22 +284,45 @@
return( 0 );
}
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
return mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation,
ctx->iv, ctx->iv_size, ad, ad_len );
}
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
+ {
+ int result;
+ mbedtls_chachapoly_mode_t mode;
+
+ mode = ( ctx->operation == MBEDTLS_ENCRYPT )
+ ? MBEDTLS_CHACHAPOLY_ENCRYPT
+ : MBEDTLS_CHACHAPOLY_DECRYPT;
+
+ result = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
+ ctx->iv,
+ mode );
+ if ( result != 0 )
+ return( result );
+
+ return mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
+ ad, ad_len );
+ }
+#endif
return( 0 );
}
-#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen )
@@ -304,6 +363,15 @@
}
#endif
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 )
+ {
+ *olen = ilen;
+ return mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
+ ilen, input, output );
+ }
+#endif
+
if ( 0 == block_size )
{
return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
@@ -685,6 +753,12 @@
return( 0 );
}
+ if ( ( MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type ) ||
+ ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) )
+ {
+ return( 0 );
+ }
+
if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode )
{
if( ctx->unprocessed_len != 0 )
@@ -796,7 +870,7 @@
}
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
unsigned char *tag, size_t tag_len )
{
@@ -806,8 +880,22 @@
if( MBEDTLS_ENCRYPT != ctx->operation )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len );
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
+ {
+ /* Don't allow truncated MAC for Poly1305 */
+ if ( tag_len != 16U )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ return mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
+ tag );
+ }
+#endif
return( 0 );
}
@@ -815,6 +903,7 @@
int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len )
{
+ unsigned char check_tag[16];
int ret;
if( NULL == ctx || NULL == ctx->cipher_info ||
@@ -823,12 +912,9 @@
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
+#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
- unsigned char check_tag[16];
- size_t i;
- int diff;
-
if( tag_len > sizeof( check_tag ) )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
@@ -839,18 +925,38 @@
}
/* Check the tag in "constant-time" */
- for( diff = 0, i = 0; i < tag_len; i++ )
- diff |= tag[i] ^ check_tag[i];
-
- if( diff != 0 )
+ if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 )
return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
return( 0 );
}
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
+ {
+ /* Don't allow truncated MAC for Poly1305 */
+ if ( tag_len != sizeof( check_tag ) )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
+ check_tag );
+ if ( ret != 0 )
+ {
+ return( ret );
+ }
+
+ /* Check the tag in "constant-time" */
+ if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 )
+ return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
+
+ return( 0 );
+ }
+#endif /* MBEDTLS_CHACHAPOLY_C */
return( 0 );
}
-#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/*
* Packet-oriented wrapper for non-AEAD modes
@@ -909,6 +1015,21 @@
tag, tag_len ) );
}
#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
+ {
+ /* ChachaPoly has fixed length nonce and MAC (tag) */
+ if ( ( iv_len != ctx->cipher_info->iv_size ) ||
+ ( tag_len != 16U ) )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ *olen = ilen;
+ return( mbedtls_chachapoly_encrypt_and_tag( ctx->cipher_ctx,
+ ilen, iv, ad, ad_len, input, output, tag ) );
+ }
+#endif /* MBEDTLS_CHACHAPOLY_C */
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
@@ -955,6 +1076,28 @@
return( ret );
}
#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
+ {
+ int ret;
+
+ /* ChachaPoly has fixed length nonce and MAC (tag) */
+ if ( ( iv_len != ctx->cipher_info->iv_size ) ||
+ ( tag_len != 16U ) )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ *olen = ilen;
+ ret = mbedtls_chachapoly_auth_decrypt( ctx->cipher_ctx, ilen,
+ iv, ad, ad_len, tag, input, output );
+
+ if( ret == MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED )
+ ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+
+ return( ret );
+ }
+#endif /* MBEDTLS_CHACHAPOLY_C */
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 16e0a9d..893490a 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -33,6 +33,10 @@
#include "mbedtls/cipher_internal.h"
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#include "mbedtls/chachapoly.h"
+#endif
+
#if defined(MBEDTLS_AES_C)
#include "mbedtls/aes.h"
#endif
@@ -57,6 +61,10 @@
#include "mbedtls/blowfish.h"
#endif
+#if defined(MBEDTLS_CHACHA20_C)
+#include "mbedtls/chacha20.h"
+#endif
+
#if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h"
#endif
@@ -1886,6 +1894,162 @@
};
#endif /* MBEDTLS_ARC4_C */
+#if defined(MBEDTLS_CHACHA20_C)
+
+static int chacha20_setkey_wrap( void *ctx, const unsigned char *key,
+ unsigned int key_bitlen )
+{
+ if( key_bitlen != 256U )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ if ( 0 != mbedtls_chacha20_setkey( (mbedtls_chacha20_context*)ctx, key ) )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ return( 0 );
+}
+
+static int chacha20_stream_wrap( void *ctx, size_t length,
+ const unsigned char *input,
+ unsigned char *output )
+{
+ int ret;
+
+ ret = mbedtls_chacha20_update( ctx, length, input, output );
+ if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ return( ret );
+}
+
+static void * chacha20_ctx_alloc( void )
+{
+ mbedtls_chacha20_context *ctx;
+ ctx = mbedtls_calloc( 1, sizeof( mbedtls_chacha20_context ) );
+
+ if( ctx == NULL )
+ return( NULL );
+
+ mbedtls_chacha20_init( ctx );
+
+ return( ctx );
+}
+
+static void chacha20_ctx_free( void *ctx )
+{
+ mbedtls_chacha20_free( (mbedtls_chacha20_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+static const mbedtls_cipher_base_t chacha20_base_info = {
+ MBEDTLS_CIPHER_ID_CHACHA20,
+ NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+ chacha20_stream_wrap,
+#endif
+ chacha20_setkey_wrap,
+ chacha20_setkey_wrap,
+ chacha20_ctx_alloc,
+ chacha20_ctx_free
+};
+static const mbedtls_cipher_info_t chacha20_info = {
+ MBEDTLS_CIPHER_CHACHA20,
+ MBEDTLS_MODE_STREAM,
+ 256,
+ "CHACHA20",
+ 12,
+ 0,
+ 1,
+ &chacha20_base_info
+};
+#endif /* MBEDTLS_CHACHA20_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+
+static int chachapoly_setkey_wrap( void *ctx,
+ const unsigned char *key,
+ unsigned int key_bitlen )
+{
+ if( key_bitlen != 256U )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ if ( 0 != mbedtls_chachapoly_setkey( (mbedtls_chachapoly_context*)ctx, key ) )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ return( 0 );
+}
+
+static void * chachapoly_ctx_alloc( void )
+{
+ mbedtls_chachapoly_context *ctx;
+ ctx = mbedtls_calloc( 1, sizeof( mbedtls_chachapoly_context ) );
+
+ if( ctx == NULL )
+ return( NULL );
+
+ mbedtls_chachapoly_init( ctx );
+
+ return( ctx );
+}
+
+static void chachapoly_ctx_free( void *ctx )
+{
+ mbedtls_chachapoly_free( (mbedtls_chachapoly_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+static const mbedtls_cipher_base_t chachapoly_base_info = {
+ MBEDTLS_CIPHER_ID_CHACHA20,
+ NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+ NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+ NULL,
+#endif
+ chachapoly_setkey_wrap,
+ chachapoly_setkey_wrap,
+ chachapoly_ctx_alloc,
+ chachapoly_ctx_free
+};
+static const mbedtls_cipher_info_t chachapoly_info = {
+ MBEDTLS_CIPHER_CHACHA20_POLY1305,
+ MBEDTLS_MODE_CHACHAPOLY,
+ 256,
+ "CHACHA20-POLY1305",
+ 12,
+ 0,
+ 1,
+ &chachapoly_base_info
+};
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
static int null_crypt_stream( void *ctx, size_t length,
const unsigned char *input,
@@ -2087,6 +2251,14 @@
#endif
#endif /* MBEDTLS_DES_C */
+#if defined(MBEDTLS_CHACHA20_C)
+ { MBEDTLS_CIPHER_CHACHA20, &chacha20_info },
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ { MBEDTLS_CIPHER_CHACHA20_POLY1305, &chachapoly_info },
+#endif
+
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
{ MBEDTLS_CIPHER_NULL, &null_cipher_info },
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
diff --git a/library/cmac.c b/library/cmac.c
index 4d7a1f1..5d101e1 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -828,6 +828,7 @@
mbedtls_cipher_free( &ctx );
}
+ ret = 0;
goto exit;
cleanup:
@@ -883,6 +884,7 @@
if( verbose != 0 )
mbedtls_printf( "passed\n" );
}
+ ret = 0;
exit:
return( ret );
diff --git a/library/ecdh.c b/library/ecdh.c
index 61380b6..80e9676 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c
@@ -40,13 +40,41 @@
#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
/*
- * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
+ * Generate public key (restartable version)
+ *
+ * Note: this internal function relies on its caller preserving the value of
+ * the output parameter 'd' across continuation calls. This would not be
+ * acceptable for a public function but is OK here as we control call sites.
+ */
+static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp,
+ mbedtls_mpi *d, mbedtls_ecp_point *Q,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx )
+{
+ int ret;
+
+ /* If multiplication is in progress, we already generated a privkey */
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx == NULL || rs_ctx->rsm == NULL )
+#endif
+ MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
+
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G,
+ f_rng, p_rng, rs_ctx ) );
+
+cleanup:
+ return( ret );
+}
+
+/*
+ * Generate public key
*/
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
- return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
+ return( ecdh_gen_public_restartable( grp, d, Q, f_rng, p_rng, NULL ) );
}
#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
@@ -54,22 +82,20 @@
/*
* Compute shared secret (SEC1 3.3.1)
*/
-int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
+static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp,
+ mbedtls_mpi *z,
const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng )
+ void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx )
{
int ret;
mbedtls_ecp_point P;
mbedtls_ecp_point_init( &P );
- /*
- * Make sure Q is a valid pubkey before using it
- */
- MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
-
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &P, d, Q,
+ f_rng, p_rng, rs_ctx ) );
if( mbedtls_ecp_is_zero( &P ) )
{
@@ -87,11 +113,36 @@
#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
/*
+ * Compute shared secret (SEC1 3.3.1)
+ */
+int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
+ const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
+{
+ return( ecdh_compute_shared_restartable( grp, z, Q, d,
+ f_rng, p_rng, NULL ) );
+}
+
+/*
* Initialize context
*/
void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
{
- memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
+ mbedtls_ecp_group_init( &ctx->grp );
+ mbedtls_mpi_init( &ctx->d );
+ mbedtls_ecp_point_init( &ctx->Q );
+ mbedtls_ecp_point_init( &ctx->Qp );
+ mbedtls_mpi_init( &ctx->z );
+ ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
+ mbedtls_ecp_point_init( &ctx->Vi );
+ mbedtls_ecp_point_init( &ctx->Vf );
+ mbedtls_mpi_init( &ctx->_d );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ ctx->restart_enabled = 0;
+ mbedtls_ecp_restart_init( &ctx->rs );
+#endif
}
/*
@@ -103,15 +154,29 @@
return;
mbedtls_ecp_group_free( &ctx->grp );
+ mbedtls_mpi_free( &ctx->d );
mbedtls_ecp_point_free( &ctx->Q );
mbedtls_ecp_point_free( &ctx->Qp );
+ mbedtls_mpi_free( &ctx->z );
mbedtls_ecp_point_free( &ctx->Vi );
mbedtls_ecp_point_free( &ctx->Vf );
- mbedtls_mpi_free( &ctx->d );
- mbedtls_mpi_free( &ctx->z );
mbedtls_mpi_free( &ctx->_d );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ mbedtls_ecp_restart_free( &ctx->rs );
+#endif
}
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Enable restartable operations for context
+ */
+void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx )
+{
+ ctx->restart_enabled = 1;
+}
+#endif
+
/*
* Setup and write the ServerKeyExhange parameters (RFC 4492)
* struct {
@@ -126,12 +191,18 @@
{
int ret;
size_t grp_len, pt_len;
+ mbedtls_ecp_restart_ctx *rs_ctx = NULL;
if( ctx == NULL || ctx->grp.pbits == 0 )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
- if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
- != 0 )
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ctx->restart_enabled )
+ rs_ctx = &ctx->rs;
+#endif
+
+ if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
+ f_rng, p_rng, rs_ctx ) ) != 0 )
return( ret );
if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
@@ -142,7 +213,7 @@
blen -= grp_len;
if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
- &pt_len, buf, blen ) ) != 0 )
+ &pt_len, buf, blen ) ) != 0 )
return( ret );
*olen = grp_len + pt_len;
@@ -206,12 +277,18 @@
void *p_rng )
{
int ret;
+ mbedtls_ecp_restart_ctx *rs_ctx = NULL;
if( ctx == NULL || ctx->grp.pbits == 0 )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
- if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
- != 0 )
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ctx->restart_enabled )
+ rs_ctx = &ctx->rs;
+#endif
+
+ if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
+ f_rng, p_rng, rs_ctx ) ) != 0 )
return( ret );
return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
@@ -248,12 +325,18 @@
void *p_rng )
{
int ret;
+ mbedtls_ecp_restart_ctx *rs_ctx = NULL;
- if( ctx == NULL )
+ if( ctx == NULL || ctx->grp.pbits == 0 )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
- if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
- f_rng, p_rng ) ) != 0 )
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ctx->restart_enabled )
+ rs_ctx = &ctx->rs;
+#endif
+
+ if( ( ret = ecdh_compute_shared_restartable( &ctx->grp,
+ &ctx->z, &ctx->Qp, &ctx->d, f_rng, p_rng, rs_ctx ) ) != 0 )
{
return( ret );
}
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 17a88bd..abac015 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -42,6 +42,178 @@
#include "mbedtls/hmac_drbg.h"
#endif
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+
+/*
+ * Sub-context for ecdsa_verify()
+ */
+struct mbedtls_ecdsa_restart_ver
+{
+ mbedtls_mpi u1, u2; /* intermediate values */
+ enum { /* what to do next? */
+ ecdsa_ver_init = 0, /* getting started */
+ ecdsa_ver_muladd, /* muladd step */
+ } state;
+};
+
+/*
+ * Init verify restart sub-context
+ */
+static void ecdsa_restart_ver_init( mbedtls_ecdsa_restart_ver_ctx *ctx )
+{
+ mbedtls_mpi_init( &ctx->u1 );
+ mbedtls_mpi_init( &ctx->u2 );
+ ctx->state = ecdsa_ver_init;
+}
+
+/*
+ * Free the components of a verify restart sub-context
+ */
+static void ecdsa_restart_ver_free( mbedtls_ecdsa_restart_ver_ctx *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ mbedtls_mpi_free( &ctx->u1 );
+ mbedtls_mpi_free( &ctx->u2 );
+
+ ecdsa_restart_ver_init( ctx );
+}
+
+/*
+ * Sub-context for ecdsa_sign()
+ */
+struct mbedtls_ecdsa_restart_sig
+{
+ int sign_tries;
+ int key_tries;
+ mbedtls_mpi k; /* per-signature random */
+ mbedtls_mpi r; /* r value */
+ enum { /* what to do next? */
+ ecdsa_sig_init = 0, /* getting started */
+ ecdsa_sig_mul, /* doing ecp_mul() */
+ ecdsa_sig_modn, /* mod N computations */
+ } state;
+};
+
+/*
+ * Init verify sign sub-context
+ */
+static void ecdsa_restart_sig_init( mbedtls_ecdsa_restart_sig_ctx *ctx )
+{
+ ctx->sign_tries = 0;
+ ctx->key_tries = 0;
+ mbedtls_mpi_init( &ctx->k );
+ mbedtls_mpi_init( &ctx->r );
+ ctx->state = ecdsa_sig_init;
+}
+
+/*
+ * Free the components of a sign restart sub-context
+ */
+static void ecdsa_restart_sig_free( mbedtls_ecdsa_restart_sig_ctx *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ mbedtls_mpi_free( &ctx->k );
+ mbedtls_mpi_free( &ctx->r );
+}
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+/*
+ * Sub-context for ecdsa_sign_det()
+ */
+struct mbedtls_ecdsa_restart_det
+{
+ mbedtls_hmac_drbg_context rng_ctx; /* DRBG state */
+ enum { /* what to do next? */
+ ecdsa_det_init = 0, /* getting started */
+ ecdsa_det_sign, /* make signature */
+ } state;
+};
+
+/*
+ * Init verify sign_det sub-context
+ */
+static void ecdsa_restart_det_init( mbedtls_ecdsa_restart_det_ctx *ctx )
+{
+ mbedtls_hmac_drbg_init( &ctx->rng_ctx );
+ ctx->state = ecdsa_det_init;
+}
+
+/*
+ * Free the components of a sign_det restart sub-context
+ */
+static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ mbedtls_hmac_drbg_free( &ctx->rng_ctx );
+
+ ecdsa_restart_det_init( ctx );
+}
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#define ECDSA_RS_ECP &rs_ctx->ecp
+
+/* Utility macro for checking and updating ops budget */
+#define ECDSA_BUDGET( ops ) \
+ MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, &rs_ctx->ecp, ops ) );
+
+/* Call this when entering a function that needs its own sub-context */
+#define ECDSA_RS_ENTER( SUB ) do { \
+ /* reset ops count for this call if top-level */ \
+ if( rs_ctx != NULL && rs_ctx->ecp.depth++ == 0 ) \
+ rs_ctx->ecp.ops_done = 0; \
+ \
+ /* set up our own sub-context if needed */ \
+ if( mbedtls_ecp_restart_is_enabled() && \
+ rs_ctx != NULL && rs_ctx->SUB == NULL ) \
+ { \
+ rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \
+ if( rs_ctx->SUB == NULL ) \
+ return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \
+ \
+ ecdsa_restart_## SUB ##_init( rs_ctx->SUB ); \
+ } \
+} while( 0 )
+
+/* Call this when leaving a function that needs its own sub-context */
+#define ECDSA_RS_LEAVE( SUB ) do { \
+ /* clear our sub-context when not in progress (done or error) */ \
+ if( rs_ctx != NULL && rs_ctx->SUB != NULL && \
+ ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \
+ { \
+ ecdsa_restart_## SUB ##_free( rs_ctx->SUB ); \
+ mbedtls_free( rs_ctx->SUB ); \
+ rs_ctx->SUB = NULL; \
+ } \
+ \
+ if( rs_ctx != NULL ) \
+ rs_ctx->ecp.depth--; \
+} while( 0 )
+
+#else /* MBEDTLS_ECP_RESTARTABLE */
+
+#define ECDSA_RS_ECP NULL
+
+#define ECDSA_BUDGET( ops ) /* no-op; for compatibility */
+
+#define ECDSA_RS_ENTER( SUB ) (void) rs_ctx
+#define ECDSA_RS_LEAVE( SUB ) (void) rs_ctx
+
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
/*
* Derive a suitable integer for group grp from a buffer of length len
* SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
@@ -70,13 +242,17 @@
* Compute ECDSA signature of a hashed message (SEC1 4.1.3)
* Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
*/
-int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
+ mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_ecdsa_restart_ctx *rs_ctx )
{
- int ret, key_tries, sign_tries, blind_tries;
+ int ret, key_tries, sign_tries;
+ int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries;
mbedtls_ecp_point R;
mbedtls_mpi k, e, t;
+ mbedtls_mpi *pk = &k, *pr = r;
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
@@ -89,26 +265,72 @@
mbedtls_ecp_point_init( &R );
mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t );
- sign_tries = 0;
+ ECDSA_RS_ENTER( sig );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->sig != NULL )
+ {
+ /* redirect to our context */
+ p_sign_tries = &rs_ctx->sig->sign_tries;
+ p_key_tries = &rs_ctx->sig->key_tries;
+ pk = &rs_ctx->sig->k;
+ pr = &rs_ctx->sig->r;
+
+ /* jump to current step */
+ if( rs_ctx->sig->state == ecdsa_sig_mul )
+ goto mul;
+ if( rs_ctx->sig->state == ecdsa_sig_modn )
+ goto modn;
+ }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+ *p_sign_tries = 0;
do
{
+ if( *p_sign_tries++ > 10 )
+ {
+ ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+ goto cleanup;
+ }
+
/*
* Steps 1-3: generate a suitable ephemeral keypair
* and set r = xR mod n
*/
- key_tries = 0;
+ *p_key_tries = 0;
do
{
- MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( r, &R.X, &grp->N ) );
-
- if( key_tries++ > 10 )
+ if( *p_key_tries++ > 10 )
{
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
+
+ MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->sig != NULL )
+ rs_ctx->sig->state = ecdsa_sig_mul;
+
+mul:
+#endif
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G,
+ f_rng, p_rng, ECDSA_RS_ECP ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) );
}
- while( mbedtls_mpi_cmp_int( r, 0 ) == 0 );
+ while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->sig != NULL )
+ rs_ctx->sig->state = ecdsa_sig_modn;
+
+modn:
+#endif
+ /*
+ * Accounting for everything up to the end of the loop
+ * (step 6, but checking now avoids saving e and t)
+ */
+ ECDSA_BUDGET( MBEDTLS_ECP_OPS_INV + 4 );
/*
* Step 5: derive MPI from hashed message
@@ -119,57 +341,60 @@
* Generate a random value to blind inv_mod in next step,
* avoiding a potential timing leak.
*/
- blind_tries = 0;
- do
- {
- size_t n_size = ( grp->nbits + 7 ) / 8;
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &t, n_size, f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &t, 8 * n_size - grp->nbits ) );
-
- /* See mbedtls_ecp_gen_keypair() */
- if( ++blind_tries > 30 )
- return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
- }
- while( mbedtls_mpi_cmp_int( &t, 1 ) < 0 ||
- mbedtls_mpi_cmp_mpi( &t, &grp->N ) >= 0 );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, &t, f_rng, p_rng ) );
/*
* Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n
*/
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, r, d ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, pr, d ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &k, &k, &t ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, &k, &grp->N ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pk, pk, &t ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
-
- if( sign_tries++ > 10 )
- {
- ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
- goto cleanup;
- }
}
while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->sig != NULL )
+ mbedtls_mpi_copy( r, pr );
+#endif
+
cleanup:
mbedtls_ecp_point_free( &R );
mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t );
+ ECDSA_RS_LEAVE( sig );
+
return( ret );
}
#endif /* MBEDTLS_ECDSA_SIGN_ALT */
+/*
+ * Compute ECDSA signature of a hashed message
+ */
+int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+ const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+ return( ecdsa_sign_restartable( grp, r, s, d, buf, blen,
+ f_rng, p_rng, NULL ) );
+}
+
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
/*
* Deterministic signature wrapper
*/
-int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp,
+ mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
- mbedtls_md_type_t md_alg )
+ mbedtls_md_type_t md_alg,
+ mbedtls_ecdsa_restart_ctx *rs_ctx )
{
int ret;
mbedtls_hmac_drbg_context rng_ctx;
+ mbedtls_hmac_drbg_context *p_rng = &rng_ctx;
unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
size_t grp_len = ( grp->nbits + 7 ) / 8;
const mbedtls_md_info_t *md_info;
@@ -181,21 +406,53 @@
mbedtls_mpi_init( &h );
mbedtls_hmac_drbg_init( &rng_ctx );
+ ECDSA_RS_ENTER( det );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->det != NULL )
+ {
+ /* redirect to our context */
+ p_rng = &rs_ctx->det->rng_ctx;
+
+ /* jump to current step */
+ if( rs_ctx->det->state == ecdsa_det_sign )
+ goto sign;
+ }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
/* Use private key and message hash (reduced) to initialize HMAC_DRBG */
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) );
MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) );
- mbedtls_hmac_drbg_seed_buf( &rng_ctx, md_info, data, 2 * grp_len );
+ mbedtls_hmac_drbg_seed_buf( p_rng, md_info, data, 2 * grp_len );
- ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
- mbedtls_hmac_drbg_random, &rng_ctx );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->det != NULL )
+ rs_ctx->det->state = ecdsa_det_sign;
+
+sign:
+#endif
+ ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen,
+ mbedtls_hmac_drbg_random, p_rng, rs_ctx );
cleanup:
mbedtls_hmac_drbg_free( &rng_ctx );
mbedtls_mpi_free( &h );
+ ECDSA_RS_LEAVE( det );
+
return( ret );
}
+
+/*
+ * Deterministic signature wrapper
+ */
+int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+ const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+ mbedtls_md_type_t md_alg )
+{
+ return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, NULL ) );
+}
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
@@ -203,21 +460,40 @@
* Verify ECDSA signature of hashed message (SEC1 4.1.4)
* Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
*/
-int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
- const unsigned char *buf, size_t blen,
- const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
+static int ecdsa_verify_restartable( mbedtls_ecp_group *grp,
+ const unsigned char *buf, size_t blen,
+ const mbedtls_ecp_point *Q,
+ const mbedtls_mpi *r, const mbedtls_mpi *s,
+ mbedtls_ecdsa_restart_ctx *rs_ctx )
{
int ret;
mbedtls_mpi e, s_inv, u1, u2;
mbedtls_ecp_point R;
+ mbedtls_mpi *pu1 = &u1, *pu2 = &u2;
mbedtls_ecp_point_init( &R );
- mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
+ mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv );
+ mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+ ECDSA_RS_ENTER( ver );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->ver != NULL )
+ {
+ /* redirect to our context */
+ pu1 = &rs_ctx->ver->u1;
+ pu2 = &rs_ctx->ver->u2;
+
+ /* jump to current step */
+ if( rs_ctx->ver->state == ecdsa_ver_muladd )
+ goto muladd;
+ }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
/*
* Step 1: make sure r and s are in range 1..n-1
*/
@@ -229,11 +505,6 @@
}
/*
- * Additional precaution: make sure Q is valid
- */
- MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
-
- /*
* Step 3: derive MPI from hashed message
*/
MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
@@ -241,21 +512,27 @@
/*
* Step 4: u1 = e / s mod n, u2 = r / s mod n
*/
+ ECDSA_BUDGET( MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2 );
+
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u1, &e, &s_inv ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u1, &u1, &grp->N ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu1, &e, &s_inv ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu1, pu1, &grp->N ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u2, r, &s_inv ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u2, &u2, &grp->N ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu2, r, &s_inv ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu2, pu2, &grp->N ) );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->ver != NULL )
+ rs_ctx->ver->state = ecdsa_ver_muladd;
+
+muladd:
+#endif
/*
* Step 5: R = u1 G + u2 Q
- *
- * Since we're not using any secret data, no need to pass a RNG to
- * mbedtls_ecp_mul() for countermesures.
*/
- MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, &R, &u1, &grp->G, &u2, Q ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_muladd_restartable( grp,
+ &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP ) );
if( mbedtls_ecp_is_zero( &R ) )
{
@@ -280,13 +557,26 @@
cleanup:
mbedtls_ecp_point_free( &R );
- mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
+ mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv );
+ mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
+
+ ECDSA_RS_LEAVE( ver );
return( ret );
}
#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
/*
+ * Verify ECDSA signature of hashed message
+ */
+int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
+ const unsigned char *buf, size_t blen,
+ const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
+{
+ return( ecdsa_verify_restartable( grp, buf, blen, Q, r, s, NULL ) );
+}
+
+/*
* Convert a signature (given by context) to ASN.1
*/
static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
@@ -313,11 +603,13 @@
/*
* Compute and write signature
*/
-int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg,
+int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
+ mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng )
+ void *p_rng,
+ mbedtls_ecdsa_restart_ctx *rs_ctx )
{
int ret;
mbedtls_mpi r, s;
@@ -329,13 +621,13 @@
(void) f_rng;
(void) p_rng;
- MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d,
- hash, hlen, md_alg ) );
+ MBEDTLS_MPI_CHK( ecdsa_sign_det_restartable( &ctx->grp, &r, &s, &ctx->d,
+ hash, hlen, md_alg, rs_ctx ) );
#else
(void) md_alg;
- MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
- hash, hlen, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d,
+ hash, hlen, f_rng, p_rng, rs_ctx ) );
#endif
MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
@@ -347,6 +639,19 @@
return( ret );
}
+/*
+ * Compute and write signature
+ */
+int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hlen,
+ unsigned char *sig, size_t *slen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
+{
+ return( mbedtls_ecdsa_write_signature_restartable(
+ ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL ) );
+}
+
#if ! defined(MBEDTLS_DEPRECATED_REMOVED) && \
defined(MBEDTLS_ECDSA_DETERMINISTIC)
int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
@@ -366,6 +671,18 @@
const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen )
{
+ return( mbedtls_ecdsa_read_signature_restartable(
+ ctx, hash, hlen, sig, slen, NULL ) );
+}
+
+/*
+ * Restartable read and check signature
+ */
+int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
+ const unsigned char *hash, size_t hlen,
+ const unsigned char *sig, size_t slen,
+ mbedtls_ecdsa_restart_ctx *rs_ctx )
+{
int ret;
unsigned char *p = (unsigned char *) sig;
const unsigned char *end = sig + slen;
@@ -396,8 +713,8 @@
goto cleanup;
}
- if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
- &ctx->Q, &r, &s ) ) != 0 )
+ if( ( ret = ecdsa_verify_restartable( &ctx->grp, hash, hlen,
+ &ctx->Q, &r, &s, rs_ctx ) ) != 0 )
goto cleanup;
/* At this point we know that the buffer starts with a valid signature.
@@ -458,4 +775,42 @@
mbedtls_ecp_keypair_free( ctx );
}
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Initialize a restart context
+ */
+void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx )
+{
+ mbedtls_ecp_restart_init( &ctx->ecp );
+
+ ctx->ver = NULL;
+ ctx->sig = NULL;
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+ ctx->det = NULL;
+#endif
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx )
+{
+ mbedtls_ecp_restart_free( &ctx->ecp );
+
+ ecdsa_restart_ver_free( ctx->ver );
+ mbedtls_free( ctx->ver );
+ ctx->ver = NULL;
+
+ ecdsa_restart_sig_free( ctx->sig );
+ mbedtls_free( ctx->sig );
+ ctx->sig = NULL;
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+ ecdsa_restart_det_free( ctx->det );
+ mbedtls_free( ctx->det );
+ ctx->det = NULL;
+#endif
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
#endif /* MBEDTLS_ECDSA_C */
diff --git a/library/ecp.c b/library/ecp.c
index 41db3fb..b193ad4 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -82,6 +82,223 @@
static unsigned long add_count, dbl_count, mul_count;
#endif
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Maximum number of "basic operations" to be done in a row.
+ *
+ * Default value 0 means that ECC operations will not yield.
+ * Note that regardless of the value of ecp_max_ops, always at
+ * least one step is performed before yielding.
+ *
+ * Setting ecp_max_ops=1 can be suitable for testing purposes
+ * as it will interrupt computation at all possible points.
+ */
+static unsigned ecp_max_ops = 0;
+
+/*
+ * Set ecp_max_ops
+ */
+void mbedtls_ecp_set_max_ops( unsigned max_ops )
+{
+ ecp_max_ops = max_ops;
+}
+
+/*
+ * Check if restart is enabled
+ */
+int mbedtls_ecp_restart_is_enabled( void )
+{
+ return( ecp_max_ops != 0 );
+}
+
+/*
+ * Restart sub-context for ecp_mul_comb()
+ */
+struct mbedtls_ecp_restart_mul
+{
+ mbedtls_ecp_point R; /* current intermediate result */
+ size_t i; /* current index in various loops, 0 outside */
+ mbedtls_ecp_point *T; /* table for precomputed points */
+ unsigned char T_size; /* number of points in table T */
+ enum { /* what were we doing last time we returned? */
+ ecp_rsm_init = 0, /* nothing so far, dummy initial state */
+ ecp_rsm_pre_dbl, /* precompute 2^n multiples */
+ ecp_rsm_pre_norm_dbl, /* normalize precomputed 2^n multiples */
+ ecp_rsm_pre_add, /* precompute remaining points by adding */
+ ecp_rsm_pre_norm_add, /* normalize all precomputed points */
+ ecp_rsm_comb_core, /* ecp_mul_comb_core() */
+ ecp_rsm_final_norm, /* do the final normalization */
+ } state;
+};
+
+/*
+ * Init restart_mul sub-context
+ */
+static void ecp_restart_rsm_init( mbedtls_ecp_restart_mul_ctx *ctx )
+{
+ mbedtls_ecp_point_init( &ctx->R );
+ ctx->i = 0;
+ ctx->T = NULL;
+ ctx->T_size = 0;
+ ctx->state = ecp_rsm_init;
+}
+
+/*
+ * Free the components of a restart_mul sub-context
+ */
+static void ecp_restart_rsm_free( mbedtls_ecp_restart_mul_ctx *ctx )
+{
+ unsigned char i;
+
+ if( ctx == NULL )
+ return;
+
+ mbedtls_ecp_point_free( &ctx->R );
+
+ if( ctx->T != NULL )
+ {
+ for( i = 0; i < ctx->T_size; i++ )
+ mbedtls_ecp_point_free( ctx->T + i );
+ mbedtls_free( ctx->T );
+ }
+
+ ecp_restart_rsm_init( ctx );
+}
+
+/*
+ * Restart context for ecp_muladd()
+ */
+struct mbedtls_ecp_restart_muladd
+{
+ mbedtls_ecp_point mP; /* mP value */
+ mbedtls_ecp_point R; /* R intermediate result */
+ enum { /* what should we do next? */
+ ecp_rsma_mul1 = 0, /* first multiplication */
+ ecp_rsma_mul2, /* second multiplication */
+ ecp_rsma_add, /* addition */
+ ecp_rsma_norm, /* normalization */
+ } state;
+};
+
+/*
+ * Init restart_muladd sub-context
+ */
+static void ecp_restart_ma_init( mbedtls_ecp_restart_muladd_ctx *ctx )
+{
+ mbedtls_ecp_point_init( &ctx->mP );
+ mbedtls_ecp_point_init( &ctx->R );
+ ctx->state = ecp_rsma_mul1;
+}
+
+/*
+ * Free the components of a restart_muladd sub-context
+ */
+static void ecp_restart_ma_free( mbedtls_ecp_restart_muladd_ctx *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ mbedtls_ecp_point_free( &ctx->mP );
+ mbedtls_ecp_point_free( &ctx->R );
+
+ ecp_restart_ma_init( ctx );
+}
+
+/*
+ * Initialize a restart context
+ */
+void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx )
+{
+ ctx->ops_done = 0;
+ ctx->depth = 0;
+ ctx->rsm = NULL;
+ ctx->ma = NULL;
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ ecp_restart_rsm_free( ctx->rsm );
+ mbedtls_free( ctx->rsm );
+
+ ecp_restart_ma_free( ctx->ma );
+ mbedtls_free( ctx->ma );
+
+ mbedtls_ecp_restart_init( ctx );
+}
+
+/*
+ * Check if we can do the next step
+ */
+int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp,
+ mbedtls_ecp_restart_ctx *rs_ctx,
+ unsigned ops )
+{
+ if( rs_ctx != NULL && ecp_max_ops != 0 )
+ {
+ /* scale depending on curve size: the chosen reference is 256-bit,
+ * and multiplication is quadratic. Round to the closest integer. */
+ if( grp->pbits >= 512 )
+ ops *= 4;
+ else if( grp->pbits >= 384 )
+ ops *= 2;
+
+ /* avoid infinite loops: always allow first step */
+ if( rs_ctx->ops_done != 0 && rs_ctx->ops_done + ops > ecp_max_ops )
+ return( MBEDTLS_ERR_ECP_IN_PROGRESS );
+
+ /* update running count */
+ rs_ctx->ops_done += ops;
+ }
+
+ return( 0 );
+}
+
+/* Call this when entering a function that needs its own sub-context */
+#define ECP_RS_ENTER( SUB ) do { \
+ /* reset ops count for this call if top-level */ \
+ if( rs_ctx != NULL && rs_ctx->depth++ == 0 ) \
+ rs_ctx->ops_done = 0; \
+ \
+ /* set up our own sub-context if needed */ \
+ if( mbedtls_ecp_restart_is_enabled() && \
+ rs_ctx != NULL && rs_ctx->SUB == NULL ) \
+ { \
+ rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \
+ if( rs_ctx->SUB == NULL ) \
+ return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \
+ \
+ ecp_restart_## SUB ##_init( rs_ctx->SUB ); \
+ } \
+} while( 0 )
+
+/* Call this when leaving a function that needs its own sub-context */
+#define ECP_RS_LEAVE( SUB ) do { \
+ /* clear our sub-context when not in progress (done or error) */ \
+ if( rs_ctx != NULL && rs_ctx->SUB != NULL && \
+ ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \
+ { \
+ ecp_restart_## SUB ##_free( rs_ctx->SUB ); \
+ mbedtls_free( rs_ctx->SUB ); \
+ rs_ctx->SUB = NULL; \
+ } \
+ \
+ if( rs_ctx != NULL ) \
+ rs_ctx->depth--; \
+} while( 0 )
+
+#else /* MBEDTLS_ECP_RESTARTABLE */
+
+#define ECP_RS_ENTER( sub ) (void) rs_ctx;
+#define ECP_RS_LEAVE( sub ) (void) rs_ctx;
+
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
@@ -289,7 +506,21 @@
if( grp == NULL )
return;
- memset( grp, 0, sizeof( mbedtls_ecp_group ) );
+ grp->id = MBEDTLS_ECP_DP_NONE;
+ mbedtls_mpi_init( &grp->P );
+ mbedtls_mpi_init( &grp->A );
+ mbedtls_mpi_init( &grp->B );
+ mbedtls_ecp_point_init( &grp->G );
+ mbedtls_mpi_init( &grp->N );
+ grp->pbits = 0;
+ grp->nbits = 0;
+ grp->h = 0;
+ grp->modp = NULL;
+ grp->t_pre = NULL;
+ grp->t_post = NULL;
+ grp->t_data = NULL;
+ grp->T = NULL;
+ grp->T_size = 0;
}
/*
@@ -752,11 +983,10 @@
return( 0 );
#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
- if ( mbedtls_internal_ecp_grp_capable( grp ) )
- {
- return mbedtls_internal_ecp_normalize_jac( grp, pt );
- }
+ if( mbedtls_internal_ecp_grp_capable( grp ) )
+ return( mbedtls_internal_ecp_normalize_jac( grp, pt ) );
#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
+
mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi );
/*
@@ -796,32 +1026,33 @@
* Cost: 1N(t) := 1I + (6t - 3)M + 1S
*/
static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
- mbedtls_ecp_point *T[], size_t t_len )
+ mbedtls_ecp_point *T[], size_t T_size )
{
int ret;
size_t i;
mbedtls_mpi *c, u, Zi, ZZi;
- if( t_len < 2 )
+ if( T_size < 2 )
return( ecp_normalize_jac( grp, *T ) );
#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
- if ( mbedtls_internal_ecp_grp_capable( grp ) )
- {
- return mbedtls_internal_ecp_normalize_jac_many(grp, T, t_len);
- }
+ if( mbedtls_internal_ecp_grp_capable( grp ) )
+ return( mbedtls_internal_ecp_normalize_jac_many( grp, T, T_size ) );
#endif
- if( ( c = mbedtls_calloc( t_len, sizeof( mbedtls_mpi ) ) ) == NULL )
+ if( ( c = mbedtls_calloc( T_size, sizeof( mbedtls_mpi ) ) ) == NULL )
return( MBEDTLS_ERR_ECP_ALLOC_FAILED );
+ for( i = 0; i < T_size; i++ )
+ mbedtls_mpi_init( &c[i] );
+
mbedtls_mpi_init( &u ); mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi );
/*
* c[i] = Z_0 * ... * Z_i
*/
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &c[0], &T[0]->Z ) );
- for( i = 1; i < t_len; i++ )
+ for( i = 1; i < T_size; i++ )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &c[i], &c[i-1], &T[i]->Z ) );
MOD_MUL( c[i] );
@@ -830,9 +1061,9 @@
/*
* u = 1 / (Z_0 * ... * Z_n) mod P
*/
- MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[t_len-1], &grp->P ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[T_size-1], &grp->P ) );
- for( i = t_len - 1; ; i-- )
+ for( i = T_size - 1; ; i-- )
{
/*
* Zi = 1 / Z_i mod p
@@ -872,7 +1103,7 @@
cleanup:
mbedtls_mpi_free( &u ); mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi );
- for( i = 0; i < t_len; i++ )
+ for( i = 0; i < T_size; i++ )
mbedtls_mpi_free( &c[i] );
mbedtls_free( c );
@@ -929,10 +1160,8 @@
#endif
#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
- if ( mbedtls_internal_ecp_grp_capable( grp ) )
- {
- return mbedtls_internal_ecp_double_jac( grp, R, P );
- }
+ if( mbedtls_internal_ecp_grp_capable( grp ) )
+ return( mbedtls_internal_ecp_double_jac( grp, R, P ) );
#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
mbedtls_mpi_init( &M ); mbedtls_mpi_init( &S ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &U );
@@ -1027,10 +1256,8 @@
#endif
#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
- if ( mbedtls_internal_ecp_grp_capable( grp ) )
- {
- return mbedtls_internal_ecp_add_mixed( grp, R, P, Q );
- }
+ if( mbedtls_internal_ecp_grp_capable( grp ) )
+ return( mbedtls_internal_ecp_add_mixed( grp, R, P, Q ) );
#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
/*
@@ -1114,10 +1341,8 @@
int count = 0;
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
- if ( mbedtls_internal_ecp_grp_capable( grp ) )
- {
- return mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng );
- }
+ if( mbedtls_internal_ecp_grp_capable( grp ) )
+ return( mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng ) );
#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
p_size = ( grp->pbits + 7 ) / 8;
@@ -1173,11 +1398,38 @@
* modified version that provides resistance to SPA by avoiding zero
* digits in the representation as in [3]. We modify the method further by
* requiring that all K_i be odd, which has the small cost that our
- * representation uses one more K_i, due to carries.
+ * representation uses one more K_i, due to carries, but saves on the size of
+ * the precomputed table.
*
- * Also, for the sake of compactness, only the seven low-order bits of x[i]
- * are used to represent K_i, and the msb of x[i] encodes the the sign (s_i in
- * the paper): it is set if and only if if s_i == -1;
+ * Summary of the comb method and its modifications:
+ *
+ * - The goal is to compute m*P for some w*d-bit integer m.
+ *
+ * - The basic comb method splits m into the w-bit integers
+ * x[0] .. x[d-1] where x[i] consists of the bits in m whose
+ * index has residue i modulo d, and computes m * P as
+ * S[x[0]] + 2 * S[x[1]] + .. + 2^(d-1) S[x[d-1]], where
+ * S[i_{w-1} .. i_0] := i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + i_0 P.
+ *
+ * - If it happens that, say, x[i+1]=0 (=> S[x[i+1]]=0), one can replace the sum by
+ * .. + 2^{i-1} S[x[i-1]] - 2^i S[x[i]] + 2^{i+1} S[x[i]] + 2^{i+2} S[x[i+2]] ..,
+ * thereby successively converting it into a form where all summands
+ * are nonzero, at the cost of negative summands. This is the basic idea of [3].
+ *
+ * - More generally, even if x[i+1] != 0, we can first transform the sum as
+ * .. - 2^i S[x[i]] + 2^{i+1} ( S[x[i]] + S[x[i+1]] ) + 2^{i+2} S[x[i+2]] ..,
+ * and then replace S[x[i]] + S[x[i+1]] = S[x[i] ^ x[i+1]] + 2 S[x[i] & x[i+1]].
+ * Performing and iterating this procedure for those x[i] that are even
+ * (keeping track of carry), we can transform the original sum into one of the form
+ * S[x'[0]] +- 2 S[x'[1]] +- .. +- 2^{d-1} S[x'[d-1]] + 2^d S[x'[d]]
+ * with all x'[i] odd. It is therefore only necessary to know S at odd indices,
+ * which is why we are only computing half of it in the first place in
+ * ecp_precompute_comb and accessing it with index abs(i) / 2 in ecp_select_comb.
+ *
+ * - For the sake of compactness, only the seven low-order bits of x[i]
+ * are used to represent its absolute value (K_i in the paper), and the msb
+ * of x[i] encodes the sign (s_i in the paper): it is set if and only if
+ * if s_i == -1;
*
* Calling conventions:
* - x is an array of size d + 1
@@ -1186,8 +1438,8 @@
* - m is the MPI, expected to be odd and such that bitlength(m) <= w * d
* (the result will be incorrect if these assumptions are not satisfied)
*/
-static void ecp_comb_fixed( unsigned char x[], size_t d,
- unsigned char w, const mbedtls_mpi *m )
+static void ecp_comb_recode_core( unsigned char x[], size_t d,
+ unsigned char w, const mbedtls_mpi *m )
{
size_t i, j;
unsigned char c, cc, adjust;
@@ -1217,70 +1469,178 @@
}
/*
- * Precompute points for the comb method
+ * Precompute points for the adapted comb method
*
- * If i = i_{w-1} ... i_1 is the binary representation of i, then
- * T[i] = i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + P
+ * Assumption: T must be able to hold 2^{w - 1} elements.
*
- * T must be able to hold 2^{w - 1} elements
+ * Operation: If i = i_{w-1} ... i_1 is the binary representation of i,
+ * sets T[i] = i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + P.
*
* Cost: d(w-1) D + (2^{w-1} - 1) A + 1 N(w-1) + 1 N(2^{w-1} - 1)
+ *
+ * Note: Even comb values (those where P would be omitted from the
+ * sum defining T[i] above) are not needed in our adaption
+ * the comb method. See ecp_comb_recode_core().
+ *
+ * This function currently works in four steps:
+ * (1) [dbl] Computation of intermediate T[i] for 2-power values of i
+ * (2) [norm_dbl] Normalization of coordinates of these T[i]
+ * (3) [add] Computation of all T[i]
+ * (4) [norm_add] Normalization of all T[i]
+ *
+ * Step 1 can be interrupted but not the others; together with the final
+ * coordinate normalization they are the largest steps done at once, depending
+ * on the window size. Here are operation counts for P-256:
+ *
+ * step (2) (3) (4)
+ * w = 5 142 165 208
+ * w = 4 136 77 160
+ * w = 3 130 33 136
+ * w = 2 124 11 124
+ *
+ * So if ECC operations are blocking for too long even with a low max_ops
+ * value, it's useful to set MBEDTLS_ECP_WINDOW_SIZE to a lower value in order
+ * to minimize maximum blocking time.
*/
static int ecp_precompute_comb( const mbedtls_ecp_group *grp,
mbedtls_ecp_point T[], const mbedtls_ecp_point *P,
- unsigned char w, size_t d )
+ unsigned char w, size_t d,
+ mbedtls_ecp_restart_ctx *rs_ctx )
{
int ret;
- unsigned char i, k;
- size_t j;
+ unsigned char i;
+ size_t j = 0;
+ const unsigned char T_size = 1U << ( w - 1 );
mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1];
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL )
+ {
+ if( rs_ctx->rsm->state == ecp_rsm_pre_dbl )
+ goto dbl;
+ if( rs_ctx->rsm->state == ecp_rsm_pre_norm_dbl )
+ goto norm_dbl;
+ if( rs_ctx->rsm->state == ecp_rsm_pre_add )
+ goto add;
+ if( rs_ctx->rsm->state == ecp_rsm_pre_norm_add )
+ goto norm_add;
+ }
+#else
+ (void) rs_ctx;
+#endif
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL )
+ {
+ rs_ctx->rsm->state = ecp_rsm_pre_dbl;
+
+ /* initial state for the loop */
+ rs_ctx->rsm->i = 0;
+ }
+
+dbl:
+#endif
/*
* Set T[0] = P and
* T[2^{l-1}] = 2^{dl} P for l = 1 .. w-1 (this is not the final value)
*/
MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) );
- k = 0;
- for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 )
- {
- cur = T + i;
- MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) );
- for( j = 0; j < d; j++ )
- MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 )
+ j = rs_ctx->rsm->i;
+ else
+#endif
+ j = 0;
- TT[k++] = cur;
+ for( ; j < d * ( w - 1 ); j++ )
+ {
+ MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL );
+
+ i = 1U << ( j / d );
+ cur = T + i;
+
+ if( j % d == 0 )
+ MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) );
+
+ MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) );
}
- MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL )
+ rs_ctx->rsm->state = ecp_rsm_pre_norm_dbl;
+norm_dbl:
+#endif
+ /*
+ * Normalize current elements in T. As T has holes,
+ * use an auxiliary array of pointers to elements in T.
+ */
+ j = 0;
+ for( i = 1; i < T_size; i <<= 1 )
+ TT[j++] = T + i;
+
+ MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 );
+
+ MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL )
+ rs_ctx->rsm->state = ecp_rsm_pre_add;
+
+add:
+#endif
/*
* Compute the remaining ones using the minimal number of additions
* Be careful to update T[2^l] only after using it!
*/
- k = 0;
- for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 )
+ MBEDTLS_ECP_BUDGET( ( T_size - 1 ) * MBEDTLS_ECP_OPS_ADD );
+
+ for( i = 1; i < T_size; i <<= 1 )
{
j = i;
while( j-- )
- {
MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) );
- TT[k++] = &T[i + j];
- }
}
- MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL )
+ rs_ctx->rsm->state = ecp_rsm_pre_norm_add;
+
+norm_add:
+#endif
+ /*
+ * Normalize final elements in T. Even though there are no holes now, we
+ * still need the auxiliary array for homogeneity with the previous
+ * call. Also, skip T[0] which is already normalised, being a copy of P.
+ */
+ for( j = 0; j + 1 < T_size; j++ )
+ TT[j] = T + j + 1;
+
+ MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 );
+
+ MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) );
cleanup:
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL &&
+ ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ {
+ if( rs_ctx->rsm->state == ecp_rsm_pre_dbl )
+ rs_ctx->rsm->i = j;
+ }
+#endif
return( ret );
}
/*
* Select precomputed point: R = sign(i) * T[ abs(i) / 2 ]
+ *
+ * See ecp_comb_recode_core() for background
*/
static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
- const mbedtls_ecp_point T[], unsigned char t_len,
+ const mbedtls_ecp_point T[], unsigned char T_size,
unsigned char i )
{
int ret;
@@ -1290,7 +1650,7 @@
ii = ( i & 0x7Fu ) >> 1;
/* Read the whole table to thwart cache-based timing attacks */
- for( j = 0; j < t_len; j++ )
+ for( j = 0; j < T_size; j++ )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->X, &T[j].X, j == ii ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->Y, &T[j].Y, j == ii ) );
@@ -1310,10 +1670,11 @@
* Cost: d A + d D + 1 R
*/
static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
- const mbedtls_ecp_point T[], unsigned char t_len,
+ const mbedtls_ecp_point T[], unsigned char T_size,
const unsigned char x[], size_t d,
int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng )
+ void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx )
{
int ret;
mbedtls_ecp_point Txi;
@@ -1321,17 +1682,42 @@
mbedtls_ecp_point_init( &Txi );
- /* Start with a non-zero point and randomize its coordinates */
- i = d;
- MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, t_len, x[i] ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
- if( f_rng != 0 )
- MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
+#if !defined(MBEDTLS_ECP_RESTARTABLE)
+ (void) rs_ctx;
+#endif
- while( i-- != 0 )
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL &&
+ rs_ctx->rsm->state != ecp_rsm_comb_core )
{
+ rs_ctx->rsm->i = 0;
+ rs_ctx->rsm->state = ecp_rsm_comb_core;
+ }
+
+ /* new 'if' instead of nested for the sake of the 'else' branch */
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 )
+ {
+ /* restore current index (R already pointing to rs_ctx->rsm->R) */
+ i = rs_ctx->rsm->i;
+ }
+ else
+#endif
+ {
+ /* Start with a non-zero point and randomize its coordinates */
+ i = d;
+ MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
+ if( f_rng != 0 )
+ MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
+ }
+
+ while( i != 0 )
+ {
+ MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL + MBEDTLS_ECP_OPS_ADD );
+ --i;
+
MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) );
- MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, t_len, x[i] ) );
+ MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, T_size, x[i] ) );
MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) );
}
@@ -1339,32 +1725,130 @@
mbedtls_ecp_point_free( &Txi );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL &&
+ ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ {
+ rs_ctx->rsm->i = i;
+ /* no need to save R, already pointing to rs_ctx->rsm->R */
+ }
+#endif
+
return( ret );
}
/*
- * Multiplication using the comb method,
- * for curves in short Weierstrass form
+ * Recode the scalar to get constant-time comb multiplication
+ *
+ * As the actual scalar recoding needs an odd scalar as a starting point,
+ * this wrapper ensures that by replacing m by N - m if necessary, and
+ * informs the caller that the result of multiplication will be negated.
+ *
+ * This works because we only support large prime order for Short Weierstrass
+ * curves, so N is always odd hence either m or N - m is.
+ *
+ * See ecp_comb_recode_core() for background.
*/
-static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
- const mbedtls_mpi *m, const mbedtls_ecp_point *P,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng )
+static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp,
+ const mbedtls_mpi *m,
+ unsigned char k[COMB_MAX_D + 1],
+ size_t d,
+ unsigned char w,
+ unsigned char *parity_trick )
{
int ret;
- unsigned char w, m_is_odd, p_eq_g, pre_len, i;
- size_t d;
- unsigned char k[COMB_MAX_D + 1];
- mbedtls_ecp_point *T;
mbedtls_mpi M, mm;
mbedtls_mpi_init( &M );
mbedtls_mpi_init( &mm );
- /* we need N to be odd to trnaform m in an odd number, check now */
+ /* N is always odd (see above), just make extra sure */
if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+ /* do we need the parity trick? */
+ *parity_trick = ( mbedtls_mpi_get_bit( m, 0 ) == 0 );
+
+ /* execute parity fix in constant time */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, *parity_trick ) );
+
+ /* actual scalar recoding */
+ ecp_comb_recode_core( k, d, w, &M );
+
+cleanup:
+ mbedtls_mpi_free( &mm );
+ mbedtls_mpi_free( &M );
+
+ return( ret );
+}
+
+/*
+ * Perform comb multiplication (for short Weierstrass curves)
+ * once the auxiliary table has been pre-computed.
+ *
+ * Scalar recoding may use a parity trick that makes us compute -m * P,
+ * if that is the case we'll need to recover m * P at the end.
+ */
+static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp,
+ mbedtls_ecp_point *R,
+ const mbedtls_mpi *m,
+ const mbedtls_ecp_point *T,
+ unsigned char T_size,
+ unsigned char w,
+ size_t d,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx )
+{
+ int ret;
+ unsigned char parity_trick;
+ unsigned char k[COMB_MAX_D + 1];
+ mbedtls_ecp_point *RR = R;
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL )
+ {
+ RR = &rs_ctx->rsm->R;
+
+ if( rs_ctx->rsm->state == ecp_rsm_final_norm )
+ goto final_norm;
+ }
+#endif
+
+ MBEDTLS_MPI_CHK( ecp_comb_recode_scalar( grp, m, k, d, w,
+ &parity_trick ) );
+ MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, RR, T, T_size, k, d,
+ f_rng, p_rng, rs_ctx ) );
+ MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, RR, parity_trick ) );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL )
+ rs_ctx->rsm->state = ecp_rsm_final_norm;
+
+final_norm:
+#endif
+ MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV );
+ MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL )
+ MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, RR ) );
+#endif
+
+cleanup:
+ return( ret );
+}
+
+/*
+ * Pick window size based on curve size and whether we optimize for base point
+ */
+static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp,
+ unsigned char p_eq_g )
+{
+ unsigned char w;
+
/*
* Minimize the number of multiplications, that is minimize
* 10 * d * w + 18 * 2^(w-1) + 11 * d + 7 * w, with d = ceil( nbits / w )
@@ -1377,14 +1861,8 @@
* Just adding one avoids upping the cost of the first mul too much,
* and the memory cost too.
*/
-#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1
- p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 &&
- mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 );
if( p_eq_g )
w++;
-#else
- p_eq_g = 0;
-#endif
/*
* Make sure w is within bounds.
@@ -1395,70 +1873,140 @@
if( w >= grp->nbits )
w = 2;
- /* Other sizes that depend on w */
- pre_len = 1U << ( w - 1 );
+ return( w );
+}
+
+/*
+ * Multiplication using the comb method - for curves in short Weierstrass form
+ *
+ * This function is mainly responsible for administrative work:
+ * - managing the restart context if enabled
+ * - managing the table of precomputed points (passed between the below two
+ * functions): allocation, computation, ownership tranfer, freeing.
+ *
+ * It delegates the actual arithmetic work to:
+ * ecp_precompute_comb() and ecp_mul_comb_with_precomp()
+ *
+ * See comments on ecp_comb_recode_core() regarding the computation strategy.
+ */
+static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx )
+{
+ int ret;
+ unsigned char w, p_eq_g, i;
+ size_t d;
+ unsigned char T_size, T_ok;
+ mbedtls_ecp_point *T;
+
+ ECP_RS_ENTER( rsm );
+
+ /* Is P the base point ? */
+#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1
+ p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 &&
+ mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 );
+#else
+ p_eq_g = 0;
+#endif
+
+ /* Pick window size and deduce related sizes */
+ w = ecp_pick_window_size( grp, p_eq_g );
+ T_size = 1U << ( w - 1 );
d = ( grp->nbits + w - 1 ) / w;
- /*
- * Prepare precomputed points: if P == G we want to
- * use grp->T if already initialized, or initialize it.
- */
- T = p_eq_g ? grp->T : NULL;
-
- if( T == NULL )
+ /* Pre-computed table: do we have it already for the base point? */
+ if( p_eq_g && grp->T != NULL )
{
- T = mbedtls_calloc( pre_len, sizeof( mbedtls_ecp_point ) );
+ /* second pointer to the same table, will be deleted on exit */
+ T = grp->T;
+ T_ok = 1;
+ }
+ else
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ /* Pre-computed table: do we have one in progress? complete? */
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->T != NULL )
+ {
+ /* transfer ownership of T from rsm to local function */
+ T = rs_ctx->rsm->T;
+ rs_ctx->rsm->T = NULL;
+ rs_ctx->rsm->T_size = 0;
+
+ /* This effectively jumps to the call to mul_comb_after_precomp() */
+ T_ok = rs_ctx->rsm->state >= ecp_rsm_comb_core;
+ }
+ else
+#endif
+ /* Allocate table if we didn't have any */
+ {
+ T = mbedtls_calloc( T_size, sizeof( mbedtls_ecp_point ) );
if( T == NULL )
{
ret = MBEDTLS_ERR_ECP_ALLOC_FAILED;
goto cleanup;
}
- MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d ) );
+ for( i = 0; i < T_size; i++ )
+ mbedtls_ecp_point_init( &T[i] );
+
+ T_ok = 0;
+ }
+
+ /* Compute table (or finish computing it) if not done already */
+ if( !T_ok )
+ {
+ MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d, rs_ctx ) );
if( p_eq_g )
{
+ /* almost transfer ownership of T to the group, but keep a copy of
+ * the pointer to use for calling the next function more easily */
grp->T = T;
- grp->T_size = pre_len;
+ grp->T_size = T_size;
}
}
- /*
- * Make sure M is odd (M = m or M = N - m, since N is odd)
- * using the fact that m * P = - (N - m) * P
- */
- m_is_odd = ( mbedtls_mpi_get_bit( m, 0 ) == 1 );
- MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, ! m_is_odd ) );
-
- /*
- * Go for comb multiplication, R = M * P
- */
- ecp_comb_fixed( k, d, w, &M );
- MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, R, T, pre_len, k, d, f_rng, p_rng ) );
-
- /*
- * Now get m * P from M * P and normalize it
- */
- MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, ! m_is_odd ) );
- MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) );
+ /* Actual comb multiplication using precomputed points */
+ MBEDTLS_MPI_CHK( ecp_mul_comb_after_precomp( grp, R, m,
+ T, T_size, w, d,
+ f_rng, p_rng, rs_ctx ) );
cleanup:
- if( T != NULL && ! p_eq_g )
+ /* does T belong to the group? */
+ if( T == grp->T )
+ T = NULL;
+
+ /* does T belong to the restart context? */
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->rsm != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != NULL )
{
- for( i = 0; i < pre_len; i++ )
+ /* transfer ownership of T from local function to rsm */
+ rs_ctx->rsm->T_size = T_size;
+ rs_ctx->rsm->T = T;
+ T = NULL;
+ }
+#endif
+
+ /* did T belong to us? then let's destroy it! */
+ if( T != NULL )
+ {
+ for( i = 0; i < T_size; i++ )
mbedtls_ecp_point_free( &T[i] );
mbedtls_free( T );
}
- mbedtls_mpi_free( &M );
- mbedtls_mpi_free( &mm );
-
+ /* don't free R while in progress in case R == P */
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+#endif
+ /* prevent caller from using invalid value */
if( ret != 0 )
mbedtls_ecp_point_free( R );
+ ECP_RS_LEAVE( rsm );
+
return( ret );
}
@@ -1482,10 +2030,8 @@
int ret;
#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
- if ( mbedtls_internal_ecp_grp_capable( grp ) )
- {
- return mbedtls_internal_ecp_normalize_mxz( grp, P );
- }
+ if( mbedtls_internal_ecp_grp_capable( grp ) )
+ return( mbedtls_internal_ecp_normalize_mxz( grp, P ) );
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) );
@@ -1513,10 +2059,8 @@
int count = 0;
#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
- if ( mbedtls_internal_ecp_grp_capable( grp ) )
- {
- return mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng );
- }
+ if( mbedtls_internal_ecp_grp_capable( grp ) )
+ return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng );
#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
p_size = ( grp->pbits + 7 ) / 8;
@@ -1568,10 +2112,8 @@
mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB;
#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
- if ( mbedtls_internal_ecp_grp_capable( grp ) )
- {
- return mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d );
- }
+ if( mbedtls_internal_ecp_grp_capable( grp ) )
+ return( mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d ) );
#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &AA ); mbedtls_mpi_init( &B );
@@ -1668,54 +2210,77 @@
#endif /* ECP_MONTGOMERY */
/*
- * Multiplication R = m * P
+ * Restartable multiplication R = m * P
*/
-int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx )
{
int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
char is_grp_capable = 0;
#endif
- /* Common sanity checks */
- if( mbedtls_mpi_cmp_int( &P->Z, 1 ) != 0 )
- return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
- if( ( ret = mbedtls_ecp_check_privkey( grp, m ) ) != 0 ||
- ( ret = mbedtls_ecp_check_pubkey( grp, P ) ) != 0 )
- return( ret );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ /* reset ops count for this call if top-level */
+ if( rs_ctx != NULL && rs_ctx->depth++ == 0 )
+ rs_ctx->ops_done = 0;
+#endif
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
- if ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) )
- {
+ if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) )
MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ /* skip argument check when restarting */
+ if( rs_ctx == NULL || rs_ctx->rsm == NULL )
+#endif
+ {
+ /* check_privkey is free */
+ MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_CHK );
+
+ /* Common sanity checks */
+ MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( grp, m ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) );
}
-#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+ ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
#if defined(ECP_MONTGOMERY)
if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY )
- ret = ecp_mul_mxz( grp, R, m, P, f_rng, p_rng );
-
+ MBEDTLS_MPI_CHK( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) );
#endif
#if defined(ECP_SHORTWEIERSTRASS)
if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
- ret = ecp_mul_comb( grp, R, m, P, f_rng, p_rng );
-
+ MBEDTLS_MPI_CHK( ecp_mul_comb( grp, R, m, P, f_rng, p_rng, rs_ctx ) );
#endif
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+
cleanup:
- if ( is_grp_capable )
- {
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+ if( is_grp_capable )
mbedtls_internal_ecp_free( grp );
- }
-
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL )
+ rs_ctx->depth--;
+#endif
+
return( ret );
}
+/*
+ * Multiplication R = m * P
+ */
+int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+ return( mbedtls_ecp_mul_restartable( grp, R, m, P, f_rng, p_rng, NULL ) );
+}
+
#if defined(ECP_SHORTWEIERSTRASS)
/*
* Check that an affine point is valid as a public key,
@@ -1773,7 +2338,8 @@
static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,
mbedtls_ecp_point *R,
const mbedtls_mpi *m,
- const mbedtls_ecp_point *P )
+ const mbedtls_ecp_point *P,
+ mbedtls_ecp_restart_ctx *rs_ctx )
{
int ret;
@@ -1789,7 +2355,8 @@
}
else
{
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P,
+ NULL, NULL, rs_ctx ) );
}
cleanup:
@@ -1797,6 +2364,96 @@
}
/*
+ * Restartable linear combination
+ * NOT constant-time
+ */
+int mbedtls_ecp_muladd_restartable(
+ mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
+ mbedtls_ecp_restart_ctx *rs_ctx )
+{
+ int ret;
+ mbedtls_ecp_point mP;
+ mbedtls_ecp_point *pmP = &mP;
+ mbedtls_ecp_point *pR = R;
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+ char is_grp_capable = 0;
+#endif
+
+ if( ecp_get_type( grp ) != ECP_TYPE_SHORT_WEIERSTRASS )
+ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+
+ mbedtls_ecp_point_init( &mP );
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+ if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) )
+ MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+ ECP_RS_ENTER( ma );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->ma != NULL )
+ {
+ /* redirect intermediate results to restart context */
+ pmP = &rs_ctx->ma->mP;
+ pR = &rs_ctx->ma->R;
+
+ /* jump to next operation */
+ if( rs_ctx->ma->state == ecp_rsma_mul2 )
+ goto mul2;
+ if( rs_ctx->ma->state == ecp_rsma_add )
+ goto add;
+ if( rs_ctx->ma->state == ecp_rsma_norm )
+ goto norm;
+ }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pmP, m, P, rs_ctx ) );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->ma != NULL )
+ rs_ctx->ma->state = ecp_rsma_mul2;
+
+mul2:
+#endif
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pR, n, Q, rs_ctx ) );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->ma != NULL )
+ rs_ctx->ma->state = ecp_rsma_add;
+
+add:
+#endif
+ MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_ADD );
+ MBEDTLS_MPI_CHK( ecp_add_mixed( grp, pR, pmP, pR ) );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->ma != NULL )
+ rs_ctx->ma->state = ecp_rsma_norm;
+
+norm:
+#endif
+ MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV );
+ MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, pR ) );
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && rs_ctx->ma != NULL )
+ MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, pR ) );
+#endif
+
+cleanup:
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+ if( is_grp_capable )
+ mbedtls_internal_ecp_free( grp );
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+ mbedtls_ecp_point_free( &mP );
+
+ ECP_RS_LEAVE( ma );
+
+ return( ret );
+}
+
+/*
* Linear combination
* NOT constant-time
*/
@@ -1804,45 +2461,9 @@
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
const mbedtls_mpi *n, const mbedtls_ecp_point *Q )
{
- int ret;
- mbedtls_ecp_point mP;
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
- char is_grp_capable = 0;
-#endif
-
- if( ecp_get_type( grp ) != ECP_TYPE_SHORT_WEIERSTRASS )
- return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-
- mbedtls_ecp_point_init( &mP );
-
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, &mP, m, P ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, R, n, Q ) );
-
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
- if ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) )
- {
- MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
- }
-
-#endif /* MBEDTLS_ECP_INTERNAL_ALT */
- MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, &mP, R ) );
- MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) );
-
-cleanup:
-
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
- if ( is_grp_capable )
- {
- mbedtls_internal_ecp_free( grp );
- }
-
-#endif /* MBEDTLS_ECP_INTERNAL_ALT */
- mbedtls_ecp_point_free( &mP );
-
- return( ret );
+ return( mbedtls_ecp_muladd_restartable( grp, R, m, P, n, Q, NULL ) );
}
-
#if defined(ECP_MONTGOMERY)
/*
* Check validity of a public key for Montgomery curves with x-only schemes
@@ -1892,7 +2513,6 @@
mbedtls_mpi_get_bit( d, 1 ) != 0 ||
mbedtls_mpi_bitlen( d ) - 1 != grp->nbits ) /* mbedtls_mpi_bitlen is one-based! */
return( MBEDTLS_ERR_ECP_INVALID_KEY );
- else
/* see [Curve25519] page 5 */
if( grp->nbits == 254 && mbedtls_mpi_get_bit( d, 2 ) != 0 )
@@ -1917,15 +2537,14 @@
}
/*
- * Generate a keypair with configurable base point
+ * Generate a private key
*/
-int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
- const mbedtls_ecp_point *G,
- mbedtls_mpi *d, mbedtls_ecp_point *Q,
+int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
+ mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
- int ret;
+ int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
size_t n_size = ( grp->nbits + 7 ) / 8;
#if defined(ECP_MONTGOMERY)
@@ -1954,8 +2573,8 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
}
}
- else
#endif /* ECP_MONTGOMERY */
+
#if defined(ECP_SHORTWEIERSTRASS)
if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
{
@@ -1989,15 +2608,28 @@
while( mbedtls_mpi_cmp_int( d, 1 ) < 0 ||
mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 );
}
- else
#endif /* ECP_SHORTWEIERSTRASS */
- return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
cleanup:
- if( ret != 0 )
- return( ret );
+ return( ret );
+}
- return( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) );
+/*
+ * Generate a keypair with configurable base point
+ */
+int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
+ const mbedtls_ecp_point *G,
+ mbedtls_mpi *d, mbedtls_ecp_point *Q,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
+{
+ int ret;
+
+ MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) );
+
+cleanup:
+ return( ret );
}
/*
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index fd96258..040aa11 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -19,6 +19,11 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
+#if defined(__linux__)
+/* Ensure that syscall() is available even when compiling with -std=c99 */
+#define _GNU_SOURCE
+#endif
+
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@@ -45,7 +50,8 @@
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
- !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__)
+ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
+ !defined(__HAIKU__)
#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h"
#endif
diff --git a/library/error.c b/library/error.c
index 2a85d27..3345481 100644
--- a/library/error.c
+++ b/library/error.c
@@ -73,6 +73,14 @@
#include "mbedtls/ccm.h"
#endif
+#if defined(MBEDTLS_CHACHA20_C)
+#include "mbedtls/chacha20.h"
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#include "mbedtls/chachapoly.h"
+#endif
+
#if defined(MBEDTLS_CIPHER_C)
#include "mbedtls/cipher.h"
#endif
@@ -157,6 +165,10 @@
#include "mbedtls/pkcs5.h"
#endif
+#if defined(MBEDTLS_POLY1305_C)
+#include "mbedtls/poly1305.h"
+#endif
+
#if defined(MBEDTLS_RIPEMD160_C)
#include "mbedtls/ripemd160.h"
#endif
@@ -277,6 +289,8 @@
mbedtls_snprintf( buf, buflen, "ECP - The buffer contains a valid signature followed by more data" );
if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "ECP - The ECP hardware accelerator failed" );
+ if( use_ret == -(MBEDTLS_ERR_ECP_IN_PROGRESS) )
+ mbedtls_snprintf( buf, buflen, "ECP - Operation in progress, call again with the same parameters to continue" );
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_MD_C)
@@ -503,6 +517,10 @@
mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that further message-processing should be done" );
if( use_ret == -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) )
mbedtls_snprintf( buf, buflen, "SSL - The asynchronous operation is not completed yet" );
+ if( use_ret == -(MBEDTLS_ERR_SSL_EARLY_MESSAGE) )
+ mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that a message arrived early" );
+ if( use_ret == -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) )
+ mbedtls_snprintf( buf, buflen, "SSL - A cryptographic operation is in progress. Try again later" );
#endif /* MBEDTLS_SSL_TLS_C */
#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
@@ -676,6 +694,22 @@
mbedtls_snprintf( buf, buflen, "CCM - CCM hardware accelerator failed" );
#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CHACHA20_C)
+ if( use_ret == -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA) )
+ mbedtls_snprintf( buf, buflen, "CHACHA20 - Invalid input parameter(s)" );
+ if( use_ret == -(MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE) )
+ mbedtls_snprintf( buf, buflen, "CHACHA20 - Feature not available. For example, s part of the API is not implemented" );
+ if( use_ret == -(MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED) )
+ mbedtls_snprintf( buf, buflen, "CHACHA20 - Chacha20 hardware accelerator failed" );
+#endif /* MBEDTLS_CHACHA20_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if( use_ret == -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE) )
+ mbedtls_snprintf( buf, buflen, "CHACHAPOLY - The requested operation is not permitted in the current state" );
+ if( use_ret == -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED) )
+ mbedtls_snprintf( buf, buflen, "CHACHAPOLY - Authenticated decryption failed: data was not authentic" );
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
#if defined(MBEDTLS_CMAC_C)
if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );
@@ -793,6 +827,15 @@
mbedtls_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
#endif /* MBEDTLS_PADLOCK_C */
+#if defined(MBEDTLS_POLY1305_C)
+ if( use_ret == -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA) )
+ mbedtls_snprintf( buf, buflen, "POLY1305 - Invalid input parameter(s)" );
+ if( use_ret == -(MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE) )
+ mbedtls_snprintf( buf, buflen, "POLY1305 - Feature not available. For example, s part of the API is not implemented" );
+ if( use_ret == -(MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED) )
+ mbedtls_snprintf( buf, buflen, "POLY1305 - Poly1305 hardware accelerator failed" );
+#endif /* MBEDTLS_POLY1305_C */
+
#if defined(MBEDTLS_RIPEMD160_C)
if( use_ret == -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "RIPEMD160 - RIPEMD160 hardware accelerator failed" );
diff --git a/library/hkdf.c b/library/hkdf.c
index d2e55e8..82d8a42 100644
--- a/library/hkdf.c
+++ b/library/hkdf.c
@@ -62,6 +62,11 @@
{
size_t hash_len;
+ if( salt_len != 0 )
+ {
+ return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
+ }
+
hash_len = mbedtls_md_get_size( md );
if( hash_len == 0 )
@@ -114,6 +119,10 @@
n++;
}
+ /*
+ * Per RFC 5869 Section 2.3, okm_len must not exceed
+ * 255 times the hash length
+ */
if( n > 255 )
{
return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
@@ -126,7 +135,10 @@
goto exit;
}
- /* RFC 5869 Section 2.3. */
+ /*
+ * Compute T = T(1) | T(2) | T(3) | ... | T(N)
+ * Where T(N) is defined in RFC 5869 Section 2.3
+ */
for( i = 1; i <= n; i++ )
{
size_t num_to_copy;
@@ -150,7 +162,7 @@
goto exit;
}
- /* The constant concatenated to the end of each t(n) is a single octet.
+ /* The constant concatenated to the end of each T(n) is a single octet.
* */
ret = mbedtls_md_hmac_update( &ctx, &c, 1 );
if( ret != 0 )
diff --git a/library/md5.c b/library/md5.c
index 8238c2b..2a740cd 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -309,14 +309,6 @@
}
#endif
-static const unsigned char md5_padding[64] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
/*
* MD5 final digest
*/
@@ -324,26 +316,48 @@
unsigned char output[16] )
{
int ret;
- uint32_t last, padn;
+ uint32_t used;
uint32_t high, low;
- unsigned char msglen[8];
+ /*
+ * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
+ */
+ used = ctx->total[0] & 0x3F;
+
+ ctx->buffer[used++] = 0x80;
+
+ if( used <= 56 )
+ {
+ /* Enough room for padding + length in current block */
+ memset( ctx->buffer + used, 0, 56 - used );
+ }
+ else
+ {
+ /* We'll need an extra block */
+ memset( ctx->buffer + used, 0, 64 - used );
+
+ if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
+
+ memset( ctx->buffer, 0, 56 );
+ }
+
+ /*
+ * Add message length
+ */
high = ( ctx->total[0] >> 29 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_LE( low, msglen, 0 );
- PUT_UINT32_LE( high, msglen, 4 );
+ PUT_UINT32_LE( low, ctx->buffer, 56 );
+ PUT_UINT32_LE( high, ctx->buffer, 60 );
- last = ctx->total[0] & 0x3F;
- padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+ if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
- if( ( ret = mbedtls_md5_update_ret( ctx, md5_padding, padn ) ) != 0 )
- return( ret );
-
- if( ( ret = mbedtls_md5_update_ret( ctx, msglen, 8 ) ) != 0 )
- return( ret );
-
+ /*
+ * Output final state
+ */
PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 );
PUT_UINT32_LE( ctx->state[2], output, 8 );
diff --git a/library/net_sockets.c b/library/net_sockets.c
index 202da01..816b130 100644
--- a/library/net_sockets.c
+++ b/library/net_sockets.c
@@ -19,6 +19,11 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
+/* Enable definition of getaddrinfo() even when compiling with -std=c99. Must
+ * be set before config.h, which pulls in glibc's features.h indirectly.
+ * Harmless on other platforms. */
+#define _POSIX_C_SOURCE 200112L
+
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@@ -28,7 +33,8 @@
#if defined(MBEDTLS_NET_C)
#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
- !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__)
+ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
+ !defined(__HAIKU__)
#error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h"
#endif
diff --git a/library/nist_kw.c b/library/nist_kw.c
new file mode 100644
index 0000000..176af9f
--- /dev/null
+++ b/library/nist_kw.c
@@ -0,0 +1,755 @@
+/*
+ * Implementation of NIST SP 800-38F key wrapping, supporting KW and KWP modes
+ * only
+ *
+ * Copyright (C) 2018, Arm Limited (or its affiliates), All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * Definition of Key Wrapping:
+ * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf
+ * RFC 3394 "Advanced Encryption Standard (AES) Key Wrap Algorithm"
+ * RFC 5649 "Advanced Encryption Standard (AES) Key Wrap with Padding Algorithm"
+ *
+ * Note: RFC 3394 defines different methodology for intermediate operations for
+ * the wrapping and unwrapping operation than the definition in NIST SP 800-38F.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_NIST_KW_C)
+
+#include "mbedtls/nist_kw.h"
+#include "mbedtls/platform_util.h"
+
+#include <stdint.h>
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#if !defined(MBEDTLS_NIST_KW_ALT)
+
+#define KW_SEMIBLOCK_LENGTH 8
+#define MIN_SEMIBLOCKS_COUNT 3
+
+/* constant-time buffer comparison */
+static inline unsigned char mbedtls_nist_kw_safer_memcmp( const void *a, const void *b, size_t n )
+{
+ size_t i;
+ volatile const unsigned char *A = (volatile const unsigned char *) a;
+ volatile const unsigned char *B = (volatile const unsigned char *) b;
+ volatile unsigned char diff = 0;
+
+ for( i = 0; i < n; i++ )
+ {
+ /* Read volatile data in order before computing diff.
+ * This avoids IAR compiler warning:
+ * 'the order of volatile accesses is undefined ..' */
+ unsigned char x = A[i], y = B[i];
+ diff |= x ^ y;
+ }
+
+ return( diff );
+}
+
+/*! The 64-bit default integrity check value (ICV) for KW mode. */
+static const unsigned char NIST_KW_ICV1[] = {0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6};
+/*! The 32-bit default integrity check value (ICV) for KWP mode. */
+static const unsigned char NIST_KW_ICV2[] = {0xA6, 0x59, 0x59, 0xA6};
+
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i) \
+do { \
+ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
+ | ( (uint32_t) (b)[(i) + 1] << 16 ) \
+ | ( (uint32_t) (b)[(i) + 2] << 8 ) \
+ | ( (uint32_t) (b)[(i) + 3] ); \
+} while( 0 )
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i) \
+do { \
+ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
+ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
+ (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
+ (b)[(i) + 3] = (unsigned char) ( (n) ); \
+} while( 0 )
+#endif
+
+/*
+ * Initialize context
+ */
+void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx )
+{
+ memset( ctx, 0, sizeof( mbedtls_nist_kw_context ) );
+}
+
+int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
+ mbedtls_cipher_id_t cipher,
+ const unsigned char *key,
+ unsigned int keybits,
+ const int is_wrap )
+{
+ int ret;
+ const mbedtls_cipher_info_t *cipher_info;
+
+ cipher_info = mbedtls_cipher_info_from_values( cipher,
+ keybits,
+ MBEDTLS_MODE_ECB );
+ if( cipher_info == NULL )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ if( cipher_info->block_size != 16 )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /*
+ * SP 800-38F currently defines AES cipher as the only block cipher allowed:
+ * "For KW and KWP, the underlying block cipher shall be approved, and the
+ * block size shall be 128 bits. Currently, the AES block cipher, with key
+ * lengths of 128, 192, or 256 bits, is the only block cipher that fits
+ * this profile."
+ * Currently we don't support other 128 bit block ciphers for key wrapping,
+ * such as Camellia and Aria.
+ */
+ if( cipher != MBEDTLS_CIPHER_ID_AES )
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+ mbedtls_cipher_free( &ctx->cipher_ctx );
+
+ if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
+ return( ret );
+
+ if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
+ is_wrap ? MBEDTLS_ENCRYPT :
+ MBEDTLS_DECRYPT )
+ ) != 0 )
+ {
+ return( ret );
+ }
+
+ return( 0 );
+}
+
+/*
+ * Free context
+ */
+void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx )
+{
+ mbedtls_cipher_free( &ctx->cipher_ctx );
+ mbedtls_platform_zeroize( ctx, sizeof( mbedtls_nist_kw_context ) );
+}
+
+/*
+ * Helper function for Xoring the uint64_t "t" with the encrypted A.
+ * Defined in NIST SP 800-38F section 6.1
+ */
+static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t )
+{
+ size_t i = 0;
+ for( i = 0; i < sizeof( t ); i++ )
+ {
+ A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff;
+ }
+}
+
+/*
+ * KW-AE as defined in SP 800-38F section 6.2
+ * KWP-AE as defined in SP 800-38F section 6.3
+ */
+int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx,
+ mbedtls_nist_kw_mode_t mode,
+ const unsigned char *input, size_t in_len,
+ unsigned char *output, size_t *out_len, size_t out_size )
+{
+ int ret = 0;
+ size_t semiblocks = 0;
+ size_t s;
+ size_t olen, padlen = 0;
+ uint64_t t = 0;
+ unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
+ unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2];
+ unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH;
+ unsigned char *A = output;
+
+ *out_len = 0;
+ /*
+ * Generate the String to work on
+ */
+ if( mode == MBEDTLS_KW_MODE_KW )
+ {
+ if( out_size < in_len + KW_SEMIBLOCK_LENGTH )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ /*
+ * According to SP 800-38F Table 1, the plaintext length for KW
+ * must be between 2 to 2^54-1 semiblocks inclusive.
+ */
+ if( in_len < 16 ||
+#if SIZE_MAX > 0x1FFFFFFFFFFFFF8
+ in_len > 0x1FFFFFFFFFFFFF8 ||
+#endif
+ in_len % KW_SEMIBLOCK_LENGTH != 0 )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ memcpy( output, NIST_KW_ICV1, KW_SEMIBLOCK_LENGTH );
+ memmove( output + KW_SEMIBLOCK_LENGTH, input, in_len );
+ }
+ else
+ {
+ if( in_len % 8 != 0 )
+ {
+ padlen = ( 8 - ( in_len % 8 ) );
+ }
+
+ if( out_size < in_len + KW_SEMIBLOCK_LENGTH + padlen )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ /*
+ * According to SP 800-38F Table 1, the plaintext length for KWP
+ * must be between 1 and 2^32-1 octets inclusive.
+ */
+ if( in_len < 1
+#if SIZE_MAX > 0xFFFFFFFF
+ || in_len > 0xFFFFFFFF
+#endif
+ )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ memcpy( output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2 );
+ PUT_UINT32_BE( ( in_len & 0xffffffff ), output,
+ KW_SEMIBLOCK_LENGTH / 2 );
+
+ memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len );
+ memset( output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen );
+ }
+ semiblocks = ( ( in_len + padlen ) / KW_SEMIBLOCK_LENGTH ) + 1;
+
+ s = 6 * ( semiblocks - 1 );
+
+ if( mode == MBEDTLS_KW_MODE_KWP
+ && in_len <= KW_SEMIBLOCK_LENGTH )
+ {
+ memcpy( inbuff, output, 16 );
+ ret = mbedtls_cipher_update( &ctx->cipher_ctx,
+ inbuff, 16, output, &olen );
+ if( ret != 0 )
+ goto cleanup;
+ }
+ else
+ {
+ /*
+ * Do the wrapping function W, as defined in RFC 3394 section 2.2.1
+ */
+ if( semiblocks < MIN_SEMIBLOCKS_COUNT )
+ {
+ ret = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+ goto cleanup;
+ }
+
+ /* Calculate intermediate values */
+ for( t = 1; t <= s; t++ )
+ {
+ memcpy( inbuff, A, KW_SEMIBLOCK_LENGTH );
+ memcpy( inbuff + KW_SEMIBLOCK_LENGTH, R2, KW_SEMIBLOCK_LENGTH );
+
+ ret = mbedtls_cipher_update( &ctx->cipher_ctx,
+ inbuff, 16, outbuff, &olen );
+ if( ret != 0 )
+ goto cleanup;
+
+ memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH );
+ calc_a_xor_t( A, t );
+
+ memcpy( R2, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH );
+ R2 += KW_SEMIBLOCK_LENGTH;
+ if( R2 >= output + ( semiblocks * KW_SEMIBLOCK_LENGTH ) )
+ R2 = output + KW_SEMIBLOCK_LENGTH;
+ }
+ }
+
+ *out_len = semiblocks * KW_SEMIBLOCK_LENGTH;
+
+cleanup:
+
+ if( ret != 0)
+ {
+ memset( output, 0, semiblocks * KW_SEMIBLOCK_LENGTH );
+ }
+ mbedtls_platform_zeroize( inbuff, KW_SEMIBLOCK_LENGTH * 2 );
+ mbedtls_platform_zeroize( outbuff, KW_SEMIBLOCK_LENGTH * 2 );
+ mbedtls_cipher_finish( &ctx->cipher_ctx, NULL, &olen );
+ return( ret );
+}
+
+/*
+ * W-1 function as defined in RFC 3394 section 2.2.2
+ * This function assumes the following:
+ * 1. Output buffer is at least of size ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH.
+ * 2. The input buffer is of size semiblocks * KW_SEMIBLOCK_LENGTH.
+ * 3. Minimal number of semiblocks is 3.
+ * 4. A is a buffer to hold the first semiblock of the input buffer.
+ */
+static int unwrap( mbedtls_nist_kw_context *ctx,
+ const unsigned char *input, size_t semiblocks,
+ unsigned char A[KW_SEMIBLOCK_LENGTH],
+ unsigned char *output, size_t* out_len )
+{
+ int ret = 0;
+ const size_t s = 6 * ( semiblocks - 1 );
+ size_t olen;
+ uint64_t t = 0;
+ unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
+ unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2];
+ unsigned char *R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH;
+ *out_len = 0;
+
+ if( semiblocks < MIN_SEMIBLOCKS_COUNT )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ memcpy( A, input, KW_SEMIBLOCK_LENGTH );
+ memmove( output, input + KW_SEMIBLOCK_LENGTH, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH );
+
+ /* Calculate intermediate values */
+ for( t = s; t >= 1; t-- )
+ {
+ calc_a_xor_t( A, t );
+
+ memcpy( inbuff, A, KW_SEMIBLOCK_LENGTH );
+ memcpy( inbuff + KW_SEMIBLOCK_LENGTH, R, KW_SEMIBLOCK_LENGTH );
+
+ ret = mbedtls_cipher_update( &ctx->cipher_ctx,
+ inbuff, 16, outbuff, &olen );
+ if( ret != 0 )
+ goto cleanup;
+
+ memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH );
+
+ /* Set R as LSB64 of outbuff */
+ memcpy( R, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH );
+
+ if( R == output )
+ R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH;
+ else
+ R -= KW_SEMIBLOCK_LENGTH;
+ }
+
+ *out_len = ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH;
+
+cleanup:
+ if( ret != 0)
+ memset( output, 0, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH );
+ mbedtls_platform_zeroize( inbuff, sizeof( inbuff ) );
+ mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) );
+
+ return( ret );
+}
+
+/*
+ * KW-AD as defined in SP 800-38F section 6.2
+ * KWP-AD as defined in SP 800-38F section 6.3
+ */
+int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx,
+ mbedtls_nist_kw_mode_t mode,
+ const unsigned char *input, size_t in_len,
+ unsigned char *output, size_t *out_len, size_t out_size )
+{
+ int ret = 0;
+ size_t i, olen;
+ unsigned char A[KW_SEMIBLOCK_LENGTH];
+ unsigned char diff, bad_padding = 0;
+
+ *out_len = 0;
+ if( out_size < in_len - KW_SEMIBLOCK_LENGTH )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ if( mode == MBEDTLS_KW_MODE_KW )
+ {
+ /*
+ * According to SP 800-38F Table 1, the ciphertext length for KW
+ * must be between 3 to 2^54 semiblocks inclusive.
+ */
+ if( in_len < 24 ||
+#if SIZE_MAX > 0x200000000000000
+ in_len > 0x200000000000000 ||
+#endif
+ in_len % KW_SEMIBLOCK_LENGTH != 0 )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ ret = unwrap( ctx, input, in_len / KW_SEMIBLOCK_LENGTH,
+ A, output, out_len );
+ if( ret != 0 )
+ goto cleanup;
+
+ /* Check ICV in "constant-time" */
+ diff = mbedtls_nist_kw_safer_memcmp( NIST_KW_ICV1, A, KW_SEMIBLOCK_LENGTH );
+
+ if( diff != 0 )
+ {
+ ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+ goto cleanup;
+ }
+
+ }
+ else if( mode == MBEDTLS_KW_MODE_KWP )
+ {
+ size_t padlen = 0;
+ uint32_t Plen;
+ /*
+ * According to SP 800-38F Table 1, the ciphertext length for KWP
+ * must be between 2 to 2^29 semiblocks inclusive.
+ */
+ if( in_len < KW_SEMIBLOCK_LENGTH * 2 ||
+#if SIZE_MAX > 0x100000000
+ in_len > 0x100000000 ||
+#endif
+ in_len % KW_SEMIBLOCK_LENGTH != 0 )
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ if( in_len == KW_SEMIBLOCK_LENGTH * 2 )
+ {
+ unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
+ ret = mbedtls_cipher_update( &ctx->cipher_ctx,
+ input, 16, outbuff, &olen );
+ if( ret != 0 )
+ goto cleanup;
+
+ memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH );
+ memcpy( output, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH );
+ mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) );
+ *out_len = KW_SEMIBLOCK_LENGTH;
+ }
+ else
+ {
+ /* in_len >= KW_SEMIBLOCK_LENGTH * 3 */
+ ret = unwrap( ctx, input, in_len / KW_SEMIBLOCK_LENGTH,
+ A, output, out_len );
+ if( ret != 0 )
+ goto cleanup;
+ }
+
+ /* Check ICV in "constant-time" */
+ diff = mbedtls_nist_kw_safer_memcmp( NIST_KW_ICV2, A, KW_SEMIBLOCK_LENGTH / 2 );
+
+ if( diff != 0 )
+ {
+ ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+ }
+
+ GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 );
+
+ /*
+ * Plen is the length of the plaintext, when the input is valid.
+ * If Plen is larger than the plaintext and padding, padlen will be
+ * larger than 8, because of the type wrap around.
+ */
+ padlen = in_len - KW_SEMIBLOCK_LENGTH - Plen;
+ if ( padlen > 7 )
+ {
+ padlen &= 7;
+ ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+ }
+
+ /* Check padding in "constant-time" */
+ for( diff = 0, i = 0; i < KW_SEMIBLOCK_LENGTH; i++ )
+ {
+ if( i >= KW_SEMIBLOCK_LENGTH - padlen )
+ diff |= output[*out_len - KW_SEMIBLOCK_LENGTH + i];
+ else
+ bad_padding |= output[*out_len - KW_SEMIBLOCK_LENGTH + i];
+ }
+
+ if( diff != 0 )
+ {
+ ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+ }
+
+ if( ret != 0 )
+ {
+ goto cleanup;
+ }
+ memset( output + Plen, 0, padlen );
+ *out_len = Plen;
+ }
+ else
+ {
+ ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+ goto cleanup;
+ }
+
+cleanup:
+ if( ret != 0 )
+ {
+ memset( output, 0, *out_len );
+ *out_len = 0;
+ }
+
+ mbedtls_platform_zeroize( &bad_padding, sizeof( bad_padding) );
+ mbedtls_platform_zeroize( &diff, sizeof( diff ) );
+ mbedtls_platform_zeroize( A, sizeof( A ) );
+ mbedtls_cipher_finish( &ctx->cipher_ctx, NULL, &olen );
+ return( ret );
+}
+
+#endif /* !MBEDTLS_NIST_KW_ALT */
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+
+#define KW_TESTS 3
+
+/*
+ * Test vectors taken from NIST
+ * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES#KW
+ */
+static const unsigned int key_len[KW_TESTS] = { 16, 24, 32 };
+
+static const unsigned char kw_key[KW_TESTS][32] = {
+ { 0x75, 0x75, 0xda, 0x3a, 0x93, 0x60, 0x7c, 0xc2,
+ 0xbf, 0xd8, 0xce, 0xc7, 0xaa, 0xdf, 0xd9, 0xa6 },
+ { 0x2d, 0x85, 0x26, 0x08, 0x1d, 0x02, 0xfb, 0x5b,
+ 0x85, 0xf6, 0x9a, 0xc2, 0x86, 0xec, 0xd5, 0x7d,
+ 0x40, 0xdf, 0x5d, 0xf3, 0x49, 0x47, 0x44, 0xd3 },
+ { 0x11, 0x2a, 0xd4, 0x1b, 0x48, 0x56, 0xc7, 0x25,
+ 0x4a, 0x98, 0x48, 0xd3, 0x0f, 0xdd, 0x78, 0x33,
+ 0x5b, 0x03, 0x9a, 0x48, 0xa8, 0x96, 0x2c, 0x4d,
+ 0x1c, 0xb7, 0x8e, 0xab, 0xd5, 0xda, 0xd7, 0x88 }
+};
+
+static const unsigned char kw_msg[KW_TESTS][40] = {
+ { 0x42, 0x13, 0x6d, 0x3c, 0x38, 0x4a, 0x3e, 0xea,
+ 0xc9, 0x5a, 0x06, 0x6f, 0xd2, 0x8f, 0xed, 0x3f },
+ { 0x95, 0xc1, 0x1b, 0xf5, 0x35, 0x3a, 0xfe, 0xdb,
+ 0x98, 0xfd, 0xd6, 0xc8, 0xca, 0x6f, 0xdb, 0x6d,
+ 0xa5, 0x4b, 0x74, 0xb4, 0x99, 0x0f, 0xdc, 0x45,
+ 0xc0, 0x9d, 0x15, 0x8f, 0x51, 0xce, 0x62, 0x9d,
+ 0xe2, 0xaf, 0x26, 0xe3, 0x25, 0x0e, 0x6b, 0x4c },
+ { 0x1b, 0x20, 0xbf, 0x19, 0x90, 0xb0, 0x65, 0xd7,
+ 0x98, 0xe1, 0xb3, 0x22, 0x64, 0xad, 0x50, 0xa8,
+ 0x74, 0x74, 0x92, 0xba, 0x09, 0xa0, 0x4d, 0xd1 }
+};
+
+static const size_t kw_msg_len[KW_TESTS] = { 16, 40, 24 };
+static const size_t kw_out_len[KW_TESTS] = { 24, 48, 32 };
+static const unsigned char kw_res[KW_TESTS][48] = {
+ { 0x03, 0x1f, 0x6b, 0xd7, 0xe6, 0x1e, 0x64, 0x3d,
+ 0xf6, 0x85, 0x94, 0x81, 0x6f, 0x64, 0xca, 0xa3,
+ 0xf5, 0x6f, 0xab, 0xea, 0x25, 0x48, 0xf5, 0xfb },
+ { 0x44, 0x3c, 0x6f, 0x15, 0x09, 0x83, 0x71, 0x91,
+ 0x3e, 0x5c, 0x81, 0x4c, 0xa1, 0xa0, 0x42, 0xec,
+ 0x68, 0x2f, 0x7b, 0x13, 0x6d, 0x24, 0x3a, 0x4d,
+ 0x6c, 0x42, 0x6f, 0xc6, 0x97, 0x15, 0x63, 0xe8,
+ 0xa1, 0x4a, 0x55, 0x8e, 0x09, 0x64, 0x16, 0x19,
+ 0xbf, 0x03, 0xfc, 0xaf, 0x90, 0xb1, 0xfc, 0x2d },
+ { 0xba, 0x8a, 0x25, 0x9a, 0x47, 0x1b, 0x78, 0x7d,
+ 0xd5, 0xd5, 0x40, 0xec, 0x25, 0xd4, 0x3d, 0x87,
+ 0x20, 0x0f, 0xda, 0xdc, 0x6d, 0x1f, 0x05, 0xd9,
+ 0x16, 0x58, 0x4f, 0xa9, 0xf6, 0xcb, 0xf5, 0x12 }
+};
+
+static const unsigned char kwp_key[KW_TESTS][32] = {
+ { 0x78, 0x65, 0xe2, 0x0f, 0x3c, 0x21, 0x65, 0x9a,
+ 0xb4, 0x69, 0x0b, 0x62, 0x9c, 0xdf, 0x3c, 0xc4 },
+ { 0xf5, 0xf8, 0x96, 0xa3, 0xbd, 0x2f, 0x4a, 0x98,
+ 0x23, 0xef, 0x16, 0x2b, 0x00, 0xb8, 0x05, 0xd7,
+ 0xde, 0x1e, 0xa4, 0x66, 0x26, 0x96, 0xa2, 0x58 },
+ { 0x95, 0xda, 0x27, 0x00, 0xca, 0x6f, 0xd9, 0xa5,
+ 0x25, 0x54, 0xee, 0x2a, 0x8d, 0xf1, 0x38, 0x6f,
+ 0x5b, 0x94, 0xa1, 0xa6, 0x0e, 0xd8, 0xa4, 0xae,
+ 0xf6, 0x0a, 0x8d, 0x61, 0xab, 0x5f, 0x22, 0x5a }
+};
+
+static const unsigned char kwp_msg[KW_TESTS][31] = {
+ { 0xbd, 0x68, 0x43, 0xd4, 0x20, 0x37, 0x8d, 0xc8,
+ 0x96 },
+ { 0x6c, 0xcd, 0xd5, 0x85, 0x18, 0x40, 0x97, 0xeb,
+ 0xd5, 0xc3, 0xaf, 0x3e, 0x47, 0xd0, 0x2c, 0x19,
+ 0x14, 0x7b, 0x4d, 0x99, 0x5f, 0x96, 0x43, 0x66,
+ 0x91, 0x56, 0x75, 0x8c, 0x13, 0x16, 0x8f },
+ { 0xd1 }
+};
+static const size_t kwp_msg_len[KW_TESTS] = { 9, 31, 1 };
+
+static const unsigned char kwp_res[KW_TESTS][48] = {
+ { 0x41, 0xec, 0xa9, 0x56, 0xd4, 0xaa, 0x04, 0x7e,
+ 0xb5, 0xcf, 0x4e, 0xfe, 0x65, 0x96, 0x61, 0xe7,
+ 0x4d, 0xb6, 0xf8, 0xc5, 0x64, 0xe2, 0x35, 0x00 },
+ { 0x4e, 0x9b, 0xc2, 0xbc, 0xbc, 0x6c, 0x1e, 0x13,
+ 0xd3, 0x35, 0xbc, 0xc0, 0xf7, 0x73, 0x6a, 0x88,
+ 0xfa, 0x87, 0x53, 0x66, 0x15, 0xbb, 0x8e, 0x63,
+ 0x8b, 0xcc, 0x81, 0x66, 0x84, 0x68, 0x17, 0x90,
+ 0x67, 0xcf, 0xa9, 0x8a, 0x9d, 0x0e, 0x33, 0x26 },
+ { 0x06, 0xba, 0x7a, 0xe6, 0xf3, 0x24, 0x8c, 0xfd,
+ 0xcf, 0x26, 0x75, 0x07, 0xfa, 0x00, 0x1b, 0xc4 }
+};
+static const size_t kwp_out_len[KW_TESTS] = { 24, 40, 16 };
+
+int mbedtls_nist_kw_self_test( int verbose )
+{
+ mbedtls_nist_kw_context ctx;
+ unsigned char out[48];
+ size_t olen;
+ int i;
+ int ret = 0;
+ mbedtls_nist_kw_init( &ctx );
+
+ for( i = 0; i < KW_TESTS; i++ )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " KW-AES-%u ", (unsigned int) key_len[i] * 8 );
+
+ ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
+ kw_key[i], key_len[i] * 8, 1 );
+ if( ret != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " KW: setup failed " );
+
+ goto end;
+ }
+
+ ret = mbedtls_nist_kw_wrap( &ctx, MBEDTLS_KW_MODE_KW, kw_msg[i],
+ kw_msg_len[i], out, &olen, sizeof( out ) );
+ if( ret != 0 || kw_out_len[i] != olen ||
+ memcmp( out, kw_res[i], kw_out_len[i] ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "failed. ");
+
+ ret = 1;
+ goto end;
+ }
+
+ if( ( ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
+ kw_key[i], key_len[i] * 8, 0 ) )
+ != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " KW: setup failed ");
+
+ goto end;
+ }
+
+ ret = mbedtls_nist_kw_unwrap( &ctx, MBEDTLS_KW_MODE_KW,
+ out, olen, out, &olen, sizeof( out ) );
+
+ if( ret != 0 || olen != kw_msg_len[i] ||
+ memcmp( out, kw_msg[i], kw_msg_len[i] ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "failed\n" );
+
+ ret = 1;
+ goto end;
+ }
+
+ if( verbose != 0 )
+ mbedtls_printf( " passed\n" );
+ }
+
+ for( i = 0; i < KW_TESTS; i++ )
+ {
+ olen = sizeof( out );
+ if( verbose != 0 )
+ mbedtls_printf( " KWP-AES-%u ", (unsigned int) key_len[i] * 8 );
+
+ ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i],
+ key_len[i] * 8, 1 );
+ if( ret != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " KWP: setup failed " );
+
+ goto end;
+ }
+ ret = mbedtls_nist_kw_wrap( &ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i],
+ kwp_msg_len[i], out, &olen, sizeof( out ) );
+
+ if( ret != 0 || kwp_out_len[i] != olen ||
+ memcmp( out, kwp_res[i], kwp_out_len[i] ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "failed. ");
+
+ ret = 1;
+ goto end;
+ }
+
+ if( ( ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
+ kwp_key[i], key_len[i] * 8, 0 ) )
+ != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " KWP: setup failed ");
+
+ goto end;
+ }
+
+ ret = mbedtls_nist_kw_unwrap( &ctx, MBEDTLS_KW_MODE_KWP, out,
+ olen, out, &olen, sizeof( out ) );
+
+ if( ret != 0 || olen != kwp_msg_len[i] ||
+ memcmp( out, kwp_msg[i], kwp_msg_len[i] ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "failed. ");
+
+ ret = 1;
+ goto end;
+ }
+
+ if( verbose != 0 )
+ mbedtls_printf( " passed\n" );
+ }
+end:
+ mbedtls_nist_kw_free( &ctx );
+
+ if( verbose != 0 )
+ mbedtls_printf( "\n" );
+
+ return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#endif /* MBEDTLS_NIST_KW_C */
diff --git a/library/pk.c b/library/pk.c
index f05b139..e0e8dba 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -69,6 +69,34 @@
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
}
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Initialize a restart context
+ */
+void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
+{
+ ctx->pk_info = NULL;
+ ctx->rs_ctx = NULL;
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
+{
+ if( ctx == NULL || ctx->pk_info == NULL ||
+ ctx->pk_info->rs_free_func == NULL )
+ {
+ return;
+ }
+
+ ctx->pk_info->rs_free_func( ctx->rs_ctx );
+
+ ctx->pk_info = NULL;
+ ctx->rs_ctx = NULL;
+}
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
/*
* Get pk_info structure from type
*/
@@ -171,6 +199,73 @@
return( 0 );
}
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Helper to set up a restart context if needed
+ */
+static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx,
+ const mbedtls_pk_info_t *info )
+{
+ /* Don't do anything if already set up or invalid */
+ if( ctx == NULL || ctx->pk_info != NULL )
+ return( 0 );
+
+ /* Should never happen when we're called */
+ if( info->rs_alloc_func == NULL || info->rs_free_func == NULL )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL )
+ return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+
+ ctx->pk_info = info;
+
+ return( 0 );
+}
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+/*
+ * Verify a signature (restartable)
+ */
+int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len,
+ mbedtls_pk_restart_ctx *rs_ctx )
+{
+ if( ctx == NULL || ctx->pk_info == NULL ||
+ pk_hashlen_helper( md_alg, &hash_len ) != 0 )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ /* optimization: use non-restartable version if restart disabled */
+ if( rs_ctx != NULL &&
+ mbedtls_ecp_restart_is_enabled() &&
+ ctx->pk_info->verify_rs_func != NULL )
+ {
+ int ret;
+
+ if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
+ return( ret );
+
+ ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx,
+ md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx );
+
+ if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+ mbedtls_pk_restart_free( rs_ctx );
+
+ return( ret );
+ }
+#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+ (void) rs_ctx;
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+ if( ctx->pk_info->verify_func == NULL )
+ return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+ return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
+ sig, sig_len ) );
+}
+
/*
* Verify a signature
*/
@@ -178,15 +273,8 @@
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
{
- if( ctx == NULL || ctx->pk_info == NULL ||
- pk_hashlen_helper( md_alg, &hash_len ) != 0 )
- return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
- if( ctx->pk_info->verify_func == NULL )
- return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
- return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
- sig, sig_len ) );
+ return( mbedtls_pk_verify_restartable( ctx, md_alg, hash, hash_len,
+ sig, sig_len, NULL ) );
}
/*
@@ -248,6 +336,50 @@
}
/*
+ * Make a signature (restartable)
+ */
+int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_pk_restart_ctx *rs_ctx )
+{
+ if( ctx == NULL || ctx->pk_info == NULL ||
+ pk_hashlen_helper( md_alg, &hash_len ) != 0 )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ /* optimization: use non-restartable version if restart disabled */
+ if( rs_ctx != NULL &&
+ mbedtls_ecp_restart_is_enabled() &&
+ ctx->pk_info->sign_rs_func != NULL )
+ {
+ int ret;
+
+ if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
+ return( ret );
+
+ ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg,
+ hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx );
+
+ if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+ mbedtls_pk_restart_free( rs_ctx );
+
+ return( ret );
+ }
+#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+ (void) rs_ctx;
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+ if( ctx->pk_info->sign_func == NULL )
+ return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+ return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
+ sig, sig_len, f_rng, p_rng ) );
+}
+
+/*
* Make a signature
*/
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
@@ -255,15 +387,8 @@
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
- if( ctx == NULL || ctx->pk_info == NULL ||
- pk_hashlen_helper( md_alg, &hash_len ) != 0 )
- return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
- if( ctx->pk_info->sign_func == NULL )
- return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
- return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
- sig, sig_len, f_rng, p_rng ) );
+ return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len,
+ sig, sig_len, f_rng, p_rng, NULL ) );
}
/*
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 2c7d2d7..87806be 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -190,11 +190,19 @@
rsa_can_do,
rsa_verify_wrap,
rsa_sign_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ NULL,
+ NULL,
+#endif
rsa_decrypt_wrap,
rsa_encrypt_wrap,
rsa_check_pair_wrap,
rsa_alloc_wrap,
rsa_free_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ NULL,
+ NULL,
+#endif
rsa_debug,
};
#endif /* MBEDTLS_RSA_C */
@@ -262,6 +270,110 @@
return( ret );
}
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/* Forward declarations */
+static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len,
+ void *rs_ctx );
+
+static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ void *rs_ctx );
+
+/*
+ * Restart context for ECDSA operations with ECKEY context
+ *
+ * We need to store an actual ECDSA context, as we need to pass the same to
+ * the underlying ecdsa function, so we can't create it on the fly every time.
+ */
+typedef struct
+{
+ mbedtls_ecdsa_restart_ctx ecdsa_rs;
+ mbedtls_ecdsa_context ecdsa_ctx;
+} eckey_restart_ctx;
+
+static void *eckey_rs_alloc( void )
+{
+ eckey_restart_ctx *rs_ctx;
+
+ void *ctx = mbedtls_calloc( 1, sizeof( eckey_restart_ctx ) );
+
+ if( ctx != NULL )
+ {
+ rs_ctx = ctx;
+ mbedtls_ecdsa_restart_init( &rs_ctx->ecdsa_rs );
+ mbedtls_ecdsa_init( &rs_ctx->ecdsa_ctx );
+ }
+
+ return( ctx );
+}
+
+static void eckey_rs_free( void *ctx )
+{
+ eckey_restart_ctx *rs_ctx;
+
+ if( ctx == NULL)
+ return;
+
+ rs_ctx = ctx;
+ mbedtls_ecdsa_restart_free( &rs_ctx->ecdsa_rs );
+ mbedtls_ecdsa_free( &rs_ctx->ecdsa_ctx );
+
+ mbedtls_free( ctx );
+}
+
+static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len,
+ void *rs_ctx )
+{
+ int ret;
+ eckey_restart_ctx *rs = rs_ctx;
+
+ /* Should never happen */
+ if( rs == NULL )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ /* set up our own sub-context if needed (that is, on first run) */
+ if( rs->ecdsa_ctx.grp.pbits == 0 )
+ MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) );
+
+ MBEDTLS_MPI_CHK( ecdsa_verify_rs_wrap( &rs->ecdsa_ctx,
+ md_alg, hash, hash_len,
+ sig, sig_len, &rs->ecdsa_rs ) );
+
+cleanup:
+ return( ret );
+}
+
+static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ void *rs_ctx )
+{
+ int ret;
+ eckey_restart_ctx *rs = rs_ctx;
+
+ /* Should never happen */
+ if( rs == NULL )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ /* set up our own sub-context if needed (that is, on first run) */
+ if( rs->ecdsa_ctx.grp.pbits == 0 )
+ MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) );
+
+ MBEDTLS_MPI_CHK( ecdsa_sign_rs_wrap( &rs->ecdsa_ctx, md_alg,
+ hash, hash_len, sig, sig_len,
+ f_rng, p_rng, &rs->ecdsa_rs ) );
+
+cleanup:
+ return( ret );
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_ECDSA_C */
static int eckey_check_pair( const void *pub, const void *prv )
@@ -301,15 +413,23 @@
#if defined(MBEDTLS_ECDSA_C)
eckey_verify_wrap,
eckey_sign_wrap,
-#else
- NULL,
- NULL,
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ eckey_verify_rs_wrap,
+ eckey_sign_rs_wrap,
#endif
+#else /* MBEDTLS_ECDSA_C */
+ NULL,
+ NULL,
+#endif /* MBEDTLS_ECDSA_C */
NULL,
NULL,
eckey_check_pair,
eckey_alloc_wrap,
eckey_free_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ eckey_rs_alloc,
+ eckey_rs_free,
+#endif
eckey_debug,
};
@@ -329,11 +449,19 @@
eckeydh_can_do,
NULL,
NULL,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ NULL,
+ NULL,
+#endif
NULL,
NULL,
eckey_check_pair,
eckey_alloc_wrap, /* Same underlying key structure */
eckey_free_wrap, /* Same underlying key structure */
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ NULL,
+ NULL,
+#endif
eckey_debug, /* Same underlying key structure */
};
#endif /* MBEDTLS_ECP_C */
@@ -369,6 +497,40 @@
md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) );
}
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len,
+ void *rs_ctx )
+{
+ int ret;
+ ((void) md_alg);
+
+ ret = mbedtls_ecdsa_read_signature_restartable(
+ (mbedtls_ecdsa_context *) ctx,
+ hash, hash_len, sig, sig_len,
+ (mbedtls_ecdsa_restart_ctx *) rs_ctx );
+
+ if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
+ return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
+
+ return( ret );
+}
+
+static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ void *rs_ctx )
+{
+ return( mbedtls_ecdsa_write_signature_restartable(
+ (mbedtls_ecdsa_context *) ctx,
+ md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng,
+ (mbedtls_ecdsa_restart_ctx *) rs_ctx ) );
+
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
static void *ecdsa_alloc_wrap( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) );
@@ -385,6 +547,24 @@
mbedtls_free( ctx );
}
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+static void *ecdsa_rs_alloc( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_restart_ctx ) );
+
+ if( ctx != NULL )
+ mbedtls_ecdsa_restart_init( ctx );
+
+ return( ctx );
+}
+
+static void ecdsa_rs_free( void *ctx )
+{
+ mbedtls_ecdsa_restart_free( ctx );
+ mbedtls_free( ctx );
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
const mbedtls_pk_info_t mbedtls_ecdsa_info = {
MBEDTLS_PK_ECDSA,
"ECDSA",
@@ -392,11 +572,19 @@
ecdsa_can_do,
ecdsa_verify_wrap,
ecdsa_sign_wrap,
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ ecdsa_verify_rs_wrap,
+ ecdsa_sign_rs_wrap,
+#endif
NULL,
NULL,
eckey_check_pair, /* Compatible key structures */
ecdsa_alloc_wrap,
ecdsa_free_wrap,
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ ecdsa_rs_alloc,
+ ecdsa_rs_free,
+#endif
eckey_debug, /* Compatible key structures */
};
#endif /* MBEDTLS_ECDSA_C */
@@ -506,6 +694,10 @@
rsa_alt_can_do,
NULL,
rsa_alt_sign_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ NULL,
+ NULL,
+#endif
rsa_alt_decrypt_wrap,
NULL,
#if defined(MBEDTLS_RSA_C)
@@ -515,6 +707,10 @@
#endif
rsa_alt_alloc_wrap,
rsa_alt_free_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ NULL,
+ NULL,
+#endif
NULL,
};
diff --git a/library/pkparse.c b/library/pkparse.c
index ccb7f54..d6ac987 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -1261,7 +1261,6 @@
return( ret );
#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
#else
- ((void) ret);
((void) pwd);
((void) pwdlen);
#endif /* MBEDTLS_PEM_PARSE_C */
diff --git a/library/platform_util.c b/library/platform_util.c
index 1a57de9..ca5fe4f 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -20,6 +20,14 @@
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
+/*
+ * Ensure gmtime_r is available even with -std=c99; must be defined before
+ * config.h, which pulls in glibc's features.h. Harmless on other platforms.
+ */
+#if !defined(_POSIX_C_SOURCE)
+#define _POSIX_C_SOURCE 200112L
+#endif
+
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@@ -27,6 +35,7 @@
#endif
#include "mbedtls/platform_util.h"
+#include "mbedtls/threading.h"
#include <stddef.h>
#include <string.h>
@@ -65,3 +74,62 @@
memset_func( buf, 0, len );
}
#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
+
+#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+#include <time.h>
+#if !defined(_WIN32) && (defined(unix) || \
+ defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \
+ defined(__MACH__)))
+#include <unistd.h>
+#endif /* !_WIN32 && (unix || __unix || __unix__ ||
+ * (__APPLE__ && __MACH__)) */
+
+#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \
+ ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \
+ _POSIX_THREAD_SAFE_FUNCTIONS >= 20112L ) )
+/*
+ * This is a convenience shorthand macro to avoid checking the long
+ * preprocessor conditions above. Ideally, we could expose this macro in
+ * platform_util.h and simply use it in platform_util.c, threading.c and
+ * threading.h. However, this macro is not part of the Mbed TLS public API, so
+ * we keep it private by only defining it in this file
+ */
+#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) )
+#define PLATFORM_UTIL_USE_GMTIME
+#endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */
+
+#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \
+ ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \
+ _POSIX_THREAD_SAFE_FUNCTIONS >= 20112L ) ) */
+
+struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
+ struct tm *tm_buf )
+{
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+ return( ( gmtime_s( tm_buf, tt ) == 0 ) ? tm_buf : NULL );
+#elif !defined(PLATFORM_UTIL_USE_GMTIME)
+ return( gmtime_r( tt, tm_buf ) );
+#else
+ struct tm *lt;
+
+#if defined(MBEDTLS_THREADING_C)
+ if( mbedtls_mutex_lock( &mbedtls_threading_gmtime_mutex ) != 0 )
+ return( NULL );
+#endif /* MBEDTLS_THREADING_C */
+
+ lt = gmtime( tt );
+
+ if( lt != NULL )
+ {
+ memcpy( tm_buf, lt, sizeof( struct tm ) );
+ }
+
+#if defined(MBEDTLS_THREADING_C)
+ if( mbedtls_mutex_unlock( &mbedtls_threading_gmtime_mutex ) != 0 )
+ return( NULL );
+#endif /* MBEDTLS_THREADING_C */
+
+ return( ( lt == NULL ) ? NULL : tm_buf );
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+}
+#endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */
diff --git a/library/poly1305.c b/library/poly1305.c
new file mode 100644
index 0000000..e22d3af
--- /dev/null
+++ b/library/poly1305.c
@@ -0,0 +1,563 @@
+/**
+ * \file poly1305.c
+ *
+ * \brief Poly1305 authentication algorithm.
+ *
+ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_POLY1305_C)
+
+#include "mbedtls/poly1305.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_POLY1305_ALT)
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+ !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#define POLY1305_BLOCK_SIZE_BYTES ( 16U )
+
+#define BYTES_TO_U32_LE( data, offset ) \
+ ( (uint32_t) data[offset] \
+ | (uint32_t) ( (uint32_t) data[( offset ) + 1] << 8 ) \
+ | (uint32_t) ( (uint32_t) data[( offset ) + 2] << 16 ) \
+ | (uint32_t) ( (uint32_t) data[( offset ) + 3] << 24 ) \
+ )
+
+/*
+ * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier.
+ * However we provided an alternative for platforms without such a multiplier.
+ */
+#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
+static uint64_t mul64( uint32_t a, uint32_t b )
+{
+ /* a = al + 2**16 ah, b = bl + 2**16 bh */
+ const uint16_t al = (uint16_t) a;
+ const uint16_t bl = (uint16_t) b;
+ const uint16_t ah = a >> 16;
+ const uint16_t bh = b >> 16;
+
+ /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */
+ const uint32_t lo = (uint32_t) al * bl;
+ const uint64_t me = (uint64_t)( (uint32_t) ah * bl ) + (uint32_t) al * bh;
+ const uint32_t hi = (uint32_t) ah * bh;
+
+ return( lo + ( me << 16 ) + ( (uint64_t) hi << 32 ) );
+}
+#else
+static inline uint64_t mul64( uint32_t a, uint32_t b )
+{
+ return( (uint64_t) a * b );
+}
+#endif
+
+
+/**
+ * \brief Process blocks with Poly1305.
+ *
+ * \param ctx The Poly1305 context.
+ * \param nblocks Number of blocks to process. Note that this
+ * function only processes full blocks.
+ * \param input Buffer containing the input block(s).
+ * \param needs_padding Set to 0 if the padding bit has already been
+ * applied to the input data before calling this
+ * function. Otherwise, set this parameter to 1.
+ */
+static void poly1305_process( mbedtls_poly1305_context *ctx,
+ size_t nblocks,
+ const unsigned char *input,
+ uint32_t needs_padding )
+{
+ uint64_t d0, d1, d2, d3;
+ uint32_t acc0, acc1, acc2, acc3, acc4;
+ uint32_t r0, r1, r2, r3;
+ uint32_t rs1, rs2, rs3;
+ size_t offset = 0U;
+ size_t i;
+
+ r0 = ctx->r[0];
+ r1 = ctx->r[1];
+ r2 = ctx->r[2];
+ r3 = ctx->r[3];
+
+ rs1 = r1 + ( r1 >> 2U );
+ rs2 = r2 + ( r2 >> 2U );
+ rs3 = r3 + ( r3 >> 2U );
+
+ acc0 = ctx->acc[0];
+ acc1 = ctx->acc[1];
+ acc2 = ctx->acc[2];
+ acc3 = ctx->acc[3];
+ acc4 = ctx->acc[4];
+
+ /* Process full blocks */
+ for( i = 0U; i < nblocks; i++ )
+ {
+ /* The input block is treated as a 128-bit little-endian integer */
+ d0 = BYTES_TO_U32_LE( input, offset + 0 );
+ d1 = BYTES_TO_U32_LE( input, offset + 4 );
+ d2 = BYTES_TO_U32_LE( input, offset + 8 );
+ d3 = BYTES_TO_U32_LE( input, offset + 12 );
+
+ /* Compute: acc += (padded) block as a 130-bit integer */
+ d0 += (uint64_t) acc0;
+ d1 += (uint64_t) acc1 + ( d0 >> 32U );
+ d2 += (uint64_t) acc2 + ( d1 >> 32U );
+ d3 += (uint64_t) acc3 + ( d2 >> 32U );
+ acc0 = (uint32_t) d0;
+ acc1 = (uint32_t) d1;
+ acc2 = (uint32_t) d2;
+ acc3 = (uint32_t) d3;
+ acc4 += (uint32_t) ( d3 >> 32U ) + needs_padding;
+
+ /* Compute: acc *= r */
+ d0 = mul64( acc0, r0 ) +
+ mul64( acc1, rs3 ) +
+ mul64( acc2, rs2 ) +
+ mul64( acc3, rs1 );
+ d1 = mul64( acc0, r1 ) +
+ mul64( acc1, r0 ) +
+ mul64( acc2, rs3 ) +
+ mul64( acc3, rs2 ) +
+ mul64( acc4, rs1 );
+ d2 = mul64( acc0, r2 ) +
+ mul64( acc1, r1 ) +
+ mul64( acc2, r0 ) +
+ mul64( acc3, rs3 ) +
+ mul64( acc4, rs2 );
+ d3 = mul64( acc0, r3 ) +
+ mul64( acc1, r2 ) +
+ mul64( acc2, r1 ) +
+ mul64( acc3, r0 ) +
+ mul64( acc4, rs3 );
+ acc4 *= r0;
+
+ /* Compute: acc %= (2^130 - 5) (partial remainder) */
+ d1 += ( d0 >> 32 );
+ d2 += ( d1 >> 32 );
+ d3 += ( d2 >> 32 );
+ acc0 = (uint32_t) d0;
+ acc1 = (uint32_t) d1;
+ acc2 = (uint32_t) d2;
+ acc3 = (uint32_t) d3;
+ acc4 = (uint32_t) ( d3 >> 32 ) + acc4;
+
+ d0 = (uint64_t) acc0 + ( acc4 >> 2 ) + ( acc4 & 0xFFFFFFFCU );
+ acc4 &= 3U;
+ acc0 = (uint32_t) d0;
+ d0 = (uint64_t) acc1 + ( d0 >> 32U );
+ acc1 = (uint32_t) d0;
+ d0 = (uint64_t) acc2 + ( d0 >> 32U );
+ acc2 = (uint32_t) d0;
+ d0 = (uint64_t) acc3 + ( d0 >> 32U );
+ acc3 = (uint32_t) d0;
+ d0 = (uint64_t) acc4 + ( d0 >> 32U );
+ acc4 = (uint32_t) d0;
+
+ offset += POLY1305_BLOCK_SIZE_BYTES;
+ }
+
+ ctx->acc[0] = acc0;
+ ctx->acc[1] = acc1;
+ ctx->acc[2] = acc2;
+ ctx->acc[3] = acc3;
+ ctx->acc[4] = acc4;
+}
+
+/**
+ * \brief Compute the Poly1305 MAC
+ *
+ * \param ctx The Poly1305 context.
+ * \param mac The buffer to where the MAC is written. Must be
+ * big enough to contain the 16-byte MAC.
+ */
+static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx,
+ unsigned char mac[16] )
+{
+ uint64_t d;
+ uint32_t g0, g1, g2, g3, g4;
+ uint32_t acc0, acc1, acc2, acc3, acc4;
+ uint32_t mask;
+ uint32_t mask_inv;
+
+ acc0 = ctx->acc[0];
+ acc1 = ctx->acc[1];
+ acc2 = ctx->acc[2];
+ acc3 = ctx->acc[3];
+ acc4 = ctx->acc[4];
+
+ /* Before adding 's' we ensure that the accumulator is mod 2^130 - 5.
+ * We do this by calculating acc - (2^130 - 5), then checking if
+ * the 131st bit is set. If it is, then reduce: acc -= (2^130 - 5)
+ */
+
+ /* Calculate acc + -(2^130 - 5) */
+ d = ( (uint64_t) acc0 + 5U );
+ g0 = (uint32_t) d;
+ d = ( (uint64_t) acc1 + ( d >> 32 ) );
+ g1 = (uint32_t) d;
+ d = ( (uint64_t) acc2 + ( d >> 32 ) );
+ g2 = (uint32_t) d;
+ d = ( (uint64_t) acc3 + ( d >> 32 ) );
+ g3 = (uint32_t) d;
+ g4 = acc4 + (uint32_t) ( d >> 32U );
+
+ /* mask == 0xFFFFFFFF if 131st bit is set, otherwise mask == 0 */
+ mask = (uint32_t) 0U - ( g4 >> 2U );
+ mask_inv = ~mask;
+
+ /* If 131st bit is set then acc=g, otherwise, acc is unmodified */
+ acc0 = ( acc0 & mask_inv ) | ( g0 & mask );
+ acc1 = ( acc1 & mask_inv ) | ( g1 & mask );
+ acc2 = ( acc2 & mask_inv ) | ( g2 & mask );
+ acc3 = ( acc3 & mask_inv ) | ( g3 & mask );
+
+ /* Add 's' */
+ d = (uint64_t) acc0 + ctx->s[0];
+ acc0 = (uint32_t) d;
+ d = (uint64_t) acc1 + ctx->s[1] + ( d >> 32U );
+ acc1 = (uint32_t) d;
+ d = (uint64_t) acc2 + ctx->s[2] + ( d >> 32U );
+ acc2 = (uint32_t) d;
+ acc3 += ctx->s[3] + (uint32_t) ( d >> 32U );
+
+ /* Compute MAC (128 least significant bits of the accumulator) */
+ mac[ 0] = (unsigned char)( acc0 );
+ mac[ 1] = (unsigned char)( acc0 >> 8 );
+ mac[ 2] = (unsigned char)( acc0 >> 16 );
+ mac[ 3] = (unsigned char)( acc0 >> 24 );
+ mac[ 4] = (unsigned char)( acc1 );
+ mac[ 5] = (unsigned char)( acc1 >> 8 );
+ mac[ 6] = (unsigned char)( acc1 >> 16 );
+ mac[ 7] = (unsigned char)( acc1 >> 24 );
+ mac[ 8] = (unsigned char)( acc2 );
+ mac[ 9] = (unsigned char)( acc2 >> 8 );
+ mac[10] = (unsigned char)( acc2 >> 16 );
+ mac[11] = (unsigned char)( acc2 >> 24 );
+ mac[12] = (unsigned char)( acc3 );
+ mac[13] = (unsigned char)( acc3 >> 8 );
+ mac[14] = (unsigned char)( acc3 >> 16 );
+ mac[15] = (unsigned char)( acc3 >> 24 );
+}
+
+void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx )
+{
+ if( ctx != NULL )
+ {
+ mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) );
+ }
+}
+
+void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx )
+{
+ if( ctx != NULL )
+ {
+ mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) );
+ }
+}
+
+int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
+ const unsigned char key[32] )
+{
+ if( ctx == NULL || key == NULL )
+ {
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+
+ /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */
+ ctx->r[0] = BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU;
+ ctx->r[1] = BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU;
+ ctx->r[2] = BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU;
+ ctx->r[3] = BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU;
+
+ ctx->s[0] = BYTES_TO_U32_LE( key, 16 );
+ ctx->s[1] = BYTES_TO_U32_LE( key, 20 );
+ ctx->s[2] = BYTES_TO_U32_LE( key, 24 );
+ ctx->s[3] = BYTES_TO_U32_LE( key, 28 );
+
+ /* Initial accumulator state */
+ ctx->acc[0] = 0U;
+ ctx->acc[1] = 0U;
+ ctx->acc[2] = 0U;
+ ctx->acc[3] = 0U;
+ ctx->acc[4] = 0U;
+
+ /* Queue initially empty */
+ mbedtls_platform_zeroize( ctx->queue, sizeof( ctx->queue ) );
+ ctx->queue_len = 0U;
+
+ return( 0 );
+}
+
+int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
+ const unsigned char *input,
+ size_t ilen )
+{
+ size_t offset = 0U;
+ size_t remaining = ilen;
+ size_t queue_free_len;
+ size_t nblocks;
+
+ if( ctx == NULL )
+ {
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+ else if( ( ilen > 0U ) && ( input == NULL ) )
+ {
+ /* input pointer is allowed to be NULL only if ilen == 0 */
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+
+ if( ( remaining > 0U ) && ( ctx->queue_len > 0U ) )
+ {
+ queue_free_len = ( POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len );
+
+ if( ilen < queue_free_len )
+ {
+ /* Not enough data to complete the block.
+ * Store this data with the other leftovers.
+ */
+ memcpy( &ctx->queue[ctx->queue_len],
+ input,
+ ilen );
+
+ ctx->queue_len += ilen;
+
+ remaining = 0U;
+ }
+ else
+ {
+ /* Enough data to produce a complete block */
+ memcpy( &ctx->queue[ctx->queue_len],
+ input,
+ queue_free_len );
+
+ ctx->queue_len = 0U;
+
+ poly1305_process( ctx, 1U, ctx->queue, 1U ); /* add padding bit */
+
+ offset += queue_free_len;
+ remaining -= queue_free_len;
+ }
+ }
+
+ if( remaining >= POLY1305_BLOCK_SIZE_BYTES )
+ {
+ nblocks = remaining / POLY1305_BLOCK_SIZE_BYTES;
+
+ poly1305_process( ctx, nblocks, &input[offset], 1U );
+
+ offset += nblocks * POLY1305_BLOCK_SIZE_BYTES;
+ remaining %= POLY1305_BLOCK_SIZE_BYTES;
+ }
+
+ if( remaining > 0U )
+ {
+ /* Store partial block */
+ ctx->queue_len = remaining;
+ memcpy( ctx->queue, &input[offset], remaining );
+ }
+
+ return( 0 );
+}
+
+int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
+ unsigned char mac[16] )
+{
+ if( ( ctx == NULL ) || ( mac == NULL ) )
+ {
+ return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ }
+
+ /* Process any leftover data */
+ if( ctx->queue_len > 0U )
+ {
+ /* Add padding bit */
+ ctx->queue[ctx->queue_len] = 1U;
+ ctx->queue_len++;
+
+ /* Pad with zeroes */
+ memset( &ctx->queue[ctx->queue_len],
+ 0,
+ POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len );
+
+ poly1305_process( ctx, 1U, /* Process 1 block */
+ ctx->queue, 0U ); /* Already padded above */
+ }
+
+ poly1305_compute_mac( ctx, mac );
+
+ return( 0 );
+}
+
+int mbedtls_poly1305_mac( const unsigned char key[32],
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char mac[16] )
+{
+ mbedtls_poly1305_context ctx;
+ int ret;
+
+ mbedtls_poly1305_init( &ctx );
+
+ ret = mbedtls_poly1305_starts( &ctx, key );
+ if( ret != 0 )
+ goto cleanup;
+
+ ret = mbedtls_poly1305_update( &ctx, input, ilen );
+ if( ret != 0 )
+ goto cleanup;
+
+ ret = mbedtls_poly1305_finish( &ctx, mac );
+
+cleanup:
+ mbedtls_poly1305_free( &ctx );
+ return( ret );
+}
+
+#endif /* MBEDTLS_POLY1305_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char test_keys[2][32] =
+{
+ {
+ 0x85, 0xd6, 0xbe, 0x78, 0x57, 0x55, 0x6d, 0x33,
+ 0x7f, 0x44, 0x52, 0xfe, 0x42, 0xd5, 0x06, 0xa8,
+ 0x01, 0x03, 0x80, 0x8a, 0xfb, 0x0d, 0xb2, 0xfd,
+ 0x4a, 0xbf, 0xf6, 0xaf, 0x41, 0x49, 0xf5, 0x1b
+ },
+ {
+ 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a,
+ 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0,
+ 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09,
+ 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0
+ }
+};
+
+static const unsigned char test_data[2][127] =
+{
+ {
+ 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x67, 0x72,
+ 0x61, 0x70, 0x68, 0x69, 0x63, 0x20, 0x46, 0x6f,
+ 0x72, 0x75, 0x6d, 0x20, 0x52, 0x65, 0x73, 0x65,
+ 0x61, 0x72, 0x63, 0x68, 0x20, 0x47, 0x72, 0x6f,
+ 0x75, 0x70
+ },
+ {
+ 0x27, 0x54, 0x77, 0x61, 0x73, 0x20, 0x62, 0x72,
+ 0x69, 0x6c, 0x6c, 0x69, 0x67, 0x2c, 0x20, 0x61,
+ 0x6e, 0x64, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73,
+ 0x6c, 0x69, 0x74, 0x68, 0x79, 0x20, 0x74, 0x6f,
+ 0x76, 0x65, 0x73, 0x0a, 0x44, 0x69, 0x64, 0x20,
+ 0x67, 0x79, 0x72, 0x65, 0x20, 0x61, 0x6e, 0x64,
+ 0x20, 0x67, 0x69, 0x6d, 0x62, 0x6c, 0x65, 0x20,
+ 0x69, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x77,
+ 0x61, 0x62, 0x65, 0x3a, 0x0a, 0x41, 0x6c, 0x6c,
+ 0x20, 0x6d, 0x69, 0x6d, 0x73, 0x79, 0x20, 0x77,
+ 0x65, 0x72, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20,
+ 0x62, 0x6f, 0x72, 0x6f, 0x67, 0x6f, 0x76, 0x65,
+ 0x73, 0x2c, 0x0a, 0x41, 0x6e, 0x64, 0x20, 0x74,
+ 0x68, 0x65, 0x20, 0x6d, 0x6f, 0x6d, 0x65, 0x20,
+ 0x72, 0x61, 0x74, 0x68, 0x73, 0x20, 0x6f, 0x75,
+ 0x74, 0x67, 0x72, 0x61, 0x62, 0x65, 0x2e
+ }
+};
+
+static const size_t test_data_len[2] =
+{
+ 34U,
+ 127U
+};
+
+static const unsigned char test_mac[2][16] =
+{
+ {
+ 0xa8, 0x06, 0x1d, 0xc1, 0x30, 0x51, 0x36, 0xc6,
+ 0xc2, 0x2b, 0x8b, 0xaf, 0x0c, 0x01, 0x27, 0xa9
+ },
+ {
+ 0x45, 0x41, 0x66, 0x9a, 0x7e, 0xaa, 0xee, 0x61,
+ 0xe7, 0x08, 0xdc, 0x7c, 0xbc, 0xc5, 0xeb, 0x62
+ }
+};
+
+#define ASSERT( cond, args ) \
+ do \
+ { \
+ if( ! ( cond ) ) \
+ { \
+ if( verbose != 0 ) \
+ mbedtls_printf args; \
+ \
+ return( -1 ); \
+ } \
+ } \
+ while( 0 )
+
+int mbedtls_poly1305_self_test( int verbose )
+{
+ unsigned char mac[16];
+ unsigned i;
+ int ret;
+
+ for( i = 0U; i < 2U; i++ )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " Poly1305 test %u ", i );
+
+ ret = mbedtls_poly1305_mac( test_keys[i],
+ test_data[i],
+ test_data_len[i],
+ mac );
+ ASSERT( 0 == ret, ( "error code: %i\n", ret ) );
+
+ ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), ( "failed (mac)\n" ) );
+
+ if( verbose != 0 )
+ mbedtls_printf( "passed\n" );
+ }
+
+ if( verbose != 0 )
+ mbedtls_printf( "\n" );
+
+ return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_POLY1305_C */
diff --git a/library/sha1.c b/library/sha1.c
index 1587de4..bab6087 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -342,14 +342,6 @@
}
#endif
-static const unsigned char sha1_padding[64] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
/*
* SHA-1 final digest
*/
@@ -357,25 +349,48 @@
unsigned char output[20] )
{
int ret;
- uint32_t last, padn;
+ uint32_t used;
uint32_t high, low;
- unsigned char msglen[8];
+ /*
+ * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
+ */
+ used = ctx->total[0] & 0x3F;
+
+ ctx->buffer[used++] = 0x80;
+
+ if( used <= 56 )
+ {
+ /* Enough room for padding + length in current block */
+ memset( ctx->buffer + used, 0, 56 - used );
+ }
+ else
+ {
+ /* We'll need an extra block */
+ memset( ctx->buffer + used, 0, 64 - used );
+
+ if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
+
+ memset( ctx->buffer, 0, 56 );
+ }
+
+ /*
+ * Add message length
+ */
high = ( ctx->total[0] >> 29 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_BE( high, msglen, 0 );
- PUT_UINT32_BE( low, msglen, 4 );
+ PUT_UINT32_BE( high, ctx->buffer, 56 );
+ PUT_UINT32_BE( low, ctx->buffer, 60 );
- last = ctx->total[0] & 0x3F;
- padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
-
- if( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 )
- return( ret );
- if( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 )
+ if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
+ /*
+ * Output final state
+ */
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
PUT_UINT32_BE( ctx->state[2], output, 8 );
diff --git a/library/sha256.c b/library/sha256.c
index 695485d..dbb4a89 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -311,14 +311,6 @@
}
#endif
-static const unsigned char sha256_padding[64] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
/*
* SHA-256 final digest
*/
@@ -326,26 +318,48 @@
unsigned char output[32] )
{
int ret;
- uint32_t last, padn;
+ uint32_t used;
uint32_t high, low;
- unsigned char msglen[8];
+ /*
+ * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
+ */
+ used = ctx->total[0] & 0x3F;
+
+ ctx->buffer[used++] = 0x80;
+
+ if( used <= 56 )
+ {
+ /* Enough room for padding + length in current block */
+ memset( ctx->buffer + used, 0, 56 - used );
+ }
+ else
+ {
+ /* We'll need an extra block */
+ memset( ctx->buffer + used, 0, 64 - used );
+
+ if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
+
+ memset( ctx->buffer, 0, 56 );
+ }
+
+ /*
+ * Add message length
+ */
high = ( ctx->total[0] >> 29 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_BE( high, msglen, 0 );
- PUT_UINT32_BE( low, msglen, 4 );
+ PUT_UINT32_BE( high, ctx->buffer, 56 );
+ PUT_UINT32_BE( low, ctx->buffer, 60 );
- last = ctx->total[0] & 0x3F;
- padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
-
- if( ( ret = mbedtls_sha256_update_ret( ctx, sha256_padding, padn ) ) != 0 )
+ if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
- if( ( ret = mbedtls_sha256_update_ret( ctx, msglen, 8 ) ) != 0 )
- return( ret );
-
+ /*
+ * Output final state
+ */
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
PUT_UINT32_BE( ctx->state[2], output, 8 );
diff --git a/library/sha512.c b/library/sha512.c
index 6de94e9..a9440e8 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -341,18 +341,6 @@
}
#endif
-static const unsigned char sha512_padding[128] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
/*
* SHA-512 final digest
*/
@@ -360,26 +348,48 @@
unsigned char output[64] )
{
int ret;
- size_t last, padn;
+ unsigned used;
uint64_t high, low;
- unsigned char msglen[16];
+ /*
+ * Add padding: 0x80 then 0x00 until 16 bytes remain for the length
+ */
+ used = ctx->total[0] & 0x7F;
+
+ ctx->buffer[used++] = 0x80;
+
+ if( used <= 112 )
+ {
+ /* Enough room for padding + length in current block */
+ memset( ctx->buffer + used, 0, 112 - used );
+ }
+ else
+ {
+ /* We'll need an extra block */
+ memset( ctx->buffer + used, 0, 128 - used );
+
+ if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
+
+ memset( ctx->buffer, 0, 112 );
+ }
+
+ /*
+ * Add message length
+ */
high = ( ctx->total[0] >> 61 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT64_BE( high, msglen, 0 );
- PUT_UINT64_BE( low, msglen, 8 );
+ PUT_UINT64_BE( high, ctx->buffer, 112 );
+ PUT_UINT64_BE( low, ctx->buffer, 120 );
- last = (size_t)( ctx->total[0] & 0x7F );
- padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
+ if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
- if( ( ret = mbedtls_sha512_update_ret( ctx, sha512_padding, padn ) ) != 0 )
- return( ret );
-
- if( ( ret = mbedtls_sha512_update_ret( ctx, msglen, 16 ) ) != 0 )
- return( ret );
-
+ /*
+ * Output final state
+ */
PUT_UINT64_BE( ctx->state[0], output, 0 );
PUT_UINT64_BE( ctx->state[1], output, 8 );
PUT_UINT64_BE( ctx->state[2], output, 16 );
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 2e9a0fd..745474e 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -47,7 +47,7 @@
* 1. By key exchange:
* Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
* 2. By key length and cipher:
- * AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 > 3DES
+ * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 > 3DES
* 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
* 4. By hash function used when relevant
* 5. By key exchange/auth again: EC > non-EC
@@ -57,6 +57,11 @@
#if defined(MBEDTLS_SSL_CIPHERSUITES)
MBEDTLS_SSL_CIPHERSUITES,
#else
+ /* Chacha-Poly ephemeral suites */
+ MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+ MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+
/* All AES-256 ephemeral suites */
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
@@ -127,6 +132,8 @@
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
/* The PSK ephemeral suites */
+ MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
+ MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
@@ -227,6 +234,7 @@
MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
/* The RSA PSK suites */
+ MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
@@ -246,6 +254,7 @@
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
/* The PSK suites */
+ MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
@@ -312,6 +321,75 @@
static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
{
+#if defined(MBEDTLS_CHACHAPOLY_C) && \
+ defined(MBEDTLS_SHA256_C) && \
+ defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
+ { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+ "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
+ MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
+ MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+ { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+ "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
+ MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
+ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+ { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+ "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
+ MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
+ MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+ { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
+ "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
+ MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
+ MBEDTLS_KEY_EXCHANGE_PSK,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+ { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
+ "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
+ MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
+ MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+ { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
+ "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
+ MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
+ MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+ { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
+ "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
+ MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
+ MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif
+#endif /* MBEDTLS_CHACHAPOLY_C &&
+ MBEDTLS_SHA256_C &&
+ MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
#if defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_SHA1_C)
@@ -2242,7 +2320,8 @@
#endif /* MBEDTLS_PK_C */
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
{
switch( info->key_exchange )
@@ -2252,13 +2331,14 @@
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+ case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
return( 1 );
default:
return( 0 );
}
}
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index e537f9d..5720a4b 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -57,7 +57,7 @@
size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
size_t hostname_len;
*olen = 0;
@@ -127,7 +127,7 @@
size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
*olen = 0;
@@ -171,7 +171,7 @@
size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
size_t sig_alg_len = 0;
const int *md;
#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)
@@ -256,7 +256,7 @@
size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
unsigned char *elliptic_curve_list = p + 6;
size_t elliptic_curve_len = 0;
const mbedtls_ecp_curve_info *info;
@@ -329,7 +329,7 @@
size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
*olen = 0;
@@ -362,7 +362,7 @@
{
int ret;
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
size_t kkpp_len;
*olen = 0;
@@ -439,7 +439,7 @@
size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
*olen = 0;
@@ -472,7 +472,7 @@
unsigned char *buf, size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
*olen = 0;
@@ -504,7 +504,7 @@
unsigned char *buf, size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
*olen = 0;
@@ -538,7 +538,7 @@
unsigned char *buf, size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
*olen = 0;
@@ -572,7 +572,7 @@
unsigned char *buf, size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
size_t tlen = ssl->session_negotiate->ticket_len;
*olen = 0;
@@ -616,7 +616,7 @@
unsigned char *buf, size_t *olen )
{
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
size_t alpnlen = 0;
const char **cur;
@@ -766,6 +766,10 @@
unsigned char offer_compress;
const int *ciphersuites;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+ int uses_ec = 0;
+#endif
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) );
@@ -917,6 +921,11 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x",
ciphersuites[i] ) );
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+ uses_ec |= mbedtls_ssl_ciphersuite_uses_ec( ciphersuite_info );
+#endif
+
n++;
*p++ = (unsigned char)( ciphersuites[i] >> 8 );
*p++ = (unsigned char)( ciphersuites[i] );
@@ -1010,11 +1019,14 @@
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
- ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen );
- ext_len += olen;
+ if( uses_ec )
+ {
+ ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen );
+ ext_len += olen;
- ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen );
- ext_len += olen;
+ ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen );
+ ext_len += olen;
+ }
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
@@ -1076,12 +1088,21 @@
mbedtls_ssl_send_flight_completed( ssl );
#endif
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+ ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret );
+ return( ret );
+ }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) );
return( 0 );
@@ -1247,14 +1268,14 @@
size_t list_size;
const unsigned char *p;
- list_size = buf[0];
- if( list_size + 1 != len )
+ if( len == 0 || (size_t)( buf[0] + 1 ) != len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
+ list_size = buf[0];
p = buf + 1;
while( list_size > 0 )
@@ -1479,7 +1500,7 @@
buf = ssl->in_msg;
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
/* No alert on a read error. */
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
@@ -1742,6 +1763,14 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", suite_info->name ) );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA &&
+ ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+ {
+ ssl->handshake->ecrs_enabled = 1;
+ }
+#endif
+
if( comp != MBEDTLS_SSL_COMPRESS_NULL
#if defined(MBEDTLS_ZLIB_SUPPORT)
&& comp != MBEDTLS_SSL_COMPRESS_DEFLATE
@@ -2047,6 +2076,10 @@
(const unsigned char **) p, end ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+#endif
return( ret );
}
@@ -2117,7 +2150,7 @@
size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2;
unsigned char *p = ssl->handshake->premaster + pms_offset;
- if( offset + len_bytes > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ if( offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small for encrypted pms" ) );
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
@@ -2160,7 +2193,7 @@
if( ( ret = mbedtls_pk_encrypt( &ssl->session_negotiate->peer_cert->pk,
p, ssl->handshake->pmslen,
ssl->out_msg + offset + len_bytes, olen,
- MBEDTLS_SSL_MAX_CONTENT_LEN - offset - len_bytes,
+ MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes,
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret );
@@ -2328,7 +2361,15 @@
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled &&
+ ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing )
+ {
+ goto start_processing;
+ }
+#endif
+
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
@@ -2365,6 +2406,12 @@
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
}
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled )
+ ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing;
+
+start_processing:
+#endif
p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
end = ssl->in_msg + ssl->in_hslen;
MBEDTLS_SSL_DEBUG_BUF( 3, "server key exchange", p, end - p );
@@ -2457,6 +2504,7 @@
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
size_t params_len = p - params;
+ void *rs_ctx = NULL;
/*
* Handle the digitally-signed structure
@@ -2579,12 +2627,25 @@
return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
}
- if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk,
- md_alg, hash, hashlen, p, sig_len ) ) != 0 )
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled )
+ rs_ctx = &ssl->handshake->ecrs_ctx.pk;
+#endif
+
+ if( ( ret = mbedtls_pk_verify_restartable(
+ &ssl->session_negotiate->peer_cert->pk,
+ md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 )
{
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+#endif
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+#endif
return( ret );
}
}
@@ -2635,7 +2696,7 @@
return( 0 );
}
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
@@ -2787,7 +2848,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) );
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
@@ -2882,6 +2943,16 @@
*/
i = 4;
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled )
+ {
+ if( ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret )
+ goto ecdh_calc_secret;
+
+ mbedtls_ecdh_enable_restart( &ssl->handshake->ecdh_ctx );
+ }
+#endif
+
ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
&n,
&ssl->out_msg[i], 1000,
@@ -2889,11 +2960,26 @@
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+#endif
return( ret );
}
MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled )
+ {
+ ssl->handshake->ecrs_n = n;
+ ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret;
+ }
+
+ecdh_calc_secret:
+ if( ssl->handshake->ecrs_enabled )
+ n = ssl->handshake->ecrs_n;
+#endif
if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
&ssl->handshake->pmslen,
ssl->handshake->premaster,
@@ -2901,6 +2987,10 @@
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+#endif
return( ret );
}
@@ -2926,7 +3016,7 @@
i = 4;
n = ssl->conf->psk_identity_len;
- if( i + 2 + n > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ if( i + 2 + n > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity too long or "
"SSL buffer too short" ) );
@@ -2962,7 +3052,7 @@
*/
n = ssl->handshake->dhm_ctx.len;
- if( i + 2 + n > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ if( i + 2 + n > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity or DHM size too long"
" or SSL buffer too short" ) );
@@ -2991,7 +3081,7 @@
* ClientECDiffieHellmanPublic public;
*/
ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n,
- &ssl->out_msg[i], MBEDTLS_SSL_MAX_CONTENT_LEN - i,
+ &ssl->out_msg[i], MBEDTLS_SSL_OUT_CONTENT_LEN - i,
ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
@@ -3032,7 +3122,7 @@
i = 4;
ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx,
- ssl->out_msg + i, MBEDTLS_SSL_MAX_CONTENT_LEN - i, &n,
+ ssl->out_msg + i, MBEDTLS_SSL_OUT_CONTENT_LEN - i, &n,
ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
@@ -3063,9 +3153,9 @@
ssl->state++;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
@@ -3119,9 +3209,18 @@
unsigned char *hash_start = hash;
mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
unsigned int hashlen;
+ void *rs_ctx = NULL;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled &&
+ ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign )
+ {
+ goto sign;
+ }
+#endif
+
if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
@@ -3153,8 +3252,15 @@
}
/*
- * Make an RSA signature of the handshake digests
+ * Make a signature of the handshake digests
*/
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled )
+ ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign;
+
+sign:
+#endif
+
ssl->handshake->calc_verify( ssl, hash );
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
@@ -3231,11 +3337,21 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash_start, hashlen,
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled )
+ rs_ctx = &ssl->handshake->ecrs_ctx.pk;
+#endif
+
+ if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ),
+ md_alg, hash_start, hashlen,
ssl->out_msg + 6 + offset, &n,
- ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+ ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret );
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+#endif
return( ret );
}
@@ -3248,9 +3364,9 @@
ssl->state++;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
@@ -3276,7 +3392,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) );
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
@@ -3311,8 +3427,8 @@
msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
- lifetime = ( msg[0] << 24 ) | ( msg[1] << 16 ) |
- ( msg[2] << 8 ) | ( msg[3] );
+ lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) |
+ ( msg[2] << 8 ) | ( msg[3] );
ticket_len = ( msg[4] << 8 ) | ( msg[5] );
@@ -3390,10 +3506,10 @@
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
{
- if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
return( ret );
}
-#endif
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
/* Change state now, so that it is right in mbedtls_ssl_read_record(), used
* by DTLS for dropping out-of-sequence ChangeCipherSpec records */
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 0ccab58..36ca0d6 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -91,6 +91,13 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) );
+ if( len < 2 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+ }
servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
if( servername_list_size + 2 != len )
{
@@ -101,7 +108,7 @@
}
p = buf + 2;
- while( servername_list_size > 0 )
+ while( servername_list_size > 2 )
{
hostname_len = ( ( p[1] << 8 ) | p[2] );
if( hostname_len + 3 > servername_list_size )
@@ -205,6 +212,12 @@
mbedtls_md_type_t md_cur;
mbedtls_pk_type_t sig_cur;
+ if ( len < 2 ) {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+ }
sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
if( sig_alg_list_size + 2 != len ||
sig_alg_list_size % 2 != 0 )
@@ -273,6 +286,12 @@
const unsigned char *p;
const mbedtls_ecp_curve_info *curve_info, **curves;
+ if ( len < 2 ) {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+ }
list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
if( list_size + 2 != len ||
list_size % 2 != 0 )
@@ -332,14 +351,14 @@
size_t list_size;
const unsigned char *p;
- list_size = buf[0];
- if( list_size + 1 != len )
+ if( len == 0 || (size_t)( buf[0] + 1 ) != len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
+ list_size = buf[0];
p = buf + 1;
while( list_size > 0 )
@@ -1275,7 +1294,7 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- memcpy( ssl->out_ctr + 2, ssl->in_ctr + 2, 6 );
+ memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 );
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 )
@@ -1303,7 +1322,7 @@
else
#endif
{
- if( msg_len > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -1656,10 +1675,16 @@
while( ext_len != 0 )
{
- unsigned int ext_id = ( ( ext[0] << 8 )
- | ( ext[1] ) );
- unsigned int ext_size = ( ( ext[2] << 8 )
- | ( ext[3] ) );
+ unsigned int ext_id;
+ unsigned int ext_size;
+ if ( ext_len < 4 ) {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+ }
+ ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) );
+ ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) );
if( ext_size + 4 > ext_len )
{
@@ -2235,7 +2260,7 @@
{
int ret;
unsigned char *p = buf;
- const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
size_t kkpp_len;
*olen = 0;
@@ -2342,7 +2367,7 @@
cookie_len_byte = p++;
if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie,
- &p, ssl->out_buf + MBEDTLS_SSL_BUFFER_LEN,
+ &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN,
ssl->cli_id, ssl->cli_id_len ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret );
@@ -2359,12 +2384,21 @@
ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+ ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret );
+ return( ret );
+ }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) );
return( 0 );
@@ -2564,8 +2598,12 @@
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
- ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen );
- ext_len += olen;
+ if ( mbedtls_ssl_ciphersuite_uses_ec(
+ mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) )
+ {
+ ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen );
+ ext_len += olen;
+ }
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
@@ -2595,7 +2633,7 @@
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO;
- ret = mbedtls_ssl_write_record( ssl );
+ ret = mbedtls_ssl_write_handshake_msg( ssl );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) );
@@ -2638,7 +2676,7 @@
size_t dn_size, total_dn_size; /* excluding length bytes */
size_t ct_len, sa_len; /* including length bytes */
unsigned char *buf, *p;
- const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+ const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
const mbedtls_x509_crt *crt;
int authmode;
@@ -2790,7 +2828,7 @@
ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 );
ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size );
- ret = mbedtls_ssl_write_record( ssl );
+ ret = mbedtls_ssl_write_handshake_msg( ssl );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) );
@@ -2839,7 +2877,7 @@
* ssl_write_server_key_exchange also takes care of incrementing
* ssl->out_msglen. */
unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2;
- size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_MAX_CONTENT_LEN
+ size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN
- sig_start );
int ret = ssl->conf->f_async_resume( ssl,
sig_start, signature_len, sig_max_len );
@@ -2893,7 +2931,7 @@
ret = mbedtls_ecjpake_write_round_two(
&ssl->handshake->ecjpake_ctx,
ssl->out_msg + ssl->out_msglen,
- MBEDTLS_SSL_MAX_CONTENT_LEN - ssl->out_msglen, &len,
+ MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len,
ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
@@ -3020,7 +3058,7 @@
if( ( ret = mbedtls_ecdh_make_params(
&ssl->handshake->ecdh_ctx, &len,
ssl->out_msg + ssl->out_msglen,
- MBEDTLS_SSL_MAX_CONTENT_LEN - ssl->out_msglen,
+ MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen,
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret );
@@ -3307,9 +3345,9 @@
ssl->state++;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
@@ -3334,12 +3372,21 @@
mbedtls_ssl_send_flight_completed( ssl );
#endif
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+ ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret );
+ return( ret );
+ }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) );
return( 0 );
@@ -3437,6 +3484,10 @@
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
{
+ if ( p + 2 > end ) {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+ }
if( *p++ != ( ( len >> 8 ) & 0xFF ) ||
*p++ != ( ( len ) & 0xFF ) )
{
@@ -3677,7 +3728,7 @@
}
else
#endif
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
@@ -3987,25 +4038,10 @@
}
/* Read the message without adding it to the checksum */
- do {
-
- do ret = mbedtls_ssl_read_record_layer( ssl );
- while( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING );
-
- if( ret != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret );
- return( ret );
- }
-
- ret = mbedtls_ssl_handle_message_type( ssl );
-
- } while( MBEDTLS_ERR_SSL_NON_FATAL == ret ||
- MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret );
-
+ ret = mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ );
if( 0 != ret )
{
- MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record" ), ret );
return( ret );
}
@@ -4171,7 +4207,7 @@
if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket,
ssl->session_negotiate,
ssl->out_msg + 10,
- ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN,
+ ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN,
&tlen, &lifetime ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret );
@@ -4194,9 +4230,9 @@
*/
ssl->handshake->new_session_ticket = 0;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
@@ -4225,10 +4261,10 @@
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
{
- if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
return( ret );
}
-#endif
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
switch( ssl->state )
{
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index a2b3048..985b7cd 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -97,7 +97,7 @@
uint32_t current_time = (uint32_t) mbedtls_time( NULL );
uint32_t key_time = ctx->keys[ctx->active].generation_time;
- if( current_time > key_time &&
+ if( current_time >= key_time &&
current_time - key_time < ctx->ticket_lifetime )
{
return( 0 );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e5119fc..ee7944b 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -54,6 +54,9 @@
#include "mbedtls/oid.h"
#endif
+static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl );
+static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl );
+
/* Length of the "epoch" field in the record header */
static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl )
{
@@ -96,7 +99,101 @@
return( 0 );
}
+static void ssl_update_out_pointers( mbedtls_ssl_context *ssl,
+ mbedtls_ssl_transform *transform );
+static void ssl_update_in_pointers( mbedtls_ssl_context *ssl,
+ mbedtls_ssl_transform *transform );
+
+#define SSL_DONT_FORCE_FLUSH 0
+#define SSL_FORCE_FLUSH 1
+
#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+/* Forward declarations for functions related to message buffering. */
+static void ssl_buffering_free( mbedtls_ssl_context *ssl );
+static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl,
+ uint8_t slot );
+static void ssl_free_buffered_record( mbedtls_ssl_context *ssl );
+static int ssl_load_buffered_message( mbedtls_ssl_context *ssl );
+static int ssl_load_buffered_record( mbedtls_ssl_context *ssl );
+static int ssl_buffer_message( mbedtls_ssl_context *ssl );
+static int ssl_buffer_future_record( mbedtls_ssl_context *ssl );
+static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl );
+
+static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl );
+static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl )
+{
+ size_t mtu = ssl_get_current_mtu( ssl );
+
+ if( mtu != 0 && mtu < MBEDTLS_SSL_OUT_BUFFER_LEN )
+ return( mtu );
+
+ return( MBEDTLS_SSL_OUT_BUFFER_LEN );
+}
+
+static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl )
+{
+ size_t const bytes_written = ssl->out_left;
+ size_t const mtu = ssl_get_maximum_datagram_size( ssl );
+
+ /* Double-check that the write-index hasn't gone
+ * past what we can transmit in a single datagram. */
+ if( bytes_written > mtu )
+ {
+ /* Should never happen... */
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+ return( (int) ( mtu - bytes_written ) );
+}
+
+static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl )
+{
+ int ret;
+ size_t remaining, expansion;
+ size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+ const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl );
+
+ if( max_len > mfl )
+ max_len = mfl;
+
+ /* By the standard (RFC 6066 Sect. 4), the MFL extension
+ * only limits the maximum record payload size, so in theory
+ * we would be allowed to pack multiple records of payload size
+ * MFL into a single datagram. However, this would mean that there's
+ * no way to explicitly communicate MTU restrictions to the peer.
+ *
+ * The following reduction of max_len makes sure that we never
+ * write datagrams larger than MFL + Record Expansion Overhead.
+ */
+ if( max_len <= ssl->out_left )
+ return( 0 );
+
+ max_len -= ssl->out_left;
+#endif
+
+ ret = ssl_get_remaining_space_in_datagram( ssl );
+ if( ret < 0 )
+ return( ret );
+ remaining = (size_t) ret;
+
+ ret = mbedtls_ssl_get_record_expansion( ssl );
+ if( ret < 0 )
+ return( ret );
+ expansion = (size_t) ret;
+
+ if( remaining <= expansion )
+ return( 0 );
+
+ remaining -= expansion;
+ if( remaining >= max_len )
+ remaining = max_len;
+
+ return( (int) remaining );
+}
+
/*
* Double the retransmit timeout value, within the allowed range,
* returning -1 if the maximum value has already been reached.
@@ -108,6 +205,18 @@
if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max )
return( -1 );
+ /* Implement the final paragraph of RFC 6347 section 4.1.1.1
+ * in the following way: after the initial transmission and a first
+ * retransmission, back off to a temporary estimated MTU of 508 bytes.
+ * This value is guaranteed to be deliverable (if not guaranteed to be
+ * delivered) of any compliant IPv4 (and IPv6) network, and should work
+ * on most non-IP stacks too. */
+ if( ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min )
+ {
+ ssl->handshake->mtu = 508;
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "mtu autoreduction to %d bytes", ssl->handshake->mtu ) );
+ }
+
new_timeout = 2 * ssl->handshake->retransmit_timeout;
/* Avoid arithmetic overflow and range overflow */
@@ -141,14 +250,24 @@
* } MaxFragmentLength;
* and we add 0 -> extension unused
*/
-static unsigned int mfl_code_to_length[MBEDTLS_SSL_MAX_FRAG_LEN_INVALID] =
+static unsigned int ssl_mfl_code_to_length( int mfl )
{
- MBEDTLS_SSL_MAX_CONTENT_LEN, /* MBEDTLS_SSL_MAX_FRAG_LEN_NONE */
- 512, /* MBEDTLS_SSL_MAX_FRAG_LEN_512 */
- 1024, /* MBEDTLS_SSL_MAX_FRAG_LEN_1024 */
- 2048, /* MBEDTLS_SSL_MAX_FRAG_LEN_2048 */
- 4096, /* MBEDTLS_SSL_MAX_FRAG_LEN_4096 */
-};
+ switch( mfl )
+ {
+ case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
+ return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
+ case MBEDTLS_SSL_MAX_FRAG_LEN_512:
+ return 512;
+ case MBEDTLS_SSL_MAX_FRAG_LEN_1024:
+ return 1024;
+ case MBEDTLS_SSL_MAX_FRAG_LEN_2048:
+ return 2048;
+ case MBEDTLS_SSL_MAX_FRAG_LEN_4096:
+ return 4096;
+ default:
+ return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
+ }
+}
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_CLI_C)
@@ -688,18 +807,32 @@
transform->keylen = cipher_info->key_bitlen / 8;
if( cipher_info->mode == MBEDTLS_MODE_GCM ||
- cipher_info->mode == MBEDTLS_MODE_CCM )
+ cipher_info->mode == MBEDTLS_MODE_CCM ||
+ cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
{
+ size_t taglen, explicit_ivlen;
+
transform->maclen = 0;
mac_key_len = 0;
+ /* All modes haves 96-bit IVs;
+ * GCM and CCM has 4 implicit and 8 explicit bytes
+ * ChachaPoly has all 12 bytes implicit
+ */
transform->ivlen = 12;
- transform->fixed_ivlen = 4;
+ if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
+ transform->fixed_ivlen = 12;
+ else
+ transform->fixed_ivlen = 4;
- /* Minimum length is expicit IV + tag */
- transform->minlen = transform->ivlen - transform->fixed_ivlen
- + ( transform->ciphersuite_info->flags &
- MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16 );
+ /* All modes have 128-bit tags, except CCM_8 (ciphersuite flag) */
+ taglen = transform->ciphersuite_info->flags &
+ MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16;
+
+
+ /* Minimum length of encrypted record */
+ explicit_ivlen = transform->ivlen - transform->fixed_ivlen;
+ transform->minlen = explicit_ivlen + taglen;
}
else
{
@@ -956,11 +1089,11 @@
if( ssl->compress_buf == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) );
- ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_BUFFER_LEN );
+ ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN );
if( ssl->compress_buf == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
- MBEDTLS_SSL_BUFFER_LEN ) );
+ MBEDTLS_SSL_COMPRESS_BUFFER_LEN ) );
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
}
}
@@ -1151,6 +1284,9 @@
* other_secret already set by the ClientKeyExchange message,
* and is 48 bytes long
*/
+ if( end - p < 2 )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
*p++ = 0;
*p++ = 48;
p += 48;
@@ -1276,6 +1412,27 @@
#define SSL_SOME_MODES_USE_MAC
#endif
+/* The function below is only used in the Lucky 13 counter-measure in
+ * ssl_decrypt_buf(). These are the defines that guard the call site. */
+#if defined(SSL_SOME_MODES_USE_MAC) && \
+ ( defined(MBEDTLS_SSL_PROTO_TLS1) || \
+ defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+ defined(MBEDTLS_SSL_PROTO_TLS1_2) )
+/* This function makes sure every byte in the memory region is accessed
+ * (in ascending addresses order) */
+static void ssl_read_memory( unsigned char *p, size_t len )
+{
+ unsigned char acc = 0;
+ volatile unsigned char force;
+
+ for( ; len != 0; p++, len-- )
+ acc ^= *p;
+
+ force = acc;
+ (void) force;
+}
+#endif /* SSL_SOME_MODES_USE_MAC && ( TLS1 || TLS1_1 || TLS1_2 ) */
+
/*
* Encryption/decryption functions
*/
@@ -1297,14 +1454,6 @@
MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload",
ssl->out_msg, ssl->out_msglen );
- if( ssl->out_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %u too large, maximum %d",
- (unsigned) ssl->out_msglen,
- MBEDTLS_SSL_MAX_CONTENT_LEN ) );
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- }
-
/*
* Add MAC before if needed
*/
@@ -1394,17 +1543,26 @@
}
else
#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
+#if defined(MBEDTLS_GCM_C) || \
+ defined(MBEDTLS_CCM_C) || \
+ defined(MBEDTLS_CHACHAPOLY_C)
if( mode == MBEDTLS_MODE_GCM ||
- mode == MBEDTLS_MODE_CCM )
+ mode == MBEDTLS_MODE_CCM ||
+ mode == MBEDTLS_MODE_CHACHAPOLY )
{
int ret;
size_t enc_msglen, olen;
unsigned char *enc_msg;
unsigned char add_data[13];
- unsigned char taglen = ssl->transform_out->ciphersuite_info->flags &
+ unsigned char iv[12];
+ mbedtls_ssl_transform *transform = ssl->transform_out;
+ unsigned char taglen = transform->ciphersuite_info->flags &
MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16;
+ size_t explicit_ivlen = transform->ivlen - transform->fixed_ivlen;
+ /*
+ * Prepare additional authenticated data
+ */
memcpy( add_data, ssl->out_ctr, 8 );
add_data[8] = ssl->out_msgtype;
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
@@ -1412,44 +1570,57 @@
add_data[11] = ( ssl->out_msglen >> 8 ) & 0xFF;
add_data[12] = ssl->out_msglen & 0xFF;
- MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
- add_data, 13 );
+ MBEDTLS_SSL_DEBUG_BUF( 4, "additional data for AEAD", add_data, 13 );
/*
* Generate IV
*/
- if( ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen != 8 )
+ if( transform->ivlen == 12 && transform->fixed_ivlen == 4 )
+ {
+ /* GCM and CCM: fixed || explicit (=seqnum) */
+ memcpy( iv, transform->iv_enc, transform->fixed_ivlen );
+ memcpy( iv + transform->fixed_ivlen, ssl->out_ctr, 8 );
+ memcpy( ssl->out_iv, ssl->out_ctr, 8 );
+
+ }
+ else if( transform->ivlen == 12 && transform->fixed_ivlen == 12 )
+ {
+ /* ChachaPoly: fixed XOR sequence number */
+ unsigned char i;
+
+ memcpy( iv, transform->iv_enc, transform->fixed_ivlen );
+
+ for( i = 0; i < 8; i++ )
+ iv[i+4] ^= ssl->out_ctr[i];
+ }
+ else
{
/* Reminder if we ever add an AEAD mode with a different size */
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- memcpy( ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
- ssl->out_ctr, 8 );
- memcpy( ssl->out_iv, ssl->out_ctr, 8 );
-
- MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", ssl->out_iv,
- ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );
+ MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)",
+ iv, transform->ivlen );
+ MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (transmitted)",
+ ssl->out_iv, explicit_ivlen );
/*
- * Fix pointer positions and message length with added IV
+ * Fix message length with added IV
*/
enc_msg = ssl->out_msg;
enc_msglen = ssl->out_msglen;
- ssl->out_msglen += ssl->transform_out->ivlen -
- ssl->transform_out->fixed_ivlen;
+ ssl->out_msglen += explicit_ivlen;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
- "including %d bytes of padding",
- ssl->out_msglen, 0 ) );
+ "including 0 bytes of padding",
+ ssl->out_msglen ) );
/*
* Encrypt and authenticate
*/
- if( ( ret = mbedtls_cipher_auth_encrypt( &ssl->transform_out->cipher_ctx_enc,
- ssl->transform_out->iv_enc,
- ssl->transform_out->ivlen,
+ if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx_enc,
+ iv, transform->ivlen,
add_data, 13,
enc_msg, enc_msglen,
enc_msg, &olen,
@@ -1556,6 +1727,8 @@
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( auth_done == 0 )
{
+ unsigned char mac[MBEDTLS_SSL_MAC_ADD];
+
/*
* MAC(MAC_write_key, seq_num +
* TLSCipherText.type +
@@ -1578,10 +1751,12 @@
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 );
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc,
ssl->out_iv, ssl->out_msglen );
- mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc,
- ssl->out_iv + ssl->out_msglen );
+ mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac );
mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc );
+ memcpy( ssl->out_iv + ssl->out_msglen, mac,
+ ssl->transform_out->maclen );
+
ssl->out_msglen += ssl->transform_out->maclen;
auth_done++;
}
@@ -1609,7 +1784,6 @@
static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
{
- size_t i;
mbedtls_cipher_mode_t mode;
int auth_done = 0;
#if defined(SSL_SOME_MODES_USE_MAC)
@@ -1659,20 +1833,27 @@
}
else
#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
+#if defined(MBEDTLS_GCM_C) || \
+ defined(MBEDTLS_CCM_C) || \
+ defined(MBEDTLS_CHACHAPOLY_C)
if( mode == MBEDTLS_MODE_GCM ||
- mode == MBEDTLS_MODE_CCM )
+ mode == MBEDTLS_MODE_CCM ||
+ mode == MBEDTLS_MODE_CHACHAPOLY )
{
int ret;
size_t dec_msglen, olen;
unsigned char *dec_msg;
unsigned char *dec_msg_result;
unsigned char add_data[13];
- unsigned char taglen = ssl->transform_in->ciphersuite_info->flags &
+ unsigned char iv[12];
+ mbedtls_ssl_transform *transform = ssl->transform_in;
+ unsigned char taglen = transform->ciphersuite_info->flags &
MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16;
- size_t explicit_iv_len = ssl->transform_in->ivlen -
- ssl->transform_in->fixed_ivlen;
+ size_t explicit_iv_len = transform->ivlen - transform->fixed_ivlen;
+ /*
+ * Compute and update sizes
+ */
if( ssl->in_msglen < explicit_iv_len + taglen )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) "
@@ -1686,6 +1867,9 @@
dec_msg_result = ssl->in_msg;
ssl->in_msglen = dec_msglen;
+ /*
+ * Prepare additional authenticated data
+ */
memcpy( add_data, ssl->in_ctr, 8 );
add_data[8] = ssl->in_msgtype;
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
@@ -1693,23 +1877,43 @@
add_data[11] = ( ssl->in_msglen >> 8 ) & 0xFF;
add_data[12] = ssl->in_msglen & 0xFF;
- MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
- add_data, 13 );
+ MBEDTLS_SSL_DEBUG_BUF( 4, "additional data for AEAD", add_data, 13 );
- memcpy( ssl->transform_in->iv_dec + ssl->transform_in->fixed_ivlen,
- ssl->in_iv,
- ssl->transform_in->ivlen - ssl->transform_in->fixed_ivlen );
+ /*
+ * Prepare IV
+ */
+ if( transform->ivlen == 12 && transform->fixed_ivlen == 4 )
+ {
+ /* GCM and CCM: fixed || explicit (transmitted) */
+ memcpy( iv, transform->iv_dec, transform->fixed_ivlen );
+ memcpy( iv + transform->fixed_ivlen, ssl->in_iv, 8 );
- MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", ssl->transform_in->iv_dec,
- ssl->transform_in->ivlen );
+ }
+ else if( transform->ivlen == 12 && transform->fixed_ivlen == 12 )
+ {
+ /* ChachaPoly: fixed XOR sequence number */
+ unsigned char i;
+
+ memcpy( iv, transform->iv_dec, transform->fixed_ivlen );
+
+ for( i = 0; i < 8; i++ )
+ iv[i+4] ^= ssl->in_ctr[i];
+ }
+ else
+ {
+ /* Reminder if we ever add an AEAD mode with a different size */
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+ MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen );
MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", dec_msg + dec_msglen, taglen );
/*
* Decrypt and authenticate
*/
if( ( ret = mbedtls_cipher_auth_decrypt( &ssl->transform_in->cipher_ctx_dec,
- ssl->transform_in->iv_dec,
- ssl->transform_in->ivlen,
+ iv, transform->ivlen,
add_data, 13,
dec_msg, dec_msglen,
dec_msg_result, &olen,
@@ -1827,6 +2031,7 @@
*/
if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
{
+ unsigned char i;
dec_msglen -= ssl->transform_in->ivlen;
ssl->in_msglen -= ssl->transform_in->ivlen;
@@ -1900,27 +2105,28 @@
* and fake check up to 256 bytes of padding
*/
size_t pad_count = 0, real_count = 1;
- size_t padding_idx = ssl->in_msglen - padlen - 1;
+ size_t padding_idx = ssl->in_msglen - padlen;
+ size_t i;
/*
* Padding is guaranteed to be incorrect if:
- * 1. padlen >= ssl->in_msglen
+ * 1. padlen > ssl->in_msglen
*
- * 2. padding_idx >= MBEDTLS_SSL_MAX_CONTENT_LEN +
+ * 2. padding_idx > MBEDTLS_SSL_IN_CONTENT_LEN +
* ssl->transform_in->maclen
*
* In both cases we reset padding_idx to a safe value (0) to
* prevent out-of-buffer reads.
*/
- correct &= ( ssl->in_msglen >= padlen + 1 );
- correct &= ( padding_idx < MBEDTLS_SSL_MAX_CONTENT_LEN +
+ correct &= ( padlen <= ssl->in_msglen );
+ correct &= ( padding_idx <= MBEDTLS_SSL_IN_CONTENT_LEN +
ssl->transform_in->maclen );
padding_idx *= correct;
- for( i = 1; i <= 256; i++ )
+ for( i = 0; i < 256; i++ )
{
- real_count &= ( i <= padlen );
+ real_count &= ( i < padlen );
pad_count += real_count *
( ssl->in_msg[padding_idx + i] == padlen - 1 );
}
@@ -1951,8 +2157,10 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption",
ssl->in_msg, ssl->in_msglen );
+#endif
/*
* Authenticate if not done yet.
@@ -1985,20 +2193,69 @@
{
/*
* Process MAC and always update for padlen afterwards to make
- * total time independent of padlen
- *
- * extra_run compensates MAC check for padlen
+ * total time independent of padlen.
*
* Known timing attacks:
* - Lucky Thirteen (http://www.isg.rhul.ac.uk/tls/TLStiming.pdf)
*
- * We use ( ( Lx + 8 ) / 64 ) to handle 'negative Lx' values
- * correctly. (We round down instead of up, so -56 is the correct
- * value for our calculations instead of -55)
+ * To compensate for different timings for the MAC calculation
+ * depending on how much padding was removed (which is determined
+ * by padlen), process extra_run more blocks through the hash
+ * function.
+ *
+ * The formula in the paper is
+ * extra_run = ceil( (L1-55) / 64 ) - ceil( (L2-55) / 64 )
+ * where L1 is the size of the header plus the decrypted message
+ * plus CBC padding and L2 is the size of the header plus the
+ * decrypted message. This is for an underlying hash function
+ * with 64-byte blocks.
+ * We use ( (Lx+8) / 64 ) to handle 'negative Lx' values
+ * correctly. We round down instead of up, so -56 is the correct
+ * value for our calculations instead of -55.
+ *
+ * Repeat the formula rather than defining a block_size variable.
+ * This avoids requiring division by a variable at runtime
+ * (which would be marginally less efficient and would require
+ * linking an extra division function in some builds).
*/
size_t j, extra_run = 0;
- extra_run = ( 13 + ssl->in_msglen + padlen + 8 ) / 64 -
- ( 13 + ssl->in_msglen + 8 ) / 64;
+
+ /*
+ * The next two sizes are the minimum and maximum values of
+ * in_msglen over all padlen values.
+ *
+ * They're independent of padlen, since we previously did
+ * in_msglen -= padlen.
+ *
+ * Note that max_len + maclen is never more than the buffer
+ * length, as we previously did in_msglen -= maclen too.
+ */
+ const size_t max_len = ssl->in_msglen + padlen;
+ const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0;
+
+ switch( ssl->transform_in->ciphersuite_info->mac )
+ {
+#if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \
+ defined(MBEDTLS_SHA256_C)
+ case MBEDTLS_MD_MD5:
+ case MBEDTLS_MD_SHA1:
+ case MBEDTLS_MD_SHA256:
+ /* 8 bytes of message size, 64-byte compression blocks */
+ extra_run = ( 13 + ssl->in_msglen + padlen + 8 ) / 64 -
+ ( 13 + ssl->in_msglen + 8 ) / 64;
+ break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case MBEDTLS_MD_SHA384:
+ /* 16 bytes of message size, 128-byte compression blocks */
+ extra_run = ( 13 + ssl->in_msglen + padlen + 16 ) / 128 -
+ ( 13 + ssl->in_msglen + 16 ) / 128;
+ break;
+#endif
+ default:
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
extra_run &= correct * 0xFF;
@@ -2007,12 +2264,25 @@
mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_len, 2 );
mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_msg,
ssl->in_msglen );
+ /* Make sure we access everything even when padlen > 0. This
+ * makes the synchronisation requirements for just-in-time
+ * Prime+Probe attacks much tighter and hopefully impractical. */
+ ssl_read_memory( ssl->in_msg + ssl->in_msglen, padlen );
mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect );
- /* Call mbedtls_md_process at least once due to cache attacks */
+
+ /* Call mbedtls_md_process at least once due to cache attacks
+ * that observe whether md_process() was called of not */
for( j = 0; j < extra_run + 1; j++ )
mbedtls_md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg );
mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec );
+
+ /* Make sure we access all the memory that could contain the MAC,
+ * before we check it in the next code block. This makes the
+ * synchronisation requirements for just-in-time Prime+Probe
+ * attacks much tighter and hopefully impractical. */
+ ssl_read_memory( ssl->in_msg + min_len,
+ max_len - min_len + ssl->transform_in->maclen );
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
@@ -2022,9 +2292,11 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, ssl->transform_in->maclen );
MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", ssl->in_msg + ssl->in_msglen,
ssl->transform_in->maclen );
+#endif
if( mbedtls_ssl_safer_memcmp( ssl->in_msg + ssl->in_msglen, mac_expect,
ssl->transform_in->maclen ) != 0 )
@@ -2053,6 +2325,16 @@
if( ssl->in_msglen == 0 )
{
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3
+ && ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA )
+ {
+ /* TLS v1.2 explicitly disallows zero-length messages which are not application data */
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid zero-length message type: %d", ssl->in_msgtype ) );
+ return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
ssl->nb_zero++;
/*
@@ -2077,6 +2359,7 @@
else
#endif
{
+ unsigned char i;
for( i = 8; i > ssl_ep_len( ssl ); i-- )
if( ++ssl->in_ctr[i - 1] != 0 )
break;
@@ -2126,7 +2409,7 @@
ssl->transform_out->ctx_deflate.next_in = msg_pre;
ssl->transform_out->ctx_deflate.avail_in = len_pre;
ssl->transform_out->ctx_deflate.next_out = msg_post;
- ssl->transform_out->ctx_deflate.avail_out = MBEDTLS_SSL_BUFFER_LEN - bytes_written;
+ ssl->transform_out->ctx_deflate.avail_out = MBEDTLS_SSL_OUT_BUFFER_LEN - bytes_written;
ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH );
if( ret != Z_OK )
@@ -2135,7 +2418,7 @@
return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED );
}
- ssl->out_msglen = MBEDTLS_SSL_BUFFER_LEN -
+ ssl->out_msglen = MBEDTLS_SSL_OUT_BUFFER_LEN -
ssl->transform_out->ctx_deflate.avail_out - bytes_written;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ",
@@ -2173,7 +2456,7 @@
ssl->transform_in->ctx_inflate.next_in = msg_pre;
ssl->transform_in->ctx_inflate.avail_in = len_pre;
ssl->transform_in->ctx_inflate.next_out = msg_post;
- ssl->transform_in->ctx_inflate.avail_out = MBEDTLS_SSL_BUFFER_LEN -
+ ssl->transform_in->ctx_inflate.avail_out = MBEDTLS_SSL_IN_BUFFER_LEN -
header_bytes;
ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH );
@@ -2183,7 +2466,7 @@
return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED );
}
- ssl->in_msglen = MBEDTLS_SSL_BUFFER_LEN -
+ ssl->in_msglen = MBEDTLS_SSL_IN_BUFFER_LEN -
ssl->transform_in->ctx_inflate.avail_out - header_bytes;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ",
@@ -2258,7 +2541,7 @@
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
- if( nb_want > MBEDTLS_SSL_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) )
+ if( nb_want > MBEDTLS_SSL_IN_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -2344,7 +2627,7 @@
}
else
{
- len = MBEDTLS_SSL_BUFFER_LEN - ( ssl->in_hdr - ssl->in_buf );
+ len = MBEDTLS_SSL_IN_BUFFER_LEN - ( ssl->in_hdr - ssl->in_buf );
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
timeout = ssl->handshake->retransmit_timeout;
@@ -2466,7 +2749,7 @@
int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
{
int ret;
- unsigned char *buf, i;
+ unsigned char *buf;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) );
@@ -2489,8 +2772,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d",
mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) );
- buf = ssl->out_hdr + mbedtls_ssl_hdr_len( ssl ) +
- ssl->out_msglen - ssl->out_left;
+ buf = ssl->out_hdr - ssl->out_left;
ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left );
MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret );
@@ -2509,16 +2791,17 @@
ssl->out_left -= ret;
}
- for( i = 8; i > ssl_ep_len( ssl ); i-- )
- if( ++ssl->out_ctr[i - 1] != 0 )
- break;
-
- /* The loop goes to its end iff the counter is wrapping */
- if( i == ssl_ep_len( ssl ) )
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) );
- return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
+ ssl->out_hdr = ssl->out_buf;
}
+ else
+#endif
+ {
+ ssl->out_hdr = ssl->out_buf + 8;
+ }
+ ssl_update_out_pointers( ssl, ssl->transform_out );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) );
@@ -2535,6 +2818,9 @@
static int ssl_flight_append( mbedtls_ssl_context *ssl )
{
mbedtls_ssl_flight_item *msg;
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_flight_append" ) );
+ MBEDTLS_SSL_DEBUG_BUF( 4, "message appended to flight",
+ ssl->out_msg, ssl->out_msglen );
/* Allocate space for current message */
if( ( msg = mbedtls_calloc( 1, sizeof( mbedtls_ssl_flight_item ) ) ) == NULL )
@@ -2568,6 +2854,7 @@
cur->next = msg;
}
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_flight_append" ) );
return( 0 );
}
@@ -2616,19 +2903,12 @@
ssl->handshake->alt_transform_out = tmp_transform;
/* Swap epoch + sequence_number */
- memcpy( tmp_out_ctr, ssl->out_ctr, 8 );
- memcpy( ssl->out_ctr, ssl->handshake->alt_out_ctr, 8 );
+ memcpy( tmp_out_ctr, ssl->cur_out_ctr, 8 );
+ memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8 );
memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 );
/* Adjust to the newly activated transform */
- if( ssl->transform_out != NULL &&
- ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
- {
- ssl->out_msg = ssl->out_iv + ssl->transform_out->ivlen -
- ssl->transform_out->fixed_ivlen;
- }
- else
- ssl->out_msg = ssl->out_iv;
+ ssl_update_out_pointers( ssl, ssl->transform_out );
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
if( mbedtls_ssl_hw_record_activate != NULL )
@@ -2644,20 +2924,38 @@
/*
* Retransmit the current flight of messages.
+ */
+int mbedtls_ssl_resend( mbedtls_ssl_context *ssl )
+{
+ int ret = 0;
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) );
+
+ ret = mbedtls_ssl_flight_transmit( ssl );
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) );
+
+ return( ret );
+}
+
+/*
+ * Transmit or retransmit the current flight of messages.
*
* Need to remember the current message in case flush_output returns
* WANT_WRITE, causing us to exit this function and come back later.
* This function must be called until state is no longer SENDING.
*/
-int mbedtls_ssl_resend( mbedtls_ssl_context *ssl )
+int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl )
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) );
+ int ret;
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) );
if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING )
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise resending" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise flight transmission" ) );
ssl->handshake->cur_msg = ssl->handshake->flight;
+ ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12;
ssl_swap_epochs( ssl );
ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING;
@@ -2665,33 +2963,129 @@
while( ssl->handshake->cur_msg != NULL )
{
- int ret;
- mbedtls_ssl_flight_item *cur = ssl->handshake->cur_msg;
+ size_t max_frag_len;
+ const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg;
+
+ int const is_finished =
+ ( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE &&
+ cur->p[0] == MBEDTLS_SSL_HS_FINISHED );
+
+ uint8_t const force_flush = ssl->disable_datagram_packing == 1 ?
+ SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH;
/* Swap epochs before sending Finished: we can't do it after
* sending ChangeCipherSpec, in case write returns WANT_READ.
* Must be done before copying, may change out_msg pointer */
- if( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE &&
- cur->p[0] == MBEDTLS_SSL_HS_FINISHED )
+ if( is_finished && ssl->handshake->cur_msg_p == ( cur->p + 12 ) )
{
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "swap epochs to send finished message" ) );
ssl_swap_epochs( ssl );
}
- memcpy( ssl->out_msg, cur->p, cur->len );
- ssl->out_msglen = cur->len;
- ssl->out_msgtype = cur->type;
+ ret = ssl_get_remaining_payload_in_datagram( ssl );
+ if( ret < 0 )
+ return( ret );
+ max_frag_len = (size_t) ret;
- ssl->handshake->cur_msg = cur->next;
+ /* CCS is copied as is, while HS messages may need fragmentation */
+ if( cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
+ {
+ if( max_frag_len == 0 )
+ {
+ if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+ return( ret );
- MBEDTLS_SSL_DEBUG_BUF( 3, "resent handshake message header", ssl->out_msg, 12 );
+ continue;
+ }
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ memcpy( ssl->out_msg, cur->p, cur->len );
+ ssl->out_msglen = cur->len;
+ ssl->out_msgtype = cur->type;
+
+ /* Update position inside current message */
+ ssl->handshake->cur_msg_p += cur->len;
+ }
+ else
+ {
+ const unsigned char * const p = ssl->handshake->cur_msg_p;
+ const size_t hs_len = cur->len - 12;
+ const size_t frag_off = p - ( cur->p + 12 );
+ const size_t rem_len = hs_len - frag_off;
+ size_t cur_hs_frag_len, max_hs_frag_len;
+
+ if( ( max_frag_len < 12 ) || ( max_frag_len == 12 && hs_len != 0 ) )
+ {
+ if( is_finished )
+ ssl_swap_epochs( ssl );
+
+ if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+ return( ret );
+
+ continue;
+ }
+ max_hs_frag_len = max_frag_len - 12;
+
+ cur_hs_frag_len = rem_len > max_hs_frag_len ?
+ max_hs_frag_len : rem_len;
+
+ if( frag_off == 0 && cur_hs_frag_len != hs_len )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "fragmenting handshake message (%u > %u)",
+ (unsigned) cur_hs_frag_len,
+ (unsigned) max_hs_frag_len ) );
+ }
+
+ /* Messages are stored with handshake headers as if not fragmented,
+ * copy beginning of headers then fill fragmentation fields.
+ * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */
+ memcpy( ssl->out_msg, cur->p, 6 );
+
+ ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff );
+ ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff );
+ ssl->out_msg[8] = ( ( frag_off ) & 0xff );
+
+ ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff );
+ ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff );
+ ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff );
+
+ MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 );
+
+ /* Copy the handshake message content and set records fields */
+ memcpy( ssl->out_msg + 12, p, cur_hs_frag_len );
+ ssl->out_msglen = cur_hs_frag_len + 12;
+ ssl->out_msgtype = cur->type;
+
+ /* Update position inside current message */
+ ssl->handshake->cur_msg_p += cur_hs_frag_len;
+ }
+
+ /* If done with the current message move to the next one if any */
+ if( ssl->handshake->cur_msg_p >= cur->p + cur->len )
+ {
+ if( cur->next != NULL )
+ {
+ ssl->handshake->cur_msg = cur->next;
+ ssl->handshake->cur_msg_p = cur->next->p + 12;
+ }
+ else
+ {
+ ssl->handshake->cur_msg = NULL;
+ ssl->handshake->cur_msg_p = NULL;
+ }
+ }
+
+ /* Actually send the message out */
+ if( ( ret = mbedtls_ssl_write_record( ssl, force_flush ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
return( ret );
}
}
+ if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+ return( ret );
+
+ /* Update state and set timer */
if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
else
@@ -2700,7 +3094,7 @@
ssl_set_timer( ssl, ssl->handshake->retransmit_timeout );
}
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_flight_transmit" ) );
return( 0 );
}
@@ -2718,6 +3112,12 @@
/* The next incoming flight will start with this msg_seq */
ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq;
+ /* We don't want to remember CCS's across flight boundaries. */
+ ssl->handshake->buffering.seen_ccs = 0;
+
+ /* Clear future message buffering structure. */
+ ssl_buffering_free( ssl );
+
/* Cancel timer */
ssl_set_timer( ssl, 0 );
@@ -2749,43 +3149,100 @@
#endif /* MBEDTLS_SSL_PROTO_DTLS */
/*
- * Record layer functions
+ * Handshake layer functions
*/
/*
- * Write current record.
- * Uses ssl->out_msgtype, ssl->out_msglen and bytes at ssl->out_msg.
+ * Write (DTLS: or queue) current handshake (including CCS) message.
+ *
+ * - fill in handshake headers
+ * - update handshake checksum
+ * - DTLS: save message for resending
+ * - then pass to the record layer
+ *
+ * DTLS: except for HelloRequest, messages are only queued, and will only be
+ * actually sent when calling flight_transmit() or resend().
+ *
+ * Inputs:
+ * - ssl->out_msglen: 4 + actual handshake message len
+ * (4 is the size of handshake headers for TLS)
+ * - ssl->out_msg[0]: the handshake type (ClientHello, ServerHello, etc)
+ * - ssl->out_msg + 4: the handshake message body
+ *
+ * Outputs, ie state before passing to flight_append() or write_record():
+ * - ssl->out_msglen: the length of the record contents
+ * (including handshake headers but excluding record headers)
+ * - ssl->out_msg: the record contents (handshake headers + content)
*/
-int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl )
+int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
{
- int ret, done = 0, out_msg_type;
- size_t len = ssl->out_msglen;
+ int ret;
+ const size_t hs_len = ssl->out_msglen - 4;
+ const unsigned char hs_type = ssl->out_msg[0];
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) );
+
+ /*
+ * Sanity checks
+ */
+ if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE &&
+ ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
+ {
+ /* In SSLv3, the client might send a NoCertificate alert. */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C)
+ if( ! ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 &&
+ ssl->out_msgtype == MBEDTLS_SSL_MSG_ALERT &&
+ ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) )
+#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+ }
+
+ if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+ hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST &&
+ ssl->handshake == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
ssl->handshake != NULL &&
ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
{
- ; /* Skip special handshake treatment when resending */
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- else
#endif
+
+ /* Double-check that we did not exceed the bounds
+ * of the outgoing record buffer.
+ * This should never fail as the various message
+ * writing functions must obey the bounds of the
+ * outgoing record buffer, but better be safe.
+ *
+ * Note: We deliberately do not check for the MTU or MFL here.
+ */
+ if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record too large: "
+ "size %u, maximum %u",
+ (unsigned) ssl->out_msglen,
+ (unsigned) MBEDTLS_SSL_OUT_CONTENT_LEN ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+ /*
+ * Fill handshake headers
+ */
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
{
- out_msg_type = ssl->out_msg[0];
-
- if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST &&
- ssl->handshake == NULL )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
- }
-
- ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 );
- ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >> 8 );
- ssl->out_msg[3] = (unsigned char)( ( len - 4 ) );
+ ssl->out_msg[1] = (unsigned char)( hs_len >> 16 );
+ ssl->out_msg[2] = (unsigned char)( hs_len >> 8 );
+ ssl->out_msg[3] = (unsigned char)( hs_len );
/*
* DTLS has additional fields in the Handshake layer,
@@ -2798,21 +3255,20 @@
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
/* Make room for the additional DTLS fields */
- if( MBEDTLS_SSL_MAX_CONTENT_LEN - ssl->out_msglen < 8 )
+ if( MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: "
"size %u, maximum %u",
- (unsigned) ( ssl->in_hslen - 4 ),
- (unsigned) ( MBEDTLS_SSL_MAX_CONTENT_LEN - 12 ) ) );
+ (unsigned) ( hs_len ),
+ (unsigned) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
- memmove( ssl->out_msg + 12, ssl->out_msg + 4, len - 4 );
+ memmove( ssl->out_msg + 12, ssl->out_msg + 4, hs_len );
ssl->out_msglen += 8;
- len += 8;
/* Write message_seq and update it, except for HelloRequest */
- if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
+ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
{
ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
@@ -2824,23 +3280,23 @@
ssl->out_msg[5] = 0;
}
- /* We don't fragment, so frag_offset = 0 and frag_len = len */
+ /* Handshake hashes are computed without fragmentation,
+ * so set frag_offset = 0 and frag_len = hs_len for now */
memset( ssl->out_msg + 6, 0x00, 3 );
memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 );
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
- ssl->handshake->update_checksum( ssl, ssl->out_msg, len );
+ /* Update running hashes of handshake messages seen */
+ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
+ ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen );
}
- /* Save handshake and CCS messages for resending */
+ /* Either send now, or just save to be sent (and resent) later */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
- ssl->handshake != NULL &&
- ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING &&
- ( ssl->out_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ||
- ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) )
+ ( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ||
+ hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) )
{
if( ( ret = ssl_flight_append( ssl ) ) != 0 )
{
@@ -2848,7 +3304,40 @@
return( ret );
}
}
+ else
#endif
+ {
+ if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_record", ret );
+ return( ret );
+ }
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) );
+
+ return( 0 );
+}
+
+/*
+ * Record layer functions
+ */
+
+/*
+ * Write current record.
+ *
+ * Uses:
+ * - ssl->out_msgtype: type of the message (AppData, Handshake, Alert, CCS)
+ * - ssl->out_msglen: length of the record content (excl headers)
+ * - ssl->out_msg: record content
+ */
+int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
+{
+ int ret, done = 0;
+ size_t len = ssl->out_msglen;
+ uint8_t flush = force_flush;
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) );
#if defined(MBEDTLS_ZLIB_SUPPORT)
if( ssl->transform_out != NULL &&
@@ -2882,10 +3371,14 @@
#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
if( !done )
{
+ unsigned i;
+ size_t protected_record_size;
+
ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype;
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
ssl->conf->transport, ssl->out_hdr + 1 );
+ memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 );
ssl->out_len[0] = (unsigned char)( len >> 8 );
ssl->out_len[1] = (unsigned char)( len );
@@ -2902,18 +3395,76 @@
ssl->out_len[1] = (unsigned char)( len );
}
- ssl->out_left = mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen;
+ protected_record_size = len + mbedtls_ssl_hdr_len( ssl );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ /* In case of DTLS, double-check that we don't exceed
+ * the remaining space in the datagram. */
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ ret = ssl_get_remaining_space_in_datagram( ssl );
+ if( ret < 0 )
+ return( ret );
+
+ if( protected_record_size > (size_t) ret )
+ {
+ /* Should never happen */
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+ }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, "
- "version = [%d:%d], msglen = %d",
- ssl->out_hdr[0], ssl->out_hdr[1], ssl->out_hdr[2],
- ( ssl->out_len[0] << 8 ) | ssl->out_len[1] ) );
+ "version = [%d:%d], msglen = %d",
+ ssl->out_hdr[0], ssl->out_hdr[1],
+ ssl->out_hdr[2], len ) );
MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network",
- ssl->out_hdr, mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen );
+ ssl->out_hdr, protected_record_size );
+
+ ssl->out_left += protected_record_size;
+ ssl->out_hdr += protected_record_size;
+ ssl_update_out_pointers( ssl, ssl->transform_out );
+
+ for( i = 8; i > ssl_ep_len( ssl ); i-- )
+ if( ++ssl->cur_out_ctr[i - 1] != 0 )
+ break;
+
+ /* The loop goes to its end iff the counter is wrapping */
+ if( i == ssl_ep_len( ssl ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) );
+ return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
+ }
}
- if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+ flush == SSL_DONT_FORCE_FLUSH )
+ {
+ size_t remaining;
+ ret = ssl_get_remaining_payload_in_datagram( ssl );
+ if( ret < 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_remaining_payload_in_datagram",
+ ret );
+ return( ret );
+ }
+
+ remaining = (size_t) ret;
+ if( remaining == 0 )
+ {
+ flush = SSL_FORCE_FLUSH;
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Still %u bytes available in current datagram", (unsigned) remaining ) );
+ }
+ }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+ if( ( flush == SSL_FORCE_FLUSH ) &&
+ ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret );
return( ret );
@@ -2925,6 +3476,52 @@
}
#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl )
+{
+ if( ssl->in_msglen < ssl->in_hslen ||
+ memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 ||
+ memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 )
+ {
+ return( 1 );
+ }
+ return( 0 );
+}
+
+static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl )
+{
+ return( ( ssl->in_msg[9] << 16 ) |
+ ( ssl->in_msg[10] << 8 ) |
+ ssl->in_msg[11] );
+}
+
+static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl )
+{
+ return( ( ssl->in_msg[6] << 16 ) |
+ ( ssl->in_msg[7] << 8 ) |
+ ssl->in_msg[8] );
+}
+
+static int ssl_check_hs_header( mbedtls_ssl_context const *ssl )
+{
+ uint32_t msg_len, frag_off, frag_len;
+
+ msg_len = ssl_get_hs_total_len( ssl );
+ frag_off = ssl_get_hs_frag_off( ssl );
+ frag_len = ssl_get_hs_frag_len( ssl );
+
+ if( frag_off > msg_len )
+ return( -1 );
+
+ if( frag_len > msg_len - frag_off )
+ return( -1 );
+
+ if( frag_len + 12 > ssl->in_msglen )
+ return( -1 );
+
+ return( 0 );
+}
+
/*
* Mark bits in bitmask (used for DTLS HS reassembly)
*/
@@ -2986,162 +3583,30 @@
return( 0 );
}
-/*
- * Reassemble fragmented DTLS handshake messages.
- *
- * Use a temporary buffer for reassembly, divided in two parts:
- * - the first holds the reassembled message (including handshake header),
- * - the second holds a bitmask indicating which parts of the message
- * (excluding headers) have been received so far.
- */
-static int ssl_reassemble_dtls_handshake( mbedtls_ssl_context *ssl )
+/* msg_len does not include the handshake header */
+static size_t ssl_get_reassembly_buffer_size( size_t msg_len,
+ unsigned add_bitmap )
{
- unsigned char *msg, *bitmask;
- size_t frag_len, frag_off;
- size_t msg_len = ssl->in_hslen - 12; /* Without headers */
+ size_t alloc_len;
- if( ssl->handshake == NULL )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "not supported outside handshake (for now)" ) );
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
- }
+ alloc_len = 12; /* Handshake header */
+ alloc_len += msg_len; /* Content buffer */
- /*
- * For first fragment, check size and allocate buffer
- */
- if( ssl->handshake->hs_msg == NULL )
- {
- size_t alloc_len;
+ if( add_bitmap )
+ alloc_len += msg_len / 8 + ( msg_len % 8 != 0 ); /* Bitmap */
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d",
- msg_len ) );
-
- if( ssl->in_hslen > MBEDTLS_SSL_MAX_CONTENT_LEN )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too large" ) );
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
- }
-
- /* The bitmask needs one bit per byte of message excluding header */
- alloc_len = 12 + msg_len + msg_len / 8 + ( msg_len % 8 != 0 );
-
- ssl->handshake->hs_msg = mbedtls_calloc( 1, alloc_len );
- if( ssl->handshake->hs_msg == NULL )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", alloc_len ) );
- return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
- }
-
- /* Prepare final header: copy msg_type, length and message_seq,
- * then add standardised fragment_offset and fragment_length */
- memcpy( ssl->handshake->hs_msg, ssl->in_msg, 6 );
- memset( ssl->handshake->hs_msg + 6, 0, 3 );
- memcpy( ssl->handshake->hs_msg + 9,
- ssl->handshake->hs_msg + 1, 3 );
- }
- else
- {
- /* Make sure msg_type and length are consistent */
- if( memcmp( ssl->handshake->hs_msg, ssl->in_msg, 4 ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment header mismatch" ) );
- return( MBEDTLS_ERR_SSL_INVALID_RECORD );
- }
- }
-
- msg = ssl->handshake->hs_msg + 12;
- bitmask = msg + msg_len;
-
- /*
- * Check and copy current fragment
- */
- frag_off = ( ssl->in_msg[6] << 16 ) |
- ( ssl->in_msg[7] << 8 ) |
- ssl->in_msg[8];
- frag_len = ( ssl->in_msg[9] << 16 ) |
- ( ssl->in_msg[10] << 8 ) |
- ssl->in_msg[11];
-
- if( frag_off + frag_len > msg_len )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid fragment offset/len: %d + %d > %d",
- frag_off, frag_len, msg_len ) );
- return( MBEDTLS_ERR_SSL_INVALID_RECORD );
- }
-
- if( frag_len + 12 > ssl->in_msglen )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid fragment length: %d + 12 > %d",
- frag_len, ssl->in_msglen ) );
- return( MBEDTLS_ERR_SSL_INVALID_RECORD );
- }
-
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d",
- frag_off, frag_len ) );
-
- memcpy( msg + frag_off, ssl->in_msg + 12, frag_len );
- ssl_bitmask_set( bitmask, frag_off, frag_len );
-
- /*
- * Do we have the complete message by now?
- * If yes, finalize it, else ask to read the next record.
- */
- if( ssl_bitmask_check( bitmask, msg_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "message is not complete yet" ) );
- return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING );
- }
-
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake message completed" ) );
-
- if( frag_len + 12 < ssl->in_msglen )
- {
- /*
- * We'got more handshake messages in the same record.
- * This case is not handled now because no know implementation does
- * that and it's hard to test, so we prefer to fail cleanly for now.
- */
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "last fragment not alone in its record" ) );
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
- }
-
- if( ssl->in_left > ssl->next_record_offset )
- {
- /*
- * We've got more data in the buffer after the current record,
- * that we don't want to overwrite. Move it before writing the
- * reassembled message, and adjust in_left and next_record_offset.
- */
- unsigned char *cur_remain = ssl->in_hdr + ssl->next_record_offset;
- unsigned char *new_remain = ssl->in_msg + ssl->in_hslen;
- size_t remain_len = ssl->in_left - ssl->next_record_offset;
-
- /* First compute and check new lengths */
- ssl->next_record_offset = new_remain - ssl->in_hdr;
- ssl->in_left = ssl->next_record_offset + remain_len;
-
- if( ssl->in_left > MBEDTLS_SSL_BUFFER_LEN -
- (size_t)( ssl->in_hdr - ssl->in_buf ) )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "reassembled message too large for buffer" ) );
- return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
- }
-
- memmove( new_remain, cur_remain, remain_len );
- }
-
- memcpy( ssl->in_msg, ssl->handshake->hs_msg, ssl->in_hslen );
-
- mbedtls_free( ssl->handshake->hs_msg );
- ssl->handshake->hs_msg = NULL;
-
- MBEDTLS_SSL_DEBUG_BUF( 3, "reassembled handshake message",
- ssl->in_msg, ssl->in_hslen );
-
- return( 0 );
+ return( alloc_len );
}
+
#endif /* MBEDTLS_SSL_PROTO_DTLS */
+static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl )
+{
+ return( ( ssl->in_msg[1] << 16 ) |
+ ( ssl->in_msg[2] << 8 ) |
+ ssl->in_msg[3] );
+}
+
int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
{
if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) )
@@ -3151,10 +3616,7 @@
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
- ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + (
- ( ssl->in_msg[1] << 16 ) |
- ( ssl->in_msg[2] << 8 ) |
- ssl->in_msg[3] );
+ ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ssl_get_hs_total_len( ssl );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen ="
" %d, type = %d, hslen = %d",
@@ -3166,12 +3628,26 @@
int ret;
unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
+ if( ssl_check_hs_header( ssl ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid handshake header" ) );
+ return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+ }
+
if( ssl->handshake != NULL &&
( ( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER &&
recv_msg_seq != ssl->handshake->in_msg_seq ) ||
( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER &&
ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) )
{
+ if( recv_msg_seq > ssl->handshake->in_msg_seq )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "received future handshake message of sequence number %u (next %u)",
+ recv_msg_seq,
+ ssl->handshake->in_msg_seq ) );
+ return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
+ }
+
/* Retransmit only on last message from previous flight, to avoid
* too many retransmissions.
* Besides, No sane server ever retransmits HelloVerifyRequest */
@@ -3201,20 +3677,14 @@
}
/* Wait until message completion to increment in_msg_seq */
- /* Reassemble if current message is fragmented or reassembly is
- * already in progress */
- if( ssl->in_msglen < ssl->in_hslen ||
- memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 ||
- memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 ||
- ( ssl->handshake != NULL && ssl->handshake->hs_msg != NULL ) )
+ /* Message reassembly is handled alongside buffering of future
+ * messages; the commonality is that both handshake fragments and
+ * future messages cannot be forwarded immediately to the
+ * handshake logic layer. */
+ if( ssl_hs_is_proper_fragment( ssl ) == 1 )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) );
-
- if( ( ret = ssl_reassemble_dtls_handshake( ssl ) ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, "ssl_reassemble_dtls_handshake", ret );
- return( ret );
- }
+ return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
}
}
else
@@ -3231,9 +3701,9 @@
void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl )
{
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
- if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER &&
- ssl->handshake != NULL )
+ if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL )
{
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
}
@@ -3243,7 +3713,29 @@
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
ssl->handshake != NULL )
{
- ssl->handshake->in_msg_seq++;
+ unsigned offset;
+ mbedtls_ssl_hs_buffer *hs_buf;
+
+ /* Increment handshake sequence number */
+ hs->in_msg_seq++;
+
+ /*
+ * Clear up handshake buffering and reassembly structure.
+ */
+
+ /* Free first entry */
+ ssl_buffering_free_slot( ssl, 0 );
+
+ /* Shift all other entries */
+ for( offset = 0, hs_buf = &hs->buffering.hs[0];
+ offset + 1 < MBEDTLS_SSL_MAX_BUFFERED_HS;
+ offset++, hs_buf++ )
+ {
+ *hs_buf = *(hs_buf + 1);
+ }
+
+ /* Create a fresh last entry */
+ memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) );
}
#endif
}
@@ -3496,7 +3988,7 @@
ssl->conf->p_cookie,
ssl->cli_id, ssl->cli_id_len,
ssl->in_buf, ssl->in_left,
- ssl->out_buf, MBEDTLS_SSL_MAX_CONTENT_LEN, &len );
+ ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len );
MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_dtls_clihlo_cookie", ret );
@@ -3593,7 +4085,7 @@
}
/* Check length against the size of our buffer */
- if( ssl->in_msglen > MBEDTLS_SSL_BUFFER_LEN
+ if( ssl->in_msglen > MBEDTLS_SSL_IN_BUFFER_LEN
- (size_t)( ssl->in_msg - ssl->in_buf ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
@@ -3644,7 +4136,16 @@
}
else
#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
+ {
+ /* Consider buffering the record. */
+ if( rec_epoch == (unsigned int) ssl->in_epoch + 1 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Consider record for buffering" ) );
+ return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
+ }
+
return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
+ }
}
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
@@ -3657,15 +4158,6 @@
}
#endif
- /* Drop unexpected ChangeCipherSpec messages */
- if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC &&
- ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC &&
- ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ChangeCipherSpec" ) );
- return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
- }
-
/* Drop unexpected ApplicationData records,
* except at the beginning of renegotiations */
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA &&
@@ -3687,7 +4179,7 @@
if( ssl->transform_in == NULL )
{
if( ssl->in_msglen < 1 ||
- ssl->in_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
@@ -3703,7 +4195,7 @@
#if defined(MBEDTLS_SSL_PROTO_SSL3)
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 &&
- ssl->in_msglen > ssl->transform_in->minlen + MBEDTLS_SSL_MAX_CONTENT_LEN )
+ ssl->in_msglen > ssl->transform_in->minlen + MBEDTLS_SSL_IN_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
@@ -3716,7 +4208,7 @@
*/
if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 &&
ssl->in_msglen > ssl->transform_in->minlen +
- MBEDTLS_SSL_MAX_CONTENT_LEN + 256 )
+ MBEDTLS_SSL_IN_CONTENT_LEN + 256 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
@@ -3764,7 +4256,7 @@
MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt",
ssl->in_msg, ssl->in_msglen );
- if( ssl->in_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
@@ -3802,7 +4294,14 @@
* RFC 6347 4.1.2.7) and continue reading until a valid record is found.
*
*/
-int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl )
+
+/* Helper functions for mbedtls_ssl_read_record(). */
+static int ssl_consume_current_message( mbedtls_ssl_context *ssl );
+static int ssl_get_next_record( mbedtls_ssl_context *ssl );
+static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
+ unsigned update_hs_digest )
{
int ret;
@@ -3812,17 +4311,53 @@
{
do {
- do ret = mbedtls_ssl_read_record_layer( ssl );
- while( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING );
-
+ ret = ssl_consume_current_message( ssl );
if( ret != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret );
return( ret );
+
+ if( ssl_record_is_in_progress( ssl ) == 0 )
+ {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ int have_buffered = 0;
+
+ /* We only check for buffered messages if the
+ * current datagram is fully consumed. */
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+ ssl_next_record_is_in_datagram( ssl ) == 0 )
+ {
+ if( ssl_load_buffered_message( ssl ) == 0 )
+ have_buffered = 1;
+ }
+
+ if( have_buffered == 0 )
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+ {
+ ret = ssl_get_next_record( ssl );
+ if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING )
+ continue;
+
+ if( ret != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_get_next_record" ), ret );
+ return( ret );
+ }
+ }
}
ret = mbedtls_ssl_handle_message_type( ssl );
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE )
+ {
+ /* Buffer future message */
+ ret = ssl_buffer_message( ssl );
+ if( ret != 0 )
+ return( ret );
+
+ ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
+ }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
} while( MBEDTLS_ERR_SSL_NON_FATAL == ret ||
MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret );
@@ -3832,14 +4367,15 @@
return( ret );
}
- if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
+ if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+ update_hs_digest == 1 )
{
mbedtls_ssl_update_handshake_status( ssl );
}
}
else
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= reuse previously read message" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "reuse previously read message" ) );
ssl->keep_current_message = 0;
}
@@ -3848,13 +4384,350 @@
return( 0 );
}
-int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl )
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl )
{
- int ret;
+ if( ssl->in_left > ssl->next_record_offset )
+ return( 1 );
+ return( 0 );
+}
+
+static int ssl_load_buffered_message( mbedtls_ssl_context *ssl )
+{
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+ mbedtls_ssl_hs_buffer * hs_buf;
+ int ret = 0;
+
+ if( hs == NULL )
+ return( -1 );
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_messsage" ) );
+
+ if( ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC ||
+ ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC )
+ {
+ /* Check if we have seen a ChangeCipherSpec before.
+ * If yes, synthesize a CCS record. */
+ if( !hs->buffering.seen_ccs )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "CCS not seen in the current flight" ) );
+ ret = -1;
+ goto exit;
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Injecting buffered CCS message" ) );
+ ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC;
+ ssl->in_msglen = 1;
+ ssl->in_msg[0] = 1;
+
+ /* As long as they are equal, the exact value doesn't matter. */
+ ssl->in_left = 0;
+ ssl->next_record_offset = 0;
+
+ hs->buffering.seen_ccs = 0;
+ goto exit;
+ }
+
+#if defined(MBEDTLS_DEBUG_C)
+ /* Debug only */
+ {
+ unsigned offset;
+ for( offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ )
+ {
+ hs_buf = &hs->buffering.hs[offset];
+ if( hs_buf->is_valid == 1 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Future message with sequence number %u %s buffered.",
+ hs->in_msg_seq + offset,
+ hs_buf->is_complete ? "fully" : "partially" ) );
+ }
+ }
+ }
+#endif /* MBEDTLS_DEBUG_C */
+
+ /* Check if we have buffered and/or fully reassembled the
+ * next handshake message. */
+ hs_buf = &hs->buffering.hs[0];
+ if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) )
+ {
+ /* Synthesize a record containing the buffered HS message. */
+ size_t msg_len = ( hs_buf->data[1] << 16 ) |
+ ( hs_buf->data[2] << 8 ) |
+ hs_buf->data[3];
+
+ /* Double-check that we haven't accidentally buffered
+ * a message that doesn't fit into the input buffer. */
+ if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message has been buffered - load" ) );
+ MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered handshake message (incl. header)",
+ hs_buf->data, msg_len + 12 );
+
+ ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+ ssl->in_hslen = msg_len + 12;
+ ssl->in_msglen = msg_len + 12;
+ memcpy( ssl->in_msg, hs_buf->data, ssl->in_hslen );
+
+ ret = 0;
+ goto exit;
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message %u not or only partially bufffered",
+ hs->in_msg_seq ) );
+ }
+
+ ret = -1;
+
+exit:
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_message" ) );
+ return( ret );
+}
+
+static int ssl_buffer_make_space( mbedtls_ssl_context *ssl,
+ size_t desired )
+{
+ int offset;
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Attempt to free buffered messages to have %u bytes available",
+ (unsigned) desired ) );
+
+ /* Get rid of future records epoch first, if such exist. */
+ ssl_free_buffered_record( ssl );
+
+ /* Check if we have enough space available now. */
+ if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
+ hs->buffering.total_bytes_buffered ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing future epoch record" ) );
+ return( 0 );
+ }
+
+ /* We don't have enough space to buffer the next expected handshake
+ * message. Remove buffers used for future messages to gain space,
+ * starting with the most distant one. */
+ for( offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1;
+ offset >= 0; offset-- )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Free buffering slot %d to make space for reassembly of next handshake message",
+ offset ) );
+
+ ssl_buffering_free_slot( ssl, (uint8_t) offset );
+
+ /* Check if we have enough space available now. */
+ if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
+ hs->buffering.total_bytes_buffered ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing buffered HS messages" ) );
+ return( 0 );
+ }
+ }
+
+ return( -1 );
+}
+
+static int ssl_buffer_message( mbedtls_ssl_context *ssl )
+{
+ int ret = 0;
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+
+ if( hs == NULL )
+ return( 0 );
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_buffer_message" ) );
+
+ switch( ssl->in_msgtype )
+ {
+ case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC:
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Remember CCS message" ) );
+
+ hs->buffering.seen_ccs = 1;
+ break;
+
+ case MBEDTLS_SSL_MSG_HANDSHAKE:
+ {
+ unsigned recv_msg_seq_offset;
+ unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
+ mbedtls_ssl_hs_buffer *hs_buf;
+ size_t msg_len = ssl->in_hslen - 12;
+
+ /* We should never receive an old handshake
+ * message - double-check nonetheless. */
+ if( recv_msg_seq < ssl->handshake->in_msg_seq )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+ recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq;
+ if( recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS )
+ {
+ /* Silently ignore -- message too far in the future */
+ MBEDTLS_SSL_DEBUG_MSG( 2,
+ ( "Ignore future HS message with sequence number %u, "
+ "buffering window %u - %u",
+ recv_msg_seq, ssl->handshake->in_msg_seq,
+ ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - 1 ) );
+
+ goto exit;
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering HS message with sequence number %u, offset %u ",
+ recv_msg_seq, recv_msg_seq_offset ) );
+
+ hs_buf = &hs->buffering.hs[ recv_msg_seq_offset ];
+
+ /* Check if the buffering for this seq nr has already commenced. */
+ if( !hs_buf->is_valid )
+ {
+ size_t reassembly_buf_sz;
+
+ hs_buf->is_fragmented =
+ ( ssl_hs_is_proper_fragment( ssl ) == 1 );
+
+ /* We copy the message back into the input buffer
+ * after reassembly, so check that it's not too large.
+ * This is an implementation-specific limitation
+ * and not one from the standard, hence it is not
+ * checked in ssl_check_hs_header(). */
+ if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN )
+ {
+ /* Ignore message */
+ goto exit;
+ }
+
+ /* Check if we have enough space to buffer the message. */
+ if( hs->buffering.total_bytes_buffered >
+ MBEDTLS_SSL_DTLS_MAX_BUFFERING )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+ reassembly_buf_sz = ssl_get_reassembly_buffer_size( msg_len,
+ hs_buf->is_fragmented );
+
+ if( reassembly_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
+ hs->buffering.total_bytes_buffered ) )
+ {
+ if( recv_msg_seq_offset > 0 )
+ {
+ /* If we can't buffer a future message because
+ * of space limitations -- ignore. */
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n",
+ (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+ (unsigned) hs->buffering.total_bytes_buffered ) );
+ goto exit;
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- attempt to make space by freeing buffered future messages\n",
+ (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+ (unsigned) hs->buffering.total_bytes_buffered ) );
+ }
+
+ if( ssl_buffer_make_space( ssl, reassembly_buf_sz ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %u (%u with bitmap) would exceed the compile-time limit %u (already %u bytes buffered) -- fail\n",
+ (unsigned) msg_len,
+ (unsigned) reassembly_buf_sz,
+ MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+ (unsigned) hs->buffering.total_bytes_buffered ) );
+ ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d",
+ msg_len ) );
+
+ hs_buf->data = mbedtls_calloc( 1, reassembly_buf_sz );
+ if( hs_buf->data == NULL )
+ {
+ ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ goto exit;
+ }
+ hs_buf->data_len = reassembly_buf_sz;
+
+ /* Prepare final header: copy msg_type, length and message_seq,
+ * then add standardised fragment_offset and fragment_length */
+ memcpy( hs_buf->data, ssl->in_msg, 6 );
+ memset( hs_buf->data + 6, 0, 3 );
+ memcpy( hs_buf->data + 9, hs_buf->data + 1, 3 );
+
+ hs_buf->is_valid = 1;
+
+ hs->buffering.total_bytes_buffered += reassembly_buf_sz;
+ }
+ else
+ {
+ /* Make sure msg_type and length are consistent */
+ if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) );
+ /* Ignore */
+ goto exit;
+ }
+ }
+
+ if( !hs_buf->is_complete )
+ {
+ size_t frag_len, frag_off;
+ unsigned char * const msg = hs_buf->data + 12;
+
+ /*
+ * Check and copy current fragment
+ */
+
+ /* Validation of header fields already done in
+ * mbedtls_ssl_prepare_handshake_record(). */
+ frag_off = ssl_get_hs_frag_off( ssl );
+ frag_len = ssl_get_hs_frag_len( ssl );
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d",
+ frag_off, frag_len ) );
+ memcpy( msg + frag_off, ssl->in_msg + 12, frag_len );
+
+ if( hs_buf->is_fragmented )
+ {
+ unsigned char * const bitmask = msg + msg_len;
+ ssl_bitmask_set( bitmask, frag_off, frag_len );
+ hs_buf->is_complete = ( ssl_bitmask_check( bitmask,
+ msg_len ) == 0 );
+ }
+ else
+ {
+ hs_buf->is_complete = 1;
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "message %scomplete",
+ hs_buf->is_complete ? "" : "not yet " ) );
+ }
+
+ break;
+ }
+
+ default:
+ /* We don't buffer other types of messages. */
+ break;
+ }
+
+exit:
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_buffer_message" ) );
+ return( ret );
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+static int ssl_consume_current_message( mbedtls_ssl_context *ssl )
+{
/*
- * Step A
- *
* Consume last content-layer message and potentially
* update in_msglen which keeps track of the contents'
* consumption state.
@@ -3936,20 +4809,161 @@
ssl->in_msglen = 0;
}
- /*
- * Step B
- *
- * Fetch and decode new record if current one is fully consumed.
- *
- */
+ return( 0 );
+}
+static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl )
+{
if( ssl->in_msglen > 0 )
+ return( 1 );
+
+ return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+static void ssl_free_buffered_record( mbedtls_ssl_context *ssl )
+{
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+ if( hs == NULL )
+ return;
+
+ if( hs->buffering.future_record.data != NULL )
{
- /* There's something left to be processed in the current record. */
+ hs->buffering.total_bytes_buffered -=
+ hs->buffering.future_record.len;
+
+ mbedtls_free( hs->buffering.future_record.data );
+ hs->buffering.future_record.data = NULL;
+ }
+}
+
+static int ssl_load_buffered_record( mbedtls_ssl_context *ssl )
+{
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+ unsigned char * rec;
+ size_t rec_len;
+ unsigned rec_epoch;
+
+ if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ return( 0 );
+
+ if( hs == NULL )
+ return( 0 );
+
+ rec = hs->buffering.future_record.data;
+ rec_len = hs->buffering.future_record.len;
+ rec_epoch = hs->buffering.future_record.epoch;
+
+ if( rec == NULL )
+ return( 0 );
+
+ /* Only consider loading future records if the
+ * input buffer is empty. */
+ if( ssl_next_record_is_in_datagram( ssl ) == 1 )
+ return( 0 );
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_record" ) );
+
+ if( rec_epoch != ssl->in_epoch )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffered record not from current epoch." ) );
+ goto exit;
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Found buffered record from current epoch - load" ) );
+
+ /* Double-check that the record is not too large */
+ if( rec_len > MBEDTLS_SSL_IN_BUFFER_LEN -
+ (size_t)( ssl->in_hdr - ssl->in_buf ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+ memcpy( ssl->in_hdr, rec, rec_len );
+ ssl->in_left = rec_len;
+ ssl->next_record_offset = 0;
+
+ ssl_free_buffered_record( ssl );
+
+exit:
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_record" ) );
+ return( 0 );
+}
+
+static int ssl_buffer_future_record( mbedtls_ssl_context *ssl )
+{
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+ size_t const rec_hdr_len = 13;
+ size_t const total_buf_sz = rec_hdr_len + ssl->in_msglen;
+
+ /* Don't buffer future records outside handshakes. */
+ if( hs == NULL )
+ return( 0 );
+
+ /* Only buffer handshake records (we are only interested
+ * in Finished messages). */
+ if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+ return( 0 );
+
+ /* Don't buffer more than one future epoch record. */
+ if( hs->buffering.future_record.data != NULL )
+ return( 0 );
+
+ /* Don't buffer record if there's not enough buffering space remaining. */
+ if( total_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
+ hs->buffering.total_bytes_buffered ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n",
+ (unsigned) total_buf_sz, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+ (unsigned) hs->buffering.total_bytes_buffered ) );
return( 0 );
}
- /* Current record either fully processed or to be discarded. */
+ /* Buffer record */
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffer record from epoch %u",
+ ssl->in_epoch + 1 ) );
+ MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered record", ssl->in_hdr,
+ rec_hdr_len + ssl->in_msglen );
+
+ /* ssl_parse_record_header() only considers records
+ * of the next epoch as candidates for buffering. */
+ hs->buffering.future_record.epoch = ssl->in_epoch + 1;
+ hs->buffering.future_record.len = total_buf_sz;
+
+ hs->buffering.future_record.data =
+ mbedtls_calloc( 1, hs->buffering.future_record.len );
+ if( hs->buffering.future_record.data == NULL )
+ {
+ /* If we run out of RAM trying to buffer a
+ * record from the next epoch, just ignore. */
+ return( 0 );
+ }
+
+ memcpy( hs->buffering.future_record.data, ssl->in_hdr, total_buf_sz );
+
+ hs->buffering.total_bytes_buffered += total_buf_sz;
+ return( 0 );
+}
+
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+static int ssl_get_next_record( mbedtls_ssl_context *ssl )
+{
+ int ret;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ /* We might have buffered a future record; if so,
+ * and if the epoch matches now, load it.
+ * On success, this call will set ssl->in_left to
+ * the length of the buffered record, so that
+ * the calls to ssl_fetch_input() below will
+ * essentially be no-ops. */
+ ret = ssl_load_buffered_record( ssl );
+ if( ret != 0 )
+ return( ret );
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl ) ) ) != 0 )
{
@@ -3963,6 +4977,16 @@
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT )
{
+ if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE )
+ {
+ ret = ssl_buffer_future_record( ssl );
+ if( ret != 0 )
+ return( ret );
+
+ /* Fall through to handling of unexpected records */
+ ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
+ }
+
if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD )
{
/* Skip unexpected record (but not whole datagram) */
@@ -4094,8 +5118,51 @@
}
}
+ if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
+ {
+ if( ssl->in_msglen != 1 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %d",
+ ssl->in_msglen ) );
+ return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+ }
+
+ if( ssl->in_msg[0] != 1 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, content: %02x",
+ ssl->in_msg[0] ) );
+ return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+ }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+ ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC &&
+ ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC )
+ {
+ if( ssl->handshake == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping ChangeCipherSpec outside handshake" ) );
+ return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "received out-of-order ChangeCipherSpec - remember" ) );
+ return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
+ }
+#endif
+ }
+
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )
{
+ if( ssl->in_msglen != 2 )
+ {
+ /* Note: Standard allows for more than one 2 byte alert
+ to be packed in a single message, but Mbed TLS doesn't
+ currently support this. */
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %d",
+ ssl->in_msglen ) );
+ return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+ }
+
MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]",
ssl->in_msg[0], ssl->in_msg[1] ) );
@@ -4185,7 +5252,7 @@
ssl->out_msg[0] = level;
ssl->out_msg[1] = message;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
return( ret );
@@ -4325,10 +5392,10 @@
while( crt != NULL )
{
n = crt->raw.len;
- if( n > MBEDTLS_SSL_MAX_CONTENT_LEN - 3 - i )
+ if( n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d",
- i + 3 + n, MBEDTLS_SSL_MAX_CONTENT_LEN ) );
+ i + 3 + n, MBEDTLS_SSL_OUT_CONTENT_LEN ) );
return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE );
}
@@ -4354,9 +5421,9 @@
ssl->state++;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
@@ -4365,60 +5432,16 @@
return( ret );
}
-int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
+/*
+ * Once the certificate message is read, parse it into a cert chain and
+ * perform basic checks, but leave actual verification to the caller
+ */
+static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl )
{
- int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+ int ret;
size_t i, n;
- const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
- int authmode = ssl->conf->authmode;
uint8_t alert;
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
-
- if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
- ssl->state++;
- return( 0 );
- }
-
-#if defined(MBEDTLS_SSL_SRV_C)
- if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
- ssl->state++;
- return( 0 );
- }
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
- if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET )
- authmode = ssl->handshake->sni_authmode;
-#endif
-
- if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
- authmode == MBEDTLS_SSL_VERIFY_NONE )
- {
- ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY;
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
- ssl->state++;
- return( 0 );
- }
-#endif
-
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
- {
- /* mbedtls_ssl_read_record may have sent an alert already. We
- let it decide whether to alert. */
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
- return( ret );
- }
-
- ssl->state++;
-
#if defined(MBEDTLS_SSL_SRV_C)
#if defined(MBEDTLS_SSL_PROTO_SSL3)
/*
@@ -4438,10 +5461,7 @@
one. The client should know what's going on, so we
don't send an alert. */
ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
- if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL )
- return( 0 );
- else
- return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
+ return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
}
}
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
@@ -4462,10 +5482,7 @@
one. The client should know what's going on, so we
don't send an alert. */
ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
- if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL )
- return( 0 );
- else
- return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
+ return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
}
}
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
@@ -4528,6 +5545,12 @@
while( i < ssl->in_hslen )
{
+ if ( i + 3 > ssl->in_hslen ) {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+ }
if( ssl->in_msg[i] != 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
@@ -4609,6 +5632,94 @@
}
#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
+ return( 0 );
+}
+
+int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
+{
+ int ret;
+ const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
+ ssl->transform_negotiate->ciphersuite_info;
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET
+ ? ssl->handshake->sni_authmode
+ : ssl->conf->authmode;
+#else
+ const int authmode = ssl->conf->authmode;
+#endif
+ void *rs_ctx = NULL;
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
+
+ if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+ ssl->state++;
+ return( 0 );
+ }
+
+#if defined(MBEDTLS_SSL_SRV_C)
+ if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+ ssl->state++;
+ return( 0 );
+ }
+
+ if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+ authmode == MBEDTLS_SSL_VERIFY_NONE )
+ {
+ ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY;
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+
+ ssl->state++;
+ return( 0 );
+ }
+#endif
+
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled &&
+ ssl->handshake->ecrs_state == ssl_ecrs_crt_verify )
+ {
+ goto crt_verify;
+ }
+#endif
+
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
+ {
+ /* mbedtls_ssl_read_record may have sent an alert already. We
+ let it decide whether to alert. */
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+ return( ret );
+ }
+
+ if( ( ret = ssl_parse_certificate_chain( ssl ) ) != 0 )
+ {
+#if defined(MBEDTLS_SSL_SRV_C)
+ if( ret == MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE &&
+ authmode == MBEDTLS_SSL_VERIFY_OPTIONAL )
+ {
+ ret = 0;
+ }
+#endif
+
+ ssl->state++;
+ return( ret );
+ }
+
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled)
+ ssl->handshake->ecrs_state = ssl_ecrs_crt_verify;
+
+crt_verify:
+ if( ssl->handshake->ecrs_enabled)
+ rs_ctx = &ssl->handshake->ecrs_ctx;
+#endif
+
if( authmode != MBEDTLS_SSL_VERIFY_NONE )
{
mbedtls_x509_crt *ca_chain;
@@ -4630,19 +5741,24 @@
/*
* Main check: verify certificate
*/
- ret = mbedtls_x509_crt_verify_with_profile(
+ ret = mbedtls_x509_crt_verify_restartable(
ssl->session_negotiate->peer_cert,
ca_chain, ca_crl,
ssl->conf->cert_profile,
ssl->hostname,
&ssl->session_negotiate->verify_result,
- ssl->conf->f_vrfy, ssl->conf->p_vrfy );
+ ssl->conf->f_vrfy, ssl->conf->p_vrfy, rs_ctx );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret );
}
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS );
+#endif
+
/*
* Secondary checks: always done, but change 'ret' only if it was 0
*/
@@ -4695,6 +5811,8 @@
if( ret != 0 )
{
+ uint8_t alert;
+
/* The certificate may have been rejected for several reasons.
Pick one and send the corresponding alert. Which alert to send
may be a subject of debate in some cases. */
@@ -4737,6 +5855,8 @@
#endif /* MBEDTLS_DEBUG_C */
}
+ ssl->state++;
+
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
return( ret );
@@ -4761,9 +5881,9 @@
ssl->state++;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
@@ -4778,7 +5898,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) );
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
@@ -4792,13 +5912,8 @@
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
}
- if( ssl->in_msglen != 1 || ssl->in_msg[0] != 1 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
- return( MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC );
- }
+ /* CCS records are only accepted if they have length 1 and content '1',
+ * so we don't need to check this here. */
/*
* Switch to our negotiated transform and session parameters for inbound
@@ -4828,16 +5943,7 @@
#endif /* MBEDTLS_SSL_PROTO_DTLS */
memset( ssl->in_ctr, 0, 8 );
- /*
- * Set the in_msg pointer to the correct location based on IV length
- */
- if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
- {
- ssl->in_msg = ssl->in_iv + ssl->transform_negotiate->ivlen -
- ssl->transform_negotiate->fixed_ivlen;
- }
- else
- ssl->in_msg = ssl->in_iv;
+ ssl_update_in_pointers( ssl, ssl->transform_negotiate );
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
if( mbedtls_ssl_hw_record_activate != NULL )
@@ -5288,16 +6394,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) );
- /*
- * Set the out_msg pointer to the correct location based on IV length
- */
- if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
- {
- ssl->out_msg = ssl->out_iv + ssl->transform_negotiate->ivlen -
- ssl->transform_negotiate->fixed_ivlen;
- }
- else
- ssl->out_msg = ssl->out_iv;
+ ssl_update_out_pointers( ssl, ssl->transform_negotiate );
ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint );
@@ -5349,14 +6446,14 @@
/* Remember current epoch settings for resending */
ssl->handshake->alt_transform_out = ssl->transform_out;
- memcpy( ssl->handshake->alt_out_ctr, ssl->out_ctr, 8 );
+ memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 );
/* Set sequence_number to zero */
- memset( ssl->out_ctr + 2, 0, 6 );
+ memset( ssl->cur_out_ctr + 2, 0, 6 );
/* Increment epoch */
for( i = 2; i > 0; i-- )
- if( ++ssl->out_ctr[i - 1] != 0 )
+ if( ++ssl->cur_out_ctr[i - 1] != 0 )
break;
/* The loop goes to its end iff the counter is wrapping */
@@ -5368,7 +6465,7 @@
}
else
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- memset( ssl->out_ctr, 0, 8 );
+ memset( ssl->cur_out_ctr, 0, 8 );
ssl->transform_out = ssl->transform_negotiate;
ssl->session_out = ssl->session_negotiate;
@@ -5389,12 +6486,21 @@
mbedtls_ssl_send_flight_completed( ssl );
#endif
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+ ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret );
+ return( ret );
+ }
+#endif
+
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) );
return( 0 );
@@ -5416,7 +6522,7 @@
ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 );
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
@@ -5528,6 +6634,10 @@
#endif
#endif
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx );
+#endif
+
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET;
#endif
@@ -5647,6 +6757,78 @@
}
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
+/* Once ssl->out_hdr as the address of the beginning of the
+ * next outgoing record is set, deduce the other pointers.
+ *
+ * Note: For TLS, we save the implicit record sequence number
+ * (entering MAC computation) in the 8 bytes before ssl->out_hdr,
+ * and the caller has to make sure there's space for this.
+ */
+
+static void ssl_update_out_pointers( mbedtls_ssl_context *ssl,
+ mbedtls_ssl_transform *transform )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ ssl->out_ctr = ssl->out_hdr + 3;
+ ssl->out_len = ssl->out_hdr + 11;
+ ssl->out_iv = ssl->out_hdr + 13;
+ }
+ else
+#endif
+ {
+ ssl->out_ctr = ssl->out_hdr - 8;
+ ssl->out_len = ssl->out_hdr + 3;
+ ssl->out_iv = ssl->out_hdr + 5;
+ }
+
+ /* Adjust out_msg to make space for explicit IV, if used. */
+ if( transform != NULL &&
+ ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+ {
+ ssl->out_msg = ssl->out_iv + transform->ivlen - transform->fixed_ivlen;
+ }
+ else
+ ssl->out_msg = ssl->out_iv;
+}
+
+/* Once ssl->in_hdr as the address of the beginning of the
+ * next incoming record is set, deduce the other pointers.
+ *
+ * Note: For TLS, we save the implicit record sequence number
+ * (entering MAC computation) in the 8 bytes before ssl->in_hdr,
+ * and the caller has to make sure there's space for this.
+ */
+
+static void ssl_update_in_pointers( mbedtls_ssl_context *ssl,
+ mbedtls_ssl_transform *transform )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ ssl->in_ctr = ssl->in_hdr + 3;
+ ssl->in_len = ssl->in_hdr + 11;
+ ssl->in_iv = ssl->in_hdr + 13;
+ }
+ else
+#endif
+ {
+ ssl->in_ctr = ssl->in_hdr - 8;
+ ssl->in_len = ssl->in_hdr + 3;
+ ssl->in_iv = ssl->in_hdr + 5;
+ }
+
+ /* Offset in_msg from in_iv to allow space for explicit IV, if used. */
+ if( transform != NULL &&
+ ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+ {
+ ssl->in_msg = ssl->in_iv + transform->ivlen - transform->fixed_ivlen;
+ }
+ else
+ ssl->in_msg = ssl->in_iv;
+}
+
/*
* Initialize an SSL context
*/
@@ -5658,61 +6840,87 @@
/*
* Setup an SSL context
*/
+
+static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl )
+{
+ /* Set the incoming and outgoing record pointers. */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ ssl->out_hdr = ssl->out_buf;
+ ssl->in_hdr = ssl->in_buf;
+ }
+ else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+ {
+ ssl->out_hdr = ssl->out_buf + 8;
+ ssl->in_hdr = ssl->in_buf + 8;
+ }
+
+ /* Derive other internal pointers. */
+ ssl_update_out_pointers( ssl, NULL /* no transform enabled */ );
+ ssl_update_in_pointers ( ssl, NULL /* no transform enabled */ );
+}
+
int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
const mbedtls_ssl_config *conf )
{
int ret;
- const size_t len = MBEDTLS_SSL_BUFFER_LEN;
ssl->conf = conf;
/*
* Prepare base structures
*/
- if( ( ssl-> in_buf = mbedtls_calloc( 1, len ) ) == NULL ||
- ( ssl->out_buf = mbedtls_calloc( 1, len ) ) == NULL )
+
+ /* Set to NULL in case of an error condition */
+ ssl->out_buf = NULL;
+
+ ssl->in_buf = mbedtls_calloc( 1, MBEDTLS_SSL_IN_BUFFER_LEN );
+ if( ssl->in_buf == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", len ) );
- mbedtls_free( ssl->in_buf );
- ssl->in_buf = NULL;
- return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_IN_BUFFER_LEN) );
+ ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ goto error;
}
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
- if( conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ ssl->out_buf = mbedtls_calloc( 1, MBEDTLS_SSL_OUT_BUFFER_LEN );
+ if( ssl->out_buf == NULL )
{
- ssl->out_hdr = ssl->out_buf;
- ssl->out_ctr = ssl->out_buf + 3;
- ssl->out_len = ssl->out_buf + 11;
- ssl->out_iv = ssl->out_buf + 13;
- ssl->out_msg = ssl->out_buf + 13;
-
- ssl->in_hdr = ssl->in_buf;
- ssl->in_ctr = ssl->in_buf + 3;
- ssl->in_len = ssl->in_buf + 11;
- ssl->in_iv = ssl->in_buf + 13;
- ssl->in_msg = ssl->in_buf + 13;
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_OUT_BUFFER_LEN) );
+ ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ goto error;
}
- else
-#endif
- {
- ssl->out_ctr = ssl->out_buf;
- ssl->out_hdr = ssl->out_buf + 8;
- ssl->out_len = ssl->out_buf + 11;
- ssl->out_iv = ssl->out_buf + 13;
- ssl->out_msg = ssl->out_buf + 13;
- ssl->in_ctr = ssl->in_buf;
- ssl->in_hdr = ssl->in_buf + 8;
- ssl->in_len = ssl->in_buf + 11;
- ssl->in_iv = ssl->in_buf + 13;
- ssl->in_msg = ssl->in_buf + 13;
- }
+ ssl_reset_in_out_pointers( ssl );
if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
- return( ret );
+ goto error;
return( 0 );
+
+error:
+ mbedtls_free( ssl->in_buf );
+ mbedtls_free( ssl->out_buf );
+
+ ssl->conf = NULL;
+
+ ssl->in_buf = NULL;
+ ssl->out_buf = NULL;
+
+ ssl->in_hdr = NULL;
+ ssl->in_ctr = NULL;
+ ssl->in_len = NULL;
+ ssl->in_iv = NULL;
+ ssl->in_msg = NULL;
+
+ ssl->out_hdr = NULL;
+ ssl->out_ctr = NULL;
+ ssl->out_len = NULL;
+ ssl->out_iv = NULL;
+ ssl->out_msg = NULL;
+
+ return( ret );
}
/*
@@ -5726,6 +6934,11 @@
{
int ret;
+#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || \
+ !defined(MBEDTLS_SSL_SRV_C)
+ ((void) partial);
+#endif
+
ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
/* Cancel any possibly running timer */
@@ -5742,12 +6955,10 @@
ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION;
ssl->in_offt = NULL;
+ ssl_reset_in_out_pointers( ssl );
- ssl->in_msg = ssl->in_buf + 13;
ssl->in_msgtype = 0;
ssl->in_msglen = 0;
- if( partial == 0 )
- ssl->in_left = 0;
#if defined(MBEDTLS_SSL_PROTO_DTLS)
ssl->next_record_offset = 0;
ssl->in_epoch = 0;
@@ -5761,7 +6972,6 @@
ssl->keep_current_message = 0;
- ssl->out_msg = ssl->out_buf + 13;
ssl->out_msgtype = 0;
ssl->out_msglen = 0;
ssl->out_left = 0;
@@ -5770,12 +6980,23 @@
ssl->split_done = 0;
#endif
+ memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) );
+
ssl->transform_in = NULL;
ssl->transform_out = NULL;
- memset( ssl->out_buf, 0, MBEDTLS_SSL_BUFFER_LEN );
+ ssl->session_in = NULL;
+ ssl->session_out = NULL;
+
+ memset( ssl->out_buf, 0, MBEDTLS_SSL_OUT_BUFFER_LEN );
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
if( partial == 0 )
- memset( ssl->in_buf, 0, MBEDTLS_SSL_BUFFER_LEN );
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
+ {
+ ssl->in_left = 0;
+ memset( ssl->in_buf, 0, MBEDTLS_SSL_IN_BUFFER_LEN );
+ }
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
if( mbedtls_ssl_hw_record_reset != NULL )
@@ -5808,7 +7029,9 @@
#endif
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
if( partial == 0 )
+#endif
{
mbedtls_free( ssl->cli_id );
ssl->cli_id = NULL;
@@ -5859,7 +7082,15 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS)
-void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max )
+
+void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl,
+ unsigned allow_packing )
+{
+ ssl->disable_datagram_packing = !allow_packing;
+}
+
+void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf,
+ uint32_t min, uint32_t max )
{
conf->hs_timeout_min = min;
conf->hs_timeout_max = max;
@@ -5909,6 +7140,13 @@
ssl->f_recv_timeout = f_recv_timeout;
}
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu )
+{
+ ssl->mtu = mtu;
+}
+#endif
+
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
{
conf->read_timeout = timeout;
@@ -5995,27 +7233,27 @@
mbedtls_x509_crt *cert,
mbedtls_pk_context *key )
{
- mbedtls_ssl_key_cert *new;
+ mbedtls_ssl_key_cert *new_cert;
- new = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) );
- if( new == NULL )
+ new_cert = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) );
+ if( new_cert == NULL )
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
- new->cert = cert;
- new->key = key;
- new->next = NULL;
+ new_cert->cert = cert;
+ new_cert->key = key;
+ new_cert->next = NULL;
/* Update head is the list was null, else add to the end */
if( *head == NULL )
{
- *head = new;
+ *head = new_cert;
}
else
{
mbedtls_ssl_key_cert *cur = *head;
while( cur->next != NULL )
cur = cur->next;
- cur->next = new;
+ cur->next = new_cert;
}
return( 0 );
@@ -6100,7 +7338,7 @@
/* Identity len will be encoded on two bytes */
if( ( psk_identity_len >> 16 ) != 0 ||
- psk_identity_len > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@@ -6401,7 +7639,7 @@
int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
{
if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ||
- mfl_code_to_length[mfl_code] > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ ssl_mfl_code_to_length( mfl_code ) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@@ -6572,7 +7810,7 @@
/*
* In all other cases, the rest of the message can be dropped.
- * As in ssl_read_record_layer, this needs to be adapted if
+ * As in ssl_get_next_record, this needs to be adapted if
* we implement support for multiple alerts in single records.
*/
@@ -6639,28 +7877,47 @@
int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
{
- size_t transform_expansion;
+ size_t transform_expansion = 0;
const mbedtls_ssl_transform *transform = ssl->transform_out;
+ unsigned block_size;
+
+ if( transform == NULL )
+ return( (int) mbedtls_ssl_hdr_len( ssl ) );
#if defined(MBEDTLS_ZLIB_SUPPORT)
if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
#endif
- if( transform == NULL )
- return( (int) mbedtls_ssl_hdr_len( ssl ) );
-
switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
{
case MBEDTLS_MODE_GCM:
case MBEDTLS_MODE_CCM:
+ case MBEDTLS_MODE_CHACHAPOLY:
case MBEDTLS_MODE_STREAM:
transform_expansion = transform->minlen;
break;
case MBEDTLS_MODE_CBC:
- transform_expansion = transform->maclen
- + mbedtls_cipher_get_block_size( &transform->cipher_ctx_enc );
+
+ block_size = mbedtls_cipher_get_block_size(
+ &transform->cipher_ctx_enc );
+
+ /* Expansion due to the addition of the MAC. */
+ transform_expansion += transform->maclen;
+
+ /* Expansion due to the addition of CBC padding;
+ * Theoretically up to 256 bytes, but we never use
+ * more than the block size of the underlying cipher. */
+ transform_expansion += block_size;
+
+ /* For TLS 1.1 or higher, an explicit IV is added
+ * after the record header. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+ transform_expansion += block_size;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
+
break;
default:
@@ -6679,21 +7936,91 @@
/*
* Assume mfl_code is correct since it was checked when set
*/
- max_len = mfl_code_to_length[ssl->conf->mfl_code];
+ max_len = ssl_mfl_code_to_length( ssl->conf->mfl_code );
- /*
- * Check if a smaller max length was negotiated
- */
+ /* Check if a smaller max length was negotiated */
if( ssl->session_out != NULL &&
- mfl_code_to_length[ssl->session_out->mfl_code] < max_len )
+ ssl_mfl_code_to_length( ssl->session_out->mfl_code ) < max_len )
{
- max_len = mfl_code_to_length[ssl->session_out->mfl_code];
+ max_len = ssl_mfl_code_to_length( ssl->session_out->mfl_code );
}
- return max_len;
+ /* During a handshake, use the value being negotiated */
+ if( ssl->session_negotiate != NULL &&
+ ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ) < max_len )
+ {
+ max_len = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code );
+ }
+
+ return( max_len );
}
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl )
+{
+ /* Return unlimited mtu for client hello messages to avoid fragmentation. */
+ if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+ ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO ||
+ ssl->state == MBEDTLS_SSL_SERVER_HELLO ) )
+ return ( 0 );
+
+ if( ssl->handshake == NULL || ssl->handshake->mtu == 0 )
+ return( ssl->mtu );
+
+ if( ssl->mtu == 0 )
+ return( ssl->handshake->mtu );
+
+ return( ssl->mtu < ssl->handshake->mtu ?
+ ssl->mtu : ssl->handshake->mtu );
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl )
+{
+ size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \
+ !defined(MBEDTLS_SSL_PROTO_DTLS)
+ (void) ssl;
+#endif
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+ const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl );
+
+ if( max_len > mfl )
+ max_len = mfl;
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl_get_current_mtu( ssl ) != 0 )
+ {
+ const size_t mtu = ssl_get_current_mtu( ssl );
+ const int ret = mbedtls_ssl_get_record_expansion( ssl );
+ const size_t overhead = (size_t) ret;
+
+ if( ret < 0 )
+ return( ret );
+
+ if( mtu <= overhead )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "MTU too low for record expansion" ) );
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+ }
+
+ if( max_len > mtu - overhead )
+ max_len = mtu - overhead;
+ }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \
+ !defined(MBEDTLS_SSL_PROTO_DTLS)
+ ((void) ssl);
+#endif
+
+ return( (int) max_len );
+}
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl )
{
@@ -6781,9 +8108,9 @@
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST;
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
return( ret );
}
@@ -6913,7 +8240,7 @@
in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
ssl->conf->renego_period + ep_len, 8 - ep_len );
- out_ctr_cmp = memcmp( ssl->out_ctr + ep_len,
+ out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len,
ssl->conf->renego_period + ep_len, 8 - ep_len );
if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
@@ -6948,7 +8275,7 @@
if( ssl->handshake != NULL &&
ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
{
- if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
return( ret );
}
}
@@ -6997,7 +8324,7 @@
ssl_set_timer( ssl, ssl->conf->read_timeout );
}
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
if( ret == MBEDTLS_ERR_SSL_CONN_EOF )
return( 0 );
@@ -7012,7 +8339,7 @@
/*
* OpenSSL sends empty messages to randomize the IV
*/
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
{
if( ret == MBEDTLS_ERR_SSL_CONN_EOF )
return( 0 );
@@ -7231,18 +8558,29 @@
}
/*
- * Send application data to be encrypted by the SSL layer,
- * taking care of max fragment length and buffer size
+ * Send application data to be encrypted by the SSL layer, taking care of max
+ * fragment length and buffer size.
+ *
+ * According to RFC 5246 Section 6.2.1:
+ *
+ * Zero-length fragments of Application data MAY be sent as they are
+ * potentially useful as a traffic analysis countermeasure.
+ *
+ * Therefore, it is possible that the input message length is 0 and the
+ * corresponding return code is 0 on success.
*/
static int ssl_write_real( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
- int ret;
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- size_t max_len = mbedtls_ssl_get_max_frag_len( ssl );
-#else
- size_t max_len = MBEDTLS_SSL_MAX_CONTENT_LEN;
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+ int ret = mbedtls_ssl_get_max_out_record_payload( ssl );
+ const size_t max_len = (size_t) ret;
+
+ if( ret < 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload", ret );
+ return( ret );
+ }
+
if( len > max_len )
{
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -7260,6 +8598,12 @@
if( ssl->out_left != 0 )
{
+ /*
+ * The user has previously tried to send the data and
+ * MBEDTLS_ERR_SSL_WANT_WRITE or the message was only partially
+ * written. In this case, we expect the high-level write function
+ * (e.g. mbedtls_ssl_write()) to be called with the same parameters
+ */
if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret );
@@ -7268,11 +8612,16 @@
}
else
{
+ /*
+ * The user is trying to send a message the first time, so we need to
+ * copy the data into the internal buffers and setup the data structure
+ * to keep track of partial writes
+ */
ssl->out_msglen = len;
ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA;
memcpy( ssl->out_msg, buf, len );
- if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
return( ret );
@@ -7424,6 +8773,41 @@
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+static void ssl_buffering_free( mbedtls_ssl_context *ssl )
+{
+ unsigned offset;
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+
+ if( hs == NULL )
+ return;
+
+ ssl_free_buffered_record( ssl );
+
+ for( offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ )
+ ssl_buffering_free_slot( ssl, offset );
+}
+
+static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl,
+ uint8_t slot )
+{
+ mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+ mbedtls_ssl_hs_buffer * const hs_buf = &hs->buffering.hs[slot];
+
+ if( slot >= MBEDTLS_SSL_MAX_BUFFERED_HS )
+ return;
+
+ if( hs_buf->is_valid == 1 )
+ {
+ hs->buffering.total_bytes_buffered -= hs_buf->data_len;
+ mbedtls_free( hs_buf->data );
+ memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) );
+ }
+}
+
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
{
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
@@ -7501,10 +8885,14 @@
}
#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ mbedtls_x509_crt_restart_free( &handshake->ecrs_ctx );
+#endif
+
#if defined(MBEDTLS_SSL_PROTO_DTLS)
mbedtls_free( handshake->verify_cookie );
- mbedtls_free( handshake->hs_msg );
ssl_flight_free( handshake->flight );
+ ssl_buffering_free( ssl );
#endif
mbedtls_platform_zeroize( handshake,
@@ -7543,20 +8931,20 @@
if( ssl->out_buf != NULL )
{
- mbedtls_platform_zeroize( ssl->out_buf, MBEDTLS_SSL_BUFFER_LEN );
+ mbedtls_platform_zeroize( ssl->out_buf, MBEDTLS_SSL_OUT_BUFFER_LEN );
mbedtls_free( ssl->out_buf );
}
if( ssl->in_buf != NULL )
{
- mbedtls_platform_zeroize( ssl->in_buf, MBEDTLS_SSL_BUFFER_LEN );
+ mbedtls_platform_zeroize( ssl->in_buf, MBEDTLS_SSL_IN_BUFFER_LEN );
mbedtls_free( ssl->in_buf );
}
#if defined(MBEDTLS_ZLIB_SUPPORT)
if( ssl->compress_buf != NULL )
{
- mbedtls_platform_zeroize( ssl->compress_buf, MBEDTLS_SSL_BUFFER_LEN );
+ mbedtls_platform_zeroize( ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN );
mbedtls_free( ssl->compress_buf );
}
#endif
diff --git a/library/threading.c b/library/threading.c
index f1c3724..7c90c7c 100644
--- a/library/threading.c
+++ b/library/threading.c
@@ -19,6 +19,14 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
+/*
+ * Ensure gmtime_r is available even with -std=c99; must be defined before
+ * config.h, which pulls in glibc's features.h. Harmless on other platforms.
+ */
+#if !defined(_POSIX_C_SOURCE)
+#define _POSIX_C_SOURCE 200112L
+#endif
+
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@@ -29,6 +37,36 @@
#include "mbedtls/threading.h"
+#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+
+#if !defined(_WIN32) && (defined(unix) || \
+ defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \
+ defined(__MACH__)))
+#include <unistd.h>
+#endif /* !_WIN32 && (unix || __unix || __unix__ ||
+ * (__APPLE__ && __MACH__)) */
+
+#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \
+ ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \
+ _POSIX_THREAD_SAFE_FUNCTIONS >= 20112L ) )
+/*
+ * This is a convenience shorthand macro to avoid checking the long
+ * preprocessor conditions above. Ideally, we could expose this macro in
+ * platform_util.h and simply use it in platform_util.c, threading.c and
+ * threading.h. However, this macro is not part of the Mbed TLS public API, so
+ * we keep it private by only defining it in this file
+ */
+
+#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) )
+#define THREADING_USE_GMTIME
+#endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */
+
+#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \
+ ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \
+ _POSIX_THREAD_SAFE_FUNCTIONS >= 20112L ) ) */
+
+#endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */
+
#if defined(MBEDTLS_THREADING_PTHREAD)
static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex )
{
@@ -114,7 +152,7 @@
#if defined(MBEDTLS_FS_IO)
mbedtls_mutex_init( &mbedtls_threading_readdir_mutex );
#endif
-#if defined(MBEDTLS_HAVE_TIME_DATE)
+#if defined(THREADING_USE_GMTIME)
mbedtls_mutex_init( &mbedtls_threading_gmtime_mutex );
#endif
}
@@ -127,7 +165,7 @@
#if defined(MBEDTLS_FS_IO)
mbedtls_mutex_free( &mbedtls_threading_readdir_mutex );
#endif
-#if defined(MBEDTLS_HAVE_TIME_DATE)
+#if defined(THREADING_USE_GMTIME)
mbedtls_mutex_free( &mbedtls_threading_gmtime_mutex );
#endif
}
@@ -142,7 +180,7 @@
#if defined(MBEDTLS_FS_IO)
mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex MUTEX_INIT;
#endif
-#if defined(MBEDTLS_HAVE_TIME_DATE)
+#if defined(THREADING_USE_GMTIME)
mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex MUTEX_INIT;
#endif
diff --git a/library/timing.c b/library/timing.c
index 6a30e51..3e8139f 100644
--- a/library/timing.c
+++ b/library/timing.c
@@ -39,7 +39,8 @@
#if !defined(MBEDTLS_TIMING_ALT)
#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
- !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__)
+ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
+ !defined(__HAIKU__)
#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h"
#endif
diff --git a/library/version_features.c b/library/version_features.c
index bea2b13..f1798a7 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -39,6 +39,9 @@
#if defined(MBEDTLS_NO_UDBL_DIVISION)
"MBEDTLS_NO_UDBL_DIVISION",
#endif /* MBEDTLS_NO_UDBL_DIVISION */
+#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
+ "MBEDTLS_NO_64BIT_MULTIPLICATION",
+#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */
#if defined(MBEDTLS_HAVE_SSE2)
"MBEDTLS_HAVE_SSE2",
#endif /* MBEDTLS_HAVE_SSE2 */
@@ -102,6 +105,12 @@
#if defined(MBEDTLS_CCM_ALT)
"MBEDTLS_CCM_ALT",
#endif /* MBEDTLS_CCM_ALT */
+#if defined(MBEDTLS_CHACHA20_ALT)
+ "MBEDTLS_CHACHA20_ALT",
+#endif /* MBEDTLS_CHACHA20_ALT */
+#if defined(MBEDTLS_CHACHAPOLY_ALT)
+ "MBEDTLS_CHACHAPOLY_ALT",
+#endif /* MBEDTLS_CHACHAPOLY_ALT */
#if defined(MBEDTLS_CMAC_ALT)
"MBEDTLS_CMAC_ALT",
#endif /* MBEDTLS_CMAC_ALT */
@@ -117,6 +126,9 @@
#if defined(MBEDTLS_GCM_ALT)
"MBEDTLS_GCM_ALT",
#endif /* MBEDTLS_GCM_ALT */
+#if defined(MBEDTLS_NIST_KW_ALT)
+ "MBEDTLS_NIST_KW_ALT",
+#endif /* MBEDTLS_NIST_KW_ALT */
#if defined(MBEDTLS_MD2_ALT)
"MBEDTLS_MD2_ALT",
#endif /* MBEDTLS_MD2_ALT */
@@ -126,6 +138,9 @@
#if defined(MBEDTLS_MD5_ALT)
"MBEDTLS_MD5_ALT",
#endif /* MBEDTLS_MD5_ALT */
+#if defined(MBEDTLS_POLY1305_ALT)
+ "MBEDTLS_POLY1305_ALT",
+#endif /* MBEDTLS_POLY1305_ALT */
#if defined(MBEDTLS_RIPEMD160_ALT)
"MBEDTLS_RIPEMD160_ALT",
#endif /* MBEDTLS_RIPEMD160_ALT */
@@ -324,6 +339,9 @@
#if defined(MBEDTLS_ECP_NIST_OPTIM)
"MBEDTLS_ECP_NIST_OPTIM",
#endif /* MBEDTLS_ECP_NIST_OPTIM */
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ "MBEDTLS_ECP_RESTARTABLE",
+#endif /* MBEDTLS_ECP_RESTARTABLE */
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
"MBEDTLS_ECDSA_DETERMINISTIC",
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
@@ -552,6 +570,12 @@
#if defined(MBEDTLS_CERTS_C)
"MBEDTLS_CERTS_C",
#endif /* MBEDTLS_CERTS_C */
+#if defined(MBEDTLS_CHACHA20_C)
+ "MBEDTLS_CHACHA20_C",
+#endif /* MBEDTLS_CHACHA20_C */
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ "MBEDTLS_CHACHAPOLY_C",
+#endif /* MBEDTLS_CHACHAPOLY_C */
#if defined(MBEDTLS_CIPHER_C)
"MBEDTLS_CIPHER_C",
#endif /* MBEDTLS_CIPHER_C */
@@ -600,6 +624,9 @@
#if defined(MBEDTLS_HMAC_DRBG_C)
"MBEDTLS_HMAC_DRBG_C",
#endif /* MBEDTLS_HMAC_DRBG_C */
+#if defined(MBEDTLS_NIST_KW_C)
+ "MBEDTLS_NIST_KW_C",
+#endif /* MBEDTLS_NIST_KW_C */
#if defined(MBEDTLS_MD_C)
"MBEDTLS_MD_C",
#endif /* MBEDTLS_MD_C */
@@ -651,6 +678,9 @@
#if defined(MBEDTLS_PLATFORM_C)
"MBEDTLS_PLATFORM_C",
#endif /* MBEDTLS_PLATFORM_C */
+#if defined(MBEDTLS_POLY1305_C)
+ "MBEDTLS_POLY1305_C",
+#endif /* MBEDTLS_POLY1305_C */
#if defined(MBEDTLS_RIPEMD160_C)
"MBEDTLS_RIPEMD160_C",
#endif /* MBEDTLS_RIPEMD160_C */
diff --git a/library/x509.c b/library/x509.c
index 371d6da..52b5b64 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -59,26 +59,14 @@
#define mbedtls_snprintf snprintf
#endif
-
#if defined(MBEDTLS_HAVE_TIME)
#include "mbedtls/platform_time.h"
#endif
-
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
-#include <windows.h>
-#else
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+#include "mbedtls/platform_util.h"
#include <time.h>
#endif
-#if defined(MBEDTLS_FS_IO)
-#include <stdio.h>
-#if !defined(_WIN32)
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <dirent.h>
-#endif
-#endif
-
#define CHECK(code) if( ( ret = code ) != 0 ){ return( ret ); }
#define CHECK_RANGE(min, max, val) if( val < min || val > max ){ return( ret ); }
@@ -903,36 +891,14 @@
* Set the time structure to the current time.
* Return 0 on success, non-zero on failure.
*/
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
static int x509_get_current_time( mbedtls_x509_time *now )
{
- SYSTEMTIME st;
-
- GetSystemTime( &st );
-
- now->year = st.wYear;
- now->mon = st.wMonth;
- now->day = st.wDay;
- now->hour = st.wHour;
- now->min = st.wMinute;
- now->sec = st.wSecond;
-
- return( 0 );
-}
-#else
-static int x509_get_current_time( mbedtls_x509_time *now )
-{
- struct tm *lt;
+ struct tm *lt, tm_buf;
mbedtls_time_t tt;
int ret = 0;
-#if defined(MBEDTLS_THREADING_C)
- if( mbedtls_mutex_lock( &mbedtls_threading_gmtime_mutex ) != 0 )
- return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
tt = mbedtls_time( NULL );
- lt = gmtime( &tt );
+ lt = mbedtls_platform_gmtime_r( &tt, &tm_buf );
if( lt == NULL )
ret = -1;
@@ -946,14 +912,8 @@
now->sec = lt->tm_sec;
}
-#if defined(MBEDTLS_THREADING_C)
- if( mbedtls_mutex_unlock( &mbedtls_threading_gmtime_mutex ) != 0 )
- return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
return( ret );
}
-#endif /* _WIN32 && !EFIX64 && !EFI32 */
/*
* Return 0 if before <= after, 1 otherwise
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 290c1eb..25aaff3 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -163,6 +163,9 @@
static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile,
mbedtls_md_type_t md_alg )
{
+ if( md_alg == MBEDTLS_MD_NONE )
+ return( -1 );
+
if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 )
return( 0 );
@@ -176,6 +179,9 @@
static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile,
mbedtls_pk_type_t pk_alg )
{
+ if( pk_alg == MBEDTLS_PK_NONE )
+ return( -1 );
+
if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 )
return( 0 );
@@ -208,6 +214,9 @@
{
const mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id;
+ if( gid == MBEDTLS_ECP_DP_NONE )
+ return( -1 );
+
if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 )
return( 0 );
@@ -219,6 +228,23 @@
}
/*
+ * Reset (init or clear) a verify_chain
+ */
+static void x509_crt_verify_chain_reset(
+ mbedtls_x509_crt_verify_chain *ver_chain )
+{
+ size_t i;
+
+ for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ )
+ {
+ ver_chain->items[i].crt = NULL;
+ ver_chain->items[i].flags = -1;
+ }
+
+ ver_chain->len = 0;
+}
+
+/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
static int x509_get_version( unsigned char **p,
@@ -570,18 +596,14 @@
end_ext_data = *p + len;
/* Get extension ID */
- extn_oid.tag = **p;
-
- if( ( ret = mbedtls_asn1_get_tag( p, end, &extn_oid.len, MBEDTLS_ASN1_OID ) ) != 0 )
+ if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len,
+ MBEDTLS_ASN1_OID ) ) != 0 )
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ extn_oid.tag = MBEDTLS_ASN1_OID;
extn_oid.p = *p;
*p += extn_oid.len;
- if( ( end - *p ) < 1 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
/* Get optional critical */
if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) )
@@ -1868,7 +1890,8 @@
* Check the signature of a certificate by its parent
*/
static int x509_crt_check_signature( const mbedtls_x509_crt *child,
- mbedtls_x509_crt *parent )
+ mbedtls_x509_crt *parent,
+ mbedtls_x509_crt_restart_ctx *rs_ctx )
{
const mbedtls_md_info_t *md_info;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
@@ -1880,14 +1903,24 @@
return( -1 );
}
- if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
- child->sig_md, hash, mbedtls_md_get_size( md_info ),
- child->sig.p, child->sig.len ) != 0 )
- {
+ /* Skip expensive computation on obvious mismatch */
+ if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) )
return( -1 );
- }
- return( 0 );
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA )
+ {
+ return( mbedtls_pk_verify_restartable( &parent->pk,
+ child->sig_md, hash, mbedtls_md_get_size( md_info ),
+ child->sig.p, child->sig.len, &rs_ctx->pk ) );
+ }
+#else
+ (void) rs_ctx;
+#endif
+
+ return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
+ child->sig_md, hash, mbedtls_md_get_size( md_info ),
+ child->sig.p, child->sig.len ) );
}
/*
@@ -1934,6 +1967,7 @@
* 1. subject name matches child's issuer
* 2. if necessary, the CA bit is set and key usage allows signing certs
* 3. for trusted roots, the signature is correct
+ * (for intermediates, the signature is checked and the result reported)
* 4. pathlen constraints are satisfied
*
* If there's a suitable candidate which is also time-valid, return the first
@@ -1956,23 +1990,54 @@
* Arguments:
* - [in] child: certificate for which we're looking for a parent
* - [in] candidates: chained list of potential parents
+ * - [out] r_parent: parent found (or NULL)
+ * - [out] r_signature_is_good: 1 if child signature by parent is valid, or 0
* - [in] top: 1 if candidates consists of trusted roots, ie we're at the top
* of the chain, 0 otherwise
* - [in] path_cnt: number of intermediates seen so far
* - [in] self_cnt: number of self-signed intermediates seen so far
* (will never be greater than path_cnt)
+ * - [in-out] rs_ctx: context for restarting operations
*
* Return value:
- * - the first suitable parent found (see above regarding time-validity)
- * - NULL if no suitable parent was found
+ * - 0 on success
+ * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise
*/
-static mbedtls_x509_crt *x509_crt_find_parent_in( mbedtls_x509_crt *child,
- mbedtls_x509_crt *candidates,
- int top,
- size_t path_cnt,
- size_t self_cnt )
+static int x509_crt_find_parent_in(
+ mbedtls_x509_crt *child,
+ mbedtls_x509_crt *candidates,
+ mbedtls_x509_crt **r_parent,
+ int *r_signature_is_good,
+ int top,
+ unsigned path_cnt,
+ unsigned self_cnt,
+ mbedtls_x509_crt_restart_ctx *rs_ctx )
{
- mbedtls_x509_crt *parent, *badtime_parent = NULL;
+ int ret;
+ mbedtls_x509_crt *parent, *fallback_parent;
+ int signature_is_good, fallback_signature_is_good;
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ /* did we have something in progress? */
+ if( rs_ctx != NULL && rs_ctx->parent != NULL )
+ {
+ /* restore saved state */
+ parent = rs_ctx->parent;
+ fallback_parent = rs_ctx->fallback_parent;
+ fallback_signature_is_good = rs_ctx->fallback_signature_is_good;
+
+ /* clear saved state */
+ rs_ctx->parent = NULL;
+ rs_ctx->fallback_parent = NULL;
+ rs_ctx->fallback_signature_is_good = 0;
+
+ /* resume where we left */
+ goto check_signature;
+ }
+#endif
+
+ fallback_parent = NULL;
+ fallback_signature_is_good = 0;
for( parent = candidates; parent != NULL; parent = parent->next )
{
@@ -1988,17 +2053,38 @@
}
/* Signature */
- if( top && x509_crt_check_signature( child, parent ) != 0 )
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+check_signature:
+#endif
+ ret = x509_crt_check_signature( child, parent, rs_ctx );
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
{
- continue;
+ /* save state */
+ rs_ctx->parent = parent;
+ rs_ctx->fallback_parent = fallback_parent;
+ rs_ctx->fallback_signature_is_good = fallback_signature_is_good;
+
+ return( ret );
}
+#else
+ (void) ret;
+#endif
+
+ signature_is_good = ret == 0;
+ if( top && ! signature_is_good )
+ continue;
/* optional time check */
if( mbedtls_x509_time_is_past( &parent->valid_to ) ||
mbedtls_x509_time_is_future( &parent->valid_from ) )
{
- if( badtime_parent == NULL )
- badtime_parent = parent;
+ if( fallback_parent == NULL )
+ {
+ fallback_parent = parent;
+ fallback_signature_is_good = signature_is_good;
+ }
continue;
}
@@ -2006,10 +2092,18 @@
break;
}
- if( parent == NULL )
- parent = badtime_parent;
+ if( parent != NULL )
+ {
+ *r_parent = parent;
+ *r_signature_is_good = signature_is_good;
+ }
+ else
+ {
+ *r_parent = fallback_parent;
+ *r_signature_is_good = fallback_signature_is_good;
+ }
- return( parent );
+ return( 0 );
}
/*
@@ -2021,34 +2115,78 @@
* Arguments:
* - [in] child: certificate for which we're looking for a parent, followed
* by a chain of possible intermediates
- * - [in] trust_ca: locally trusted CAs
- * - [out] 1 if parent was found in trust_ca, 0 if found in provided chain
- * - [in] path_cnt: number of intermediates seen so far
- * - [in] self_cnt: number of self-signed intermediates seen so far
+ * - [in] trust_ca: list of locally trusted certificates
+ * - [out] parent: parent found (or NULL)
+ * - [out] parent_is_trusted: 1 if returned `parent` is trusted, or 0
+ * - [out] signature_is_good: 1 if child signature by parent is valid, or 0
+ * - [in] path_cnt: number of links in the chain so far (EE -> ... -> child)
+ * - [in] self_cnt: number of self-signed certs in the chain so far
* (will always be no greater than path_cnt)
+ * - [in-out] rs_ctx: context for restarting operations
*
* Return value:
- * - the first suitable parent found (see find_parent_in() for "suitable")
- * - NULL if no suitable parent was found
+ * - 0 on success
+ * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise
*/
-static mbedtls_x509_crt *x509_crt_find_parent( mbedtls_x509_crt *child,
- mbedtls_x509_crt *trust_ca,
- int *parent_is_trusted,
- size_t path_cnt,
- size_t self_cnt )
+static int x509_crt_find_parent(
+ mbedtls_x509_crt *child,
+ mbedtls_x509_crt *trust_ca,
+ mbedtls_x509_crt **parent,
+ int *parent_is_trusted,
+ int *signature_is_good,
+ unsigned path_cnt,
+ unsigned self_cnt,
+ mbedtls_x509_crt_restart_ctx *rs_ctx )
{
- mbedtls_x509_crt *parent;
+ int ret;
+ mbedtls_x509_crt *search_list;
- /* Look for a parent in trusted CAs */
*parent_is_trusted = 1;
- parent = x509_crt_find_parent_in( child, trust_ca, 1, path_cnt, self_cnt );
- if( parent != NULL )
- return( parent );
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ /* restore then clear saved state if we have some stored */
+ if( rs_ctx != NULL && rs_ctx->parent_is_trusted != -1 )
+ {
+ *parent_is_trusted = rs_ctx->parent_is_trusted;
+ rs_ctx->parent_is_trusted = -1;
+ }
+#endif
- /* Look for a parent upwards the chain */
- *parent_is_trusted = 0;
- return( x509_crt_find_parent_in( child, child->next, 0, path_cnt, self_cnt ) );
+ while( 1 ) {
+ search_list = *parent_is_trusted ? trust_ca : child->next;
+
+ ret = x509_crt_find_parent_in( child, search_list,
+ parent, signature_is_good,
+ *parent_is_trusted,
+ path_cnt, self_cnt, rs_ctx );
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ {
+ /* save state */
+ rs_ctx->parent_is_trusted = *parent_is_trusted;
+ return( ret );
+ }
+#else
+ (void) ret;
+#endif
+
+ /* stop here if found or already in second iteration */
+ if( *parent != NULL || *parent_is_trusted == 0 )
+ break;
+
+ /* prepare second iteration */
+ *parent_is_trusted = 0;
+ }
+
+ /* extra precaution against mistakes in the caller */
+ if( parent == NULL )
+ {
+ *parent_is_trusted = 0;
+ *signature_is_good = 0;
+ }
+
+ return( 0 );
}
/*
@@ -2097,11 +2235,24 @@
* - EE, Ci1, ..., Ciq cannot be continued with a trusted root
* -> return that chain with NOT_TRUSTED set on Ciq
*
+ * Tests for (aspects of) this function should include at least:
+ * - trusted EE
+ * - EE -> trusted root
+ * - EE -> intermedate CA -> trusted root
+ * - if relevant: EE untrusted
+ * - if relevant: EE -> intermediate, untrusted
+ * with the aspect under test checked at each relevant level (EE, int, root).
+ * For some aspects longer chains are required, but usually length 2 is
+ * enough (but length 1 is not in general).
+ *
* Arguments:
* - [in] crt: the cert list EE, C1, ..., Cn
* - [in] trust_ca: the trusted list R1, ..., Rp
* - [in] ca_crl, profile: as in verify_with_profile()
- * - [out] ver_chain, chain_len: the built and verified chain
+ * - [out] ver_chain: the built and verified chain
+ * Only valid when return value is 0, may contain garbage otherwise!
+ * Restart note: need not be the same when calling again to resume.
+ * - [in-out] rs_ctx: context for restarting operations
*
* Return value:
* - non-zero if the chain could not be fully built and examined
@@ -2113,24 +2264,50 @@
mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl,
const mbedtls_x509_crt_profile *profile,
- x509_crt_verify_chain_item ver_chain[X509_MAX_VERIFY_CHAIN_SIZE],
- size_t *chain_len )
+ mbedtls_x509_crt_verify_chain *ver_chain,
+ mbedtls_x509_crt_restart_ctx *rs_ctx )
{
+ /* Don't initialize any of those variables here, so that the compiler can
+ * catch potential issues with jumping ahead when restarting */
+ int ret;
uint32_t *flags;
+ mbedtls_x509_crt_verify_chain_item *cur;
mbedtls_x509_crt *child;
mbedtls_x509_crt *parent;
- int parent_is_trusted = 0;
- int child_is_trusted = 0;
- size_t self_cnt = 0;
+ int parent_is_trusted;
+ int child_is_trusted;
+ int signature_is_good;
+ unsigned self_cnt;
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ /* resume if we had an operation in progress */
+ if( rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent )
+ {
+ /* restore saved state */
+ *ver_chain = rs_ctx->ver_chain; /* struct copy */
+ self_cnt = rs_ctx->self_cnt;
+
+ /* restore derived state */
+ cur = &ver_chain->items[ver_chain->len - 1];
+ child = cur->crt;
+ flags = &cur->flags;
+
+ goto find_parent;
+ }
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
child = crt;
- *chain_len = 0;
+ self_cnt = 0;
+ parent_is_trusted = 0;
+ child_is_trusted = 0;
while( 1 ) {
/* Add certificate to the verification chain */
- ver_chain[*chain_len].crt = child;
- flags = &ver_chain[*chain_len].flags;
- ++*chain_len;
+ cur = &ver_chain->items[ver_chain->len];
+ cur->crt = child;
+ cur->flags = 0;
+ ver_chain->len++;
+ flags = &cur->flags;
/* Check time-validity (all certificates) */
if( mbedtls_x509_time_is_past( &child->valid_to ) )
@@ -2151,15 +2328,33 @@
*flags |= MBEDTLS_X509_BADCERT_BAD_PK;
/* Special case: EE certs that are locally trusted */
- if( *chain_len == 1 &&
+ if( ver_chain->len == 1 &&
x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 )
{
return( 0 );
}
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+find_parent:
+#endif
/* Look for a parent in trusted CAs or up the chain */
- parent = x509_crt_find_parent( child, trust_ca, &parent_is_trusted,
- *chain_len - 1, self_cnt );
+ ret = x509_crt_find_parent( child, trust_ca, &parent,
+ &parent_is_trusted, &signature_is_good,
+ ver_chain->len - 1, self_cnt, rs_ctx );
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ {
+ /* save state */
+ rs_ctx->in_progress = x509_crt_rs_find_parent;
+ rs_ctx->self_cnt = self_cnt;
+ rs_ctx->ver_chain = *ver_chain; /* struct copy */
+
+ return( ret );
+ }
+#else
+ (void) ret;
+#endif
/* No parent? We're done here */
if( parent == NULL )
@@ -2171,7 +2366,7 @@
/* Count intermediate self-issued (not necessarily self-signed) certs.
* These can occur with some strategies for key rollover, see [SIRO],
* and should be excluded from max_pathlen checks. */
- if( *chain_len != 1 &&
+ if( ver_chain->len != 1 &&
x509_name_cmp( &child->issuer, &child->subject ) == 0 )
{
self_cnt++;
@@ -2180,14 +2375,14 @@
/* path_cnt is 0 for the first intermediate CA,
* and if parent is trusted it's not an intermediate CA */
if( ! parent_is_trusted &&
- *chain_len > MBEDTLS_X509_MAX_INTERMEDIATE_CA )
+ ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA )
{
/* return immediately to avoid overflow the chain array */
return( MBEDTLS_ERR_X509_FATAL_ERROR );
}
- /* if parent is trusted, the signature was checked by find_parent() */
- if( ! parent_is_trusted && x509_crt_check_signature( child, parent ) != 0 )
+ /* signature was checked while searching parent */
+ if( ! signature_is_good )
*flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
/* check size of signing key */
@@ -2205,6 +2400,7 @@
child = parent;
parent = NULL;
child_is_trusted = parent_is_trusted;
+ signature_is_good = 0;
}
}
@@ -2273,21 +2469,22 @@
*/
static int x509_crt_merge_flags_with_cb(
uint32_t *flags,
- x509_crt_verify_chain_item ver_chain[X509_MAX_VERIFY_CHAIN_SIZE],
- size_t chain_len,
+ const mbedtls_x509_crt_verify_chain *ver_chain,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
int ret;
- size_t i;
+ unsigned i;
uint32_t cur_flags;
+ const mbedtls_x509_crt_verify_chain_item *cur;
- for( i = chain_len; i != 0; --i )
+ for( i = ver_chain->len; i != 0; --i )
{
- cur_flags = ver_chain[i-1].flags;
+ cur = &ver_chain->items[i-1];
+ cur_flags = cur->flags;
if( NULL != f_vrfy )
- if( ( ret = f_vrfy( p_vrfy, ver_chain[i-1].crt, (int) i-1, &cur_flags ) ) != 0 )
+ if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 )
return( ret );
*flags |= cur_flags;
@@ -2297,7 +2494,7 @@
}
/*
- * Verify the certificate validity
+ * Verify the certificate validity (default profile, not restartable)
*/
int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca,
@@ -2306,19 +2503,13 @@
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
- return( mbedtls_x509_crt_verify_with_profile( crt, trust_ca, ca_crl,
- &mbedtls_x509_crt_profile_default, cn, flags, f_vrfy, p_vrfy ) );
+ return( mbedtls_x509_crt_verify_restartable( crt, trust_ca, ca_crl,
+ &mbedtls_x509_crt_profile_default, cn, flags,
+ f_vrfy, p_vrfy, NULL ) );
}
/*
- * Verify the certificate validity, with profile
- *
- * This function:
- * - checks the requested CN (if any)
- * - checks the type and size of the EE cert's key,
- * as that isn't done as part of chain building/verification currently
- * - builds and verifies the chain
- * - then calls the callback and merges the flags
+ * Verify the certificate validity (user-chosen profile, not restartable)
*/
int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca,
@@ -2328,15 +2519,37 @@
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
+ return( mbedtls_x509_crt_verify_restartable( crt, trust_ca, ca_crl,
+ profile, cn, flags, f_vrfy, p_vrfy, NULL ) );
+}
+
+/*
+ * Verify the certificate validity, with profile, restartable version
+ *
+ * This function:
+ * - checks the requested CN (if any)
+ * - checks the type and size of the EE cert's key,
+ * as that isn't done as part of chain building/verification currently
+ * - builds and verifies the chain
+ * - then calls the callback and merges the flags
+ */
+int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
+ mbedtls_x509_crt *trust_ca,
+ mbedtls_x509_crl *ca_crl,
+ const mbedtls_x509_crt_profile *profile,
+ const char *cn, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy,
+ mbedtls_x509_crt_restart_ctx *rs_ctx )
+{
int ret;
mbedtls_pk_type_t pk_type;
- x509_crt_verify_chain_item ver_chain[X509_MAX_VERIFY_CHAIN_SIZE];
- size_t chain_len;
- uint32_t *ee_flags = &ver_chain[0].flags;
+ mbedtls_x509_crt_verify_chain ver_chain;
+ uint32_t ee_flags;
*flags = 0;
- memset( ver_chain, 0, sizeof( ver_chain ) );
- chain_len = 0;
+ ee_flags = 0;
+ x509_crt_verify_chain_reset( &ver_chain );
if( profile == NULL )
{
@@ -2346,28 +2559,36 @@
/* check name if requested */
if( cn != NULL )
- x509_crt_verify_name( crt, cn, ee_flags );
+ x509_crt_verify_name( crt, cn, &ee_flags );
/* Check the type and size of the key */
pk_type = mbedtls_pk_get_type( &crt->pk );
if( x509_profile_check_pk_alg( profile, pk_type ) != 0 )
- *ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK;
+ ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK;
if( x509_profile_check_key( profile, &crt->pk ) != 0 )
- *ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
+ ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
/* Check the chain */
ret = x509_crt_verify_chain( crt, trust_ca, ca_crl, profile,
- ver_chain, &chain_len );
+ &ver_chain, rs_ctx );
+
if( ret != 0 )
goto exit;
+ /* Merge end-entity flags */
+ ver_chain.items[0].flags |= ee_flags;
+
/* Build final flags, calling callback on the way if any */
- ret = x509_crt_merge_flags_with_cb( flags,
- ver_chain, chain_len, f_vrfy, p_vrfy );
+ ret = x509_crt_merge_flags_with_cb( flags, &ver_chain, f_vrfy, p_vrfy );
exit:
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ if( rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+ mbedtls_x509_crt_restart_free( rs_ctx );
+#endif
+
/* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by
* the SSL module for authmode optional, but non-zero return from the
* callback means a fatal error so it shouldn't be ignored */
@@ -2478,4 +2699,36 @@
while( cert_cur != NULL );
}
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Initialize a restart context
+ */
+void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx )
+{
+ mbedtls_pk_restart_init( &ctx->pk );
+
+ ctx->parent = NULL;
+ ctx->fallback_parent = NULL;
+ ctx->fallback_signature_is_good = 0;
+
+ ctx->parent_is_trusted = -1;
+
+ ctx->in_progress = x509_crt_rs_none;
+ ctx->self_cnt = 0;
+ x509_crt_verify_chain_reset( &ctx->ver_chain );
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ mbedtls_pk_restart_free( &ctx->pk );
+ mbedtls_x509_crt_restart_init( ctx );
+}
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 3e8e8fb..f844257 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -274,34 +274,25 @@
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
#if defined(MBEDTLS_PEM_PARSE_C)
- mbedtls_pem_init( &pem );
-
/* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
- if( buf[buflen - 1] != '\0' )
- ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
- else
+ if( buf[buflen - 1] == '\0' )
+ {
+ mbedtls_pem_init( &pem );
ret = mbedtls_pem_read_buffer( &pem,
"-----BEGIN CERTIFICATE REQUEST-----",
"-----END CERTIFICATE REQUEST-----",
buf, NULL, 0, &use_len );
- if( ret == 0 )
- {
- /*
- * Was PEM encoded, parse the result
- */
- if( ( ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ) ) != 0 )
- return( ret );
+ if( ret == 0 )
+ /*
+ * Was PEM encoded, parse the result
+ */
+ ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen );
mbedtls_pem_free( &pem );
- return( 0 );
+ if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+ return( ret );
}
- else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
- {
- mbedtls_pem_free( &pem );
- return( ret );
- }
- else
#endif /* MBEDTLS_PEM_PARSE_C */
return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) );
}
diff --git a/programs/.gitignore b/programs/.gitignore
index ddfa1a4..0241896 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -45,6 +45,7 @@
test/benchmark
test/ecp-bench
test/selftest
+test/cpp_dummy_build
test/ssl_cert_test
test/udp_proxy
test/zeroize
diff --git a/programs/Makefile b/programs/Makefile
index 080e82d..b6d1fa2 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -4,9 +4,11 @@
CFLAGS ?= -O2
WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement
+WARNING_CXXFLAGS ?= -Wall -W
LDFLAGS ?=
LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64
LOCAL_LDFLAGS = -L../library \
-lmbedtls$(SHARED_SUFFIX) \
-lmbedx509$(SHARED_SUFFIX) \
@@ -77,6 +79,10 @@
APPS += ssl/ssl_pthread_server$(EXEXT)
endif
+ifdef TEST_CPP
+APPS += test/cpp_dummy_build$(EXEXT)
+endif
+
.SILENT:
.PHONY: all clean list
@@ -242,6 +248,10 @@
echo " CC test/benchmark.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/benchmark.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+test/cpp_dummy_build$(EXEXT): test/cpp_dummy_build.cpp $(DEP)
+ echo " CXX test/cpp_dummy_build.cpp"
+ $(CXX) $(LOCAL_CXXFLAGS) $(CXXFLAGS) test/cpp_dummy_build.cpp $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
test/selftest$(EXEXT): test/selftest.c $(DEP)
echo " CC test/selftest.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/selftest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
diff --git a/programs/README.md b/programs/README.md
new file mode 100644
index 0000000..eb25a7f
--- /dev/null
+++ b/programs/README.md
@@ -0,0 +1,125 @@
+Mbed TLS sample programs
+========================
+
+This subdirectory mostly contains sample programs that illustrate specific features of the library, as well as a few test and support programs.
+
+## Symmetric cryptography (AES) examples
+
+* [`aes/aescrypt2.c`](aes/aescrypt2.c): file encryption and authentication with a key derived from a low-entropy secret, demonstrating the low-level AES interface, the digest interface and HMAC.
+ Warning: this program illustrates how to use low-level functions in the library. It should not be taken as an example of how to build a secure encryption mechanism. To derive a key from a low-entropy secret such as a password, use a standard key stretching mechanism such as PBKDF2 (provided by the `pkcs5` module). To encrypt and authenticate data, use a standard mode such as GCM or CCM (both available as library module).
+
+* [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface.
+
+## Hash (digest) examples
+
+* [`hash/generic_sum.c`](hash/generic_sum.c): file hash calculator and verifier, demonstrating the message digest (`md`) interface.
+
+* [`hash/hello.c`](hash/hello.c): hello-world program for MD5.
+
+## Public-key cryptography examples
+
+### Generic public-key cryptography (`pk`) examples
+
+* [`pkey/gen_key.c`](pkey/gen_key.c): generates a key for any of the supported public-key algorithms (RSA or ECC) and writes it to a file that can be used by the other pk sample programs.
+
+* [`pkey/key_app.c`](pkey/key_app.c): loads a PEM or DER public key or private key file and dumps its content.
+
+* [`pkey/key_app_writer.c`](pkey/key_app_writer.c): loads a PEM or DER public key or private key file and writes it to a new PEM or DER file.
+
+* [`pkey/pk_encrypt.c`](pkey/pk_encrypt.c), [`pkey/pk_decrypt.c`](pkey/pk_decrypt.c): loads a PEM or DER public/private key file and uses the key to encrypt/decrypt a short string through the generic public-key interface.
+
+* [`pkey/pk_sign.c`](pkey/pk_sign.c), [`pkey/pk_verify.c`](pkey/pk_verify.c): loads a PEM or DER private/public key file and uses the key to sign/verify a short string.
+
+### ECDSA and RSA signature examples
+
+* [`pkey/ecdsa.c`](pkey/ecdsa.c): generates an ECDSA key, signs a fixed message and verifies the signature.
+
+* [`pkey/rsa_encrypt.c`](pkey/rsa_encrypt.c), [`pkey/rsa_decrypt.c`](pkey/rsa_decrypt.c): loads an RSA public/private key and uses it to encrypt/decrypt a short string through the low-level RSA interface.
+
+* [`pkey/rsa_genkey.c`](pkey/rsa_genkey.c): generates an RSA key and writes it to a file that can be used with the other RSA sample programs.
+
+* [`pkey/rsa_sign.c`](pkey/rsa_sign.c), [`pkey/rsa_verify.c`](pkey/rsa_verify.c): loads an RSA private/public key and uses it to sign/verify a short string with the RSA PKCS#1 v1.5 algorithm.
+
+* [`pkey/rsa_sign_pss.c`](pkey/rsa_sign_pss.c), [`pkey/rsa_verify_pss.c`](pkey/rsa_verify_pss.c): loads an RSA private/public key and uses it to sign/verify a short string with the RSASSA-PSS algorithm.
+
+### Diffie-Hellman key exchange examples
+
+* [`pkey/dh_client.c`](pkey/dh_client.c), [`pkey/dh_server.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illustrates how to set up a secure channel using RSA for authentication and Diffie-Hellman to generate a shared AES session key.
+
+* [`pkey/ecdh_curve25519.c`](pkey/ecdh_curve25519.c): demonstration of a elliptic curve Diffie-Hellman (ECDH) key agreement.
+
+### Bignum (`mpi`) usage examples
+
+* [`pkey/dh_genprime.c`](pkey/dh_genprime.c): shows how to use the bignum (`mpi`) interface to generate Diffie-Hellman parameters.
+
+* [`pkey/mpi_demo.c`](pkey/mpi_demo.c): demonstrates operations on big integers.
+
+## Random number generator (RNG) examples
+
+* [`random/gen_entropy.c`](random/gen_entropy.c): shows how to use the default entropy sources to generate random data.
+ Note: most applications should only use the entropy generator to seed a cryptographic pseudorandom generator, as illustrated by `random/gen_random_ctr_drbg.c`.
+
+* [`random/gen_random_ctr_drbg.c`](random/gen_random_ctr_drbg.c): shows how to use the default entropy sources to seed a pseudorandom generator, and how to use the resulting random generator to generate random data.
+
+* [`random/gen_random_havege.c`](random/gen_random_havege.c): demonstrates the HAVEGE entropy collector.
+
+## SSL/TLS examples
+
+### SSL/TLS sample applications
+
+* [`ssl/dtls_client.c`](ssl/dtls_client.c): a simple DTLS client program, which sends one datagram to the server and reads one datagram in response.
+
+* [`ssl/dtls_server.c`](ssl/dtls_server.c): a simple DTLS server program, which expects one datagram from the client and writes one datagram in response. This program supports DTLS cookies for hello verification.
+
+* [`ssl/mini_client.c`](ssl/mini_client.c): a minimalistic SSL client, which sends a short string and disconnects. This is primarily intended as a benchmark; for a better example of a typical TLS client, see `ssl/ssl_client1.c`.
+
+* [`ssl/ssl_client1.c`](ssl/ssl_client1.c): a simple HTTPS client that sends a fixed request and displays the response.
+
+* [`ssl/ssl_fork_server.c`](ssl/ssl_fork_server.c): a simple HTTPS server using one process per client to send a fixed response. This program requires a Unix/POSIX environment implementing the `fork` system call.
+
+* [`ssl/ssl_mail_client.c`](ssl/ssl_mail_client.c): a simple SMTP-over-TLS or SMTP-STARTTLS client. This client sends an email with fixed content.
+
+* [`ssl/ssl_pthread_server.c`](ssl/ssl_pthread_server.c): a simple HTTPS server using one thread per client to send a fixed response. This program requires the pthread library.
+
+* [`ssl/ssl_server.c`](ssl/ssl_server.c): a simple HTTPS server that sends a fixed response. It serves a single client at a time.
+
+### SSL/TLS feature demonstrators
+
+Note: unlike most of the other programs under the `programs/` directory, these two programs are not intended as a basis for writing an application. They combine most of the features supported by the library, and most applications require only a few features. To write a new application, we recommended that you start with `ssl_client1.c` or `ssl_server.c`, and then look inside `ssl/ssl_client2.c` or `ssl/ssl_server2.c` to see how to use the specific features that your application needs.
+
+* [`ssl/ssl_client2.c`](ssl/ssl_client2.c): an HTTPS client that sends a fixed request and displays the response, with options to select TLS protocol features and Mbed TLS library features.
+
+* [`ssl/ssl_server2.c`](ssl/ssl_server2.c): an HTTPS server that sends a fixed response, with options to select TLS protocol features and Mbed TLS library features.
+
+In addition to providing options for testing client-side features, the `ssl_client2` program has options that allow you to trigger certain behaviors in the server. For example, there are options to select ciphersuites, or to force a renegotiation. These options are useful for testing the corresponding features in a TLS server. Likewise, `ssl_server2` has options to activate certain behaviors that are useful for testing a TLS client.
+
+## Test utilities
+
+* [`test/benchmark.c`](test/benchmark.c): benchmark for cryptographic algorithms.
+
+* [`test/selftest.c`](test/selftest.c): runs the self-test function in each library module.
+
+* [`test/ssl_cert_test.c`](test/ssl_cert_test.c): demonstrates how to verify X.509 certificates, and (for RSA keys only) how to check that each certificate matches the corresponding private key. This program requires some test data which is not provided.
+
+* [`test/udp_proxy.c`](test/udp_proxy.c): a UDP proxy that can inject certain failures (delay, duplicate, drop). Useful for testing DTLS.
+
+* [`test/zeroize.c`](test/zeroize.c): a test program for `mbedtls_platform_zeroize`, used by [`tests/scripts/test_zeroize.gdb`](tests/scripts/test_zeroize.gdb).
+
+## Development utilities
+
+* [`util/pem2der.c`](util/pem2der.c): a PEM to DER converter. Mbed TLS can read PEM files directly, but this utility can be useful for interacting with other tools or with minimal Mbed TLS builds that lack PEM support.
+
+* [`util/strerror.c`](util/strerror.c): prints the error description corresponding to an integer status returned by an Mbed TLS function.
+
+## X.509 certificate examples
+
+* [`x509/cert_app.c`](x509/cert_app.c): connects to a TLS server and verifies its certificate chain.
+
+* [`x509/cert_req.c`](x509/cert_req.c): generates a certificate signing request (CSR) for a private key.
+
+* [`x509/cert_write.c`](x509/cert_write.c): signs a certificate signing request, or self-signs a certificate.
+
+* [`x509/crl_app.c`](x509/crl_app.c): loads and dumps a certificate revocation list (CRL).
+
+* [`x509/req_app.c`](x509/req_app.c): loads and dumps a certificate signing request (CSR).
+
diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c
index 4acf38d..69c4060 100644
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@@ -19,6 +19,11 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
+/* Enable definition of fileno() even when compiling with -std=c99. Must be
+ * set before config.h, which pulls in glibc's features.h indirectly.
+ * Harmless on other platforms. */
+#define _POSIX_C_SOURCE 1
+
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@@ -29,9 +34,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#include "mbedtls/aes.h"
#include "mbedtls/md.h"
@@ -71,7 +79,8 @@
#else
int main( int argc, char *argv[] )
{
- int ret = 1;
+ int ret = 0;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
unsigned int i, n;
int mode, lastn;
@@ -429,7 +438,7 @@
}
}
- ret = 0;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
if( fin )
@@ -452,6 +461,6 @@
mbedtls_aes_free( &aes_ctx );
mbedtls_md_free( &sha_ctx );
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_AES_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index 0e272eb..bc95eb9 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -20,6 +20,11 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
+/* Enable definition of fileno() even when compiling with -std=c99. Must be
+ * set before config.h, which pulls in glibc's features.h indirectly.
+ * Harmless on other platforms. */
+#define _POSIX_C_SOURCE 1
+
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@@ -30,9 +35,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_FS_IO)
@@ -74,6 +82,7 @@
int main( int argc, char *argv[] )
{
int ret = 1, i, n;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
int mode;
size_t keylen, ilen, olen;
FILE *fkey, *fin = NULL, *fout = NULL;
@@ -526,7 +535,7 @@
}
}
- ret = 0;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
if( fin )
@@ -549,6 +558,6 @@
mbedtls_cipher_free( &cipher_ctx );
mbedtls_md_free( &md_ctx );
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */
diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c
index d1e81d4..bbe8d92 100644
--- a/programs/hash/generic_sum.c
+++ b/programs/hash/generic_sum.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_MD_C) && defined(MBEDTLS_FS_IO)
#include "mbedtls/md.h"
@@ -169,7 +172,8 @@
int main( int argc, char *argv[] )
{
- int ret, i;
+ int ret = 1, i;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
const mbedtls_md_info_t *md_info;
mbedtls_md_context_t md_ctx;
@@ -196,7 +200,7 @@
fflush( stdout ); getchar();
#endif
- return( 1 );
+ return( exit_code );
}
/*
@@ -206,12 +210,12 @@
if( md_info == NULL )
{
mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] );
- return( 1 );
+ return( exit_code );
}
if( mbedtls_md_setup( &md_ctx, md_info, 0 ) )
{
mbedtls_fprintf( stderr, "Failed to initialize context.\n" );
- return( 1 );
+ return( exit_code );
}
ret = 0;
@@ -224,9 +228,12 @@
for( i = 2; i < argc; i++ )
ret |= generic_print( md_info, argv[i] );
+ if ( ret == 0 )
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_md_free( &md_ctx );
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 0978408..3dadf48 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#define mbedtls_time_t time_t
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define mbedtls_time_t time_t
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
@@ -71,7 +74,8 @@
{
FILE *f;
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t n, buflen;
mbedtls_net_context server_fd;
@@ -115,7 +119,6 @@
if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \
" ! Please run rsa_genkey first\n\n" );
goto exit;
@@ -191,7 +194,6 @@
if( dhm.len < 64 || dhm.len > 512 )
{
- ret = 1;
mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" );
goto exit;
}
@@ -207,7 +209,6 @@
if( ( n = (size_t) ( end - p ) ) != rsa.len )
{
- ret = 1;
mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" );
goto exit;
}
@@ -286,6 +287,8 @@
buf[16] = '\0';
mbedtls_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_net_free( &server_fd );
@@ -301,7 +304,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c
index 84a94a1..dbe9153 100644
--- a/programs/pkey/dh_genprime.c
+++ b/programs/pkey/dh_genprime.c
@@ -30,9 +30,11 @@
#else
#include <stdio.h>
#include <stdlib.h>
-#define mbedtls_printf printf
-#define mbedtls_time_t time_t
-#endif
+#define mbedtls_printf printf
+#define mbedtls_time_t time_t
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
@@ -69,6 +71,7 @@
int main( int argc, char **argv )
{
int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_mpi G, P, Q;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@@ -86,7 +89,7 @@
{
usage:
mbedtls_printf( USAGE );
- return( 1 );
+ return( exit_code );
}
for( i = 1; i < argc; i++ )
@@ -164,7 +167,6 @@
if( ( fout = fopen( "dh_prime.txt", "wb+" ) ) == NULL )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not create dh_prime.txt\n\n" );
goto exit;
}
@@ -180,6 +182,8 @@
mbedtls_printf( " ok\n\n" );
fclose( fout );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_mpi_free( &G ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
@@ -191,7 +195,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO &&
MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index 4304231..c4e2c39 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#define mbedtls_time_t time_t
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define mbedtls_time_t time_t
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
@@ -71,7 +74,8 @@
{
FILE *f;
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t n, buflen;
mbedtls_net_context listen_fd, client_fd;
@@ -121,7 +125,6 @@
if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \
" ! Please run rsa_genkey first\n\n" );
goto exit;
@@ -164,7 +167,6 @@
if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not open dh_prime.txt\n" \
" ! Please run dh_genprime first\n\n" );
goto exit;
@@ -304,6 +306,8 @@
mbedtls_printf( "\n\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
@@ -323,7 +327,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c
index e7ead9a..5db0408 100644
--- a/programs/pkey/ecdh_curve25519.c
+++ b/programs/pkey/ecdh_curve25519.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_ECDH_C) || \
!defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
@@ -51,7 +54,8 @@
int main( int argc, char *argv[] )
{
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_ecdh_context ctx_cli, ctx_srv;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@@ -218,6 +222,7 @@
mbedtls_printf( " ok\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
@@ -231,7 +236,7 @@
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
- return( ret != 0 );
+ return( exit_code );
}
#endif /* MBEDTLS_ECDH_C && MBEDTLS_ECP_DP_CURVE25519_ENABLED &&
MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c
index b474060..c653df9 100644
--- a/programs/pkey/ecdsa.c
+++ b/programs/pkey/ecdsa.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_ECDSA_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
@@ -98,7 +101,8 @@
int main( int argc, char *argv[] )
{
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_ecdsa_context ctx_sign, ctx_verify;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@@ -115,7 +119,6 @@
memset( sig, 0, sizeof( sig ) );
memset( message, 0x25, sizeof( message ) );
- ret = 1;
if( argc != 1 )
{
@@ -213,8 +216,6 @@
goto exit;
}
- ret = 0;
-
/*
* Verify signature
*/
@@ -231,6 +232,8 @@
mbedtls_printf( " ok\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
#if defined(_WIN32)
@@ -243,7 +246,7 @@
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
ECPARAMS */
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index a7f5c90..f01bf5f 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
@@ -186,7 +189,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_pk_context key;
char buf[1024];
int i;
@@ -214,7 +218,6 @@
if( argc == 0 )
{
usage:
- ret = 1;
mbedtls_printf( USAGE );
#if defined(MBEDTLS_ECP_C)
mbedtls_printf( " available ec_curve values:\n" );
@@ -222,7 +225,7 @@
mbedtls_printf( " %s (default)\n", curve_info->name );
while( ( ++curve_info )->name != NULL )
mbedtls_printf( " %s\n", curve_info->name );
-#endif
+#endif /* MBEDTLS_ECP_C */
goto exit;
}
@@ -411,9 +414,11 @@
mbedtls_printf( " ok\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
- if( ret != 0 && ret != 1)
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror( ret, buf, sizeof( buf ) );
@@ -436,7 +441,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO &&
* MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c
index f1b548d..027b95f 100644
--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && \
defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO)
@@ -83,7 +86,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
char buf[1024];
int i;
char *p, *q;
@@ -105,7 +109,7 @@
{
usage:
mbedtls_printf( USAGE );
- goto exit;
+ goto cleanup;
}
opt.mode = DFL_MODE;
@@ -155,13 +159,13 @@
if( ( f = fopen( opt.password_file, "rb" ) ) == NULL )
{
mbedtls_printf( " failed\n ! fopen returned NULL\n" );
- goto exit;
+ goto cleanup;
}
if( fgets( buf, sizeof(buf), f ) == NULL )
{
fclose( f );
mbedtls_printf( "Error: fgets() failed to retrieve password\n" );
- goto exit;
+ goto cleanup;
}
fclose( f );
@@ -182,7 +186,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret );
- goto exit;
+ goto cleanup;
}
mbedtls_printf( " ok\n" );
@@ -200,17 +204,17 @@
( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 )
{
mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" );
- goto exit;
+ goto cleanup;
}
- mbedtls_mpi_write_file( "N: ", &N, 16, NULL );
- mbedtls_mpi_write_file( "E: ", &E, 16, NULL );
- mbedtls_mpi_write_file( "D: ", &D, 16, NULL );
- mbedtls_mpi_write_file( "P: ", &P, 16, NULL );
- mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL );
- mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL );
- mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL );
- mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N: ", &N, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E: ", &E, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D: ", &D, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "P: ", &P, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL ) );
}
else
#endif
@@ -218,16 +222,16 @@
if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
{
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
- mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
- mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
- mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
- mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL ) );
}
else
#endif
{
mbedtls_printf("Do not know how to print key information for this type\n" );
- goto exit;
+ goto cleanup;
}
}
else if( opt.mode == MODE_PUBLIC )
@@ -243,7 +247,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
- goto exit;
+ goto cleanup;
}
mbedtls_printf( " ok\n" );
@@ -258,10 +262,10 @@
NULL, &E ) ) != 0 )
{
mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" );
- goto exit;
+ goto cleanup;
}
- mbedtls_mpi_write_file( "N: ", &N, 16, NULL );
- mbedtls_mpi_write_file( "E: ", &E, 16, NULL );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N: ", &N, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E: ", &E, 16, NULL ) );
}
else
#endif
@@ -269,26 +273,28 @@
if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
{
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
- mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
- mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
- mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) );
}
else
#endif
{
mbedtls_printf("Do not know how to print key information for this type\n" );
- goto exit;
+ goto cleanup;
}
}
else
goto usage;
-exit:
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
+cleanup:
#if defined(MBEDTLS_ERROR_C)
- if( ret != 0 )
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
- mbedtls_strerror( ret, buf, sizeof(buf) );
+ mbedtls_strerror( ret, buf, sizeof( buf ) );
mbedtls_printf( " ! Last error was: %s\n", buf );
}
#endif
@@ -303,6 +309,6 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c
index 52b0f8e..13602c2 100644
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO)
#include "mbedtls/error.h"
@@ -128,7 +131,7 @@
return( ret );
len = ret;
- c = output_buf + sizeof(output_buf) - len - 1;
+ c = output_buf + sizeof(output_buf) - len;
}
if( ( f = fopen( output_file, "w" ) ) == NULL )
@@ -189,7 +192,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
char buf[1024];
int i;
char *p, *q;
@@ -210,7 +214,6 @@
if( argc == 0 )
{
usage:
- ret = 1;
mbedtls_printf( USAGE );
goto exit;
}
@@ -403,9 +406,11 @@
write_private_key( &key, opt.output_file );
}
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
- if( ret != 0 && ret != 1)
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror( ret, buf, sizeof( buf ) );
@@ -426,6 +431,6 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c
index afe8957..365bdc4 100644
--- a/programs/pkey/mpi_demo.c
+++ b/programs/pkey/mpi_demo.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_FS_IO)
#include "mbedtls/bignum.h"
@@ -47,7 +50,8 @@
#else
int main( void )
{
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_mpi E, P, Q, N, H, D, X, Y, Z;
mbedtls_mpi_init( &E ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &N );
@@ -88,15 +92,16 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) );
mbedtls_printf( "\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
cleanup:
mbedtls_mpi_free( &E ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &N );
mbedtls_mpi_free( &H ); mbedtls_mpi_free( &D ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
mbedtls_mpi_free( &Z );
- if( ret != 0 )
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
mbedtls_printf( "\nAn error occurred.\n" );
- ret = 1;
}
#if defined(_WIN32)
@@ -104,6 +109,6 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c
index 32fbc75..1d8c959 100644
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
@@ -59,7 +62,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret, c;
+ int ret = 1, c;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t i, olen = 0;
mbedtls_pk_context pk;
mbedtls_entropy_context entropy;
@@ -69,9 +73,11 @@
const char *pers = "mbedtls_pk_decrypt";
((void) argv);
+ mbedtls_pk_init( &pk );
+ mbedtls_entropy_init( &entropy );
mbedtls_ctr_drbg_init( &ctr_drbg );
+
memset(result, 0, sizeof( result ) );
- ret = 1;
if( argc != 2 )
{
@@ -87,20 +93,18 @@
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- mbedtls_entropy_init( &entropy );
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
+ &entropy, (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
+ -ret );
goto exit;
}
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- mbedtls_pk_init( &pk );
-
if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret );
@@ -110,19 +114,19 @@
/*
* Extract the RSA encrypted value from the text file
*/
- ret = 1;
-
if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL )
{
mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" );
+ ret = 1;
goto exit;
}
i = 0;
-
while( fscanf( f, "%02X", &c ) > 0 &&
i < (int) sizeof( buf ) )
+ {
buf[i++] = (unsigned char) c;
+ }
fclose( f );
@@ -135,7 +139,8 @@
if( ( ret = mbedtls_pk_decrypt( &pk, buf, i, result, &olen, sizeof(result),
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_decrypt returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_decrypt returned -0x%04x\n",
+ -ret );
goto exit;
}
@@ -143,16 +148,18 @@
mbedtls_printf( "The decrypted result is: '%s'\n\n", result );
- ret = 0;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
- mbedtls_ctr_drbg_free( &ctr_drbg );
+
+ mbedtls_pk_free( &pk );
mbedtls_entropy_free( &entropy );
+ mbedtls_ctr_drbg_free( &ctr_drbg );
#if defined(MBEDTLS_ERROR_C)
- if( ret != 0 )
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
- mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
+ mbedtls_strerror( ret, (char *) buf, sizeof( buf ) );
mbedtls_printf( " ! Last error was: %s\n", buf );
}
#endif
@@ -162,7 +169,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c
index 7ca9d5a..22dedba 100644
--- a/programs/pkey/pk_encrypt.c
+++ b/programs/pkey/pk_encrypt.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
@@ -59,7 +62,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t i, olen = 0;
mbedtls_pk_context pk;
mbedtls_entropy_context entropy;
@@ -68,8 +72,9 @@
unsigned char buf[512];
const char *pers = "mbedtls_pk_encrypt";
- ret = 1;
mbedtls_ctr_drbg_init( &ctr_drbg );
+ mbedtls_entropy_init( &entropy );
+ mbedtls_pk_init( &pk );
if( argc != 3 )
{
@@ -85,20 +90,18 @@
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- mbedtls_entropy_init( &entropy );
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
+ &entropy, (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
+ -ret );
goto exit;
}
mbedtls_printf( "\n . Reading public key from '%s'", argv[1] );
fflush( stdout );
- mbedtls_pk_init( &pk );
-
if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
@@ -123,7 +126,8 @@
buf, &olen, sizeof(buf),
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_encrypt returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_encrypt returned -0x%04x\n",
+ -ret );
goto exit;
}
@@ -132,27 +136,34 @@
*/
if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL )
{
+ mbedtls_printf( " failed\n ! Could not create %s\n\n",
+ "result-enc.txt" );
ret = 1;
- mbedtls_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" );
goto exit;
}
for( i = 0; i < olen; i++ )
+ {
mbedtls_fprintf( f, "%02X%s", buf[i],
( i + 1 ) % 16 == 0 ? "\r\n" : " " );
+ }
fclose( f );
mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
- mbedtls_ctr_drbg_free( &ctr_drbg );
+
+ mbedtls_pk_free( &pk );
mbedtls_entropy_free( &entropy );
+ mbedtls_ctr_drbg_free( &ctr_drbg );
#if defined(MBEDTLS_ERROR_C)
- if( ret != 0 )
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
- mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
+ mbedtls_strerror( ret, (char *) buf, sizeof( buf ) );
mbedtls_printf( " ! Last error was: %s\n", buf );
}
#endif
@@ -162,7 +173,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index 55df95e..7ec4675 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -30,9 +30,11 @@
#else
#include <stdio.h>
#include <stdlib.h>
-#define mbedtls_snprintf snprintf
-#define mbedtls_printf printf
-#endif
+#define mbedtls_snprintf snprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
@@ -61,6 +63,7 @@
{
FILE *f;
int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_pk_context pk;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@@ -134,14 +137,12 @@
if( ( f = fopen( filename, "wb+" ) ) == NULL )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not create %s\n\n", filename );
goto exit;
}
if( fwrite( buf, 1, olen, f ) != olen )
{
- ret = 1;
mbedtls_printf( "failed\n ! fwrite failed\n\n" );
fclose( f );
goto exit;
@@ -151,13 +152,15 @@
mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_pk_free( &pk );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
#if defined(MBEDTLS_ERROR_C)
- if( ret != 0 )
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
mbedtls_printf( " ! Last error was: %s\n", buf );
@@ -169,7 +172,7 @@
fflush( stdout ); getchar();
#endif
- return( ret ? EXIT_FAILURE : EXIT_SUCCESS );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c
index d35d17f..3c7709f 100644
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_snprintf snprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_snprintf snprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \
!defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) || \
@@ -56,6 +59,7 @@
{
FILE *f;
int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t i;
mbedtls_pk_context pk;
unsigned char hash[32];
@@ -87,7 +91,6 @@
/*
* Extract the signature from the file
*/
- ret = 1;
mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
if( ( f = fopen( filename, "rb" ) ) == NULL )
@@ -125,13 +128,13 @@
mbedtls_printf( "\n . OK (the signature is valid)\n\n" );
- ret = 0;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
mbedtls_pk_free( &pk );
#if defined(MBEDTLS_ERROR_C)
- if( ret != 0 )
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
mbedtls_printf( " ! Last error was: %s\n", buf );
@@ -143,7 +146,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C &&
MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c
index 2da3fbf..0a252d2 100644
--- a/programs/pkey/rsa_decrypt.c
+++ b/programs/pkey/rsa_decrypt.c
@@ -30,11 +30,11 @@
#else
#include <stdio.h>
#include <stdlib.h>
-#define mbedtls_printf printf
-#define mbedtls_exit exit
+#define mbedtls_printf printf
+#define mbedtls_exit exit
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
@@ -61,7 +61,9 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int return_val, exit_val, c;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
+ int c;
size_t i;
mbedtls_rsa_context rsa;
mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
@@ -73,7 +75,6 @@
((void) argv);
memset(result, 0, sizeof( result ) );
- exit_val = MBEDTLS_EXIT_SUCCESS;
if( argc != 1 )
{
@@ -83,7 +84,7 @@
mbedtls_printf( "\n" );
#endif
- mbedtls_exit( MBEDTLS_EXIT_FAILURE );
+ mbedtls_exit( exit_code );
}
mbedtls_printf( "\n . Seeding the random number generator..." );
@@ -96,14 +97,13 @@
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
- return_val = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
+ ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
&entropy, (const unsigned char *) pers,
strlen( pers ) );
- if( return_val != 0 )
+ if( ret != 0 )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n",
- return_val );
+ ret );
goto exit;
}
@@ -112,40 +112,38 @@
if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \
" ! Please run rsa_genkey first\n\n" );
goto exit;
}
- if( ( return_val = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 ||
- ( return_val = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 ||
- ( return_val = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 ||
- ( return_val = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 ||
- ( return_val = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ||
- ( return_val = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 ||
- ( return_val = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 ||
- ( return_val = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 )
+ if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 ||
+ ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 ||
+ ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 ||
+ ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 ||
+ ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ||
+ ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 ||
+ ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 ||
+ ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n",
- return_val );
+ ret );
fclose( f );
goto exit;
}
fclose( f );
- if( ( return_val = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 )
+ if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n",
- return_val );
+ ret );
goto exit;
}
- if( ( return_val = mbedtls_rsa_complete( &rsa ) ) != 0 )
+ if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n",
- return_val );
+ ret );
goto exit;
}
@@ -154,7 +152,6 @@
*/
if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" );
goto exit;
}
@@ -169,7 +166,6 @@
if( i != rsa.len )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( "\n ! Invalid RSA signature format\n\n" );
goto exit;
}
@@ -180,14 +176,13 @@
mbedtls_printf( "\n . Decrypting the encrypted data" );
fflush( stdout );
- return_val = mbedtls_rsa_pkcs1_decrypt( &rsa, mbedtls_ctr_drbg_random,
+ ret = mbedtls_rsa_pkcs1_decrypt( &rsa, mbedtls_ctr_drbg_random,
&ctr_drbg, MBEDTLS_RSA_PRIVATE, &i,
buf, result, 1024 );
- if( return_val != 0 )
+ if( ret != 0 )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n",
- return_val );
+ ret );
goto exit;
}
@@ -195,6 +190,8 @@
mbedtls_printf( "The decrypted result is: '%s'\n\n", result );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
@@ -208,6 +205,6 @@
fflush( stdout ); getchar();
#endif
- return( exit_val );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c
index 81c27d8..411657a 100644
--- a/programs/pkey/rsa_encrypt.c
+++ b/programs/pkey/rsa_encrypt.c
@@ -30,12 +30,12 @@
#else
#include <stdio.h>
#include <stdlib.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#define mbedtls_exit exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define mbedtls_exit exit
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
@@ -61,7 +61,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int return_val, exit_val;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t i;
mbedtls_rsa_context rsa;
mbedtls_entropy_context entropy;
@@ -71,8 +72,6 @@
const char *pers = "rsa_encrypt";
mbedtls_mpi N, E;
- exit_val = MBEDTLS_EXIT_SUCCESS;
-
if( argc != 2 )
{
mbedtls_printf( "usage: rsa_encrypt <string of max 100 characters>\n" );
@@ -81,7 +80,7 @@
mbedtls_printf( "\n" );
#endif
- mbedtls_exit( MBEDTLS_EXIT_FAILURE );
+ mbedtls_exit( exit_code );
}
mbedtls_printf( "\n . Seeding the random number generator..." );
@@ -92,14 +91,13 @@
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_entropy_init( &entropy );
- return_val = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) );
- if( return_val != 0 )
+ ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
+ &entropy, (const unsigned char *) pers,
+ strlen( pers ) );
+ if( ret != 0 )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n",
- return_val );
+ ret );
goto exit;
}
@@ -108,35 +106,30 @@
if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \
" ! Please run rsa_genkey first\n\n" );
goto exit;
}
- if( ( return_val = mbedtls_mpi_read_file( &N, 16, f ) ) != 0 ||
- ( return_val = mbedtls_mpi_read_file( &E, 16, f ) ) != 0 )
+ if( ( ret = mbedtls_mpi_read_file( &N, 16, f ) ) != 0 ||
+ ( ret = mbedtls_mpi_read_file( &E, 16, f ) ) != 0 )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n",
- return_val );
+ ret );
fclose( f );
goto exit;
}
fclose( f );
- if( ( return_val = mbedtls_rsa_import( &rsa, &N, NULL,
- NULL, NULL, &E ) ) != 0 )
+ if( ( ret = mbedtls_rsa_import( &rsa, &N, NULL, NULL, NULL, &E ) ) != 0 )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n",
- return_val );
+ ret );
goto exit;
}
if( strlen( argv[1] ) > 100 )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " Input data larger than 100 characters.\n\n" );
goto exit;
}
@@ -149,14 +142,13 @@
mbedtls_printf( "\n . Generating the RSA encrypted value" );
fflush( stdout );
- return_val = mbedtls_rsa_pkcs1_encrypt( &rsa, mbedtls_ctr_drbg_random,
- &ctr_drbg, MBEDTLS_RSA_PUBLIC,
- strlen( argv[1] ), input, buf );
- if( return_val != 0 )
+ ret = mbedtls_rsa_pkcs1_encrypt( &rsa, mbedtls_ctr_drbg_random,
+ &ctr_drbg, MBEDTLS_RSA_PUBLIC,
+ strlen( argv[1] ), input, buf );
+ if( ret != 0 )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n",
- return_val );
+ ret );
goto exit;
}
@@ -165,7 +157,6 @@
*/
if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL )
{
- exit_val = MBEDTLS_EXIT_FAILURE;
mbedtls_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" );
goto exit;
}
@@ -178,6 +169,8 @@
mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
mbedtls_ctr_drbg_free( &ctr_drbg );
@@ -189,7 +182,7 @@
fflush( stdout ); getchar();
#endif
- return( exit_val );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c
index 9399217..3359e14 100644
--- a/programs/pkey/rsa_genkey.c
+++ b/programs/pkey/rsa_genkey.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) && \
@@ -61,7 +64,8 @@
#else
int main( void )
{
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_rsa_context rsa;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@@ -105,14 +109,12 @@
( ret = mbedtls_rsa_export_crt( &rsa, &DP, &DQ, &QP ) ) != 0 )
{
mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" );
- ret = 1;
goto exit;
}
if( ( fpub = fopen( "rsa_pub.txt", "wb+" ) ) == NULL )
{
mbedtls_printf( " failed\n ! could not open rsa_pub.txt for writing\n\n" );
- ret = 1;
goto exit;
}
@@ -129,7 +131,6 @@
if( ( fpriv = fopen( "rsa_priv.txt", "wb+" ) ) == NULL )
{
mbedtls_printf( " failed\n ! could not open rsa_priv.txt for writing\n" );
- ret = 1;
goto exit;
}
@@ -160,6 +161,8 @@
*/
mbedtls_printf( " ok\n\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
if( fpub != NULL )
@@ -180,7 +183,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
index 89018cb..b16fe5d 100644
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@@ -29,10 +29,13 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#define mbedtls_snprintf snprintf
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define mbedtls_snprintf snprintf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
@@ -55,7 +58,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t i;
mbedtls_rsa_context rsa;
unsigned char hash[32];
@@ -69,8 +73,6 @@
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
- ret = 1;
-
if( argc != 2 )
{
mbedtls_printf( "usage: rsa_sign <filename>\n" );
@@ -87,7 +89,6 @@
if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \
" ! Please run rsa_genkey first\n\n" );
goto exit;
@@ -159,7 +160,6 @@
if( ( f = fopen( filename, "wb+" ) ) == NULL )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not create %s\n\n", argv[1] );
goto exit;
}
@@ -172,6 +172,8 @@
mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_rsa_free( &rsa );
@@ -184,7 +186,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index 7b6f14d..b0b0f7e 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_snprintf snprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_snprintf snprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
@@ -61,6 +64,7 @@
{
FILE *f;
int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_pk_context pk;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@@ -101,7 +105,6 @@
if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] );
mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
goto exit;
@@ -109,7 +112,6 @@
if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) )
{
- ret = 1;
mbedtls_printf( " failed\n ! Key is not an RSA key\n" );
goto exit;
}
@@ -145,7 +147,6 @@
if( ( f = fopen( filename, "wb+" ) ) == NULL )
{
- ret = 1;
mbedtls_printf( " failed\n ! Could not create %s\n\n", filename );
goto exit;
}
@@ -161,6 +162,8 @@
mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_pk_free( &pk );
mbedtls_ctr_drbg_free( &ctr_drbg );
@@ -171,7 +174,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c
index 1f827aa..6f88345 100644
--- a/programs/pkey/rsa_verify.c
+++ b/programs/pkey/rsa_verify.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#define mbedtls_snprintf snprintf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define mbedtls_snprintf snprintf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
@@ -54,7 +57,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret, c;
+ int ret = 1, c;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t i;
mbedtls_rsa_context rsa;
unsigned char hash[32];
@@ -62,7 +66,6 @@
char filename[512];
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
- ret = 1;
if( argc != 2 )
{
@@ -100,7 +103,6 @@
/*
* Extract the RSA signature from the text file
*/
- ret = 1;
mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] );
if( ( f = fopen( filename, "rb" ) ) == NULL )
@@ -146,7 +148,7 @@
mbedtls_printf( "\n . OK (the signature is valid)\n\n" );
- ret = 0;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
@@ -157,7 +159,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index 31b720f..7c9c68f 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_snprintf snprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_snprintf snprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
@@ -60,6 +63,7 @@
{
FILE *f;
int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
size_t i;
mbedtls_pk_context pk;
unsigned char hash[32];
@@ -91,7 +95,6 @@
if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) )
{
- ret = 1;
mbedtls_printf( " failed\n ! Key is not an RSA key\n" );
goto exit;
}
@@ -101,7 +104,6 @@
/*
* Extract the RSA signature from the file
*/
- ret = 1;
mbedtls_snprintf( filename, 512, "%s.sig", argv[2] );
if( ( f = fopen( filename, "rb" ) ) == NULL )
@@ -139,7 +141,7 @@
mbedtls_printf( "\n . OK (the signature is valid)\n\n" );
- ret = 0;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
mbedtls_pk_free( &pk );
@@ -149,7 +151,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c
index 792d381..a1eb386 100644
--- a/programs/random/gen_entropy.c
+++ b/programs/random/gen_entropy.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO)
#include "mbedtls/entropy.h"
@@ -49,20 +52,21 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int i, k, ret;
+ int i, k, ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_entropy_context entropy;
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
if( argc < 2 )
{
mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
- return( 1 );
+ return( exit_code );
}
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
{
mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
- return( 1 );
+ return( exit_code );
}
mbedtls_entropy_init( &entropy );
@@ -72,7 +76,8 @@
ret = mbedtls_entropy_func( &entropy, buf, sizeof( buf ) );
if( ret != 0 )
{
- mbedtls_printf("failed!\n");
+ mbedtls_printf( " failed\n ! mbedtls_entropy_func returned -%04X\n",
+ ret );
goto cleanup;
}
@@ -83,7 +88,7 @@
fflush( stdout );
}
- ret = 0;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
cleanup:
mbedtls_printf( "\n" );
@@ -91,6 +96,6 @@
fclose( f );
mbedtls_entropy_free( &entropy );
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_ENTROPY_C */
diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c
index c76f99d..5ade946 100644
--- a/programs/random/gen_random_ctr_drbg.c
+++ b/programs/random/gen_random_ctr_drbg.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_FS_IO)
@@ -52,7 +55,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int i, k, ret;
+ int i, k, ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_entropy_context entropy;
unsigned char buf[1024];
@@ -62,13 +66,13 @@
if( argc < 2 )
{
mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
- return( 1 );
+ return( exit_code );
}
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
{
mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
- return( 1 );
+ return( exit_code );
}
mbedtls_entropy_init( &entropy );
@@ -116,7 +120,7 @@
fflush( stdout );
}
- ret = 0;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
cleanup:
mbedtls_printf("\n");
@@ -125,6 +129,6 @@
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */
diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c
index 6c31462..3fb3f01 100644
--- a/programs/random/gen_random_havege.c
+++ b/programs/random/gen_random_havege.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_HAVEGE_C) && defined(MBEDTLS_FS_IO)
#include "mbedtls/havege.h"
@@ -51,20 +54,21 @@
{
FILE *f;
time_t t;
- int i, k, ret = 0;
+ int i, k, ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_havege_state hs;
unsigned char buf[1024];
if( argc < 2 )
{
mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
- return( 1 );
+ return( exit_code );
}
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
{
mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
- return( 1 );
+ return( exit_code );
}
mbedtls_havege_init( &hs );
@@ -73,11 +77,10 @@
for( i = 0, k = 768; i < k; i++ )
{
- if( mbedtls_havege_random( &hs, buf, sizeof( buf ) ) != 0 )
+ if( ( ret = mbedtls_havege_random( &hs, buf, sizeof( buf ) ) ) != 0 )
{
- mbedtls_printf( "Failed to get random from source.\n" );
-
- ret = 1;
+ mbedtls_printf( " failed\n ! mbedtls_havege_random returned -0x%04X",
+ -ret );
goto exit;
}
@@ -93,9 +96,11 @@
mbedtls_printf(" \n ");
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_havege_free( &hs );
fclose( f );
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_HAVEGE_C */
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index 01cee13..bf7c013 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -30,11 +30,13 @@
#else
#include <stdio.h>
#include <stdlib.h>
-#define mbedtls_time time
-#define mbedtls_time_t time_t
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#define mbedtls_time time
+#define mbedtls_time_t time_t
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
@@ -80,7 +82,8 @@
int main( void )
{
- int ret, len;
+ int ret = 1, len;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_net_context server_fd;
uint32_t flags;
unsigned char buf[1024];
@@ -281,10 +284,12 @@
mbedtls_ssl_close_notify( &ssl );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
#ifdef MBEDTLS_ERROR_C
- if( ret != 0 )
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
char error_buf[100];
mbedtls_strerror( ret, error_buf, 100 );
@@ -305,7 +310,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 5d8969d..15c778d 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -83,6 +83,7 @@
#define DFL_PSK ""
#define DFL_PSK_IDENTITY "Client_identity"
#define DFL_ECJPAKE_PW NULL
+#define DFL_EC_MAX_OPS -1
#define DFL_FORCE_CIPHER 0
#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED
#define DFL_ALLOW_LEGACY -2
@@ -106,6 +107,8 @@
#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM
#define DFL_HS_TO_MIN 0
#define DFL_HS_TO_MAX 0
+#define DFL_DTLS_MTU -1
+#define DFL_DGRAM_PACKING 1
#define DFL_FALLBACK -1
#define DFL_EXTENDED_MS -1
#define DFL_ETM -1
@@ -198,7 +201,11 @@
#define USAGE_DTLS \
" dtls=%%d default: 0 (TLS)\n" \
" hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \
- " range of DTLS handshake timeouts in millisecs\n"
+ " range of DTLS handshake timeouts in millisecs\n" \
+ " mtu=%%d default: (library default: unlimited)\n" \
+ " dgram_packing=%%d default: 1 (allowed)\n" \
+ " allow or forbid packing of multiple\n" \
+ " records within a single datgram.\n"
#else
#define USAGE_DTLS ""
#endif
@@ -239,6 +246,13 @@
#define USAGE_ECJPAKE ""
#endif
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+#define USAGE_ECRESTART \
+ " ec_max_ops=%%s default: library default (restart disabled)\n"
+#else
+#define USAGE_ECRESTART ""
+#endif
+
#define USAGE \
"\n usage: ssl_client2 param=<>...\n" \
"\n acceptable parameters:\n" \
@@ -246,8 +260,12 @@
" server_addr=%%s default: given by name\n" \
" server_port=%%d default: 4433\n" \
" request_page=%%s default: \".\"\n" \
- " request_size=%%d default: about 34 (basic request)\n" \
- " (minimum: 0, max: " MAX_REQUEST_SIZE_STR " )\n" \
+ " request_size=%%d default: about 34 (basic request)\n" \
+ " (minimum: 0, max: " MAX_REQUEST_SIZE_STR ")\n" \
+ " If 0, in the first exchange only an empty\n" \
+ " application data message is sent followed by\n" \
+ " a second non-empty message before attempting\n" \
+ " to read a response from the server\n" \
" debug_level=%%d default: 0 (disabled)\n" \
" nbio=%%d default: 0 (blocking I/O)\n" \
" options: 1 (non-blocking), 2 (added delays)\n" \
@@ -264,6 +282,7 @@
"\n" \
USAGE_PSK \
USAGE_ECJPAKE \
+ USAGE_ECRESTART \
"\n" \
" allow_legacy=%%d default: (library default: no)\n" \
USAGE_RENEGO \
@@ -317,6 +336,7 @@
const char *psk; /* the pre-shared key */
const char *psk_identity; /* the pre-shared key identity */
const char *ecjpake_pw; /* the EC J-PAKE password */
+ int ec_max_ops; /* EC consecutive operations limit */
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
int renegotiation; /* enable / disable renegotiation */
int allow_legacy; /* allow legacy renegotiation */
@@ -341,7 +361,9 @@
int transport; /* TLS or DTLS? */
uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
+ int dtls_mtu; /* UDP Maximum tranport unit for DTLS */
int fallback; /* is this a fallback connection? */
+ int dgram_packing; /* allow/forbid datagram packing */
int extended_ms; /* negotiate extended master secret? */
int etm; /* negotiate encrypt then mac? */
} opt;
@@ -590,6 +612,7 @@
opt.psk = DFL_PSK;
opt.psk_identity = DFL_PSK_IDENTITY;
opt.ecjpake_pw = DFL_ECJPAKE_PW;
+ opt.ec_max_ops = DFL_EC_MAX_OPS;
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
opt.renegotiation = DFL_RENEGOTIATION;
opt.allow_legacy = DFL_ALLOW_LEGACY;
@@ -613,9 +636,11 @@
opt.transport = DFL_TRANSPORT;
opt.hs_to_min = DFL_HS_TO_MIN;
opt.hs_to_max = DFL_HS_TO_MAX;
+ opt.dtls_mtu = DFL_DTLS_MTU;
opt.fallback = DFL_FALLBACK;
opt.extended_ms = DFL_EXTENDED_MS;
opt.etm = DFL_ETM;
+ opt.dgram_packing = DFL_DGRAM_PACKING;
for( i = 1; i < argc; i++ )
{
@@ -689,6 +714,8 @@
opt.psk_identity = q;
else if( strcmp( p, "ecjpake_pw" ) == 0 )
opt.ecjpake_pw = q;
+ else if( strcmp( p, "ec_max_ops" ) == 0 )
+ opt.ec_max_ops = atoi( q );
else if( strcmp( p, "force_ciphersuite" ) == 0 )
{
opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
@@ -923,6 +950,21 @@
if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min )
goto usage;
}
+ else if( strcmp( p, "mtu" ) == 0 )
+ {
+ opt.dtls_mtu = atoi( q );
+ if( opt.dtls_mtu < 0 )
+ goto usage;
+ }
+ else if( strcmp( p, "dgram_packing" ) == 0 )
+ {
+ opt.dgram_packing = atoi( q );
+ if( opt.dgram_packing != 0 &&
+ opt.dgram_packing != 1 )
+ {
+ goto usage;
+ }
+ }
else if( strcmp( p, "recsplit" ) == 0 )
{
opt.recsplit = atoi( q );
@@ -1323,6 +1365,9 @@
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min,
opt.hs_to_max );
+
+ if( opt.dgram_packing != DFL_DGRAM_PACKING )
+ mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@@ -1481,11 +1526,21 @@
mbedtls_net_send, mbedtls_net_recv,
opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( opt.dtls_mtu != DFL_DTLS_MTU )
+ mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu );
+#endif
+
#if defined(MBEDTLS_TIMING_C)
mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
#endif
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( opt.ec_max_ops != DFL_EC_MAX_OPS )
+ mbedtls_ecp_set_max_ops( opt.ec_max_ops );
+#endif
+
mbedtls_printf( " ok\n" );
/*
@@ -1497,7 +1552,8 @@
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
{
if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+ ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+ ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n",
-ret );
@@ -1513,6 +1569,11 @@
goto exit;
}
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
+ continue;
+#endif
+
/* For event-driven IO, wait for socket to become available */
if( opt.event == 1 /* level triggered IO */ )
{
@@ -1605,13 +1666,19 @@
while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 )
{
if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+ ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+ ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n",
ret );
goto exit;
}
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
+ continue;
+#endif
+
/* For event-driven IO, wait for socket to become available */
if( opt.event == 1 /* level triggered IO */ )
{
@@ -1663,13 +1730,17 @@
if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
{
- for( written = 0, frags = 0; written < len; written += ret, frags++ )
+ written = 0;
+ frags = 0;
+
+ do
{
while( ( ret = mbedtls_ssl_write( &ssl, buf + written,
- len - written ) ) <= 0 )
+ len - written ) ) < 0 )
{
if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+ ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+ ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned -0x%x\n\n",
-ret );
@@ -1686,7 +1757,11 @@
#endif
}
}
+
+ frags++;
+ written += ret;
}
+ while( written < len );
}
else /* Not stream, so datagram */
{
@@ -1694,6 +1769,11 @@
{
ret = mbedtls_ssl_write( &ssl, buf, len );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
+ continue;
+#endif
+
if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
ret != MBEDTLS_ERR_SSL_WANT_WRITE )
break;
@@ -1730,6 +1810,13 @@
mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n",
written, frags, (char *) buf );
+ /* Send a non-empty request if request_size == 0 */
+ if ( len == 0 )
+ {
+ opt.request_size = DFL_REQUEST_SIZE;
+ goto send_request;
+ }
+
/*
* 7. Read the HTTP response
*/
@@ -1747,6 +1834,11 @@
memset( buf, 0, sizeof( buf ) );
ret = mbedtls_ssl_read( &ssl, buf, len );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
+ continue;
+#endif
+
if( ret == MBEDTLS_ERR_SSL_WANT_READ ||
ret == MBEDTLS_ERR_SSL_WANT_WRITE )
{
@@ -1807,6 +1899,11 @@
{
ret = mbedtls_ssl_read( &ssl, buf, len );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
+ continue;
+#endif
+
if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
ret != MBEDTLS_ERR_SSL_WANT_WRITE )
break;
@@ -1869,7 +1966,8 @@
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
{
if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+ ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+ ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n",
-ret );
@@ -1967,7 +2065,8 @@
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
{
if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+ ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+ ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n",
-ret );
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 7624896..1c3a806 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -29,10 +29,13 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#define mbedtls_time_t time_t
-#endif
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define mbedtls_time_t time_t
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
@@ -95,7 +98,8 @@
int main( void )
{
- int ret, len, cnt = 0, pid;
+ int ret = 1, len, cnt = 0, pid;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "ssl_fork_server";
@@ -392,6 +396,8 @@
goto exit;
}
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_net_free( &client_fd );
mbedtls_net_free( &listen_fd );
@@ -408,7 +414,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 04b847a..16cedfe 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -19,6 +19,11 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
+/* Enable definition of gethostname() even when compiling with -std=c99. Must
+ * be set before config.h, which pulls in glibc's features.h indirectly.
+ * Harmless on other platforms. */
+#define _POSIX_C_SOURCE 200112L
+
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@@ -30,11 +35,13 @@
#else
#include <stdio.h>
#include <stdlib.h>
-#define mbedtls_time time
-#define mbedtls_time_t time_t
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#define mbedtls_time time
+#define mbedtls_time_t time_t
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
@@ -346,11 +353,18 @@
int main( int argc, char *argv[] )
{
- int ret = 0, len;
+ int ret = 1, len;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_net_context server_fd;
- unsigned char buf[1024];
#if defined(MBEDTLS_BASE64_C)
unsigned char base[1024];
+ /* buf is used as the destination buffer for printing base with the format:
+ * "%s\r\n". Hence, the size of buf should be at least the size of base
+ * plus 2 bytes for the \r and \n characters.
+ */
+ unsigned char buf[sizeof( base ) + 2];
+#else
+ unsigned char buf[1024];
#endif
char hostname[32];
const char *pers = "ssl_mail_client";
@@ -499,8 +513,8 @@
mbedtls_test_cas_pem_len );
#else
{
- ret = 1;
mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.");
+ goto exit;
}
#endif
if( ret < 0 )
@@ -529,8 +543,8 @@
mbedtls_test_cli_crt_len );
#else
{
- ret = -1;
mbedtls_printf("MBEDTLS_CERTS_C not defined.");
+ goto exit;
}
#endif
if( ret != 0 )
@@ -549,8 +563,8 @@
mbedtls_test_cli_key_len, NULL, 0 );
#else
{
- ret = -1;
mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined.");
+ goto exit;
}
#endif
if( ret != 0 )
@@ -819,6 +833,8 @@
mbedtls_ssl_close_notify( &ssl );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_net_free( &server_fd );
@@ -835,7 +851,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 3a413ad..4eac51f 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -97,8 +97,13 @@
#include <windows.h>
#endif
+/* Size of memory to be allocated for the heap, when using the library's memory
+ * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
+#define MEMORY_HEAP_SIZE 120000
+
#define DFL_SERVER_ADDR NULL
#define DFL_SERVER_PORT "4433"
+#define DFL_RESPONSE_SIZE -1
#define DFL_DEBUG_LEVEL 0
#define DFL_NBIO 0
#define DFL_EVENT 0
@@ -146,7 +151,9 @@
#define DFL_ANTI_REPLAY -1
#define DFL_HS_TO_MIN 0
#define DFL_HS_TO_MAX 0
+#define DFL_DTLS_MTU -1
#define DFL_BADMAC_LIMIT -1
+#define DFL_DGRAM_PACKING 1
#define DFL_EXTENDED_MS -1
#define DFL_ETM -1
@@ -171,7 +178,7 @@
* You will need to adapt the mbedtls_ssl_get_bytes_avail() test in ssl-opt.sh
* if you change this value to something outside the range <= 100 or > 500
*/
-#define IO_BUF_LEN 200
+#define DFL_IO_BUF_LEN 200
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_FS_IO)
@@ -293,7 +300,11 @@
#define USAGE_DTLS \
" dtls=%%d default: 0 (TLS)\n" \
" hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \
- " range of DTLS handshake timeouts in millisecs\n"
+ " range of DTLS handshake timeouts in millisecs\n" \
+ " mtu=%%d default: (library default: unlimited)\n" \
+ " dgram_packing=%%d default: 1 (allowed)\n" \
+ " allow or forbid packing of multiple\n" \
+ " records within a single datgram.\n"
#else
#define USAGE_DTLS ""
#endif
@@ -346,6 +357,11 @@
" server_addr=%%s default: (all interfaces)\n" \
" server_port=%%d default: 4433\n" \
" debug_level=%%d default: 0 (disabled)\n" \
+ " buffer_size=%%d default: 200 \n" \
+ " (minimum: 1, max: 16385)\n" \
+ " response_size=%%d default: about 152 (basic response)\n" \
+ " (minimum: 0, max: 16384)\n" \
+ " increases buffer_size if bigger\n"\
" nbio=%%d default: 0 (blocking I/O)\n" \
" options: 1 (non-blocking), 2 (added delays)\n" \
" event=%%d default: 0 (loop)\n" \
@@ -421,6 +437,8 @@
int nbio; /* should I/O be blocking? */
int event; /* loop or event-driven IO? level or edge triggered? */
uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */
+ int response_size; /* pad response with header to requested size */
+ uint16_t buffer_size; /* IO buffer size */
const char *ca_file; /* the file with the CA certificate(s) */
const char *ca_path; /* the path with the CA certificate(s) reside */
const char *crt_file; /* the file with the server certificate */
@@ -466,6 +484,8 @@
int anti_replay; /* Use anti-replay for DTLS? -1 for default */
uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
+ int dtls_mtu; /* UDP Maximum tranport unit for DTLS */
+ int dgram_packing; /* allow/forbid datagram packing */
int badmac_limit; /* Limit of records with bad MAC */
} opt;
@@ -1154,7 +1174,7 @@
{
int ret = 0, len, written, frags, exchanges_left;
int version_suites[4][2];
- unsigned char buf[IO_BUF_LEN];
+ unsigned char* buf = 0;
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
unsigned char psk[MBEDTLS_PSK_MAX_LEN];
size_t psk_len = 0;
@@ -1212,7 +1232,7 @@
const char *alpn_list[ALPN_LIST_SIZE];
#endif
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- unsigned char alloc_buf[100000];
+ unsigned char alloc_buf[MEMORY_HEAP_SIZE];
#endif
int i;
@@ -1285,10 +1305,12 @@
goto exit;
}
+ opt.buffer_size = DFL_IO_BUF_LEN;
opt.server_addr = DFL_SERVER_ADDR;
opt.server_port = DFL_SERVER_PORT;
opt.debug_level = DFL_DEBUG_LEVEL;
opt.event = DFL_EVENT;
+ opt.response_size = DFL_RESPONSE_SIZE;
opt.nbio = DFL_NBIO;
opt.read_timeout = DFL_READ_TIMEOUT;
opt.ca_file = DFL_CA_FILE;
@@ -1334,6 +1356,8 @@
opt.anti_replay = DFL_ANTI_REPLAY;
opt.hs_to_min = DFL_HS_TO_MIN;
opt.hs_to_max = DFL_HS_TO_MAX;
+ opt.dtls_mtu = DFL_DTLS_MTU;
+ opt.dgram_packing = DFL_DGRAM_PACKING;
opt.badmac_limit = DFL_BADMAC_LIMIT;
opt.extended_ms = DFL_EXTENDED_MS;
opt.etm = DFL_ETM;
@@ -1379,6 +1403,20 @@
}
else if( strcmp( p, "read_timeout" ) == 0 )
opt.read_timeout = atoi( q );
+ else if( strcmp( p, "buffer_size" ) == 0 )
+ {
+ opt.buffer_size = atoi( q );
+ if( opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1 )
+ goto usage;
+ }
+ else if( strcmp( p, "response_size" ) == 0 )
+ {
+ opt.response_size = atoi( q );
+ if( opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN )
+ goto usage;
+ if( opt.buffer_size < opt.response_size )
+ opt.buffer_size = opt.response_size;
+ }
else if( strcmp( p, "ca_file" ) == 0 )
opt.ca_file = q;
else if( strcmp( p, "ca_path" ) == 0 )
@@ -1680,6 +1718,21 @@
if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min )
goto usage;
}
+ else if( strcmp( p, "mtu" ) == 0 )
+ {
+ opt.dtls_mtu = atoi( q );
+ if( opt.dtls_mtu < 0 )
+ goto usage;
+ }
+ else if( strcmp( p, "dgram_packing" ) == 0 )
+ {
+ opt.dgram_packing = atoi( q );
+ if( opt.dgram_packing != 0 &&
+ opt.dgram_packing != 1 )
+ {
+ goto usage;
+ }
+ }
else if( strcmp( p, "sni" ) == 0 )
{
opt.sni = q;
@@ -1700,6 +1753,13 @@
#if defined(MBEDTLS_DEBUG_C)
mbedtls_debug_set_threshold( opt.debug_level );
#endif
+ buf = mbedtls_calloc( 1, opt.buffer_size + 1 );
+ if( buf == NULL )
+ {
+ mbedtls_printf( "Could not allocate %u bytes\n", opt.buffer_size );
+ ret = 3;
+ goto exit;
+ }
if( opt.force_ciphersuite[0] > 0 )
{
@@ -2151,6 +2211,9 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
+
+ if( opt.dgram_packing != DFL_DGRAM_PACKING )
+ mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@@ -2469,6 +2532,11 @@
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv,
opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( opt.dtls_mtu != DFL_DTLS_MTU )
+ mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu );
+#endif
+
#if defined(MBEDTLS_TIMING_C)
mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
@@ -2708,8 +2776,8 @@
do
{
int terminated = 0;
- len = sizeof( buf ) - 1;
- memset( buf, 0, sizeof( buf ) );
+ len = opt.buffer_size - 1;
+ memset( buf, 0, opt.buffer_size );
ret = mbedtls_ssl_read( &ssl, buf, len );
if( mbedtls_status_is_ssl_in_progress( ret ) )
@@ -2809,8 +2877,8 @@
}
else /* Not stream, so datagram */
{
- len = sizeof( buf ) - 1;
- memset( buf, 0, sizeof( buf ) );
+ len = opt.buffer_size - 1;
+ memset( buf, 0, opt.buffer_size );
do
{
@@ -2908,6 +2976,25 @@
len = sprintf( (char *) buf, HTTP_RESPONSE,
mbedtls_ssl_get_ciphersuite( &ssl ) );
+ /* Add padding to the response to reach opt.response_size in length */
+ if( opt.response_size != DFL_RESPONSE_SIZE &&
+ len < opt.response_size )
+ {
+ memset( buf + len, 'B', opt.response_size - len );
+ len += opt.response_size - len;
+ }
+
+ /* Truncate if response size is smaller than the "natural" size */
+ if( opt.response_size != DFL_RESPONSE_SIZE &&
+ len > opt.response_size )
+ {
+ len = opt.response_size;
+
+ /* Still end with \r\n unless that's really not possible */
+ if( len >= 2 ) buf[len - 2] = '\r';
+ if( len >= 1 ) buf[len - 1] = '\n';
+ }
+
if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
{
for( written = 0, frags = 0; written < len; written += ret, frags++ )
@@ -3066,6 +3153,7 @@
mbedtls_memory_buffer_alloc_free();
#endif
+ mbedtls_free( buf );
mbedtls_printf( " done.\n" );
#if defined(_WIN32)
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 0c5ce27..9ca0cb2 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -16,6 +16,11 @@
add_executable(benchmark benchmark.c)
target_link_libraries(benchmark ${libs})
+if(TEST_CPP)
+ add_executable(cpp_dummy_build cpp_dummy_build.cpp)
+ target_link_libraries(cpp_dummy_build ${libs})
+endif()
+
add_executable(ssl_cert_test ssl_cert_test.c)
target_link_libraries(ssl_cert_test ${libs})
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 89fdb84..e7d29c3 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -61,9 +61,12 @@
#include "mbedtls/aria.h"
#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
+#include "mbedtls/chacha20.h"
#include "mbedtls/gcm.h"
#include "mbedtls/ccm.h"
+#include "mbedtls/chachapoly.h"
#include "mbedtls/cmac.h"
+#include "mbedtls/poly1305.h"
#include "mbedtls/havege.h"
#include "mbedtls/ctr_drbg.h"
@@ -98,9 +101,10 @@
#define OPTIONS \
"md4, md5, ripemd160, sha1, sha256, sha512,\n" \
- "arc4, des3, des, camellia, blowfish,\n" \
- "aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xts,\n" \
- "des3_cmac, havege, ctr_drbg, hmac_drbg,\n" \
+ "arc4, des3, des, camellia, blowfish, chacha20,\n" \
+ "aes_cbc, aes_gcm, aes_ccm, aes_ctx, chachapoly,\n" \
+ "aes_cmac, des3_cmac, poly1305\n" \
+ "havege, ctr_drbg, hmac_drbg\n" \
"rsa, dhm, ecdsa, ecdh.\n"
#if defined(MBEDTLS_ERROR_C)
@@ -115,25 +119,34 @@
#define TIME_AND_TSC( TITLE, CODE ) \
do { \
unsigned long ii, jj, tsc; \
+ int ret = 0; \
\
mbedtls_printf( HEADER_FORMAT, TITLE ); \
fflush( stdout ); \
\
mbedtls_set_alarm( 1 ); \
- for( ii = 1; ! mbedtls_timing_alarmed; ii++ ) \
+ for( ii = 1; ret == 0 && ! mbedtls_timing_alarmed; ii++ ) \
{ \
- CODE; \
+ ret = CODE; \
} \
\
tsc = mbedtls_timing_hardclock(); \
- for( jj = 0; jj < 1024; jj++ ) \
+ for( jj = 0; ret == 0 && jj < 1024; jj++ ) \
{ \
- CODE; \
+ ret = CODE; \
} \
\
- mbedtls_printf( "%9lu KiB/s, %9lu cycles/byte\n", \
- ii * BUFSIZE / 1024, \
- ( mbedtls_timing_hardclock() - tsc ) / ( jj * BUFSIZE ) ); \
+ if( ret != 0 ) \
+ { \
+ PRINT_ERROR; \
+ } \
+ else \
+ { \
+ mbedtls_printf( "%9lu KiB/s, %9lu cycles/byte\n", \
+ ii * BUFSIZE / 1024, \
+ ( mbedtls_timing_hardclock() - tsc ) \
+ / ( jj * BUFSIZE ) ); \
+ } \
} while( 0 )
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
@@ -233,8 +246,10 @@
typedef struct {
char md4, md5, ripemd160, sha1, sha256, sha512,
arc4, des3, des,
- aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xts,
- des3_cmac, aria, camellia, blowfish,
+ aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,
+ aes_cmac, des3_cmac,
+ aria, camellia, blowfish, chacha20,
+ poly1305,
havege, ctr_drbg, hmac_drbg,
rsa, dhm, ecdsa, ecdh;
} todo_list;
@@ -285,6 +300,8 @@
todo.aes_gcm = 1;
else if( strcmp( argv[i], "aes_ccm" ) == 0 )
todo.aes_ccm = 1;
+ else if( strcmp( argv[i], "chachapoly" ) == 0 )
+ todo.chachapoly = 1;
else if( strcmp( argv[i], "aes_cmac" ) == 0 )
todo.aes_cmac = 1;
else if( strcmp( argv[i], "des3_cmac" ) == 0 )
@@ -295,6 +312,10 @@
todo.camellia = 1;
else if( strcmp( argv[i], "blowfish" ) == 0 )
todo.blowfish = 1;
+ else if( strcmp( argv[i], "chacha20" ) == 0 )
+ todo.chacha20 = 1;
+ else if( strcmp( argv[i], "poly1305" ) == 0 )
+ todo.poly1305 = 1;
else if( strcmp( argv[i], "havege" ) == 0 )
todo.havege = 1;
else if( strcmp( argv[i], "ctr_drbg" ) == 0 )
@@ -497,6 +518,26 @@
}
}
#endif
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if( todo.chachapoly )
+ {
+ mbedtls_chachapoly_context chachapoly;
+
+ mbedtls_chachapoly_init( &chachapoly );
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+
+ mbedtls_snprintf( title, sizeof( title ), "ChaCha20-Poly1305" );
+
+ mbedtls_chachapoly_setkey( &chachapoly, tmp );
+
+ TIME_AND_TSC( title,
+ mbedtls_chachapoly_encrypt_and_tag( &chachapoly,
+ BUFSIZE, tmp, NULL, 0, buf, buf, tmp ) );
+
+ mbedtls_chachapoly_free( &chachapoly );
+ }
+#endif
#if defined(MBEDTLS_CMAC_C)
if( todo.aes_cmac )
{
@@ -574,6 +615,20 @@
}
#endif
+#if defined(MBEDTLS_CHACHA20_C)
+ if ( todo.chacha20 )
+ {
+ TIME_AND_TSC( "ChaCha20", mbedtls_chacha20_crypt( buf, buf, 0U, BUFSIZE, buf, buf ) );
+ }
+#endif
+
+#if defined(MBEDTLS_POLY1305_C)
+ if ( todo.poly1305 )
+ {
+ TIME_AND_TSC( "Poly1305", mbedtls_poly1305_mac( buf, buf, BUFSIZE, buf ) );
+ }
+#endif
+
#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
if( todo.blowfish )
{
@@ -618,15 +673,13 @@
if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
TIME_AND_TSC( "CTR_DRBG (NOPR)",
- if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
+ mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) );
if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON );
TIME_AND_TSC( "CTR_DRBG (PR)",
- if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
+ mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) );
mbedtls_ctr_drbg_free( &ctr_drbg );
}
#endif
@@ -646,18 +699,14 @@
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
- if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_hmac_drbg_free( &hmac_drbg );
+ mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) );
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
MBEDTLS_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
- if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_hmac_drbg_free( &hmac_drbg );
+ mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) );
#endif
#if defined(MBEDTLS_SHA256_C)
@@ -667,19 +716,16 @@
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
- if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_hmac_drbg_free( &hmac_drbg );
+ mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) );
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
MBEDTLS_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
- if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_hmac_drbg_free( &hmac_drbg );
+ mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) );
#endif
+ mbedtls_hmac_drbg_free( &hmac_drbg );
}
#endif
diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp
new file mode 100644
index 0000000..c652884
--- /dev/null
+++ b/programs/test/cpp_dummy_build.cpp
@@ -0,0 +1,119 @@
+/*
+ * This program is a dummy C++ program to ensure Mbed TLS library header files
+ * can be included and built with a C++ compiler.
+ *
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/aes.h"
+#include "mbedtls/aesni.h"
+#include "mbedtls/arc4.h"
+#include "mbedtls/aria.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/bn_mul.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/chacha20.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/check_config.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/cipher_internal.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/compat-1.3.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/des.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/ecdh.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/ecjpake.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/ecp_internal.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/error.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/havege.h"
+#include "mbedtls/hkdf.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/md_internal.h"
+#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/nist_kw.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/padlock.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/pk_internal.h"
+#include "mbedtls/pkcs11.h"
+#include "mbedtls/pkcs12.h"
+#include "mbedtls/pkcs5.h"
+#include "mbedtls/platform_time.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/poly1305.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/rsa_internal.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_cache.h"
+#include "mbedtls/ssl_ciphersuites.h"
+#include "mbedtls/ssl_cookie.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/ssl_ticket.h"
+#include "mbedtls/threading.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/version.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/x509_crl.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/xtea.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+int main()
+{
+ mbedtls_platform_context *ctx = NULL;
+ mbedtls_platform_setup(ctx);
+ mbedtls_printf("CPP Build test\n");
+ mbedtls_platform_teardown(ctx);
+}
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index 019071b..f923a43 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -45,6 +45,9 @@
#include "mbedtls/aes.h"
#include "mbedtls/camellia.h"
#include "mbedtls/aria.h"
+#include "mbedtls/chacha20.h"
+#include "mbedtls/poly1305.h"
+#include "mbedtls/chachapoly.h"
#include "mbedtls/base64.h"
#include "mbedtls/bignum.h"
#include "mbedtls/rsa.h"
@@ -54,6 +57,7 @@
#include "mbedtls/ecp.h"
#include "mbedtls/ecjpake.h"
#include "mbedtls/timing.h"
+#include "mbedtls/nist_kw.h"
#include <string.h>
@@ -205,9 +209,21 @@
#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)
{"ccm", mbedtls_ccm_self_test},
#endif
+#if defined(MBEDTLS_NIST_KW_C) && defined(MBEDTLS_AES_C)
+ {"nist_kw", mbedtls_nist_kw_self_test},
+#endif
#if defined(MBEDTLS_CMAC_C)
{"cmac", mbedtls_cmac_self_test},
#endif
+#if defined(MBEDTLS_CHACHA20_C)
+ {"chacha20", mbedtls_chacha20_self_test},
+#endif
+#if defined(MBEDTLS_POLY1305_C)
+ {"poly1305", mbedtls_poly1305_self_test},
+#endif
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ {"chacha20-poly1305", mbedtls_chachapoly_self_test},
+#endif
#if defined(MBEDTLS_BASE64_C)
{"base64", mbedtls_base64_self_test},
#endif
diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c
index 9cfcd2d..fd3526f 100644
--- a/programs/test/ssl_cert_test.c
+++ b/programs/test/ssl_cert_test.c
@@ -29,9 +29,12 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_snprintf snprintf
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_snprintf snprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_X509_CRL_PARSE_C)
@@ -80,7 +83,8 @@
int main( void )
{
- int ret, i;
+ int ret = 1, i;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_x509_crt cacert;
mbedtls_x509_crl crl;
char buf[10240];
@@ -210,7 +214,6 @@
if( ! mbedtls_pk_can_do( &clicert.pk, MBEDTLS_PK_RSA ) )
{
mbedtls_printf( " failed\n ! certificate's key is not RSA\n\n" );
- ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
goto exit;
}
@@ -241,6 +244,8 @@
mbedtls_pk_free( &pk );
}
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_x509_crt_free( &cacert );
mbedtls_x509_crl_free( &crl );
@@ -250,7 +255,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_RSA_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO &&
MBEDTLS_X509_CRL_PARSE_C */
diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index 5797f3d..41739d0 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -37,10 +37,14 @@
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
-#define mbedtls_time time
-#define mbedtls_time_t time_t
-#define mbedtls_printf printf
-#endif
+#define mbedtls_time time
+#define mbedtls_time_t time_t
+#define mbedtls_printf printf
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_NET_C)
int main( void )
@@ -104,6 +108,21 @@
" delay=%%d default: 0 (no delayed packets)\n" \
" delay about 1:N packets randomly\n" \
" delay_ccs=0/1 default: 0 (don't delay ChangeCipherSpec)\n" \
+ " delay_cli=%%s Handshake message from client that should be\n"\
+ " delayed. Possible values are 'ClientHello',\n" \
+ " 'Certificate', 'CertificateVerify', and\n" \
+ " 'ClientKeyExchange'.\n" \
+ " May be used multiple times, even for the same\n"\
+ " message, in which case the respective message\n"\
+ " gets delayed multiple times.\n" \
+ " delay_srv=%%s Handshake message from server that should be\n"\
+ " delayed. Possible values are 'HelloRequest',\n"\
+ " 'ServerHello', 'ServerHelloDone', 'Certificate'\n"\
+ " 'ServerKeyExchange', 'NewSessionTicket',\n"\
+ " 'HelloVerifyRequest' and ''CertificateRequest'.\n"\
+ " May be used multiple times, even for the same\n"\
+ " message, in which case the respective message\n"\
+ " gets delayed multiple times.\n" \
" drop=%%d default: 0 (no dropped packets)\n" \
" drop about 1:N packets randomly\n" \
" mtu=%%d default: 0 (unlimited)\n" \
@@ -119,6 +138,9 @@
/*
* global options
*/
+
+#define MAX_DELAYED_HS 10
+
static struct options
{
const char *server_addr; /* address to forward packets to */
@@ -129,6 +151,12 @@
int duplicate; /* duplicate 1 in N packets (none if 0) */
int delay; /* delay 1 packet in N (none if 0) */
int delay_ccs; /* delay ChangeCipherSpec */
+ char* delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from
+ * client that should be delayed. */
+ uint8_t delay_cli_cnt; /* Number of entries in delay_cli. */
+ char* delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from
+ * server that should be delayed. */
+ uint8_t delay_srv_cnt; /* Number of entries in delay_srv. */
int drop; /* drop 1 packet in N (none if 0) */
int mtu; /* drop packets larger than this */
int bad_ad; /* inject corrupted ApplicationData record */
@@ -162,6 +190,11 @@
opt.pack = DFL_PACK;
/* Other members default to 0 */
+ opt.delay_cli_cnt = 0;
+ opt.delay_srv_cnt = 0;
+ memset( opt.delay_cli, 0, sizeof( opt.delay_cli ) );
+ memset( opt.delay_srv, 0, sizeof( opt.delay_srv ) );
+
for( i = 1; i < argc; i++ )
{
p = argv[i];
@@ -195,6 +228,43 @@
if( opt.delay_ccs < 0 || opt.delay_ccs > 1 )
exit_usage( p, q );
}
+ else if( strcmp( p, "delay_cli" ) == 0 ||
+ strcmp( p, "delay_srv" ) == 0 )
+ {
+ uint8_t *delay_cnt;
+ char **delay_list;
+ size_t len;
+ char *buf;
+
+ if( strcmp( p, "delay_cli" ) == 0 )
+ {
+ delay_cnt = &opt.delay_cli_cnt;
+ delay_list = opt.delay_cli;
+ }
+ else
+ {
+ delay_cnt = &opt.delay_srv_cnt;
+ delay_list = opt.delay_srv;
+ }
+
+ if( *delay_cnt == MAX_DELAYED_HS )
+ {
+ mbedtls_printf( " too many uses of %s: only %d allowed\n",
+ p, MAX_DELAYED_HS );
+ exit_usage( p, NULL );
+ }
+
+ len = strlen( q );
+ buf = mbedtls_calloc( 1, len + 1 );
+ if( buf == NULL )
+ {
+ mbedtls_printf( " Allocation failure\n" );
+ exit( 1 );
+ }
+ memcpy( buf, q, len + 1 );
+
+ delay_list[ (*delay_cnt)++ ] = buf;
+ }
else if( strcmp( p, "drop" ) == 0 )
{
opt.drop = atoi( q );
@@ -486,11 +556,37 @@
return( 0 );
}
-static packet prev;
+#define MAX_DELAYED_MSG 5
+static size_t prev_len;
+static packet prev[MAX_DELAYED_MSG];
void clear_pending( void )
{
- memset( &prev, 0, sizeof( packet ) );
+ memset( &prev, 0, sizeof( prev ) );
+ prev_len = 0;
+}
+
+void delay_packet( packet *delay )
+{
+ if( prev_len == MAX_DELAYED_MSG )
+ return;
+
+ memcpy( &prev[prev_len++], delay, sizeof( packet ) );
+}
+
+int send_delayed()
+{
+ uint8_t offset;
+ int ret;
+ for( offset = 0; offset < prev_len; offset++ )
+ {
+ ret = send_packet( &prev[offset], "delayed" );
+ if( ret != 0 )
+ return( ret );
+ }
+
+ clear_pending();
+ return( 0 );
}
/*
@@ -538,6 +634,10 @@
packet cur;
size_t id;
+ uint8_t delay_idx;
+ char ** delay_list;
+ uint8_t delay_list_len;
+
/* receive packet */
if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
{
@@ -553,6 +653,37 @@
id = cur.len % sizeof( dropped );
+ if( strcmp( way, "S <- C" ) == 0 )
+ {
+ delay_list = opt.delay_cli;
+ delay_list_len = opt.delay_cli_cnt;
+ }
+ else
+ {
+ delay_list = opt.delay_srv;
+ delay_list_len = opt.delay_srv_cnt;
+ }
+
+ /* Check if message type is in the list of messages
+ * that should be delayed */
+ for( delay_idx = 0; delay_idx < delay_list_len; delay_idx++ )
+ {
+ if( delay_list[ delay_idx ] == NULL )
+ continue;
+
+ if( strcmp( delay_list[ delay_idx ], cur.type ) == 0 )
+ {
+ /* Delay message */
+ delay_packet( &cur );
+
+ /* Remove entry from list */
+ mbedtls_free( delay_list[delay_idx] );
+ delay_list[delay_idx] = NULL;
+
+ return( 0 );
+ }
+ }
+
/* do we want to drop, delay, or forward it? */
if( ( opt.mtu != 0 &&
cur.len > (unsigned) opt.mtu ) ||
@@ -572,12 +703,11 @@
strcmp( cur.type, "ApplicationData" ) != 0 &&
! ( opt.protect_hvr &&
strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
- prev.dst == NULL &&
cur.len != (size_t) opt.protect_len &&
dropped[id] < DROP_MAX &&
rand() % opt.delay == 0 ) )
{
- memcpy( &prev, &cur, sizeof( packet ) );
+ delay_packet( &cur );
}
else
{
@@ -585,14 +715,10 @@
if( ( ret = send_packet( &cur, "forwarded" ) ) != 0 )
return( ret );
- /* send previously delayed message if any */
- if( prev.dst != NULL )
- {
- ret = send_packet( &prev, "delayed" );
- memset( &prev, 0, sizeof( packet ) );
- if( ret != 0 )
- return( ret );
- }
+ /* send previously delayed messages if any */
+ ret = send_delayed();
+ if( ret != 0 )
+ return( ret );
}
return( 0 );
@@ -600,7 +726,9 @@
int main( int argc, char *argv[] )
{
- int ret;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
+ uint8_t delay_idx;
mbedtls_net_context listen_fd, client_fd, server_fd;
@@ -781,10 +909,12 @@
}
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
#ifdef MBEDTLS_ERROR_C
- if( ret != 0 )
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
char error_buf[100];
mbedtls_strerror( ret, error_buf, 100 );
@@ -793,6 +923,12 @@
}
#endif
+ for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ )
+ {
+ mbedtls_free( opt.delay_cli + delay_idx );
+ mbedtls_free( opt.delay_srv + delay_idx );
+ }
+
mbedtls_net_free( &client_fd );
mbedtls_net_free( &server_fd );
mbedtls_net_free( &listen_fd );
@@ -802,7 +938,7 @@
fflush( stdout ); getchar();
#endif
- return( ret != 0 );
+ return( exit_code );
}
#endif /* MBEDTLS_NET_C */
diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c
index ad2c6ac..73a9fb5 100644
--- a/programs/util/pem2der.c
+++ b/programs/util/pem2der.c
@@ -29,10 +29,13 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_free free
-#define mbedtls_calloc calloc
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_free free
+#define mbedtls_calloc calloc
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_FS_IO)
#include "mbedtls/error.h"
@@ -178,7 +181,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
unsigned char *pem_buffer = NULL;
unsigned char der_buffer[4096];
char buf[1024];
@@ -273,6 +277,8 @@
mbedtls_printf( " ok\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
free( pem_buffer );
@@ -281,6 +287,6 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index c893ca8..c57ecca 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -30,11 +30,13 @@
#else
#include <stdio.h>
#include <stdlib.h>
-#define mbedtls_time time
-#define mbedtls_time_t time_t
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#endif
+#define mbedtls_time time
+#define mbedtls_time_t time_t
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
@@ -145,7 +147,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_net_context server_fd;
unsigned char buf[1024];
mbedtls_entropy_context entropy;
@@ -180,7 +183,6 @@
{
usage:
mbedtls_printf( USAGE );
- ret = 2;
goto exit;
}
@@ -252,19 +254,23 @@
if( strlen( opt.ca_path ) )
{
- ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path );
+ if( ( ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ) ) < 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", -ret );
+ goto exit;
+ }
+
verify = 1;
}
else if( strlen( opt.ca_file ) )
{
- ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
- verify = 1;
- }
+ if( ( ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ) ) < 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", -ret );
+ goto exit;
+ }
- if( ret < 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
- goto exit;
+ verify = 1;
}
mbedtls_printf( " ok (%d skipped)\n", ret );
@@ -332,8 +338,6 @@
cur = cur->next;
}
- ret = 0;
-
/*
* 1.3 Verify the certificate
*/
@@ -470,6 +474,8 @@
else
goto usage;
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_net_free( &server_fd );
@@ -485,10 +491,7 @@
fflush( stdout ); getchar();
#endif
- if( ret < 0 )
- ret = 1;
-
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 30df216..a32ac50 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \
@@ -133,7 +136,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_pk_context key;
char buf[1024];
int i;
@@ -156,7 +160,6 @@
{
usage:
mbedtls_printf( USAGE );
- ret = 1;
goto exit;
}
@@ -317,9 +320,11 @@
mbedtls_printf( " ok\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
- if( ret != 0 && ret != 1)
+ if( exit_code != MBEDTLS_EXIT_SUCCESS )
{
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror( ret, buf, sizeof( buf ) );
@@ -339,7 +344,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index 12baf72..fa99461 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
@@ -161,7 +164,7 @@
const char *issuer_key; /* filename of the issuer key file */
const char *subject_pwd; /* password for the subject key file */
const char *issuer_pwd; /* password for the issuer key file */
- const char *output_file; /* where to store the constructed key file */
+ const char *output_file; /* where to store the constructed CRT */
const char *subject_name; /* subject name for certificate */
const char *issuer_name; /* issuer name for certificate */
const char *not_before; /* validity period not before */
@@ -211,7 +214,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_x509_crt issuer_crt;
mbedtls_pk_context loaded_issuer_key, loaded_subject_key;
mbedtls_pk_context *issuer_key = &loaded_issuer_key,
@@ -248,7 +252,6 @@
{
usage:
mbedtls_printf( USAGE );
- ret = 1;
goto exit;
}
@@ -611,7 +614,6 @@
{
mbedtls_printf( " failed\n ! issuer_key does not match "
"issuer certificate\n\n" );
- ret = -1;
goto exit;
}
}
@@ -768,7 +770,7 @@
}
/*
- * 1.2. Writing the request
+ * 1.2. Writing the certificate
*/
mbedtls_printf( " . Writing the certificate..." );
fflush( stdout );
@@ -784,6 +786,8 @@
mbedtls_printf( " ok\n" );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_x509write_crt_free( &crt );
mbedtls_pk_free( &loaded_subject_key );
@@ -797,7 +801,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C &&
MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c
index 210d19e..f831683 100644
--- a/programs/x509/crl_app.c
+++ b/programs/x509/crl_app.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO)
@@ -67,7 +70,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
unsigned char buf[100000];
mbedtls_x509_crl crl;
int i;
@@ -131,6 +135,8 @@
mbedtls_printf( "%s\n", buf );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_x509_crl_free( &crl );
@@ -139,7 +145,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C &&
MBEDTLS_FS_IO */
diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c
index 8410a53..0f20c85 100644
--- a/programs/x509/req_app.c
+++ b/programs/x509/req_app.c
@@ -29,8 +29,11 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
-#endif
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO)
@@ -67,7 +70,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0;
+ int ret = 1;
+ int exit_code = MBEDTLS_EXIT_FAILURE;
unsigned char buf[100000];
mbedtls_x509_csr csr;
int i;
@@ -131,6 +135,8 @@
mbedtls_printf( "%s\n", buf );
+ exit_code = MBEDTLS_EXIT_SUCCESS;
+
exit:
mbedtls_x509_csr_free( &csr );
@@ -139,7 +145,7 @@
fflush( stdout ); getchar();
#endif
- return( ret );
+ return( exit_code );
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C &&
MBEDTLS_FS_IO */
diff --git a/scripts/config.pl b/scripts/config.pl
index 5bf2785..3d2884c 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
#
# This file is part of mbed TLS (https://tls.mbed.org)
#
@@ -95,6 +95,7 @@
MBEDTLS_ZLIB_SUPPORT
MBEDTLS_PKCS11_C
MBEDTLS_NO_UDBL_DIVISION
+MBEDTLS_NO_64BIT_MULTIPLICATION
_ALT\s*$
);
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index 60e5233..ac171ed4a 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# Generate error.c
#
@@ -30,9 +30,9 @@
my $error_format_file = $data_dir.'/error.fmt';
my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
- CAMELLIA CCM CMAC CTR_DRBG DES
+ CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES
ENTROPY GCM HKDF HMAC_DRBG MD2 MD4 MD5
- NET OID PADLOCK PBKDF2 RIPEMD160
+ NET OID PADLOCK PBKDF2 POLY1305 RIPEMD160
SHA1 SHA256 SHA512 THREADING XTEA );
my @high_level_modules = qw( CIPHER DHM ECP MD
PEM PK PKCS12 PKCS5
diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl
index 2aa695c..1bd82ca 100755
--- a/scripts/generate_features.pl
+++ b/scripts/generate_features.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
#
use strict;
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index e042a44..811c71f 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# Generate main file, individual apps and solution files for MS Visual Studio
# 2010
diff --git a/scripts/massif_max.pl b/scripts/massif_max.pl
index d1ce4ca..4e3342a 100755
--- a/scripts/massif_max.pl
+++ b/scripts/massif_max.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# Parse a massif.out.xxx file and output peak total memory usage
diff --git a/scripts/rename.pl b/scripts/rename.pl
index c29519e..fb42809 100755
--- a/scripts/rename.pl
+++ b/scripts/rename.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
#
# This file is part of mbed TLS (https://tls.mbed.org)
#
diff --git a/tests/.jenkins/Jenkinsfile b/tests/.jenkins/Jenkinsfile
new file mode 100644
index 0000000..ed04053
--- /dev/null
+++ b/tests/.jenkins/Jenkinsfile
@@ -0,0 +1 @@
+mbedtls.run_job()
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index f630edb..58126be 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -15,6 +15,11 @@
message(FATAL_ERROR "Cannot build test suites without Perl")
endif()
+# Enable definition of various functions used throughout the testsuite
+# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
+# on non-POSIX platforms.
+add_definitions("-D_POSIX_C_SOURCE=200809L")
+
function(add_test_suite suite_name)
if(ARGV1)
set(data_name ${ARGV1})
@@ -24,8 +29,8 @@
add_custom_command(
OUTPUT test_suite_${data_name}.c
- COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_code.pl ${CMAKE_CURRENT_SOURCE_DIR}/suites test_suite_${suite_name} test_suite_${data_name}
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_code.pl mbedtls suites/helpers.function suites/main_test.function suites/test_suite_${suite_name}.function suites/test_suite_${data_name}.data
+ COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data -t ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function -p ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function -s ${CMAKE_CURRENT_SOURCE_DIR}/suites --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function -o .
+ DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data
)
include_directories(${CMAKE_CURRENT_SOURCE_DIR})
@@ -56,11 +61,15 @@
add_test_suite(blowfish)
add_test_suite(camellia)
add_test_suite(ccm)
+add_test_suite(chacha20)
+add_test_suite(chachapoly)
add_test_suite(cipher cipher.aes)
add_test_suite(cipher cipher.arc4)
add_test_suite(cipher cipher.blowfish)
add_test_suite(cipher cipher.camellia)
add_test_suite(cipher cipher.ccm)
+add_test_suite(cipher cipher.chacha20)
+add_test_suite(cipher cipher.chachapoly)
add_test_suite(cipher cipher.des)
add_test_suite(cipher cipher.gcm)
add_test_suite(cipher cipher.null)
@@ -92,6 +101,7 @@
add_test_suite(mdx)
add_test_suite(memory_buffer_alloc)
add_test_suite(mpi)
+add_test_suite(nist_kw)
add_test_suite(pem)
add_test_suite(pkcs1_v15)
add_test_suite(pkcs1_v21)
@@ -99,6 +109,7 @@
add_test_suite(pk)
add_test_suite(pkparse)
add_test_suite(pkwrite)
+add_test_suite(poly1305)
add_test_suite(shax)
add_test_suite(ssl)
add_test_suite(timing)
diff --git a/tests/Makefile b/tests/Makefile
index d65cd93..4d2edd4 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -7,11 +7,16 @@
LDFLAGS ?=
LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = -L../library \
+LOCAL_LDFLAGS = -L../library \
-lmbedtls$(SHARED_SUFFIX) \
-lmbedx509$(SHARED_SUFFIX) \
-lmbedcrypto$(SHARED_SUFFIX)
+# Enable definition of various functions used throughout the testsuite
+# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
+# on non-POSIX platforms.
+LOCAL_CFLAGS += -D_POSIX_C_SOURCE=200809L
+
ifndef SHARED
DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
else
@@ -34,10 +39,13 @@
ifdef SHARED
SHARED_SUFFIX=.$(DLEXT)
endif
+PYTHON ?= python
else
DLEXT ?= so
EXEXT=
SHARED_SUFFIX=
+# python2 for POSIX since FreeBSD has only python2 as default.
+PYTHON ?= python2
endif
# Zlib shared library extensions:
@@ -45,438 +53,86 @@
LOCAL_LDFLAGS += -lz
endif
-APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \
- test_suite_aes.cfb$(EXEXT) test_suite_aes.ofb$(EXEXT) \
- test_suite_aes.xts$(EXEXT) \
- test_suite_aes.rest$(EXEXT) \
- test_suite_arc4$(EXEXT) test_suite_asn1write$(EXEXT) \
- test_suite_base64$(EXEXT) test_suite_blowfish$(EXEXT) \
- test_suite_camellia$(EXEXT) test_suite_ccm$(EXEXT) \
- test_suite_aria$(EXEXT) \
- test_suite_cmac$(EXEXT) \
- test_suite_cipher.aes$(EXEXT) \
- test_suite_cipher.arc4$(EXEXT) test_suite_cipher.ccm$(EXEXT) \
- test_suite_cipher.gcm$(EXEXT) \
- test_suite_cipher.blowfish$(EXEXT) \
- test_suite_cipher.camellia$(EXEXT) \
- test_suite_cipher.des$(EXEXT) test_suite_cipher.null$(EXEXT) \
- test_suite_cipher.padding$(EXEXT) \
- test_suite_ctr_drbg$(EXEXT) test_suite_debug$(EXEXT) \
- test_suite_des$(EXEXT) test_suite_dhm$(EXEXT) \
- test_suite_ecdh$(EXEXT) test_suite_ecdsa$(EXEXT) \
- test_suite_ecjpake$(EXEXT) test_suite_ecp$(EXEXT) \
- test_suite_error$(EXEXT) test_suite_entropy$(EXEXT) \
- test_suite_gcm.aes128_de$(EXEXT) \
- test_suite_gcm.aes192_de$(EXEXT) \
- test_suite_gcm.aes256_de$(EXEXT) \
- test_suite_gcm.aes128_en$(EXEXT) \
- test_suite_gcm.aes192_en$(EXEXT) \
- test_suite_gcm.aes256_en$(EXEXT) \
- test_suite_gcm.camellia$(EXEXT) \
- test_suite_hkdf$(EXEXT) \
- test_suite_hmac_drbg.misc$(EXEXT) \
- test_suite_hmac_drbg.no_reseed$(EXEXT) \
- test_suite_hmac_drbg.nopr$(EXEXT) \
- test_suite_hmac_drbg.pr$(EXEXT) \
- test_suite_md$(EXEXT) test_suite_mdx$(EXEXT) \
- test_suite_memory_buffer_alloc$(EXEXT) \
- test_suite_mpi$(EXEXT) \
- test_suite_pem$(EXEXT) test_suite_pkcs1_v15$(EXEXT) \
- test_suite_pkcs1_v21$(EXEXT) test_suite_pkcs5$(EXEXT) \
- test_suite_pkparse$(EXEXT) test_suite_pkwrite$(EXEXT) \
- test_suite_pk$(EXEXT) \
- test_suite_rsa$(EXEXT) test_suite_shax$(EXEXT) \
- test_suite_ssl$(EXEXT) test_suite_timing$(EXEXT) \
- test_suite_x509parse$(EXEXT) test_suite_x509write$(EXEXT) \
- test_suite_xtea$(EXEXT) test_suite_version$(EXEXT)
+# A test application is built for each suites/test_suite_*.data file.
+# Application name is same as .data file's base name and can be
+# constructed by stripping path 'suites/' and extension .data.
+APPS = $(basename $(subst suites/,,$(wildcard suites/test_suite_*.data)))
+
+# Construct executable name by adding OS specific suffix $(EXEXT).
+BINARIES := $(addsuffix $(EXEXT),$(APPS))
.SILENT:
.PHONY: all check test clean
-all: $(APPS)
+all: $(BINARIES)
$(DEP):
$(MAKE) -C ../library
-# invoke perl explicitly for the sake of mingw32-make
+C_FILES := $(addsuffix .c,$(APPS))
-test_suite_aes.ecb.c : suites/test_suite_aes.function suites/test_suite_aes.ecb.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
+# Wildcard target for test code generation:
+# A .c file is generated for each .data file in the suites/ directory. Each .c
+# file depends on a .data and .function file from suites/ directory. Following
+# nameing convention is followed:
+#
+# C file | Depends on
+#-----------------------------------------------------------------------------
+# foo.c | suites/foo.function suites/foo.data
+# foo.bar.c | suites/foo.function suites/foo.bar.data
+#
+# Note above that .c and .data files have same base name.
+# However, corresponding .function file's base name is the word before first
+# dot in .c file's base name.
+#
+.SECONDEXPANSION:
+%.c: suites/$$(firstword $$(subst ., ,$$*)).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/host_test.function
echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.ecb
+ $(PYTHON) scripts/generate_test_code.py -f suites/$(firstword $(subst ., ,$*)).function \
+ -d suites/$*.data \
+ -t suites/main_test.function \
+ -p suites/host_test.function \
+ -s suites \
+ --helpers-file suites/helpers.function \
+ -o .
-test_suite_aes.cbc.c : suites/test_suite_aes.function suites/test_suite_aes.cbc.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.cbc
-test_suite_aes.cfb.c : suites/test_suite_aes.function suites/test_suite_aes.cfb.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.cfb
-
-test_suite_aes.ofb.c : suites/test_suite_aes.function suites/test_suite_aes.ofb.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.ofb
-
-test_suite_aes.rest.c : suites/test_suite_aes.function suites/test_suite_aes.rest.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.rest
-
-test_suite_aes.xts.c : suites/test_suite_aes.function suites/test_suite_aes.xts.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.xts
-
-test_suite_cipher.aes.c : suites/test_suite_cipher.function suites/test_suite_cipher.aes.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.aes
-
-test_suite_cipher.arc4.c : suites/test_suite_cipher.function suites/test_suite_cipher.arc4.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.arc4
-
-test_suite_cipher.ccm.c : suites/test_suite_cipher.function suites/test_suite_cipher.ccm.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.ccm
-
-test_suite_cipher.gcm.c : suites/test_suite_cipher.function suites/test_suite_cipher.gcm.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.gcm
-
-test_suite_cipher.blowfish.c : suites/test_suite_cipher.function suites/test_suite_cipher.blowfish.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.blowfish
-
-test_suite_cipher.camellia.c : suites/test_suite_cipher.function suites/test_suite_cipher.camellia.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.camellia
-
-test_suite_cipher.des.c : suites/test_suite_cipher.function suites/test_suite_cipher.des.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.des
-
-test_suite_cipher.null.c : suites/test_suite_cipher.function suites/test_suite_cipher.null.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.null
-
-test_suite_cipher.padding.c : suites/test_suite_cipher.function suites/test_suite_cipher.padding.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.padding
-
-test_suite_gcm.aes128_de.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes128_de.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes128_de
-
-test_suite_gcm.aes192_de.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes192_de.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes192_de
-
-test_suite_gcm.aes256_de.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes256_de.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes256_de
-
-test_suite_gcm.aes128_en.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes128_en.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes128_en
-
-test_suite_gcm.aes192_en.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes192_en.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes192_en
-
-test_suite_gcm.aes256_en.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes256_en.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes256_en
-
-test_suite_gcm.camellia.c : suites/test_suite_gcm.function suites/test_suite_gcm.camellia.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.camellia
-
-test_suite_hkdf.c : suites/test_suite_hkdf.function suites/test_suite_hkdf.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_hkdf test_suite_hkdf
-
-test_suite_hmac_drbg.misc.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.misc.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.misc
-
-test_suite_hmac_drbg.no_reseed.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.no_reseed.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.no_reseed
-
-test_suite_hmac_drbg.nopr.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.nopr.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.nopr
-
-test_suite_hmac_drbg.pr.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.pr.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.pr
-
-%.c : suites/%.function suites/%.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
- echo " Gen $@"
- perl scripts/generate_code.pl suites $* $*
-
-test_suite_aes.ecb$(EXEXT): test_suite_aes.ecb.c $(DEP)
+$(BINARIES): %$(EXEXT): %.c $(DEP)
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-test_suite_aes.cbc$(EXEXT): test_suite_aes.cbc.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_aes.cfb$(EXEXT): test_suite_aes.cfb.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_aes.ofb$(EXEXT): test_suite_aes.ofb.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_aes.rest$(EXEXT): test_suite_aes.rest.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_aes.xts$(EXEXT): test_suite_aes.xts.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_arc4$(EXEXT): test_suite_arc4.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_asn1write$(EXEXT): test_suite_asn1write.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_base64$(EXEXT): test_suite_base64.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_blowfish$(EXEXT): test_suite_blowfish.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_camellia$(EXEXT): test_suite_camellia.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_ccm$(EXEXT): test_suite_ccm.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cmac$(EXEXT): test_suite_cmac.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.aes$(EXEXT): test_suite_cipher.aes.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.arc4$(EXEXT): test_suite_cipher.arc4.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.ccm$(EXEXT): test_suite_cipher.ccm.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.gcm$(EXEXT): test_suite_cipher.gcm.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.blowfish$(EXEXT): test_suite_cipher.blowfish.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.camellia$(EXEXT): test_suite_cipher.camellia.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.des$(EXEXT): test_suite_cipher.des.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.null$(EXEXT): test_suite_cipher.null.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_cipher.padding$(EXEXT): test_suite_cipher.padding.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_ctr_drbg$(EXEXT): test_suite_ctr_drbg.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_des$(EXEXT): test_suite_des.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_dhm$(EXEXT): test_suite_dhm.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_ecdh$(EXEXT): test_suite_ecdh.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_ecdsa$(EXEXT): test_suite_ecdsa.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_ecjpake$(EXEXT): test_suite_ecjpake.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_ecp$(EXEXT): test_suite_ecp.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_entropy$(EXEXT): test_suite_entropy.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_error$(EXEXT): test_suite_error.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_gcm.aes128_de$(EXEXT): test_suite_gcm.aes128_de.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_gcm.aes192_de$(EXEXT): test_suite_gcm.aes192_de.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_gcm.aes256_de$(EXEXT): test_suite_gcm.aes256_de.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_gcm.aes128_en$(EXEXT): test_suite_gcm.aes128_en.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_gcm.aes192_en$(EXEXT): test_suite_gcm.aes192_en.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_gcm.aes256_en$(EXEXT): test_suite_gcm.aes256_en.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_gcm.camellia$(EXEXT): test_suite_gcm.camellia.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_hkdf$(EXEXT): test_suite_hkdf.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_hmac_drbg.misc$(EXEXT): test_suite_hmac_drbg.misc.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_hmac_drbg.no_reseed$(EXEXT): test_suite_hmac_drbg.no_reseed.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_hmac_drbg.nopr$(EXEXT): test_suite_hmac_drbg.nopr.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_hmac_drbg.pr$(EXEXT): test_suite_hmac_drbg.pr.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_md$(EXEXT): test_suite_md.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_mdx$(EXEXT): test_suite_mdx.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_memory_buffer_alloc$(EXEXT): test_suite_memory_buffer_alloc.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_mpi$(EXEXT): test_suite_mpi.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_pem$(EXEXT): test_suite_pem.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_pkcs1_v15$(EXEXT): test_suite_pkcs1_v15.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_pkcs1_v21$(EXEXT): test_suite_pkcs1_v21.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_pkcs5$(EXEXT): test_suite_pkcs5.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_pkparse$(EXEXT): test_suite_pkparse.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_pkwrite$(EXEXT): test_suite_pkwrite.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_pk$(EXEXT): test_suite_pk.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_rsa$(EXEXT): test_suite_rsa.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_shax$(EXEXT): test_suite_shax.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_ssl$(EXEXT): test_suite_ssl.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_timing$(EXEXT): test_suite_timing.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_x509parse$(EXEXT): test_suite_x509parse.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_x509write$(EXEXT): test_suite_x509write.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_xtea$(EXEXT): test_suite_xtea.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_debug$(EXEXT): test_suite_debug.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_version$(EXEXT): test_suite_version.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test_suite_aria$(EXEXT): test_suite_aria.c $(DEP)
- echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
clean:
ifndef WINDOWS
- rm -f $(APPS) *.c
+ rm -rf $(APPS) *.c *.datax TESTS
else
- del /Q /F *.c *.exe
+ del /Q /F *.c *.exe *.datax
+ifneq ($(wildcard TESTS/.*),)
+ rmdir /Q /S TESTS
+endif
endif
-check: $(APPS)
+check: $(BINARIES)
perl scripts/run-test-suites.pl
test: check
+
+# Create separate targets for generating embedded tests.
+EMBEDDED_TESTS := $(addprefix embedded_,$(APPS))
+
+# Generate test code for target.
+
+.SECONDEXPANSION:
+$(EMBEDDED_TESTS): embedded_%: suites/$$(firstword $$(subst ., ,$$*)).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/target_test.function
+ echo " Gen ./TESTS/mbedtls/$*/$*.c"
+ $(PYTHON) scripts/generate_test_code.py -f suites/$(firstword $(subst ., ,$*)).function \
+ -d suites/$*.data \
+ -t suites/main_test.function \
+ -p suites/target_test.function \
+ -s suites \
+ --helpers-file suites/helpers.function \
+ -o ./TESTS/mbedtls/$*
+
+generate-target-tests: $(EMBEDDED_TESTS)
+
diff --git a/tests/compat.sh b/tests/compat.sh
index d383cb4..bf65e5e 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -42,6 +42,9 @@
PEER_GNUTLS=""
else
PEER_GNUTLS=" GnuTLS"
+ if [ $MINOR -lt 4 ]; then
+ GNUTLS_MINOR_LT_FOUR='x'
+ fi
fi
fi
else
@@ -58,7 +61,8 @@
# - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions
# avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL)
# - ARIA: not in default config.h + requires OpenSSL >= 1.1.1
-EXCLUDE='NULL\|DES-CBC-\|RC4\|ARCFOUR\|ARIA'
+# - ChachaPoly: requires OpenSSL >= 1.1.0
+EXCLUDE='NULL\|DES-CBC-\|RC4\|ARCFOUR\|ARIA\|CHACHA20-POLY1305'
VERBOSE=""
MEMCHECK=0
PEERS="OpenSSL$PEER_GNUTLS mbedTLS"
@@ -437,6 +441,9 @@
# NOTE: for some reason RSA-PSK doesn't work with OpenSSL,
# so RSA-PSK ciphersuites need to go in other sections, see
# https://github.com/ARMmbed/mbedtls/issues/1419
+#
+# ChachaPoly suites are here rather than in "common", as they were added in
+# GnuTLS in 3.5.0 and the CI only has 3.4.x so far.
add_openssl_ciphersuites()
{
case $TYPE in
@@ -468,6 +475,7 @@
TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \
TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \
+ TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \
"
O_CIPHERS="$O_CIPHERS \
ECDH-ECDSA-AES128-SHA256 \
@@ -476,6 +484,7 @@
ECDH-ECDSA-AES256-GCM-SHA384 \
ECDHE-ECDSA-ARIA256-GCM-SHA384 \
ECDHE-ECDSA-ARIA128-GCM-SHA256 \
+ ECDHE-ECDSA-CHACHA20-POLY1305 \
"
fi
;;
@@ -498,6 +507,8 @@
TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \
TLS-RSA-WITH-ARIA-128-GCM-SHA256 \
+ TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
+ TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
"
O_CIPHERS="$O_CIPHERS \
ECDHE-ARIA256-GCM-SHA384 \
@@ -506,6 +517,8 @@
ECDHE-ARIA128-GCM-SHA256 \
DHE-RSA-ARIA128-GCM-SHA256 \
ARIA128-GCM-SHA256 \
+ DHE-RSA-CHACHA20-POLY1305 \
+ ECDHE-RSA-CHACHA20-POLY1305 \
"
fi
;;
@@ -518,12 +531,18 @@
TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \
TLS-PSK-WITH-ARIA-256-GCM-SHA384 \
TLS-PSK-WITH-ARIA-128-GCM-SHA256 \
+ TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \
+ TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
+ TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
"
O_CIPHERS="$O_CIPHERS \
DHE-PSK-ARIA256-GCM-SHA384 \
DHE-PSK-ARIA128-GCM-SHA256 \
PSK-ARIA256-GCM-SHA384 \
PSK-ARIA128-GCM-SHA256 \
+ DHE-PSK-CHACHA20-POLY1305 \
+ ECDHE-PSK-CHACHA20-POLY1305 \
+ PSK-CHACHA20-POLY1305 \
"
fi
;;
@@ -545,12 +564,20 @@
TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
+ TLS-ECDHE-ECDSA-WITH-AES-128-CCM \
+ TLS-ECDHE-ECDSA-WITH-AES-256-CCM \
+ TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
+ TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \
"
G_CIPHERS="$G_CIPHERS \
+ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \
+ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \
+ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \
+ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \
+ +ECDHE-ECDSA:+AES-128-CCM:+AEAD \
+ +ECDHE-ECDSA:+AES-256-CCM:+AEAD \
+ +ECDHE-ECDSA:+AES-128-CCM-8:+AEAD \
+ +ECDHE-ECDSA:+AES-256-CCM-8:+AEAD \
"
fi
;;
@@ -580,6 +607,14 @@
TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
+ TLS-RSA-WITH-AES-128-CCM \
+ TLS-RSA-WITH-AES-256-CCM \
+ TLS-DHE-RSA-WITH-AES-128-CCM \
+ TLS-DHE-RSA-WITH-AES-256-CCM \
+ TLS-RSA-WITH-AES-128-CCM-8 \
+ TLS-RSA-WITH-AES-256-CCM-8 \
+ TLS-DHE-RSA-WITH-AES-128-CCM-8 \
+ TLS-DHE-RSA-WITH-AES-256-CCM-8 \
"
G_CIPHERS="$G_CIPHERS \
+ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
@@ -594,6 +629,14 @@
+DHE-RSA:+CAMELLIA-256-GCM:+AEAD \
+RSA:+CAMELLIA-128-GCM:+AEAD \
+RSA:+CAMELLIA-256-GCM:+AEAD \
+ +RSA:+AES-128-CCM:+AEAD \
+ +RSA:+AES-256-CCM:+AEAD \
+ +RSA:+AES-128-CCM-8:+AEAD \
+ +RSA:+AES-256-CCM-8:+AEAD \
+ +DHE-RSA:+AES-128-CCM:+AEAD \
+ +DHE-RSA:+AES-256-CCM:+AEAD \
+ +DHE-RSA:+AES-128-CCM-8:+AEAD \
+ +DHE-RSA:+AES-256-CCM-8:+AEAD \
"
fi
;;
@@ -665,6 +708,14 @@
TLS-PSK-WITH-AES-256-GCM-SHA384 \
TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
+ TLS-PSK-WITH-AES-128-CCM \
+ TLS-PSK-WITH-AES-256-CCM \
+ TLS-DHE-PSK-WITH-AES-128-CCM \
+ TLS-DHE-PSK-WITH-AES-256-CCM \
+ TLS-PSK-WITH-AES-128-CCM-8 \
+ TLS-PSK-WITH-AES-256-CCM-8 \
+ TLS-DHE-PSK-WITH-AES-128-CCM-8 \
+ TLS-DHE-PSK-WITH-AES-256-CCM-8 \
TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
@@ -695,6 +746,14 @@
+PSK:+AES-256-GCM:+AEAD \
+DHE-PSK:+AES-128-GCM:+AEAD \
+DHE-PSK:+AES-256-GCM:+AEAD \
+ +PSK:+AES-128-CCM:+AEAD \
+ +PSK:+AES-256-CCM:+AEAD \
+ +DHE-PSK:+AES-128-CCM:+AEAD \
+ +DHE-PSK:+AES-256-CCM:+AEAD \
+ +PSK:+AES-128-CCM-8:+AEAD \
+ +PSK:+AES-256-CCM-8:+AEAD \
+ +DHE-PSK:+AES-128-CCM-8:+AEAD \
+ +DHE-PSK:+AES-256-CCM-8:+AEAD \
+RSA-PSK:+CAMELLIA-128-GCM:+AEAD \
+RSA-PSK:+CAMELLIA-256-GCM:+AEAD \
+PSK:+CAMELLIA-128-GCM:+AEAD \
@@ -737,10 +796,6 @@
M_CIPHERS="$M_CIPHERS \
TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-ECDHE-ECDSA-WITH-AES-128-CCM \
- TLS-ECDHE-ECDSA-WITH-AES-256-CCM \
- TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
- TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \
TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \
TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \
TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \
@@ -755,14 +810,6 @@
if [ `minor_ver "$MODE"` -ge 3 ]
then
M_CIPHERS="$M_CIPHERS \
- TLS-RSA-WITH-AES-128-CCM \
- TLS-RSA-WITH-AES-256-CCM \
- TLS-DHE-RSA-WITH-AES-128-CCM \
- TLS-DHE-RSA-WITH-AES-256-CCM \
- TLS-RSA-WITH-AES-128-CCM-8 \
- TLS-RSA-WITH-AES-256-CCM-8 \
- TLS-DHE-RSA-WITH-AES-128-CCM-8 \
- TLS-DHE-RSA-WITH-AES-256-CCM-8 \
TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \
TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \
TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \
@@ -789,14 +836,6 @@
if [ `minor_ver "$MODE"` -ge 3 ]
then
M_CIPHERS="$M_CIPHERS \
- TLS-PSK-WITH-AES-128-CCM \
- TLS-PSK-WITH-AES-256-CCM \
- TLS-DHE-PSK-WITH-AES-128-CCM \
- TLS-DHE-PSK-WITH-AES-256-CCM \
- TLS-PSK-WITH-AES-128-CCM-8 \
- TLS-PSK-WITH-AES-256-CCM-8 \
- TLS-DHE-PSK-WITH-AES-128-CCM-8 \
- TLS-DHE-PSK-WITH-AES-256-CCM-8 \
TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-PSK-WITH-ARIA-256-CBC-SHA384 \
@@ -807,6 +846,7 @@
TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \
+ TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \
"
fi
;;
@@ -842,10 +882,17 @@
exit 1;
esac
+ # GnuTLS < 3.4 will choke if we try to allow CCM-8
+ if [ -z "${GNUTLS_MINOR_LT_FOUR-}" ]; then
+ G_PRIO_CCM="+AES-256-CCM-8:+AES-128-CCM-8:"
+ else
+ G_PRIO_CCM=""
+ fi
+
M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem"
G_SERVER_ARGS="-p $PORT --http $G_MODE"
- G_SERVER_PRIO="NORMAL:+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
+ G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
# with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes
if is_dtls "$MODE"; then
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 4a24352..df2c034 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -113,7 +113,7 @@
$(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
all_final += server7-future.crt
server7-badsign.crt: server7.crt $(test_ca_int_rsa1)
- { head -n-2 server7.crt; tail -n-2 server7.crt | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat test-int-ca.crt; } > server7-badsign.crt
+ { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@
all_final += server7-badsign.crt
server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt
cat server7.crt test-int-ca-exp.crt > $@
@@ -128,6 +128,19 @@
$(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@
all_final += server5-ss-forgeca.crt
+server10-badsign.crt: server10.crt
+ { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += server10-badsign.crt
+server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt
+ cat server10-badsign.crt test-int-ca3.crt > $@
+all_final += server10-bs_int3.pem
+test-int-ca3-badsign.crt: test-int-ca3.crt
+ { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += test-int-ca3-badsign.crt
+server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt
+ cat server10.crt test-int-ca3-badsign.crt > $@
+all_final += server10-bs_int3-bs.pem
+
rsa_pkcs1_2048_public.pem: server8.key
$(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@
all_final += rsa_pkcs1_2048_public.pem
diff --git a/tests/data_files/Readme-x509.txt b/tests/data_files/Readme-x509.txt
index b56346a..6f54ed0 100644
--- a/tests/data_files/Readme-x509.txt
+++ b/tests/data_files/Readme-x509.txt
@@ -16,11 +16,13 @@
Two intermediate CAs are signed by them:
- test-int-ca.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA"
uses RSA-4096, signed by test-ca2
+ - test-int-ca-exp.crt is a copy that is expired
- test-int-ca2.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA"
- uses an EC key with NIST P-256, signed by test-ca
+ uses an EC key with NIST P-384, signed by test-ca
A third intermediate CA is signed by test-int-ca2.crt:
- test-int-ca3.crt "C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3"
+ uses an EC key with NIST P-256, signed by test-int-ca2
Finally, other CAs for specific purposes:
- enco-ca-prstr.pem: has its CN encoded as a printable string, but child cert
@@ -65,21 +67,41 @@
- server2*.crt: 1 R L: misc
- server3.crt: 1 E L: EC cert signed by RSA CA
- server4.crt: 2 R L: RSA cert signed by EC CA
-- server5*.crt: 2* E L: misc *(except server5-selfsigned)
+- server5*.crt: 2* E L: misc *(except -selfsigned and -ss-*)
-sha*: hashes
- -eku*: extendeKeyUsage (cli/srv = www client/server, cs = codesign, etc)
- -ku*: keyUsage (ds = signatures, ke/ka = key exchange/agreement)
+ .eku*: extendeKeyUsage (cli/srv = www client/server, cs = codesign, etc)
+ .ku*: keyUsage (ds = signatures, ke/ka = key exchange/agreement)
+ .req*: CSR, not certificate
+ -der*: trailing bytes in der (?)
+ -badsign.crt: S5 with corrupted signature
+ -expired.crt: S5 with "not after" date in the past
+ -future.crt: S5 with "not before" date in the future
+ -selfsigned.crt: Self-signed cert with S5 key
+ -ss-expired.crt: Self-signed cert with S5 key, expired
+ -ss-forgeca.crt: Copy of test-int-ca3 self-signed with S5 key
- server6-ss-child.crt: O E: "child" of non-CA server5-selfsigned
- server6.crt, server6.pem: 2 E L C: revoked
-- server7*.crt: I1 E L P1*: EC signed by RSA signed by EC
- *P1 except 7.crt, P2 _int-ca_ca2.crt
- *_space: with PEM error(s)
- _spurious: has spurious cert in its chain (S7 + I2 + I1)
+- server7.crt: I1 E L P1(usually): EC signed by RSA signed by EC
+ -badsign.crt: S7 with corrupted signature + I1
+ -expired.crt: S7 with "not after" date in the past + I1
+ -future.crt: S7 with "not before" date in the future + I1
+ _int-ca-exp.crt: S7 + expired I1
+ _int-ca.crt: S7 + I1
+ _int-ca_ca2.crt: S7 + I1 + 2
+ _all_space.crt: S7 + I1 both with misplaced spaces (invalid PEM)
+ _pem_space.crt: S7 with misplace space (invalid PEM) + I1
+ _trailing_space.crt: S7 + I1 both with trainling space (valid PEM)
+ _spurious_int-ca.crt: S7 + I2(spurious) + I1
- server8*.crt: I2 R L: RSA signed by EC signed by RSA (P1 for _int-ca2)
- server9*.crt: 1 R C* L P1*: signed using RSASSA-PSS
*CRL for: 9.crt, -badsign, -with-ca (P1)
-- server10*.crt: I3 E L P2/P3
- _spurious: S10 + I3 + I1(spurious) + I2
+- server10.crt: I3 E L
+ -badsign.crt: S10 with corrupted signature
+ -bs_int3.pem: S10-badsign + I3
+ _int3-bs.pem: S10 + I3-badsign
+ _int3_int-ca2.crt: S10 + I3 + I2
+ _int3_int-ca2_ca.crt: S10 + I3 + I2 + 1
+ _int3_spurious_int-ca2.crt: S10 + I3 + I1(spurious) + I2
Certificate revocation lists
----------------------------
diff --git a/tests/data_files/server10-badsign.crt b/tests/data_files/server10-badsign.crt
new file mode 100644
index 0000000..eca171f
--- /dev/null
+++ b/tests/data_files/server10-badsign.crt
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
+A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
+YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
+VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
+oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
+Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
+rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
+AzO3pJx7WJAApZuBX10=
+-----END CERTIFICATE-----
diff --git a/tests/data_files/server10-bs_int3.pem b/tests/data_files/server10-bs_int3.pem
new file mode 100644
index 0000000..b84cee7
--- /dev/null
+++ b/tests/data_files/server10-bs_int3.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
+A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
+YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
+VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
+oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
+Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
+rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
+AzO3pJx7WJAApZuBX10=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
+ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
+Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
+pz590JvGWfM=
+-----END CERTIFICATE-----
diff --git a/tests/data_files/server10.crt b/tests/data_files/server10.crt
new file mode 100644
index 0000000..96a4040
--- /dev/null
+++ b/tests/data_files/server10.crt
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
+A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
+YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
+VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
+oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
+Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
+rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
+AzO3pJx7WJAApZuBX1Q=
+-----END CERTIFICATE-----
diff --git a/tests/data_files/server10_int3-bs.pem b/tests/data_files/server10_int3-bs.pem
new file mode 100644
index 0000000..a9e0615
--- /dev/null
+++ b/tests/data_files/server10_int3-bs.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
+A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
+YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
+VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
+oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
+Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
+rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
+AzO3pJx7WJAApZuBX1Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
+ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
+Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
+pz590JvGWf0=
+-----END CERTIFICATE-----
diff --git a/tests/data_files/test-int-ca3-badsign.crt b/tests/data_files/test-int-ca3-badsign.crt
new file mode 100644
index 0000000..2087056
--- /dev/null
+++ b/tests/data_files/test-int-ca3-badsign.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
+ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
+Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
+pz590JvGWf0=
+-----END CERTIFICATE-----
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 8ae720e..36af179 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -35,9 +35,9 @@
# * GNU Make
# * CMake
# * GCC and Clang (recent enough for using ASan with gcc and MemSan with clang, or valgrind)
+# * G++
# * arm-gcc and mingw-gcc
# * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc
-# * Yotta build dependencies, unless invoked with --no-yotta
# * OpenSSL and GnuTLS command line tools, recent enough for the
# interoperability tests. If they don't support SSLv3 then a legacy
# version of these tools must be present as well (search for LEGACY
@@ -95,7 +95,6 @@
FORCE=0
KEEP_GOING=0
RUN_ARMCC=1
-YOTTA=1
# Default commands, can be overriden by the environment
: ${OPENSSL:="openssl"}
@@ -129,12 +128,10 @@
--no-force Refuse to overwrite modified files (default).
--no-keep-going Stop at the first error (default).
--no-memory No additional memory tests (default).
- --no-yotta Skip yotta module build.
--out-of-source-dir=<path> Directory used for CMake out-of-source build tests.
--random-seed Use a random seed value for randomized tests (default).
-r|--release-test Run this script in release mode. This fixes the seed value to 1.
-s|--seed Integer seed value to use for this test run.
- --yotta Build yotta module (on by default).
Tool path options:
--armc5-bin-dir=<ARMC5_bin_dir_path> ARM Compiler 5 bin directory.
@@ -159,7 +156,7 @@
command make clean
# Remove CMake artefacts
- find . -name .git -prune -o -name yotta -prune -o \
+ find . -name .git -prune \
-iname CMakeFiles -exec rm -rf {} \+ -o \
\( -iname cmake_install.cmake -o \
-iname CTestTestfile.cmake -o \
@@ -220,13 +217,21 @@
check_tools()
{
for TOOL in "$@"; do
- if ! `hash "$TOOL" >/dev/null 2>&1`; then
+ if ! `type "$TOOL" >/dev/null 2>&1`; then
err_msg "$TOOL not found!"
exit 1
fi
done
}
+check_headers_in_cpp () {
+ ls include/mbedtls >headers.txt
+ <programs/test/cpp_dummy_build.cpp sed -n 's/"$//; s!^#include "mbedtls/!!p' |
+ sort |
+ diff headers.txt -
+ rm headers.txt
+}
+
while [ $# -gt 0 ]; do
case "$1" in
--armcc) RUN_ARMCC=1;;
@@ -244,7 +249,6 @@
--no-force) FORCE=0;;
--no-keep-going) KEEP_GOING=0;;
--no-memory) MEMORY=0;;
- --no-yotta) YOTTA=0;;
--openssl) shift; OPENSSL="$1";;
--openssl-legacy) shift; OPENSSL_LEGACY="$1";;
--openssl-next) shift; OPENSSL_NEXT="$1";;
@@ -252,7 +256,6 @@
--random-seed) unset SEED;;
--release-test|-r) SEED=1;;
--seed|-s) shift; SEED="$1";;
- --yotta) YOTTA=1;;
*)
echo >&2 "Unknown option: $1"
echo >&2 "Run $0 --help for usage."
@@ -263,20 +266,10 @@
done
if [ $FORCE -eq 1 ]; then
- if [ $YOTTA -eq 1 ]; then
- rm -rf yotta/module "$OUT_OF_SOURCE_DIR"
- fi
git checkout-index -f -q $CONFIG_H
cleanup
else
- if [ $YOTTA -ne 0 ] && [ -d yotta/module ]; then
- err_msg "Warning - there is an existing yotta module in the directory 'yotta/module'"
- echo "You can either delete your work and retry, or force the test to overwrite the"
- echo "test by rerunning the script as: $0 --force"
- exit 1
- fi
-
if [ -d "$OUT_OF_SOURCE_DIR" ]; then
echo "Warning - there is an existing directory at '$OUT_OF_SOURCE_DIR'" >&2
echo "You can either delete this directory manually, or force the test by rerunning"
@@ -339,6 +332,7 @@
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
echo "${start_red}FAILED: $failure_count${end_color}$failure_summary"
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+ exit 1
elif [ -z "${1-}" ]; then
echo "SUCCESS :)"
fi
@@ -357,6 +351,12 @@
fi
}
+# to be used instead of ! for commands run with
+# record_status or if_build_succeeded
+not() {
+ ! "$@"
+}
+
msg "info: $0 configuration"
echo "MEMORY: $MEMORY"
echo "FORCE: $FORCE"
@@ -446,14 +446,6 @@
#### Build and test many configurations and targets
################################################################
-if [ $RUN_ARMCC -ne 0 ] && [ $YOTTA -ne 0 ]; then
- # Note - use of yotta is deprecated, and yotta also requires armcc to be on the
- # path, and uses whatever version of armcc it finds there.
- msg "build: create and build yotta module" # ~ 30s
- cleanup
- record_status tests/scripts/yotta-build.sh
-fi
-
msg "build: cmake, gcc, ASan" # ~ 1 min 50s
cleanup
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
@@ -520,6 +512,48 @@
msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
tests/compat.sh -t RSA
+msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
+scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
+CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+make
+
+msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
+if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet"
+
+msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096
+scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
+CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+make
+
+msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
+if_build_succeeded tests/ssl-opt.sh -f "Max fragment"
+
+msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0"
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000
+CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+make
+
+msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test"
+if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg"
+
+msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1"
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240
+CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+make
+
+msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test"
+if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
+
msg "build: cmake, full config, clang" # ~ 50s
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
@@ -537,8 +571,26 @@
msg "test: compat.sh RC4, DES & NULL (full config)" # ~ 2 min
if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
-msg "test: compat.sh ARIA"
-if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA'
+msg "test: compat.sh ARIA + ChachaPoly"
+if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
+
+msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl full
+scripts/config.pl set MBEDTLS_DEPRECATED_WARNING
+# Build with -O -Wextra to catch a maximum of issues.
+make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs
+make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
+
+msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s
+# No cleanup, just tweak the configuration and rebuild
+make clean
+scripts/config.pl unset MBEDTLS_DEPRECATED_WARNING
+scripts/config.pl set MBEDTLS_DEPRECATED_REMOVED
+# Build with -O -Wextra to catch a maximum of issues.
+make CC=clang CFLAGS='-O -Werror -Wall -Wextra' lib programs
+make CC=clang CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
msg "test/build: curves.pl (gcc)" # ~ 4 min
cleanup
@@ -560,6 +612,12 @@
cleanup
make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os'
+msg "test: verify header list in cpp_dummy_build.cpp"
+record_status check_headers_in_cpp
+
+msg "build: Unix make, incremental g++"
+make TEST_CPP=1
+
# Full configuration build, without platform support, file IO and net sockets.
# This should catch missing mbedtls_printf definitions, and by disabling file
# IO, it should catch missing '#include <stdio.h>'
@@ -616,6 +674,7 @@
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib
+# Run max fragment length tests with MFL disabled
msg "build: default config except MFL extension (ASan build)" # ~ 30s
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
@@ -626,6 +685,18 @@
msg "test: ssl-opt.sh, MFL-related tests"
if_build_succeeded tests/ssl-opt.sh -f "Max fragment length"
+msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)"
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
+scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
+CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+make
+
+msg "test: MFL tests (disabled MFL extension case) & large packet tests"
+if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer"
+
msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
@@ -676,15 +747,30 @@
fi
if uname -a | grep -F x86_64 >/dev/null; then
- msg "build: i386, make, gcc" # ~ 30s
+ # Build once with -O0, to compile out the i386 specific inline assembly
+ msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
cleanup
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -m32'
+ cp "$CONFIG_H" "$CONFIG_BAK"
+ scripts/config.pl full
+ make CC=gcc CFLAGS='-O0 -Werror -Wall -Wextra -m32 -fsanitize=address'
- msg "test: i386, make, gcc"
+ msg "test: i386, make, gcc -O0 (ASan build)"
+ make test
+
+ # Build again with -O1, to compile in the i386 specific inline assembly
+ msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s
+ cleanup
+ cp "$CONFIG_H" "$CONFIG_BAK"
+ scripts/config.pl full
+ make CC=gcc CFLAGS='-O1 -Werror -Wall -Wextra -m32 -fsanitize=address'
+
+ msg "test: i386, make, gcc -O1 (ASan build)"
make test
msg "build: 64-bit ILP32, make, gcc" # ~ 30s
cleanup
+ cp "$CONFIG_H" "$CONFIG_BAK"
+ scripts/config.pl full
make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32'
msg "test: 64-bit ILP32, make, gcc"
@@ -713,6 +799,31 @@
msg "test: gcc, force 64-bit bignum limbs"
make test
+
+msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl full
+scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION
+make CFLAGS='-Werror -O1'
+
+msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
+make test
+
+
+msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl full
+scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION
+make CFLAGS='-Werror -O1'
+
+msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
+make test
+
+
msg "build: arm-none-eabi-gcc, make" # ~ 10s
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
@@ -748,7 +859,27 @@
scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION
make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
echo "Checking that software 64-bit division is not required"
-! grep __aeabi_uldiv library/*.o
+if_build_succeeded not grep __aeabi_uldiv library/*.o
+
+msg "build: arm-none-eabi-gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl full
+scripts/config.pl unset MBEDTLS_NET_C
+scripts/config.pl unset MBEDTLS_TIMING_C
+scripts/config.pl unset MBEDTLS_FS_IO
+scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
+# following things are not in the default config
+scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
+scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
+scripts/config.pl unset MBEDTLS_THREADING_C
+scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
+scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
+scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION
+make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib
+echo "Checking that software 64-bit multiplication is not required"
+if_build_succeeded not grep __aeabi_lmul library/*.o
msg "build: ARM Compiler 5, make"
cleanup
@@ -896,16 +1027,30 @@
rm -rf "$OUT_OF_SOURCE_DIR"
unset MBEDTLS_ROOT_DIR
+# Test that the function mbedtls_platform_zeroize() is not optimized away by
+# different combinations of compilers and optimization flags by using an
+# auxiliary GDB script. Unfortunately, GDB does not return error values to the
+# system in all cases that the script fails, so we must manually search the
+# output to check whether the pass string is present and no failure strings
+# were printed.
for optimization_flag in -O2 -O3 -Ofast -Os; do
for compiler in clang gcc; do
msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()"
cleanup
- CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" make programs
- gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx
+ make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag"
+ if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log
+ if_build_succeeded [ -s test_zeroize.log ]
+ if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log
+ if_build_succeeded not grep -i "error" test_zeroize.log
+ rm -f test_zeroize.log
done
done
+msg "Lint: Python scripts"
+tests/scripts/check-python-files.sh
+msg "uint test: generate_test_code.py"
+./tests/scripts/test_generate_test_code.py
################################################################
#### Termination
diff --git a/tests/scripts/check-doxy-blocks.pl b/tests/scripts/check-doxy-blocks.pl
index b0fd696..4967699 100755
--- a/tests/scripts/check-doxy-blocks.pl
+++ b/tests/scripts/check-doxy-blocks.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# Detect comment blocks that are likely meant to be doxygen blocks but aren't.
#
diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh
index 4c66440..f18a162 100755
--- a/tests/scripts/check-names.sh
+++ b/tests/scripts/check-names.sh
@@ -40,7 +40,7 @@
for THING in actual-macros enum-consts; do
printf "Names of $THING: "
test -r $THING
- BAD=$( grep -v '^MBEDTLS_[0-9A-Z_]*[0-9A-Z]$\|^YOTTA_[0-9A-Z_]*[0-9A-Z]$' $THING || true )
+ BAD=$( grep -v '^MBEDTLS_[0-9A-Z_]*[0-9A-Z]$' $THING || true )
if [ "x$BAD" = "x" ]; then
echo "PASS"
else
diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh
new file mode 100755
index 0000000..009ba4c
--- /dev/null
+++ b/tests/scripts/check-python-files.sh
@@ -0,0 +1,18 @@
+#! /usr/bin/env sh
+
+# This file is part of Mbed TLS (https://tls.mbed.org)
+#
+# Copyright (c) 2018, Arm Limited, All Rights Reserved
+#
+# Purpose:
+#
+# Run 'pylint' on Python files for programming errors and helps enforcing
+# PEP8 coding standards.
+
+if `hash pylint > /dev/null 2>&1`; then
+ pylint -j 2 tests/scripts/generate_test_code.py --rcfile .pylint
+ pylint -j 2 tests/scripts/test_generate_test_code.py --rcfile .pylint
+ pylint -j 2 tests/scripts/mbedtls_test.py --rcfile .pylint
+else
+ echo "$0: WARNING: 'pylint' not found! Skipping checks on Python files."
+fi
diff --git a/tests/scripts/curves.pl b/tests/scripts/curves.pl
index 0041814..ddc90c5 100755
--- a/tests/scripts/curves.pl
+++ b/tests/scripts/curves.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# curves.pl
#
diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl
index 29dcfb0..f57e7ed 100755
--- a/tests/scripts/depends-hashes.pl
+++ b/tests/scripts/depends-hashes.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# depends-hashes.pl
#
diff --git a/tests/scripts/depends-pkalgs.pl b/tests/scripts/depends-pkalgs.pl
index 14c92b2..97a43e8 100755
--- a/tests/scripts/depends-pkalgs.pl
+++ b/tests/scripts/depends-pkalgs.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# depends-pkalgs.pl
#
diff --git a/tests/scripts/gen_ctr_drbg.pl b/tests/scripts/gen_ctr_drbg.pl
index ee13024..3c074be 100755
--- a/tests/scripts/gen_ctr_drbg.pl
+++ b/tests/scripts/gen_ctr_drbg.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
#
# Based on NIST CTR_DRBG.rsp validation file
# Only uses AES-256-CTR cases that use a Derivation function
diff --git a/tests/scripts/gen_gcm_decrypt.pl b/tests/scripts/gen_gcm_decrypt.pl
index 6decac2..03809cb 100755
--- a/tests/scripts/gen_gcm_decrypt.pl
+++ b/tests/scripts/gen_gcm_decrypt.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
#
# Based on NIST gcmDecryptxxx.rsp validation files
# Only first 3 of every set used for compile time saving
diff --git a/tests/scripts/gen_gcm_encrypt.pl b/tests/scripts/gen_gcm_encrypt.pl
index 8adbbce..29ec677 100755
--- a/tests/scripts/gen_gcm_encrypt.pl
+++ b/tests/scripts/gen_gcm_encrypt.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
#
# Based on NIST gcmEncryptIntIVxxx.rsp validation files
# Only first 3 of every set used for compile time saving
diff --git a/tests/scripts/gen_pkcs1_v21_sign_verify.pl b/tests/scripts/gen_pkcs1_v21_sign_verify.pl
index 678e2f9..110cb4b 100755
--- a/tests/scripts/gen_pkcs1_v21_sign_verify.pl
+++ b/tests/scripts/gen_pkcs1_v21_sign_verify.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
#
use strict;
diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl
deleted file mode 100755
index e489a00..0000000
--- a/tests/scripts/generate_code.pl
+++ /dev/null
@@ -1,411 +0,0 @@
-#!/usr/bin/env perl
-
-# generate_code.pl
-#
-# This file is part of mbed TLS (https://tls.mbed.org)
-#
-# Copyright (c) 2009-2016, ARM Limited, All Rights Reserved
-#
-# Purpose
-#
-# Generates the test suite code given inputs of the test suite directory that
-# contain the test suites, and the test suite file names for the test code and
-# test data.
-#
-# Usage: generate_code.pl <suite dir> <code file> <data file> [main code file]
-#
-# Structure of files
-#
-# - main code file - 'main_test.function'
-# Template file that contains the main() function for the test suite,
-# test dispatch code as well as support functions. It contains the
-# following symbols which are substituted by this script during
-# processing:
-# TESTCASE_FILENAME
-# TESTCODE_FILENAME
-# SUITE_PRE_DEP
-# MAPPING_CODE
-# FUNCTION CODE
-# SUITE_POST_DEP
-# DEP_CHECK_CODE
-# DISPATCH_FUNCTION
-# !LINE_NO!
-#
-# - common helper code file - 'helpers.function'
-# Common helper functions
-#
-# - test suite code file - file name in the form 'test_suite_xxx.function'
-# Code file that contains the actual test cases. The file contains a
-# series of code sequences delimited by the following:
-# BEGIN_HEADER / END_HEADER - list of headers files
-# BEGIN_SUITE_HELPERS / END_SUITE_HELPERS - helper functions common to
-# the test suite
-# BEGIN_CASE / END_CASE - the test cases in the test suite. Each test
-# case contains at least one function that is used to create the
-# dispatch code.
-#
-# - test data file - file name in the form 'test_suite_xxxx.data'
-# The test case parameters to to be used in execution of the test. The
-# file name is used to replace the symbol 'TESTCASE_FILENAME' in the main
-# code file above.
-#
-# A test data file consists of a sequence of paragraphs separated by
-# a single empty line. Line breaks may be in Unix (LF) or Windows (CRLF)
-# format. Lines starting with the character '#' are ignored
-# (the parser behaves as if they were not present).
-#
-# Each paragraph describes one test case and must consist of: (1) one
-# line which is the test case name; (2) an optional line starting with
-# the 11-character prefix "depends_on:"; (3) a line containing the test
-# function to execute and its parameters.
-#
-# A depends_on: line consists of a list of compile-time options
-# separated by the character ':', with no whitespace. The test case
-# is executed only if this compilation option is enabled in config.h.
-#
-# The last line of each paragraph contains a test function name and
-# a list of parameters separated by the character ':'. Running the
-# test case calls this function with the specified parameters. Each
-# parameter may either be an integer written in decimal or hexadecimal,
-# or a string surrounded by double quotes which may not contain the
-# ':' character.
-#
-
-use strict;
-
-my $suite_dir = shift or die "Missing suite directory";
-my $suite_name = shift or die "Missing suite name";
-my $data_name = shift or die "Missing data name";
-my $test_main_file = do { my $arg = shift; defined($arg) ? $arg : $suite_dir."/main_test.function" };
-my $test_file = $data_name.".c";
-my $test_common_helper_file = $suite_dir."/helpers.function";
-my $test_case_file = $suite_dir."/".$suite_name.".function";
-my $test_case_data = $suite_dir."/".$data_name.".data";
-
-my $line_separator = $/;
-undef $/;
-
-
-#
-# Open and read in the input files
-#
-
-open(TEST_HELPERS, "$test_common_helper_file") or die "Opening test helpers
-'$test_common_helper_file': $!";
-my $test_common_helpers = <TEST_HELPERS>;
-close(TEST_HELPERS);
-
-open(TEST_MAIN, "$test_main_file") or die "Opening test main '$test_main_file': $!";
-my @test_main_lines = split/^/, <TEST_MAIN>;
-my $test_main;
-my $index = 2;
-for my $line (@test_main_lines) {
- $line =~ s/!LINE_NO!/$index/;
- $test_main = $test_main.$line;
- $index++;
-}
-close(TEST_MAIN);
-
-open(TEST_CASES, "$test_case_file") or die "Opening test cases '$test_case_file': $!";
-my @test_cases_lines = split/^/, <TEST_CASES>;
-my $test_cases;
-my $index = 2;
-for my $line (@test_cases_lines) {
- if ($line =~ /^\/\* BEGIN_SUITE_HELPERS .*\*\//)
- {
- $line = $line."#line $index \"$test_case_file\"\n";
- }
-
- if ($line =~ /^\/\* BEGIN_CASE .*\*\//)
- {
- $line = $line."#line $index \"$test_case_file\"\n";
- }
-
- $line =~ s/!LINE_NO!/$index/;
-
- $test_cases = $test_cases.$line;
- $index++;
-}
-
-close(TEST_CASES);
-
-open(TEST_DATA, "$test_case_data") or die "Opening test data '$test_case_data': $!";
-my $test_data = <TEST_DATA>;
-close(TEST_DATA);
-
-
-#
-# Find the headers, dependencies, and suites in the test cases file
-#
-
-my ( $suite_header ) = $test_cases =~ /\/\* BEGIN_HEADER \*\/\n(.*?)\n\/\* END_HEADER \*\//s;
-my ( $suite_defines ) = $test_cases =~ /\/\* BEGIN_DEPENDENCIES\n \* (.*?)\n \* END_DEPENDENCIES/s;
-my ( $suite_helpers ) = $test_cases =~ /\/\* BEGIN_SUITE_HELPERS \*\/\n(.*?)\n\/\* END_SUITE_HELPERS \*\//s;
-
-my $requirements;
-if ($suite_defines =~ /^depends_on:/)
-{
- ( $requirements ) = $suite_defines =~ /^depends_on:(.*)$/;
-}
-
-my @var_req_arr = split(/:/, $requirements);
-my $suite_pre_code;
-my $suite_post_code;
-my $dispatch_code;
-my $mapping_code;
-my %mapping_values;
-
-while (@var_req_arr)
-{
- my $req = shift @var_req_arr;
- $req =~ s/(!?)(.*)/$1defined($2)/;
-
- $suite_pre_code .= "#if $req\n";
- $suite_post_code .= "#endif /* $req */\n";
-}
-
-$/ = $line_separator;
-
-open(TEST_FILE, ">$test_file") or die "Opening destination file '$test_file': $!";
-print TEST_FILE << "END";
-/*
- * *** THIS FILE HAS BEEN MACHINE GENERATED ***
- *
- * This file has been machine generated using the script: $0
- *
- * Test file : $test_file
- *
- * The following files were used to create this file.
- *
- * Main code file : $test_main_file
- * Helper file : $test_common_helper_file
- * Test suite file : $test_case_file
- * Test suite data : $test_case_data
- *
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include <mbedtls/config.h>
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-
-/*----------------------------------------------------------------------------*/
-/* Common helper code */
-
-$test_common_helpers
-
-
-/*----------------------------------------------------------------------------*/
-/* Test Suite Code */
-
-$suite_pre_code
-$suite_header
-$suite_helpers
-$suite_post_code
-
-END
-
-$test_main =~ s/SUITE_PRE_DEP/$suite_pre_code/;
-$test_main =~ s/SUITE_POST_DEP/$suite_post_code/;
-
-while($test_cases =~ /\/\* BEGIN_CASE *([\w:]*) \*\/\n(.*?)\n\/\* END_CASE \*\//msg)
-{
- my $function_deps = $1;
- my $function_decl = $2;
-
- # Sanity checks of function
- if ($function_decl !~ /^#line\s*.*\nvoid /)
- {
- die "Test function does not have 'void' as return type.\n" .
- "Function declaration:\n" .
- $function_decl;
- }
- if ($function_decl !~ /^(#line\s*.*)\nvoid (\w+)\(\s*(.*?)\s*\)\s*{(.*)}/ms)
- {
- die "Function declaration not in expected format\n";
- }
- my $line_directive = $1;
- my $function_name = $2;
- my $function_params = $3;
- my $function_pre_code;
- my $function_post_code;
- my $param_defs;
- my $param_checks;
- my @dispatch_params;
- my @var_def_arr = split(/,\s*/, $function_params);
- my $i = 1;
- my $mapping_regex = "".$function_name;
- my $mapping_count = 0;
-
- $function_decl =~ s/(^#line\s*.*)\nvoid /$1\nvoid test_suite_/;
-
- # Add exit label if not present
- if ($function_decl !~ /^exit:$/m)
- {
- $function_decl =~ s/}\s*$/\nexit:\n return;\n}/;
- }
-
- if ($function_deps =~ /^depends_on:/)
- {
- ( $function_deps ) = $function_deps =~ /^depends_on:(.*)$/;
- }
-
- foreach my $req (split(/:/, $function_deps))
- {
- $function_pre_code .= "#ifdef $req\n";
- $function_post_code .= "#endif /* $req */\n";
- }
-
- foreach my $def (@var_def_arr)
- {
- # Handle the different parameter types
- if( substr($def, 0, 4) eq "int " )
- {
- $param_defs .= " int param$i;\n";
- $param_checks .= " if( verify_int( params[$i], ¶m$i ) != 0 ) return( DISPATCH_INVALID_TEST_DATA );\n";
- push @dispatch_params, "param$i";
-
- $mapping_regex .= ":([\\d\\w |\\+\\-\\(\\)]+)";
- $mapping_count++;
- }
- elsif( substr($def, 0, 6) eq "char *" )
- {
- $param_defs .= " char *param$i = params[$i];\n";
- $param_checks .= " if( verify_string( ¶m$i ) != 0 ) return( DISPATCH_INVALID_TEST_DATA );\n";
- push @dispatch_params, "param$i";
- $mapping_regex .= ":(?:\\\\.|[^:\n])+";
- }
- else
- {
- die "Parameter declaration not of supported type (int, char *)\n";
- }
- $i++;
-
- }
-
- # Find non-integer values we should map for this function
- if( $mapping_count)
- {
- my @res = $test_data =~ /^$mapping_regex/msg;
- foreach my $value (@res)
- {
- next unless ($value !~ /^\d+$/);
- if ( $mapping_values{$value} ) {
- ${ $mapping_values{$value} }{$function_pre_code} = 1;
- } else {
- $mapping_values{$value} = { $function_pre_code => 1 };
- }
- }
- }
-
- my $call_params = join ", ", @dispatch_params;
- my $param_count = @var_def_arr + 1;
- $dispatch_code .= << "END";
-if( strcmp( params[0], "$function_name" ) == 0 )
-{
-$function_pre_code
-$param_defs
- if( cnt != $param_count )
- {
- mbedtls_fprintf( stderr, "\\nIncorrect argument count (%d != %d)\\n", cnt, $param_count );
- return( DISPATCH_INVALID_TEST_DATA );
- }
-
-$param_checks
- test_suite_$function_name( $call_params );
- return ( DISPATCH_TEST_SUCCESS );
-$function_post_code
- return ( DISPATCH_UNSUPPORTED_SUITE );
-}
-else
-END
-
- my $function_code = $function_pre_code . $function_decl . "\n" .
- $function_post_code;
- $test_main =~ s/FUNCTION_CODE/$function_code\nFUNCTION_CODE/;
-}
-
-# Find specific case dependencies that we should be able to check
-# and make check code
-my $dep_check_code;
-
-my @res = $test_data =~ /^depends_on:([!:\w]+)/msg;
-my %case_deps;
-foreach my $deps (@res)
-{
- foreach my $dep (split(/:/, $deps))
- {
- $case_deps{$dep} = 1;
- }
-}
-while( my ($key, $value) = each(%case_deps) )
-{
- if( substr($key, 0, 1) eq "!" )
- {
- my $key = substr($key, 1);
- $dep_check_code .= << "END";
- if( strcmp( str, "!$key" ) == 0 )
- {
-#if !defined($key)
- return( DEPENDENCY_SUPPORTED );
-#else
- return( DEPENDENCY_NOT_SUPPORTED );
-#endif
- }
-END
- }
- else
- {
- $dep_check_code .= << "END";
- if( strcmp( str, "$key" ) == 0 )
- {
-#if defined($key)
- return( DEPENDENCY_SUPPORTED );
-#else
- return( DEPENDENCY_NOT_SUPPORTED );
-#endif
- }
-END
- }
-}
-
-# Make mapping code
-while( my ($key, $value) = each(%mapping_values) )
-{
- my $key_mapping_code = << "END";
- if( strcmp( str, "$key" ) == 0 )
- {
- *value = ( $key );
- return( KEY_VALUE_MAPPING_FOUND );
- }
-END
-
- # handle depenencies, unless used at least one without depends
- if ($value->{""}) {
- $mapping_code .= $key_mapping_code;
- next;
- }
- for my $ifdef ( keys %$value ) {
- (my $endif = $ifdef) =~ s!ifdef!endif //!g;
- $mapping_code .= $ifdef . $key_mapping_code . $endif;
- }
-}
-
-$dispatch_code =~ s/^(.+)/ $1/mg;
-
-$test_main =~ s/TESTCASE_FILENAME/$test_case_data/g;
-$test_main =~ s/TESTCODE_FILENAME/$test_case_file/g;
-$test_main =~ s/FUNCTION_CODE//;
-$test_main =~ s/DEP_CHECK_CODE/$dep_check_code/;
-$test_main =~ s/DISPATCH_FUNCTION/$dispatch_code/;
-$test_main =~ s/MAPPING_CODE/$mapping_code/;
-
-print TEST_FILE << "END";
-$test_main
-END
-
-close(TEST_FILE);
diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py
new file mode 100755
index 0000000..ce6f88c
--- /dev/null
+++ b/tests/scripts/generate_test_code.py
@@ -0,0 +1,1135 @@
+#!/usr/bin/env python3
+# Test suites code generator.
+#
+# Copyright (C) 2018, Arm Limited, All Rights Reserved
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# This file is part of Mbed TLS (https://tls.mbed.org)
+
+"""
+This script is a key part of Mbed TLS test suites framework. For
+understanding the script it is important to understand the
+framework. This doc string contains a summary of the framework
+and explains the function of this script.
+
+Mbed TLS test suites:
+=====================
+Scope:
+------
+The test suites focus on unit testing the crypto primitives and also
+include x509 parser tests. Tests can be added to test any Mbed TLS
+module. However, the framework is not capable of testing SSL
+protocol, since that requires full stack execution and that is best
+tested as part of the system test.
+
+Test case definition:
+---------------------
+Tests are defined in a test_suite_<module>[.<optional sub module>].data
+file. A test definition contains:
+ test name
+ optional build macro dependencies
+ test function
+ test parameters
+
+Test dependencies are build macros that can be specified to indicate
+the build config in which the test is valid. For example if a test
+depends on a feature that is only enabled by defining a macro. Then
+that macro should be specified as a dependency of the test.
+
+Test function is the function that implements the test steps. This
+function is specified for different tests that perform same steps
+with different parameters.
+
+Test parameters are specified in string form separated by ':'.
+Parameters can be of type string, binary data specified as hex
+string and integer constants specified as integer, macro or
+as an expression. Following is an example test definition:
+
+ AES 128 GCM Encrypt and decrypt 8 bytes
+ depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+ enc_dec_buf:MBEDTLS_CIPHER_AES_128_GCM:"AES-128-GCM":128:8:-1
+
+Test functions:
+---------------
+Test functions are coded in C in test_suite_<module>.function files.
+Functions file is itself not compilable and contains special
+format patterns to specify test suite dependencies, start and end
+of functions and function dependencies. Check any existing functions
+file for example.
+
+Execution:
+----------
+Tests are executed in 3 steps:
+- Generating test_suite_<module>[.<optional sub module>].c file
+ for each corresponding .data file.
+- Building each source file into executables.
+- Running each executable and printing report.
+
+Generating C test source requires more than just the test functions.
+Following extras are required:
+- Process main()
+- Reading .data file and dispatching test cases.
+- Platform specific test case execution
+- Dependency checking
+- Integer expression evaluation
+- Test function dispatch
+
+Build dependencies and integer expressions (in the test parameters)
+are specified as strings in the .data file. Their run time value is
+not known at the generation stage. Hence, they need to be translated
+into run time evaluations. This script generates the run time checks
+for dependencies and integer expressions.
+
+Similarly, function names have to be translated into function calls.
+This script also generates code for function dispatch.
+
+The extra code mentioned here is either generated by this script
+or it comes from the input files: helpers file, platform file and
+the template file.
+
+Helper file:
+------------
+Helpers file contains common helper/utility functions and data.
+
+Platform file:
+--------------
+Platform file contains platform specific setup code and test case
+dispatch code. For example, host_test.function reads test data
+file from host's file system and dispatches tests.
+In case of on-target target_test.function tests are not dispatched
+on target. Target code is kept minimum and only test functions are
+dispatched. Test case dispatch is done on the host using tools like
+Greentea.
+
+Template file:
+---------
+Template file for example main_test.function is a template C file in
+which generated code and code from input files is substituted to
+generate a compilable C file. It also contains skeleton functions for
+dependency checks, expression evaluation and function dispatch. These
+functions are populated with checks and return codes by this script.
+
+Template file contains "replacement" fields that are formatted
+strings processed by Python string.Template.substitute() method.
+
+This script:
+============
+Core function of this script is to fill the template file with
+code that is generated or read from helpers and platform files.
+
+This script replaces following fields in the template and generates
+the test source file:
+
+$test_common_helpers <-- All common code from helpers.function
+ is substituted here.
+$functions_code <-- Test functions are substituted here
+ from the input test_suit_xyz.function
+ file. C preprocessor checks are generated
+ for the build dependencies specified
+ in the input file. This script also
+ generates wrappers for the test
+ functions with code to expand the
+ string parameters read from the data
+ file.
+$expression_code <-- This script enumerates the
+ expressions in the .data file and
+ generates code to handle enumerated
+ expression Ids and return the values.
+$dep_check_code <-- This script enumerates all
+ build dependencies and generate
+ code to handle enumerated build
+ dependency Id and return status: if
+ the dependency is defined or not.
+$dispatch_code <-- This script enumerates the functions
+ specified in the input test data file
+ and generates the initializer for the
+ function table in the template
+ file.
+$platform_code <-- Platform specific setup and test
+ dispatch code.
+
+"""
+
+
+import io
+import os
+import re
+import sys
+import string
+import argparse
+
+
+BEGIN_HEADER_REGEX = r'/\*\s*BEGIN_HEADER\s*\*/'
+END_HEADER_REGEX = r'/\*\s*END_HEADER\s*\*/'
+
+BEGIN_SUITE_HELPERS_REGEX = r'/\*\s*BEGIN_SUITE_HELPERS\s*\*/'
+END_SUITE_HELPERS_REGEX = r'/\*\s*END_SUITE_HELPERS\s*\*/'
+
+BEGIN_DEP_REGEX = r'BEGIN_DEPENDENCIES'
+END_DEP_REGEX = r'END_DEPENDENCIES'
+
+BEGIN_CASE_REGEX = r'/\*\s*BEGIN_CASE\s*(?P<depends_on>.*?)\s*\*/'
+END_CASE_REGEX = r'/\*\s*END_CASE\s*\*/'
+
+DEPENDENCY_REGEX = r'depends_on:(?P<dependencies>.*)'
+C_IDENTIFIER_REGEX = r'!?[a-z_][a-z0-9_]*$'
+TEST_FUNCTION_VALIDATION_REGEX = r'\s*void\s+(?P<func_name>\w+)\s*\('
+INT_CHECK_REGEX = r'int\s+.*'
+CHAR_CHECK_REGEX = r'char\s*\*\s*.*'
+DATA_T_CHECK_REGEX = r'data_t\s*\*\s*.*'
+FUNCTION_ARG_LIST_END_REGEX = r'.*\)'
+EXIT_LABEL_REGEX = r'^exit:'
+
+
+class GeneratorInputError(Exception):
+ """
+ Exception to indicate error in the input files to this script.
+ This includes missing patterns, test function names and other
+ parsing errors.
+ """
+ pass
+
+
+class FileWrapper(io.FileIO, object):
+ """
+ This class extends built-in io.FileIO class with attribute line_no,
+ that indicates line number for the line that is read.
+ """
+
+ def __init__(self, file_name):
+ """
+ Instantiate the base class and initialize the line number to 0.
+
+ :param file_name: File path to open.
+ """
+ super(FileWrapper, self).__init__(file_name, 'r')
+ self._line_no = 0
+
+ def next(self):
+ """
+ Python 2 iterator method. This method overrides base class's
+ next method and extends the next method to count the line
+ numbers as each line is read.
+
+ It works for both Python 2 and Python 3 by checking iterator
+ method name in the base iterator object.
+
+ :return: Line read from file.
+ """
+ parent = super(FileWrapper, self)
+ if hasattr(parent, '__next__'):
+ line = parent.__next__() # Python 3
+ else:
+ line = parent.next() # Python 2
+ if line is not None:
+ self._line_no += 1
+ # Convert byte array to string with correct encoding and
+ # strip any whitespaces added in the decoding process.
+ return line.decode(sys.getdefaultencoding()).rstrip() + '\n'
+ return None
+
+ # Python 3 iterator method
+ __next__ = next
+
+ def get_line_no(self):
+ """
+ Gives current line number.
+ """
+ return self._line_no
+
+ line_no = property(get_line_no)
+
+
+def split_dep(dep):
+ """
+ Split NOT character '!' from dependency. Used by gen_dependencies()
+
+ :param dep: Dependency list
+ :return: string tuple. Ex: ('!', MACRO) for !MACRO and ('', MACRO) for
+ MACRO.
+ """
+ return ('!', dep[1:]) if dep[0] == '!' else ('', dep)
+
+
+def gen_dependencies(dependencies):
+ """
+ Test suite data and functions specifies compile time dependencies.
+ This function generates C preprocessor code from the input
+ dependency list. Caller uses the generated preprocessor code to
+ wrap dependent code.
+ A dependency in the input list can have a leading '!' character
+ to negate a condition. '!' is separated from the dependency using
+ function split_dep() and proper preprocessor check is generated
+ accordingly.
+
+ :param dependencies: List of dependencies.
+ :return: if defined and endif code with macro annotations for
+ readability.
+ """
+ dep_start = ''.join(['#if %sdefined(%s)\n' % (x, y) for x, y in
+ map(split_dep, dependencies)])
+ dep_end = ''.join(['#endif /* %s */\n' %
+ x for x in reversed(dependencies)])
+
+ return dep_start, dep_end
+
+
+def gen_dependencies_one_line(dependencies):
+ """
+ Similar to gen_dependencies() but generates dependency checks in one line.
+ Useful for generating code with #else block.
+
+ :param dependencies: List of dependencies.
+ :return: Preprocessor check code
+ """
+ defines = '#if ' if dependencies else ''
+ defines += ' && '.join(['%sdefined(%s)' % (x, y) for x, y in map(
+ split_dep, dependencies)])
+ return defines
+
+
+def gen_function_wrapper(name, local_vars, args_dispatch):
+ """
+ Creates test function wrapper code. A wrapper has the code to
+ unpack parameters from parameters[] array.
+
+ :param name: Test function name
+ :param local_vars: Local variables declaration code
+ :param args_dispatch: List of dispatch arguments.
+ Ex: ['(char *)params[0]', '*((int *)params[1])']
+ :return: Test function wrapper.
+ """
+ # Then create the wrapper
+ wrapper = '''
+void {name}_wrapper( void ** params )
+{{
+{unused_params}{locals}
+ {name}( {args} );
+}}
+'''.format(name=name,
+ unused_params='' if args_dispatch else ' (void)params;\n',
+ args=', '.join(args_dispatch),
+ locals=local_vars)
+ return wrapper
+
+
+def gen_dispatch(name, dependencies):
+ """
+ Test suite code template main_test.function defines a C function
+ array to contain test case functions. This function generates an
+ initializer entry for a function in that array. The entry is
+ composed of a compile time check for the test function
+ dependencies. At compile time the test function is assigned when
+ dependencies are met, else NULL is assigned.
+
+ :param name: Test function name
+ :param dependencies: List of dependencies
+ :return: Dispatch code.
+ """
+ if dependencies:
+ preprocessor_check = gen_dependencies_one_line(dependencies)
+ dispatch_code = '''
+{preprocessor_check}
+ {name}_wrapper,
+#else
+ NULL,
+#endif
+'''.format(preprocessor_check=preprocessor_check, name=name)
+ else:
+ dispatch_code = '''
+ {name}_wrapper,
+'''.format(name=name)
+
+ return dispatch_code
+
+
+def parse_until_pattern(funcs_f, end_regex):
+ """
+ Matches pattern end_regex to the lines read from the file object.
+ Returns the lines read until end pattern is matched.
+
+ :param funcs_f: file object for .function file
+ :param end_regex: Pattern to stop parsing
+ :return: Lines read before the end pattern
+ """
+ headers = '#line %d "%s"\n' % (funcs_f.line_no + 1, funcs_f.name)
+ for line in funcs_f:
+ if re.search(end_regex, line):
+ break
+ headers += line
+ else:
+ raise GeneratorInputError("file: %s - end pattern [%s] not found!" %
+ (funcs_f.name, end_regex))
+
+ return headers
+
+
+def validate_dependency(dependency):
+ """
+ Validates a C macro and raises GeneratorInputError on invalid input.
+ :param dependency: Input macro dependency
+ :return: input dependency stripped of leading & trailing white spaces.
+ """
+ dependency = dependency.strip()
+ if not re.match(C_IDENTIFIER_REGEX, dependency, re.I):
+ raise GeneratorInputError('Invalid dependency %s' % dependency)
+ return dependency
+
+
+def parse_dependencies(inp_str):
+ """
+ Parses dependencies out of inp_str, validates them and returns a
+ list of macros.
+
+ :param inp_str: Input string with macros delimited by ':'.
+ :return: list of dependencies
+ """
+ dependencies = [dep for dep in map(validate_dependency,
+ inp_str.split(':'))]
+ return dependencies
+
+
+def parse_suite_dependencies(funcs_f):
+ """
+ Parses test suite dependencies specified at the top of a
+ .function file, that starts with pattern BEGIN_DEPENDENCIES
+ and end with END_DEPENDENCIES. Dependencies are specified
+ after pattern 'depends_on:' and are delimited by ':'.
+
+ :param funcs_f: file object for .function file
+ :return: List of test suite dependencies.
+ """
+ dependencies = []
+ for line in funcs_f:
+ match = re.search(DEPENDENCY_REGEX, line.strip())
+ if match:
+ try:
+ dependencies = parse_dependencies(match.group('dependencies'))
+ except GeneratorInputError as error:
+ raise GeneratorInputError(
+ str(error) + " - %s:%d" % (funcs_f.name, funcs_f.line_no))
+ if re.search(END_DEP_REGEX, line):
+ break
+ else:
+ raise GeneratorInputError("file: %s - end dependency pattern [%s]"
+ " not found!" % (funcs_f.name,
+ END_DEP_REGEX))
+
+ return dependencies
+
+
+def parse_function_dependencies(line):
+ """
+ Parses function dependencies, that are in the same line as
+ comment BEGIN_CASE. Dependencies are specified after pattern
+ 'depends_on:' and are delimited by ':'.
+
+ :param line: Line from .function file that has dependencies.
+ :return: List of dependencies.
+ """
+ dependencies = []
+ match = re.search(BEGIN_CASE_REGEX, line)
+ dep_str = match.group('depends_on')
+ if dep_str:
+ match = re.search(DEPENDENCY_REGEX, dep_str)
+ if match:
+ dependencies += parse_dependencies(match.group('dependencies'))
+
+ return dependencies
+
+
+def parse_function_arguments(line):
+ """
+ Parses test function signature for validation and generates
+ a dispatch wrapper function that translates input test vectors
+ read from the data file into test function arguments.
+
+ :param line: Line from .function file that has a function
+ signature.
+ :return: argument list, local variables for
+ wrapper function and argument dispatch code.
+ """
+ args = []
+ local_vars = ''
+ args_dispatch = []
+ arg_idx = 0
+ # Remove characters before arguments
+ line = line[line.find('(') + 1:]
+ # Process arguments, ex: <type> arg1, <type> arg2 )
+ # This script assumes that the argument list is terminated by ')'
+ # i.e. the test functions will not have a function pointer
+ # argument.
+ for arg in line[:line.find(')')].split(','):
+ arg = arg.strip()
+ if arg == '':
+ continue
+ if re.search(INT_CHECK_REGEX, arg.strip()):
+ args.append('int')
+ args_dispatch.append('*( (int *) params[%d] )' % arg_idx)
+ elif re.search(CHAR_CHECK_REGEX, arg.strip()):
+ args.append('char*')
+ args_dispatch.append('(char *) params[%d]' % arg_idx)
+ elif re.search(DATA_T_CHECK_REGEX, arg.strip()):
+ args.append('hex')
+ # create a structure
+ pointer_initializer = '(uint8_t *) params[%d]' % arg_idx
+ len_initializer = '*( (uint32_t *) params[%d] )' % (arg_idx+1)
+ local_vars += """ data_t data%d = {%s, %s};
+""" % (arg_idx, pointer_initializer, len_initializer)
+
+ args_dispatch.append('&data%d' % arg_idx)
+ arg_idx += 1
+ else:
+ raise ValueError("Test function arguments can only be 'int', "
+ "'char *' or 'data_t'\n%s" % line)
+ arg_idx += 1
+
+ return args, local_vars, args_dispatch
+
+
+def generate_function_code(name, code, local_vars, args_dispatch,
+ dependencies):
+ """
+ Generate function code with preprocessor checks and parameter dispatch
+ wrapper.
+
+ :param name: Function name
+ :param code: Function code
+ :param local_vars: Local variables for function wrapper
+ :param args_dispatch: Argument dispatch code
+ :param dependencies: Preprocessor dependencies list
+ :return: Final function code
+ """
+ # Add exit label if not present
+ if code.find('exit:') == -1:
+ split_code = code.rsplit('}', 1)
+ if len(split_code) == 2:
+ code = """exit:
+ ;
+}""".join(split_code)
+
+ code += gen_function_wrapper(name, local_vars, args_dispatch)
+ preprocessor_check_start, preprocessor_check_end = \
+ gen_dependencies(dependencies)
+ return preprocessor_check_start + code + preprocessor_check_end
+
+
+def parse_function_code(funcs_f, dependencies, suite_dependencies):
+ """
+ Parses out a function from function file object and generates
+ function and dispatch code.
+
+ :param funcs_f: file object of the functions file.
+ :param dependencies: List of dependencies
+ :param suite_dependencies: List of test suite dependencies
+ :return: Function name, arguments, function code and dispatch code.
+ """
+ line_directive = '#line %d "%s"\n' % (funcs_f.line_no + 1, funcs_f.name)
+ code = ''
+ has_exit_label = False
+ for line in funcs_f:
+ # Check function signature. Function signature may be split
+ # across multiple lines. Here we try to find the start of
+ # arguments list, then remove '\n's and apply the regex to
+ # detect function start.
+ up_to_arg_list_start = code + line[:line.find('(') + 1]
+ match = re.match(TEST_FUNCTION_VALIDATION_REGEX,
+ up_to_arg_list_start.replace('\n', ' '), re.I)
+ if match:
+ # check if we have full signature i.e. split in more lines
+ name = match.group('func_name')
+ if not re.match(FUNCTION_ARG_LIST_END_REGEX, line):
+ for lin in funcs_f:
+ line += lin
+ if re.search(FUNCTION_ARG_LIST_END_REGEX, line):
+ break
+ args, local_vars, args_dispatch = parse_function_arguments(
+ line)
+ code += line
+ break
+ code += line
+ else:
+ raise GeneratorInputError("file: %s - Test functions not found!" %
+ funcs_f.name)
+
+ # Prefix test function name with 'test_'
+ code = code.replace(name, 'test_' + name, 1)
+ name = 'test_' + name
+
+ for line in funcs_f:
+ if re.search(END_CASE_REGEX, line):
+ break
+ if not has_exit_label:
+ has_exit_label = \
+ re.search(EXIT_LABEL_REGEX, line.strip()) is not None
+ code += line
+ else:
+ raise GeneratorInputError("file: %s - end case pattern [%s] not "
+ "found!" % (funcs_f.name, END_CASE_REGEX))
+
+ code = line_directive + code
+ code = generate_function_code(name, code, local_vars, args_dispatch,
+ dependencies)
+ dispatch_code = gen_dispatch(name, suite_dependencies + dependencies)
+ return (name, args, code, dispatch_code)
+
+
+def parse_functions(funcs_f):
+ """
+ Parses a test_suite_xxx.function file and returns information
+ for generating a C source file for the test suite.
+
+ :param funcs_f: file object of the functions file.
+ :return: List of test suite dependencies, test function dispatch
+ code, function code and a dict with function identifiers
+ and arguments info.
+ """
+ suite_helpers = ''
+ suite_dependencies = []
+ suite_functions = ''
+ func_info = {}
+ function_idx = 0
+ dispatch_code = ''
+ for line in funcs_f:
+ if re.search(BEGIN_HEADER_REGEX, line):
+ suite_helpers += parse_until_pattern(funcs_f, END_HEADER_REGEX)
+ elif re.search(BEGIN_SUITE_HELPERS_REGEX, line):
+ suite_helpers += parse_until_pattern(funcs_f,
+ END_SUITE_HELPERS_REGEX)
+ elif re.search(BEGIN_DEP_REGEX, line):
+ suite_dependencies += parse_suite_dependencies(funcs_f)
+ elif re.search(BEGIN_CASE_REGEX, line):
+ try:
+ dependencies = parse_function_dependencies(line)
+ except GeneratorInputError as error:
+ raise GeneratorInputError(
+ "%s:%d: %s" % (funcs_f.name, funcs_f.line_no,
+ str(error)))
+ func_name, args, func_code, func_dispatch =\
+ parse_function_code(funcs_f, dependencies, suite_dependencies)
+ suite_functions += func_code
+ # Generate dispatch code and enumeration info
+ if func_name in func_info:
+ raise GeneratorInputError(
+ "file: %s - function %s re-declared at line %d" %
+ (funcs_f.name, func_name, funcs_f.line_no))
+ func_info[func_name] = (function_idx, args)
+ dispatch_code += '/* Function Id: %d */\n' % function_idx
+ dispatch_code += func_dispatch
+ function_idx += 1
+
+ func_code = (suite_helpers +
+ suite_functions).join(gen_dependencies(suite_dependencies))
+ return suite_dependencies, dispatch_code, func_code, func_info
+
+
+def escaped_split(inp_str, split_char):
+ """
+ Split inp_str on character split_char but ignore if escaped.
+ Since, return value is used to write back to the intermediate
+ data file, any escape characters in the input are retained in the
+ output.
+
+ :param inp_str: String to split
+ :param split_char: Split character
+ :return: List of splits
+ """
+ if len(split_char) > 1:
+ raise ValueError('Expected split character. Found string!')
+ out = re.sub(r'(\\.)|' + split_char,
+ lambda m: m.group(1) or '\n', inp_str,
+ len(inp_str)).split('\n')
+ out = [x for x in out if x]
+ return out
+
+
+def parse_test_data(data_f):
+ """
+ Parses .data file for each test case name, test function name,
+ test dependencies and test arguments. This information is
+ correlated with the test functions file for generating an
+ intermediate data file replacing the strings for test function
+ names, dependencies and integer constant expressions with
+ identifiers. Mainly for optimising space for on-target
+ execution.
+
+ :param data_f: file object of the data file.
+ :return: Generator that yields test name, function name,
+ dependency list and function argument list.
+ """
+ __state_read_name = 0
+ __state_read_args = 1
+ state = __state_read_name
+ dependencies = []
+ name = ''
+ for line in data_f:
+ line = line.strip()
+ # Skip comments
+ if line.startswith('#'):
+ continue
+
+ # Blank line indicates end of test
+ if not line:
+ if state == __state_read_args:
+ raise GeneratorInputError("[%s:%d] Newline before arguments. "
+ "Test function and arguments "
+ "missing for %s" %
+ (data_f.name, data_f.line_no, name))
+ continue
+
+ if state == __state_read_name:
+ # Read test name
+ name = line
+ state = __state_read_args
+ elif state == __state_read_args:
+ # Check dependencies
+ match = re.search(DEPENDENCY_REGEX, line)
+ if match:
+ try:
+ dependencies = parse_dependencies(
+ match.group('dependencies'))
+ except GeneratorInputError as error:
+ raise GeneratorInputError(
+ str(error) + " - %s:%d" %
+ (data_f.name, data_f.line_no))
+ else:
+ # Read test vectors
+ parts = escaped_split(line, ':')
+ test_function = parts[0]
+ args = parts[1:]
+ yield name, test_function, dependencies, args
+ dependencies = []
+ state = __state_read_name
+ if state == __state_read_args:
+ raise GeneratorInputError("[%s:%d] Newline before arguments. "
+ "Test function and arguments missing for "
+ "%s" % (data_f.name, data_f.line_no, name))
+
+
+def gen_dep_check(dep_id, dep):
+ """
+ Generate code for checking dependency with the associated
+ identifier.
+
+ :param dep_id: Dependency identifier
+ :param dep: Dependency macro
+ :return: Dependency check code
+ """
+ if dep_id < 0:
+ raise GeneratorInputError("Dependency Id should be a positive "
+ "integer.")
+ _not, dep = ('!', dep[1:]) if dep[0] == '!' else ('', dep)
+ if not dep:
+ raise GeneratorInputError("Dependency should not be an empty string.")
+ dep_check = '''
+ case {id}:
+ {{
+#if {_not}defined({macro})
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }}
+ break;'''.format(_not=_not, macro=dep, id=dep_id)
+ return dep_check
+
+
+def gen_expression_check(exp_id, exp):
+ """
+ Generates code for evaluating an integer expression using
+ associated expression Id.
+
+ :param exp_id: Expression Identifier
+ :param exp: Expression/Macro
+ :return: Expression check code
+ """
+ if exp_id < 0:
+ raise GeneratorInputError("Expression Id should be a positive "
+ "integer.")
+ if not exp:
+ raise GeneratorInputError("Expression should not be an empty string.")
+ exp_code = '''
+ case {exp_id}:
+ {{
+ *out_value = {expression};
+ }}
+ break;'''.format(exp_id=exp_id, expression=exp)
+ return exp_code
+
+
+def write_dependencies(out_data_f, test_dependencies, unique_dependencies):
+ """
+ Write dependencies to intermediate test data file, replacing
+ the string form with identifiers. Also, generates dependency
+ check code.
+
+ :param out_data_f: Output intermediate data file
+ :param test_dependencies: Dependencies
+ :param unique_dependencies: Mutable list to track unique dependencies
+ that are global to this re-entrant function.
+ :return: returns dependency check code.
+ """
+ dep_check_code = ''
+ if test_dependencies:
+ out_data_f.write('depends_on')
+ for dep in test_dependencies:
+ if dep not in unique_dependencies:
+ unique_dependencies.append(dep)
+ dep_id = unique_dependencies.index(dep)
+ dep_check_code += gen_dep_check(dep_id, dep)
+ else:
+ dep_id = unique_dependencies.index(dep)
+ out_data_f.write(':' + str(dep_id))
+ out_data_f.write('\n')
+ return dep_check_code
+
+
+def write_parameters(out_data_f, test_args, func_args, unique_expressions):
+ """
+ Writes test parameters to the intermediate data file, replacing
+ the string form with identifiers. Also, generates expression
+ check code.
+
+ :param out_data_f: Output intermediate data file
+ :param test_args: Test parameters
+ :param func_args: Function arguments
+ :param unique_expressions: Mutable list to track unique
+ expressions that are global to this re-entrant function.
+ :return: Returns expression check code.
+ """
+ expression_code = ''
+ for i, _ in enumerate(test_args):
+ typ = func_args[i]
+ val = test_args[i]
+
+ # check if val is a non literal int val (i.e. an expression)
+ if typ == 'int' and not re.match(r'(\d+|0x[0-9a-f]+)$',
+ val, re.I):
+ typ = 'exp'
+ if val not in unique_expressions:
+ unique_expressions.append(val)
+ # exp_id can be derived from len(). But for
+ # readability and consistency with case of existing
+ # let's use index().
+ exp_id = unique_expressions.index(val)
+ expression_code += gen_expression_check(exp_id, val)
+ val = exp_id
+ else:
+ val = unique_expressions.index(val)
+ out_data_f.write(':' + typ + ':' + str(val))
+ out_data_f.write('\n')
+ return expression_code
+
+
+def gen_suite_dep_checks(suite_dependencies, dep_check_code, expression_code):
+ """
+ Generates preprocessor checks for test suite dependencies.
+
+ :param suite_dependencies: Test suite dependencies read from the
+ .function file.
+ :param dep_check_code: Dependency check code
+ :param expression_code: Expression check code
+ :return: Dependency and expression code guarded by test suite
+ dependencies.
+ """
+ if suite_dependencies:
+ preprocessor_check = gen_dependencies_one_line(suite_dependencies)
+ dep_check_code = '''
+{preprocessor_check}
+{code}
+#endif
+'''.format(preprocessor_check=preprocessor_check, code=dep_check_code)
+ expression_code = '''
+{preprocessor_check}
+{code}
+#endif
+'''.format(preprocessor_check=preprocessor_check, code=expression_code)
+ return dep_check_code, expression_code
+
+
+def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
+ """
+ This function reads test case name, dependencies and test vectors
+ from the .data file. This information is correlated with the test
+ functions file for generating an intermediate data file replacing
+ the strings for test function names, dependencies and integer
+ constant expressions with identifiers. Mainly for optimising
+ space for on-target execution.
+ It also generates test case dependency check code and expression
+ evaluation code.
+
+ :param data_f: Data file object
+ :param out_data_f: Output intermediate data file
+ :param func_info: Dict keyed by function and with function id
+ and arguments info
+ :param suite_dependencies: Test suite dependencies
+ :return: Returns dependency and expression check code
+ """
+ unique_dependencies = []
+ unique_expressions = []
+ dep_check_code = ''
+ expression_code = ''
+ for test_name, function_name, test_dependencies, test_args in \
+ parse_test_data(data_f):
+ out_data_f.write(test_name + '\n')
+
+ # Write dependencies
+ dep_check_code += write_dependencies(out_data_f, test_dependencies,
+ unique_dependencies)
+
+ # Write test function name
+ test_function_name = 'test_' + function_name
+ if test_function_name not in func_info:
+ raise GeneratorInputError("Function %s not found!" %
+ test_function_name)
+ func_id, func_args = func_info[test_function_name]
+ out_data_f.write(str(func_id))
+
+ # Write parameters
+ if len(test_args) != len(func_args):
+ raise GeneratorInputError("Invalid number of arguments in test "
+ "%s. See function %s signature." %
+ (test_name, function_name))
+ expression_code += write_parameters(out_data_f, test_args, func_args,
+ unique_expressions)
+
+ # Write a newline as test case separator
+ out_data_f.write('\n')
+
+ dep_check_code, expression_code = gen_suite_dep_checks(
+ suite_dependencies, dep_check_code, expression_code)
+ return dep_check_code, expression_code
+
+
+def add_input_info(funcs_file, data_file, template_file,
+ c_file, snippets):
+ """
+ Add generator input info in snippets.
+
+ :param funcs_file: Functions file object
+ :param data_file: Data file object
+ :param template_file: Template file object
+ :param c_file: Output C file object
+ :param snippets: Dictionary to contain code pieces to be
+ substituted in the template.
+ :return:
+ """
+ snippets['test_file'] = c_file
+ snippets['test_main_file'] = template_file
+ snippets['test_case_file'] = funcs_file
+ snippets['test_case_data_file'] = data_file
+
+
+def read_code_from_input_files(platform_file, helpers_file,
+ out_data_file, snippets):
+ """
+ Read code from input files and create substitutions for replacement
+ strings in the template file.
+
+ :param platform_file: Platform file object
+ :param helpers_file: Helper functions file object
+ :param out_data_file: Output intermediate data file object
+ :param snippets: Dictionary to contain code pieces to be
+ substituted in the template.
+ :return:
+ """
+ # Read helpers
+ with open(helpers_file, 'r') as help_f, open(platform_file, 'r') as \
+ platform_f:
+ snippets['test_common_helper_file'] = helpers_file
+ snippets['test_common_helpers'] = help_f.read()
+ snippets['test_platform_file'] = platform_file
+ snippets['platform_code'] = platform_f.read().replace(
+ 'DATA_FILE', out_data_file.replace('\\', '\\\\')) # escape '\'
+
+
+def write_test_source_file(template_file, c_file, snippets):
+ """
+ Write output source file with generated source code.
+
+ :param template_file: Template file name
+ :param c_file: Output source file
+ :param snippets: Generated and code snippets
+ :return:
+ """
+ with open(template_file, 'r') as template_f, open(c_file, 'w') as c_f:
+ for line_no, line in enumerate(template_f.readlines(), 1):
+ # Update line number. +1 as #line directive sets next line number
+ snippets['line_no'] = line_no + 1
+ code = string.Template(line).substitute(**snippets)
+ c_f.write(code)
+
+
+def parse_function_file(funcs_file, snippets):
+ """
+ Parse function file and generate function dispatch code.
+
+ :param funcs_file: Functions file name
+ :param snippets: Dictionary to contain code pieces to be
+ substituted in the template.
+ :return:
+ """
+ with FileWrapper(funcs_file) as funcs_f:
+ suite_dependencies, dispatch_code, func_code, func_info = \
+ parse_functions(funcs_f)
+ snippets['functions_code'] = func_code
+ snippets['dispatch_code'] = dispatch_code
+ return suite_dependencies, func_info
+
+
+def generate_intermediate_data_file(data_file, out_data_file,
+ suite_dependencies, func_info, snippets):
+ """
+ Generates intermediate data file from input data file and
+ information read from functions file.
+
+ :param data_file: Data file name
+ :param out_data_file: Output/Intermediate data file
+ :param suite_dependencies: List of suite dependencies.
+ :param func_info: Function info parsed from functions file.
+ :param snippets: Dictionary to contain code pieces to be
+ substituted in the template.
+ :return:
+ """
+ with FileWrapper(data_file) as data_f, \
+ open(out_data_file, 'w') as out_data_f:
+ dep_check_code, expression_code = gen_from_test_data(
+ data_f, out_data_f, func_info, suite_dependencies)
+ snippets['dep_check_code'] = dep_check_code
+ snippets['expression_code'] = expression_code
+
+
+def generate_code(**input_info):
+ """
+ Generates C source code from test suite file, data file, common
+ helpers file and platform file.
+
+ input_info expands to following parameters:
+ funcs_file: Functions file object
+ data_file: Data file object
+ template_file: Template file object
+ platform_file: Platform file object
+ helpers_file: Helper functions file object
+ suites_dir: Test suites dir
+ c_file: Output C file object
+ out_data_file: Output intermediate data file object
+ :return:
+ """
+ funcs_file = input_info['funcs_file']
+ data_file = input_info['data_file']
+ template_file = input_info['template_file']
+ platform_file = input_info['platform_file']
+ helpers_file = input_info['helpers_file']
+ suites_dir = input_info['suites_dir']
+ c_file = input_info['c_file']
+ out_data_file = input_info['out_data_file']
+ for name, path in [('Functions file', funcs_file),
+ ('Data file', data_file),
+ ('Template file', template_file),
+ ('Platform file', platform_file),
+ ('Helpers code file', helpers_file),
+ ('Suites dir', suites_dir)]:
+ if not os.path.exists(path):
+ raise IOError("ERROR: %s [%s] not found!" % (name, path))
+
+ snippets = {'generator_script': os.path.basename(__file__)}
+ read_code_from_input_files(platform_file, helpers_file,
+ out_data_file, snippets)
+ add_input_info(funcs_file, data_file, template_file,
+ c_file, snippets)
+ suite_dependencies, func_info = parse_function_file(funcs_file, snippets)
+ generate_intermediate_data_file(data_file, out_data_file,
+ suite_dependencies, func_info, snippets)
+ write_test_source_file(template_file, c_file, snippets)
+
+
+def main():
+ """
+ Command line parser.
+
+ :return:
+ """
+ parser = argparse.ArgumentParser(
+ description='Dynamically generate test suite code.')
+
+ parser.add_argument("-f", "--functions-file",
+ dest="funcs_file",
+ help="Functions file",
+ metavar="FUNCTIONS_FILE",
+ required=True)
+
+ parser.add_argument("-d", "--data-file",
+ dest="data_file",
+ help="Data file",
+ metavar="DATA_FILE",
+ required=True)
+
+ parser.add_argument("-t", "--template-file",
+ dest="template_file",
+ help="Template file",
+ metavar="TEMPLATE_FILE",
+ required=True)
+
+ parser.add_argument("-s", "--suites-dir",
+ dest="suites_dir",
+ help="Suites dir",
+ metavar="SUITES_DIR",
+ required=True)
+
+ parser.add_argument("--helpers-file",
+ dest="helpers_file",
+ help="Helpers file",
+ metavar="HELPERS_FILE",
+ required=True)
+
+ parser.add_argument("-p", "--platform-file",
+ dest="platform_file",
+ help="Platform code file",
+ metavar="PLATFORM_FILE",
+ required=True)
+
+ parser.add_argument("-o", "--out-dir",
+ dest="out_dir",
+ help="Dir where generated code and scripts are copied",
+ metavar="OUT_DIR",
+ required=True)
+
+ args = parser.parse_args()
+
+ data_file_name = os.path.basename(args.data_file)
+ data_name = os.path.splitext(data_file_name)[0]
+
+ out_c_file = os.path.join(args.out_dir, data_name + '.c')
+ out_data_file = os.path.join(args.out_dir, data_name + '.datax')
+
+ out_c_file_dir = os.path.dirname(out_c_file)
+ out_data_file_dir = os.path.dirname(out_data_file)
+ for directory in [out_c_file_dir, out_data_file_dir]:
+ if not os.path.exists(directory):
+ os.makedirs(directory)
+
+ generate_code(funcs_file=args.funcs_file, data_file=args.data_file,
+ template_file=args.template_file,
+ platform_file=args.platform_file,
+ helpers_file=args.helpers_file, suites_dir=args.suites_dir,
+ c_file=out_c_file, out_data_file=out_data_file)
+
+
+if __name__ == "__main__":
+ try:
+ main()
+ except GeneratorInputError as err:
+ sys.exit("%s: input error: %s" %
+ (os.path.basename(sys.argv[0]), str(err)))
diff --git a/tests/scripts/key-exchanges.pl b/tests/scripts/key-exchanges.pl
index d167c67..3bf7ae3 100755
--- a/tests/scripts/key-exchanges.pl
+++ b/tests/scripts/key-exchanges.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# key-exchanges.pl
#
diff --git a/tests/scripts/list-enum-consts.pl b/tests/scripts/list-enum-consts.pl
index 633e3fd..21c25b3 100755
--- a/tests/scripts/list-enum-consts.pl
+++ b/tests/scripts/list-enum-consts.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
use warnings;
use strict;
diff --git a/tests/scripts/mbedtls_test.py b/tests/scripts/mbedtls_test.py
new file mode 100755
index 0000000..8e8a89b
--- /dev/null
+++ b/tests/scripts/mbedtls_test.py
@@ -0,0 +1,376 @@
+# Greentea host test script for Mbed TLS on-target test suite testing.
+#
+# Copyright (C) 2018, Arm Limited, All Rights Reserved
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# This file is part of Mbed TLS (https://tls.mbed.org)
+
+
+"""
+Mbed TLS on-target test suite tests are implemented as Greentea
+tests. Greentea tests are implemented in two parts: target test and
+host test. Target test is a C application that is built for the
+target platform and executes on the target. Host test is a Python
+class derived from mbed_host_tests.BaseHostTest. Target communicates
+with the host over serial for the test data and sends back the result.
+
+Python tool mbedgt (Greentea) is responsible for flashing the test
+binary on to the target and dynamically loading this host test module.
+
+Greentea documentation can be found here:
+https://github.com/ARMmbed/greentea
+"""
+
+
+import re
+import os
+import binascii
+from mbed_host_tests import BaseHostTest, event_callback
+
+
+class TestDataParserError(Exception):
+ """Indicates error in test data, read from .data file."""
+ pass
+
+
+class TestDataParser(object):
+ """
+ Parses test name, dependencies, test function name and test parameters
+ from the data file.
+ """
+
+ def __init__(self):
+ """
+ Constructor
+ """
+ self.tests = []
+
+ def parse(self, data_file):
+ """
+ Data file parser.
+
+ :param data_file: Data file path
+ """
+ with open(data_file, 'r') as data_f:
+ self.__parse(data_f)
+
+ @staticmethod
+ def __escaped_split(inp_str, split_char):
+ """
+ Splits inp_str on split_char except when escaped.
+
+ :param inp_str: String to split
+ :param split_char: Split character
+ :return: List of splits
+ """
+ if len(split_char) > 1:
+ raise ValueError('Expected split character. Found string!')
+ out = re.sub(r'(\\.)|' + split_char,
+ lambda m: m.group(1) or '\n', inp_str,
+ len(inp_str)).split('\n')
+ out = [x for x in out if x]
+ return out
+
+ def __parse(self, data_f):
+ """
+ Parses data file using supplied file object.
+
+ :param data_f: Data file object
+ :return:
+ """
+ for line in data_f:
+ line = line.strip()
+ if not line:
+ continue
+ # Read test name
+ name = line
+
+ # Check dependencies
+ dependencies = []
+ line = data_f.next().strip()
+ match = re.search('depends_on:(.*)', line)
+ if match:
+ dependencies = [int(x) for x in match.group(1).split(':')]
+ line = data_f.next().strip()
+
+ # Read test vectors
+ line = line.replace('\\n', '\n')
+ parts = self.__escaped_split(line, ':')
+ function_name = int(parts[0])
+ args = parts[1:]
+ args_count = len(args)
+ if args_count % 2 != 0:
+ raise TestDataParserError("Number of test arguments should "
+ "be even: %s" % line)
+ grouped_args = [(args[i * 2], args[(i * 2) + 1])
+ for i in range(len(args)/2)]
+ self.tests.append((name, function_name, dependencies,
+ grouped_args))
+
+ def get_test_data(self):
+ """
+ Returns test data.
+ """
+ return self.tests
+
+
+class MbedTlsTest(BaseHostTest):
+ """
+ Host test for Mbed TLS unit tests. This script is loaded at
+ run time by Greentea for executing Mbed TLS test suites. Each
+ communication from the target is received in this object as
+ an event, which is then handled by the event handler method
+ decorated by the associated event. Ex: @event_callback('GO').
+
+ Target test sends requests for dispatching next test. It reads
+ tests from the intermediate data file and sends test function
+ identifier, dependency identifiers, expression identifiers and
+ the test data in binary form. Target test checks dependencies
+ , evaluate integer constant expressions and dispatches the test
+ function with received test parameters. After test function is
+ finished, target sends the result. This class handles the result
+ event and prints verdict in the form that Greentea understands.
+
+ """
+ # status/error codes from suites/helpers.function
+ DEPENDENCY_SUPPORTED = 0
+ KEY_VALUE_MAPPING_FOUND = DEPENDENCY_SUPPORTED
+ DISPATCH_TEST_SUCCESS = DEPENDENCY_SUPPORTED
+
+ KEY_VALUE_MAPPING_NOT_FOUND = -1 # Expression Id not found.
+ DEPENDENCY_NOT_SUPPORTED = -2 # Dependency not supported.
+ DISPATCH_TEST_FN_NOT_FOUND = -3 # Test function not found.
+ DISPATCH_INVALID_TEST_DATA = -4 # Invalid parameter type.
+ DISPATCH_UNSUPPORTED_SUITE = -5 # Test suite not supported/enabled.
+
+ def __init__(self):
+ """
+ Constructor initialises test index to 0.
+ """
+ super(MbedTlsTest, self).__init__()
+ self.tests = []
+ self.test_index = -1
+ self.dep_index = 0
+ self.error_str = dict()
+ self.error_str[self.DEPENDENCY_SUPPORTED] = \
+ 'DEPENDENCY_SUPPORTED'
+ self.error_str[self.KEY_VALUE_MAPPING_NOT_FOUND] = \
+ 'KEY_VALUE_MAPPING_NOT_FOUND'
+ self.error_str[self.DEPENDENCY_NOT_SUPPORTED] = \
+ 'DEPENDENCY_NOT_SUPPORTED'
+ self.error_str[self.DISPATCH_TEST_FN_NOT_FOUND] = \
+ 'DISPATCH_TEST_FN_NOT_FOUND'
+ self.error_str[self.DISPATCH_INVALID_TEST_DATA] = \
+ 'DISPATCH_INVALID_TEST_DATA'
+ self.error_str[self.DISPATCH_UNSUPPORTED_SUITE] = \
+ 'DISPATCH_UNSUPPORTED_SUITE'
+
+ def setup(self):
+ """
+ Setup hook implementation. Reads test suite data file and parses out
+ tests.
+ """
+ binary_path = self.get_config_item('image_path')
+ script_dir = os.path.split(os.path.abspath(__file__))[0]
+ suite_name = os.path.splitext(os.path.basename(binary_path))[0]
+ data_file = ".".join((suite_name, 'data'))
+ data_file = os.path.join(script_dir, '..', 'mbedtls',
+ suite_name, data_file)
+ if os.path.exists(data_file):
+ self.log("Running tests from %s" % data_file)
+ parser = TestDataParser()
+ parser.parse(data_file)
+ self.tests = parser.get_test_data()
+ self.print_test_info()
+ else:
+ self.log("Data file not found: %s" % data_file)
+ self.notify_complete(False)
+
+ def print_test_info(self):
+ """
+ Prints test summary read by Greentea to detect test cases.
+ """
+ self.log('{{__testcase_count;%d}}' % len(self.tests))
+ for name, _, _, _ in self.tests:
+ self.log('{{__testcase_name;%s}}' % name)
+
+ @staticmethod
+ def align_32bit(data_bytes):
+ """
+ 4 byte aligns input byte array.
+
+ :return:
+ """
+ data_bytes += bytearray((4 - (len(data_bytes))) % 4)
+
+ @staticmethod
+ def hex_str_bytes(hex_str):
+ """
+ Converts Hex string representation to byte array
+
+ :param hex_str: Hex in string format.
+ :return: Output Byte array
+ """
+ if hex_str[0] != '"' or hex_str[len(hex_str) - 1] != '"':
+ raise TestDataParserError("HEX test parameter missing '\"':"
+ " %s" % hex_str)
+ hex_str = hex_str.strip('"')
+ if len(hex_str) % 2 != 0:
+ raise TestDataParserError("HEX parameter len should be mod of "
+ "2: %s" % hex_str)
+
+ data_bytes = binascii.unhexlify(hex_str)
+ return data_bytes
+
+ @staticmethod
+ def int32_to_big_endian_bytes(i):
+ """
+ Coverts i to byte array in big endian format.
+
+ :param i: Input integer
+ :return: Output bytes array in big endian or network order
+ """
+ data_bytes = bytearray([((i >> x) & 0xff) for x in [24, 16, 8, 0]])
+ return data_bytes
+
+ def test_vector_to_bytes(self, function_id, dependencies, parameters):
+ """
+ Converts test vector into a byte array that can be sent to the target.
+
+ :param function_id: Test Function Identifier
+ :param dependencies: Dependency list
+ :param parameters: Test function input parameters
+ :return: Byte array and its length
+ """
+ data_bytes = bytearray([len(dependencies)])
+ if dependencies:
+ data_bytes += bytearray(dependencies)
+ data_bytes += bytearray([function_id, len(parameters)])
+ for typ, param in parameters:
+ if typ == 'int' or typ == 'exp':
+ i = int(param)
+ data_bytes += 'I' if typ == 'int' else 'E'
+ self.align_32bit(data_bytes)
+ data_bytes += self.int32_to_big_endian_bytes(i)
+ elif typ == 'char*':
+ param = param.strip('"')
+ i = len(param) + 1 # + 1 for null termination
+ data_bytes += 'S'
+ self.align_32bit(data_bytes)
+ data_bytes += self.int32_to_big_endian_bytes(i)
+ data_bytes += bytearray(list(param))
+ data_bytes += '\0' # Null terminate
+ elif typ == 'hex':
+ binary_data = self.hex_str_bytes(param)
+ data_bytes += 'H'
+ self.align_32bit(data_bytes)
+ i = len(binary_data)
+ data_bytes += self.int32_to_big_endian_bytes(i)
+ data_bytes += binary_data
+ length = self.int32_to_big_endian_bytes(len(data_bytes))
+ return data_bytes, length
+
+ def run_next_test(self):
+ """
+ Fetch next test information and execute the test.
+
+ """
+ self.test_index += 1
+ self.dep_index = 0
+ if self.test_index < len(self.tests):
+ name, function_id, dependencies, args = self.tests[self.test_index]
+ self.run_test(name, function_id, dependencies, args)
+ else:
+ self.notify_complete(True)
+
+ def run_test(self, name, function_id, dependencies, args):
+ """
+ Execute the test on target by sending next test information.
+
+ :param name: Test name
+ :param function_id: function identifier
+ :param dependencies: Dependencies list
+ :param args: test parameters
+ :return:
+ """
+ self.log("Running: %s" % name)
+
+ param_bytes, length = self.test_vector_to_bytes(function_id,
+ dependencies, args)
+ self.send_kv(length, param_bytes)
+
+ @staticmethod
+ def get_result(value):
+ """
+ Converts result from string type to integer
+ :param value: Result code in string
+ :return: Integer result code. Value is from the test status
+ constants defined under the MbedTlsTest class.
+ """
+ try:
+ return int(value)
+ except ValueError:
+ ValueError("Result should return error number. "
+ "Instead received %s" % value)
+
+ @event_callback('GO')
+ def on_go(self, _key, _value, _timestamp):
+ """
+ Sent by the target to start first test.
+
+ :param _key: Event key
+ :param _value: Value. ignored
+ :param _timestamp: Timestamp ignored.
+ :return:
+ """
+ self.run_next_test()
+
+ @event_callback("R")
+ def on_result(self, _key, value, _timestamp):
+ """
+ Handle result. Prints test start, finish required by Greentea
+ to detect test execution.
+
+ :param _key: Event key
+ :param value: Value. ignored
+ :param _timestamp: Timestamp ignored.
+ :return:
+ """
+ int_val = self.get_result(value)
+ name, _, _, _ = self.tests[self.test_index]
+ self.log('{{__testcase_start;%s}}' % name)
+ self.log('{{__testcase_finish;%s;%d;%d}}' % (name, int_val == 0,
+ int_val != 0))
+ self.run_next_test()
+
+ @event_callback("F")
+ def on_failure(self, _key, value, _timestamp):
+ """
+ Handles test execution failure. That means dependency not supported or
+ Test function not supported. Hence marking test as skipped.
+
+ :param _key: Event key
+ :param value: Value. ignored
+ :param _timestamp: Timestamp ignored.
+ :return:
+ """
+ int_val = self.get_result(value)
+ if int_val in self.error_str:
+ err = self.error_str[int_val]
+ else:
+ err = 'Unknown error'
+ # For skip status, do not write {{__testcase_finish;...}}
+ self.log("Error: %s" % err)
+ self.run_next_test()
diff --git a/tests/scripts/recursion.pl b/tests/scripts/recursion.pl
index 3ad42b1..431e592 100755
--- a/tests/scripts/recursion.pl
+++ b/tests/scripts/recursion.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# Find functions making recursive calls to themselves.
# (Multiple recursion where a() calls b() which calls a() not covered.)
diff --git a/tests/scripts/run-test-suites.pl b/tests/scripts/run-test-suites.pl
index f35dfab..6fe6abf 100755
--- a/tests/scripts/run-test-suites.pl
+++ b/tests/scripts/run-test-suites.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# run-test-suites.pl
#
diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl
index b07329c..80d5f38 100755
--- a/tests/scripts/test-ref-configs.pl
+++ b/tests/scripts/test-ref-configs.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/env perl
# test-ref-configs.pl
#
diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py
new file mode 100755
index 0000000..2ef12e1
--- /dev/null
+++ b/tests/scripts/test_generate_test_code.py
@@ -0,0 +1,1753 @@
+#!/usr/bin/env python3
+# Unit test for generate_test_code.py
+#
+# Copyright (C) 2018, Arm Limited, All Rights Reserved
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# This file is part of Mbed TLS (https://tls.mbed.org)
+
+"""
+Unit tests for generate_test_code.py
+"""
+
+
+try:
+ # Python 2
+ from StringIO import StringIO
+except ImportError:
+ # Python 3
+ from io import StringIO
+from unittest import TestCase, main as unittest_main
+try:
+ # Python 2
+ from mock import patch
+except ImportError:
+ # Python 3
+ from unittest.mock import patch
+from generate_test_code import gen_dependencies, gen_dependencies_one_line
+from generate_test_code import gen_function_wrapper, gen_dispatch
+from generate_test_code import parse_until_pattern, GeneratorInputError
+from generate_test_code import parse_suite_dependencies
+from generate_test_code import parse_function_dependencies
+from generate_test_code import parse_function_arguments, parse_function_code
+from generate_test_code import parse_functions, END_HEADER_REGEX
+from generate_test_code import END_SUITE_HELPERS_REGEX, escaped_split
+from generate_test_code import parse_test_data, gen_dep_check
+from generate_test_code import gen_expression_check, write_dependencies
+from generate_test_code import write_parameters, gen_suite_dep_checks
+from generate_test_code import gen_from_test_data
+
+
+class GenDep(TestCase):
+ """
+ Test suite for function gen_dep()
+ """
+
+ def test_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = ['DEP1', 'DEP2']
+ dep_start, dep_end = gen_dependencies(dependencies)
+ preprocessor1, preprocessor2 = dep_start.splitlines()
+ endif1, endif2 = dep_end.splitlines()
+ self.assertEqual(preprocessor1, '#if defined(DEP1)',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(preprocessor2, '#if defined(DEP2)',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(endif1, '#endif /* DEP2 */',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(endif2, '#endif /* DEP1 */',
+ 'Preprocessor generated incorrectly')
+
+ def test_disabled_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = ['!DEP1', '!DEP2']
+ dep_start, dep_end = gen_dependencies(dependencies)
+ preprocessor1, preprocessor2 = dep_start.splitlines()
+ endif1, endif2 = dep_end.splitlines()
+ self.assertEqual(preprocessor1, '#if !defined(DEP1)',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(preprocessor2, '#if !defined(DEP2)',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(endif1, '#endif /* !DEP2 */',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(endif2, '#endif /* !DEP1 */',
+ 'Preprocessor generated incorrectly')
+
+ def test_mixed_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = ['!DEP1', 'DEP2']
+ dep_start, dep_end = gen_dependencies(dependencies)
+ preprocessor1, preprocessor2 = dep_start.splitlines()
+ endif1, endif2 = dep_end.splitlines()
+ self.assertEqual(preprocessor1, '#if !defined(DEP1)',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(preprocessor2, '#if defined(DEP2)',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(endif1, '#endif /* DEP2 */',
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(endif2, '#endif /* !DEP1 */',
+ 'Preprocessor generated incorrectly')
+
+ def test_empty_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = []
+ dep_start, dep_end = gen_dependencies(dependencies)
+ self.assertEqual(dep_start, '', 'Preprocessor generated incorrectly')
+ self.assertEqual(dep_end, '', 'Preprocessor generated incorrectly')
+
+ def test_large_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = []
+ count = 10
+ for i in range(count):
+ dependencies.append('DEP%d' % i)
+ dep_start, dep_end = gen_dependencies(dependencies)
+ self.assertEqual(len(dep_start.splitlines()), count,
+ 'Preprocessor generated incorrectly')
+ self.assertEqual(len(dep_end.splitlines()), count,
+ 'Preprocessor generated incorrectly')
+
+
+class GenDepOneLine(TestCase):
+ """
+ Test Suite for testing gen_dependencies_one_line()
+ """
+
+ def test_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = ['DEP1', 'DEP2']
+ dep_str = gen_dependencies_one_line(dependencies)
+ self.assertEqual(dep_str, '#if defined(DEP1) && defined(DEP2)',
+ 'Preprocessor generated incorrectly')
+
+ def test_disabled_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = ['!DEP1', '!DEP2']
+ dep_str = gen_dependencies_one_line(dependencies)
+ self.assertEqual(dep_str, '#if !defined(DEP1) && !defined(DEP2)',
+ 'Preprocessor generated incorrectly')
+
+ def test_mixed_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = ['!DEP1', 'DEP2']
+ dep_str = gen_dependencies_one_line(dependencies)
+ self.assertEqual(dep_str, '#if !defined(DEP1) && defined(DEP2)',
+ 'Preprocessor generated incorrectly')
+
+ def test_empty_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = []
+ dep_str = gen_dependencies_one_line(dependencies)
+ self.assertEqual(dep_str, '', 'Preprocessor generated incorrectly')
+
+ def test_large_dependencies_list(self):
+ """
+ Test that gen_dep() correctly creates dependencies for given
+ dependency list.
+ :return:
+ """
+ dependencies = []
+ count = 10
+ for i in range(count):
+ dependencies.append('DEP%d' % i)
+ dep_str = gen_dependencies_one_line(dependencies)
+ expected = '#if ' + ' && '.join(['defined(%s)' %
+ x for x in dependencies])
+ self.assertEqual(dep_str, expected,
+ 'Preprocessor generated incorrectly')
+
+
+class GenFunctionWrapper(TestCase):
+ """
+ Test Suite for testing gen_function_wrapper()
+ """
+
+ def test_params_unpack(self):
+ """
+ Test that params are properly unpacked in the function call.
+
+ :return:
+ """
+ code = gen_function_wrapper('test_a', '', ('a', 'b', 'c', 'd'))
+ expected = '''
+void test_a_wrapper( void ** params )
+{
+
+ test_a( a, b, c, d );
+}
+'''
+ self.assertEqual(code, expected)
+
+ def test_local(self):
+ """
+ Test that params are properly unpacked in the function call.
+
+ :return:
+ """
+ code = gen_function_wrapper('test_a',
+ 'int x = 1;', ('x', 'b', 'c', 'd'))
+ expected = '''
+void test_a_wrapper( void ** params )
+{
+int x = 1;
+ test_a( x, b, c, d );
+}
+'''
+ self.assertEqual(code, expected)
+
+ def test_empty_params(self):
+ """
+ Test that params are properly unpacked in the function call.
+
+ :return:
+ """
+ code = gen_function_wrapper('test_a', '', ())
+ expected = '''
+void test_a_wrapper( void ** params )
+{
+ (void)params;
+
+ test_a( );
+}
+'''
+ self.assertEqual(code, expected)
+
+
+class GenDispatch(TestCase):
+ """
+ Test suite for testing gen_dispatch()
+ """
+
+ def test_dispatch(self):
+ """
+ Test that dispatch table entry is generated correctly.
+ :return:
+ """
+ code = gen_dispatch('test_a', ['DEP1', 'DEP2'])
+ expected = '''
+#if defined(DEP1) && defined(DEP2)
+ test_a_wrapper,
+#else
+ NULL,
+#endif
+'''
+ self.assertEqual(code, expected)
+
+ def test_empty_dependencies(self):
+ """
+ Test empty dependency list.
+ :return:
+ """
+ code = gen_dispatch('test_a', [])
+ expected = '''
+ test_a_wrapper,
+'''
+ self.assertEqual(code, expected)
+
+
+class StringIOWrapper(StringIO, object):
+ """
+ file like class to mock file object in tests.
+ """
+ def __init__(self, file_name, data, line_no=0):
+ """
+ Init file handle.
+
+ :param file_name:
+ :param data:
+ :param line_no:
+ """
+ super(StringIOWrapper, self).__init__(data)
+ self.line_no = line_no
+ self.name = file_name
+
+ def next(self):
+ """
+ Iterator method. This method overrides base class's
+ next method and extends the next method to count the line
+ numbers as each line is read.
+
+ :return: Line read from file.
+ """
+ parent = super(StringIOWrapper, self)
+ if getattr(parent, 'next', None):
+ # Python 2
+ line = parent.next()
+ else:
+ # Python 3
+ line = parent.__next__()
+ return line
+
+ # Python 3
+ __next__ = next
+
+ def readline(self, length=0):
+ """
+ Wrap the base class readline.
+
+ :param length:
+ :return:
+ """
+ line = super(StringIOWrapper, self).readline()
+ if line is not None:
+ self.line_no += 1
+ return line
+
+
+class ParseUntilPattern(TestCase):
+ """
+ Test Suite for testing parse_until_pattern().
+ """
+
+ def test_suite_headers(self):
+ """
+ Test that suite headers are parsed correctly.
+
+ :return:
+ """
+ data = '''#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+/* END_HEADER */
+'''
+ expected = '''#line 1 "test_suite_ut.function"
+#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data, line_no=0)
+ headers = parse_until_pattern(stream, END_HEADER_REGEX)
+ self.assertEqual(headers, expected)
+
+ def test_line_no(self):
+ """
+ Test that #line is set to correct line no. in source .function file.
+
+ :return:
+ """
+ data = '''#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+/* END_HEADER */
+'''
+ offset_line_no = 5
+ expected = '''#line %d "test_suite_ut.function"
+#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+''' % (offset_line_no + 1)
+ stream = StringIOWrapper('test_suite_ut.function', data,
+ offset_line_no)
+ headers = parse_until_pattern(stream, END_HEADER_REGEX)
+ self.assertEqual(headers, expected)
+
+ def test_no_end_header_comment(self):
+ """
+ Test that InvalidFileFormat is raised when end header comment is
+ missing.
+ :return:
+ """
+ data = '''#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assertRaises(GeneratorInputError, parse_until_pattern, stream,
+ END_HEADER_REGEX)
+
+
+class ParseSuiteDependencies(TestCase):
+ """
+ Test Suite for testing parse_suite_dependencies().
+ """
+
+ def test_suite_dependencies(self):
+ """
+
+ :return:
+ """
+ data = '''
+ * depends_on:MBEDTLS_ECP_C
+ * END_DEPENDENCIES
+ */
+'''
+ expected = ['MBEDTLS_ECP_C']
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ dependencies = parse_suite_dependencies(stream)
+ self.assertEqual(dependencies, expected)
+
+ def test_no_end_dep_comment(self):
+ """
+ Test that InvalidFileFormat is raised when end dep comment is missing.
+ :return:
+ """
+ data = '''
+* depends_on:MBEDTLS_ECP_C
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assertRaises(GeneratorInputError, parse_suite_dependencies,
+ stream)
+
+ def test_dependencies_split(self):
+ """
+ Test that InvalidFileFormat is raised when end dep comment is missing.
+ :return:
+ """
+ data = '''
+ * depends_on:MBEDTLS_ECP_C:A:B: C : D :F : G: !H
+ * END_DEPENDENCIES
+ */
+'''
+ expected = ['MBEDTLS_ECP_C', 'A', 'B', 'C', 'D', 'F', 'G', '!H']
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ dependencies = parse_suite_dependencies(stream)
+ self.assertEqual(dependencies, expected)
+
+
+class ParseFuncDependencies(TestCase):
+ """
+ Test Suite for testing parse_function_dependencies()
+ """
+
+ def test_function_dependencies(self):
+ """
+ Test that parse_function_dependencies() correctly parses function
+ dependencies.
+ :return:
+ """
+ line = '/* BEGIN_CASE ' \
+ 'depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */'
+ expected = ['MBEDTLS_ENTROPY_NV_SEED', 'MBEDTLS_FS_IO']
+ dependencies = parse_function_dependencies(line)
+ self.assertEqual(dependencies, expected)
+
+ def test_no_dependencies(self):
+ """
+ Test that parse_function_dependencies() correctly parses function
+ dependencies.
+ :return:
+ """
+ line = '/* BEGIN_CASE */'
+ dependencies = parse_function_dependencies(line)
+ self.assertEqual(dependencies, [])
+
+ def test_tolerance(self):
+ """
+ Test that parse_function_dependencies() correctly parses function
+ dependencies.
+ :return:
+ """
+ line = '/* BEGIN_CASE depends_on:MBEDTLS_FS_IO: A : !B:C : F*/'
+ dependencies = parse_function_dependencies(line)
+ self.assertEqual(dependencies, ['MBEDTLS_FS_IO', 'A', '!B', 'C', 'F'])
+
+
+class ParseFuncSignature(TestCase):
+ """
+ Test Suite for parse_function_arguments().
+ """
+
+ def test_int_and_char_params(self):
+ """
+ Test int and char parameters parsing
+ :return:
+ """
+ line = 'void entropy_threshold( char * a, int b, int result )'
+ args, local, arg_dispatch = parse_function_arguments(line)
+ self.assertEqual(args, ['char*', 'int', 'int'])
+ self.assertEqual(local, '')
+ self.assertEqual(arg_dispatch, ['(char *) params[0]',
+ '*( (int *) params[1] )',
+ '*( (int *) params[2] )'])
+
+ def test_hex_params(self):
+ """
+ Test hex parameters parsing
+ :return:
+ """
+ line = 'void entropy_threshold( char * a, data_t * h, int result )'
+ args, local, arg_dispatch = parse_function_arguments(line)
+ self.assertEqual(args, ['char*', 'hex', 'int'])
+ self.assertEqual(local,
+ ' data_t data1 = {(uint8_t *) params[1], '
+ '*( (uint32_t *) params[2] )};\n')
+ self.assertEqual(arg_dispatch, ['(char *) params[0]',
+ '&data1',
+ '*( (int *) params[3] )'])
+
+ def test_unsupported_arg(self):
+ """
+ Test unsupported arguments (not among int, char * and data_t)
+ :return:
+ """
+ line = 'void entropy_threshold( char * a, data_t * h, char result )'
+ self.assertRaises(ValueError, parse_function_arguments, line)
+
+ def test_no_params(self):
+ """
+ Test no parameters.
+ :return:
+ """
+ line = 'void entropy_threshold()'
+ args, local, arg_dispatch = parse_function_arguments(line)
+ self.assertEqual(args, [])
+ self.assertEqual(local, '')
+ self.assertEqual(arg_dispatch, [])
+
+
+class ParseFunctionCode(TestCase):
+ """
+ Test suite for testing parse_function_code()
+ """
+
+ def assert_raises_regex(self, exp, regex, func, *args):
+ """
+ Python 2 & 3 portable wrapper of assertRaisesRegex(p)? function.
+
+ :param exp: Exception type expected to be raised by cb.
+ :param regex: Expected exception message
+ :param func: callable object under test
+ :param args: variable positional arguments
+ """
+ parent = super(ParseFunctionCode, self)
+
+ # Pylint does not appreciate that the super method called
+ # conditionally can be available in other Python version
+ # then that of Pylint.
+ # Workaround is to call the method via getattr.
+ # Pylint ignores that the method got via getattr is
+ # conditionally executed. Method has to be a callable.
+ # Hence, using a dummy callable for getattr default.
+ dummy = lambda *x: None
+ # First Python 3 assertRaisesRegex is checked, since Python 2
+ # assertRaisesRegexp is also available in Python 3 but is
+ # marked deprecated.
+ for name in ('assertRaisesRegex', 'assertRaisesRegexp'):
+ method = getattr(parent, name, dummy)
+ if method is not dummy:
+ method(exp, regex, func, *args)
+ break
+ else:
+ raise AttributeError(" 'ParseFunctionCode' object has no attribute"
+ " 'assertRaisesRegex' or 'assertRaisesRegexp'"
+ )
+
+ def test_no_function(self):
+ """
+ Test no test function found.
+ :return:
+ """
+ data = '''
+No
+test
+function
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ err_msg = 'file: test_suite_ut.function - Test functions not found!'
+ self.assert_raises_regex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
+
+ def test_no_end_case_comment(self):
+ """
+ Test missing end case.
+ :return:
+ """
+ data = '''
+void test_func()
+{
+}
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ err_msg = r'file: test_suite_ut.function - '\
+ 'end case pattern .*? not found!'
+ self.assert_raises_regex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
+
+ @patch("generate_test_code.parse_function_arguments")
+ def test_function_called(self,
+ parse_function_arguments_mock):
+ """
+ Test parse_function_code()
+ :return:
+ """
+ parse_function_arguments_mock.return_value = ([], '', [])
+ data = '''
+void test_func()
+{
+}
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assertRaises(GeneratorInputError, parse_function_code,
+ stream, [], [])
+ self.assertTrue(parse_function_arguments_mock.called)
+ parse_function_arguments_mock.assert_called_with('void test_func()\n')
+
+ @patch("generate_test_code.gen_dispatch")
+ @patch("generate_test_code.gen_dependencies")
+ @patch("generate_test_code.gen_function_wrapper")
+ @patch("generate_test_code.parse_function_arguments")
+ def test_return(self, parse_function_arguments_mock,
+ gen_function_wrapper_mock,
+ gen_dependencies_mock,
+ gen_dispatch_mock):
+ """
+ Test generated code.
+ :return:
+ """
+ parse_function_arguments_mock.return_value = ([], '', [])
+ gen_function_wrapper_mock.return_value = ''
+ gen_dependencies_mock.side_effect = gen_dependencies
+ gen_dispatch_mock.side_effect = gen_dispatch
+ data = '''
+void func()
+{
+ ba ba black sheep
+ have you any wool
+}
+/* END_CASE */
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ name, arg, code, dispatch_code = parse_function_code(stream, [], [])
+
+ self.assertTrue(parse_function_arguments_mock.called)
+ parse_function_arguments_mock.assert_called_with('void func()\n')
+ gen_function_wrapper_mock.assert_called_with('test_func', '', [])
+ self.assertEqual(name, 'test_func')
+ self.assertEqual(arg, [])
+ expected = '''#line 1 "test_suite_ut.function"
+
+void test_func()
+{
+ ba ba black sheep
+ have you any wool
+exit:
+ ;
+}
+'''
+ self.assertEqual(code, expected)
+ self.assertEqual(dispatch_code, "\n test_func_wrapper,\n")
+
+ @patch("generate_test_code.gen_dispatch")
+ @patch("generate_test_code.gen_dependencies")
+ @patch("generate_test_code.gen_function_wrapper")
+ @patch("generate_test_code.parse_function_arguments")
+ def test_with_exit_label(self, parse_function_arguments_mock,
+ gen_function_wrapper_mock,
+ gen_dependencies_mock,
+ gen_dispatch_mock):
+ """
+ Test when exit label is present.
+ :return:
+ """
+ parse_function_arguments_mock.return_value = ([], '', [])
+ gen_function_wrapper_mock.return_value = ''
+ gen_dependencies_mock.side_effect = gen_dependencies
+ gen_dispatch_mock.side_effect = gen_dispatch
+ data = '''
+void func()
+{
+ ba ba black sheep
+ have you any wool
+exit:
+ yes sir yes sir
+ 3 bags full
+}
+/* END_CASE */
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ _, _, code, _ = parse_function_code(stream, [], [])
+
+ expected = '''#line 1 "test_suite_ut.function"
+
+void test_func()
+{
+ ba ba black sheep
+ have you any wool
+exit:
+ yes sir yes sir
+ 3 bags full
+}
+'''
+ self.assertEqual(code, expected)
+
+ def test_non_void_function(self):
+ """
+ Test invalid signature (non void).
+ :return:
+ """
+ data = 'int entropy_threshold( char * a, data_t * h, int result )'
+ err_msg = 'file: test_suite_ut.function - Test functions not found!'
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assert_raises_regex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
+
+ @patch("generate_test_code.gen_dispatch")
+ @patch("generate_test_code.gen_dependencies")
+ @patch("generate_test_code.gen_function_wrapper")
+ @patch("generate_test_code.parse_function_arguments")
+ def test_functio_name_on_newline(self, parse_function_arguments_mock,
+ gen_function_wrapper_mock,
+ gen_dependencies_mock,
+ gen_dispatch_mock):
+ """
+ Test when exit label is present.
+ :return:
+ """
+ parse_function_arguments_mock.return_value = ([], '', [])
+ gen_function_wrapper_mock.return_value = ''
+ gen_dependencies_mock.side_effect = gen_dependencies
+ gen_dispatch_mock.side_effect = gen_dispatch
+ data = '''
+void
+
+
+func()
+{
+ ba ba black sheep
+ have you any wool
+exit:
+ yes sir yes sir
+ 3 bags full
+}
+/* END_CASE */
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ _, _, code, _ = parse_function_code(stream, [], [])
+
+ expected = '''#line 1 "test_suite_ut.function"
+
+void
+
+
+test_func()
+{
+ ba ba black sheep
+ have you any wool
+exit:
+ yes sir yes sir
+ 3 bags full
+}
+'''
+ self.assertEqual(code, expected)
+
+
+class ParseFunction(TestCase):
+ """
+ Test Suite for testing parse_functions()
+ """
+
+ @patch("generate_test_code.parse_until_pattern")
+ def test_begin_header(self, parse_until_pattern_mock):
+ """
+ Test that begin header is checked and parse_until_pattern() is called.
+ :return:
+ """
+ def stop(*_unused):
+ """Stop when parse_until_pattern is called."""
+ raise Exception
+ parse_until_pattern_mock.side_effect = stop
+ data = '''/* BEGIN_HEADER */
+#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+/* END_HEADER */
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assertRaises(Exception, parse_functions, stream)
+ parse_until_pattern_mock.assert_called_with(stream, END_HEADER_REGEX)
+ self.assertEqual(stream.line_no, 1)
+
+ @patch("generate_test_code.parse_until_pattern")
+ def test_begin_helper(self, parse_until_pattern_mock):
+ """
+ Test that begin helper is checked and parse_until_pattern() is called.
+ :return:
+ """
+ def stop(*_unused):
+ """Stop when parse_until_pattern is called."""
+ raise Exception
+ parse_until_pattern_mock.side_effect = stop
+ data = '''/* BEGIN_SUITE_HELPERS */
+void print_hello_world()
+{
+ printf("Hello World!\n");
+}
+/* END_SUITE_HELPERS */
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assertRaises(Exception, parse_functions, stream)
+ parse_until_pattern_mock.assert_called_with(stream,
+ END_SUITE_HELPERS_REGEX)
+ self.assertEqual(stream.line_no, 1)
+
+ @patch("generate_test_code.parse_suite_dependencies")
+ def test_begin_dep(self, parse_suite_dependencies_mock):
+ """
+ Test that begin dep is checked and parse_suite_dependencies() is
+ called.
+ :return:
+ """
+ def stop(*_unused):
+ """Stop when parse_until_pattern is called."""
+ raise Exception
+ parse_suite_dependencies_mock.side_effect = stop
+ data = '''/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ECP_C
+ * END_DEPENDENCIES
+ */
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assertRaises(Exception, parse_functions, stream)
+ parse_suite_dependencies_mock.assert_called_with(stream)
+ self.assertEqual(stream.line_no, 1)
+
+ @patch("generate_test_code.parse_function_dependencies")
+ def test_begin_function_dep(self, func_mock):
+ """
+ Test that begin dep is checked and parse_function_dependencies() is
+ called.
+ :return:
+ """
+ def stop(*_unused):
+ """Stop when parse_until_pattern is called."""
+ raise Exception
+ func_mock.side_effect = stop
+
+ dependencies_str = '/* BEGIN_CASE ' \
+ 'depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */\n'
+ data = '''%svoid test_func()
+{
+}
+''' % dependencies_str
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assertRaises(Exception, parse_functions, stream)
+ func_mock.assert_called_with(dependencies_str)
+ self.assertEqual(stream.line_no, 1)
+
+ @patch("generate_test_code.parse_function_code")
+ @patch("generate_test_code.parse_function_dependencies")
+ def test_return(self, func_mock1, func_mock2):
+ """
+ Test that begin case is checked and parse_function_code() is called.
+ :return:
+ """
+ func_mock1.return_value = []
+ in_func_code = '''void test_func()
+{
+}
+'''
+ func_dispatch = '''
+ test_func_wrapper,
+'''
+ func_mock2.return_value = 'test_func', [],\
+ in_func_code, func_dispatch
+ dependencies_str = '/* BEGIN_CASE ' \
+ 'depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */\n'
+ data = '''%svoid test_func()
+{
+}
+''' % dependencies_str
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ suite_dependencies, dispatch_code, func_code, func_info = \
+ parse_functions(stream)
+ func_mock1.assert_called_with(dependencies_str)
+ func_mock2.assert_called_with(stream, [], [])
+ self.assertEqual(stream.line_no, 5)
+ self.assertEqual(suite_dependencies, [])
+ expected_dispatch_code = '''/* Function Id: 0 */
+
+ test_func_wrapper,
+'''
+ self.assertEqual(dispatch_code, expected_dispatch_code)
+ self.assertEqual(func_code, in_func_code)
+ self.assertEqual(func_info, {'test_func': (0, [])})
+
+ def test_parsing(self):
+ """
+ Test case parsing.
+ :return:
+ """
+ data = '''/* BEGIN_HEADER */
+#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ECP_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
+void func1()
+{
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
+void func2()
+{
+}
+/* END_CASE */
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ suite_dependencies, dispatch_code, func_code, func_info = \
+ parse_functions(stream)
+ self.assertEqual(stream.line_no, 23)
+ self.assertEqual(suite_dependencies, ['MBEDTLS_ECP_C'])
+
+ expected_dispatch_code = '''/* Function Id: 0 */
+
+#if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_FS_IO)
+ test_func1_wrapper,
+#else
+ NULL,
+#endif
+/* Function Id: 1 */
+
+#if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_FS_IO)
+ test_func2_wrapper,
+#else
+ NULL,
+#endif
+'''
+ self.assertEqual(dispatch_code, expected_dispatch_code)
+ expected_func_code = '''#if defined(MBEDTLS_ECP_C)
+#line 2 "test_suite_ut.function"
+#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+#if defined(MBEDTLS_FS_IO)
+#line 13 "test_suite_ut.function"
+void test_func1()
+{
+exit:
+ ;
+}
+
+void test_func1_wrapper( void ** params )
+{
+ (void)params;
+
+ test_func1( );
+}
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+#if defined(MBEDTLS_FS_IO)
+#line 19 "test_suite_ut.function"
+void test_func2()
+{
+exit:
+ ;
+}
+
+void test_func2_wrapper( void ** params )
+{
+ (void)params;
+
+ test_func2( );
+}
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+#endif /* MBEDTLS_ECP_C */
+'''
+ self.assertEqual(func_code, expected_func_code)
+ self.assertEqual(func_info, {'test_func1': (0, []),
+ 'test_func2': (1, [])})
+
+ def test_same_function_name(self):
+ """
+ Test name conflict.
+ :return:
+ """
+ data = '''/* BEGIN_HEADER */
+#include "mbedtls/ecp.h"
+
+#define ECP_PF_UNKNOWN -1
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ECP_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
+void func()
+{
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
+void func()
+{
+}
+/* END_CASE */
+'''
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ self.assertRaises(GeneratorInputError, parse_functions, stream)
+
+
+class EscapedSplit(TestCase):
+ """
+ Test suite for testing escaped_split().
+ Note: Since escaped_split() output is used to write back to the
+ intermediate data file. Any escape characters in the input are
+ retained in the output.
+ """
+
+ def test_invalid_input(self):
+ """
+ Test when input split character is not a character.
+ :return:
+ """
+ self.assertRaises(ValueError, escaped_split, '', 'string')
+
+ def test_empty_string(self):
+ """
+ Test empty string input.
+ :return:
+ """
+ splits = escaped_split('', ':')
+ self.assertEqual(splits, [])
+
+ def test_no_escape(self):
+ """
+ Test with no escape character. The behaviour should be same as
+ str.split()
+ :return:
+ """
+ test_str = 'yahoo:google'
+ splits = escaped_split(test_str, ':')
+ self.assertEqual(splits, test_str.split(':'))
+
+ def test_escaped_input(self):
+ """
+ Test input that has escaped delimiter.
+ :return:
+ """
+ test_str = r'yahoo\:google:facebook'
+ splits = escaped_split(test_str, ':')
+ self.assertEqual(splits, [r'yahoo\:google', 'facebook'])
+
+ def test_escaped_escape(self):
+ """
+ Test input that has escaped delimiter.
+ :return:
+ """
+ test_str = r'yahoo\\:google:facebook'
+ splits = escaped_split(test_str, ':')
+ self.assertEqual(splits, [r'yahoo\\', 'google', 'facebook'])
+
+ def test_all_at_once(self):
+ """
+ Test input that has escaped delimiter.
+ :return:
+ """
+ test_str = r'yahoo\\:google:facebook\:instagram\\:bbc\\:wikipedia'
+ splits = escaped_split(test_str, ':')
+ self.assertEqual(splits, [r'yahoo\\', r'google',
+ r'facebook\:instagram\\',
+ r'bbc\\', r'wikipedia'])
+
+
+class ParseTestData(TestCase):
+ """
+ Test suite for parse test data.
+ """
+
+ def test_parser(self):
+ """
+ Test that tests are parsed correctly from data file.
+ :return:
+ """
+ data = """
+Diffie-Hellman full exchange #1
+dhm_do_dhm:10:"23":10:"5"
+
+Diffie-Hellman full exchange #2
+dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622"
+
+Diffie-Hellman full exchange #3
+dhm_do_dhm:10:"9345098382739712938719287391879381271":10:"9345098792137312973297123912791271"
+
+Diffie-Hellman selftest
+dhm_selftest:
+"""
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ tests = [(name, test_function, dependencies, args)
+ for name, test_function, dependencies, args in
+ parse_test_data(stream)]
+ test1, test2, test3, test4 = tests
+ self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
+ self.assertEqual(test1[1], 'dhm_do_dhm')
+ self.assertEqual(test1[2], [])
+ self.assertEqual(test1[3], ['10', '"23"', '10', '"5"'])
+
+ self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2')
+ self.assertEqual(test2[1], 'dhm_do_dhm')
+ self.assertEqual(test2[2], [])
+ self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"',
+ '10', '"9345098304850938450983409622"'])
+
+ self.assertEqual(test3[0], 'Diffie-Hellman full exchange #3')
+ self.assertEqual(test3[1], 'dhm_do_dhm')
+ self.assertEqual(test3[2], [])
+ self.assertEqual(test3[3], ['10',
+ '"9345098382739712938719287391879381271"',
+ '10',
+ '"9345098792137312973297123912791271"'])
+
+ self.assertEqual(test4[0], 'Diffie-Hellman selftest')
+ self.assertEqual(test4[1], 'dhm_selftest')
+ self.assertEqual(test4[2], [])
+ self.assertEqual(test4[3], [])
+
+ def test_with_dependencies(self):
+ """
+ Test that tests with dependencies are parsed.
+ :return:
+ """
+ data = """
+Diffie-Hellman full exchange #1
+depends_on:YAHOO
+dhm_do_dhm:10:"23":10:"5"
+
+Diffie-Hellman full exchange #2
+dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622"
+
+"""
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ tests = [(name, function_name, dependencies, args)
+ for name, function_name, dependencies, args in
+ parse_test_data(stream)]
+ test1, test2 = tests
+ self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
+ self.assertEqual(test1[1], 'dhm_do_dhm')
+ self.assertEqual(test1[2], ['YAHOO'])
+ self.assertEqual(test1[3], ['10', '"23"', '10', '"5"'])
+
+ self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2')
+ self.assertEqual(test2[1], 'dhm_do_dhm')
+ self.assertEqual(test2[2], [])
+ self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"',
+ '10', '"9345098304850938450983409622"'])
+
+ def test_no_args(self):
+ """
+ Test GeneratorInputError is raised when test function name and
+ args line is missing.
+ :return:
+ """
+ data = """
+Diffie-Hellman full exchange #1
+depends_on:YAHOO
+
+
+Diffie-Hellman full exchange #2
+dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622"
+
+"""
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ err = None
+ try:
+ for _, _, _, _ in parse_test_data(stream):
+ pass
+ except GeneratorInputError as err:
+ self.assertEqual(type(err), GeneratorInputError)
+
+ def test_incomplete_data(self):
+ """
+ Test GeneratorInputError is raised when test function name
+ and args line is missing.
+ :return:
+ """
+ data = """
+Diffie-Hellman full exchange #1
+depends_on:YAHOO
+"""
+ stream = StringIOWrapper('test_suite_ut.function', data)
+ err = None
+ try:
+ for _, _, _, _ in parse_test_data(stream):
+ pass
+ except GeneratorInputError as err:
+ self.assertEqual(type(err), GeneratorInputError)
+
+
+class GenDepCheck(TestCase):
+ """
+ Test suite for gen_dep_check(). It is assumed this function is
+ called with valid inputs.
+ """
+
+ def test_gen_dep_check(self):
+ """
+ Test that dependency check code generated correctly.
+ :return:
+ """
+ expected = """
+ case 5:
+ {
+#if defined(YAHOO)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;"""
+ out = gen_dep_check(5, 'YAHOO')
+ self.assertEqual(out, expected)
+
+ def test_not_defined_dependency(self):
+ """
+ Test dependency with !.
+ :return:
+ """
+ expected = """
+ case 5:
+ {
+#if !defined(YAHOO)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;"""
+ out = gen_dep_check(5, '!YAHOO')
+ self.assertEqual(out, expected)
+
+ def test_empty_dependency(self):
+ """
+ Test invalid dependency input.
+ :return:
+ """
+ self.assertRaises(GeneratorInputError, gen_dep_check, 5, '!')
+
+ def test_negative_dep_id(self):
+ """
+ Test invalid dependency input.
+ :return:
+ """
+ self.assertRaises(GeneratorInputError, gen_dep_check, -1, 'YAHOO')
+
+
+class GenExpCheck(TestCase):
+ """
+ Test suite for gen_expression_check(). It is assumed this function
+ is called with valid inputs.
+ """
+
+ def test_gen_exp_check(self):
+ """
+ Test that expression check code generated correctly.
+ :return:
+ """
+ expected = """
+ case 5:
+ {
+ *out_value = YAHOO;
+ }
+ break;"""
+ out = gen_expression_check(5, 'YAHOO')
+ self.assertEqual(out, expected)
+
+ def test_invalid_expression(self):
+ """
+ Test invalid expression input.
+ :return:
+ """
+ self.assertRaises(GeneratorInputError, gen_expression_check, 5, '')
+
+ def test_negative_exp_id(self):
+ """
+ Test invalid expression id.
+ :return:
+ """
+ self.assertRaises(GeneratorInputError, gen_expression_check,
+ -1, 'YAHOO')
+
+
+class WriteDependencies(TestCase):
+ """
+ Test suite for testing write_dependencies.
+ """
+
+ def test_no_test_dependencies(self):
+ """
+ Test when test dependencies input is empty.
+ :return:
+ """
+ stream = StringIOWrapper('test_suite_ut.data', '')
+ unique_dependencies = []
+ dep_check_code = write_dependencies(stream, [], unique_dependencies)
+ self.assertEqual(dep_check_code, '')
+ self.assertEqual(len(unique_dependencies), 0)
+ self.assertEqual(stream.getvalue(), '')
+
+ def test_unique_dep_ids(self):
+ """
+
+ :return:
+ """
+ stream = StringIOWrapper('test_suite_ut.data', '')
+ unique_dependencies = []
+ dep_check_code = write_dependencies(stream, ['DEP3', 'DEP2', 'DEP1'],
+ unique_dependencies)
+ expect_dep_check_code = '''
+ case 0:
+ {
+#if defined(DEP3)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;
+ case 1:
+ {
+#if defined(DEP2)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;
+ case 2:
+ {
+#if defined(DEP1)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;'''
+ self.assertEqual(dep_check_code, expect_dep_check_code)
+ self.assertEqual(len(unique_dependencies), 3)
+ self.assertEqual(stream.getvalue(), 'depends_on:0:1:2\n')
+
+ def test_dep_id_repeat(self):
+ """
+
+ :return:
+ """
+ stream = StringIOWrapper('test_suite_ut.data', '')
+ unique_dependencies = []
+ dep_check_code = ''
+ dep_check_code += write_dependencies(stream, ['DEP3', 'DEP2'],
+ unique_dependencies)
+ dep_check_code += write_dependencies(stream, ['DEP2', 'DEP1'],
+ unique_dependencies)
+ dep_check_code += write_dependencies(stream, ['DEP1', 'DEP3'],
+ unique_dependencies)
+ expect_dep_check_code = '''
+ case 0:
+ {
+#if defined(DEP3)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;
+ case 1:
+ {
+#if defined(DEP2)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;
+ case 2:
+ {
+#if defined(DEP1)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;'''
+ self.assertEqual(dep_check_code, expect_dep_check_code)
+ self.assertEqual(len(unique_dependencies), 3)
+ self.assertEqual(stream.getvalue(),
+ 'depends_on:0:1\ndepends_on:1:2\ndepends_on:2:0\n')
+
+
+class WriteParams(TestCase):
+ """
+ Test Suite for testing write_parameters().
+ """
+
+ def test_no_params(self):
+ """
+ Test with empty test_args
+ :return:
+ """
+ stream = StringIOWrapper('test_suite_ut.data', '')
+ unique_expressions = []
+ expression_code = write_parameters(stream, [], [], unique_expressions)
+ self.assertEqual(len(unique_expressions), 0)
+ self.assertEqual(expression_code, '')
+ self.assertEqual(stream.getvalue(), '\n')
+
+ def test_no_exp_param(self):
+ """
+ Test when there is no macro or expression in the params.
+ :return:
+ """
+ stream = StringIOWrapper('test_suite_ut.data', '')
+ unique_expressions = []
+ expression_code = write_parameters(stream, ['"Yahoo"', '"abcdef00"',
+ '0'],
+ ['char*', 'hex', 'int'],
+ unique_expressions)
+ self.assertEqual(len(unique_expressions), 0)
+ self.assertEqual(expression_code, '')
+ self.assertEqual(stream.getvalue(),
+ ':char*:"Yahoo":hex:"abcdef00":int:0\n')
+
+ def test_hex_format_int_param(self):
+ """
+ Test int parameter in hex format.
+ :return:
+ """
+ stream = StringIOWrapper('test_suite_ut.data', '')
+ unique_expressions = []
+ expression_code = write_parameters(stream,
+ ['"Yahoo"', '"abcdef00"', '0xAA'],
+ ['char*', 'hex', 'int'],
+ unique_expressions)
+ self.assertEqual(len(unique_expressions), 0)
+ self.assertEqual(expression_code, '')
+ self.assertEqual(stream.getvalue(),
+ ':char*:"Yahoo":hex:"abcdef00":int:0xAA\n')
+
+ def test_with_exp_param(self):
+ """
+ Test when there is macro or expression in the params.
+ :return:
+ """
+ stream = StringIOWrapper('test_suite_ut.data', '')
+ unique_expressions = []
+ expression_code = write_parameters(stream,
+ ['"Yahoo"', '"abcdef00"', '0',
+ 'MACRO1', 'MACRO2', 'MACRO3'],
+ ['char*', 'hex', 'int',
+ 'int', 'int', 'int'],
+ unique_expressions)
+ self.assertEqual(len(unique_expressions), 3)
+ self.assertEqual(unique_expressions, ['MACRO1', 'MACRO2', 'MACRO3'])
+ expected_expression_code = '''
+ case 0:
+ {
+ *out_value = MACRO1;
+ }
+ break;
+ case 1:
+ {
+ *out_value = MACRO2;
+ }
+ break;
+ case 2:
+ {
+ *out_value = MACRO3;
+ }
+ break;'''
+ self.assertEqual(expression_code, expected_expression_code)
+ self.assertEqual(stream.getvalue(),
+ ':char*:"Yahoo":hex:"abcdef00":int:0:exp:0:exp:1'
+ ':exp:2\n')
+
+ def test_with_repeat_calls(self):
+ """
+ Test when write_parameter() is called with same macro or expression.
+ :return:
+ """
+ stream = StringIOWrapper('test_suite_ut.data', '')
+ unique_expressions = []
+ expression_code = ''
+ expression_code += write_parameters(stream,
+ ['"Yahoo"', 'MACRO1', 'MACRO2'],
+ ['char*', 'int', 'int'],
+ unique_expressions)
+ expression_code += write_parameters(stream,
+ ['"abcdef00"', 'MACRO2', 'MACRO3'],
+ ['hex', 'int', 'int'],
+ unique_expressions)
+ expression_code += write_parameters(stream,
+ ['0', 'MACRO3', 'MACRO1'],
+ ['int', 'int', 'int'],
+ unique_expressions)
+ self.assertEqual(len(unique_expressions), 3)
+ self.assertEqual(unique_expressions, ['MACRO1', 'MACRO2', 'MACRO3'])
+ expected_expression_code = '''
+ case 0:
+ {
+ *out_value = MACRO1;
+ }
+ break;
+ case 1:
+ {
+ *out_value = MACRO2;
+ }
+ break;
+ case 2:
+ {
+ *out_value = MACRO3;
+ }
+ break;'''
+ self.assertEqual(expression_code, expected_expression_code)
+ expected_data_file = ''':char*:"Yahoo":exp:0:exp:1
+:hex:"abcdef00":exp:1:exp:2
+:int:0:exp:2:exp:0
+'''
+ self.assertEqual(stream.getvalue(), expected_data_file)
+
+
+class GenTestSuiteDependenciesChecks(TestCase):
+ """
+ Test suite for testing gen_suite_dep_checks()
+ """
+ def test_empty_suite_dependencies(self):
+ """
+ Test with empty suite_dependencies list.
+
+ :return:
+ """
+ dep_check_code, expression_code = \
+ gen_suite_dep_checks([], 'DEP_CHECK_CODE', 'EXPRESSION_CODE')
+ self.assertEqual(dep_check_code, 'DEP_CHECK_CODE')
+ self.assertEqual(expression_code, 'EXPRESSION_CODE')
+
+ def test_suite_dependencies(self):
+ """
+ Test with suite_dependencies list.
+
+ :return:
+ """
+ dep_check_code, expression_code = \
+ gen_suite_dep_checks(['SUITE_DEP'], 'DEP_CHECK_CODE',
+ 'EXPRESSION_CODE')
+ expected_dep_check_code = '''
+#if defined(SUITE_DEP)
+DEP_CHECK_CODE
+#endif
+'''
+ expected_expression_code = '''
+#if defined(SUITE_DEP)
+EXPRESSION_CODE
+#endif
+'''
+ self.assertEqual(dep_check_code, expected_dep_check_code)
+ self.assertEqual(expression_code, expected_expression_code)
+
+ def test_no_dep_no_exp(self):
+ """
+ Test when there are no dependency and expression code.
+ :return:
+ """
+ dep_check_code, expression_code = gen_suite_dep_checks([], '', '')
+ self.assertEqual(dep_check_code, '')
+ self.assertEqual(expression_code, '')
+
+
+class GenFromTestData(TestCase):
+ """
+ Test suite for gen_from_test_data()
+ """
+
+ @staticmethod
+ @patch("generate_test_code.write_dependencies")
+ @patch("generate_test_code.write_parameters")
+ @patch("generate_test_code.gen_suite_dep_checks")
+ def test_intermediate_data_file(func_mock1,
+ write_parameters_mock,
+ write_dependencies_mock):
+ """
+ Test that intermediate data file is written with expected data.
+ :return:
+ """
+ data = '''
+My test
+depends_on:DEP1
+func1:0
+'''
+ data_f = StringIOWrapper('test_suite_ut.data', data)
+ out_data_f = StringIOWrapper('test_suite_ut.datax', '')
+ func_info = {'test_func1': (1, ('int',))}
+ suite_dependencies = []
+ write_parameters_mock.side_effect = write_parameters
+ write_dependencies_mock.side_effect = write_dependencies
+ func_mock1.side_effect = gen_suite_dep_checks
+ gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies)
+ write_dependencies_mock.assert_called_with(out_data_f,
+ ['DEP1'], ['DEP1'])
+ write_parameters_mock.assert_called_with(out_data_f, ['0'],
+ ('int',), [])
+ expected_dep_check_code = '''
+ case 0:
+ {
+#if defined(DEP1)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;'''
+ func_mock1.assert_called_with(
+ suite_dependencies, expected_dep_check_code, '')
+
+ def test_function_not_found(self):
+ """
+ Test that AssertError is raised when function info in not found.
+ :return:
+ """
+ data = '''
+My test
+depends_on:DEP1
+func1:0
+'''
+ data_f = StringIOWrapper('test_suite_ut.data', data)
+ out_data_f = StringIOWrapper('test_suite_ut.datax', '')
+ func_info = {'test_func2': (1, ('int',))}
+ suite_dependencies = []
+ self.assertRaises(GeneratorInputError, gen_from_test_data,
+ data_f, out_data_f, func_info, suite_dependencies)
+
+ def test_different_func_args(self):
+ """
+ Test that AssertError is raised when no. of parameters and
+ function args differ.
+ :return:
+ """
+ data = '''
+My test
+depends_on:DEP1
+func1:0
+'''
+ data_f = StringIOWrapper('test_suite_ut.data', data)
+ out_data_f = StringIOWrapper('test_suite_ut.datax', '')
+ func_info = {'test_func2': (1, ('int', 'hex'))}
+ suite_dependencies = []
+ self.assertRaises(GeneratorInputError, gen_from_test_data, data_f,
+ out_data_f, func_info, suite_dependencies)
+
+ def test_output(self):
+ """
+ Test that intermediate data file is written with expected data.
+ :return:
+ """
+ data = '''
+My test 1
+depends_on:DEP1
+func1:0:0xfa:MACRO1:MACRO2
+
+My test 2
+depends_on:DEP1:DEP2
+func2:"yahoo":88:MACRO1
+'''
+ data_f = StringIOWrapper('test_suite_ut.data', data)
+ out_data_f = StringIOWrapper('test_suite_ut.datax', '')
+ func_info = {'test_func1': (0, ('int', 'int', 'int', 'int')),
+ 'test_func2': (1, ('char*', 'int', 'int'))}
+ suite_dependencies = []
+ dep_check_code, expression_code = \
+ gen_from_test_data(data_f, out_data_f, func_info,
+ suite_dependencies)
+ expected_dep_check_code = '''
+ case 0:
+ {
+#if defined(DEP1)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;
+ case 1:
+ {
+#if defined(DEP2)
+ ret = DEPENDENCY_SUPPORTED;
+#else
+ ret = DEPENDENCY_NOT_SUPPORTED;
+#endif
+ }
+ break;'''
+ expected_data = '''My test 1
+depends_on:0
+0:int:0:int:0xfa:exp:0:exp:1
+
+My test 2
+depends_on:0:1
+1:char*:"yahoo":int:88:exp:0
+
+'''
+ expected_expression_code = '''
+ case 0:
+ {
+ *out_value = MACRO1;
+ }
+ break;
+ case 1:
+ {
+ *out_value = MACRO2;
+ }
+ break;'''
+ self.assertEqual(dep_check_code, expected_dep_check_code)
+ self.assertEqual(out_data_f.getvalue(), expected_data)
+ self.assertEqual(expression_code, expected_expression_code)
+
+
+if __name__ == '__main__':
+ unittest_main()
diff --git a/tests/scripts/yotta-build.sh b/tests/scripts/yotta-build.sh
deleted file mode 100755
index 4bae34a..0000000
--- a/tests/scripts/yotta-build.sh
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/bin/sh
-
-# yotta-build.sh
-#
-# This file is part of mbed TLS (https://tls.mbed.org)
-#
-# Copyright (c) 2015-2016, ARM Limited, All Rights Reserved
-#
-# Purpose
-#
-# To run test builds of the yotta module for all supported targets.
-
-set -eu
-
-check_tools()
-{
- for TOOL in "$@"; do
- if ! `hash "$TOOL" >/dev/null 2>&1`; then
- echo "$TOOL not found!" >&2
- exit 1
- fi
- done
-}
-
-yotta_build()
-{
- TARGET=$1
-
- echo; echo "*** $TARGET (release) ***"
- yt -t $TARGET build
-
- echo; echo "*** $TARGET (debug) ***"
- yt -t $TARGET build -d
-}
-
-# Make sure the tools we need are available.
-check_tools "arm-none-eabi-gcc" "armcc" "yotta"
-
-yotta/create-module.sh
-cd yotta/module
-yt update || true # needs network
-
-if uname -a | grep 'Linux.*x86' >/dev/null; then
- yotta_build x86-linux-native
-fi
-if uname -a | grep 'Darwin.*x86' >/dev/null; then
- yotta_build x86-osx-native
-fi
-
-# armcc build tests.
-yotta_build frdm-k64f-armcc
-#yotta_build nordic-nrf51822-16k-armcc
-
-# arm-none-eabi-gcc build tests.
-yotta_build frdm-k64f-gcc
-#yotta_build st-nucleo-f401re-gcc # dirent
-#yotta_build stm32f429i-disco-gcc # fails in mbed-hal-st-stm32f4
-#yotta_build nordic-nrf51822-16k-gcc # fails in minar-platform
-#yotta_build bbc-microbit-classic-gcc # fails in minar-platform
-#yotta_build st-stm32f439zi-gcc # fails in mbed-hal-st-stm32f4
-#yotta_build st-stm32f429i-disco-gcc # fails in mbed-hal-st-stm32f4
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 9faeb67..ce9aee2 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -21,6 +21,11 @@
set -u
+if cd $( dirname $0 ); then :; else
+ echo "cd $( dirname $0 ) failed" >&2
+ exit 1
+fi
+
# default values, can be overriden by the environment
: ${P_SRV:=../programs/ssl/ssl_server2}
: ${P_CLI:=../programs/ssl/ssl_client2}
@@ -36,6 +41,28 @@
G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt"
TCP_CLIENT="$PERL scripts/tcp_client.pl"
+# alternative versions of OpenSSL and GnuTLS (no default path)
+
+if [ -n "${OPENSSL_LEGACY:-}" ]; then
+ O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key"
+ O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client"
+else
+ O_LEGACY_SRV=false
+ O_LEGACY_CLI=false
+fi
+
+if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
+ G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
+else
+ G_NEXT_SRV=false
+fi
+
+if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
+ G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt"
+else
+ G_NEXT_CLI=false
+fi
+
TESTS=0
FAILS=0
SKIPS=0
@@ -115,6 +142,14 @@
done
}
+# Skip next test; use this macro to skip tests which are legitimate
+# in theory and expected to be re-introduced at some point, but
+# aren't expected to succeed at the moment due to problems outside
+# our control (such as bugs in other TLS implementations).
+skip_next_test() {
+ SKIP_NEXT="YES"
+}
+
# skip next test if the flag is not enabled in config.h
requires_config_enabled() {
if grep "^#define $1" $CONFIG_H > /dev/null; then :; else
@@ -129,6 +164,27 @@
fi
}
+get_config_value_or_default() {
+ NAME="$1"
+ DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h |
+ sed 's/^.*\s\([0-9]*\)$/\1/' )
+ ../scripts/config.pl get $NAME || echo "$DEF_VAL"
+}
+
+requires_config_value_at_least() {
+ VAL=$( get_config_value_or_default "$1" )
+ if [ "$VAL" -lt "$2" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
+requires_config_value_at_most() {
+ VAL=$( get_config_value_or_default "$1" )
+ if [ "$VAL" -gt "$2" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
# skip next test if OpenSSL doesn't support FALLBACK_SCSV
requires_openssl_with_fallback_scsv() {
if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
@@ -158,6 +214,34 @@
fi
}
+# skip next test if GnuTLS-next isn't available
+requires_gnutls_next() {
+ if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then
+ if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then
+ GNUTLS_NEXT_AVAILABLE="YES"
+ else
+ GNUTLS_NEXT_AVAILABLE="NO"
+ fi
+ fi
+ if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
+# skip next test if OpenSSL-legacy isn't available
+requires_openssl_legacy() {
+ if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then
+ if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then
+ OPENSSL_LEGACY_AVAILABLE="YES"
+ else
+ OPENSSL_LEGACY_AVAILABLE="NO"
+ fi
+ fi
+ if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
# skip next test if IPv6 isn't available on this host
requires_ipv6() {
if [ -z "${HAS_IPV6:-}" ]; then
@@ -178,6 +262,40 @@
fi
}
+# skip next test if it's i686 or uname is not available
+requires_not_i686() {
+ if [ -z "${IS_I686:-}" ]; then
+ IS_I686="YES"
+ if which "uname" >/dev/null 2>&1; then
+ if [ -z "$(uname -a | grep i686)" ]; then
+ IS_I686="NO"
+ fi
+ fi
+ fi
+ if [ "$IS_I686" = "YES" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
+# Calculate the input & output maximum content lengths set in the config
+MAX_CONTENT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384")
+MAX_IN_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
+MAX_OUT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
+
+if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
+ MAX_CONTENT_LEN="$MAX_IN_LEN"
+fi
+if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then
+ MAX_CONTENT_LEN="$MAX_OUT_LEN"
+fi
+
+# skip the next test if the SSL output buffer is less than 16KB
+requires_full_size_output_buffer() {
+ if [ "$MAX_OUT_LEN" -ne 16384 ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
# skip the next test if valgrind is in use
not_with_valgrind() {
if [ "$MEMCHECK" -gt 0 ]; then
@@ -308,7 +426,7 @@
done
}
else
- echo "Warning: lsof not available, wait_server_start = sleep $START_DELAY"
+ echo "Warning: lsof not available, wait_server_start = sleep"
wait_server_start() {
sleep "$START_DELAY"
}
@@ -608,6 +726,9 @@
if [ "$PRESERVE_LOGS" -gt 0 ]; then
mv $SRV_OUT o-srv-${TESTS}.log
mv $CLI_OUT o-cli-${TESTS}.log
+ if [ -n "$PXY_CMD" ]; then
+ mv $PXY_OUT o-pxy-${TESTS}.log
+ fi
fi
rm -f $SRV_OUT $CLI_OUT $PXY_OUT
@@ -626,11 +747,6 @@
# MAIN
#
-if cd $( dirname $0 ); then :; else
- echo "cd $( dirname $0 ) failed" >&2
- exit 1
-fi
-
get_options "$@"
# sanity checks, avoid an avalanche of errors
@@ -696,7 +812,20 @@
O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
O_CLI="$O_CLI -connect localhost:+SRV_PORT"
G_SRV="$G_SRV -p $SRV_PORT"
-G_CLI="$G_CLI -p +SRV_PORT localhost"
+G_CLI="$G_CLI -p +SRV_PORT"
+
+if [ -n "${OPENSSL_LEGACY:-}" ]; then
+ O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
+ O_LEGACY_CLI="$O_LEGACY_CLI -connect localhost:+SRV_PORT"
+fi
+
+if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
+ G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
+fi
+
+if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
+ G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT"
+fi
# Allow SHA-1, because many of our test certificates use it
P_SRV="$P_SRV allow_sha1=1"
@@ -723,7 +852,7 @@
"$P_CLI" \
0 \
-s "Protocol is TLSv1.2" \
- -s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
+ -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
-s "client hello v3, signature_algorithm ext: 6" \
-s "ECDHE curve: secp521r1" \
-S "error" \
@@ -734,20 +863,14 @@
"$P_CLI dtls=1" \
0 \
-s "Protocol is DTLSv1.2" \
- -s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"
+ -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
# Test current time in ServerHello
requires_config_enabled MBEDTLS_HAVE_TIME
-run_test "Default, ServerHello contains gmt_unix_time" \
+run_test "ServerHello contains gmt_unix_time" \
"$P_SRV debug_level=3" \
"$P_CLI debug_level=3" \
0 \
- -s "Protocol is TLSv1.2" \
- -s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
- -s "client hello v3, signature_algorithm ext: 6" \
- -s "ECDHE curve: secp521r1" \
- -S "error" \
- -C "error" \
-f "check_server_hello_time" \
-F "check_server_hello_time"
@@ -788,6 +911,22 @@
-S "SSL - None of the common ciphersuites is usable" \
-S "SSL - The server has no ciphersuites in common"
+# Test empty CA list in CertificateRequest in TLS 1.1 and earlier
+
+requires_gnutls
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \
+ "$G_SRV"\
+ "$P_CLI force_version=tls1_1" \
+ 0
+
+requires_gnutls
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
+run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \
+ "$G_SRV"\
+ "$P_CLI force_version=tls1" \
+ 0
+
# Tests for SHA-1 support
requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
@@ -836,6 +975,35 @@
"$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \
0
+# Tests for datagram packing
+run_test "DTLS: multiple records in same datagram, client and server" \
+ "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
+ "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
+ 0 \
+ -c "next record in same datagram" \
+ -s "next record in same datagram"
+
+run_test "DTLS: multiple records in same datagram, client only" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
+ "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
+ 0 \
+ -s "next record in same datagram" \
+ -C "next record in same datagram"
+
+run_test "DTLS: multiple records in same datagram, server only" \
+ "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
+ 0 \
+ -S "next record in same datagram" \
+ -c "next record in same datagram"
+
+run_test "DTLS: multiple records in same datagram, neither client nor server" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
+ 0 \
+ -S "next record in same datagram" \
+ -C "next record in same datagram"
+
# Tests for Truncated HMAC extension
run_test "Truncated HMAC: client default, server default" \
@@ -1157,6 +1325,38 @@
-s "received FALLBACK_SCSV" \
-S "inapropriate fallback"
+# Test sending and receiving empty application data records
+
+run_test "Encrypt then MAC: empty application data record" \
+ "$P_SRV auth_mode=none debug_level=4 etm=1" \
+ "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
+ -s "dumping 'input payload after decrypt' (0 bytes)" \
+ -c "0 bytes written in 1 fragments"
+
+run_test "Default, no Encrypt then MAC: empty application data record" \
+ "$P_SRV auth_mode=none debug_level=4 etm=0" \
+ "$P_CLI auth_mode=none etm=0 request_size=0" \
+ 0 \
+ -s "dumping 'input payload after decrypt' (0 bytes)" \
+ -c "0 bytes written in 1 fragments"
+
+run_test "Encrypt then MAC, DTLS: empty application data record" \
+ "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \
+ "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \
+ 0 \
+ -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
+ -s "dumping 'input payload after decrypt' (0 bytes)" \
+ -c "0 bytes written in 1 fragments"
+
+run_test "Default, no Encrypt then MAC, DTLS: empty application data record" \
+ "$P_SRV auth_mode=none debug_level=4 etm=0 dtls=1" \
+ "$P_CLI auth_mode=none etm=0 request_size=0 dtls=1" \
+ 0 \
+ -s "dumping 'input payload after decrypt' (0 bytes)" \
+ -c "0 bytes written in 1 fragments"
+
## ClientHello generated with
## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..."
## then manually twiddling the ciphersuite list.
@@ -1319,6 +1519,71 @@
-s "session successfully restored from ticket" \
-s "a session has been resumed"
+# Tests for Session Tickets with DTLS
+
+run_test "Session resume using tickets, DTLS: basic" \
+ "$P_SRV debug_level=3 dtls=1 tickets=1" \
+ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \
+ 0 \
+ -c "client hello, adding session ticket extension" \
+ -s "found session ticket extension" \
+ -s "server hello, adding session ticket extension" \
+ -c "found session_ticket extension" \
+ -c "parse new session ticket" \
+ -S "session successfully restored from cache" \
+ -s "session successfully restored from ticket" \
+ -s "a session has been resumed" \
+ -c "a session has been resumed"
+
+run_test "Session resume using tickets, DTLS: cache disabled" \
+ "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
+ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \
+ 0 \
+ -c "client hello, adding session ticket extension" \
+ -s "found session ticket extension" \
+ -s "server hello, adding session ticket extension" \
+ -c "found session_ticket extension" \
+ -c "parse new session ticket" \
+ -S "session successfully restored from cache" \
+ -s "session successfully restored from ticket" \
+ -s "a session has been resumed" \
+ -c "a session has been resumed"
+
+run_test "Session resume using tickets, DTLS: timeout" \
+ "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \
+ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 reco_delay=2" \
+ 0 \
+ -c "client hello, adding session ticket extension" \
+ -s "found session ticket extension" \
+ -s "server hello, adding session ticket extension" \
+ -c "found session_ticket extension" \
+ -c "parse new session ticket" \
+ -S "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -S "a session has been resumed" \
+ -C "a session has been resumed"
+
+run_test "Session resume using tickets, DTLS: openssl server" \
+ "$O_SRV -dtls1" \
+ "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
+ 0 \
+ -c "client hello, adding session ticket extension" \
+ -c "found session_ticket extension" \
+ -c "parse new session ticket" \
+ -c "a session has been resumed"
+
+run_test "Session resume using tickets, DTLS: openssl client" \
+ "$P_SRV dtls=1 debug_level=3 tickets=1" \
+ "( $O_CLI -dtls1 -sess_out $SESSION; \
+ $O_CLI -dtls1 -sess_in $SESSION; \
+ rm -f $SESSION )" \
+ 0 \
+ -s "found session ticket extension" \
+ -s "server hello, adding session ticket extension" \
+ -S "session successfully restored from cache" \
+ -s "session successfully restored from ticket" \
+ -s "a session has been resumed"
+
# Tests for Session Resume based on session-ID and cache
run_test "Session resume using cache: tickets enabled on client" \
@@ -1414,30 +1679,119 @@
-C "parse new session ticket" \
-c "a session has been resumed"
+# Tests for Session Resume based on session-ID and cache, DTLS
+
+run_test "Session resume using cache, DTLS: tickets enabled on client" \
+ "$P_SRV dtls=1 debug_level=3 tickets=0" \
+ "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
+ 0 \
+ -c "client hello, adding session ticket extension" \
+ -s "found session ticket extension" \
+ -S "server hello, adding session ticket extension" \
+ -C "found session_ticket extension" \
+ -C "parse new session ticket" \
+ -s "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -s "a session has been resumed" \
+ -c "a session has been resumed"
+
+run_test "Session resume using cache, DTLS: tickets enabled on server" \
+ "$P_SRV dtls=1 debug_level=3 tickets=1" \
+ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
+ 0 \
+ -C "client hello, adding session ticket extension" \
+ -S "found session ticket extension" \
+ -S "server hello, adding session ticket extension" \
+ -C "found session_ticket extension" \
+ -C "parse new session ticket" \
+ -s "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -s "a session has been resumed" \
+ -c "a session has been resumed"
+
+run_test "Session resume using cache, DTLS: cache_max=0" \
+ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \
+ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
+ 0 \
+ -S "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -S "a session has been resumed" \
+ -C "a session has been resumed"
+
+run_test "Session resume using cache, DTLS: cache_max=1" \
+ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \
+ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
+ 0 \
+ -s "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -s "a session has been resumed" \
+ -c "a session has been resumed"
+
+run_test "Session resume using cache, DTLS: timeout > delay" \
+ "$P_SRV dtls=1 debug_level=3 tickets=0" \
+ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=0" \
+ 0 \
+ -s "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -s "a session has been resumed" \
+ -c "a session has been resumed"
+
+run_test "Session resume using cache, DTLS: timeout < delay" \
+ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \
+ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
+ 0 \
+ -S "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -S "a session has been resumed" \
+ -C "a session has been resumed"
+
+run_test "Session resume using cache, DTLS: no timeout" \
+ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \
+ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
+ 0 \
+ -s "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -s "a session has been resumed" \
+ -c "a session has been resumed"
+
+run_test "Session resume using cache, DTLS: openssl client" \
+ "$P_SRV dtls=1 debug_level=3 tickets=0" \
+ "( $O_CLI -dtls1 -sess_out $SESSION; \
+ $O_CLI -dtls1 -sess_in $SESSION; \
+ rm -f $SESSION )" \
+ 0 \
+ -s "found session ticket extension" \
+ -S "server hello, adding session ticket extension" \
+ -s "session successfully restored from cache" \
+ -S "session successfully restored from ticket" \
+ -s "a session has been resumed"
+
+run_test "Session resume using cache, DTLS: openssl server" \
+ "$O_SRV -dtls1" \
+ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
+ 0 \
+ -C "found session_ticket extension" \
+ -C "parse new session ticket" \
+ -c "a session has been resumed"
+
# Tests for Max Fragment Length extension
-MAX_CONTENT_LEN_EXPECT='16384'
-MAX_CONTENT_LEN_CONFIG=$( ../scripts/config.pl get MBEDTLS_SSL_MAX_CONTENT_LEN)
-
-if [ -n "$MAX_CONTENT_LEN_CONFIG" ] && [ "$MAX_CONTENT_LEN_CONFIG" -ne "$MAX_CONTENT_LEN_EXPECT" ]; then
- printf "The ${CONFIG_H} file contains a value for the configuration of\n"
- printf "MBEDTLS_SSL_MAX_CONTENT_LEN that is different from the script’s\n"
- printf "test value of ${MAX_CONTENT_LEN_EXPECT}. \n"
- printf "\n"
- printf "The tests assume this value and if it changes, the tests in this\n"
- printf "script should also be adjusted.\n"
- printf "\n"
-
+if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
+ printf "${CONFIG_H} defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n"
exit 1
fi
+if [ $MAX_CONTENT_LEN -ne 16384 ]; then
+ printf "Using non-default maximum content length $MAX_CONTENT_LEN\n"
+fi
+
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: enabled, default" \
"$P_SRV debug_level=3" \
"$P_CLI debug_level=3" \
0 \
- -c "Maximum fragment length is 16384" \
- -s "Maximum fragment length is 16384" \
+ -c "Maximum fragment length is $MAX_CONTENT_LEN" \
+ -s "Maximum fragment length is $MAX_CONTENT_LEN" \
-C "client hello, adding max_fragment_length extension" \
-S "found max fragment length extension" \
-S "server hello, max_fragment_length extension" \
@@ -1446,46 +1800,50 @@
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: enabled, default, larger message" \
"$P_SRV debug_level=3" \
- "$P_CLI debug_level=3 request_size=16385" \
+ "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
0 \
- -c "Maximum fragment length is 16384" \
- -s "Maximum fragment length is 16384" \
+ -c "Maximum fragment length is $MAX_CONTENT_LEN" \
+ -s "Maximum fragment length is $MAX_CONTENT_LEN" \
-C "client hello, adding max_fragment_length extension" \
-S "found max fragment length extension" \
-S "server hello, max_fragment_length extension" \
-C "found max_fragment_length extension" \
- -c "16385 bytes written in 2 fragments" \
- -s "16384 bytes read" \
+ -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
+ -s "$MAX_CONTENT_LEN bytes read" \
-s "1 bytes read"
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length, DTLS: enabled, default, larger message" \
"$P_SRV debug_level=3 dtls=1" \
- "$P_CLI debug_level=3 dtls=1 request_size=16385" \
+ "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
1 \
- -c "Maximum fragment length is 16384" \
- -s "Maximum fragment length is 16384" \
+ -c "Maximum fragment length is $MAX_CONTENT_LEN" \
+ -s "Maximum fragment length is $MAX_CONTENT_LEN" \
-C "client hello, adding max_fragment_length extension" \
-S "found max fragment length extension" \
-S "server hello, max_fragment_length extension" \
-C "found max_fragment_length extension" \
-c "fragment larger than.*maximum "
+# Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled
+# (session fragment length will be 16384 regardless of mbedtls
+# content length configuration.)
+
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: disabled, larger message" \
"$P_SRV debug_level=3" \
- "$P_CLI debug_level=3 request_size=16385" \
+ "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
0 \
-C "Maximum fragment length is 16384" \
-S "Maximum fragment length is 16384" \
- -c "16385 bytes written in 2 fragments" \
- -s "16384 bytes read" \
+ -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
+ -s "$MAX_CONTENT_LEN bytes read" \
-s "1 bytes read"
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length DTLS: disabled, larger message" \
"$P_SRV debug_level=3 dtls=1" \
- "$P_CLI debug_level=3 dtls=1 request_size=16385" \
+ "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
1 \
-C "Maximum fragment length is 16384" \
-S "Maximum fragment length is 16384" \
@@ -1508,7 +1866,7 @@
"$P_SRV debug_level=3 max_frag_len=4096" \
"$P_CLI debug_level=3" \
0 \
- -c "Maximum fragment length is 16384" \
+ -c "Maximum fragment length is $MAX_CONTENT_LEN" \
-s "Maximum fragment length is 4096" \
-C "client hello, adding max_fragment_length extension" \
-S "found max fragment length extension" \
@@ -2012,7 +2370,7 @@
requires_gnutls
run_test "Renego ext: gnutls client strict, server default" \
"$P_SRV debug_level=3" \
- "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION" \
+ "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \
0 \
-s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
-s "server hello, secure renegotiation extension"
@@ -2020,7 +2378,7 @@
requires_gnutls
run_test "Renego ext: gnutls client unsafe, server default" \
"$P_SRV debug_level=3" \
- "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
0 \
-S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
-S "server hello, secure renegotiation extension"
@@ -2028,7 +2386,7 @@
requires_gnutls
run_test "Renego ext: gnutls client unsafe, server break legacy" \
"$P_SRV debug_level=3 allow_legacy=-1" \
- "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
1 \
-S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
-S "server hello, secure renegotiation extension"
@@ -2039,7 +2397,7 @@
run_test "DER format: no trailing bytes" \
"$P_SRV crt_file=data_files/server5-der0.crt \
key_file=data_files/server5.key" \
- "$G_CLI " \
+ "$G_CLI localhost" \
0 \
-c "Handshake was completed" \
@@ -2047,7 +2405,7 @@
run_test "DER format: with a trailing zero byte" \
"$P_SRV crt_file=data_files/server5-der1a.crt \
key_file=data_files/server5.key" \
- "$G_CLI " \
+ "$G_CLI localhost" \
0 \
-c "Handshake was completed" \
@@ -2055,7 +2413,7 @@
run_test "DER format: with a trailing random byte" \
"$P_SRV crt_file=data_files/server5-der1b.crt \
key_file=data_files/server5.key" \
- "$G_CLI " \
+ "$G_CLI localhost" \
0 \
-c "Handshake was completed" \
@@ -2063,7 +2421,7 @@
run_test "DER format: with 2 trailing random bytes" \
"$P_SRV crt_file=data_files/server5-der2.crt \
key_file=data_files/server5.key" \
- "$G_CLI " \
+ "$G_CLI localhost" \
0 \
-c "Handshake was completed" \
@@ -2071,7 +2429,7 @@
run_test "DER format: with 4 trailing random bytes" \
"$P_SRV crt_file=data_files/server5-der4.crt \
key_file=data_files/server5.key" \
- "$G_CLI " \
+ "$G_CLI localhost" \
0 \
-c "Handshake was completed" \
@@ -2079,7 +2437,7 @@
run_test "DER format: with 8 trailing random bytes" \
"$P_SRV crt_file=data_files/server5-der8.crt \
key_file=data_files/server5.key" \
- "$G_CLI " \
+ "$G_CLI localhost" \
0 \
-c "Handshake was completed" \
@@ -2087,7 +2445,7 @@
run_test "DER format: with 9 trailing random bytes" \
"$P_SRV crt_file=data_files/server5-der9.crt \
key_file=data_files/server5.key" \
- "$G_CLI " \
+ "$G_CLI localhost" \
0 \
-c "Handshake was completed" \
@@ -2376,6 +2734,7 @@
exit 1
fi
+requires_full_size_output_buffer
run_test "Authentication: server max_int chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
key_file=data_files/dir-maxpath/09.key" \
@@ -2383,6 +2742,7 @@
0 \
-C "X509 - A fatal error occured"
+requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
@@ -2390,6 +2750,7 @@
1 \
-c "X509 - A fatal error occured"
+requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client optional" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
@@ -2398,6 +2759,7 @@
1 \
-c "X509 - A fatal error occured"
+requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client none" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
@@ -2406,6 +2768,7 @@
0 \
-C "X509 - A fatal error occured"
+requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server default" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
@@ -2413,6 +2776,7 @@
0 \
-S "X509 - A fatal error occured"
+requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server optional" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
@@ -2420,6 +2784,7 @@
1 \
-s "X509 - A fatal error occured"
+requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server required" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
@@ -2427,6 +2792,7 @@
1 \
-s "X509 - A fatal error occured"
+requires_full_size_output_buffer
run_test "Authentication: client max_int chain, server required" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
@@ -3644,14 +4010,14 @@
requires_gnutls
run_test "ClientHello without extensions, SHA-1 allowed" \
"$P_SRV debug_level=3" \
- "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
0 \
-s "dumping 'client hello extensions' (0 bytes)"
requires_gnutls
run_test "ClientHello without extensions, SHA-1 forbidden in certificates on server" \
"$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt allow_sha1=0" \
- "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
0 \
-s "dumping 'client hello extensions' (0 bytes)"
@@ -3669,10 +4035,10 @@
0 \
-s "Read from client: 500 bytes read (.*+.*)"
-# Tests for small packets
+# Tests for small client packets
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
-run_test "Small packet SSLv3 BlockCipher" \
+run_test "Small client packet SSLv3 BlockCipher" \
"$P_SRV min_version=ssl3" \
"$P_CLI request_size=1 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3680,21 +4046,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
-run_test "Small packet SSLv3 StreamCipher" \
+run_test "Small client packet SSLv3 StreamCipher" \
"$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.0 BlockCipher" \
+run_test "Small client packet TLS 1.0 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.0 BlockCipher, without EtM" \
+run_test "Small client packet TLS 1.0 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1 etm=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3702,7 +4068,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.0 BlockCipher, truncated MAC" \
+run_test "Small client packet TLS 1.0 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3710,21 +4076,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.0 StreamCipher" \
+run_test "Small client packet TLS 1.0 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.0 StreamCipher, without EtM" \
+run_test "Small client packet TLS 1.0 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -3732,7 +4098,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.0 StreamCipher, truncated MAC" \
+run_test "Small client packet TLS 1.0 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -3740,21 +4106,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.1 BlockCipher" \
+run_test "Small client packet TLS 1.1 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.1 BlockCipher, without EtM" \
+run_test "Small client packet TLS 1.1 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
@@ -3762,7 +4128,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.1 BlockCipher, truncated MAC" \
+run_test "Small client packet TLS 1.1 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3770,21 +4136,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.1 StreamCipher" \
+run_test "Small client packet TLS 1.1 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.1 StreamCipher, without EtM" \
+run_test "Small client packet TLS 1.1 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -3792,7 +4158,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.1 StreamCipher, truncated MAC" \
+run_test "Small client packet TLS 1.1 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -3800,28 +4166,28 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 BlockCipher" \
+run_test "Small client packet TLS 1.2 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 BlockCipher, without EtM" \
+run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 BlockCipher larger MAC" \
+run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
@@ -3829,7 +4195,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.2 BlockCipher, truncated MAC" \
+run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3837,21 +4203,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 StreamCipher" \
+run_test "Small client packet TLS 1.2 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 StreamCipher, without EtM" \
+run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -3859,7 +4225,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.2 StreamCipher, truncated MAC" \
+run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -3867,31 +4233,31 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 AEAD" \
+run_test "Small client packet TLS 1.2 AEAD" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 AEAD shorter tag" \
+run_test "Small client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
0 \
-s "Read from client: 1 bytes read"
-# Tests for small packets in DTLS
+# Tests for small client packets in DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-run_test "Small packet DTLS 1.0" \
+run_test "Small client packet DTLS 1.0" \
"$P_SRV dtls=1 force_version=dtls1" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3899,7 +4265,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-run_test "Small packet DTLS 1.0, without EtM" \
+run_test "Small client packet DTLS 1.0, without EtM" \
"$P_SRV dtls=1 force_version=dtls1 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3908,7 +4274,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet DTLS 1.0, truncated hmac" \
+run_test "Small client packet DTLS 1.0, truncated hmac" \
"$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \
"$P_CLI dtls=1 request_size=1 trunc_hmac=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3917,7 +4283,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet DTLS 1.0, without EtM, truncated MAC" \
+run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \
"$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
@@ -3925,7 +4291,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-run_test "Small packet DTLS 1.2" \
+run_test "Small client packet DTLS 1.2" \
"$P_SRV dtls=1 force_version=dtls1_2" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3933,7 +4299,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-run_test "Small packet DTLS 1.2, without EtM" \
+run_test "Small client packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 force_version=dtls1_2 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3942,7 +4308,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet DTLS 1.2, truncated hmac" \
+run_test "Small client packet DTLS 1.2, truncated hmac" \
"$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3951,13 +4317,302 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet DTLS 1.2, without EtM, truncated MAC" \
+run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \
"$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
0 \
-s "Read from client: 1 bytes read"
+# Tests for small server packets
+
+requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+run_test "Small server packet SSLv3 BlockCipher" \
+ "$P_SRV response_size=1 min_version=ssl3" \
+ "$P_CLI force_version=ssl3 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+run_test "Small server packet SSLv3 StreamCipher" \
+ "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=ssl3 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.0 BlockCipher" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.0 BlockCipher, without EtM" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1 etm=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.0 BlockCipher, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.0 StreamCipher" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.0 StreamCipher, without EtM" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.0 StreamCipher, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
+ trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.1 BlockCipher" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.1 BlockCipher, without EtM" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.1 BlockCipher, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.1 StreamCipher" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.1 StreamCipher, without EtM" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.1 StreamCipher, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 BlockCipher" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 StreamCipher" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 AEAD" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 AEAD shorter tag" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+# Tests for small server packets in DTLS
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+run_test "Small server packet DTLS 1.0" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+run_test "Small server packet DTLS 1.0, without EtM" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet DTLS 1.0, truncated hmac" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \
+ "$P_CLI dtls=1 trunc_hmac=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+run_test "Small server packet DTLS 1.2" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+run_test "Small server packet DTLS 1.2, without EtM" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet DTLS 1.2, truncated hmac" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
+ 0 \
+ -c "Read from server: 1 bytes read"
+
# A test for extensions in SSLv3
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
@@ -3968,240 +4623,625 @@
-S "dumping 'client hello extensions'" \
-S "server hello, total extension length:"
-# Test for large packets
+# Test for large client packets
+
+# How many fragments do we expect to write $1 bytes?
+fragments_for_write() {
+ echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
+}
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
-run_test "Large packet SSLv3 BlockCipher" \
+run_test "Large client packet SSLv3 BlockCipher" \
"$P_SRV min_version=ssl3" \
"$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
-run_test "Large packet SSLv3 StreamCipher" \
+run_test "Large client packet SSLv3 StreamCipher" \
"$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.0 BlockCipher" \
+run_test "Large client packet TLS 1.0 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.0 BlockCipher, without EtM" \
+run_test "Large client packet TLS 1.0 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.0 BlockCipher, truncated MAC" \
+run_test "Large client packet TLS 1.0 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.0 StreamCipher" \
+run_test "Large client packet TLS 1.0 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.0 StreamCipher, without EtM" \
+run_test "Large client packet TLS 1.0 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.0 StreamCipher, truncated MAC" \
+run_test "Large client packet TLS 1.0 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.1 BlockCipher" \
+run_test "Large client packet TLS 1.1 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.1 BlockCipher, without EtM" \
+run_test "Large client packet TLS 1.1 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_1 etm=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.1 BlockCipher, truncated MAC" \
+run_test "Large client packet TLS 1.1 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.1 StreamCipher" \
+run_test "Large client packet TLS 1.1 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.1 StreamCipher, without EtM" \
+run_test "Large client packet TLS 1.1 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.1 StreamCipher, truncated MAC" \
+run_test "Large client packet TLS 1.1 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.2 BlockCipher" \
+run_test "Large client packet TLS 1.2 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.2 BlockCipher, without EtM" \
+run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.2 BlockCipher larger MAC" \
+run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.2 BlockCipher, truncated MAC" \
+run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.2 StreamCipher" \
+run_test "Large client packet TLS 1.2 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.2 StreamCipher, without EtM" \
+run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.2 StreamCipher, truncated MAC" \
+run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
0 \
- -s "Read from client: 16384 bytes read"
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.2 AEAD" \
+run_test "Large client packet TLS 1.2 AEAD" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
-run_test "Large packet TLS 1.2 AEAD shorter tag" \
+run_test "Large client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
0 \
- -c "16384 bytes written in 1 fragments" \
- -s "Read from client: 16384 bytes read"
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
+
+# Test for large server packets
+requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+run_test "Large server packet SSLv3 StreamCipher" \
+ "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=ssl3 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+# Checking next 4 tests logs for 1n-1 split against BEAST too
+requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+run_test "Large server packet SSLv3 BlockCipher" \
+ "$P_SRV response_size=16384 min_version=ssl3" \
+ "$P_CLI force_version=ssl3 recsplit=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"\
+ -c "16383 bytes read"\
+ -C "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.0 BlockCipher" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1 recsplit=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"\
+ -c "16383 bytes read"\
+ -C "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.0 BlockCipher, without EtM" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1 etm=0 recsplit=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"\
+ -c "16383 bytes read"\
+ -C "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1 recsplit=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"\
+ -c "16383 bytes read"\
+ -C "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.0 StreamCipher truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.0 StreamCipher" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.0 StreamCipher, without EtM" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.0 StreamCipher, truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 BlockCipher" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 BlockCipher, without EtM" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_1 etm=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.1 BlockCipher truncated MAC" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 StreamCipher" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 StreamCipher, without EtM" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.1 StreamCipher truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 BlockCipher" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 etm=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 StreamCipher" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 AEAD" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 AEAD shorter tag" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+# Tests for restartable ECC
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, default" \
+ "$P_SRV auth_mode=required" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1" \
+ 0 \
+ -C "x509_verify_cert.*4b00" \
+ -C "mbedtls_pk_verify.*4b00" \
+ -C "mbedtls_ecdh_make_public.*4b00" \
+ -C "mbedtls_pk_sign.*4b00"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=0" \
+ "$P_SRV auth_mode=required" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=0" \
+ 0 \
+ -C "x509_verify_cert.*4b00" \
+ -C "mbedtls_pk_verify.*4b00" \
+ -C "mbedtls_ecdh_make_public.*4b00" \
+ -C "mbedtls_pk_sign.*4b00"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=65535" \
+ "$P_SRV auth_mode=required" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=65535" \
+ 0 \
+ -C "x509_verify_cert.*4b00" \
+ -C "mbedtls_pk_verify.*4b00" \
+ -C "mbedtls_ecdh_make_public.*4b00" \
+ -C "mbedtls_pk_sign.*4b00"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000" \
+ "$P_SRV auth_mode=required" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=1000" \
+ 0 \
+ -c "x509_verify_cert.*4b00" \
+ -c "mbedtls_pk_verify.*4b00" \
+ -c "mbedtls_ecdh_make_public.*4b00" \
+ -c "mbedtls_pk_sign.*4b00"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000, badsign" \
+ "$P_SRV auth_mode=required \
+ crt_file=data_files/server5-badsign.crt \
+ key_file=data_files/server5.key" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=1000" \
+ 1 \
+ -c "x509_verify_cert.*4b00" \
+ -C "mbedtls_pk_verify.*4b00" \
+ -C "mbedtls_ecdh_make_public.*4b00" \
+ -C "mbedtls_pk_sign.*4b00" \
+ -c "! The certificate is not correctly signed by the trusted CA" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -c "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
+ "$P_SRV auth_mode=required \
+ crt_file=data_files/server5-badsign.crt \
+ key_file=data_files/server5.key" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=1000 auth_mode=optional" \
+ 0 \
+ -c "x509_verify_cert.*4b00" \
+ -c "mbedtls_pk_verify.*4b00" \
+ -c "mbedtls_ecdh_make_public.*4b00" \
+ -c "mbedtls_pk_sign.*4b00" \
+ -c "! The certificate is not correctly signed by the trusted CA" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
+ "$P_SRV auth_mode=required \
+ crt_file=data_files/server5-badsign.crt \
+ key_file=data_files/server5.key" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=1000 auth_mode=none" \
+ 0 \
+ -C "x509_verify_cert.*4b00" \
+ -c "mbedtls_pk_verify.*4b00" \
+ -c "mbedtls_ecdh_make_public.*4b00" \
+ -c "mbedtls_pk_sign.*4b00" \
+ -C "! The certificate is not correctly signed by the trusted CA" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: DTLS, max_ops=1000" \
+ "$P_SRV auth_mode=required dtls=1" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ dtls=1 debug_level=1 ec_max_ops=1000" \
+ 0 \
+ -c "x509_verify_cert.*4b00" \
+ -c "mbedtls_pk_verify.*4b00" \
+ -c "mbedtls_ecdh_make_public.*4b00" \
+ -c "mbedtls_pk_sign.*4b00"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000 no client auth" \
+ "$P_SRV" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ debug_level=1 ec_max_ops=1000" \
+ 0 \
+ -c "x509_verify_cert.*4b00" \
+ -c "mbedtls_pk_verify.*4b00" \
+ -c "mbedtls_ecdh_make_public.*4b00" \
+ -C "mbedtls_pk_sign.*4b00"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \
+ "$P_SRV psk=abc123" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
+ psk=abc123 debug_level=1 ec_max_ops=1000" \
+ 0 \
+ -C "x509_verify_cert.*4b00" \
+ -C "mbedtls_pk_verify.*4b00" \
+ -C "mbedtls_ecdh_make_public.*4b00" \
+ -C "mbedtls_pk_sign.*4b00"
# Tests of asynchronous private key support in SSL
@@ -4551,6 +5591,56 @@
-s "Async decrypt callback: using key slot " \
-s "Async resume (slot [0-9]): decrypt done, status=0"
+# Tests for ECC extensions (rfc 4492)
+
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+run_test "Force a non ECC ciphersuite in the client side" \
+ "$P_SRV debug_level=3" \
+ "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
+ 0 \
+ -C "client hello, adding supported_elliptic_curves extension" \
+ -C "client hello, adding supported_point_formats extension" \
+ -S "found supported elliptic curves extension" \
+ -S "found supported point formats extension"
+
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+run_test "Force a non ECC ciphersuite in the server side" \
+ "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
+ "$P_CLI debug_level=3" \
+ 0 \
+ -C "found supported_point_formats extension" \
+ -S "server hello, supported_point_formats extension"
+
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+run_test "Force an ECC ciphersuite in the client side" \
+ "$P_SRV debug_level=3" \
+ "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
+ 0 \
+ -c "client hello, adding supported_elliptic_curves extension" \
+ -c "client hello, adding supported_point_formats extension" \
+ -s "found supported elliptic curves extension" \
+ -s "found supported point formats extension"
+
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+run_test "Force an ECC ciphersuite in the server side" \
+ "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
+ "$P_CLI debug_level=3" \
+ 0 \
+ -c "found supported_point_formats extension" \
+ -s "server hello, supported_point_formats extension"
+
# Tests for DTLS HelloVerifyRequest
run_test "DTLS cookie: enabled" \
@@ -4771,6 +5861,958 @@
-c "found fragmented DTLS handshake message" \
-C "error"
+# Tests for sending fragmented handshake messages with DTLS
+#
+# Use client auth when we need the client to send large messages,
+# and use large cert chains on both sides too (the long chains we have all use
+# both RSA and ECDSA, but ideally we should have long chains with either).
+# Sizes reached (UDP payload):
+# - 2037B for server certificate
+# - 1542B for client certificate
+# - 1013B for newsessionticket
+# - all others below 512B
+# All those tests assume MAX_CONTENT_LEN is at least 2048
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+run_test "DTLS fragmenting: none (for reference)" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=4096" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=4096" \
+ 0 \
+ -S "found fragmented DTLS handshake message" \
+ -C "found fragmented DTLS handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+run_test "DTLS fragmenting: server only (max_frag_len)" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=1024" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=2048" \
+ 0 \
+ -S "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# With the MFL extension, the server has no way of forcing
+# the client to not exceed a certain MTU; hence, the following
+# test can't be replicated with an MTU proxy such as the one
+# `client-initiated, server only (max_frag_len)` below.
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+run_test "DTLS fragmenting: server only (more) (max_frag_len)" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=512" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=4096" \
+ 0 \
+ -S "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=none \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=2048" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=1024" \
+ 0 \
+ -S "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# While not required by the standard defining the MFL extension
+# (according to which it only applies to records, not to datagrams),
+# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
+# as otherwise there wouldn't be any means to communicate MTU restrictions
+# to the peer.
+# The next test checks that no datagrams significantly larger than the
+# negotiated MFL are sent.
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
+ -p "$P_PXY mtu=1110" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=none \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=2048" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=1024" \
+ 0 \
+ -S "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=2048" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=1024" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# While not required by the standard defining the MFL extension
+# (according to which it only applies to records, not to datagrams),
+# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
+# as otherwise there wouldn't be any means to communicate MTU restrictions
+# to the peer.
+# The next test checks that no datagrams significantly larger than the
+# negotiated MFL are sent.
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
+ -p "$P_PXY mtu=1110" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=2048" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ max_frag_len=1024" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+run_test "DTLS fragmenting: none (for reference) (MTU)" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ mtu=4096" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ mtu=4096" \
+ 0 \
+ -S "found fragmented DTLS handshake message" \
+ -C "found fragmented DTLS handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+run_test "DTLS fragmenting: client (MTU)" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=3500-60000 \
+ mtu=4096" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=3500-60000 \
+ mtu=1024" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -C "found fragmented DTLS handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+run_test "DTLS fragmenting: server (MTU)" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ mtu=512" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ mtu=2048" \
+ 0 \
+ -S "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+run_test "DTLS fragmenting: both (MTU=1024)" \
+ -p "$P_PXY mtu=1024" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ mtu=1024" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=2500-60000 \
+ mtu=1024" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+run_test "DTLS fragmenting: both (MTU=512)" \
+ -p "$P_PXY mtu=512" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=2500-60000 \
+ mtu=512" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=2500-60000 \
+ mtu=512" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# Test for automatic MTU reduction on repeated resend.
+# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
+# The ratio of max/min timeout should ideally equal 4 to accept two
+# retransmissions, but in some cases (like both the server and client using
+# fragmentation and auto-reduction) an extra retransmission might occur,
+# hence the ratio of 8.
+not_with_valgrind
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+run_test "DTLS fragmenting: proxy MTU: auto-reduction" \
+ -p "$P_PXY mtu=508" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=400-3200" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=400-3200" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
+only_with_valgrind
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+run_test "DTLS fragmenting: proxy MTU: auto-reduction" \
+ -p "$P_PXY mtu=508" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=250-10000" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=250-10000" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
+# OTOH the client might resend if the server is to slow to reset after sending
+# a HelloVerifyRequest, so only check for no retransmission server-side
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
+ -p "$P_PXY mtu=1024" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=10000-60000 \
+ mtu=1024" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=10000-60000 \
+ mtu=1024" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
+# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
+# OTOH the client might resend if the server is to slow to reset after sending
+# a HelloVerifyRequest, so only check for no retransmission server-side
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
+ -p "$P_PXY mtu=512" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=10000-60000 \
+ mtu=512" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=10000-60000 \
+ mtu=512" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
+ -p "$P_PXY mtu=1024" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=10000-60000 \
+ mtu=1024 nbio=2" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=10000-60000 \
+ mtu=1024 nbio=2" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
+ -p "$P_PXY mtu=512" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=10000-60000 \
+ mtu=512 nbio=2" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=10000-60000 \
+ mtu=512 nbio=2" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# Forcing ciphersuite for this test to fit the MTU of 1450 with full config.
+# This ensures things still work after session_reset().
+# It also exercises the "resumed handshake" flow.
+# Since we don't support reading fragmented ClientHello yet,
+# up the MTU to 1450 (larger than ClientHello with session ticket,
+# but still smaller than client's Certificate to ensure fragmentation).
+# An autoreduction on the client-side might happen if the server is
+# slow to reset, therefore omitting '-C "autoreduction"' below.
+# reco_delay avoids races where the client reconnects before the server has
+# resumed listening, which would result in a spurious autoreduction.
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
+ -p "$P_PXY mtu=1450" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=10000-60000 \
+ mtu=1450" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=10000-60000 \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ mtu=1450 reconnect=1 reco_delay=1" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# An autoreduction on the client-side might happen if the server is
+# slow to reset, therefore omitting '-C "autoreduction"' below.
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+requires_config_enabled MBEDTLS_CHACHAPOLY_C
+run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
+ -p "$P_PXY mtu=512" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ exchanges=2 renegotiation=1 \
+ hs_timeout=10000-60000 \
+ mtu=512" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ exchanges=2 renegotiation=1 renegotiate=1 \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=10000-60000 \
+ mtu=512" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# An autoreduction on the client-side might happen if the server is
+# slow to reset, therefore omitting '-C "autoreduction"' below.
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
+ -p "$P_PXY mtu=512" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ exchanges=2 renegotiation=1 \
+ hs_timeout=10000-60000 \
+ mtu=512" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ exchanges=2 renegotiation=1 renegotiate=1 \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=10000-60000 \
+ mtu=512" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# An autoreduction on the client-side might happen if the server is
+# slow to reset, therefore omitting '-C "autoreduction"' below.
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_CCM_C
+run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
+ -p "$P_PXY mtu=1024" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ exchanges=2 renegotiation=1 \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
+ hs_timeout=10000-60000 \
+ mtu=1024" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ exchanges=2 renegotiation=1 renegotiate=1 \
+ hs_timeout=10000-60000 \
+ mtu=1024" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# An autoreduction on the client-side might happen if the server is
+# slow to reset, therefore omitting '-C "autoreduction"' below.
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
+run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
+ -p "$P_PXY mtu=1024" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ exchanges=2 renegotiation=1 \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
+ hs_timeout=10000-60000 \
+ mtu=1024" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ exchanges=2 renegotiation=1 renegotiate=1 \
+ hs_timeout=10000-60000 \
+ mtu=1024" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# An autoreduction on the client-side might happen if the server is
+# slow to reset, therefore omitting '-C "autoreduction"' below.
+not_with_valgrind # spurious autoreduction due to timeout
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
+ -p "$P_PXY mtu=1024" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ exchanges=2 renegotiation=1 \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \
+ hs_timeout=10000-60000 \
+ mtu=1024" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ exchanges=2 renegotiation=1 renegotiate=1 \
+ hs_timeout=10000-60000 \
+ mtu=1024" \
+ 0 \
+ -S "autoreduction" \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+client_needs_more_time 2
+run_test "DTLS fragmenting: proxy MTU + 3d" \
+ -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
+ "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=250-10000 mtu=512" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=250-10000 mtu=512" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
+client_needs_more_time 2
+run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
+ -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
+ "$P_SRV dtls=1 debug_level=2 auth_mode=required \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=250-10000 mtu=512 nbio=2" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ hs_timeout=250-10000 mtu=512 nbio=2" \
+ 0 \
+ -s "found fragmented DTLS handshake message" \
+ -c "found fragmented DTLS handshake message" \
+ -C "error"
+
+# interop tests for DTLS fragmentating with reliable connection
+#
+# here and below we just want to test that the we fragment in a way that
+# pleases other implementations, so we don't need the peer to fragment
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_gnutls
+run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
+ "$G_SRV -u" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ mtu=512 force_version=dtls1_2" \
+ 0 \
+ -c "fragmenting handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+requires_gnutls
+run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \
+ "$G_SRV -u" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ mtu=512 force_version=dtls1" \
+ 0 \
+ -c "fragmenting handshake message" \
+ -C "error"
+
+# We use --insecure for the GnuTLS client because it expects
+# the hostname / IP it connects to to be the name used in the
+# certificate obtained from the server. Here, however, it
+# connects to 127.0.0.1 while our test certificates use 'localhost'
+# as the server name in the certificate. This will make the
+# certifiate validation fail, but passing --insecure makes
+# GnuTLS continue the connection nonetheless.
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_gnutls
+requires_not_i686
+run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
+ "$P_SRV dtls=1 debug_level=2 \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ mtu=512 force_version=dtls1_2" \
+ "$G_CLI -u --insecure 127.0.0.1" \
+ 0 \
+ -s "fragmenting handshake message"
+
+# See previous test for the reason to use --insecure
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+requires_gnutls
+requires_not_i686
+run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \
+ "$P_SRV dtls=1 debug_level=2 \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ mtu=512 force_version=dtls1" \
+ "$G_CLI -u --insecure 127.0.0.1" \
+ 0 \
+ -s "fragmenting handshake message"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
+ "$O_SRV -dtls1_2 -verify 10" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ mtu=512 force_version=dtls1_2" \
+ 0 \
+ -c "fragmenting handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+run_test "DTLS fragmenting: openssl server, DTLS 1.0" \
+ "$O_SRV -dtls1 -verify 10" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ mtu=512 force_version=dtls1" \
+ 0 \
+ -c "fragmenting handshake message" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
+ "$P_SRV dtls=1 debug_level=2 \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ mtu=512 force_version=dtls1_2" \
+ "$O_CLI -dtls1_2" \
+ 0 \
+ -s "fragmenting handshake message"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+run_test "DTLS fragmenting: openssl client, DTLS 1.0" \
+ "$P_SRV dtls=1 debug_level=2 \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ mtu=512 force_version=dtls1" \
+ "$O_CLI -dtls1" \
+ 0 \
+ -s "fragmenting handshake message"
+
+# interop tests for DTLS fragmentating with unreliable connection
+#
+# again we just want to test that the we fragment in a way that
+# pleases other implementations, so we don't need the peer to fragment
+requires_gnutls_next
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+client_needs_more_time 4
+run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
+ -p "$P_PXY drop=8 delay=8 duplicate=8" \
+ "$G_NEXT_SRV -u" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+ 0 \
+ -c "fragmenting handshake message" \
+ -C "error"
+
+requires_gnutls_next
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+client_needs_more_time 4
+run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \
+ -p "$P_PXY drop=8 delay=8 duplicate=8" \
+ "$G_NEXT_SRV -u" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=250-60000 mtu=512 force_version=dtls1" \
+ 0 \
+ -c "fragmenting handshake message" \
+ -C "error"
+
+## The two tests below are disabled due to a bug in GnuTLS client that causes
+## handshake failures when the NewSessionTicket message is lost, see
+## https://gitlab.com/gnutls/gnutls/issues/543
+## We can re-enable them when a fixed version fo GnuTLS is available
+## and installed in our CI system.
+skip_next_test
+requires_gnutls
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+client_needs_more_time 4
+run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
+ -p "$P_PXY drop=8 delay=8 duplicate=8" \
+ "$P_SRV dtls=1 debug_level=2 \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+ "$G_CLI -u --insecure 127.0.0.1" \
+ 0 \
+ -s "fragmenting handshake message"
+
+skip_next_test
+requires_gnutls
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+client_needs_more_time 4
+run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \
+ -p "$P_PXY drop=8 delay=8 duplicate=8" \
+ "$P_SRV dtls=1 debug_level=2 \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=250-60000 mtu=512 force_version=dtls1" \
+ "$G_CLI -u --insecure 127.0.0.1" \
+ 0 \
+ -s "fragmenting handshake message"
+
+## Interop test with OpenSSL might trigger a bug in recent versions (including
+## all versions installed on the CI machines), reported here:
+## Bug report: https://github.com/openssl/openssl/issues/6902
+## They should be re-enabled once a fixed version of OpenSSL is available
+## (this should happen in some 1.1.1_ release according to the ticket).
+skip_next_test
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+client_needs_more_time 4
+run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
+ -p "$P_PXY drop=8 delay=8 duplicate=8" \
+ "$O_SRV -dtls1_2 -verify 10" \
+ "$P_CLI dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+ 0 \
+ -c "fragmenting handshake message" \
+ -C "error"
+
+skip_next_test
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+client_needs_more_time 4
+run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \
+ -p "$P_PXY drop=8 delay=8 duplicate=8" \
+ "$O_SRV -dtls1 -verify 10" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ crt_file=data_files/server8_int-ca2.crt \
+ key_file=data_files/server8.key \
+ hs_timeout=250-60000 mtu=512 force_version=dtls1" \
+ 0 \
+ -c "fragmenting handshake message" \
+ -C "error"
+
+skip_next_test
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+client_needs_more_time 4
+run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
+ -p "$P_PXY drop=8 delay=8 duplicate=8" \
+ "$P_SRV dtls=1 debug_level=2 \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+ "$O_CLI -dtls1_2" \
+ 0 \
+ -s "fragmenting handshake message"
+
+# -nbio is added to prevent s_client from blocking in case of duplicated
+# messages at the end of the handshake
+skip_next_test
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+client_needs_more_time 4
+run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \
+ -p "$P_PXY drop=8 delay=8 duplicate=8" \
+ "$P_SRV dgram_packing=0 dtls=1 debug_level=2 \
+ crt_file=data_files/server7_int-ca.crt \
+ key_file=data_files/server7.key \
+ hs_timeout=250-60000 mtu=512 force_version=dtls1" \
+ "$O_CLI -nbio -dtls1" \
+ 0 \
+ -s "fragmenting handshake message"
+
# Tests for specific things with "unreliable" UDP connection
not_with_valgrind # spurious resend due to timeout
@@ -4792,8 +6834,8 @@
not_with_valgrind # spurious resend due to timeout
run_test "DTLS proxy: duplicate every packet" \
-p "$P_PXY duplicate=1" \
- "$P_SRV dtls=1 debug_level=2" \
- "$P_CLI dtls=1 debug_level=2" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
0 \
-c "replayed record" \
-s "replayed record" \
@@ -4805,8 +6847,8 @@
run_test "DTLS proxy: duplicate every packet, server anti-replay off" \
-p "$P_PXY duplicate=1" \
- "$P_SRV dtls=1 debug_level=2 anti_replay=0" \
- "$P_CLI dtls=1 debug_level=2" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=0" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
0 \
-c "replayed record" \
-S "replayed record" \
@@ -4819,24 +6861,24 @@
run_test "DTLS proxy: multiple records in same datagram" \
-p "$P_PXY pack=50" \
- "$P_SRV dtls=1 debug_level=2" \
- "$P_CLI dtls=1 debug_level=2" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
0 \
-c "next record in same datagram" \
-s "next record in same datagram"
run_test "DTLS proxy: multiple records in same datagram, duplicate every packet" \
-p "$P_PXY pack=50 duplicate=1" \
- "$P_SRV dtls=1 debug_level=2" \
- "$P_CLI dtls=1 debug_level=2" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
0 \
-c "next record in same datagram" \
-s "next record in same datagram"
run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \
-p "$P_PXY bad_ad=1" \
- "$P_SRV dtls=1 debug_level=1" \
- "$P_CLI dtls=1 debug_level=1 read_timeout=100" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=1" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
0 \
-c "discarding invalid record (mac)" \
-s "discarding invalid record (mac)" \
@@ -4847,8 +6889,8 @@
run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \
-p "$P_PXY bad_ad=1" \
- "$P_SRV dtls=1 debug_level=1 badmac_limit=1" \
- "$P_CLI dtls=1 debug_level=1 read_timeout=100" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=1" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
1 \
-C "discarding invalid record (mac)" \
-S "discarding invalid record (mac)" \
@@ -4859,8 +6901,8 @@
run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \
-p "$P_PXY bad_ad=1" \
- "$P_SRV dtls=1 debug_level=1 badmac_limit=2" \
- "$P_CLI dtls=1 debug_level=1 read_timeout=100" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
0 \
-c "discarding invalid record (mac)" \
-s "discarding invalid record (mac)" \
@@ -4871,8 +6913,8 @@
run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\
-p "$P_PXY bad_ad=1" \
- "$P_SRV dtls=1 debug_level=1 badmac_limit=2 exchanges=2" \
- "$P_CLI dtls=1 debug_level=1 read_timeout=100 exchanges=2" \
+ "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2 exchanges=2" \
+ "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100 exchanges=2" \
1 \
-c "discarding invalid record (mac)" \
-s "discarding invalid record (mac)" \
@@ -4883,22 +6925,190 @@
run_test "DTLS proxy: delay ChangeCipherSpec" \
-p "$P_PXY delay_ccs=1" \
- "$P_SRV dtls=1 debug_level=1" \
- "$P_CLI dtls=1 debug_level=1" \
+ "$P_SRV dtls=1 debug_level=1 dgram_packing=0" \
+ "$P_CLI dtls=1 debug_level=1 dgram_packing=0" \
0 \
-c "record from another epoch" \
-s "record from another epoch" \
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
+# Tests for reordering support with DTLS
+
+run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
+ -p "$P_PXY delay_srv=ServerHello" \
+ "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ 0 \
+ -c "Buffering HS message" \
+ -c "Next handshake message has been buffered - load"\
+ -S "Buffering HS message" \
+ -S "Next handshake message has been buffered - load"\
+ -C "Injecting buffered CCS message" \
+ -C "Remember CCS message" \
+ -S "Injecting buffered CCS message" \
+ -S "Remember CCS message"
+
+run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
+ -p "$P_PXY delay_srv=ServerHello" \
+ "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ 0 \
+ -c "Buffering HS message" \
+ -c "found fragmented DTLS handshake message"\
+ -c "Next handshake message 1 not or only partially bufffered" \
+ -c "Next handshake message has been buffered - load"\
+ -S "Buffering HS message" \
+ -S "Next handshake message has been buffered - load"\
+ -C "Injecting buffered CCS message" \
+ -C "Remember CCS message" \
+ -S "Injecting buffered CCS message" \
+ -S "Remember CCS message"
+
+# The client buffers the ServerKeyExchange before receiving the fragmented
+# Certificate message; at the time of writing, together these are aroudn 1200b
+# in size, so that the bound below ensures that the certificate can be reassembled
+# while keeping the ServerKeyExchange.
+requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300
+run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
+ -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
+ "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ 0 \
+ -c "Buffering HS message" \
+ -c "Next handshake message has been buffered - load"\
+ -C "attempt to make space by freeing buffered messages" \
+ -S "Buffering HS message" \
+ -S "Next handshake message has been buffered - load"\
+ -C "Injecting buffered CCS message" \
+ -C "Remember CCS message" \
+ -S "Injecting buffered CCS message" \
+ -S "Remember CCS message"
+
+# The size constraints ensure that the delayed certificate message can't
+# be reassembled while keeping the ServerKeyExchange message, but it can
+# when dropping it first.
+requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900
+requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299
+run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \
+ -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
+ "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ 0 \
+ -c "Buffering HS message" \
+ -c "attempt to make space by freeing buffered future messages" \
+ -c "Enough space available after freeing buffered HS messages" \
+ -S "Buffering HS message" \
+ -S "Next handshake message has been buffered - load"\
+ -C "Injecting buffered CCS message" \
+ -C "Remember CCS message" \
+ -S "Injecting buffered CCS message" \
+ -S "Remember CCS message"
+
+run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
+ -p "$P_PXY delay_cli=Certificate" \
+ "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ 0 \
+ -C "Buffering HS message" \
+ -C "Next handshake message has been buffered - load"\
+ -s "Buffering HS message" \
+ -s "Next handshake message has been buffered - load" \
+ -C "Injecting buffered CCS message" \
+ -C "Remember CCS message" \
+ -S "Injecting buffered CCS message" \
+ -S "Remember CCS message"
+
+run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
+ -p "$P_PXY delay_srv=NewSessionTicket" \
+ "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ 0 \
+ -C "Buffering HS message" \
+ -C "Next handshake message has been buffered - load"\
+ -S "Buffering HS message" \
+ -S "Next handshake message has been buffered - load" \
+ -c "Injecting buffered CCS message" \
+ -c "Remember CCS message" \
+ -S "Injecting buffered CCS message" \
+ -S "Remember CCS message"
+
+run_test "DTLS reordering: Buffer out-of-order CCS message on server"\
+ -p "$P_PXY delay_cli=ClientKeyExchange" \
+ "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ 0 \
+ -C "Buffering HS message" \
+ -C "Next handshake message has been buffered - load"\
+ -S "Buffering HS message" \
+ -S "Next handshake message has been buffered - load" \
+ -C "Injecting buffered CCS message" \
+ -C "Remember CCS message" \
+ -s "Injecting buffered CCS message" \
+ -s "Remember CCS message"
+
+run_test "DTLS reordering: Buffer encrypted Finished message" \
+ -p "$P_PXY delay_ccs=1" \
+ "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
+ hs_timeout=2500-60000" \
+ 0 \
+ -s "Buffer record from epoch 1" \
+ -s "Found buffered record from current epoch - load" \
+ -c "Buffer record from epoch 1" \
+ -c "Found buffered record from current epoch - load"
+
+# In this test, both the fragmented NewSessionTicket and the ChangeCipherSpec
+# from the server are delayed, so that the encrypted Finished message
+# is received and buffered. When the fragmented NewSessionTicket comes
+# in afterwards, the encrypted Finished message must be freed in order
+# to make space for the NewSessionTicket to be reassembled.
+# This works only in very particular circumstances:
+# - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering
+# of the NewSessionTicket, but small enough to also allow buffering of
+# the encrypted Finished message.
+# - The MTU setting on the server must be so small that the NewSessionTicket
+# needs to be fragmented.
+# - All messages sent by the server must be small enough to be either sent
+# without fragmentation or be reassembled within the bounds of
+# MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based
+# handshake, omitting CRTs.
+requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 240
+requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 280
+run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \
+ -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \
+ "$P_SRV mtu=190 dgram_packing=0 psk=abc123 psk_identity=foo cookies=0 dtls=1 debug_level=2" \
+ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc123 psk_identity=foo" \
+ 0 \
+ -s "Buffer record from epoch 1" \
+ -s "Found buffered record from current epoch - load" \
+ -c "Buffer record from epoch 1" \
+ -C "Found buffered record from current epoch - load" \
+ -c "Enough space available after freeing future epoch record"
+
# Tests for "randomly unreliable connection": try a variety of flows and peers
client_needs_more_time 2
run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
psk=abc123" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
0 \
-s "Extra-header:" \
@@ -4907,8 +7117,8 @@
client_needs_more_time 2
run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
0 \
-s "Extra-header:" \
@@ -4917,8 +7127,8 @@
client_needs_more_time 2
run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0" \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
0 \
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
@@ -4926,8 +7136,8 @@
client_needs_more_time 2
run_test "DTLS proxy: 3d, FS, client auth" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0" \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
0 \
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
@@ -4935,8 +7145,8 @@
client_needs_more_time 2
run_test "DTLS proxy: 3d, FS, ticket" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=1" \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
0 \
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
@@ -4944,8 +7154,8 @@
client_needs_more_time 2
run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=1" \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
0 \
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
@@ -4953,9 +7163,9 @@
client_needs_more_time 2
run_test "DTLS proxy: 3d, max handshake, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \
auth_mode=required" \
- "$P_CLI dtls=1 hs_timeout=250-10000 nbio=2 tickets=1" \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \
0 \
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
@@ -4963,9 +7173,9 @@
client_needs_more_time 4
run_test "DTLS proxy: 3d, min handshake, resumption" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
psk=abc123 debug_level=3" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
0 \
@@ -4977,9 +7187,9 @@
client_needs_more_time 4
run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
psk=abc123 debug_level=3 nbio=2" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \
0 \
@@ -4992,9 +7202,9 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
psk=abc123 renegotiation=1 debug_level=2" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
renegotiate=1 debug_level=2 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
0 \
@@ -5007,9 +7217,9 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
psk=abc123 renegotiation=1 debug_level=2" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
renegotiate=1 debug_level=2 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
0 \
@@ -5022,10 +7232,10 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
debug_level=2" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
renegotiation=1 exchanges=4 debug_level=2 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
0 \
@@ -5038,10 +7248,10 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
- "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
+ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
debug_level=2 nbio=2" \
- "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \
+ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
renegotiation=1 exchanges=4 debug_level=2 nbio=2 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
0 \
@@ -5050,30 +7260,38 @@
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
+## Interop tests with OpenSSL might trigger a bug in recent versions (including
+## all versions installed on the CI machines), reported here:
+## Bug report: https://github.com/openssl/openssl/issues/6902
+## They should be re-enabled once a fixed version of OpenSSL is available
+## (this should happen in some 1.1.1_ release according to the ticket).
+skip_next_test
client_needs_more_time 6
not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, openssl server" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
"$O_SRV -dtls1 -mtu 2048" \
- "$P_CLI dtls=1 hs_timeout=250-60000 tickets=0" \
+ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
0 \
-c "HTTP/1.0 200 OK"
+skip_next_test # see above
client_needs_more_time 8
not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, openssl server, fragmentation" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
"$O_SRV -dtls1 -mtu 768" \
- "$P_CLI dtls=1 hs_timeout=250-60000 tickets=0" \
+ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
0 \
-c "HTTP/1.0 200 OK"
+skip_next_test # see above
client_needs_more_time 8
not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
"$O_SRV -dtls1 -mtu 768" \
- "$P_CLI dtls=1 hs_timeout=250-60000 nbio=2 tickets=0" \
+ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
0 \
-c "HTTP/1.0 200 OK"
@@ -5083,7 +7301,7 @@
run_test "DTLS proxy: 3d, gnutls server" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
"$G_SRV -u --mtu 2048 -a" \
- "$P_CLI dtls=1 hs_timeout=250-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
0 \
-s "Extra-header:" \
-c "Extra-header:"
@@ -5094,7 +7312,7 @@
run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
"$G_SRV -u --mtu 512" \
- "$P_CLI dtls=1 hs_timeout=250-60000" \
+ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
0 \
-s "Extra-header:" \
-c "Extra-header:"
@@ -5105,7 +7323,7 @@
run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
"$G_SRV -u --mtu 512" \
- "$P_CLI dtls=1 hs_timeout=250-60000 nbio=2" \
+ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \
0 \
-s "Extra-header:" \
-c "Extra-header:"
diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index f82694a..32b1b79 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -1,4 +1,4 @@
-#line 1 "helpers.function"
+#line 2 "suites/helpers.function"
/*----------------------------------------------------------------------------*/
/* Headers */
@@ -25,6 +25,8 @@
#ifdef _MSC_VER
#include <basetsd.h>
+typedef UINT8 uint8_t;
+typedef INT32 int32_t;
typedef UINT32 uint32_t;
#define strncasecmp _strnicmp
#define strcasecmp _stricmp
@@ -36,21 +38,32 @@
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
#include <unistd.h>
+#include <strings.h>
#endif
+/* Type for Hex parameters */
+typedef struct data_tag
+{
+ uint8_t * x;
+ uint32_t len;
+} data_t;
+
/*----------------------------------------------------------------------------*/
-/* Constants */
+/* Status and error constants */
-#define DEPENDENCY_SUPPORTED 0
-#define DEPENDENCY_NOT_SUPPORTED 1
+#define DEPENDENCY_SUPPORTED 0 /* Dependency supported by build */
+#define KEY_VALUE_MAPPING_FOUND 0 /* Integer expression found */
+#define DISPATCH_TEST_SUCCESS 0 /* Test dispatch successful */
-#define KEY_VALUE_MAPPING_FOUND 0
-#define KEY_VALUE_MAPPING_NOT_FOUND -1
-
-#define DISPATCH_TEST_SUCCESS 0
-#define DISPATCH_TEST_FN_NOT_FOUND 1
-#define DISPATCH_INVALID_TEST_DATA 2
-#define DISPATCH_UNSUPPORTED_SUITE 3
+#define KEY_VALUE_MAPPING_NOT_FOUND -1 /* Integer expression not found */
+#define DEPENDENCY_NOT_SUPPORTED -2 /* Dependency not supported */
+#define DISPATCH_TEST_FN_NOT_FOUND -3 /* Test function not found */
+#define DISPATCH_INVALID_TEST_DATA -4 /* Invalid test parameter type.
+ Only int, string, binary data
+ and integer expressions are
+ allowed */
+#define DISPATCH_UNSUPPORTED_SUITE -5 /* Test suite not supported by the
+ build */
/*----------------------------------------------------------------------------*/
@@ -441,3 +454,23 @@
test_info.line_no = line_no;
test_info.filename = filename;
}
+
+int hexcmp( uint8_t * a, uint8_t * b, uint32_t a_len, uint32_t b_len )
+{
+ int ret = 0;
+ uint32_t i = 0;
+
+ if ( a_len != b_len )
+ return( -1 );
+
+ for( i = 0; i < a_len; i++ )
+ {
+ if ( a[i] != b[i] )
+ {
+ ret = -1;
+ break;
+ }
+ }
+ return ret;
+}
+
diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
new file mode 100644
index 0000000..b354af4
--- /dev/null
+++ b/tests/suites/host_test.function
@@ -0,0 +1,671 @@
+#line 2 "suites/host_test.function"
+
+/**
+ * \brief Verifies that string is in string parameter format i.e. "<str>"
+ * It also strips enclosing '"' from the input string.
+ *
+ * \param str String parameter.
+ *
+ * \return 0 if success else 1
+ */
+int verify_string( char **str )
+{
+ if( ( *str )[0] != '"' ||
+ ( *str )[strlen( *str ) - 1] != '"' )
+ {
+ mbedtls_fprintf( stderr,
+ "Expected string (with \"\") for parameter and got: %s\n", *str );
+ return( -1 );
+ }
+
+ ( *str )++;
+ ( *str )[strlen( *str ) - 1] = '\0';
+
+ return( 0 );
+}
+
+/**
+ * \brief Verifies that string is an integer. Also gives the converted
+ * integer value.
+ *
+ * \param str Input string.
+ * \param value Pointer to int for output value.
+ *
+ * \return 0 if success else 1
+ */
+int verify_int( char *str, int *value )
+{
+ size_t i;
+ int minus = 0;
+ int digits = 1;
+ int hex = 0;
+
+ for( i = 0; i < strlen( str ); i++ )
+ {
+ if( i == 0 && str[i] == '-' )
+ {
+ minus = 1;
+ continue;
+ }
+
+ if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
+ str[i - 1] == '0' && ( str[i] == 'x' || str[i] == 'X' ) )
+ {
+ hex = 1;
+ continue;
+ }
+
+ if( ! ( ( str[i] >= '0' && str[i] <= '9' ) ||
+ ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) ||
+ ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) )
+ {
+ digits = 0;
+ break;
+ }
+ }
+
+ if( digits )
+ {
+ if( hex )
+ *value = strtol( str, NULL, 16 );
+ else
+ *value = strtol( str, NULL, 10 );
+
+ return( 0 );
+ }
+
+ mbedtls_fprintf( stderr,
+ "Expected integer for parameter and got: %s\n", str );
+ return( KEY_VALUE_MAPPING_NOT_FOUND );
+}
+
+
+/**
+ * \brief Usage string.
+ *
+ */
+#define USAGE \
+ "Usage: %s [OPTIONS] files...\n\n" \
+ " Command line arguments:\n" \
+ " files... One or more test data files. If no file is\n" \
+ " specified the following default test case\n" \
+ " file is used:\n" \
+ " %s\n\n" \
+ " Options:\n" \
+ " -v | --verbose Display full information about each test\n" \
+ " -h | --help Display this information\n\n", \
+ argv[0], \
+ "TESTCASE_FILENAME"
+
+
+/**
+ * \brief Read a line from the passed file pointer.
+ *
+ * \param f FILE pointer
+ * \param buf Pointer to memory to hold read line.
+ * \param len Length of the buf.
+ *
+ * \return 0 if success else -1
+ */
+int get_line( FILE *f, char *buf, size_t len )
+{
+ char *ret;
+ int i = 0, str_len = 0, has_string = 0;
+
+ /* Read until we get a valid line */
+ do
+ {
+ ret = fgets( buf, len, f );
+ if( ret == NULL )
+ return( -1 );
+
+ str_len = strlen( buf );
+
+ /* Skip empty line and comment */
+ if ( str_len == 0 || buf[0] == '#' )
+ continue;
+ has_string = 0;
+ for ( i = 0; i < str_len; i++ )
+ {
+ char c = buf[i];
+ if ( c != ' ' && c != '\t' && c != '\n' &&
+ c != '\v' && c != '\f' && c != '\r' )
+ {
+ has_string = 1;
+ break;
+ }
+ }
+ } while( !has_string );
+
+ /* Strip new line and carriage return */
+ ret = buf + strlen( buf );
+ if( ret-- > buf && *ret == '\n' )
+ *ret = '\0';
+ if( ret-- > buf && *ret == '\r' )
+ *ret = '\0';
+
+ return( 0 );
+}
+
+/**
+ * \brief Splits string delimited by ':'. Ignores '\:'.
+ *
+ * \param buf Input string
+ * \param len Input string length
+ * \param params Out params found
+ * \param params_len Out params array len
+ *
+ * \return Count of strings found.
+ */
+static int parse_arguments( char *buf, size_t len, char **params,
+ size_t params_len )
+{
+ size_t cnt = 0, i;
+ char *cur = buf;
+ char *p = buf, *q;
+
+ params[cnt++] = cur;
+
+ while( *p != '\0' && p < ( buf + len ) )
+ {
+ if( *p == '\\' )
+ {
+ p++;
+ p++;
+ continue;
+ }
+ if( *p == ':' )
+ {
+ if( p + 1 < buf + len )
+ {
+ cur = p + 1;
+ assert( cnt < params_len );
+ params[cnt++] = cur;
+ }
+ *p = '\0';
+ }
+
+ p++;
+ }
+
+ /* Replace newlines, question marks and colons in strings */
+ for( i = 0; i < cnt; i++ )
+ {
+ p = params[i];
+ q = params[i];
+
+ while( *p != '\0' )
+ {
+ if( *p == '\\' && *( p + 1 ) == 'n' )
+ {
+ p += 2;
+ *( q++ ) = '\n';
+ }
+ else if( *p == '\\' && *( p + 1 ) == ':' )
+ {
+ p += 2;
+ *( q++ ) = ':';
+ }
+ else if( *p == '\\' && *( p + 1 ) == '?' )
+ {
+ p += 2;
+ *( q++ ) = '?';
+ }
+ else
+ *( q++ ) = *( p++ );
+ }
+ *q = '\0';
+ }
+
+ return( cnt );
+}
+
+/**
+ * \brief Converts parameters into test function consumable parameters.
+ * Example: Input: {"int", "0", "char*", "Hello",
+ * "hex", "abef", "exp", "1"}
+ * Output: {
+ * 0, // Verified int
+ * "Hello", // Verified string
+ * 2, { 0xab, 0xef },// Converted len,hex pair
+ * 9600 // Evaluated expression
+ * }
+ *
+ *
+ * \param cnt Parameter array count.
+ * \param params Out array of found parameters.
+ * \param int_params_store Memory for storing processed integer parameters.
+ *
+ * \return 0 for success else 1
+ */
+static int convert_params( size_t cnt , char ** params , int * int_params_store )
+{
+ char ** cur = params;
+ char ** out = params;
+ int ret = DISPATCH_TEST_SUCCESS;
+
+ while ( cur < params + cnt )
+ {
+ char * type = *cur++;
+ char * val = *cur++;
+
+ if ( strcmp( type, "char*" ) == 0 )
+ {
+ if ( verify_string( &val ) == 0 )
+ {
+ *out++ = val;
+ }
+ else
+ {
+ ret = ( DISPATCH_INVALID_TEST_DATA );
+ break;
+ }
+ }
+ else if ( strcmp( type, "int" ) == 0 )
+ {
+ if ( verify_int( val, int_params_store ) == 0 )
+ {
+ *out++ = (char *) int_params_store++;
+ }
+ else
+ {
+ ret = ( DISPATCH_INVALID_TEST_DATA );
+ break;
+ }
+ }
+ else if ( strcmp( type, "hex" ) == 0 )
+ {
+ if ( verify_string( &val ) == 0 )
+ {
+ *int_params_store = unhexify( (unsigned char *) val, val );
+ *out++ = val;
+ *out++ = (char *)(int_params_store++);
+ }
+ else
+ {
+ ret = ( DISPATCH_INVALID_TEST_DATA );
+ break;
+ }
+ }
+ else if ( strcmp( type, "exp" ) == 0 )
+ {
+ int exp_id = strtol( val, NULL, 10 );
+ if ( get_expression ( exp_id, int_params_store ) == 0 )
+ {
+ *out++ = (char *)int_params_store++;
+ }
+ else
+ {
+ ret = ( DISPATCH_INVALID_TEST_DATA );
+ break;
+ }
+ }
+ else
+ {
+ ret = ( DISPATCH_INVALID_TEST_DATA );
+ break;
+ }
+ }
+ return( ret );
+}
+
+/**
+ * \brief Tests snprintf implementation with test input.
+ *
+ * \note
+ * At high optimization levels (e.g. gcc -O3), this function may be
+ * inlined in run_test_snprintf. This can trigger a spurious warning about
+ * potential misuse of snprintf from gcc -Wformat-truncation (observed with
+ * gcc 7.2). This warning makes tests in run_test_snprintf redundant on gcc
+ * only. They are still valid for other compilers. Avoid this warning by
+ * forbidding inlining of this function by gcc.
+ *
+ * \param n Buffer test length.
+ * \param ref_buf Expected buffer.
+ * \param ref_ret Expected snprintf return value.
+ *
+ * \return 0 for success else 1
+ */
+#if defined(__GNUC__)
+__attribute__((__noinline__))
+#endif
+static int test_snprintf( size_t n, const char ref_buf[10], int ref_ret )
+{
+ int ret;
+ char buf[10] = "xxxxxxxxx";
+ const char ref[10] = "xxxxxxxxx";
+
+ if( n >= sizeof( buf ) )
+ return( -1 );
+ ret = mbedtls_snprintf( buf, n, "%s", "123" );
+ if( ret < 0 || (size_t) ret >= n )
+ ret = -1;
+
+ if( strncmp( ref_buf, buf, sizeof( buf ) ) != 0 ||
+ ref_ret != ret ||
+ memcmp( buf + n, ref + n, sizeof( buf ) - n ) != 0 )
+ {
+ return( 1 );
+ }
+
+ return( 0 );
+}
+
+/**
+ * \brief Tests snprintf implementation.
+ *
+ * \param none
+ *
+ * \return 0 for success else 1
+ */
+static int run_test_snprintf( void )
+{
+ return( test_snprintf( 0, "xxxxxxxxx", -1 ) != 0 ||
+ test_snprintf( 1, "", -1 ) != 0 ||
+ test_snprintf( 2, "1", -1 ) != 0 ||
+ test_snprintf( 3, "12", -1 ) != 0 ||
+ test_snprintf( 4, "123", 3 ) != 0 ||
+ test_snprintf( 5, "123", 3 ) != 0 );
+}
+
+
+/**
+ * \brief Desktop implementation of execute_tests().
+ * Parses command line and executes tests from
+ * supplied or default data file.
+ *
+ * \param argc Command line argument count.
+ * \param argv Argument array.
+ *
+ * \return Program exit status.
+ */
+int execute_tests( int argc , const char ** argv )
+{
+ /* Local Configurations and options */
+ const char *default_filename = "DATA_FILE";
+ const char *test_filename = NULL;
+ const char **test_files = NULL;
+ int testfile_count = 0;
+ int option_verbose = 0;
+ int function_id = 0;
+
+ /* Other Local variables */
+ int arg_index = 1;
+ const char *next_arg;
+ int testfile_index, ret, i, cnt;
+ int total_errors = 0, total_tests = 0, total_skipped = 0;
+ FILE *file;
+ char buf[5000];
+ char *params[50];
+ /* Store for proccessed integer params. */
+ int int_params[50];
+ void *pointer;
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+ int stdout_fd = -1;
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
+ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
+ unsigned char alloc_buf[1000000];
+ mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) );
+#endif
+
+ /*
+ * The C standard doesn't guarantee that all-bits-0 is the representation
+ * of a NULL pointer. We do however use that in our code for initializing
+ * structures, which should work on every modern platform. Let's be sure.
+ */
+ memset( &pointer, 0, sizeof( void * ) );
+ if( pointer != NULL )
+ {
+ mbedtls_fprintf( stderr, "all-bits-zero is not a NULL pointer\n" );
+ return( 1 );
+ }
+
+ /*
+ * Make sure we have a snprintf that correctly zero-terminates
+ */
+ if( run_test_snprintf() != 0 )
+ {
+ mbedtls_fprintf( stderr, "the snprintf implementation is broken\n" );
+ return( 1 );
+ }
+
+ while( arg_index < argc )
+ {
+ next_arg = argv[arg_index];
+
+ if( strcmp( next_arg, "--verbose" ) == 0 ||
+ strcmp( next_arg, "-v" ) == 0 )
+ {
+ option_verbose = 1;
+ }
+ else if( strcmp(next_arg, "--help" ) == 0 ||
+ strcmp(next_arg, "-h" ) == 0 )
+ {
+ mbedtls_fprintf( stdout, USAGE );
+ mbedtls_exit( EXIT_SUCCESS );
+ }
+ else
+ {
+ /* Not an option, therefore treat all further arguments as the file
+ * list.
+ */
+ test_files = &argv[ arg_index ];
+ testfile_count = argc - arg_index;
+ }
+
+ arg_index++;
+ }
+
+ /* If no files were specified, assume a default */
+ if ( test_files == NULL || testfile_count == 0 )
+ {
+ test_files = &default_filename;
+ testfile_count = 1;
+ }
+
+ /* Initialize the struct that holds information about the last test */
+ memset( &test_info, 0, sizeof( test_info ) );
+
+ /* Now begin to execute the tests in the testfiles */
+ for ( testfile_index = 0;
+ testfile_index < testfile_count;
+ testfile_index++ )
+ {
+ int unmet_dep_count = 0;
+ char *unmet_dependencies[20];
+
+ test_filename = test_files[ testfile_index ];
+
+ file = fopen( test_filename, "r" );
+ if( file == NULL )
+ {
+ mbedtls_fprintf( stderr, "Failed to open test file: %s\n",
+ test_filename );
+ return( 1 );
+ }
+
+ while( !feof( file ) )
+ {
+ if( unmet_dep_count > 0 )
+ {
+ mbedtls_fprintf( stderr,
+ "FATAL: Dep count larger than zero at start of loop\n" );
+ mbedtls_exit( MBEDTLS_EXIT_FAILURE );
+ }
+ unmet_dep_count = 0;
+
+ if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
+ break;
+ mbedtls_fprintf( stdout, "%s%.66s", test_info.failed ? "\n" : "", buf );
+ mbedtls_fprintf( stdout, " " );
+ for( i = strlen( buf ) + 1; i < 67; i++ )
+ mbedtls_fprintf( stdout, "." );
+ mbedtls_fprintf( stdout, " " );
+ fflush( stdout );
+
+ total_tests++;
+
+ if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 )
+ break;
+ cnt = parse_arguments( buf, strlen( buf ), params,
+ sizeof( params ) / sizeof( params[0] ) );
+
+ if( strcmp( params[0], "depends_on" ) == 0 )
+ {
+ for( i = 1; i < cnt; i++ )
+ {
+ int dep_id = strtol( params[i], NULL, 10 );
+ if( dep_check( dep_id ) != DEPENDENCY_SUPPORTED )
+ {
+ if( 0 == option_verbose )
+ {
+ /* Only one count is needed if not verbose */
+ unmet_dep_count++;
+ break;
+ }
+
+ unmet_dependencies[ unmet_dep_count ] = strdup( params[i] );
+ if( unmet_dependencies[ unmet_dep_count ] == NULL )
+ {
+ mbedtls_fprintf( stderr, "FATAL: Out of memory\n" );
+ mbedtls_exit( MBEDTLS_EXIT_FAILURE );
+ }
+ unmet_dep_count++;
+ }
+ }
+
+ if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 )
+ break;
+ cnt = parse_arguments( buf, strlen( buf ), params,
+ sizeof( params ) / sizeof( params[0] ) );
+ }
+
+ // If there are no unmet dependencies execute the test
+ if( unmet_dep_count == 0 )
+ {
+ test_info.failed = 0;
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+ /* Suppress all output from the library unless we're verbose
+ * mode
+ */
+ if( !option_verbose )
+ {
+ stdout_fd = redirect_output( &stdout, "/dev/null" );
+ if( stdout_fd == -1 )
+ {
+ /* Redirection has failed with no stdout so exit */
+ exit( 1 );
+ }
+ }
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
+ function_id = strtol( params[0], NULL, 10 );
+ if ( (ret = check_test( function_id )) == DISPATCH_TEST_SUCCESS )
+ {
+ ret = convert_params( cnt - 1, params + 1, int_params );
+ if ( DISPATCH_TEST_SUCCESS == ret )
+ {
+ ret = dispatch_test( function_id, (void **)( params + 1 ) );
+ }
+ }
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+ if( !option_verbose && restore_output( &stdout, stdout_fd ) )
+ {
+ /* Redirection has failed with no stdout so exit */
+ exit( 1 );
+ }
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
+ }
+
+ if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE )
+ {
+ total_skipped++;
+ mbedtls_fprintf( stdout, "----" );
+
+ if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE )
+ {
+ mbedtls_fprintf( stdout, "\n Test Suite not enabled" );
+ }
+
+ if( 1 == option_verbose && unmet_dep_count > 0 )
+ {
+ mbedtls_fprintf( stdout, "\n Unmet dependencies: " );
+ for( i = 0; i < unmet_dep_count; i++ )
+ {
+ mbedtls_fprintf( stdout, "%s ",
+ unmet_dependencies[i] );
+ free( unmet_dependencies[i] );
+ }
+ }
+ mbedtls_fprintf( stdout, "\n" );
+ fflush( stdout );
+
+ unmet_dep_count = 0;
+ }
+ else if( ret == DISPATCH_TEST_SUCCESS )
+ {
+ if( test_info.failed == 0 )
+ {
+ mbedtls_fprintf( stdout, "PASS\n" );
+ }
+ else
+ {
+ total_errors++;
+ mbedtls_fprintf( stdout, "FAILED\n" );
+ mbedtls_fprintf( stdout, " %s\n at line %d, %s\n",
+ test_info.test, test_info.line_no,
+ test_info.filename );
+ }
+ fflush( stdout );
+ }
+ else if( ret == DISPATCH_INVALID_TEST_DATA )
+ {
+ mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
+ fclose( file );
+ mbedtls_exit( 2 );
+ }
+ else if( ret == DISPATCH_TEST_FN_NOT_FOUND )
+ {
+ mbedtls_fprintf( stderr, "FAILED: FATAL TEST FUNCTION NOT FUND\n" );
+ fclose( file );
+ mbedtls_exit( 2 );
+ }
+ else
+ total_errors++;
+ }
+ fclose( file );
+
+ /* In case we encounter early end of file */
+ for( i = 0; i < unmet_dep_count; i++ )
+ free( unmet_dependencies[i] );
+ }
+
+ mbedtls_fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
+ if( total_errors == 0 )
+ mbedtls_fprintf( stdout, "PASSED" );
+ else
+ mbedtls_fprintf( stdout, "FAILED" );
+
+ mbedtls_fprintf( stdout, " (%d / %d tests (%d skipped))\n",
+ total_tests - total_errors, total_tests, total_skipped );
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
+ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
+#if defined(MBEDTLS_MEMORY_DEBUG)
+ mbedtls_memory_buffer_alloc_status();
+#endif
+ mbedtls_memory_buffer_alloc_free();
+#endif
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+ if( stdout_fd != -1 )
+ close_output( stdout );
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
+ return( total_errors != 0 );
+}
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index b6e3104..2ba919c 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -1,300 +1,219 @@
-#line 1 "main_test.function"
-SUITE_PRE_DEP
-#define TEST_SUITE_ACTIVE
+#line 2 "suites/main_test.function"
+/*
+ * *** THIS FILE HAS BEEN MACHINE GENERATED ***
+ *
+ * This file has been machine generated using the script:
+ * $generator_script
+ *
+ * Test file : $test_file
+ *
+ * The following files were used to create this file.
+ *
+ * Main code file : $test_main_file
+ * Platform code file : $test_platform_file
+ * Helper file : $test_common_helper_file
+ * Test suite file : $test_case_file
+ * Test suite data : $test_case_data_file
+ *
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
-int verify_string( char **str )
-{
- if( (*str)[0] != '"' ||
- (*str)[strlen( *str ) - 1] != '"' )
- {
- mbedtls_fprintf( stderr,
- "Expected string (with \"\") for parameter and got: %s\n", *str );
- return( -1 );
- }
-
- (*str)++;
- (*str)[strlen( *str ) - 1] = '\0';
-
- return( 0 );
-}
-
-int verify_int( char *str, int *value )
-{
- size_t i;
- int minus = 0;
- int digits = 1;
- int hex = 0;
-
- for( i = 0; i < strlen( str ); i++ )
- {
- if( i == 0 && str[i] == '-' )
- {
- minus = 1;
- continue;
- }
-
- if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
- str[i - 1] == '0' && str[i] == 'x' )
- {
- hex = 1;
- continue;
- }
-
- if( ! ( ( str[i] >= '0' && str[i] <= '9' ) ||
- ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) ||
- ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) )
- {
- digits = 0;
- break;
- }
- }
-
- if( digits )
- {
- if( hex )
- *value = strtol( str, NULL, 16 );
- else
- *value = strtol( str, NULL, 10 );
-
- return( 0 );
- }
-
-MAPPING_CODE
-
- mbedtls_fprintf( stderr,
- "Expected integer for parameter and got: %s\n", str );
- return( KEY_VALUE_MAPPING_NOT_FOUND );
-}
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include <mbedtls/config.h>
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
/*----------------------------------------------------------------------------*/
-/* Test Case code */
+/* Common helper code */
-FUNCTION_CODE
-SUITE_POST_DEP
+$test_common_helpers
-#line !LINE_NO! "main_test.function"
+#line $line_no "suites/main_test.function"
+
+
+/*----------------------------------------------------------------------------*/
+/* Test Suite Code */
+
+
+#define TEST_SUITE_ACTIVE
+
+$functions_code
+
+#line $line_no "suites/main_test.function"
/*----------------------------------------------------------------------------*/
/* Test dispatch code */
-int dep_check( char *str )
+
+/**
+ * \brief Evaluates an expression/macro into its literal integer value.
+ * For optimizing space for embedded targets each expression/macro
+ * is identified by a unique identifier instead of string literals.
+ * Identifiers and evaluation code is generated by script:
+ * $generator_script
+ *
+ * \param exp_id Expression identifier.
+ * \param out_value Pointer to int to hold the integer.
+ *
+ * \return 0 if exp_id is found. 1 otherwise.
+ */
+int get_expression( int32_t exp_id, int32_t * out_value )
{
- if( str == NULL )
- return( 1 );
+ int ret = KEY_VALUE_MAPPING_FOUND;
-DEP_CHECK_CODE
-#line !LINE_NO! "main_test.function"
+ (void) exp_id;
+ (void) out_value;
- return( DEPENDENCY_NOT_SUPPORTED );
-}
-
-int dispatch_test(int cnt, char *params[50])
-{
- int ret;
- ((void) cnt);
- ((void) params);
-
-#if defined(TEST_SUITE_ACTIVE)
- ret = DISPATCH_TEST_SUCCESS;
-
- // Cast to void to avoid compiler warnings
- (void)ret;
-
-DISPATCH_FUNCTION
+ switch( exp_id )
{
-#line !LINE_NO! "main_test.function"
- mbedtls_fprintf( stdout,
- "FAILED\nSkipping unknown test function '%s'\n",
- params[0] );
- fflush( stdout );
- ret = DISPATCH_TEST_FN_NOT_FOUND;
+$expression_code
+#line $line_no "suites/main_test.function"
+ default:
+ {
+ ret = KEY_VALUE_MAPPING_NOT_FOUND;
+ }
+ break;
}
-#else
- ret = DISPATCH_UNSUPPORTED_SUITE;
-#endif
return( ret );
}
+/**
+ * \brief Checks if the dependency i.e. the compile flag is set.
+ * For optimizing space for embedded targets each dependency
+ * is identified by a unique identifier instead of string literals.
+ * Identifiers and check code is generated by script:
+ * $generator_script
+ *
+ * \param exp_id Dependency identifier.
+ *
+ * \return DEPENDENCY_SUPPORTED if set else DEPENDENCY_NOT_SUPPORTED
+ */
+int dep_check( int dep_id )
+{
+ int ret = DEPENDENCY_NOT_SUPPORTED;
+
+ (void) dep_id;
+
+ switch( dep_id )
+ {
+$dep_check_code
+#line $line_no "suites/main_test.function"
+ default:
+ break;
+ }
+ return( ret );
+}
+
+
+/**
+ * \brief Function pointer type for test function wrappers.
+ *
+ *
+ * \param void ** Pointer to void pointers. Represents an array of test
+ * function parameters.
+ *
+ * \return void
+ */
+typedef void (*TestWrapper_t)( void ** );
+
+
+/**
+ * \brief Table of test function wrappers. Used by dispatch_test().
+ * This table is populated by script:
+ * $generator_script
+ *
+ */
+TestWrapper_t test_funcs[] =
+{
+$dispatch_code
+#line $line_no "suites/main_test.function"
+};
+
+
+/**
+ * \brief Dispatches test functions based on function index.
+ *
+ * \param exp_id Test function index.
+ *
+ * \return DISPATCH_TEST_SUCCESS if found
+ * DISPATCH_TEST_FN_NOT_FOUND if not found
+ * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
+ */
+int dispatch_test( int func_idx, void ** params )
+{
+ int ret = DISPATCH_TEST_SUCCESS;
+ TestWrapper_t fp = NULL;
+
+ if ( func_idx < (int)( sizeof( test_funcs ) / sizeof( TestWrapper_t ) ) )
+ {
+ fp = test_funcs[func_idx];
+ if ( fp )
+ fp( params );
+ else
+ ret = DISPATCH_UNSUPPORTED_SUITE;
+ }
+ else
+ {
+ ret = DISPATCH_TEST_FN_NOT_FOUND;
+ }
+
+ return( ret );
+}
+
+
+/**
+ * \brief Checks if test function is supported
+ *
+ * \param exp_id Test function index.
+ *
+ * \return DISPATCH_TEST_SUCCESS if found
+ * DISPATCH_TEST_FN_NOT_FOUND if not found
+ * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
+ */
+int check_test( int func_idx )
+{
+ int ret = DISPATCH_TEST_SUCCESS;
+ TestWrapper_t fp = NULL;
+
+ if ( func_idx < (int)( sizeof(test_funcs)/sizeof( TestWrapper_t ) ) )
+ {
+ fp = test_funcs[func_idx];
+ if ( fp == NULL )
+ ret = DISPATCH_UNSUPPORTED_SUITE;
+ }
+ else
+ {
+ ret = DISPATCH_TEST_FN_NOT_FOUND;
+ }
+
+ return( ret );
+}
+
+
+$platform_code
+
+#line $line_no "suites/main_test.function"
+
/*----------------------------------------------------------------------------*/
/* Main Test code */
-#line !LINE_NO! "main_test.function"
-#define USAGE \
- "Usage: %s [OPTIONS] files...\n\n" \
- " Command line arguments:\n" \
- " files... One or more test data file. If no file is specified\n" \
- " the followimg default test case is used:\n" \
- " %s\n\n" \
- " Options:\n" \
- " -v | --verbose Display full information about each test\n" \
- " -h | --help Display this information\n\n", \
- argv[0], \
- "TESTCASE_FILENAME"
-
-
-/** Retrieve one input line into buf, which must have room for len
- * bytes. The trailing line break (if any) is stripped from the result.
- * Lines beginning with the character '#' are skipped. Lines that are
- * more than len-1 bytes long including the trailing line break are
- * truncated; note that the following bytes remain in the input stream.
+/**
+ * \brief Program main. Invokes platform specific execute_tests().
*
- * \return 0 on success, -1 on error or end of file
+ * \param argc Command line arguments count.
+ * \param argv Array of command line arguments.
+ *
+ * \return Exit code.
*/
-int get_line( FILE *f, char *buf, size_t len )
+int main( int argc, const char *argv[] )
{
- char *ret;
-
- do
- {
- ret = fgets( buf, len, f );
- if( ret == NULL )
- return( -1 );
- }
- while( buf[0] == '#' );
-
- ret = buf + strlen( buf );
- if( ret-- > buf && *ret == '\n' )
- *ret = '\0';
- if( ret-- > buf && *ret == '\r' )
- *ret = '\0';
-
- return( 0 );
-}
-
-int parse_arguments( char *buf, size_t len, char *params[50] )
-{
- int cnt = 0, i;
- char *cur = buf;
- char *p = buf, *q;
-
- params[cnt++] = cur;
-
- while( *p != '\0' && p < buf + len )
- {
- if( *p == '\\' )
- {
- p++;
- p++;
- continue;
- }
- if( *p == ':' )
- {
- if( p + 1 < buf + len )
- {
- cur = p + 1;
- params[cnt++] = cur;
- }
- *p = '\0';
- }
-
- p++;
- }
-
- /* Replace newlines, question marks and colons in strings */
- for( i = 0; i < cnt; i++ )
- {
- p = params[i];
- q = params[i];
-
- while( *p != '\0' )
- {
- if( *p == '\\' && *(p + 1) == 'n' )
- {
- p += 2;
- *(q++) = '\n';
- }
- else if( *p == '\\' && *(p + 1) == ':' )
- {
- p += 2;
- *(q++) = ':';
- }
- else if( *p == '\\' && *(p + 1) == '?' )
- {
- p += 2;
- *(q++) = '?';
- }
- else
- *(q++) = *(p++);
- }
- *q = '\0';
- }
-
- return( cnt );
-}
-
-#if defined(__GNUC__)
-/* At high optimization levels (e.g. gcc -O3), this function may be
- * inlined in run_test_snprintf. This can trigger a spurious warning about
- * potential misuse of snprintf from gcc -Wformat-truncation (observed with
- * gcc 7.2). This warning makes tests in run_test_snprintf redundant on gcc
- * only. They are still valid for other compilers. Avoid this warning by
- * forbidding inlining of this function by gcc. */
-__attribute__((__noinline__))
-#endif
-static int test_snprintf( size_t n, const char ref_buf[10], int ref_ret )
-{
- int ret;
- char buf[10] = "xxxxxxxxx";
- const char ref[10] = "xxxxxxxxx";
-
- if( n >= sizeof( buf ) )
- return( -1 );
- ret = mbedtls_snprintf( buf, n, "%s", "123" );
- if( ret < 0 || (size_t) ret >= n )
- ret = -1;
-
- if( strncmp( ref_buf, buf, sizeof( buf ) ) != 0 ||
- ref_ret != ret ||
- memcmp( buf + n, ref + n, sizeof( buf ) - n ) != 0 )
- {
- return( 1 );
- }
-
- return( 0 );
-}
-
-static int run_test_snprintf( void )
-{
- return( test_snprintf( 0, "xxxxxxxxx", -1 ) != 0 ||
- test_snprintf( 1, "", -1 ) != 0 ||
- test_snprintf( 2, "1", -1 ) != 0 ||
- test_snprintf( 3, "12", -1 ) != 0 ||
- test_snprintf( 4, "123", 3 ) != 0 ||
- test_snprintf( 5, "123", 3 ) != 0 );
-}
-
-int main(int argc, const char *argv[])
-{
- /* Local Configurations and options */
- const char *default_filename = "TESTCASE_FILENAME";
- const char *test_filename = NULL;
- const char **test_files = NULL;
- int testfile_count = 0;
- int option_verbose = 0;
-
- /* Other Local variables */
- int arg_index = 1;
- const char *next_arg;
- int testfile_index, ret, i, cnt;
- int total_errors = 0, total_tests = 0, total_skipped = 0;
- FILE *file;
- char buf[5000];
- char *params[50];
- void *pointer;
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
- int stdout_fd = -1;
-#endif /* __unix__ || __APPLE__ __MACH__ */
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
- !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
- unsigned char alloc_buf[1000000];
-#endif
- /* Platform setup should be called in the beginning */
- ret = platform_setup();
+ int ret = platform_setup();
if( ret != 0 )
{
mbedtls_fprintf( stderr,
@@ -302,270 +221,8 @@
ret );
return( -1 );
}
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
- !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
- mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
-#endif
-
- /*
- * The C standard doesn't guarantee that all-bits-0 is the representation
- * of a NULL pointer. We do however use that in our code for initializing
- * structures, which should work on every modern platform. Let's be sure.
- */
- memset( &pointer, 0, sizeof( void * ) );
- if( pointer != NULL )
- {
- mbedtls_fprintf( stderr, "all-bits-zero is not a NULL pointer\n" );
- platform_teardown();
- return( 1 );
- }
-
- /*
- * Make sure we have a snprintf that correctly zero-terminates
- */
- if( run_test_snprintf() != 0 )
- {
- mbedtls_fprintf( stderr, "the snprintf implementation is broken\n" );
- platform_teardown();
- return( 1 );
- }
-
- while( arg_index < argc)
- {
- next_arg = argv[ arg_index ];
-
- if( strcmp(next_arg, "--verbose" ) == 0 ||
- strcmp(next_arg, "-v" ) == 0 )
- {
- option_verbose = 1;
- }
- else if( strcmp(next_arg, "--help" ) == 0 ||
- strcmp(next_arg, "-h" ) == 0 )
- {
- mbedtls_fprintf( stdout, USAGE );
- platform_teardown();
- mbedtls_exit( EXIT_SUCCESS );
- }
- else
- {
- /* Not an option, therefore treat all further arguments as the file
- * list.
- */
- test_files = &argv[ arg_index ];
- testfile_count = argc - arg_index;
- }
-
- arg_index++;
- }
-
- /* If no files were specified, assume a default */
- if ( test_files == NULL || testfile_count == 0 )
- {
- test_files = &default_filename;
- testfile_count = 1;
- }
-
- /* Initialize the struct that holds information about the last test */
- memset( &test_info, 0, sizeof( test_info ) );
-
- /* Now begin to execute the tests in the testfiles */
- for ( testfile_index = 0;
- testfile_index < testfile_count;
- testfile_index++ )
- {
- int unmet_dep_count = 0;
- char *unmet_dependencies[20];
-
- test_filename = test_files[ testfile_index ];
-
- file = fopen( test_filename, "r" );
- if( file == NULL )
- {
- mbedtls_fprintf( stderr, "Failed to open test file: %s\n",
- test_filename );
- platform_teardown();
- return( 1 );
- }
-
- while( !feof( file ) )
- {
- if( unmet_dep_count > 0 )
- {
- mbedtls_fprintf( stderr,
- "FATAL: Dep count larger than zero at start of loop\n" );
- platform_teardown();
- mbedtls_exit( MBEDTLS_EXIT_FAILURE );
- }
- unmet_dep_count = 0;
-
- if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
- break;
- mbedtls_fprintf( stdout, "%s%.66s", test_info.failed ? "\n" : "", buf );
- mbedtls_fprintf( stdout, " " );
- for( i = strlen( buf ) + 1; i < 67; i++ )
- mbedtls_fprintf( stdout, "." );
- mbedtls_fprintf( stdout, " " );
- fflush( stdout );
-
- total_tests++;
-
- if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
- break;
- cnt = parse_arguments( buf, strlen(buf), params );
-
- if( strcmp( params[0], "depends_on" ) == 0 )
- {
- for( i = 1; i < cnt; i++ )
- {
- if( dep_check( params[i] ) != DEPENDENCY_SUPPORTED )
- {
- if( 0 == option_verbose )
- {
- /* Only one count is needed if not verbose */
- unmet_dep_count++;
- break;
- }
-
- unmet_dependencies[ unmet_dep_count ] = strdup(params[i]);
- if( unmet_dependencies[ unmet_dep_count ] == NULL )
- {
- mbedtls_fprintf( stderr, "FATAL: Out of memory\n" );
- platform_teardown();
- mbedtls_exit( MBEDTLS_EXIT_FAILURE );
- }
- unmet_dep_count++;
- }
- }
-
- if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
- break;
- cnt = parse_arguments( buf, strlen(buf), params );
- }
-
- // If there are no unmet dependencies execute the test
- if( unmet_dep_count == 0 )
- {
- test_info.failed = 0;
-
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
- /* Suppress all output from the library unless we're verbose
- * mode
- */
- if( !option_verbose )
- {
- stdout_fd = redirect_output( &stdout, "/dev/null" );
- if( stdout_fd == -1 )
- {
- platform_teardown();
- /* Redirection has failed with no stdout so exit */
- exit( 1 );
- }
- }
-#endif /* __unix__ || __APPLE__ __MACH__ */
-
- ret = dispatch_test( cnt, params );
-
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
- if( !option_verbose && restore_output( &stdout, stdout_fd ) )
- {
- /* Redirection has failed with no stdout so exit */
- platform_teardown();
- exit( 1 );
- }
-#endif /* __unix__ || __APPLE__ __MACH__ */
-
- }
-
- if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE )
- {
- total_skipped++;
- mbedtls_fprintf( stdout, "----" );
-
- if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE )
- {
- mbedtls_fprintf( stdout, "\n Test Suite not enabled" );
- }
-
- if( 1 == option_verbose && unmet_dep_count > 0 )
- {
- mbedtls_fprintf( stdout, "\n Unmet dependencies: " );
- for( i = 0; i < unmet_dep_count; i++ )
- {
- mbedtls_fprintf(stdout, "%s ",
- unmet_dependencies[i]);
- free(unmet_dependencies[i]);
- }
- }
- mbedtls_fprintf( stdout, "\n" );
- fflush( stdout );
-
- unmet_dep_count = 0;
- }
- else if( ret == DISPATCH_TEST_SUCCESS )
- {
- if( test_info.failed == 0 )
- {
- mbedtls_fprintf( stdout, "PASS\n" );
- }
- else
- {
- total_errors++;
- mbedtls_fprintf( stdout, "FAILED\n" );
- mbedtls_fprintf( stdout, " %s\n at line %d, %s\n",
- test_info.test, test_info.line_no,
- test_info.filename );
- }
- fflush( stdout );
- }
- else if( ret == DISPATCH_INVALID_TEST_DATA )
- {
- mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
- fclose( file );
- platform_teardown();
- mbedtls_exit( 2 );
- }
- else
- total_errors++;
-
- if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 )
- break;
- if( strlen( buf ) != 0 )
- {
- mbedtls_fprintf( stderr, "Should be empty %d\n",
- (int) strlen( buf ) );
- platform_teardown();
- return( 1 );
- }
- }
- fclose( file );
-
- /* In case we encounter early end of file */
- for( i = 0; i < unmet_dep_count; i++ )
- free( unmet_dependencies[i] );
- }
-
- mbedtls_fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
- if( total_errors == 0 )
- mbedtls_fprintf( stdout, "PASSED" );
- else
- mbedtls_fprintf( stdout, "FAILED" );
-
- mbedtls_fprintf( stdout, " (%d / %d tests (%d skipped))\n",
- total_tests - total_errors, total_tests, total_skipped );
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
- !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
-#if defined(MBEDTLS_MEMORY_DEBUG)
- mbedtls_memory_buffer_alloc_status();
-#endif
- mbedtls_memory_buffer_alloc_free();
-#endif
-
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
- if( stdout_fd != -1 )
- close_output( stdout );
-#endif /* __unix__ || __APPLE__ __MACH__ */
-
+ ret = execute_tests( argc, argv );
platform_teardown();
- return( total_errors != 0 );
+ return( ret );
}
+
diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function
new file mode 100644
index 0000000..56abf29
--- /dev/null
+++ b/tests/suites/target_test.function
@@ -0,0 +1,413 @@
+#line 2 "suites/target_test.function"
+
+#include "greentea-client/test_env.h"
+
+/**
+ * \brief Increments pointer and asserts that it does not overflow.
+ *
+ * \param p Pointer to byte array
+ * \param start Pointer to start of byte array
+ * \param len Length of byte array
+ * \param step Increment size
+ *
+ */
+#define INCR_ASSERT(p, start, len, step) do \
+{ \
+ assert( ( p ) >= ( start ) ); \
+ assert( sizeof( *( p ) ) == sizeof( *( start ) ) ); \
+ /* <= is checked to support use inside a loop where \
+ pointer is incremented after reading data. */ \
+ assert( (uint32_t)( ( ( p ) - ( start ) ) + ( step ) ) <= ( len ) );\
+ ( p ) += ( step ); \
+} \
+while( 0 )
+
+
+/**
+ * \brief 4 byte align unsigned char pointer
+ *
+ * \param p Pointer to byte array
+ * \param start Pointer to start of byte array
+ * \param len Length of byte array
+ *
+ */
+#define ALIGN_32BIT(p, start, len) do \
+{ \
+ uint32_t align = ( - (uintptr_t)( p ) ) % 4; \
+ INCR_ASSERT( ( p ), ( start ), ( len ), align );\
+} \
+while( 0 )
+
+
+/**
+ * \brief Verify dependencies. Dependency identifiers are
+ * encoded in the buffer as 8 bit unsigned integers.
+ *
+ * \param count Number of dependencies.
+ * \param dep_p Pointer to buffer.
+ *
+ * \return DEPENDENCY_SUPPORTED if success else DEPENDENCY_NOT_SUPPORTED.
+ */
+int verify_dependencies( uint8_t count, uint8_t * dep_p )
+{
+ uint8_t i;
+ for ( i = 0; i < count; i++ )
+ {
+ if ( dep_check( (int)(dep_p[i]) ) != DEPENDENCY_SUPPORTED )
+ return( DEPENDENCY_NOT_SUPPORTED );
+ }
+ return( DEPENDENCY_SUPPORTED );
+}
+
+
+/**
+ * \brief Receives unsigned integer on serial interface.
+ * Integers are encoded in network order.
+ *
+ * \param none
+ *
+ * \return unsigned int
+ */
+uint32_t receive_uint32()
+{
+ uint32_t value;
+ value = (uint8_t)greentea_getc() << 24;
+ value |= (uint8_t)greentea_getc() << 16;
+ value |= (uint8_t)greentea_getc() << 8;
+ value |= (uint8_t)greentea_getc();
+ return( (uint32_t)value );
+}
+
+/**
+ * \brief Parses out an unsigned 32 int value from the byte array.
+ * Integers are encoded in network order.
+ *
+ * \param p Pointer to byte array
+ *
+ * \return unsigned int
+ */
+uint32_t parse_uint32( uint8_t * p )
+{
+ uint32_t value;
+ value = *p++ << 24;
+ value |= *p++ << 16;
+ value |= *p++ << 8;
+ value |= *p;
+ return( value );
+}
+
+
+/**
+ * \brief Receives test data on serial as greentea key,value pair:
+ * {{<length>;<byte array>}}
+ *
+ * \param data_len Out pointer to hold received data length.
+ *
+ * \return Byte array.
+ */
+uint8_t * receive_data( uint32_t * data_len )
+{
+ uint32_t i = 0, errors = 0;
+ char c;
+ uint8_t * data = NULL;
+
+ /* Read opening braces */
+ i = 0;
+ while ( i < 2 )
+ {
+ c = greentea_getc();
+ /* Ignore any prevous CR LF characters */
+ if ( c == '\n' || c == '\r' )
+ continue;
+ i++;
+ if ( c != '{' )
+ return( NULL );
+ }
+
+ /* Read data length */
+ *data_len = receive_uint32();
+ data = (uint8_t *)malloc( *data_len );
+ assert( data != NULL );
+
+ greentea_getc(); // read ';' received after key i.e. *data_len
+
+ for( i = 0; i < *data_len; i++ )
+ data[i] = greentea_getc();
+
+ /* Read closing braces */
+ for( i = 0; i < 2; i++ )
+ {
+ c = greentea_getc();
+ if ( c != '}' )
+ {
+ errors++;
+ break;
+ }
+ }
+
+ if ( errors )
+ {
+ free( data );
+ data = NULL;
+ *data_len = 0;
+ }
+
+ return( data );
+}
+
+/**
+ * \brief Parse the received byte array and count the number of arguments
+ * to the test function passed as type hex.
+ *
+ * \param count Parameter count
+ * \param data Received Byte array
+ * \param data_len Byte array length
+ *
+ * \return count of hex params
+ */
+uint32_t find_hex_count( uint8_t count, uint8_t * data, uint32_t data_len )
+{
+ uint32_t i = 0, sz = 0;
+ char c;
+ uint8_t * p = NULL;
+ uint32_t hex_count = 0;
+
+ p = data;
+
+ for( i = 0; i < count; i++ )
+ {
+ c = (char)*p;
+ INCR_ASSERT( p, data, data_len, 1 );
+
+ /* Align p to 4 bytes for int, expression, string len or hex length */
+ ALIGN_32BIT( p, data, data_len );
+
+ /* Network to host conversion */
+ sz = (int32_t)parse_uint32( p );
+
+ INCR_ASSERT( p, data, data_len, sizeof( int32_t ) );
+
+ if ( c == 'H' || c == 'S' )
+ {
+ INCR_ASSERT( p, data, data_len, sz );
+ hex_count += ( c == 'H' )?1:0;
+ }
+ }
+
+ return( hex_count );
+}
+
+/**
+ * \brief Parses received byte array for test parameters.
+ *
+ * \param count Parameter count
+ * \param data Received Byte array
+ * \param data_len Byte array length
+ * \param error Parsing error out variable.
+ *
+ * \return Array of parsed parameters allocated on heap.
+ * Note: Caller has the responsibility to delete
+ * the memory after use.
+ */
+void ** parse_parameters( uint8_t count, uint8_t * data, uint32_t data_len,
+ int * error )
+{
+ uint32_t i = 0, hex_count = 0;
+ char c;
+ void ** params = NULL;
+ void ** cur = NULL;
+ uint8_t * p = NULL;
+
+ hex_count = find_hex_count(count, data, data_len);
+
+ params = (void **)malloc( sizeof( void *) * ( count + hex_count ) );
+ assert( params != NULL );
+ cur = params;
+
+ p = data;
+
+ /* Parameters */
+ for( i = 0; i < count; i++ )
+ {
+ c = (char)*p;
+ INCR_ASSERT( p, data, data_len, 1 );
+
+ /* Align p to 4 bytes for int, expression, string len or hex length */
+ ALIGN_32BIT( p, data, data_len );
+
+ /* Network to host conversion */
+ *( (int32_t *)p ) = (int32_t)parse_uint32( p );
+
+ switch( c )
+ {
+ case 'E':
+ {
+ if ( get_expression( *( (int32_t *)p ), (int32_t *)p ) )
+ {
+ *error = KEY_VALUE_MAPPING_NOT_FOUND;
+ goto exit;
+ }
+ } /* Intentional fall through */
+ case 'I':
+ {
+ *cur++ = (void *)p;
+ INCR_ASSERT( p, data, data_len, sizeof( int32_t ) );
+ }
+ break;
+ case 'H': /* Intentional fall through */
+ case 'S':
+ {
+ uint32_t * sz = (uint32_t *)p;
+ INCR_ASSERT( p, data, data_len, sizeof( int32_t ) );
+ *cur++ = (void *)p;
+ if ( c == 'H' )
+ *cur++ = (void *)sz;
+ INCR_ASSERT( p, data, data_len, ( *sz ) );
+ }
+ break;
+ default:
+ {
+ *error = DISPATCH_INVALID_TEST_DATA;
+ goto exit;
+ }
+ break;
+ }
+ }
+
+exit:
+ if ( *error )
+ {
+ free( params );
+ params = NULL;
+ }
+
+ return( params );
+}
+
+/**
+ * \brief Sends greentea key and int value pair to host.
+ *
+ * \param key key string
+ * \param value integer value
+ *
+ * \return void
+ */
+void send_key_integer( char * key, int value )
+{
+ char str[50];
+ snprintf( str, sizeof( str ), "%d", value );
+ greentea_send_kv( key, str );
+}
+
+/**
+ * \brief Sends test setup failure to the host.
+ *
+ * \param failure Test set failure
+ *
+ * \return void
+ */
+void send_failure( int failure )
+{
+ send_key_integer( "F", failure );
+}
+
+/**
+ * \brief Sends test status to the host.
+ *
+ * \param status Test status (PASS=0/FAIL=!0)
+ *
+ * \return void
+ */
+void send_status( int status )
+{
+ send_key_integer( "R", status );
+}
+
+
+/**
+ * \brief Embedded implementation of execute_tests().
+ * Ignores command line and received test data
+ * on serial.
+ *
+ * \param argc not used
+ * \param argv not used
+ *
+ * \return Program exit status.
+ */
+int execute_tests( int args, const char ** argv )
+{
+ int ret = 0;
+ uint32_t data_len = 0;
+ uint8_t count = 0, function_id;
+ void ** params = NULL;
+ uint8_t * data = NULL, * p = NULL;
+
+ GREENTEA_SETUP( 180, "mbedtls_test" );
+ greentea_send_kv( "GO", " " );
+
+ while ( 1 )
+ {
+ ret = 0;
+ test_info.failed = 0;
+ data_len = 0;
+
+ data = receive_data( &data_len );
+ if ( data == NULL )
+ continue;
+ p = data;
+
+ do
+ {
+ /* Read dependency count */
+ count = *p;
+ assert( count < data_len );
+ INCR_ASSERT( p, data, data_len, sizeof( uint8_t ) );
+ ret = verify_dependencies( count, p );
+ if ( ret != DEPENDENCY_SUPPORTED )
+ break;
+
+ if ( count )
+ INCR_ASSERT( p, data, data_len, count );
+
+ /* Read function id */
+ function_id = *p;
+ INCR_ASSERT( p, data, data_len, sizeof( uint8_t ) );
+ if ( ( ret = check_test( function_id ) ) != DISPATCH_TEST_SUCCESS )
+ break;
+
+ /* Read number of parameters */
+ count = *p;
+ INCR_ASSERT( p, data, data_len, sizeof( uint8_t ) );
+
+ /* Parse parameters if present */
+ if ( count )
+ {
+ params = parse_parameters( count, p, data_len - ( p - data ), &ret );
+ if ( ret )
+ break;
+ }
+
+ ret = dispatch_test( function_id, params );
+ }
+ while ( 0 );
+
+ if ( data )
+ {
+ free( data );
+ data = NULL;
+ }
+
+ if ( params )
+ {
+ free( params );
+ params = NULL;
+ }
+
+ if ( ret )
+ send_failure( ret );
+ else
+ send_status( test_info.failed );
+ }
+ return( 0 );
+}
+
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index e346dc7..a797e69 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -8,32 +8,22 @@
*/
/* BEGIN_CASE */
-void aes_encrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string, int setkey_result )
+void aes_encrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string, int setkey_result )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_aes_context ctx;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ) == setkey_result );
+ TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
if( setkey_result == 0 )
{
- TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_ENCRYPT, src_str, output ) == 0 );
- hexify( dst_str, output, 16 );
+ TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
}
exit:
@@ -42,32 +32,22 @@
/* END_CASE */
/* BEGIN_CASE */
-void aes_decrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string, int setkey_result )
+void aes_decrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string, int setkey_result )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_aes_context ctx;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str, key_len * 8 ) == setkey_result );
+ TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
if( setkey_result == 0 )
{
- TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_DECRYPT, src_str, output ) == 0 );
- hexify( dst_str, output, 16 );
+ TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_DECRYPT, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
}
exit:
@@ -76,36 +56,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aes_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void aes_encrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string,
int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_aes_context ctx;
- int key_len, data_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- data_len = unhexify( src_str, hex_src_string );
- mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_ENCRYPT, data_len, iv_str, src_str, output ) == cbc_result );
+ mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0 )
{
- hexify( dst_str, output, data_len );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -114,36 +81,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aes_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void aes_decrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string,
int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_aes_context ctx;
- int key_len, data_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- data_len = unhexify( src_str, hex_src_string );
- mbedtls_aes_setkey_dec( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_DECRYPT, data_len, iv_str, src_str, output ) == cbc_result );
+ mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0)
{
- hexify( dst_str, output, data_len );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -276,34 +230,21 @@
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aes_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void aes_encrypt_cfb128( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_aes_context ctx;
size_t iv_offset = 0;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- unhexify( src_str, hex_src_string );
- mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str, src_str, output ) == 0 );
- hexify( dst_str, output, 16 );
+ mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
exit:
mbedtls_aes_free( &ctx );
@@ -311,34 +252,21 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aes_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void aes_decrypt_cfb128( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_aes_context ctx;
size_t iv_offset = 0;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- unhexify( src_str, hex_src_string );
- mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str, src_str, output ) == 0 );
- hexify( dst_str, output, 16 );
+ mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
exit:
mbedtls_aes_free( &ctx );
@@ -346,33 +274,20 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aes_encrypt_cfb8( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void aes_encrypt_cfb8( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_aes_context ctx;
- int key_len, src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
- mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_ENCRYPT, src_len, iv_str, src_str, output ) == 0 );
- hexify( dst_str, output, src_len );
+ mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
exit:
mbedtls_aes_free( &ctx );
@@ -380,33 +295,20 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aes_decrypt_cfb8( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void aes_decrypt_cfb8( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_aes_context ctx;
- int key_len, src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
- mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_DECRYPT, src_len, iv_str, src_str, output ) == 0 );
- hexify( dst_str, output, src_len );
+ mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
exit:
mbedtls_aes_free( &ctx );
@@ -471,7 +373,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void aes_selftest()
+void aes_selftest( )
{
TEST_ASSERT( mbedtls_aes_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function
index a4b401b..ae3b032 100644
--- a/tests/suites/test_suite_arc4.function
+++ b/tests/suites/test_suite_arc4.function
@@ -8,30 +8,20 @@
*/
/* BEGIN_CASE */
-void mbedtls_arc4_crypt( char *hex_src_string, char *hex_key_string,
- char *hex_dst_string )
+void mbedtls_arc4_crypt( data_t * src_str, data_t * key_str,
+ data_t * hex_dst_string )
{
- unsigned char src_str[1000];
- unsigned char key_str[1000];
unsigned char dst_str[1000];
- unsigned char dst_hexstr[2000];
- int src_len, key_len;
mbedtls_arc4_context ctx;
- memset(src_str, 0x00, 1000);
- memset(key_str, 0x00, 1000);
memset(dst_str, 0x00, 1000);
- memset(dst_hexstr, 0x00, 2000);
mbedtls_arc4_init( &ctx );
- src_len = unhexify( src_str, hex_src_string );
- key_len = unhexify( key_str, hex_key_string );
- mbedtls_arc4_setup(&ctx, key_str, key_len);
- TEST_ASSERT( mbedtls_arc4_crypt(&ctx, src_len, src_str, dst_str ) == 0 );
- hexify( dst_hexstr, dst_str, src_len );
+ mbedtls_arc4_setup(&ctx, key_str->x, key_str->len);
+ TEST_ASSERT( mbedtls_arc4_crypt(&ctx, src_str->len, src_str->x, dst_str ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_hexstr, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( dst_str, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
exit:
mbedtls_arc4_free( &ctx );
@@ -39,7 +29,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void arc4_selftest()
+void arc4_selftest( )
{
TEST_ASSERT( mbedtls_arc4_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_aria.data b/tests/suites/test_suite_aria.data
index 46c6ecc..8cb2d2a 100644
--- a/tests/suites/test_suite_aria.data
+++ b/tests/suites/test_suite_aria.data
@@ -93,3 +93,6 @@
ARIA-256-CFB128 Decrypt - Official Test Vectors 1.0
aria_decrypt_cfb128:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"26834705b0f2c0e2588d4a7f09009635f28bb93d8c31f870ec1e0bdb082b66fa402dd9c202be300c4517d196b14d4ce11dce97f7aaba54341b0d872cc9b63753a3e8556a14be6f7b3e27e3cfc39caf80f2a355aa50dc83c09c7b11828694f8e4aa726c528976b53f2c877f4991a3a8d28adb63bd751846ffb2350265e179d4990753ae8485ff9b4133ddad5875b84a90cbcfa62a045d726df71b6bda0eeca0be":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
+
+ARIA Selftest
+aria_selftest:
diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function
index fc5fd8a..aae44a8 100644
--- a/tests/suites/test_suite_asn1write.function
+++ b/tests/suites/test_suite_asn1write.function
@@ -11,24 +11,20 @@
*/
/* BEGIN_CASE */
-void mbedtls_asn1_write_octet_string( char *hex_str, char *hex_asn1,
- int buf_len, int result )
+void mbedtls_asn1_write_octet_string( data_t * str, data_t * asn1,
+ int buf_len, int result )
{
int ret;
unsigned char buf[150];
- unsigned char str[150] = { 0 };
- unsigned char asn1[150] = { 0 };
- size_t str_len, asn1_len, i;
+ size_t i;
unsigned char *p;
memset( buf, GUARD_VAL, sizeof( buf ) );
- str_len = unhexify( str, hex_str );
- asn1_len = unhexify( asn1, hex_asn1 );
p = buf + GUARD_LEN + buf_len;
- ret = mbedtls_asn1_write_octet_string( &p, buf + GUARD_LEN, str, str_len );
+ ret = mbedtls_asn1_write_octet_string( &p, buf + GUARD_LEN, str->x, str->len );
/* Check for buffer overwrite on both sides */
for( i = 0; i < GUARD_LEN; i++ )
@@ -39,28 +35,27 @@
if( result >= 0 )
{
- TEST_ASSERT( (size_t) ret == asn1_len );
- TEST_ASSERT( p + asn1_len == buf + GUARD_LEN + buf_len );
+ TEST_ASSERT( (size_t) ret == asn1->len );
+ TEST_ASSERT( p + asn1->len == buf + GUARD_LEN + buf_len );
- TEST_ASSERT( memcmp( p, asn1, asn1_len ) == 0 );
+ TEST_ASSERT( memcmp( p, asn1->x, asn1->len ) == 0 );
}
}
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_asn1_write_ia5_string( char *str, char *hex_asn1,
- int buf_len, int result )
+void mbedtls_asn1_write_ia5_string( char * str, data_t * asn1,
+ int buf_len, int result )
{
int ret;
unsigned char buf[150];
- unsigned char asn1[150] = { 0 };
- size_t str_len, asn1_len, i;
+ size_t str_len;
+ size_t i;
unsigned char *p;
memset( buf, GUARD_VAL, sizeof( buf ) );
str_len = strlen( str );
- asn1_len = unhexify( asn1, hex_asn1 );
p = buf + GUARD_LEN + buf_len;
@@ -75,27 +70,25 @@
if( result >= 0 )
{
- TEST_ASSERT( (size_t) ret == asn1_len );
- TEST_ASSERT( p + asn1_len == buf + GUARD_LEN + buf_len );
+ TEST_ASSERT( (size_t) ret == asn1->len );
+ TEST_ASSERT( p + asn1->len == buf + GUARD_LEN + buf_len );
- TEST_ASSERT( memcmp( p, asn1, asn1_len ) == 0 );
+ TEST_ASSERT( memcmp( p, asn1->x, asn1->len ) == 0 );
}
}
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_asn1_write_len( int len, char *check_str, int buf_len,
+void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len,
int result )
{
int ret;
unsigned char buf[150];
- unsigned char asn1[150];
unsigned char *p;
- size_t asn1_len, i, read_len;
+ size_t i;
+ size_t read_len;
memset( buf, GUARD_VAL, sizeof( buf ) );
- memset( asn1, 0, sizeof( asn1 ) );
- asn1_len = unhexify( asn1, check_str );
p = buf + GUARD_LEN + buf_len;
@@ -112,10 +105,9 @@
if( result >= 0 )
{
- TEST_ASSERT( (size_t) ret == asn1_len );
- TEST_ASSERT( p + asn1_len == buf + GUARD_LEN + buf_len );
+ TEST_ASSERT( p + asn1->len == buf + GUARD_LEN + buf_len );
- TEST_ASSERT( memcmp( p, asn1, asn1_len ) == 0 );
+ TEST_ASSERT( memcmp( p, asn1->x, asn1->len ) == 0 );
/* Read back with mbedtls_asn1_get_len() to check */
ret = mbedtls_asn1_get_len( &p, buf + GUARD_LEN + buf_len, &read_len );
diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function
index 77fa7fd..3a8bf43 100644
--- a/tests/suites/test_suite_base64.function
+++ b/tests/suites/test_suite_base64.function
@@ -8,8 +8,8 @@
*/
/* BEGIN_CASE */
-void mbedtls_base64_encode( char *src_string, char *dst_string, int dst_buf_size,
- int result )
+void mbedtls_base64_encode( char * src_string, char * dst_string,
+ int dst_buf_size, int result )
{
unsigned char src_str[1000];
unsigned char dst_str[1000];
@@ -28,7 +28,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_base64_decode( char *src_string, char *dst_string, int result )
+void mbedtls_base64_decode( char * src_string, char * dst_string, int result )
{
unsigned char src_str[1000];
unsigned char dst_str[1000];
@@ -49,16 +49,15 @@
/* END_CASE */
/* BEGIN_CASE */
-void base64_encode_hex( char *src_hex, char *dst, int dst_buf_size,
+void base64_encode_hex( data_t * src, char * dst, int dst_buf_size,
int result )
{
- unsigned char *src = NULL, *res = NULL;
- size_t len, src_len;
+ unsigned char *res = NULL;
+ size_t len;
- src = unhexify_alloc( src_hex, &src_len );
res = zero_alloc( dst_buf_size );
- TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src, src_len ) == result );
+ TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src->x, src->len ) == result );
if( result == 0 )
{
TEST_ASSERT( len == strlen( dst ) );
@@ -66,45 +65,39 @@
}
exit:
- mbedtls_free( src );
mbedtls_free( res );
}
/* END_CASE */
/* BEGIN_CASE */
-void base64_decode_hex( char *src, char *dst_hex, int dst_buf_size,
+void base64_decode_hex( char * src, data_t * dst, int dst_buf_size,
int result )
{
- unsigned char *dst = NULL, *res = NULL;
- size_t len, dst_len;
+ unsigned char *res = NULL;
+ size_t len;
- dst = unhexify_alloc( dst_hex, &dst_len );
res = zero_alloc( dst_buf_size );
TEST_ASSERT( mbedtls_base64_decode( res, dst_buf_size, &len, (unsigned char *) src,
strlen( src ) ) == result );
if( result == 0 )
{
- TEST_ASSERT( len == dst_len );
- TEST_ASSERT( memcmp( dst, res, len ) == 0 );
+ TEST_ASSERT( len == dst->len );
+ TEST_ASSERT( memcmp( dst->x, res, len ) == 0 );
}
exit:
- mbedtls_free( dst );
mbedtls_free( res );
}
/* END_CASE */
/* BEGIN_CASE */
-void base64_decode_hex_src( char *src_hex, char *dst_ref, int result )
+void base64_decode_hex_src( data_t * src, char * dst_ref, int result )
{
unsigned char dst[1000] = { 0 };
- unsigned char *src;
- size_t src_len, len;
+ size_t len;
- src = unhexify_alloc( src_hex, &src_len );
-
- TEST_ASSERT( mbedtls_base64_decode( dst, sizeof( dst ), &len, src, src_len ) == result );
+ TEST_ASSERT( mbedtls_base64_decode( dst, sizeof( dst ), &len, src->x, src->len ) == result );
if( result == 0 )
{
TEST_ASSERT( len == strlen( dst_ref ) );
@@ -112,12 +105,12 @@
}
exit:
- mbedtls_free( src );
+ ;;
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void base64_selftest()
+void base64_selftest( )
{
TEST_ASSERT( mbedtls_base64_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_blowfish.function b/tests/suites/test_suite_blowfish.function
index e3c2252..189e23d 100644
--- a/tests/suites/test_suite_blowfish.function
+++ b/tests/suites/test_suite_blowfish.function
@@ -8,32 +8,22 @@
*/
/* BEGIN_CASE */
-void blowfish_encrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string, int setkey_result )
+void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string, int setkey_result )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_blowfish_context ctx;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_blowfish_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str, key_len * 8 ) == setkey_result );
+ TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
if( setkey_result == 0 )
{
- TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str, output ) == 0 );
- hexify( dst_str, output, 8 );
+ TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 8, hex_dst_string->len ) == 0 );
}
exit:
@@ -42,32 +32,22 @@
/* END_CASE */
/* BEGIN_CASE */
-void blowfish_decrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string, int setkey_result )
+void blowfish_decrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string, int setkey_result )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_blowfish_context ctx;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_blowfish_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str, key_len * 8 ) == setkey_result );
+ TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
if( setkey_result == 0 )
{
- TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str, output ) == 0 );
- hexify( dst_str, output, 8 );
+ TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 8, hex_dst_string->len ) == 0 );
}
exit:
@@ -76,37 +56,24 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void blowfish_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void blowfish_encrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string,
int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_blowfish_context ctx;
- int key_len, data_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_blowfish_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- data_len = unhexify( src_str, hex_src_string );
- mbedtls_blowfish_setkey( &ctx, key_str, key_len * 8 );
+ mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, data_len , iv_str, src_str, output ) == cbc_result );
+ TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0 )
{
- hexify( dst_str, output, data_len );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -115,36 +82,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void blowfish_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void blowfish_decrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string,
int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_blowfish_context ctx;
- int key_len, data_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_blowfish_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- data_len = unhexify( src_str, hex_src_string );
- mbedtls_blowfish_setkey( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_DECRYPT, data_len , iv_str, src_str, output ) == cbc_result );
+ mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0)
{
- hexify( dst_str, output, data_len );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -153,34 +107,22 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void blowfish_encrypt_cfb64( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void blowfish_encrypt_cfb64( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string
+ )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_blowfish_context ctx;
size_t iv_offset = 0;
- int key_len, src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_blowfish_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
- mbedtls_blowfish_setkey( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_len, &iv_offset, iv_str, src_str, output ) == 0 );
- hexify( dst_str, output, src_len );
+ mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
exit:
mbedtls_blowfish_free( &ctx );
@@ -188,34 +130,22 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void blowfish_decrypt_cfb64( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void blowfish_decrypt_cfb64( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string
+ )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_blowfish_context ctx;
size_t iv_offset = 0;
- int key_len, src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_blowfish_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
- mbedtls_blowfish_setkey( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_len, &iv_offset, iv_str, src_str, output ) == 0 );
- hexify( dst_str, output, src_len );
+ mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
exit:
mbedtls_blowfish_free( &ctx );
@@ -223,36 +153,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void blowfish_encrypt_ctr( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
unsigned char stream_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_blowfish_context ctx;
size_t iv_offset = 0;
- int key_len, src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
memset(stream_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_blowfish_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
- mbedtls_blowfish_setkey( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_ctr( &ctx, src_len, &iv_offset, iv_str, stream_str, src_str, output ) == 0 );
- hexify( dst_str, output, src_len );
+ mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_blowfish_crypt_ctr( &ctx, src_str->len, &iv_offset, iv_str->x, stream_str, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
exit:
mbedtls_blowfish_free( &ctx );
diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function
index 9df6482..d09a610 100644
--- a/tests/suites/test_suite_camellia.function
+++ b/tests/suites/test_suite_camellia.function
@@ -8,32 +8,22 @@
*/
/* BEGIN_CASE */
-void camellia_encrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string, int setkey_result )
+void camellia_encrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string, int setkey_result )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_camellia_context ctx;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_camellia_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_camellia_setkey_enc( &ctx, key_str, key_len * 8 ) == setkey_result );
+ TEST_ASSERT( mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
if( setkey_result == 0 )
{
- TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str, output ) == 0 );
- hexify( dst_str, output, 16 );
+ TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->x, output ) == 0 );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
}
exit:
@@ -42,32 +32,22 @@
/* END_CASE */
/* BEGIN_CASE */
-void camellia_decrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string, int setkey_result )
+void camellia_decrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string, int setkey_result )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_camellia_context ctx;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_camellia_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_camellia_setkey_dec( &ctx, key_str, key_len * 8 ) == setkey_result );
+ TEST_ASSERT( mbedtls_camellia_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
if( setkey_result == 0 )
{
- TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str, output ) == 0 );
- hexify( dst_str, output, 16 );
+ TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->x, output ) == 0 );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
}
exit:
@@ -76,36 +56,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void camellia_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void camellia_encrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string,
int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_camellia_context ctx;
- int key_len, data_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_camellia_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- data_len = unhexify( src_str, hex_src_string );
- mbedtls_camellia_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, data_len, iv_str, src_str, output) == cbc_result );
+ mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->len, iv_str->x, src_str->x, output) == cbc_result );
if( cbc_result == 0 )
{
- hexify( dst_str, output, data_len );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -114,36 +81,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void camellia_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void camellia_decrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string,
int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_camellia_context ctx;
- int key_len, data_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_camellia_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- data_len = unhexify( src_str, hex_src_string );
- mbedtls_camellia_setkey_dec( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_DECRYPT, data_len, iv_str, src_str, output ) == cbc_result );
+ mbedtls_camellia_setkey_dec( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0 )
{
- hexify( dst_str, output, data_len );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -152,34 +106,22 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void camellia_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void camellia_encrypt_cfb128( data_t * key_str, data_t * iv_str,
+ data_t * src_str,
+ data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_camellia_context ctx;
size_t iv_offset = 0;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_camellia_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- unhexify( src_str, hex_src_string );
- mbedtls_camellia_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, 16, &iv_offset, iv_str, src_str, output ) == 0 );
- hexify( dst_str, output, 16 );
+ mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
exit:
mbedtls_camellia_free( &ctx );
@@ -187,34 +129,22 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void camellia_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void camellia_decrypt_cfb128( data_t * key_str, data_t * iv_str,
+ data_t * src_str,
+ data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_camellia_context ctx;
size_t iv_offset = 0;
- int key_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_camellia_init( &ctx );
- key_len = unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- unhexify( src_str, hex_src_string );
- mbedtls_camellia_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_DECRYPT, 16, &iv_offset, iv_str, src_str, output ) == 0 );
- hexify( dst_str, output, 16 );
+ mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
exit:
mbedtls_camellia_free( &ctx );
@@ -222,7 +152,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void camellia_selftest()
+void camellia_selftest( )
{
TEST_ASSERT( mbedtls_camellia_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data
index cad40d5..a2d8778 100644
--- a/tests/suites/test_suite_ccm.data
+++ b/tests/suites/test_suite_ccm.data
@@ -1036,387 +1036,387 @@
CCM auth decrypt tag NIST DVPT AES-128 #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4ae701103c63deca5b5a3939d7d05992":"02209f55":"5a8aa485c316e9":"":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4ae701103c63deca5b5a3939d7d05992":"02209f55":"5a8aa485c316e9":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-128 #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4ae701103c63deca5b5a3939d7d05992":"9a04c241":"3796cf51b87266":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4ae701103c63deca5b5a3939d7d05992":"9a04c241":"3796cf51b87266":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"75d582db43ce9b13ab4b6f7f14341330":"5a8aa485c316e9":"":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"75d582db43ce9b13ab4b6f7f14341330":"5a8aa485c316e9":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-128 #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3a65e03af37b81d05acc7ec1bc39deb0":"3796cf51b87266":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3a65e03af37b81d05acc7ec1bc39deb0":"3796cf51b87266":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"90156f3f":"5a8aa485c316e9403aff859fbb":"":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"90156f3f":"5a8aa485c316e9403aff859fbb":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-128 #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"88909016":"a16a2e741f1cd9717285b6d882":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"88909016":"a16a2e741f1cd9717285b6d882":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"fb04dc5a44c6bb000f2440f5154364b4":"5a8aa485c316e9403aff859fbb":"":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"fb04dc5a44c6bb000f2440f5154364b4":"5a8aa485c316e9403aff859fbb":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-128 #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"5447075bf42a59b91f08064738b015ab":"a16a2e741f1cd9717285b6d882":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"5447075bf42a59b91f08064738b015ab":"a16a2e741f1cd9717285b6d882":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb703e1fa6b":"5a8aa485c316e9":"":4:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb703e1fa6b":"5a8aa485c316e9":"":4:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
CCM auth decrypt tag NIST DVPT AES-128 #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f23e5d81c":"31f8fa25827d48":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f23e5d81c":"31f8fa25827d48":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f2d9a3fbc210595b7b8b1b41523111a8e":"5a8aa485c316e9":"":16:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f2d9a3fbc210595b7b8b1b41523111a8e":"5a8aa485c316e9":"":16:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
CCM auth decrypt tag NIST DVPT AES-128 #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd2463af747cc88a001fa94e060290f209c4":"31f8fa25827d48":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd2463af747cc88a001fa94e060290f209c4":"31f8fa25827d48":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134a3e138b9":"5a8aa485c316e9403aff859fbb":"":4:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134a3e138b9":"5a8aa485c316e9403aff859fbb":"":4:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
CCM auth decrypt tag NIST DVPT AES-128 #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654091a5ae9":"49004912fdd7269279b1f06a89":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654091a5ae9":"49004912fdd7269279b1f06a89":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb6a9a970b9beb2ac1bd4fd62168f8378a":"5a8aa485c316e9403aff859fbb":"":16:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb6a9a970b9beb2ac1bd4fd62168f8378a":"5a8aa485c316e9403aff859fbb":"":16:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
CCM auth decrypt tag NIST DVPT AES-128 #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065a65666144994bad0c8195bcb4ade1337":"49004912fdd7269279b1f06a89":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065a65666144994bad0c8195bcb4ade1337":"49004912fdd7269279b1f06a89":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"782e4318":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"782e4318":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:""
CCM auth decrypt tag NIST DVPT AES-128 #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"a04f270a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"a04f270a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"41b476013f45e4a781f253a6f3b1e530":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"41b476013f45e4a781f253a6f3b1e530":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:""
CCM auth decrypt tag NIST DVPT AES-128 #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"f9f018fcd125822616083fffebc4c8e6":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"f9f018fcd125822616083fffebc4c8e6":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"9f69f24f":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"9f69f24f":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:""
CCM auth decrypt tag NIST DVPT AES-128 #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"e17afaa4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"e17afaa4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"1859ac36a40a6b28b34266253627797a":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"1859ac36a40a6b28b34266253627797a":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:""
CCM auth decrypt tag NIST DVPT AES-128 #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"edf8b46eb69ac0044116019dec183072":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"edf8b46eb69ac0044116019dec183072":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b338f125fa":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b338f125fa":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
CCM auth decrypt tag NIST DVPT AES-128 #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c728a66b69":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c728a66b69":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b512cf3a20b7fd7c49e6e79bef475c2906f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b512cf3a20b7fd7c49e6e79bef475c2906f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
CCM auth decrypt tag NIST DVPT AES-128 #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a3081d18ca149d6766bfaccec88f194eb5b":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a3081d18ca149d6766bfaccec88f194eb5b":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"934f893824e880f743d196b22d1f340a52608155087bd28ac25e5329":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"934f893824e880f743d196b22d1f340a52608155087bd28ac25e5329":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
CCM auth decrypt tag NIST DVPT AES-128 #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a6559b3b3ee":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a6559b3b3ee":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375c0a458bfcafa3b2609afe0f825cbf503":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375c0a458bfcafa3b2609afe0f825cbf503":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
CCM auth decrypt tag NIST DVPT AES-128 #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c390042ba8bb5f6798dab01c5afad7306":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c390042ba8bb5f6798dab01c5afad7306":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"9d4b7f3b":"5a8aa485c316e9":"":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"9d4b7f3b":"5a8aa485c316e9":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-192 #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"80745de9":"3796cf51b87266":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"80745de9":"3796cf51b87266":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"17223038fa99d53681ca1beabe78d1b4":"5a8aa485c316e9":"":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"17223038fa99d53681ca1beabe78d1b4":"5a8aa485c316e9":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-192 #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"d0e1eeef4d2a264536bb1c2c1bde7c35":"3796cf51b87266":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"d0e1eeef4d2a264536bb1c2c1bde7c35":"3796cf51b87266":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"fe69ed84":"5a8aa485c316e9403aff859fbb":"":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"fe69ed84":"5a8aa485c316e9403aff859fbb":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-192 #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"db7ffc82":"a16a2e741f1cd9717285b6d882":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"db7ffc82":"a16a2e741f1cd9717285b6d882":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"5a8aa485c316e9403aff859fbb":"":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"5a8aa485c316e9403aff859fbb":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-192 #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"38757b3a61a4dc97ca3ab88bf1240695":"a16a2e741f1cd9717285b6d882":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"38757b3a61a4dc97ca3ab88bf1240695":"a16a2e741f1cd9717285b6d882":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138cddc93a54":"5a8aa485c316e9":"":4:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138cddc93a54":"5a8aa485c316e9":"":4:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
CCM auth decrypt tag NIST DVPT AES-192 #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"32b649ab56162e55d4148a1292d6a225a988eb1308298273b6889036":"31f8fa25827d48":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"32b649ab56162e55d4148a1292d6a225a988eb1308298273b6889036":"31f8fa25827d48":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8c5a5ebecf7ac8607fe412189e83d9d20":"5a8aa485c316e9":"":16:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8c5a5ebecf7ac8607fe412189e83d9d20":"5a8aa485c316e9":"":16:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
CCM auth decrypt tag NIST DVPT AES-192 #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6e699f15f14d34dcaf9ba8ed4b877c97d":"31f8fa25827d48":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6e699f15f14d34dcaf9ba8ed4b877c97d":"31f8fa25827d48":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a34fad277":"5a8aa485c316e9403aff859fbb":"":4:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a34fad277":"5a8aa485c316e9403aff859fbb":"":4:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
CCM auth decrypt tag NIST DVPT AES-192 #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5a35df775":"49004912fdd7269279b1f06a89":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5a35df775":"49004912fdd7269279b1f06a89":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671ea7ade30a07d185692ab0ebdf4c78cf7a":"5a8aa485c316e9403aff859fbb":"":16:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671ea7ade30a07d185692ab0ebdf4c78cf7a":"5a8aa485c316e9403aff859fbb":"":16:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
CCM auth decrypt tag NIST DVPT AES-192 #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312ef042c86363cc05afb98c66e16be8a445":"49004912fdd7269279b1f06a89":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312ef042c86363cc05afb98c66e16be8a445":"49004912fdd7269279b1f06a89":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"1d089a5f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"1d089a5f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:""
CCM auth decrypt tag NIST DVPT AES-192 #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"2f46022a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"2f46022a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5280a2137fee3deefcfe9b63a1199fb3":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5280a2137fee3deefcfe9b63a1199fb3":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:""
CCM auth decrypt tag NIST DVPT AES-192 #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"d40a7318c5f2d82f838c0beeefe0d598":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"d40a7318c5f2d82f838c0beeefe0d598":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5e0eaebd":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5e0eaebd":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:""
CCM auth decrypt tag NIST DVPT AES-192 #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"71b7fc33":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"71b7fc33":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"d07ccf9fdc3d33aa94cda3d230da707c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"d07ccf9fdc3d33aa94cda3d230da707c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:""
CCM auth decrypt tag NIST DVPT AES-192 #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"65fe32b649dc328c9f531584897e85b3":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"65fe32b649dc328c9f531584897e85b3":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"9f6ca4af9b159148c889a6584d1183ea26e2614874b0504575dea8d1":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"9f6ca4af9b159148c889a6584d1183ea26e2614874b0504575dea8d1":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
CCM auth decrypt tag NIST DVPT AES-192 #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1ebd7965825":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1ebd7965825":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd14d1d980d6fe0fb44b421992662b97975":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd14d1d980d6fe0fb44b421992662b97975":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
CCM auth decrypt tag NIST DVPT AES-192 #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa206603c51d36c826f01384100886198a7f6a3":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa206603c51d36c826f01384100886198a7f6a3":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854cccc25e9fce":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854cccc25e9fce":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
CCM auth decrypt tag NIST DVPT AES-192 #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae98ecedb3e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae98ecedb3e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f3178464a6f7fa2b76744e8e8d95691cecb8":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f3178464a6f7fa2b76744e8e8d95691cecb8":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
CCM auth decrypt tag NIST DVPT AES-192 #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c06bd6dc2e6bcc3436cffb969ae900388":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c06bd6dc2e6bcc3436cffb969ae900388":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"469c90bb":"a544218dadd3c1":"":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"469c90bb":"a544218dadd3c1":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-256 #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"46a908ed":"d3d5424e20fbec":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"46a908ed":"d3d5424e20fbec":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8207eb14d33855a52acceed17dbcbf6e":"a544218dadd3c1":"":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8207eb14d33855a52acceed17dbcbf6e":"a544218dadd3c1":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-256 #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"60f8e127cb4d30db6df0622158cd931d":"d3d5424e20fbec":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"60f8e127cb4d30db6df0622158cd931d":"d3d5424e20fbec":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8a19a133":"a544218dadd3c10583db49cf39":"":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8a19a133":"a544218dadd3c10583db49cf39":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-256 #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"2e317f1b":"3c0e2815d37d844f7ac240ba9d":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"2e317f1b":"3c0e2815d37d844f7ac240ba9d":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"97e1a8dd4259ccd2e431e057b0397fcf":"a544218dadd3c10583db49cf39":"":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"97e1a8dd4259ccd2e431e057b0397fcf":"a544218dadd3c10583db49cf39":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-256 #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"5a9596c511ea6a8671adefc4f2157d8b":"3c0e2815d37d844f7ac240ba9d":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"5a9596c511ea6a8671adefc4f2157d8b":"3c0e2815d37d844f7ac240ba9d":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b722aa8d59":"a544218dadd3c1":"":4:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b722aa8d59":"a544218dadd3c1":"":4:0:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
CCM auth decrypt tag NIST DVPT AES-256 #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a20277d00a75":"bfcda8b5a2d0d2":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a20277d00a75":"bfcda8b5a2d0d2":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd374f3bb6db8377ebfc79674858c4f305":"a544218dadd3c1":"":16:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd374f3bb6db8377ebfc79674858c4f305":"a544218dadd3c1":"":16:0:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
CCM auth decrypt tag NIST DVPT AES-256 #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"afa1fa8e8a70e26b02161150556d604101fdf423f332c3363275f2a4907d51b734fe7238cebbd48f":"bfcda8b5a2d0d2":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"afa1fa8e8a70e26b02161150556d604101fdf423f332c3363275f2a4907d51b734fe7238cebbd48f":"bfcda8b5a2d0d2":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f4123d14fb3f":"a544218dadd3c10583db49cf39":"":4:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f4123d14fb3f":"a544218dadd3c10583db49cf39":"":4:0:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
CCM auth decrypt tag NIST DVPT AES-256 #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d8d0c0099":"894dcaa61008eb8fb052c60d41":"":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d8d0c0099":"894dcaa61008eb8fb052c60d41":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c423a578d179902f912f9ea1afbce1120b3":"a544218dadd3c10583db49cf39":"":16:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c423a578d179902f912f9ea1afbce1120b3":"a544218dadd3c10583db49cf39":"":16:0:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
CCM auth decrypt tag NIST DVPT AES-256 #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae769084607b83bd06e6442eac8dacf583cc":"894dcaa61008eb8fb052c60d41":"":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae769084607b83bd06e6442eac8dacf583cc":"894dcaa61008eb8fb052c60d41":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"92d00fbe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"92d00fbe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:0:""
CCM auth decrypt tag NIST DVPT AES-256 #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"9143e5c4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"9143e5c4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"93af11a08379eb37a16aa2837f09d69d":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"93af11a08379eb37a16aa2837f09d69d":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:0:""
CCM auth decrypt tag NIST DVPT AES-256 #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"d19b0c14ec686a7961ca7c386d125a65":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"d19b0c14ec686a7961ca7c386d125a65":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"866d4227":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"866d4227":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:0:""
CCM auth decrypt tag NIST DVPT AES-256 #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"94cb1127":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"94cb1127":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"867b0d87cf6e0f718200a97b4f6d5ad5":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:""
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"867b0d87cf6e0f718200a97b4f6d5ad5":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:0:""
CCM auth decrypt tag NIST DVPT AES-256 #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"677a040d46ee3f2b7838273bdad14f16":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"677a040d46ee3f2b7838273bdad14f16":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc56083ebc7720":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc56083ebc7720":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:0:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
CCM auth decrypt tag NIST DVPT AES-256 #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81c44db2c9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81c44db2c9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce1ac68bd42f5ec7fa7e068cc0ecd79c2a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce1ac68bd42f5ec7fa7e068cc0ecd79c2a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:0:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
CCM auth decrypt tag NIST DVPT AES-256 #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"d543acda712b898cbb27b8f598b2e4438ce587a836e2785147c3338a2400809e739b63ba8227d2f9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"d543acda712b898cbb27b8f598b2e4438ce587a836e2785147c3338a2400809e739b63ba8227d2f9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69ef891339":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69ef891339":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:0:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
CCM auth decrypt tag NIST DVPT AES-256 #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f63d488623":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":4:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f63d488623":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781367f30f2eaad8c063ca50795acd90203":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781367f30f2eaad8c063ca50795acd90203":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:0:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
CCM auth decrypt tag NIST DVPT AES-256 #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
-mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc4b41096dfdbe9cc1ab610f8f3e038d16":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":16:"FAIL"
+mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc4b41096dfdbe9cc1ab610f8f3e038d16":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM-Camellia encrypt and tag RFC 5528 #1
depends_on:MBEDTLS_CAMELLIA_C
diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index 58c8569..9951ca1 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -8,7 +8,7 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
-void mbedtls_ccm_self_test( )
+void mbedtls_ccm_self_test( )
{
TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 );
}
@@ -116,113 +116,74 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_ccm_encrypt_and_tag( int cipher_id,
- char *key_hex, char *msg_hex,
- char *iv_hex, char *add_hex,
- char *result_hex )
+void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key,
+ data_t * msg, data_t * iv,
+ data_t * add, data_t * result )
{
- unsigned char key[32];
- unsigned char msg[50];
- unsigned char iv[13];
- unsigned char add[32];
- unsigned char result[50];
mbedtls_ccm_context ctx;
- size_t key_len, msg_len, iv_len, add_len, tag_len, result_len;
+ size_t tag_len;
+ uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 );
mbedtls_ccm_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( msg, 0x00, sizeof( msg ) );
- memset( iv, 0x00, sizeof( iv ) );
- memset( add, 0x00, sizeof( add ) );
- memset( result, 0x00, sizeof( result ) );
+ memset( msg_n_tag, 0, result->len + 2 );
+ memcpy( msg_n_tag, msg->x, msg->len );
- key_len = unhexify( key, key_hex );
- msg_len = unhexify( msg, msg_hex );
- iv_len = unhexify( iv, iv_hex );
- add_len = unhexify( add, add_hex );
- result_len = unhexify( result, result_hex );
- tag_len = result_len - msg_len;
+ tag_len = result->len - msg->len;
- TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
+ TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
/* Test with input == output */
- TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
- msg, msg, msg + msg_len, tag_len ) == 0 );
+ TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
+ msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 );
- TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
+ TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 );
/* Check we didn't write past the end */
- TEST_ASSERT( msg[result_len] == 0 && msg[result_len + 1] == 0 );
+ TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 );
exit:
mbedtls_ccm_free( &ctx );
+ free( msg_n_tag );
}
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_ccm_auth_decrypt( int cipher_id,
- char *key_hex, char *msg_hex,
- char *iv_hex, char *add_hex,
- int tag_len, char *result_hex )
+void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key,
+ data_t * msg, data_t * iv,
+ data_t * add, int tag_len, int result,
+ data_t * hex_msg )
{
- unsigned char key[32];
- unsigned char msg[50];
- unsigned char iv[13];
- unsigned char add[32];
unsigned char tag[16];
- unsigned char result[50];
mbedtls_ccm_context ctx;
- size_t key_len, msg_len, iv_len, add_len, result_len;
- int ret;
mbedtls_ccm_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( msg, 0x00, sizeof( msg ) );
- memset( iv, 0x00, sizeof( iv ) );
- memset( add, 0x00, sizeof( add ) );
memset( tag, 0x00, sizeof( tag ) );
- memset( result, 0x00, sizeof( result ) );
- key_len = unhexify( key, key_hex );
- msg_len = unhexify( msg, msg_hex );
- iv_len = unhexify( iv, iv_hex );
- add_len = unhexify( add, add_hex );
- msg_len -= tag_len;
- memcpy( tag, msg + msg_len, tag_len );
+ msg->len -= tag_len;
+ memcpy( tag, msg->x + msg->len, tag_len );
- if( strcmp( "FAIL", result_hex ) == 0 )
- {
- ret = MBEDTLS_ERR_CCM_AUTH_FAILED;
- result_len = -1;
- }
- else
- {
- ret = 0;
- result_len = unhexify( result, result_hex );
- }
-
- TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
+ TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
/* Test with input == output */
- TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
- msg, msg, msg + msg_len, tag_len ) == ret );
+ TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
+ msg->x, msg->x, msg->x + msg->len, tag_len ) == result );
- if( ret == 0 )
+ if( result == 0 )
{
- TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
+ TEST_ASSERT( memcmp( msg->x, hex_msg->x, hex_msg->len ) == 0 );
}
else
{
size_t i;
- for( i = 0; i < msg_len; i++ )
- TEST_ASSERT( msg[i] == 0 );
+ for( i = 0; i < msg->len; i++ )
+ TEST_ASSERT( msg->x[i] == 0 );
}
/* Check we didn't write past the end (where the original tag is) */
- TEST_ASSERT( memcmp( msg + msg_len, tag, tag_len ) == 0 );
+ TEST_ASSERT( memcmp( msg->x + msg->len, tag, tag_len ) == 0 );
exit:
mbedtls_ccm_free( &ctx );
diff --git a/tests/suites/test_suite_chacha20.data b/tests/suites/test_suite_chacha20.data
new file mode 100644
index 0000000..3f9033e
--- /dev/null
+++ b/tests/suites/test_suite_chacha20.data
@@ -0,0 +1,29 @@
+ChaCha20 RFC 7539 Example and Test Vector (Encrypt)
+chacha20_crypt:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"000000000000004a00000000":1:"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"6e2e359a2568f98041ba0728dd0d6981e97e7aec1d4360c20a27afccfd9fae0bf91b65c5524733ab8f593dabcd62b3571639d624e65152ab8f530c359f0861d807ca0dbf500d6a6156a38e088a22b65e52bc514d16ccf806818ce91ab77937365af90bbf74a35be6b40b8eedf2785e42874d"
+
+ChaCha20 RFC 7539 Example and Test Vector (Decrypt)
+chacha20_crypt:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"000000000000004a00000000":1:"6e2e359a2568f98041ba0728dd0d6981e97e7aec1d4360c20a27afccfd9fae0bf91b65c5524733ab8f593dabcd62b3571639d624e65152ab8f530c359f0861d807ca0dbf500d6a6156a38e088a22b65e52bc514d16ccf806818ce91ab77937365af90bbf74a35be6b40b8eedf2785e42874d":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e"
+
+ChaCha20 RFC 7539 Test Vector #1 (Encrypt)
+chacha20_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":0:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586"
+
+ChaCha20 RFC 7539 Test Vector #1 (Decrypt)
+chacha20_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":0:"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+ChaCha20 RFC 7539 Test Vector #2 (Encrypt)
+chacha20_crypt:"0000000000000000000000000000000000000000000000000000000000000001":"000000000000000000000002":1:"416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f":"a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec2a97948bd3722915c8f3d337f7d370050e9e96d647b7c39f56e031ca5eb6250d4042e02785ececfa4b4bb5e8ead0440e20b6e8db09d881a7c6132f420e52795042bdfa7773d8a9051447b3291ce1411c680465552aa6c405b7764d5e87bea85ad00f8449ed8f72d0d662ab052691ca66424bc86d2df80ea41f43abf937d3259dc4b2d0dfb48a6c9139ddd7f76966e928e635553ba76c5c879d7b35d49eb2e62b0871cdac638939e25e8a1e0ef9d5280fa8ca328b351c3c765989cbcf3daa8b6ccc3aaf9f3979c92b3720fc88dc95ed84a1be059c6499b9fda236e7e818b04b0bc39c1e876b193bfe5569753f88128cc08aaa9b63d1a16f80ef2554d7189c411f5869ca52c5b83fa36ff216b9c1d30062bebcfd2dc5bce0911934fda79a86f6e698ced759c3ff9b6477338f3da4f9cd8514ea9982ccafb341b2384dd902f3d1ab7ac61dd29c6f21ba5b862f3730e37cfdc4fd806c22f221"
+
+ChaCha20 RFC 7539 Test Vector #2 (Decrypt)
+chacha20_crypt:"0000000000000000000000000000000000000000000000000000000000000001":"000000000000000000000002":1:"a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec2a97948bd3722915c8f3d337f7d370050e9e96d647b7c39f56e031ca5eb6250d4042e02785ececfa4b4bb5e8ead0440e20b6e8db09d881a7c6132f420e52795042bdfa7773d8a9051447b3291ce1411c680465552aa6c405b7764d5e87bea85ad00f8449ed8f72d0d662ab052691ca66424bc86d2df80ea41f43abf937d3259dc4b2d0dfb48a6c9139ddd7f76966e928e635553ba76c5c879d7b35d49eb2e62b0871cdac638939e25e8a1e0ef9d5280fa8ca328b351c3c765989cbcf3daa8b6ccc3aaf9f3979c92b3720fc88dc95ed84a1be059c6499b9fda236e7e818b04b0bc39c1e876b193bfe5569753f88128cc08aaa9b63d1a16f80ef2554d7189c411f5869ca52c5b83fa36ff216b9c1d30062bebcfd2dc5bce0911934fda79a86f6e698ced759c3ff9b6477338f3da4f9cd8514ea9982ccafb341b2384dd902f3d1ab7ac61dd29c6f21ba5b862f3730e37cfdc4fd806c22f221":"416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f"
+
+ChaCha20 RFC 7539 Test Vector #3 (Encrypt)
+chacha20_crypt:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000000000000000002":42:"2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e":"62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1"
+
+ChaCha20 RFC 7539 Test Vector #3 (Decrypt)
+chacha20_crypt:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000000000000000002":42:"62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1":"2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e"
+
+ChaCha20 Paremeter Validation
+chacha20_bad_params:
+
+ChaCha20 Selftest
+chacha20_self_test:
diff --git a/tests/suites/test_suite_chacha20.function b/tests/suites/test_suite_chacha20.function
new file mode 100644
index 0000000..669d91e
--- /dev/null
+++ b/tests/suites/test_suite_chacha20.function
@@ -0,0 +1,140 @@
+/* BEGIN_HEADER */
+#include "mbedtls/chacha20.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CHACHA20_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void chacha20_crypt( char *hex_key_string,
+ char *hex_nonce_string,
+ int counter,
+ char *hex_src_string,
+ char *hex_dst_string )
+{
+ unsigned char key_str[32]; /* size set by the standard */
+ unsigned char nonce_str[12]; /* size set by the standard */
+ unsigned char src_str[375]; /* max size of binary input */
+ unsigned char dst_str[751]; /* hex expansion of the above */
+ unsigned char output[751];
+ size_t key_len;
+ size_t nonce_len;
+ size_t src_len;
+ size_t dst_len;
+ mbedtls_chacha20_context ctx;
+
+ memset( key_str, 0x00, sizeof( key_str ) );
+ memset( nonce_str, 0x00, sizeof( nonce_str ) );
+ memset( src_str, 0x00, sizeof( src_str ) );
+ memset( dst_str, 0x00, sizeof( dst_str ) );
+ memset( output, 0x00, sizeof( output ) );
+
+ key_len = unhexify( key_str, hex_key_string );
+ nonce_len = unhexify( nonce_str, hex_nonce_string );
+ src_len = unhexify( src_str, hex_src_string );
+ dst_len = unhexify( dst_str, hex_dst_string );
+
+ TEST_ASSERT( src_len == dst_len );
+ TEST_ASSERT( key_len == 32U );
+ TEST_ASSERT( nonce_len == 12U );
+
+ /*
+ * Test the integrated API
+ */
+ TEST_ASSERT( mbedtls_chacha20_crypt( key_str, nonce_str, counter, src_len, src_str, output ) == 0 );
+
+ hexify( dst_str, output, src_len );
+ TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+
+ /*
+ * Test the streaming API
+ */
+ mbedtls_chacha20_init( &ctx );
+
+ TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, key_str ) == 0 );
+
+ TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str, counter ) == 0 );
+
+ memset( output, 0x00, sizeof( output ) );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_len, src_str, output ) == 0 );
+
+ hexify( dst_str, output, src_len );
+ TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+
+ /*
+ * Test the streaming API again, piecewise
+ */
+
+ /* Don't free/init the context nor set the key again,
+ * in order to test that starts() does the right thing. */
+ TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str, counter ) == 0 );
+
+ memset( output, 0x00, sizeof( output ) );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str, output ) == 0 );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_len - 1, src_str + 1, output + 1 ) == 0 );
+
+ hexify( dst_str, output, src_len );
+ TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+
+ mbedtls_chacha20_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void chacha20_bad_params()
+{
+ unsigned char key[32];
+ unsigned char nonce[12];
+ unsigned char src[1];
+ unsigned char dst[1];
+ uint32_t counter = 0;
+ size_t len = sizeof( src );
+ mbedtls_chacha20_context ctx;
+
+ mbedtls_chacha20_init( NULL );
+ mbedtls_chacha20_free( NULL );
+
+ mbedtls_chacha20_init( &ctx );
+
+ TEST_ASSERT( mbedtls_chacha20_setkey( NULL, key )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, NULL )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_chacha20_starts( NULL, nonce, counter )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_starts( &ctx, NULL, counter )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_chacha20_update( NULL, 0, src, dst )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, len, NULL, dst )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, len, src, NULL )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, 0, NULL, NULL )
+ == 0 );
+
+ mbedtls_chacha20_free( &ctx );
+
+ TEST_ASSERT( mbedtls_chacha20_crypt( NULL, nonce, counter, 0, src, dst )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_crypt( key, NULL, counter, 0, src, dst )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_crypt( key, nonce, counter, len, NULL, dst )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_crypt( key, nonce, counter, len, src, NULL )
+ == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chacha20_crypt( key, nonce, counter, 0, NULL, NULL )
+ == 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void chacha20_self_test()
+{
+ TEST_ASSERT( mbedtls_chacha20_self_test( 1 ) == 0 );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_chachapoly.data b/tests/suites/test_suite_chachapoly.data
new file mode 100644
index 0000000..34cb568
--- /dev/null
+++ b/tests/suites/test_suite_chachapoly.data
@@ -0,0 +1,27 @@
+ChaCha20-Poly1305 RFC 7539 Example and Test Vector (Encrypt)
+mbedtls_chachapoly_enc:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600691"
+
+ChaCha20-Poly1305 RFC 7539 Example and Test Vector (Decrypt)
+mbedtls_chachapoly_dec:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"1ae10b594f09e26a7e902ecbd0600691":0
+
+ChaCha20-Poly1305 RFC 7539 Example and Test Vector (Decrypt, not authentic)
+mbedtls_chachapoly_dec:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"1ae10b594f09e26a7e902ecbd0600690":MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED
+
+ChaCha20-Poly1305 RFC 7539 Test Vector #1 (Encrypt)
+mbedtls_chachapoly_enc:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"eead9d67890cbb22392336fea1851f38"
+
+ChaCha20-Poly1305 RFC 7539 Test Vector #1 (Decrypt)
+mbedtls_chachapoly_dec:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":"eead9d67890cbb22392336fea1851f38":0
+
+ChaCha20-Poly1305 RFC 7539 Test Vector #1 (Decrypt, not authentic)
+mbedtls_chachapoly_dec:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":"fead9d67890cbb22392336fea1851f38":MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED
+
+ChaCha20-Poly1305 State Flow
+chachapoly_state:
+
+ChaCha20-Poly1305 Parameter Validation
+chachapoly_bad_params:
+
+ChaCha20-Poly1305 Selftest
+depends_on:MBEDTLS_SELF_TEST
+chachapoly_selftest:
diff --git a/tests/suites/test_suite_chachapoly.function b/tests/suites/test_suite_chachapoly.function
new file mode 100644
index 0000000..95dfd8a
--- /dev/null
+++ b/tests/suites/test_suite_chachapoly.function
@@ -0,0 +1,347 @@
+/* BEGIN_HEADER */
+#include "mbedtls/chachapoly.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CHACHAPOLY_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_chachapoly_enc( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string )
+{
+ unsigned char key_str[32]; /* size set by the standard */
+ unsigned char nonce_str[12]; /* size set by the standard */
+ unsigned char aad_str[12]; /* max size of test data so far */
+ unsigned char input_str[265]; /* max size of binary input/output so far */
+ unsigned char output_str[265];
+ unsigned char output[265];
+ unsigned char mac_str[16]; /* size set by the standard */
+ unsigned char mac[16]; /* size set by the standard */
+ size_t input_len;
+ size_t output_len;
+ size_t aad_len;
+ size_t key_len;
+ size_t nonce_len;
+ size_t mac_len;
+ mbedtls_chachapoly_context ctx;
+
+ memset( key_str, 0x00, sizeof( key_str ) );
+ memset( nonce_str, 0x00, sizeof( nonce_str ) );
+ memset( aad_str, 0x00, sizeof( aad_str ) );
+ memset( input_str, 0x00, sizeof( input_str ) );
+ memset( output_str, 0x00, sizeof( output_str ) );
+ memset( mac_str, 0x00, sizeof( mac_str ) );
+
+ aad_len = unhexify( aad_str, hex_aad_string );
+ input_len = unhexify( input_str, hex_input_string );
+ output_len = unhexify( output_str, hex_output_string );
+ key_len = unhexify( key_str, hex_key_string );
+ nonce_len = unhexify( nonce_str, hex_nonce_string );
+ mac_len = unhexify( mac_str, hex_mac_string );
+
+ TEST_ASSERT( key_len == 32 );
+ TEST_ASSERT( nonce_len == 12 );
+ TEST_ASSERT( mac_len == 16 );
+
+ mbedtls_chachapoly_init( &ctx );
+
+ TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str ) == 0 );
+
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ input_len, nonce_str,
+ aad_str, aad_len,
+ input_str, output, mac ) == 0 );
+
+ TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
+ TEST_ASSERT( memcmp( mac_str, mac, 16U ) == 0 );
+
+exit:
+ mbedtls_chachapoly_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_chachapoly_dec( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string, int ret_exp )
+{
+ unsigned char key_str[32]; /* size set by the standard */
+ unsigned char nonce_str[12]; /* size set by the standard */
+ unsigned char aad_str[12]; /* max size of test data so far */
+ unsigned char input_str[265]; /* max size of binary input/output so far */
+ unsigned char output_str[265];
+ unsigned char output[265];
+ unsigned char mac_str[16]; /* size set by the standard */
+ size_t input_len;
+ size_t output_len;
+ size_t aad_len;
+ size_t key_len;
+ size_t nonce_len;
+ size_t mac_len;
+ int ret;
+ mbedtls_chachapoly_context ctx;
+
+ memset( key_str, 0x00, sizeof( key_str ) );
+ memset( nonce_str, 0x00, sizeof( nonce_str ) );
+ memset( aad_str, 0x00, sizeof( aad_str ) );
+ memset( input_str, 0x00, sizeof( input_str ) );
+ memset( output_str, 0x00, sizeof( output_str ) );
+ memset( mac_str, 0x00, sizeof( mac_str ) );
+
+ aad_len = unhexify( aad_str, hex_aad_string );
+ input_len = unhexify( input_str, hex_input_string );
+ output_len = unhexify( output_str, hex_output_string );
+ key_len = unhexify( key_str, hex_key_string );
+ nonce_len = unhexify( nonce_str, hex_nonce_string );
+ mac_len = unhexify( mac_str, hex_mac_string );
+
+ TEST_ASSERT( key_len == 32 );
+ TEST_ASSERT( nonce_len == 12 );
+ TEST_ASSERT( mac_len == 16 );
+
+ mbedtls_chachapoly_init( &ctx );
+
+ TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str ) == 0 );
+
+ ret = mbedtls_chachapoly_auth_decrypt( &ctx,
+ input_len, nonce_str,
+ aad_str, aad_len,
+ mac_str, input_str, output );
+
+ TEST_ASSERT( ret == ret_exp );
+ if( ret_exp == 0 )
+ {
+ TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
+ }
+
+exit:
+ mbedtls_chachapoly_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void chachapoly_bad_params()
+{
+ unsigned char key[32];
+ unsigned char nonce[12];
+ unsigned char aad[1];
+ unsigned char input[1];
+ unsigned char output[1];
+ unsigned char mac[16];
+ size_t input_len = sizeof( input );
+ size_t aad_len = sizeof( aad );
+ mbedtls_chachapoly_context ctx;
+
+ memset( key, 0x00, sizeof( key ) );
+ memset( nonce, 0x00, sizeof( nonce ) );
+ memset( aad, 0x00, sizeof( aad ) );
+ memset( input, 0x00, sizeof( input ) );
+ memset( output, 0x00, sizeof( output ) );
+ memset( mac, 0x00, sizeof( mac ) );
+
+ mbedtls_chachapoly_init( NULL );
+ mbedtls_chachapoly_free( NULL );
+
+ mbedtls_chachapoly_init( &ctx );
+
+ TEST_ASSERT( mbedtls_chachapoly_setkey( NULL, key )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, NULL )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( NULL,
+ 0, nonce,
+ aad, 0,
+ input, output, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ 0, NULL,
+ aad, 0,
+ input, output, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ 0, nonce,
+ NULL, aad_len,
+ input, output, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ input_len, nonce,
+ aad, 0,
+ NULL, output, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ input_len, nonce,
+ aad, 0,
+ input, NULL, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ 0, nonce,
+ aad, 0,
+ input, output, NULL )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_chachapoly_auth_decrypt( NULL,
+ 0, nonce,
+ aad, 0,
+ mac, input, output )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_auth_decrypt( &ctx,
+ 0, NULL,
+ aad, 0,
+ mac, input, output )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_auth_decrypt( &ctx,
+ 0, nonce,
+ NULL, aad_len,
+ mac, input, output )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_auth_decrypt( &ctx,
+ 0, nonce,
+ aad, 0,
+ NULL, input, output )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_auth_decrypt( &ctx,
+ input_len, nonce,
+ aad, 0,
+ mac, NULL, output )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_auth_decrypt( &ctx,
+ input_len, nonce,
+ aad, 0,
+ mac, input, NULL )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ 0, nonce,
+ aad, aad_len,
+ NULL, NULL, mac )
+ == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_auth_decrypt( &ctx,
+ 0, nonce,
+ aad, aad_len,
+ mac, NULL, NULL )
+ == 0 );
+
+ TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
+ input_len, nonce,
+ NULL, 0,
+ input, output, mac )
+ == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_auth_decrypt( &ctx,
+ input_len, nonce,
+ NULL, 0,
+ mac, input, output )
+ == 0 );
+
+ TEST_ASSERT( mbedtls_chachapoly_starts( NULL, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, NULL, MBEDTLS_CHACHAPOLY_ENCRYPT )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_chachapoly_update_aad( NULL, aad, aad_len )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, NULL, aad_len )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_chachapoly_update( NULL, input_len, input, output )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, NULL, output )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, NULL )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_chachapoly_finish( NULL, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, NULL )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+exit:
+ mbedtls_chachapoly_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void chachapoly_state()
+{
+ unsigned char key[32];
+ unsigned char nonce[12];
+ unsigned char aad[1];
+ unsigned char input[1];
+ unsigned char output[1];
+ unsigned char mac[16];
+ size_t input_len = sizeof( input );
+ size_t aad_len = sizeof( aad );
+ mbedtls_chachapoly_context ctx;
+
+ memset( key, 0x00, sizeof( key ) );
+ memset( nonce, 0x00, sizeof( nonce ) );
+ memset( aad, 0x00, sizeof( aad ) );
+ memset( input, 0x00, sizeof( input ) );
+ memset( output, 0x00, sizeof( output ) );
+ memset( mac, 0x00, sizeof( mac ) );
+
+ /* Initial state: finish, update, update_aad forbidden */
+ mbedtls_chachapoly_init( &ctx );
+
+ TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+ TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+ TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+
+ /* Still initial state: finish, update, update_aad forbidden */
+ TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key )
+ == 0 );
+
+ TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+ TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+ TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+
+ /* Starts -> finish OK */
+ TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
+ == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
+ == 0 );
+
+ /* After finish: update, update_aad forbidden */
+ TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+ TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+
+ /* Starts -> update* OK */
+ TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
+ == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
+ == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
+ == 0 );
+
+ /* After update: update_aad forbidden */
+ TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
+ == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+
+ /* Starts -> update_aad* -> finish OK */
+ TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
+ == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
+ == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
+ == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
+ == 0 );
+
+exit:
+ mbedtls_chachapoly_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void chachapoly_selftest()
+{
+ TEST_ASSERT( mbedtls_chachapoly_self_test( 1 ) == 0 );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_cipher.ccm.data b/tests/suites/test_suite_cipher.ccm.data
index dc44091..264ce99 100644
--- a/tests/suites/test_suite_cipher.ccm.data
+++ b/tests/suites/test_suite_cipher.ccm.data
@@ -1,480 +1,480 @@
AES-128-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":""
AES-128-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":""
AES-128-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":""
AES-128-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":""
AES-128-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":""
AES-128-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":""
AES-128-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":""
AES-128-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":""
AES-128-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
AES-128-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":""
AES-128-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
AES-128-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":""
AES-128-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
AES-128-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":""
AES-128-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
AES-128-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":""
AES-128-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":""
AES-128-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":""
AES-128-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":""
AES-128-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":""
AES-128-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":""
AES-128-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":""
AES-128-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":""
AES-128-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":""
AES-128-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
AES-128-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":""
AES-128-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
AES-128-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":""
AES-128-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
AES-128-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":""
AES-128-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
AES-128-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":""
AES-192-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":""
AES-192-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":""
AES-192-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":""
AES-192-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":""
AES-192-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":""
AES-192-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":""
AES-192-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":""
AES-192-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":""
AES-192-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
AES-192-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":""
AES-192-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
AES-192-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":""
AES-192-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
AES-192-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":""
AES-192-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
AES-192-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":""
AES-192-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":""
AES-192-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":""
AES-192-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":""
AES-192-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":""
AES-192-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":""
AES-192-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":""
AES-192-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":""
AES-192-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":""
AES-192-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
AES-192-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":""
AES-192-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
AES-192-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":""
AES-192-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
AES-192-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":""
AES-192-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
AES-192-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":""
AES-256-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":""
AES-256-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":""
AES-256-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":""
AES-256-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":""
AES-256-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":""
AES-256-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":""
AES-256-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":""
AES-256-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":""
AES-256-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
AES-256-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":""
AES-256-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
AES-256-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":""
AES-256-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
AES-256-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":""
AES-256-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
AES-256-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":""
AES-256-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":""
AES-256-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":""
AES-256-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":""
AES-256-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":""
AES-256-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":""
AES-256-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":""
AES-256-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":""
AES-256-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":""
AES-256-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
AES-256-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":""
AES-256-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
AES-256-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":""
AES-256-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
AES-256-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":""
AES-256-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
AES-256-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":""
Camellia-CCM test vector RFC 5528 #1
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0D":"FCAECE746B3DB9AD":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0D":"FCAECE746B3DB9AD":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
Camellia-CCM test vector RFC 5528 #2
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F33":"60B2295DF24283E8":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F33":"60B2295DF24283E8":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
Camellia-CCM test vector RFC 5528 #3
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204":"F551D6682F23AA46":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204":"F551D6682F23AA46":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20"
Camellia-CCM test vector RFC 5528 #4
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A0":"8B3A933A63E497A0":"0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A0":"8B3A933A63E497A0":"":"0C0D0E0F101112131415161718191A1B1C1D1E"
Camellia-CCM test vector RFC 5528 #5
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A7725":"8FA17BA7F331DB09":"0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A7725":"8FA17BA7F331DB09":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F"
Camellia-CCM test vector RFC 5528 #6
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BAB":"AB36A1EE4FE0FE28":"0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BAB":"AB36A1EE4FE0FE28":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20"
Camellia-CCM test vector RFC 5528 #7
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2C":"ACAFA3BCCF7A4EBF9573":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2C":"ACAFA3BCCF7A4EBF9573":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
Camellia-CCM test vector RFC 5528 #8
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F575":"7388E4913EF14701F441":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F575":"7388E4913EF14701F441":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
Camellia-CCM test vector RFC 5528 #9
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A57787":"94D6E230CD25C9FEBF87":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A57787":"94D6E230CD25C9FEBF87":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20"
Camellia-CCM test vector RFC 5528 #10
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5C":"D09299EB11F312F23237":"0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5C":"D09299EB11F312F23237":"":"0C0D0E0F101112131415161718191A1B1C1D1E"
Camellia-CCM test vector RFC 5528 #11
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056":"079DAFFADA16CCCF2C4E":"0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056":"079DAFFADA16CCCF2C4E":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F"
Camellia-CCM test vector RFC 5528 #12
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748":"CBB94C2947793D64AF75":"0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748":"CBB94C2947793D64AF75":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20"
Camellia-CCM test vector RFC 5528 #13
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F6":"4558C02D25B127EE":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F6":"4558C02D25B127EE":"":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3"
Camellia-CCM test vector RFC 5528 #14
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C":"867D6E1C48703806":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C":"867D6E1C48703806":"":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7"
Camellia-CCM test vector RFC 5528 #15
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466C":"A80878A790476DE5":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466C":"A80878A790476DE5":"":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08"
Camellia-CCM test vector RFC 5528 #16
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB2260893":"68C354828D950CC5":"B005DCFA0B59181426A961685A993D8C43185B"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB2260893":"68C354828D950CC5":"":"B005DCFA0B59181426A961685A993D8C43185B"
Camellia-CCM test vector RFC 5528 #17
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF4":"3147383276F66A9F":"2E20211298105F129D5ED95B93F72D30B2FACCD7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF4":"3147383276F66A9F":"":"2E20211298105F129D5ED95B93F72D30B2FACCD7"
Camellia-CCM test vector RFC 5528 #18
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340":"A1A3D31F8D4B44B7":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340":"A1A3D31F8D4B44B7":"":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9"
Camellia-CCM test vector RFC 5528 #19
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697":"A0066D57C84BEC182768":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697":"A0066D57C84BEC182768":"":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D"
Camellia-CCM test vector RFC 5528 #20
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B":"7FA775B150ED4383C5A9":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B":"7FA775B150ED4383C5A9":"":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC"
Camellia-CCM test vector RFC 5528 #21
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43C":"D20A02E0BDCAED2010D3":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43C":"D20A02E0BDCAED2010D3":"":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB"
Camellia-CCM test vector RFC 5528 #22
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A":"2DEA0936B6EB5F625F5D":"C238822FAC5F98FF929405B0AD127A4E41854E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A":"2DEA0936B6EB5F625F5D":"":"C238822FAC5F98FF929405B0AD127A4E41854E"
Camellia-CCM test vector RFC 5528 #23
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA":"8924764296AD04119CE7":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA":"8924764296AD04119CE7":"":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7"
Camellia-CCM test vector RFC 5528 #24
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D"
diff --git a/tests/suites/test_suite_cipher.chacha20.data b/tests/suites/test_suite_cipher.chacha20.data
new file mode 100644
index 0000000..c67e582
--- /dev/null
+++ b/tests/suites/test_suite_cipher.chacha20.data
@@ -0,0 +1,115 @@
+Decrypt empty buffer
+depends_on:MBEDTLS_CHACHA20_C
+dec_empty_buf:
+
+Chacha20 RFC 7539 Test Vector #1
+depends_on:MBEDTLS_CHACHA20_C
+decrypt_test_vec:MBEDTLS_CIPHER_CHACHA20:-1:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"":"":0:0
+
+ChaCha20 Encrypt and decrypt 0 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:0:-1
+
+ChaCha20 Encrypt and decrypt 1 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:1:-1
+
+ChaCha20 Encrypt and decrypt 2 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:2:-1
+
+ChaCha20 Encrypt and decrypt 7 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:7:-1
+
+ChaCha20 Encrypt and decrypt 8 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:8:-1
+
+ChaCha20 Encrypt and decrypt 9 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:9:-1
+
+ChaCha20 Encrypt and decrypt 15 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:15:-1
+
+ChaCha20 Encrypt and decrypt 16 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:16:-1
+
+ChaCha20 Encrypt and decrypt 17 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:17:-1
+
+ChaCha20 Encrypt and decrypt 31 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:31:-1
+
+ChaCha20 Encrypt and decrypt 32 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:32:-1
+
+ChaCha20 Encrypt and decrypt 33 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:33:-1
+
+ChaCha20 Encrypt and decrypt 47 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:47:-1
+
+ChaCha20 Encrypt and decrypt 48 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:48:-1
+
+ChaCha20 Encrypt and decrypt 49 bytes
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":256:49:-1
+
+ChaCha20 Encrypt and decrypt 0 bytes in multiple parts 1
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:0:0:-1:0:0:0:0
+
+ChaCha20 Encrypt and decrypt 1 bytes in multiple parts 1
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:1:0:-1:1:0:1:0
+
+ChaCha20 Encrypt and decrypt 1 bytes in multiple parts 2
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:0:1:-1:0:1:0:1
+
+ChaCha20 Encrypt and decrypt 16 bytes in multiple parts 1
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:16:0:-1:16:0:16:0
+
+ChaCha20 Encrypt and decrypt 16 bytes in multiple parts 2
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:0:16:-1:0:16:0:16
+
+ChaCha20 Encrypt and decrypt 16 bytes in multiple parts 3
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:1:15:-1:1:15:1:15
+
+ChaCha20 Encrypt and decrypt 16 bytes in multiple parts 4
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:15:1:-1:15:1:15:1
+
+ChaCha20 Encrypt and decrypt 22 bytes in multiple parts 1
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:15:7:-1:15:7:15:7
+
+ChaCha20 Encrypt and decrypt 22 bytes in multiple parts 2
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:7:15:-1:7:15:7:15
+
+ChaCha20 Encrypt and decrypt 22 bytes in multiple parts 3
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:16:6:-1:16:6:16:6
+
+ChaCha20 Encrypt and decrypt 22 bytes in multiple parts 4
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:6:16:-1:6:16:6:16
+
+ChaCha20 Encrypt and decrypt 32 bytes in multiple parts
+depends_on:MBEDTLS_CHACHA20_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:16:16:-1:16:16:16:16
diff --git a/tests/suites/test_suite_cipher.chachapoly.data b/tests/suites/test_suite_cipher.chachapoly.data
new file mode 100644
index 0000000..9d74d56
--- /dev/null
+++ b/tests/suites/test_suite_cipher.chachapoly.data
@@ -0,0 +1,123 @@
+Decrypt empty buffer
+depends_on:MBEDTLS_CHACHAPOLY_C
+dec_empty_buf:
+
+ChaCha20+Poly1305 Encrypt and decrypt 0 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:0:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 1 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:1:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 2 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:2:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 7 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:7:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 8 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:8:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 9 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:9:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 15 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:15:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 16 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:16:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 17 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:17:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 31 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:31:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 32 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:32:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 33 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:33:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 47 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:47:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 48 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:48:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 49 bytes
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":256:49:-1
+
+ChaCha20+Poly1305 Encrypt and decrypt 0 bytes in multiple parts 1
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:0:0:-1:0:0:0:0
+
+ChaCha20+Poly1305 Encrypt and decrypt 1 bytes in multiple parts 1
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:1:0:-1:1:0:1:0
+
+ChaCha20+Poly1305 Encrypt and decrypt 1 bytes in multiple parts 2
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:0:1:-1:0:1:0:1
+
+ChaCha20+Poly1305 Encrypt and decrypt 16 bytes in multiple parts 1
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:16:0:-1:16:0:16:0
+
+ChaCha20+Poly1305 Encrypt and decrypt 16 bytes in multiple parts 2
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:0:16:-1:0:16:0:16
+
+ChaCha20+Poly1305 Encrypt and decrypt 16 bytes in multiple parts 3
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:1:15:-1:1:15:1:15
+
+ChaCha20+Poly1305 Encrypt and decrypt 16 bytes in multiple parts 4
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:15:1:-1:15:1:15:1
+
+ChaCha20+Poly1305 Encrypt and decrypt 22 bytes in multiple parts 1
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:15:7:-1:15:7:15:7
+
+ChaCha20+Poly1305 Encrypt and decrypt 22 bytes in multiple parts 2
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:7:15:-1:7:15:7:15
+
+ChaCha20+Poly1305 Encrypt and decrypt 22 bytes in multiple parts 3
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:16:6:-1:16:6:16:6
+
+ChaCha20+Poly1305 Encrypt and decrypt 22 bytes in multiple parts 4
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:6:16:-1:6:16:6:16
+
+ChaCha20+Poly1305 Encrypt and decrypt 32 bytes in multiple parts
+depends_on:MBEDTLS_CHACHAPOLY_C
+enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:16:16:-1:16:16:16:16
+
+ChaCha20+Poly1305 RFC 7539 Test Vector #1
+depends_on:MBEDTLS_CHACHAPOLY_C
+auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"eead9d67890cbb22392336fea1851f38":"":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d"
+
+ChaCha20+Poly1305 RFC 7539 Test Vector #1 Unauthentic (1st bit flipped)
+depends_on:MBEDTLS_CHACHAPOLY_C
+auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"6ead9d67890cbb22392336fea1851f38":"FAIL":""
+
+Chacha20+Poly1305 RFC 7539 Test Vector #1 (streaming)
+depends_on:MBEDTLS_CHACHAPOLY_C
+decrypt_test_vec:MBEDTLS_CIPHER_CHACHA20_POLY1305:-1:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":"f33388860000000000004e91":"eead9d67890cbb22392336fea1851f38":0:0
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 9899289..0de02e8 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -12,7 +12,7 @@
*/
/* BEGIN_CASE */
-void mbedtls_cipher_list( )
+void mbedtls_cipher_list( )
{
const int *cipher_type;
@@ -22,7 +22,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_null_args( )
+void cipher_null_args( )
{
mbedtls_cipher_context_t ctx;
const mbedtls_cipher_info_t *info = mbedtls_cipher_info_from_type( *( mbedtls_cipher_list() ) );
@@ -60,7 +60,7 @@
TEST_ASSERT( mbedtls_cipher_reset( NULL ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_cipher_reset( &ctx ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
TEST_ASSERT( mbedtls_cipher_update_ad( NULL, buf, 0 )
== MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_cipher_update_ad( &ctx, buf, 0 )
@@ -77,7 +77,7 @@
TEST_ASSERT( mbedtls_cipher_finish( &ctx, buf, &olen )
== MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
TEST_ASSERT( mbedtls_cipher_write_tag( NULL, buf, olen )
== MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_cipher_write_tag( &ctx, buf, olen )
@@ -92,7 +92,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
-void cipher_special_behaviours( )
+void cipher_special_behaviours( )
{
const mbedtls_cipher_info_t *cipher_info;
mbedtls_cipher_context_t ctx;
@@ -130,7 +130,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
+void enc_dec_buf( int cipher_id, char * cipher_string, int key_len,
int length_val, int pad_mode )
{
size_t length = length_val, outlen, total_len, i, block_size;
@@ -195,7 +195,7 @@
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
#endif
@@ -215,7 +215,7 @@
TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
total_len += outlen;
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
#endif
@@ -236,7 +236,7 @@
TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
total_len += outlen;
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
#endif
@@ -255,8 +255,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void enc_fail( int cipher_id, int pad_mode, int key_len,
- int length_val, int ret )
+void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val,
+ int ret )
{
size_t length = length_val;
unsigned char key[32];
@@ -292,7 +292,7 @@
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) );
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) );
#endif
@@ -307,7 +307,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void dec_empty_buf()
+void dec_empty_buf( )
{
unsigned char key[32];
unsigned char iv[16];
@@ -340,7 +340,7 @@
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
#endif
@@ -416,7 +416,7 @@
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) );
#endif
@@ -471,80 +471,56 @@
/* END_CASE */
/* BEGIN_CASE */
-void decrypt_test_vec( int cipher_id, int pad_mode,
- char *hex_key, char *hex_iv,
- char *hex_cipher, char *hex_clear,
- char *hex_ad, char *hex_tag,
+void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key,
+ data_t * iv, data_t * cipher,
+ data_t * clear, data_t * ad, data_t * tag,
int finish_result, int tag_result )
{
- unsigned char key[50];
- unsigned char iv[50];
- unsigned char cipher[200];
- unsigned char clear[200];
- unsigned char ad[200];
- unsigned char tag[20];
- size_t key_len, iv_len, cipher_len, clear_len;
-#if defined(MBEDTLS_GCM_C)
- size_t ad_len, tag_len;
-#endif
+ unsigned char output[265];
mbedtls_cipher_context_t ctx;
- unsigned char output[200];
size_t outlen, total_len;
mbedtls_cipher_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( iv, 0x00, sizeof( iv ) );
- memset( cipher, 0x00, sizeof( cipher ) );
- memset( clear, 0x00, sizeof( clear ) );
- memset( ad, 0x00, sizeof( ad ) );
- memset( tag, 0x00, sizeof( tag ) );
memset( output, 0x00, sizeof( output ) );
- key_len = unhexify( key, hex_key );
- iv_len = unhexify( iv, hex_iv );
- cipher_len = unhexify( cipher, hex_cipher );
- clear_len = unhexify( clear, hex_clear );
-#if defined(MBEDTLS_GCM_C)
- ad_len = unhexify( ad, hex_ad );
- tag_len = unhexify( tag, hex_tag );
-#else
- ((void) hex_ad);
- ((void) hex_tag);
+#if !defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CHACHAPOLY_C)
+ ((void) ad);
+ ((void) tag);
#endif
/* Prepare context */
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
mbedtls_cipher_info_from_type( cipher_id ) ) );
- TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, MBEDTLS_DECRYPT ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
if( pad_mode != -1 )
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
#else
(void) pad_mode;
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
- TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, iv_len ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv->x, iv->len ) );
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
-#if defined(MBEDTLS_GCM_C)
- TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad, ad_len ) );
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad->x, ad->len ) );
#endif
- /* decode buffer and check tag */
+ /* decode buffer and check tag->x */
total_len = 0;
- TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher, cipher_len, output, &outlen ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher->x, cipher->len, output, &outlen ) );
total_len += outlen;
TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
&outlen ) );
total_len += outlen;
-#if defined(MBEDTLS_GCM_C)
- TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag, tag_len ) );
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag->x, tag->len ) );
#endif
/* check plaintext only if everything went fine */
if( 0 == finish_result && 0 == tag_result )
{
- TEST_ASSERT( total_len == clear_len );
- TEST_ASSERT( 0 == memcmp( output, clear, clear_len ) );
+ TEST_ASSERT( total_len == clear->len );
+ TEST_ASSERT( 0 == memcmp( output, clear->x, clear->len ) );
}
exit:
@@ -553,56 +529,38 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */
-void auth_crypt_tv( int cipher_id, char *hex_key, char *hex_iv,
- char *hex_ad, char *hex_cipher,
- char *hex_tag, char *hex_clear )
+void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
+ data_t * ad, data_t * cipher, data_t * tag,
+ char * result, data_t * clear )
{
int ret;
- unsigned char key[50];
- unsigned char iv[50];
- unsigned char cipher[200];
- unsigned char clear[200];
- unsigned char ad[200];
- unsigned char tag[20];
+ unsigned char output[267]; /* above + 2 (overwrite check) */
unsigned char my_tag[20];
- size_t key_len, iv_len, cipher_len, clear_len, ad_len, tag_len;
mbedtls_cipher_context_t ctx;
- unsigned char output[200];
size_t outlen;
mbedtls_cipher_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( iv, 0x00, sizeof( iv ) );
- memset( cipher, 0x00, sizeof( cipher ) );
- memset( clear, 0x00, sizeof( clear ) );
- memset( ad, 0x00, sizeof( ad ) );
- memset( tag, 0x00, sizeof( tag ) );
- memset( my_tag, 0xFF, sizeof( my_tag ) );
memset( output, 0xFF, sizeof( output ) );
+ memset( my_tag, 0xFF, sizeof( my_tag ) );
- key_len = unhexify( key, hex_key );
- iv_len = unhexify( iv, hex_iv );
- cipher_len = unhexify( cipher, hex_cipher );
- ad_len = unhexify( ad, hex_ad );
- tag_len = unhexify( tag, hex_tag );
/* Prepare context */
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
mbedtls_cipher_info_from_type( cipher_id ) ) );
- TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, MBEDTLS_DECRYPT ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
- /* decode buffer and check tag */
- ret = mbedtls_cipher_auth_decrypt( &ctx, iv, iv_len, ad, ad_len,
- cipher, cipher_len, output, &outlen,
- tag, tag_len );
+ /* decode buffer and check tag->x */
+ ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
+ cipher->x, cipher->len, output, &outlen,
+ tag->x, tag->len );
/* make sure we didn't overwrite */
TEST_ASSERT( output[outlen + 0] == 0xFF );
TEST_ASSERT( output[outlen + 1] == 0xFF );
/* make sure the message is rejected if it should be */
- if( strcmp( hex_clear, "FAIL" ) == 0 )
+ if( strcmp( result, "FAIL" ) == 0 )
{
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
goto exit;
@@ -611,28 +569,27 @@
/* otherwise, make sure it was decrypted properly */
TEST_ASSERT( ret == 0 );
- clear_len = unhexify( clear, hex_clear );
- TEST_ASSERT( outlen == clear_len );
- TEST_ASSERT( memcmp( output, clear, clear_len ) == 0 );
+ TEST_ASSERT( outlen == clear->len );
+ TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
- /* then encrypt the clear and make sure we get the same ciphertext and tag */
+ /* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */
memset( output, 0xFF, sizeof( output ) );
outlen = 0;
- ret = mbedtls_cipher_auth_encrypt( &ctx, iv, iv_len, ad, ad_len,
- clear, clear_len, output, &outlen,
- my_tag, tag_len );
+ ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
+ clear->x, clear->len, output, &outlen,
+ my_tag, tag->len );
TEST_ASSERT( ret == 0 );
- TEST_ASSERT( outlen == clear_len );
- TEST_ASSERT( memcmp( output, cipher, clear_len ) == 0 );
- TEST_ASSERT( memcmp( my_tag, tag, tag_len ) == 0 );
+ TEST_ASSERT( outlen == clear->len );
+ TEST_ASSERT( memcmp( output, cipher->x, clear->len ) == 0 );
+ TEST_ASSERT( memcmp( my_tag, tag->x, tag->len ) == 0 );
/* make sure we didn't overwrite */
TEST_ASSERT( output[outlen + 0] == 0xFF );
TEST_ASSERT( output[outlen + 1] == 0xFF );
- TEST_ASSERT( my_tag[tag_len + 0] == 0xFF );
- TEST_ASSERT( my_tag[tag_len + 1] == 0xFF );
+ TEST_ASSERT( my_tag[tag->len + 0] == 0xFF );
+ TEST_ASSERT( my_tag[tag->len + 1] == 0xFF );
exit:
@@ -641,38 +598,26 @@
/* END_CASE */
/* BEGIN_CASE */
-void test_vec_ecb( int cipher_id, int operation, char *hex_key,
- char *hex_input, char *hex_result,
- int finish_result )
+void test_vec_ecb( int cipher_id, int operation, data_t * key,
+ data_t * input, data_t * result, int finish_result
+ )
{
- unsigned char key[50];
- unsigned char input[16];
- unsigned char result[16];
- size_t key_len;
mbedtls_cipher_context_t ctx;
unsigned char output[32];
size_t outlen;
mbedtls_cipher_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( input, 0x00, sizeof( input ) );
- memset( result, 0x00, sizeof( result ) );
memset( output, 0x00, sizeof( output ) );
/* Prepare context */
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
mbedtls_cipher_info_from_type( cipher_id ) ) );
- key_len = unhexify( key, hex_key );
- TEST_ASSERT( unhexify( input, hex_input ) ==
- (int) mbedtls_cipher_get_block_size( &ctx ) );
- TEST_ASSERT( unhexify( result, hex_result ) ==
- (int) mbedtls_cipher_get_block_size( &ctx ) );
- TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, operation ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
- TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input,
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input->x,
mbedtls_cipher_get_block_size( &ctx ),
output, &outlen ) );
TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) );
@@ -682,7 +627,7 @@
/* check plaintext only if everything went fine */
if( 0 == finish_result )
- TEST_ASSERT( 0 == memcmp( output, result,
+ TEST_ASSERT( 0 == memcmp( output, result->x,
mbedtls_cipher_get_block_size( &ctx ) ) );
exit:
@@ -710,12 +655,12 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void check_padding( int pad_mode, char *input_str, int ret, int dlen_check )
+void check_padding( int pad_mode, data_t * input, int ret, int dlen_check
+ )
{
mbedtls_cipher_info_t cipher_info;
mbedtls_cipher_context_t ctx;
- unsigned char input[16];
- size_t ilen, dlen;
+ size_t dlen;
/* build a fake context just for getting access to get_padding */
mbedtls_cipher_init( &ctx );
@@ -724,9 +669,8 @@
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
- ilen = unhexify( input, input_str );
- TEST_ASSERT( ret == ctx.get_padding( input, ilen, &dlen ) );
+ TEST_ASSERT( ret == ctx.get_padding( input->x, input->len, &dlen ) );
if( 0 == ret )
TEST_ASSERT( dlen == (size_t) dlen_check );
}
diff --git a/tests/suites/test_suite_cmac.function b/tests/suites/test_suite_cmac.function
index 4b31ab2..cabf107 100644
--- a/tests/suites/test_suite_cmac.function
+++ b/tests/suites/test_suite_cmac.function
@@ -9,14 +9,14 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void mbedtls_cmac_self_test( )
+void mbedtls_cmac_self_test( )
{
TEST_ASSERT( mbedtls_cmac_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_cmac_null_args( )
+void mbedtls_cmac_null_args( )
{
mbedtls_cipher_context_t ctx;
const mbedtls_cipher_info_t *cipher_info;
@@ -99,8 +99,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_cmac_setkey( int cipher_type, int key_size,
- int result )
+void mbedtls_cmac_setkey( int cipher_type, int key_size, int result )
{
const mbedtls_cipher_info_t *cipher_info;
unsigned char key[32];
@@ -120,32 +119,19 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_cmac_multiple_blocks( int cipher_type,
- char *key_string, int keybits,
- int block_size,
- char *block1_string, int block1_len,
- char *block2_string, int block2_len,
- char *block3_string, int block3_len,
- char *block4_string, int block4_len,
- char *expected_result_string )
+void mbedtls_cmac_multiple_blocks( int cipher_type, data_t * key,
+ int keybits, int block_size,
+ data_t * block1, int block1_len,
+ data_t * block2, int block2_len,
+ data_t * block3, int block3_len,
+ data_t * block4, int block4_len,
+ data_t * expected_result )
{
- unsigned char key[100];
- unsigned char block1[100];
- unsigned char block2[100];
- unsigned char block3[100];
- unsigned char block4[100];
- unsigned char expected_result[100];
const mbedtls_cipher_info_t *cipher_info;
mbedtls_cipher_context_t ctx;
unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
/* Convert the test parameters to binary data */
- unhexify( key, key_string );
- unhexify( block1, block1_string );
- unhexify( block2, block2_string );
- unhexify( block3, block3_string );
- unhexify( block4, block4_string );
- unhexify( expected_result, expected_result_string );
mbedtls_cipher_init( &ctx );
@@ -162,34 +148,34 @@
TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx,
- (const unsigned char*)key,
+ (const unsigned char*)key->x,
keybits ) == 0 );
/* Multiple partial and complete blocks. A negative length means skip the
* update operation */
if( block1_len >= 0)
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block1,
+ (unsigned char*)block1->x,
block1_len ) == 0);
if( block2_len >= 0 )
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block2,
+ (unsigned char*)block2->x,
block2_len ) == 0);
if( block3_len >= 0 )
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block3,
+ (unsigned char*)block3->x,
block3_len ) == 0);
if( block4_len >= 0 )
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block4,
+ (unsigned char*)block4->x,
block4_len ) == 0);
TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
- TEST_ASSERT( memcmp( output, expected_result, block_size ) == 0 );
+ TEST_ASSERT( memcmp( output, expected_result->x, block_size ) == 0 );
exit:
mbedtls_cipher_free( &ctx );
@@ -198,41 +184,31 @@
/* BEGIN_CASE */
void mbedtls_cmac_multiple_operations_same_key( int cipher_type,
- char *key_string, int keybits,
- int block_size,
- char *block_a1_string, int block_a1_len,
- char *block_a2_string, int block_a2_len,
- char *block_a3_string, int block_a3_len,
- char *expected_result_a_string,
- char *block_b1_string, int block_b1_len,
- char *block_b2_string, int block_b2_len,
- char *block_b3_string, int block_b3_len,
- char *expected_result_b_string )
+ data_t * key, int keybits,
+ int block_size,
+ data_t * block_a1,
+ int block_a1_len,
+ data_t * block_a2,
+ int block_a2_len,
+ data_t * block_a3,
+ int block_a3_len,
+ data_t * expected_result_a,
+ data_t * block_b1,
+ int block_b1_len,
+ data_t * block_b2,
+ int block_b2_len,
+ data_t * block_b3,
+ int block_b3_len,
+ data_t * expected_result_b
+ )
{
- unsigned char key[100];
- unsigned char block_a1[100];
- unsigned char block_a2[100];
- unsigned char block_a3[100];
- unsigned char block_b1[100];
- unsigned char block_b2[100];
- unsigned char block_b3[100];
- unsigned char expected_result_a[100], expected_result_b[100];
const mbedtls_cipher_info_t *cipher_info;
mbedtls_cipher_context_t ctx;
unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
/* Convert the test parameters to binary data */
- unhexify( key, key_string );
- unhexify( block_a1, block_a1_string );
- unhexify( block_a2, block_a2_string );
- unhexify( block_a3, block_a3_string );
- unhexify( block_b1, block_b1_string );
- unhexify( block_b2, block_b2_string );
- unhexify( block_b3, block_b3_string );
- unhexify( expected_result_a, expected_result_a_string );
- unhexify( expected_result_b, expected_result_b_string );
mbedtls_cipher_init( &ctx );
@@ -252,7 +228,7 @@
TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx,
- (const unsigned char*)key,
+ (const unsigned char*)key->x,
keybits ) == 0 );
/* Sequence A */
@@ -261,22 +237,22 @@
* update operation */
if( block_a1_len >= 0 )
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block_a1,
+ (unsigned char*)block_a1->x,
block_a1_len ) == 0);
if( block_a2_len >= 0 )
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block_a2,
+ (unsigned char*)block_a2->x,
block_a2_len ) == 0);
if( block_a3_len >= 0 )
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block_a3,
+ (unsigned char*)block_a3->x,
block_a3_len ) == 0);
TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
- TEST_ASSERT( memcmp( output, expected_result_a, block_size ) == 0 );
+ TEST_ASSERT( memcmp( output, expected_result_a->x, block_size ) == 0 );
TEST_ASSERT( mbedtls_cipher_cmac_reset( &ctx ) == 0 );
@@ -286,22 +262,22 @@
* update operation */
if( block_b1_len >= 0)
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block_b1,
+ (unsigned char*)block_b1->x,
block_b1_len ) == 0);
if( block_b2_len >= 0 )
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block_b2,
+ (unsigned char*)block_b2->x,
block_b2_len ) == 0);
if( block_b3_len >= 0 )
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
- (unsigned char*)block_b3,
+ (unsigned char*)block_b3->x,
block_b3_len ) == 0);
TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
- TEST_ASSERT( memcmp( output, expected_result_b, block_size ) == 0 );
+ TEST_ASSERT( memcmp( output, expected_result_b->x, block_size ) == 0 );
exit:
mbedtls_cipher_free( &ctx );
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index d8ffebe..c8d2aff 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -1,5 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/ctr_drbg.h"
+#include "string.h"
static int test_offset_idx;
static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len )
@@ -17,7 +18,7 @@
*/
/* BEGIN_CASE */
-void ctr_drbg_special_behaviours( )
+void ctr_drbg_special_behaviours( )
{
mbedtls_ctr_drbg_context ctx;
unsigned char output[512];
@@ -50,35 +51,23 @@
/* END_CASE */
/* BEGIN_CASE */
-void ctr_drbg_validate_pr( char *add_init_string, char *entropy_string,
- char *add1_string, char *add2_string,
- char *result_str )
+void ctr_drbg_validate_pr( data_t * add_init, data_t * entropy,
+ data_t * add1, data_t * add2,
+ data_t * result_str )
{
- unsigned char entropy[512];
- unsigned char add_init[512];
- unsigned char add1[512];
- unsigned char add2[512];
mbedtls_ctr_drbg_context ctx;
unsigned char buf[512];
- unsigned char output_str[512];
- int add_init_len, add1_len, add2_len;
mbedtls_ctr_drbg_init( &ctx );
- memset( output_str, 0, 512 );
- unhexify( entropy, entropy_string );
- add_init_len = unhexify( add_init, add_init_string );
- add1_len = unhexify( add1, add1_string );
- add2_len = unhexify( add2, add2_string );
test_offset_idx = 0;
- TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_test_entropy_func, entropy, add_init, add_init_len, 32 ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_test_entropy_func, entropy->x, add_init->x, add_init->len, 32 ) == 0 );
mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
- TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add1, add1_len ) == 0 );
- TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add2, add2_len ) == 0 );
- hexify( output_str, buf, 16 );
- TEST_ASSERT( strcmp( (char *) output_str, result_str ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add1->x, add1->len ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add2->x, add2->len ) == 0 );
+ TEST_ASSERT( hexcmp( buf, result_str->x, 16, result_str->len ) == 0 );
exit:
mbedtls_ctr_drbg_free( &ctx );
@@ -86,37 +75,23 @@
/* END_CASE */
/* BEGIN_CASE */
-void ctr_drbg_validate_nopr( char *add_init_string, char *entropy_string,
- char *add1_string, char *add_reseed_string,
- char *add2_string, char *result_str )
+void ctr_drbg_validate_nopr( data_t * add_init, data_t * entropy,
+ data_t * add1, data_t * add_reseed,
+ data_t * add2, data_t * result_str )
{
- unsigned char entropy[512];
- unsigned char add_init[512];
- unsigned char add1[512];
- unsigned char add_reseed[512];
- unsigned char add2[512];
mbedtls_ctr_drbg_context ctx;
unsigned char buf[512];
- unsigned char output_str[512];
- int add_init_len, add1_len, add_reseed_len, add2_len;
mbedtls_ctr_drbg_init( &ctx );
- memset( output_str, 0, 512 );
- unhexify( entropy, entropy_string );
- add_init_len = unhexify( add_init, add_init_string );
- add1_len = unhexify( add1, add1_string );
- add_reseed_len = unhexify( add_reseed, add_reseed_string );
- add2_len = unhexify( add2, add2_string );
test_offset_idx = 0;
- TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_test_entropy_func, entropy, add_init, add_init_len, 32 ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_test_entropy_func, entropy->x, add_init->x, add_init->len, 32 ) == 0 );
- TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add1, add1_len ) == 0 );
- TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, add_reseed, add_reseed_len ) == 0 );
- TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add2, add2_len ) == 0 );
- hexify( output_str, buf, 16 );
- TEST_ASSERT( strcmp( (char *) output_str, result_str ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add1->x, add1->len ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, add_reseed->x, add_reseed->len ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add2->x, add2->len ) == 0 );
+ TEST_ASSERT( hexcmp( buf, result_str->x, 16, result_str->len ) == 0 );
exit:
mbedtls_ctr_drbg_free( &ctx );
@@ -124,7 +99,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void ctr_drbg_entropy_usage( )
+void ctr_drbg_entropy_usage( )
{
unsigned char out[16];
unsigned char add[16];
@@ -203,7 +178,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void ctr_drbg_seed_file( char *path, int ret )
+void ctr_drbg_seed_file( char * path, int ret )
{
mbedtls_ctr_drbg_context ctx;
@@ -219,7 +194,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void ctr_drbg_selftest( )
+void ctr_drbg_selftest( )
{
TEST_ASSERT( mbedtls_ctr_drbg_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index 98f98b0..377d630 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -1,5 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/debug.h"
+#include "string.h"
struct buffer_data
{
@@ -47,8 +48,8 @@
*/
/* BEGIN_CASE */
-void debug_print_msg_threshold( int threshold, int level, char *file, int line,
- char *result_str )
+void debug_print_msg_threshold( int threshold, int level, char * file,
+ int line, char * result_str )
{
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
@@ -76,8 +77,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_debug_print_ret( char *file, int line, char *text, int value,
- char *result_str )
+void mbedtls_debug_print_ret( char * file, int line, char * text, int value,
+ char * result_str )
{
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
@@ -103,28 +104,24 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_debug_print_buf( char *file, int line, char *text,
- char *data_string, char *result_str )
+void mbedtls_debug_print_buf( char * file, int line, char * text,
+ data_t * data, char * result_str )
{
- unsigned char data[10000];
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
struct buffer_data buffer;
- size_t data_len;
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
- memset( &data, 0, sizeof( data ) );
memset( buffer.buf, 0, 2000 );
buffer.ptr = buffer.buf;
- data_len = unhexify( data, data_string );
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
- mbedtls_debug_print_buf( &ssl, 0, file, line, text, data, data_len );
+ mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len );
TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
@@ -135,8 +132,8 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_debug_print_crt( char *crt_file, char *file, int line,
- char *prefix, char *result_str )
+void mbedtls_debug_print_crt( char * crt_file, char * file, int line,
+ char * prefix, char * result_str )
{
mbedtls_x509_crt crt;
mbedtls_ssl_context ssl;
@@ -166,8 +163,8 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */
-void mbedtls_debug_print_mpi( int radix, char *value, char *file, int line,
- char *prefix, char *result_str )
+void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line,
+ char * prefix, char * result_str )
{
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
diff --git a/tests/suites/test_suite_des.function b/tests/suites/test_suite_des.function
index 2e73a77..b5acb7b 100644
--- a/tests/suites/test_suite_des.function
+++ b/tests/suites/test_suite_des.function
@@ -8,42 +8,27 @@
*/
/* BEGIN_CASE */
-void des_check_weak( char *key_hex, int ret )
+void des_check_weak( data_t * key, int ret )
{
- unsigned char key[MBEDTLS_DES_KEY_SIZE];
-
- memset( key, 0, sizeof key );
-
- unhexify( key, key_hex );
-
- TEST_ASSERT( mbedtls_des_key_check_weak( key ) == ret );
+ TEST_ASSERT( mbedtls_des_key_check_weak( key->x ) == ret );
}
/* END_CASE */
/* BEGIN_CASE */
-void des_encrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string )
+void des_encrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_des_context ctx;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_des_init( &ctx );
- unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- mbedtls_des_setkey_enc( &ctx, key_str );
- TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str, output ) == 0 );
- hexify( dst_str, output, 8 );
+ mbedtls_des_setkey_enc( &ctx, key_str->x );
+ TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str->x, output ) == 0 );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 8, hex_dst_string->len ) == 0 );
exit:
mbedtls_des_free( &ctx );
@@ -51,29 +36,20 @@
/* END_CASE */
/* BEGIN_CASE */
-void des_decrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string )
+void des_decrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_des_context ctx;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_des_init( &ctx );
- unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- mbedtls_des_setkey_dec( &ctx, key_str );
- TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str, output ) == 0 );
- hexify( dst_str, output, 8 );
+ mbedtls_des_setkey_dec( &ctx, key_str->x );
+ TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str->x, output ) == 0 );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 8, hex_dst_string->len ) == 0 );
exit:
mbedtls_des_free( &ctx );
@@ -81,35 +57,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void des_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string, int cbc_result )
+void des_encrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string,
+ int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_des_context ctx;
- int src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_des_init( &ctx );
- unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
- mbedtls_des_setkey_enc( &ctx, key_str );
- TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_len, iv_str, src_str, output ) == cbc_result );
+ mbedtls_des_setkey_enc( &ctx, key_str->x );
+ TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0 )
{
- hexify( dst_str, output, src_len );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -118,35 +82,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void des_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string, int cbc_result )
+void des_decrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string,
+ int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_des_context ctx;
- int src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_des_init( &ctx );
- unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
- mbedtls_des_setkey_dec( &ctx, key_str );
- TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_len, iv_str, src_str, output ) == cbc_result );
+ mbedtls_des_setkey_dec( &ctx, key_str->x );
+ TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0 )
{
- hexify( dst_str, output, src_len );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -155,35 +107,26 @@
/* END_CASE */
/* BEGIN_CASE */
-void des3_encrypt_ecb( int key_count, char *hex_key_string,
- char *hex_src_string, char *hex_dst_string )
+void des3_encrypt_ecb( int key_count, data_t * key_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_des3_context ctx;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_des3_init( &ctx );
- unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
if( key_count == 2 )
- mbedtls_des3_set2key_enc( &ctx, key_str );
+ mbedtls_des3_set2key_enc( &ctx, key_str->x );
else if( key_count == 3 )
- mbedtls_des3_set3key_enc( &ctx, key_str );
+ mbedtls_des3_set3key_enc( &ctx, key_str->x );
else
TEST_ASSERT( 0 );
- TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str, output ) == 0 );
- hexify( dst_str, output, 8 );
+ TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str->x, output ) == 0 );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 8, hex_dst_string->len ) == 0 );
exit:
mbedtls_des3_free( &ctx );
@@ -191,35 +134,26 @@
/* END_CASE */
/* BEGIN_CASE */
-void des3_decrypt_ecb( int key_count, char *hex_key_string,
- char *hex_src_string, char *hex_dst_string )
+void des3_decrypt_ecb( int key_count, data_t * key_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_des3_context ctx;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_des3_init( &ctx );
- unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
if( key_count == 2 )
- mbedtls_des3_set2key_dec( &ctx, key_str );
+ mbedtls_des3_set2key_dec( &ctx, key_str->x );
else if( key_count == 3 )
- mbedtls_des3_set3key_dec( &ctx, key_str );
+ mbedtls_des3_set3key_dec( &ctx, key_str->x );
else
TEST_ASSERT( 0 );
- TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str, output ) == 0 );
- hexify( dst_str, output, 8 );
+ TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str->x, output ) == 0 );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 8, hex_dst_string->len ) == 0 );
exit:
mbedtls_des3_free( &ctx );
@@ -227,43 +161,30 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void des3_encrypt_cbc( int key_count, char *hex_key_string,
- char *hex_iv_string, char *hex_src_string,
- char *hex_dst_string, int cbc_result )
+void des3_encrypt_cbc( int key_count, data_t * key_str,
+ data_t * iv_str, data_t * src_str,
+ data_t * hex_dst_string, int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_des3_context ctx;
- int src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_des3_init( &ctx );
- unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
if( key_count == 2 )
- mbedtls_des3_set2key_enc( &ctx, key_str );
+ mbedtls_des3_set2key_enc( &ctx, key_str->x );
else if( key_count == 3 )
- mbedtls_des3_set3key_enc( &ctx, key_str );
+ mbedtls_des3_set3key_enc( &ctx, key_str->x );
else
TEST_ASSERT( 0 );
- TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_len, iv_str, src_str, output ) == cbc_result );
+ TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0 )
{
- hexify( dst_str, output, src_len );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -272,43 +193,30 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void des3_decrypt_cbc( int key_count, char *hex_key_string,
- char *hex_iv_string, char *hex_src_string,
- char *hex_dst_string, int cbc_result )
+void des3_decrypt_cbc( int key_count, data_t * key_str,
+ data_t * iv_str, data_t * src_str,
+ data_t * hex_dst_string, int cbc_result )
{
- unsigned char key_str[100];
- unsigned char iv_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_des3_context ctx;
- int src_len;
- memset(key_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
mbedtls_des3_init( &ctx );
- unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- src_len = unhexify( src_str, hex_src_string );
if( key_count == 2 )
- mbedtls_des3_set2key_dec( &ctx, key_str );
+ mbedtls_des3_set2key_dec( &ctx, key_str->x );
else if( key_count == 3 )
- mbedtls_des3_set3key_dec( &ctx, key_str );
+ mbedtls_des3_set3key_dec( &ctx, key_str->x );
else
TEST_ASSERT( 0 );
- TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_len, iv_str, src_str, output ) == cbc_result );
+ TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0 )
{
- hexify( dst_str, output, src_len );
- TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
@@ -317,7 +225,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void des_key_parity_run()
+void des_key_parity_run( )
{
int i, j, cnt;
unsigned char key[MBEDTLS_DES_KEY_SIZE];
@@ -360,7 +268,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void des_selftest()
+void des_selftest( )
{
TEST_ASSERT( mbedtls_des_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data
index e351ebd..734fd97 100644
--- a/tests/suites/test_suite_dhm.data
+++ b/tests/suites/test_suite_dhm.data
@@ -19,10 +19,10 @@
Diffie-Hellman zero modulus
dhm_do_dhm:10:"0":10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
-Diffie-Hallman load parameters from file
+Diffie-Hellman load parameters from file
dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128
-Diffie-Hallman load parameters from file
+Diffie-Hellman load parameters from file
dhm_file:"data_files/dh.optlen.pem":"b3126aeaf47153c7d67f403030b292b5bd5a6c9eae1c137af34087fce2a36a578d70c5c560ad2bdb924c4a4dbee20a1671be7103ce87defa76908936803dbeca60c33e1289c1a03ac2c6c4e49405e5902fa0596a1cbaa895cc402d5213ed4a5f1f5ba8b5e1ed3da951a4c475afeb0ca660b7368c38c8e809f382d96ae19e60dc984e61cb42b5dfd723322acf327f9e413cda6400c15c5b2ea1fa34405d83982fba40e6d852da3d91019bf23511314254dc211a90833e5b1798ee52a78198c555644729ad92f060367c74ded37704adfc273a4a33fec821bd2ebd3bc051730e97a4dd14d2b766062592f5eec09d16bb50efebf2cc00dd3e0e3418e60ec84870f7":"800abfe7dc667aa17bcd7c04614bc221a65482ccc04b604602b0e131908a938ea11b48dc515dab7abcbb1e0c7fd66511edc0d86551b7632496e03df94357e1c4ea07a7ce1e381a2fcafdff5f5bf00df828806020e875c00926e4d011f88477a1b01927d73813cad4847c6396b9244621be2b00b63c659253318413443cd244215cd7fd4cbe796e82c6cf70f89cc0c528fb8e344809b31876e7ef739d5160d095c9684188b0c8755c7a468d47f56d6db9ea012924ecb0556fb71312a8d7c93bb2898ea08ee54eeb594548285f06a973cbbe2a0cb02e90f323fe045521f34c68354a6d3e95dbfff1eb64692edc0a44f3d3e408d0e479a541e779a6054259e2d854":256
Diffie-Hellman selftest
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 4fd8fff..9a4c99c 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -100,7 +100,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void dhm_file( char *filename, char *p, char *g, int len )
+void dhm_file( char * filename, char * p, char * g, int len )
{
mbedtls_dhm_context ctx;
mbedtls_mpi P, G;
@@ -124,7 +124,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void dhm_selftest()
+void dhm_selftest( )
{
TEST_ASSERT( mbedtls_dhm_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_ecdh.data b/tests/suites/test_suite_ecdh.data
index f7119de..0165a7e 100644
--- a/tests/suites/test_suite_ecdh.data
+++ b/tests/suites/test_suite_ecdh.data
@@ -37,3 +37,35 @@
ECDH exchange #2
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
ecdh_exchange:MBEDTLS_ECP_DP_SECP521R1
+
+ECDH restartable rfc 5903 p256 restart enabled max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":1:0:0:0
+
+ECDH restartable rfc 5903 p256 restart enabled max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":1:1:1:10000
+
+ECDH restartable rfc 5903 p256 restart enabled max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":1:10000:0:0
+
+ECDH restartable rfc 5903 p256 restart enabled max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":1:250:2:32
+
+ECDH restartable rfc 5903 p256 restart disabled max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":0:0:0:0
+
+ECDH restartable rfc 5903 p256 restart disabled max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":0:1:0:0
+
+ECDH restartable rfc 5903 p256 restart disabled max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":0:10000:0:0
+
+ECDH restartable rfc 5903 p256 restart disabled max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":0:250:0:0
diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function
index 4c6a97b..9652308 100644
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@@ -43,15 +43,13 @@
/* END_CASE */
/* BEGIN_CASE */
-void ecdh_primitive_testvec( int id, char *dA_str, char *xA_str, char *yA_str,
- char *dB_str, char *xB_str, char *yB_str,
- char *z_str )
+void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str,
+ char * yA_str, data_t * rnd_buf_B,
+ char * xB_str, char * yB_str, char * z_str )
{
mbedtls_ecp_group grp;
mbedtls_ecp_point qA, qB;
mbedtls_mpi dA, dB, zA, zB, check;
- unsigned char rnd_buf_A[MBEDTLS_ECP_MAX_BYTES];
- unsigned char rnd_buf_B[MBEDTLS_ECP_MAX_BYTES];
rnd_buf_info rnd_info_A, rnd_info_B;
mbedtls_ecp_group_init( &grp );
@@ -61,36 +59,36 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- rnd_info_A.buf = rnd_buf_A;
- rnd_info_A.length = unhexify( rnd_buf_A, dA_str );
+ rnd_info_A.buf = rnd_buf_A->x;
+ rnd_info_A.length = rnd_buf_A->len;
- /* Fix rnd_buf_A by shifting it left if necessary */
+ /* Fix rnd_buf_A->x by shifting it left if necessary */
if( grp.nbits % 8 != 0 )
{
unsigned char shift = 8 - ( grp.nbits % 8 );
size_t i;
for( i = 0; i < rnd_info_A.length - 1; i++ )
- rnd_buf_A[i] = rnd_buf_A[i] << shift
- | rnd_buf_A[i+1] >> ( 8 - shift );
+ rnd_buf_A->x[i] = rnd_buf_A->x[i] << shift
+ | rnd_buf_A->x[i+1] >> ( 8 - shift );
- rnd_buf_A[rnd_info_A.length-1] <<= shift;
+ rnd_buf_A->x[rnd_info_A.length-1] <<= shift;
}
- rnd_info_B.buf = rnd_buf_B;
- rnd_info_B.length = unhexify( rnd_buf_B, dB_str );
+ rnd_info_B.buf = rnd_buf_B->x;
+ rnd_info_B.length = rnd_buf_B->len;
- /* Fix rnd_buf_B by shifting it left if necessary */
+ /* Fix rnd_buf_B->x by shifting it left if necessary */
if( grp.nbits % 8 != 0 )
{
unsigned char shift = 8 - ( grp.nbits % 8 );
size_t i;
for( i = 0; i < rnd_info_B.length - 1; i++ )
- rnd_buf_B[i] = rnd_buf_B[i] << shift
- | rnd_buf_B[i+1] >> ( 8 - shift );
+ rnd_buf_B->x[i] = rnd_buf_B->x[i] << shift
+ | rnd_buf_B->x[i+1] >> ( 8 - shift );
- rnd_buf_B[rnd_info_B.length-1] <<= shift;
+ rnd_buf_B->x[rnd_info_B.length-1] <<= shift;
}
TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dA, &qA,
@@ -158,3 +156,120 @@
mbedtls_ecdh_free( &cli );
}
/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
+void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
+ int enable, int max_ops, int min_restart, int max_restart )
+{
+ int ret;
+ mbedtls_ecdh_context srv, cli;
+ unsigned char buf[1000];
+ const unsigned char *vbuf;
+ size_t len;
+ unsigned char z[MBEDTLS_ECP_MAX_BYTES];
+ size_t z_len;
+ unsigned char rnd_buf_A[MBEDTLS_ECP_MAX_BYTES];
+ unsigned char rnd_buf_B[MBEDTLS_ECP_MAX_BYTES];
+ rnd_buf_info rnd_info_A, rnd_info_B;
+ int cnt_restart;
+
+ mbedtls_ecdh_init( &srv );
+ mbedtls_ecdh_init( &cli );
+
+ z_len = unhexify( z, z_str );
+
+ rnd_info_A.buf = rnd_buf_A;
+ rnd_info_A.length = unhexify( rnd_buf_A, dA_str );
+
+ rnd_info_B.buf = rnd_buf_B;
+ rnd_info_B.length = unhexify( rnd_buf_B, dB_str );
+
+ TEST_ASSERT( mbedtls_ecp_group_load( &srv.grp, id ) == 0 );
+
+ /* otherwise we would have to fix the random buffer,
+ * as in ecdh_primitive_test_vec */
+ TEST_ASSERT( srv.grp.nbits % 8 == 0 );
+
+ /* set up restart parameters */
+ mbedtls_ecp_set_max_ops( max_ops );
+
+ if( enable)
+ {
+ mbedtls_ecdh_enable_restart( &srv );
+ mbedtls_ecdh_enable_restart( &cli );
+ }
+
+ /* server writes its paramaters */
+ memset( buf, 0x00, sizeof( buf ) );
+ len = 0;
+
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_ecdh_make_params( &srv, &len, buf, sizeof( buf ),
+ rnd_buffer_rand, &rnd_info_A );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ /* client read server params */
+ vbuf = buf;
+ TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 );
+
+ /* client writes its key share */
+ memset( buf, 0x00, sizeof( buf ) );
+ len = 0;
+
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_ecdh_make_public( &cli, &len, buf, sizeof( buf ),
+ rnd_buffer_rand, &rnd_info_B );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ /* server reads client key share */
+ TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 );
+
+ /* server computes shared secret */
+ memset( buf, 0, sizeof( buf ) );
+ len = 0;
+
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_ecdh_calc_secret( &srv, &len, buf, sizeof( buf ),
+ NULL, NULL );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ TEST_ASSERT( len == z_len );
+ TEST_ASSERT( memcmp( buf, z, len ) == 0 );
+
+ /* client computes shared secret */
+ memset( buf, 0, sizeof( buf ) );
+ len = 0;
+
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_ecdh_calc_secret( &cli, &len, buf, sizeof( buf ),
+ NULL, NULL );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ TEST_ASSERT( len == z_len );
+ TEST_ASSERT( memcmp( buf, z, len ) == 0 );
+
+exit:
+ mbedtls_ecdh_free( &srv );
+ mbedtls_ecdh_free( &cli );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data
index 19c51d3..7e6ec6c 100644
--- a/tests/suites/test_suite_ecdsa.data
+++ b/tests/suites/test_suite_ecdsa.data
@@ -50,7 +50,7 @@
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
ecdsa_write_read_random:MBEDTLS_ECP_DP_SECP521R1
-ECDSA deterministic test vector rfc 6979 p192 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p192 sha1
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"sample":"98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF":"57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64"
@@ -58,7 +58,7 @@
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"sample":"A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5":"E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A"
-ECDSA deterministic test vector rfc 6979 p192 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p192 sha256
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"sample":"4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55":"CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85"
@@ -66,11 +66,11 @@
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"sample":"DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5":"C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E"
-ECDSA deterministic test vector rfc 6979 p192 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p192 sha512
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"sample":"4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8":"3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67"
-ECDSA deterministic test vector rfc 6979 p192 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p192 sha1
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"test":"0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D":"EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7"
@@ -78,7 +78,7 @@
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"test":"6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34":"B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293"
-ECDSA deterministic test vector rfc 6979 p192 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p192 sha256
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"test":"3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE":"5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F"
@@ -86,11 +86,11 @@
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"test":"B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367":"7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A"
-ECDSA deterministic test vector rfc 6979 p192 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p192 sha512
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"test":"FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739":"74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290"
-ECDSA deterministic test vector rfc 6979 p224 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p224 sha1
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"sample":"22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC":"66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69"
@@ -98,7 +98,7 @@
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"sample":"1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E":"A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC"
-ECDSA deterministic test vector rfc 6979 p224 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p224 sha256
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"sample":"61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA":"BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101"
@@ -106,11 +106,11 @@
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"sample":"0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953":"830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D"
-ECDSA deterministic test vector rfc 6979 p224 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p224 sha512
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"sample":"074BD1D979D5F32BF958DDC61E4FB4872ADCAFEB2256497CDAC30397":"A4CECA196C3D5A1FF31027B33185DC8EE43F288B21AB342E5D8EB084"
-ECDSA deterministic test vector rfc 6979 p224 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p224 sha1
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"test":"DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C":"95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2"
@@ -118,7 +118,7 @@
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"test":"C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019":"902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4"
-ECDSA deterministic test vector rfc 6979 p224 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p224 sha256
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"test":"AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6":"178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD"
@@ -126,11 +126,11 @@
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"test":"389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4":"414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB"
-ECDSA deterministic test vector rfc 6979 p224 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p224 sha512
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"test":"049F050477C5ADD858CAC56208394B5A55BAEBBE887FDF765047C17C":"077EB13E7005929CEFA3CD0403C7CDCC077ADF4E44F3C41B2F60ECFF"
-ECDSA deterministic test vector rfc 6979 p256 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p256 sha1
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"sample":"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32":"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
@@ -138,7 +138,7 @@
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"sample":"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F":"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
-ECDSA deterministic test vector rfc 6979 p256 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p256 sha256
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"sample":"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716":"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8"
@@ -146,11 +146,11 @@
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"sample":"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719":"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954"
-ECDSA deterministic test vector rfc 6979 p256 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p256 sha512
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"sample":"8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00":"2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE"
-ECDSA deterministic test vector rfc 6979 p256 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p256 sha1
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"test":"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89":"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
@@ -158,7 +158,7 @@
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"test":"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692":"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
-ECDSA deterministic test vector rfc 6979 p256 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p256 sha256
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"test":"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367":"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083"
@@ -166,11 +166,11 @@
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"test":"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6":"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C"
-ECDSA deterministic test vector rfc 6979 p256 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p256 sha512
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"test":"461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04":"39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55"
-ECDSA deterministic test vector rfc 6979 p384 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p384 sha1
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"sample":"EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2":"A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
@@ -178,7 +178,7 @@
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"sample":"42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE060122":"9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
-ECDSA deterministic test vector rfc 6979 p384 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p384 sha256
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"sample":"21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD":"F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0"
@@ -186,11 +186,11 @@
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"sample":"94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE46":"99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8"
-ECDSA deterministic test vector rfc 6979 p384 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p384 sha512
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"sample":"ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709":"512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5"
-ECDSA deterministic test vector rfc 6979 p384 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p384 sha1
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"test":"4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7":"D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
@@ -198,7 +198,7 @@
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"test":"E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72":"07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
-ECDSA deterministic test vector rfc 6979 p384 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p384 sha256
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"test":"6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B":"2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265"
@@ -206,11 +206,11 @@
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"test":"8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB":"DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5"
-ECDSA deterministic test vector rfc 6979 p384 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p384 sha512
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"test":"A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277":"976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736"
-ECDSA deterministic test vector rfc 6979 p521 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p521 sha1
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"sample":"0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D":"0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
@@ -218,7 +218,7 @@
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"sample":"1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E":"050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
-ECDSA deterministic test vector rfc 6979 p521 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p521 sha256
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"sample":"1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7":"04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC"
@@ -226,11 +226,11 @@
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"sample":"1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451":"1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61"
-ECDSA deterministic test vector rfc 6979 p521 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p521 sha512
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"sample":"0C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA":"0617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A"
-ECDSA deterministic test vector rfc 6979 p521 mbedtls_sha1
+ECDSA deterministic test vector rfc 6979 p521 sha1
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"test":"13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367":"1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
@@ -238,7 +238,7 @@
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"test":"1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB":"177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
-ECDSA deterministic test vector rfc 6979 p521 mbedtls_sha256
+ECDSA deterministic test vector rfc 6979 p521 sha256
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"test":"00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8":"0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86"
@@ -246,10 +246,42 @@
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"test":"14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C":"133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979"
-ECDSA deterministic test vector rfc 6979 p521 mbedtls_sha512
+ECDSA deterministic test vector rfc 6979 p521 sha512
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"test":"13E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D":"1FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
+ECDSA restartable read-verify: max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_read_restart:MBEDTLS_ECP_DP_SECP256R1:"04e8f573412a810c5f81ecd2d251bb94387e72f28af70dced90ebe75725c97a6428231069c2b1ef78509a22c59044319f6ed3cb750dfe64c2a282b35967a458ad6":"dee9d4d8b0e40a034602d6e638197998060f6e9f353ae1d10c94cd56476d3c92":"304502210098a5a1392abe29e4b0a4da3fefe9af0f8c32e5b839ab52ba6a05da9c3b7edd0f0220596f0e195ae1e58c1e53e9e7f0f030b274348a8c11232101778d89c4943f5ad2":0:0:0
+
+ECDSA restartable read-verify: max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_read_restart:MBEDTLS_ECP_DP_SECP256R1:"04e8f573412a810c5f81ecd2d251bb94387e72f28af70dced90ebe75725c97a6428231069c2b1ef78509a22c59044319f6ed3cb750dfe64c2a282b35967a458ad6":"dee9d4d8b0e40a034602d6e638197998060f6e9f353ae1d10c94cd56476d3c92":"304502210098a5a1392abe29e4b0a4da3fefe9af0f8c32e5b839ab52ba6a05da9c3b7edd0f0220596f0e195ae1e58c1e53e9e7f0f030b274348a8c11232101778d89c4943f5ad2":1:42:10000
+
+ECDSA restartable read-verify: max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_read_restart:MBEDTLS_ECP_DP_SECP256R1:"04e8f573412a810c5f81ecd2d251bb94387e72f28af70dced90ebe75725c97a6428231069c2b1ef78509a22c59044319f6ed3cb750dfe64c2a282b35967a458ad6":"dee9d4d8b0e40a034602d6e638197998060f6e9f353ae1d10c94cd56476d3c92":"304502210098a5a1392abe29e4b0a4da3fefe9af0f8c32e5b839ab52ba6a05da9c3b7edd0f0220596f0e195ae1e58c1e53e9e7f0f030b274348a8c11232101778d89c4943f5ad2":10000:0:0
+
+ECDSA restartable read-verify: max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_read_restart:MBEDTLS_ECP_DP_SECP256R1:"04e8f573412a810c5f81ecd2d251bb94387e72f28af70dced90ebe75725c97a6428231069c2b1ef78509a22c59044319f6ed3cb750dfe64c2a282b35967a458ad6":"dee9d4d8b0e40a034602d6e638197998060f6e9f353ae1d10c94cd56476d3c92":"304502210098a5a1392abe29e4b0a4da3fefe9af0f8c32e5b839ab52ba6a05da9c3b7edd0f0220596f0e195ae1e58c1e53e9e7f0f030b274348a8c11232101778d89c4943f5ad2":250:4:64
+
+ECDSA restartable sign-write: secp256r1 max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
+
+ECDSA restartable sign-write: secp256r1 restart max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
+
+ECDSA restartable sign-write: secp256r1 restart max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
+
+ECDSA restartable sign-write: secp256r1 restart max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:32
+
ECDSA zero private parameter p192
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
ecdsa_prim_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"0":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945":"9E56F509196784D963D1C0A401510EE7ADA3DCC5DEE04B15":"BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9C":"98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF":"57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64":MBEDTLS_ERR_ECP_INVALID_KEY
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index b730953..79421c4 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -40,46 +40,42 @@
/* END_CASE */
/* BEGIN_CASE */
-void ecdsa_prim_test_vectors( int id, char *d_str, char *xQ_str, char *yQ_str,
- char *k_str, char *hash_str, char *r_str,
- char *s_str, int result )
+void ecdsa_prim_test_vectors( int id, char * d_str, char * xQ_str,
+ char * yQ_str, data_t * rnd_buf,
+ data_t * hash, char * r_str, char * s_str,
+ int result )
{
mbedtls_ecp_group grp;
mbedtls_ecp_point Q;
mbedtls_mpi d, r, s, r_check, s_check;
- unsigned char hash[66], rnd_buf[66];
- size_t hlen;
rnd_buf_info rnd_info;
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &Q );
mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s );
mbedtls_mpi_init( &r_check ); mbedtls_mpi_init( &s_check );
- memset( hash, 0, sizeof( hash ) );
- memset( rnd_buf, 0, sizeof( rnd_buf ) );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
- hlen = unhexify(hash, hash_str);
- rnd_info.buf = rnd_buf;
- rnd_info.length = unhexify( rnd_buf, k_str );
+ rnd_info.buf = rnd_buf->x;
+ rnd_info.length = rnd_buf->len;
- /* Fix rnd_buf by shifting it left if necessary */
+ /* Fix rnd_buf->x by shifting it left if necessary */
if( grp.nbits % 8 != 0 )
{
unsigned char shift = 8 - ( grp.nbits % 8 );
size_t i;
for( i = 0; i < rnd_info.length - 1; i++ )
- rnd_buf[i] = rnd_buf[i] << shift | rnd_buf[i+1] >> ( 8 - shift );
+ rnd_buf->x[i] = rnd_buf->x[i] << shift | rnd_buf->x[i+1] >> ( 8 - shift );
- rnd_buf[rnd_info.length-1] <<= shift;
+ rnd_buf->x[rnd_info.length-1] <<= shift;
}
- TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, hash, hlen,
+ TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, hash->x, hash->len,
rnd_buffer_rand, &rnd_info ) == result );
if ( result == 0)
@@ -87,7 +83,17 @@
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &r, &r_check ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &s, &s_check ) == 0 );
- TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash, hlen, &Q, &r_check, &s_check ) == 0 );
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, &r_check, &s_check ) == 0 );
+
+ TEST_ASSERT( mbedtls_mpi_sub_int( &r, &r, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_add_int( &s, &s, 1 ) == 0 );
+
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len,
+ &Q, &r, &s_check ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len,
+ &Q, &r_check, &s ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len,
+ &grp.G, &r_check, &s_check ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
}
exit:
@@ -99,8 +105,8 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_DETERMINISTIC */
-void ecdsa_det_test_vectors( int id, char *d_str, int md_alg,
- char *msg, char *r_str, char *s_str )
+void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg,
+ char * r_str, char * s_str )
{
mbedtls_ecp_group grp;
mbedtls_mpi d, r, s, r_check, s_check;
@@ -181,13 +187,13 @@
/* try modifying r */
sig[10]++;
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len ) != 0 );
+ sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
sig[10]--;
/* try modifying s */
sig[sig_len - 1]++;
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len ) != 0 );
+ sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
sig[sig_len - 1]--;
exit:
@@ -195,3 +201,130 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
+void ecdsa_read_restart( int id, char *k_str, char *h_str, char *s_str,
+ int max_ops, int min_restart, int max_restart )
+{
+ mbedtls_ecdsa_context ctx;
+ mbedtls_ecdsa_restart_ctx rs_ctx;
+ unsigned char hash[64];
+ unsigned char sig[200];
+ unsigned char pk[65];
+ size_t sig_len, hash_len, pk_len;
+ int ret, cnt_restart;
+
+ mbedtls_ecdsa_init( &ctx );
+ mbedtls_ecdsa_restart_init( &rs_ctx );
+
+ hash_len = unhexify(hash, h_str);
+ sig_len = unhexify(sig, s_str);
+ pk_len = unhexify(pk, k_str);
+
+ TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q, pk, pk_len ) == 0 );
+
+ mbedtls_ecp_set_max_ops( max_ops );
+
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
+ hash, hash_len, sig, sig_len, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ /* try modifying r */
+ sig[10]++;
+ do {
+ ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
+ hash, hash_len, sig, sig_len, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ sig[10]--;
+
+ /* try modifying s */
+ sig[sig_len - 1]++;
+ do {
+ ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
+ hash, hash_len, sig, sig_len, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ sig[sig_len - 1]--;
+
+ /* Do we leak memory when aborting an operation?
+ * This test only makes sense when we actually restart */
+ if( min_restart > 0 )
+ {
+ ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
+ hash, hash_len, sig, sig_len, &rs_ctx );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ }
+
+exit:
+ mbedtls_ecdsa_free( &ctx );
+ mbedtls_ecdsa_restart_free( &rs_ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_DETERMINISTIC */
+void ecdsa_write_restart( int id, char *d_str, int md_alg,
+ char *msg, char *sig_str,
+ int max_ops, int min_restart, int max_restart )
+{
+ int ret, cnt_restart;
+ mbedtls_ecdsa_restart_ctx rs_ctx;
+ mbedtls_ecdsa_context ctx;
+ unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+ unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
+ unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
+ size_t hlen, slen, slen_check;
+ const mbedtls_md_info_t *md_info;
+
+ mbedtls_ecdsa_restart_init( &rs_ctx );
+ mbedtls_ecdsa_init( &ctx );
+ memset( hash, 0, sizeof( hash ) );
+ memset( sig, 0, sizeof( sig ) );
+ memset( sig_check, 0, sizeof( sig_check ) );
+
+ TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &ctx.d, 16, d_str ) == 0 );
+ slen_check = unhexify( sig_check, sig_str );
+
+ md_info = mbedtls_md_info_from_type( md_alg );
+ TEST_ASSERT( md_info != NULL );
+
+ hlen = mbedtls_md_get_size( md_info );
+ mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
+
+ mbedtls_ecp_set_max_ops( max_ops );
+
+ slen = sizeof( sig );
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_ecdsa_write_signature_restartable( &ctx,
+ md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( slen == slen_check );
+ TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
+
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ /* Do we leak memory when aborting an operation?
+ * This test only makes sense when we actually restart */
+ if( min_restart > 0 )
+ {
+ ret = mbedtls_ecdsa_write_signature_restartable( &ctx,
+ md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ }
+
+exit:
+ mbedtls_ecdsa_restart_free( &rs_ctx );
+ mbedtls_ecdsa_free( &ctx );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function
index 5c8856b..9e4f7a3 100644
--- a/tests/suites/test_suite_ecjpake.function
+++ b/tests/suites/test_suite_ecjpake.function
@@ -99,55 +99,40 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void ecjpake_selftest()
+void ecjpake_selftest( )
{
TEST_ASSERT( mbedtls_ecjpake_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void read_round_one( int role, char *data, int ref_ret )
+void read_round_one( int role, data_t * msg, int ref_ret )
{
mbedtls_ecjpake_context ctx;
-
const unsigned char * pw = NULL;
const size_t pw_len = 0;
- unsigned char *msg;
- size_t len;
-
mbedtls_ecjpake_init( &ctx );
- msg = unhexify_alloc( data, &len );
- TEST_ASSERT( msg != NULL );
-
TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, role,
MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 );
- TEST_ASSERT( mbedtls_ecjpake_read_round_one( &ctx, msg, len ) == ref_ret );
+ TEST_ASSERT( mbedtls_ecjpake_read_round_one( &ctx, msg->x, msg->len ) == ref_ret );
exit:
mbedtls_ecjpake_free( &ctx );
- mbedtls_free( msg );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void read_round_two_cli( char *data, int ref_ret )
+void read_round_two_cli( data_t * msg, int ref_ret )
{
mbedtls_ecjpake_context ctx;
-
const unsigned char * pw = NULL;
const size_t pw_len = 0;
- unsigned char *msg;
- size_t len;
-
mbedtls_ecjpake_init( &ctx );
- msg = unhexify_alloc( data, &len );
- TEST_ASSERT( msg != NULL );
-
TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_ECJPAKE_CLIENT,
MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 );
@@ -157,30 +142,22 @@
ADD_SIZE( ecjpake_test_X3 ), ADD_SIZE( ecjpake_test_X4 ) )
== 0 );
- TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg, len ) == ref_ret );
+ TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg->x, msg->len ) == ref_ret );
exit:
mbedtls_ecjpake_free( &ctx );
- mbedtls_free( msg );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void read_round_two_srv( char *data, int ref_ret )
+void read_round_two_srv( data_t * msg, int ref_ret )
{
mbedtls_ecjpake_context ctx;
-
const unsigned char * pw = NULL;
const size_t pw_len = 0;
- unsigned char *msg;
- size_t len;
-
mbedtls_ecjpake_init( &ctx );
- msg = unhexify_alloc( data, &len );
- TEST_ASSERT( msg != NULL );
-
TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_ECJPAKE_SERVER,
MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 );
@@ -190,10 +167,9 @@
ADD_SIZE( ecjpake_test_X1 ), ADD_SIZE( ecjpake_test_X2 ) )
== 0 );
- TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg, len ) == ref_ret );
+ TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg->x, msg->len ) == ref_ret );
exit:
mbedtls_ecjpake_free( &ctx );
- mbedtls_free( msg );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index 8e9d9fa..321a1b4 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -135,21 +135,21 @@
ecp_tls_write_read_point:MBEDTLS_ECP_DP_SECP521R1
ECP tls read group #1 (record too short)
-mbedtls_ecp_tls_read_group:"0313":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0
+mbedtls_ecp_tls_read_group:"0313":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0:0
ECP tls read group #2 (bad curve_type)
-mbedtls_ecp_tls_read_group:"010013":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0
+mbedtls_ecp_tls_read_group:"010013":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0:0
ECP tls read group #3 (unknown curve)
-mbedtls_ecp_tls_read_group:"030010":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
+mbedtls_ecp_tls_read_group:"030010":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0:0
ECP tls read group #4 (OK, buffer just fits)
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_ecp_tls_read_group:"030017":0:256
+mbedtls_ecp_tls_read_group:"030017":0:256:3
ECP tls read group #5 (OK, buffer continues)
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-mbedtls_ecp_tls_read_group:"0300180000":0:384
+mbedtls_ecp_tls_read_group:"0300180000":0:384:3
ECP tls write-read group #1
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
@@ -348,3 +348,35 @@
ECP selftest
ecp_selftest:
+
+ECP restartable mul secp256r1 max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":0:0:0
+
+ECP restartable mul secp256r1 max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":1:1:5000
+
+ECP restartable mul secp256r1 max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":10000:0:0
+
+ECP restartable mul secp256r1 max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":250:2:32
+
+ECP restartable muladd secp256r1 max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":0:0:0
+
+ECP restartable muladd secp256r1 max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":1:1:10000
+
+ECP restartable muladd secp256r1 max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":10000:0:0
+
+ECP restartable muladd secp256r1 max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 99780c0..65c487e 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -2,6 +2,10 @@
#include "mbedtls/ecp.h"
#define ECP_PF_UNKNOWN -1
+
+#define ECP_PT_RESET( x ) \
+ mbedtls_ecp_point_free( x ); \
+ mbedtls_ecp_point_init( x );
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -10,7 +14,7 @@
*/
/* BEGIN_CASE */
-void mbedtls_ecp_curve_info( int id, int tls_id, int size, char *name )
+void mbedtls_ecp_curve_info( int id, int tls_id, int size, char * name )
{
const mbedtls_ecp_curve_info *by_id, *by_tls, *by_name;
@@ -29,7 +33,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void ecp_check_pub( int grp_id, char *x_hex, char *y_hex, char *z_hex, int ret )
+void ecp_check_pub( int grp_id, char * x_hex, char * y_hex, char * z_hex,
+ int ret )
{
mbedtls_ecp_group grp;
mbedtls_ecp_point P;
@@ -51,10 +56,177 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
+void ecp_test_vect_restart( int id,
+ char *dA_str, char *xA_str, char *yA_str,
+ char *dB_str, char *xZ_str, char *yZ_str,
+ int max_ops, int min_restarts, int max_restarts )
+{
+ /*
+ * Test for early restart. Based on test vectors like ecp_test_vect(),
+ * but for the sake of simplicity only does half of each side. It's
+ * important to test both base point and random point, though, as memory
+ * management is different in each case.
+ *
+ * Don't try using too precise bounds for restarts as the exact number
+ * will depend on settings such as MBEDTLS_ECP_FIXED_POINT_OPTIM and
+ * MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may
+ * change in the future. A factor 2 is a minimum safety margin.
+ *
+ * For reference, with mbed TLS 2.4 and default settings, for P-256:
+ * - Random point mult: ~3250M
+ * - Cold base point mult: ~3300M
+ * - Hot base point mult: ~1100M
+ * With MBEDTLS_ECP_WINDOW_SIZE set to 2 (minimum):
+ * - Random point mult: ~3850M
+ */
+ mbedtls_ecp_restart_ctx ctx;
+ mbedtls_ecp_group grp;
+ mbedtls_ecp_point R, P;
+ mbedtls_mpi dA, xA, yA, dB, xZ, yZ;
+ int cnt_restarts;
+ int ret;
+
+ mbedtls_ecp_restart_init( &ctx );
+ mbedtls_ecp_group_init( &grp );
+ mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P );
+ mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA );
+ mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
+
+ TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
+
+ TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
+
+ TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
+
+ mbedtls_ecp_set_max_ops( (unsigned) max_ops );
+
+ /* Base point case */
+ cnt_restarts = 0;
+ do {
+ ECP_PT_RESET( &R );
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
+
+ TEST_ASSERT( cnt_restarts >= min_restarts );
+ TEST_ASSERT( cnt_restarts <= max_restarts );
+
+ /* Non-base point case */
+ mbedtls_ecp_copy( &P, &R );
+ cnt_restarts = 0;
+ do {
+ ECP_PT_RESET( &R );
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
+
+ TEST_ASSERT( cnt_restarts >= min_restarts );
+ TEST_ASSERT( cnt_restarts <= max_restarts );
+
+ /* Do we leak memory when aborting an operation?
+ * This test only makes sense when we actually restart */
+ if( min_restarts > 0 )
+ {
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ }
+
+exit:
+ mbedtls_ecp_restart_free( &ctx );
+ mbedtls_ecp_group_free( &grp );
+ mbedtls_ecp_point_free( &R ); mbedtls_ecp_point_free( &P );
+ mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA );
+ mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
+void ecp_muladd_restart( int id, char *xR_str, char *yR_str,
+ char *u1_str, char *u2_str,
+ char *xQ_str, char *yQ_str,
+ int max_ops, int min_restarts, int max_restarts )
+{
+ /*
+ * Compute R = u1 * G + u2 * Q
+ * (test vectors mostly taken from ECDSA intermediate results)
+ *
+ * See comments at the top of ecp_test_vect_restart()
+ */
+ mbedtls_ecp_restart_ctx ctx;
+ mbedtls_ecp_group grp;
+ mbedtls_ecp_point R, Q;
+ mbedtls_mpi u1, u2, xR, yR;
+ int cnt_restarts;
+ int ret;
+
+ mbedtls_ecp_restart_init( &ctx );
+ mbedtls_ecp_group_init( &grp );
+ mbedtls_ecp_point_init( &R );
+ mbedtls_ecp_point_init( &Q );
+ mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
+ mbedtls_mpi_init( &xR ); mbedtls_mpi_init( &yR );
+
+ TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
+
+ TEST_ASSERT( mbedtls_mpi_read_string( &u1, 16, u1_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &u2, 16, u2_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &xR, 16, xR_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &yR, 16, yR_str ) == 0 );
+
+ TEST_ASSERT( mbedtls_mpi_read_string( &Q.X, 16, xQ_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &Q.Y, 16, yQ_str ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 );
+
+ mbedtls_ecp_set_max_ops( (unsigned) max_ops );
+
+ cnt_restarts = 0;
+ do {
+ ECP_PT_RESET( &R );
+ ret = mbedtls_ecp_muladd_restartable( &grp, &R,
+ &u1, &grp.G, &u2, &Q, &ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xR ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yR ) == 0 );
+
+ TEST_ASSERT( cnt_restarts >= min_restarts );
+ TEST_ASSERT( cnt_restarts <= max_restarts );
+
+ /* Do we leak memory when aborting an operation?
+ * This test only makes sense when we actually restart */
+ if( min_restarts > 0 )
+ {
+ ret = mbedtls_ecp_muladd_restartable( &grp, &R,
+ &u1, &grp.G, &u2, &Q, &ctx );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ }
+
+exit:
+ mbedtls_ecp_restart_free( &ctx );
+ mbedtls_ecp_group_free( &grp );
+ mbedtls_ecp_point_free( &R );
+ mbedtls_ecp_point_free( &Q );
+ mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
+ mbedtls_mpi_free( &xR ); mbedtls_mpi_free( &yR );
+}
+/* END_CASE */
+
/* BEGIN_CASE */
-void ecp_test_vect( int id, char *dA_str, char *xA_str, char *yA_str,
- char *dB_str, char *xB_str, char *yB_str, char *xZ_str,
- char *yZ_str )
+void ecp_test_vect( int id, char * dA_str, char * xA_str, char * yA_str,
+ char * dB_str, char * xB_str, char * yB_str,
+ char * xZ_str, char * yZ_str )
{
mbedtls_ecp_group grp;
mbedtls_ecp_point R;
@@ -107,8 +279,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void ecp_test_vec_x( int id, char *dA_hex, char *xA_hex,
- char *dB_hex, char *xB_hex, char *xS_hex )
+void ecp_test_vec_x( int id, char * dA_hex, char * xA_hex, char * dB_hex,
+ char * xB_hex, char * xS_hex )
{
mbedtls_ecp_group grp;
mbedtls_ecp_point R;
@@ -158,7 +330,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void ecp_fast_mod( int id, char *N_str )
+void ecp_fast_mod( int id, char * N_str )
{
mbedtls_ecp_group grp;
mbedtls_mpi N, R;
@@ -191,16 +363,15 @@
/* END_CASE */
/* BEGIN_CASE */
-void ecp_write_binary( int id, char *x, char *y, char *z, int format,
- char *out, int blen, int ret )
+void ecp_write_binary( int id, char * x, char * y, char * z, int format,
+ data_t * out, int blen, int ret )
{
mbedtls_ecp_group grp;
mbedtls_ecp_point P;
- unsigned char buf[256], str[512];
+ unsigned char buf[256];
size_t olen;
memset( buf, 0, sizeof( buf ) );
- memset( str, 0, sizeof( str ) );
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
@@ -215,8 +386,7 @@
if( ret == 0 )
{
- hexify( str, buf, olen );
- TEST_ASSERT( strcasecmp( (char *) str, out ) == 0 );
+ TEST_ASSERT( hexcmp( buf, out->x, olen, out->len ) == 0 );
}
exit:
@@ -225,16 +395,13 @@
/* END_CASE */
/* BEGIN_CASE */
-void ecp_read_binary( int id, char *input, char *x, char *y, char *z,
+void ecp_read_binary( int id, data_t * buf, char * x, char * y, char * z,
int ret )
{
mbedtls_ecp_group grp;
mbedtls_ecp_point P;
mbedtls_mpi X, Y, Z;
- int ilen;
- unsigned char buf[256];
- memset( buf, 0, sizeof( buf ) );
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
@@ -245,9 +412,7 @@
TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
- ilen = unhexify( buf, input );
-
- TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf, ilen ) == ret );
+ TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret );
if( ret == 0 )
{
@@ -263,17 +428,14 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_ecp_tls_read_point( int id, char *input, char *x, char *y, char *z,
- int ret )
+void mbedtls_ecp_tls_read_point( int id, data_t * buf, char * x, char * y,
+ char * z, int ret )
{
mbedtls_ecp_group grp;
mbedtls_ecp_point P;
mbedtls_mpi X, Y, Z;
- size_t ilen;
- unsigned char buf[256];
- const unsigned char *vbuf = buf;
+ const unsigned char *vbuf = buf->x;
- memset( buf, 0, sizeof( buf ) );
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
@@ -284,16 +446,14 @@
TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
- ilen = unhexify( buf, input );
-
- TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, ilen ) == ret );
+ TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret );
if( ret == 0 )
{
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 );
- TEST_ASSERT( *vbuf == 0x00 );
+ TEST_ASSERT( (uint32_t)( vbuf - buf->x ) == buf->len );
}
exit:
@@ -355,25 +515,22 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_ecp_tls_read_group( char *record, int result, int bits )
+void mbedtls_ecp_tls_read_group( data_t * buf, int result, int bits,
+ int record_len )
{
mbedtls_ecp_group grp;
- unsigned char buf[10];
- const unsigned char *vbuf = buf;
- int len, ret;
+ const unsigned char *vbuf = buf->x;
+ int ret;
mbedtls_ecp_group_init( &grp );
- memset( buf, 0x00, sizeof( buf ) );
- len = unhexify( buf, record );
-
- ret = mbedtls_ecp_tls_read_group( &grp, &vbuf, len );
+ ret = mbedtls_ecp_tls_read_group( &grp, &vbuf, buf->len );
TEST_ASSERT( ret == result );
if( ret == 0)
{
TEST_ASSERT( mbedtls_mpi_bitlen( &grp.P ) == (size_t) bits );
- TEST_ASSERT( *vbuf == 0x00 );
+ TEST_ASSERT( vbuf - buf->x == record_len);
}
exit:
@@ -413,7 +570,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_ecp_check_privkey( int id, char *key_hex, int ret )
+void mbedtls_ecp_check_privkey( int id, char * key_hex, int ret )
{
mbedtls_ecp_group grp;
mbedtls_mpi d;
@@ -433,8 +590,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_ecp_check_pub_priv( int id_pub, char *Qx_pub, char *Qy_pub,
- int id, char *d, char *Qx, char *Qy, int ret )
+void mbedtls_ecp_check_pub_priv( int id_pub, char * Qx_pub, char * Qy_pub,
+ int id, char * d, char * Qx, char * Qy,
+ int ret )
{
mbedtls_ecp_keypair pub, prv;
@@ -506,7 +664,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void ecp_selftest()
+void ecp_selftest( )
{
TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function
index 2bab796..0b1cfe8 100644
--- a/tests/suites/test_suite_entropy.function
+++ b/tests/suites/test_suite_entropy.function
@@ -1,6 +1,7 @@
/* BEGIN_HEADER */
#include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h"
+#include "string.h"
/*
* Number of calls made to entropy_dummy_source()
@@ -124,7 +125,7 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
-void entropy_seed_file( char *path, int ret )
+void entropy_seed_file( char * path, int ret )
{
mbedtls_entropy_context ctx;
@@ -139,7 +140,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void entropy_too_many_sources( )
+void entropy_too_many_sources( )
{
mbedtls_entropy_context ctx;
size_t i;
@@ -193,7 +194,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void entropy_source_fail( char *path )
+void entropy_source_fail( char * path )
{
mbedtls_entropy_context ctx;
int fail = -1;
@@ -260,7 +261,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
-void nv_seed_file_create()
+void nv_seed_file_create( )
{
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
@@ -271,7 +272,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO:MBEDTLS_PLATFORM_NV_SEED_ALT */
-void entropy_nv_seed_std_io()
+void entropy_nv_seed_std_io( )
{
unsigned char io_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
@@ -301,7 +302,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT:MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
-void entropy_nv_seed( char *read_seed_str )
+void entropy_nv_seed( data_t * read_seed )
{
mbedtls_sha512_context accumulator;
mbedtls_entropy_context ctx;
@@ -310,7 +311,6 @@
unsigned char entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
unsigned char empty[MBEDTLS_ENTROPY_BLOCK_SIZE];
- unsigned char read_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
@@ -322,8 +322,7 @@
memset( check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE );
// Set the initial NV seed to read
- unhexify( read_seed, read_seed_str );
- memcpy( buffer_seed, read_seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
+ memcpy( buffer_seed, read_seed->x, read_seed->len );
// Make sure we read/write NV seed from our buffers
mbedtls_platform_set_nv_seed( buffer_nv_seed_read, buffer_nv_seed_write );
@@ -348,7 +347,7 @@
// First run for updating write_seed
header[0] = 0;
mbedtls_sha512_update( &accumulator, header, 2 );
- mbedtls_sha512_update( &accumulator, read_seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
+ mbedtls_sha512_update( &accumulator, read_seed->x, read_seed->len );
mbedtls_sha512_finish( &accumulator, buf );
memset( &accumulator, 0, sizeof( mbedtls_sha512_context ) );
diff --git a/tests/suites/test_suite_error.function b/tests/suites/test_suite_error.function
index c99b1fd..68831ce 100644
--- a/tests/suites/test_suite_error.function
+++ b/tests/suites/test_suite_error.function
@@ -8,7 +8,7 @@
*/
/* BEGIN_CASE */
-void error_strerror( int code, char *result_str )
+void error_strerror( int code, char * result_str )
{
char buf[500];
diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data
index 2a2e32f..a42fe85 100644
--- a/tests/suites/test_suite_gcm.aes128_de.data
+++ b/tests/suites/test_suite_gcm.aes128_de.data
@@ -1,674 +1,674 @@
AES-GCM NIST Validation (AES-128,128,0,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d785dafea3e966731ef6fc6202262584":"":"d91a46205ee94058b3b8403997592dd2":"":128:"3b92a17c1b9c3578a68cffea5a5b6245":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d785dafea3e966731ef6fc6202262584":"":"d91a46205ee94058b3b8403997592dd2":"":128:"3b92a17c1b9c3578a68cffea5a5b6245":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aec963833b9098de1ababc853ab74d96":"":"4e0ffd93beffd732c6f7d6ad606a2d24":"":128:"e9fcedc176dfe587dc61b2011010cdf1":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aec963833b9098de1ababc853ab74d96":"":"4e0ffd93beffd732c6f7d6ad606a2d24":"":128:"e9fcedc176dfe587dc61b2011010cdf1":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4fb9e3393681da9cec5ec96f87c5c31":"":"845e910bc055d895879f62101d08b4c7":"":128:"99fb783c497416e4b6e2a5de7c782057":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4fb9e3393681da9cec5ec96f87c5c31":"":"845e910bc055d895879f62101d08b4c7":"":128:"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a930f2e09beceacd9919cb76f2ac8d3":"":"340d9af44f6370eff534c653033a785a":"":120:"0c1e5e9c8fe5edfd11f114f3503d63":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a930f2e09beceacd9919cb76f2ac8d3":"":"340d9af44f6370eff534c653033a785a":"":120:"0c1e5e9c8fe5edfd11f114f3503d63":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe71177e02073b1c407b5724e2263a5e":"":"83c23d20d2a9d4b8f92da96587c96b18":"":120:"43b2ca795420f35f6cb39f5dfa47a2":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe71177e02073b1c407b5724e2263a5e":"":"83c23d20d2a9d4b8f92da96587c96b18":"":120:"43b2ca795420f35f6cb39f5dfa47a2":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b02392fd7f228888c281e59d1eaa15fb":"":"2726344ba8912c737e195424e1e6679e":"":120:"a10b601ca8053536a2af2cc255d2b6":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b02392fd7f228888c281e59d1eaa15fb":"":"2726344ba8912c737e195424e1e6679e":"":120:"a10b601ca8053536a2af2cc255d2b6":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"21895cbafc16b7b8bf5867e88e0853d4":"":"f987ce1005d9bbd31d2452fb80957753":"":112:"952a7e265830d58a6778d68b9450":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"21895cbafc16b7b8bf5867e88e0853d4":"":"f987ce1005d9bbd31d2452fb80957753":"":112:"952a7e265830d58a6778d68b9450":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb9742bf47f68caf64963d7c10a97b0":"":"34a85669de64e1cd44731905fddbcbc5":"":112:"e9b6be928aa77b2de28b480ae74c":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb9742bf47f68caf64963d7c10a97b0":"":"34a85669de64e1cd44731905fddbcbc5":"":112:"e9b6be928aa77b2de28b480ae74c":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"":"1c53a9fdd23919b036d99560619a9939":"":112:"6611b50d6fbca83047f9f5fe1768":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"":"1c53a9fdd23919b036d99560619a9939":"":112:"6611b50d6fbca83047f9f5fe1768":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"82fede79db25f00be96eb050a22cea87":"":"e9c50b517ab26c89b83c1f0cac50162c":"":104:"d0c0ce9db60b77b0e31d05e048":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"82fede79db25f00be96eb050a22cea87":"":"e9c50b517ab26c89b83c1f0cac50162c":"":104:"d0c0ce9db60b77b0e31d05e048":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1d98566fca5201abb12914311a8bd532":"":"590aef4b46a9023405d075edab7e6849":"":104:"a1cfd1a27b341f49eda2ca8305":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1d98566fca5201abb12914311a8bd532":"":"590aef4b46a9023405d075edab7e6849":"":104:"a1cfd1a27b341f49eda2ca8305":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3038771820c2e1319f02a74b8a7a0c08":"":"e556d9f07fb69d7e9a644261c80fac92":"":104:"4d2f005d662b6a8787f231c5e1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3038771820c2e1319f02a74b8a7a0c08":"":"e556d9f07fb69d7e9a644261c80fac92":"":104:"4d2f005d662b6a8787f231c5e1":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0fb7eef50de598d7d8b508d019a30d5a":"":"a2a2617040116c2c7e4236d2d8278213":"":96:"68413c58df7bb5f067197ca0":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0fb7eef50de598d7d8b508d019a30d5a":"":"a2a2617040116c2c7e4236d2d8278213":"":96:"68413c58df7bb5f067197ca0":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cc58b609204215c8ab4908286e56e5c":"":"fb83ea637279332677b5f68081173e99":"":96:"a2a9160d82739a55d8cd419f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cc58b609204215c8ab4908286e56e5c":"":"fb83ea637279332677b5f68081173e99":"":96:"a2a9160d82739a55d8cd419f":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81a5fd184742a478432963f6477e8f92":"":"da297cbb53b11d7c379e0566299b4d5a":"":96:"200bee49466fdda2f21f0062":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81a5fd184742a478432963f6477e8f92":"":"da297cbb53b11d7c379e0566299b4d5a":"":96:"200bee49466fdda2f21f0062":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f604ac66d626959e595cbb7b4128e096":"":"269d2a49d533c6bb38008711f38e0b39":"":64:"468200fa4683e8be":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f604ac66d626959e595cbb7b4128e096":"":"269d2a49d533c6bb38008711f38e0b39":"":64:"468200fa4683e8be":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2e308ba7903e925f768c1d00ff3eb623":"":"335acd2aa48a47a37cfe21e491f1b141":"":64:"4872bfd5e2ff55f6":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2e308ba7903e925f768c1d00ff3eb623":"":"335acd2aa48a47a37cfe21e491f1b141":"":64:"4872bfd5e2ff55f6":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1304e2a5a3520454a5109df61a67da7a":"":"dbe8b452acf4fa1444c3668e9ee72d26":"":64:"83a0d3440200ca95":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1304e2a5a3520454a5109df61a67da7a":"":"dbe8b452acf4fa1444c3668e9ee72d26":"":64:"83a0d3440200ca95":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"":"ddf0b695aef5df2b594fcaae72b7e41c":"":32:"2819aedf":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"":"ddf0b695aef5df2b594fcaae72b7e41c":"":32:"2819aedf":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9ab5c8ca905b5fe50461f4a68941144b":"":"96dd3927a96e16123f2e9d6b367d303f":"":32:"6e0c53ef":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9ab5c8ca905b5fe50461f4a68941144b":"":"96dd3927a96e16123f2e9d6b367d303f":"":32:"6e0c53ef":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fc7af605721a9cfe61c1ee6a4b3e22":"":"6b757d4055823d1035d01077666037d6":"":32:"e8c09ddd":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fc7af605721a9cfe61c1ee6a4b3e22":"":"6b757d4055823d1035d01077666037d6":"":32:"e8c09ddd":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03c0b4a6e508a8490db0d086a82c9db7":"":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":128:"756292d8b4653887edef51679b161812":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03c0b4a6e508a8490db0d086a82c9db7":"":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":128:"756292d8b4653887edef51679b161812":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b228d3d15219ea9ad5651fce02c8374d":"":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":128:"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b228d3d15219ea9ad5651fce02c8374d":"":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":128:"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"776afcbabedd5577fe660a60f920b536":"":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":128:"a5347d41d93b587240651bcd5230264f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"776afcbabedd5577fe660a60f920b536":"":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":128:"a5347d41d93b587240651bcd5230264f":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":120:"2a67ad1471a520fe09a304f0975f31":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":120:"2a67ad1471a520fe09a304f0975f31":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bc73fba942ff105823b5dccf6befb1c":"":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":120:"ebdd7c8e87fe733138a433543542d1":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bc73fba942ff105823b5dccf6befb1c":"":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":120:"ebdd7c8e87fe733138a433543542d1":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"356a4c245868243d61756cabe86da887":"":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":120:"ed26080dcb670590613d97d7c47cf4":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"356a4c245868243d61756cabe86da887":"":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":120:"ed26080dcb670590613d97d7c47cf4":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfa7e93aff73600fc552324253066e2c":"":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":112:"6ba5e4dace9a54b50b901d9b73ad":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfa7e93aff73600fc552324253066e2c":"":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":112:"6ba5e4dace9a54b50b901d9b73ad":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2ecea80b48d2ecd194a7699aa7d8ccfc":"":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":112:"246a9d37553088b6411ebb62aa16":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2ecea80b48d2ecd194a7699aa7d8ccfc":"":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":112:"246a9d37553088b6411ebb62aa16":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d38fee3fd3d6d08224c3c83529a25d08":"":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":112:"803a08700ec86fdeb88f7a388921":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d38fee3fd3d6d08224c3c83529a25d08":"":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":112:"803a08700ec86fdeb88f7a388921":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1899b0cbae41d705c6eed3226afb5bc0":"":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":104:"c5d58870fee9ce157f5ec1fa8f":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1899b0cbae41d705c6eed3226afb5bc0":"":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":104:"c5d58870fee9ce157f5ec1fa8f":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b95323d86d02754f4c2874b42ec6eb0":"":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":104:"c4724ff1d2c57295eb733e9cad":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b95323d86d02754f4c2874b42ec6eb0":"":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":104:"c4724ff1d2c57295eb733e9cad":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30da555559eb11cf7e0eff9d99e9607d":"":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":104:"3c82272130e17c4a0a007a908e":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30da555559eb11cf7e0eff9d99e9607d":"":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":104:"3c82272130e17c4a0a007a908e":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ed2ac74af896c5190c271cfa6af02fd2":"":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":96:"db8af7a0d548fc54d9457c73":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ed2ac74af896c5190c271cfa6af02fd2":"":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":96:"db8af7a0d548fc54d9457c73":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0225b73fe5fbbe52f838d873173959d8":"":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":96:"e2c2ce4022c49a95c9ac9026":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0225b73fe5fbbe52f838d873173959d8":"":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":96:"e2c2ce4022c49a95c9ac9026":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"89ca3771a0ef3287568b4ac036120198":"":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":96:"06b2bf62591dc7ec1b814705":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"89ca3771a0ef3287568b4ac036120198":"":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":96:"06b2bf62591dc7ec1b814705":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a41a297bd96e224942998fe2192934a1":"":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":64:"49a4917eef61f78e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a41a297bd96e224942998fe2192934a1":"":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":64:"49a4917eef61f78e":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9372c058f42e0a1d019bdb528313919":"":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":64:"b82cd11cd3575c8d":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9372c058f42e0a1d019bdb528313919":"":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":64:"b82cd11cd3575c8d":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6302b7338f8fa84195ad9abbacd89b4e":"":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":64:"5222d092e9e8bd6c":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6302b7338f8fa84195ad9abbacd89b4e":"":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":64:"5222d092e9e8bd6c":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78b5c28d62e4b2097873a1180bd5a3a5":"":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":32:"eae48137":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78b5c28d62e4b2097873a1180bd5a3a5":"":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":32:"eae48137":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d84130578070e036c9e3df5b5509473":"":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":32:"79987692":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d84130578070e036c9e3df5b5509473":"":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":32:"79987692":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08428605ab4742a3e8a55354d4764620":"":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":32:"3eb3e3a2":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08428605ab4742a3e8a55354d4764620":"":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":32:"3eb3e3a2":"":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd358bc3f992f26e81e3a2f3aa2d517":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"d8c750bb443ee1a169dfe97cfe4d855b":"":128:"a81d13973baa22a751833d7d3f94b3b1":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd358bc3f992f26e81e3a2f3aa2d517":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"d8c750bb443ee1a169dfe97cfe4d855b":"":128:"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"43b5f18227e5c74288dbeff03801acd6":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"08ee12246cf7edb81da3d610f3ebd167":"":128:"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"43b5f18227e5c74288dbeff03801acd6":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"08ee12246cf7edb81da3d610f3ebd167":"":128:"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a433c612d7e1bdff881e4d63ba8b141":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8b670cf31f470f79a6c0b79e73863ca1":"":128:"8526fd25daf890e79946a205b698f287":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a433c612d7e1bdff881e4d63ba8b141":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8b670cf31f470f79a6c0b79e73863ca1":"":128:"8526fd25daf890e79946a205b698f287":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e9d75c781d63b29f1816859f7a0e0a0":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"748a3b486b62a164cedcf1bab9325add":"":120:"131e0e4ce46d768674a7bcacdcef9c":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e9d75c781d63b29f1816859f7a0e0a0":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"748a3b486b62a164cedcf1bab9325add":"":120:"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe6b8553002c69396d9976bb48d30779":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"595b17d0d76b83780235f5e0c92bd21f":"":120:"8879de07815a88877b0623de9be411":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe6b8553002c69396d9976bb48d30779":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"595b17d0d76b83780235f5e0c92bd21f":"":120:"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14898c56009b459172fef9c17993b54f":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"0862f8f87289988711a877d3231d44eb":"":120:"36938974301ae733760f83439437c4":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14898c56009b459172fef9c17993b54f":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"0862f8f87289988711a877d3231d44eb":"":120:"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5253d4b071793b081ebc122cc2a5f8":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"49e82d86804e196421ec19ddc8541066":"":112:"e8b8ae34f842277fe92729e891e3":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5253d4b071793b081ebc122cc2a5f8":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"49e82d86804e196421ec19ddc8541066":"":112:"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3502d6f0d172246e16503cdf5793296":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"6ce994689ff72f9df62f386a187c1a13":"":112:"21cdf44ff4993eb54b55d58e5a8f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3502d6f0d172246e16503cdf5793296":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"6ce994689ff72f9df62f386a187c1a13":"":112:"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5fb33dd73db309b9dfd3aee605cd94bf":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"3f6486f9e9e645292e0e425bac232268":"":112:"7ee5e0e2082b18d09abf141f902e":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5fb33dd73db309b9dfd3aee605cd94bf":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"3f6486f9e9e645292e0e425bac232268":"":112:"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a958fe3b520081b638d9e4c7d5da7ac7":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"c396109e96afde6f685d3c38aa3c2fae":"":104:"06ca91004be43cf46ed4599e23":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a958fe3b520081b638d9e4c7d5da7ac7":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"c396109e96afde6f685d3c38aa3c2fae":"":104:"06ca91004be43cf46ed4599e23":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec319fb143eac8215b51541daec268f2":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"8a4684f42a1775b03806574f401cff78":"":104:"e91acb1bfda191630b560debc9":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec319fb143eac8215b51541daec268f2":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"8a4684f42a1775b03806574f401cff78":"":104:"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14a3e69f351ac39b4297749a90c1365c":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"eb1c6c04437aa5a32bcc208bb3c01724":"":104:"e418815960559aefee8e0c3831":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14a3e69f351ac39b4297749a90c1365c":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"eb1c6c04437aa5a32bcc208bb3c01724":"":104:"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c34827771fc3918d1cee09ba9401b832":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"2379bbd39a1c22bc93b9b9cc45f3840b":"":96:"26e1f6cf0d9e0f36dfd669eb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c34827771fc3918d1cee09ba9401b832":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"2379bbd39a1c22bc93b9b9cc45f3840b":"":96:"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b1f9bd2006ec550b7b9913d383200b5d":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"ca28fa6b64bb3b32ef7d211f1c8be759":"":96:"c87aac7ad0e85dbb103c0733":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b1f9bd2006ec550b7b9913d383200b5d":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"ca28fa6b64bb3b32ef7d211f1c8be759":"":96:"c87aac7ad0e85dbb103c0733":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b2cef1a92aa0af2b00fb2a99855d5bc":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"08d87b7acee87d884667f6b1e32e34d0":"":96:"3bd7685318010b0c5fe3308b":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b2cef1a92aa0af2b00fb2a99855d5bc":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"08d87b7acee87d884667f6b1e32e34d0":"":96:"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"175c306f8644b0c4b894ae3d0971505e":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"9860268ca2e10974f3726a0e5b9b310f":"":64:"f809105e5fc5b13c":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"175c306f8644b0c4b894ae3d0971505e":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"9860268ca2e10974f3726a0e5b9b310f":"":64:"f809105e5fc5b13c":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08c0edcfe342a676ccdc04bdf854b4b0":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"4a7b70753930fe659f8cc38e5833f0c7":"":64:"9ab1e2f3c4606376":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08c0edcfe342a676ccdc04bdf854b4b0":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"4a7b70753930fe659f8cc38e5833f0c7":"":64:"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"241067a0301edf0f825d793e03383ea1":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"a30994261f48a66bb6c1fc3d69659228":"":64:"36c3b4a732ba75ae":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"241067a0301edf0f825d793e03383ea1":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"a30994261f48a66bb6c1fc3d69659228":"":64:"36c3b4a732ba75ae":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03cccb5357bd2848332d1696f2ff90cb":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"e0754022dfb1f813ccaf321558790806":"":32:"c75f0246":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03cccb5357bd2848332d1696f2ff90cb":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"e0754022dfb1f813ccaf321558790806":"":32:"c75f0246":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e5e53c84a05d5a5348bac7b2611cf62":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"47e40543b7d16bc9122c40b106d31d43":"":32:"81eec75d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e5e53c84a05d5a5348bac7b2611cf62":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"47e40543b7d16bc9122c40b106d31d43":"":32:"81eec75d":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c94008bf377f90b7a1c0d2ea38f730c":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"abfe92931a8411a39986b74560a38211":"":32:"47d42e78":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c94008bf377f90b7a1c0d2ea38f730c":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"abfe92931a8411a39986b74560a38211":"":32:"47d42e78":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"69eedf3777e594c30e94e9c5e2bce467":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":128:"5de3068e1e20eed469265000077b1db9":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"69eedf3777e594c30e94e9c5e2bce467":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":128:"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45cc35311eedf0ba093bf901931a7036":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":128:"266a895fc21da5176b44b446d7d1921d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45cc35311eedf0ba093bf901931a7036":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":128:"266a895fc21da5176b44b446d7d1921d":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9edb5231ca4a136b4df4ae22b8588f9f":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":128:"5ed3ea75c8172fa0e8755fef7b4c90f1":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9edb5231ca4a136b4df4ae22b8588f9f":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":128:"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5fdcb8f5225090e63fae9b68f92c7cb":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":120:"827e66b5b70dce56215cfb86c9a642":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5fdcb8f5225090e63fae9b68f92c7cb":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":120:"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036198cd3a3ab9319684d0f811cf2992":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":120:"6cf68a374bea08a977ec8a04b92e8b":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036198cd3a3ab9319684d0f811cf2992":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":120:"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c9fbbff8f25f951ba874dfc5ff38584e":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":120:"ff0b2c384e03b50e7e829c7a9f95aa":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c9fbbff8f25f951ba874dfc5ff38584e":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":120:"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a314ec178da96311e42334a616fb38b":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":112:"1e774647b1ca406e0ed7141a8e1e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a314ec178da96311e42334a616fb38b":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":112:"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e818372a63b7e2c23b524e29ba752bdb":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":112:"3744262bc76f283964c1c15dc069":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e818372a63b7e2c23b524e29ba752bdb":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":112:"3744262bc76f283964c1c15dc069":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a04f16882ff45816739d1b6697ce8b7":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":112:"fbb37084396394fecd9581741f3c":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a04f16882ff45816739d1b6697ce8b7":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":112:"fbb37084396394fecd9581741f3c":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38cf029a4b20607030586cd2d82146e6":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":104:"7b021de5cda915ba58f90ceef4":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38cf029a4b20607030586cd2d82146e6":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":104:"7b021de5cda915ba58f90ceef4":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cf4d81fc5997c744a572bed71f4ae609":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":104:"0a86142a0af81c8df64ba689f4":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cf4d81fc5997c744a572bed71f4ae609":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":104:"0a86142a0af81c8df64ba689f4":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d88ad40b42ead744f1b7a36685658be1":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":104:"7643b3534eb5cb38331ed2e572":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d88ad40b42ead744f1b7a36685658be1":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":104:"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3ce86a212a30e724b4c624057db4e79":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":96:"3230fe94b6ccd63e605f87d0":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3ce86a212a30e724b4c624057db4e79":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":96:"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0155360b84420b5bf4fb410ea02f31e":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":96:"ac5addcc10cae6c1345520f1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0155360b84420b5bf4fb410ea02f31e":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":96:"ac5addcc10cae6c1345520f1":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"694f621f594d96b16c32254ff06f3f9c":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":96:"0bdef4d771a1740381e7db97":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"694f621f594d96b16c32254ff06f3f9c":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":96:"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78826a5215a1d5e1b39cad5a06861f8f":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":64:"a724bbb295a02883":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78826a5215a1d5e1b39cad5a06861f8f":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":64:"a724bbb295a02883":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d450f5253251121606e56687952bf2f1":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":64:"6446398aff73ed23":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d450f5253251121606e56687952bf2f1":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":64:"6446398aff73ed23":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90a59f6b0abf932311f0b65623c17740":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":64:"dc77c1d7e0902d48":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90a59f6b0abf932311f0b65623c17740":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":64:"dc77c1d7e0902d48":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be4ef629f0b38194c74f7b66418922d":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":32:"3d8fc6fb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be4ef629f0b38194c74f7b66418922d":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":32:"3d8fc6fb":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c50e37244931e8debc12b3d561c83ba2":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":32:"7d4393f0":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c50e37244931e8debc12b3d561c83ba2":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":32:"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8531ddb03977383405baf2ee9ca7d64b":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":32:"2fc9de46":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8531ddb03977383405baf2ee9ca7d64b":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":32:"2fc9de46":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"862dd5b362cfa556ca37e73cff7f4a0e":"":"81530a243655a60d22d9ab40d2520447":"":128:"3b9b2af54e610ed0b3dda96961dd8783":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"862dd5b362cfa556ca37e73cff7f4a0e":"":"81530a243655a60d22d9ab40d2520447":"":128:"3b9b2af54e610ed0b3dda96961dd8783":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3452b7bc100c334292e08343f139b9d0":"":"8f92739a30fe4ba24079f5d42753d6ac":"":128:"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3452b7bc100c334292e08343f139b9d0":"":"8f92739a30fe4ba24079f5d42753d6ac":"":128:"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"31a0cbaf21b943f8badc939e94eac7eb":"":"d5bb2c4eaec47088230972ae34fcda9c":"":128:"580e728512c8e44fbb3fe2c498e05323":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"31a0cbaf21b943f8badc939e94eac7eb":"":"d5bb2c4eaec47088230972ae34fcda9c":"":128:"580e728512c8e44fbb3fe2c498e05323":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e8fca537746e7cbff97f1dcd40a3392":"":"43e9f2bf186b2af8cc022e7c7412d641":"":120:"4465a3f9d9751789bcef5c7c58cbc5":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e8fca537746e7cbff97f1dcd40a3392":"":"43e9f2bf186b2af8cc022e7c7412d641":"":120:"4465a3f9d9751789bcef5c7c58cbc5":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"35b5854ca83792ad691dbda1a66790fb":"":"cff61cf9b32ea30cf7e3692aa6e74bed":"":120:"726793199df533dd9055b0ac7c939d":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"35b5854ca83792ad691dbda1a66790fb":"":"cff61cf9b32ea30cf7e3692aa6e74bed":"":120:"726793199df533dd9055b0ac7c939d":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"07259267c1c6a015437a5d8cfa92f9e6":"":"18b9cf2ad7ace6ec1c8366b72878cf20":"":120:"4340f6263f0ba2d82c2eb79cb0cc7e":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"07259267c1c6a015437a5d8cfa92f9e6":"":"18b9cf2ad7ace6ec1c8366b72878cf20":"":120:"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa1df8955aa3ef191900b06e7c1b7d46":"":"6928c138c98a4350c318fbdccd3f44ba":"":112:"7c89d9e77515d271b6ed54c9c4e3":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa1df8955aa3ef191900b06e7c1b7d46":"":"6928c138c98a4350c318fbdccd3f44ba":"":112:"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c04200ce41ce77d772babb206315ec7d":"":"a885d58f0f38f9ff26d906fa1bfb12f4":"":112:"9ee0d025421f2bf18caf563953fb":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c04200ce41ce77d772babb206315ec7d":"":"a885d58f0f38f9ff26d906fa1bfb12f4":"":112:"9ee0d025421f2bf18caf563953fb":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"650df049461be341c3099bd1613dcead":"":"8a4ff6327b49d297248ce2d5bd38afa8":"":112:"13f067ef0d7b448d56e70d282fed":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"650df049461be341c3099bd1613dcead":"":"8a4ff6327b49d297248ce2d5bd38afa8":"":112:"13f067ef0d7b448d56e70d282fed":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee61b5bf5060fcc637dc833926898508":"":"b2dcf21f9ffa4a883044d29f087f9b85":"":104:"9ab1d66666d4dea3cbb5982238":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee61b5bf5060fcc637dc833926898508":"":"b2dcf21f9ffa4a883044d29f087f9b85":"":104:"9ab1d66666d4dea3cbb5982238":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"01cc56ca7e64db7fbef66236a5c49493":"":"8ea5b63004189792cc040ef18b37e550":"":104:"d685aeb54aa129a21bed17766e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"01cc56ca7e64db7fbef66236a5c49493":"":"8ea5b63004189792cc040ef18b37e550":"":104:"d685aeb54aa129a21bed17766e":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"134dd72ac8e28ab46720c2f42284a303":"":"c6368e4c0ba0ec90fa7488af9997a4c7":"":104:"4ad9cdf19ff7d7fd7e273efced":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"134dd72ac8e28ab46720c2f42284a303":"":"c6368e4c0ba0ec90fa7488af9997a4c7":"":104:"4ad9cdf19ff7d7fd7e273efced":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"180c04b2bde6901edcda66085f73ecd9":"":"9193b206beade4cb036f01a9db187cb8":"":96:"530f5e9ed0879ccef3a7b360":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"180c04b2bde6901edcda66085f73ecd9":"":"9193b206beade4cb036f01a9db187cb8":"":96:"530f5e9ed0879ccef3a7b360":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaac85742a55ffa07e98106d6d6b1004":"":"630cd8ab849253c4da95ac80324ecc28":"":96:"37911820c810e3700c3a9321":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaac85742a55ffa07e98106d6d6b1004":"":"630cd8ab849253c4da95ac80324ecc28":"":96:"37911820c810e3700c3a9321":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"":"86e6100669929e329a1d258cd3552dc9":"":96:"958d6141f7fb2b2dc7d851a6":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"":"86e6100669929e329a1d258cd3552dc9":"":96:"958d6141f7fb2b2dc7d851a6":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd756d49fd25380c4026ea03cafc2da":"":"6a6f7e39b0d730ea1670e13d16c12c28":"":64:"872ef05a28da5ea1":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd756d49fd25380c4026ea03cafc2da":"":"6a6f7e39b0d730ea1670e13d16c12c28":"":64:"872ef05a28da5ea1":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bd8a834b288bdc7578b6c6ab36f5d068":"":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":64:"c5c094e83755f2b6":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bd8a834b288bdc7578b6c6ab36f5d068":"":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":64:"c5c094e83755f2b6":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"020d280dbd06939bbb5e6edc6f6d39c6":"":"09aea6f0e57598452719d6f63b6fe5a0":"":64:"05d6c56ba601e85b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"020d280dbd06939bbb5e6edc6f6d39c6":"":"09aea6f0e57598452719d6f63b6fe5a0":"":64:"05d6c56ba601e85b":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e47f41a27a2722df293c1431badc0f90":"":"227c036fca03171a890806b9fa0c250d":"":32:"86c22189":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e47f41a27a2722df293c1431badc0f90":"":"227c036fca03171a890806b9fa0c250d":"":32:"86c22189":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9d3e112114b94e26e93d3855d4be26bd":"":"99b98525160c4bb2029da5553ff82b59":"":32:"33bee715":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9d3e112114b94e26e93d3855d4be26bd":"":"99b98525160c4bb2029da5553ff82b59":"":32:"33bee715":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b4b7688588125349fbb66004a30d5d4":"":"b4ae363edb529d8b927c051cf21a2d9d":"":32:"6a920617":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b4b7688588125349fbb66004a30d5d4":"":"b4ae363edb529d8b927c051cf21a2d9d":"":32:"6a920617":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":128:"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":128:"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":128:"c53d01e53ee4a6ea106ea4a66538265e":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":128:"c53d01e53ee4a6ea106ea4a66538265e":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c88b191ce6e8e4a3941f7960b7eae5":"":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":128:"92604d37407aff33f8b677326cbb94fc":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c88b191ce6e8e4a3941f7960b7eae5":"":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":128:"92604d37407aff33f8b677326cbb94fc":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c818dfa0885a09f65ef78712f5ce6609":"":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":120:"20e9a3a98d71d460743e1efaab13c6":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c818dfa0885a09f65ef78712f5ce6609":"":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":120:"20e9a3a98d71d460743e1efaab13c6":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2354c6b6afaa883e7ce91faca4981f8b":"":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":120:"3588c9aa769897dfa328549fbbd10a":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2354c6b6afaa883e7ce91faca4981f8b":"":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":120:"3588c9aa769897dfa328549fbbd10a":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0af48e6aebbb6ff5b7c92bd140b085f":"":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":120:"e6222f068a1e18f09ba6c771eabd86":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0af48e6aebbb6ff5b7c92bd140b085f":"":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":120:"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a05fe482fe164b2eca7f6c3e377b39d8":"":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":112:"3900bde9fa9ae2cbeee54d04f224":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a05fe482fe164b2eca7f6c3e377b39d8":"":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":112:"3900bde9fa9ae2cbeee54d04f224":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dacbadf819eb16a63f6f091d13ed04d4":"":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":112:"8988fca83c8cfb1f8feefac46f04":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dacbadf819eb16a63f6f091d13ed04d4":"":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":112:"8988fca83c8cfb1f8feefac46f04":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"969244c7444f3f3bf193b28f8e8e96dc":"":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":112:"a291c7527385f037f62e60fd8a96":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"969244c7444f3f3bf193b28f8e8e96dc":"":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":112:"a291c7527385f037f62e60fd8a96":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"525abe490c8434802b69439c590a5290":"":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":104:"038c7e95f790e6ca5ce73f9551":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"525abe490c8434802b69439c590a5290":"":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":104:"038c7e95f790e6ca5ce73f9551":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51644e025659de983f5c8156516b812e":"":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":104:"77e3deba2c7f9386f85bc4a801":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51644e025659de983f5c8156516b812e":"":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":104:"77e3deba2c7f9386f85bc4a801":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08566ca7310302dfb84d76ea0525ba20":"":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":104:"873f037fc05252a44dc76f8155":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08566ca7310302dfb84d76ea0525ba20":"":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":104:"873f037fc05252a44dc76f8155":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfb54db96383fa911bf5b4fa1218ef9a":"":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":96:"dada7fc7fed58db462854ef6":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfb54db96383fa911bf5b4fa1218ef9a":"":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":96:"dada7fc7fed58db462854ef6":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"389cf888474e9403e5f4d0e22ffec439":"":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":96:"92726d90ad26130e65f2beb4":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"389cf888474e9403e5f4d0e22ffec439":"":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":96:"92726d90ad26130e65f2beb4":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e55abb2ca36c822bf2a030ac703cb8b4":"":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":96:"65025250343ed8c09b3fceed":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e55abb2ca36c822bf2a030ac703cb8b4":"":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":96:"65025250343ed8c09b3fceed":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"586114f3b1dc087e1b2739b28c592dfe":"":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":64:"467a815610faeb82":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"586114f3b1dc087e1b2739b28c592dfe":"":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":64:"467a815610faeb82":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbfe806bddb7f06b3826b097550c68f5":"":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":64:"0697ac372a9acafd":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbfe806bddb7f06b3826b097550c68f5":"":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":64:"0697ac372a9acafd":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"96ce3a095a91effdd91d616f1f02ddcd":"":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":64:"55a0f61032e048f3":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"96ce3a095a91effdd91d616f1f02ddcd":"":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":64:"55a0f61032e048f3":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24ece168c2971cf2b404ea206dc9e29d":"":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":32:"d2b15a23":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24ece168c2971cf2b404ea206dc9e29d":"":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":32:"d2b15a23":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d3c3cf993f6740a019e61ce13c29955c":"":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":32:"f2d3a6ff":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d3c3cf993f6740a019e61ce13c29955c":"":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":32:"f2d3a6ff":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f1e5bd45ee8bb207ebbd730510ff218":"":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":32:"0d6c15da":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f1e5bd45ee8bb207ebbd730510ff218":"":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":32:"0d6c15da":"":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3997050377cfbb802cc438d973661688":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"c95c84c263bdfd5f1de66e7e616cf3fb":"":128:"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3997050377cfbb802cc438d973661688":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"c95c84c263bdfd5f1de66e7e616cf3fb":"":128:"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"cee448b48d3506ff3ecc227a87987846":"":128:"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"cee448b48d3506ff3ecc227a87987846":"":128:"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc2bde877e881aea512068105694968":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"05f0c34ab2e8e8026b0a23719344b71f":"":128:"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc2bde877e881aea512068105694968":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"05f0c34ab2e8e8026b0a23719344b71f":"":128:"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e14f45ba5d1eb52e0412240da5d7b5f9":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":120:"beede05e4928c808bc660f3de95634":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e14f45ba5d1eb52e0412240da5d7b5f9":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":120:"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a64579f3601b0022d357b601cd876ab":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"515efc6d036f95db7df56b1bbec0aff2":"":120:"13ea92ba35fced366d1e47c97ca5c9":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a64579f3601b0022d357b601cd876ab":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"515efc6d036f95db7df56b1bbec0aff2":"":120:"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bda4acfd10ab635f357935bb0ab7020":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"48b77c587616ffaa449533a91230b449":"":120:"8325e4394c91719691145e68e56439":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bda4acfd10ab635f357935bb0ab7020":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"48b77c587616ffaa449533a91230b449":"":120:"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d21cf24bc5bd176b4b0fd4c8477bb70d":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"208cb9dced20b18edddb91596e902124":"":112:"7edfb9daf8ca2babcc02537463e9":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d21cf24bc5bd176b4b0fd4c8477bb70d":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"208cb9dced20b18edddb91596e902124":"":112:"7edfb9daf8ca2babcc02537463e9":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d02e2b02170986944487cba8448f998":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"6336077bb83eff1c9ea715de99b372cd":"":112:"0466bb2957281f64b59eafed3509":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d02e2b02170986944487cba8448f998":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"6336077bb83eff1c9ea715de99b372cd":"":112:"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd1ad1de0521d41645d13c97a18f4a20":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"413873a0b063ad039da5513896233286":"":112:"d4dbe9cae116553b0cbe1984d176":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd1ad1de0521d41645d13c97a18f4a20":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"413873a0b063ad039da5513896233286":"":112:"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cb120e9cd718b5119b4a58af0644eff":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"5a7087989bfe2f6eddcb56fde4d72529":"":104:"95d8bd12af8a5ab677309df0fb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cb120e9cd718b5119b4a58af0644eff":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"5a7087989bfe2f6eddcb56fde4d72529":"":104:"95d8bd12af8a5ab677309df0fb":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"315b206778c28ed0bfdd6e66088a5c39":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":104:"930750c53effc7b84aa10b2276":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"315b206778c28ed0bfdd6e66088a5c39":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":104:"930750c53effc7b84aa10b2276":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e886de1c907c97e7db8ec80a79df90f8":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"612cacbf33266353d0a29a24532f3c0c":"":104:"76634e58d8f3a48f15875ac1d6":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e886de1c907c97e7db8ec80a79df90f8":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"612cacbf33266353d0a29a24532f3c0c":"":104:"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b936e09a6477f3bd52030a29df5001d":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"f93105be83fa5e315d73acfdcf578de7":"":96:"91b55bb5e3f3f1abcf335db5":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b936e09a6477f3bd52030a29df5001d":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"f93105be83fa5e315d73acfdcf578de7":"":96:"91b55bb5e3f3f1abcf335db5":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc9e2095de7b1b48481b56bf6a3604cd":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"9e5268db19a1b51c0496a160ca76f8f7":"":96:"0fa9588536fca71bb44260f7":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc9e2095de7b1b48481b56bf6a3604cd":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"9e5268db19a1b51c0496a160ca76f8f7":"":96:"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3f93901fd7cc88db3ba76a158d658c7b":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"7e98de461e6d96c0ce6c8d8b3854cf49":"":96:"86c9a70e4bab304ae46e6542":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3f93901fd7cc88db3ba76a158d658c7b":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"7e98de461e6d96c0ce6c8d8b3854cf49":"":96:"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"42289f3d3cd5838e250ef54b128e60d1":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"e557389a216ad724aafdab0180e1892e":"":64:"6f78bc809f31393e":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"42289f3d3cd5838e250ef54b128e60d1":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"e557389a216ad724aafdab0180e1892e":"":64:"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d772eabb7f19475665ca2a7e693bcfc":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"0747cbb486a013453fde1ca6abb11dbe":"":64:"8e761ffaea68f967":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d772eabb7f19475665ca2a7e693bcfc":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"0747cbb486a013453fde1ca6abb11dbe":"":64:"8e761ffaea68f967":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fb7fd753ee6eaaf283a42a121dab4e43":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"8164929fb54485377ecccc9b9621af5e":"":64:"40a2fa7f4370afb2":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fb7fd753ee6eaaf283a42a121dab4e43":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"8164929fb54485377ecccc9b9621af5e":"":64:"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30d757fd73a0fd5fa49159ad0653296d":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"b35b8df0aebd0608517f2830e0e70cd0":"":32:"954c0e99":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30d757fd73a0fd5fa49159ad0653296d":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"b35b8df0aebd0608517f2830e0e70cd0":"":32:"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9d3cfd5900de5d5e2109e7721cfeef6":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":32:"2b81e8ce":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9d3cfd5900de5d5e2109e7721cfeef6":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":32:"2b81e8ce":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"68dc138f19354d73eaa1cf0e79231d74":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"e7147749560f491420a2d893c075bb76":"":32:"70a83f6f":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"68dc138f19354d73eaa1cf0e79231d74":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"e7147749560f491420a2d893c075bb76":"":32:"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7362c86344e0aefb0cf0d04768f9c05d":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":128:"9594da428fd8c1b13ecb23afa2c1af2e":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7362c86344e0aefb0cf0d04768f9c05d":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":128:"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"58748bb204ccb7bdafdbf739b6c19a3e":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":128:"efba4589d4a03555766bbc3b421dd60f":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"58748bb204ccb7bdafdbf739b6c19a3e":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":128:"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6cc13cbd62428bb8658dd3954fe9181f":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":128:"76b990a1e010e5f088f6ae90bec40b32":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6cc13cbd62428bb8658dd3954fe9181f":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":128:"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"286d3f5080cfe88538571188fbeb2dd5":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":120:"d90d34094d740214dd3de685010ce3":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"286d3f5080cfe88538571188fbeb2dd5":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":120:"d90d34094d740214dd3de685010ce3":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"726ae113a096769b657f973ea6d2d5dd":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":120:"d095bfb8990d4fd64752ee24f3de1e":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"726ae113a096769b657f973ea6d2d5dd":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":120:"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73a9eeda721c6f292e6b399e2647f8a6":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":120:"e08161262234d0d5be22f09e5646bf":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73a9eeda721c6f292e6b399e2647f8a6":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":120:"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90dbda7397d8fc46215a1218a6ffd0d8":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":112:"776d871944159c51b2f5ec1980a6":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90dbda7397d8fc46215a1218a6ffd0d8":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":112:"776d871944159c51b2f5ec1980a6":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c85174d428fc1c7c89ca5d1b8aaba25":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":112:"1e7dec83830183d56f443a16471d":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c85174d428fc1c7c89ca5d1b8aaba25":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":112:"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d89f06eb07744d43d44734faf9751d07":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":112:"fcad48076eb03ebe85c6d64f6357":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d89f06eb07744d43d44734faf9751d07":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":112:"fcad48076eb03ebe85c6d64f6357":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6150f14dc53f391e815acfabed9f9e20":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":104:"922a7b48ad5bf61e6d70751cfe":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6150f14dc53f391e815acfabed9f9e20":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":104:"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e8216072ed6fcde0fe0f636b27ed718":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":104:"531a65cc5dfeca671cc64078d1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e8216072ed6fcde0fe0f636b27ed718":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":104:"531a65cc5dfeca671cc64078d1":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1af434b73a1210b08595ffa686079832":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":104:"2ae7350dd3d1909a73f8d64255":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1af434b73a1210b08595ffa686079832":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":104:"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04036d2f5273c6ff5b8364aa595359c9":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":96:"71f818f1a2b789fabbda8ec1":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04036d2f5273c6ff5b8364aa595359c9":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":96:"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59fe44c6e28d025b2ad05e6e867051ab":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":96:"296c4cdaeb94beb2847dc53d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59fe44c6e28d025b2ad05e6e867051ab":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":96:"296c4cdaeb94beb2847dc53d":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c314264cee0e6db30ebe9b2f6d4991b2":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":96:"fda18d2f795d900f057fe872":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c314264cee0e6db30ebe9b2f6d4991b2":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":96:"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"26072018bd0bda524b5beb66a622c63e":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":64:"edffe55c60235556":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"26072018bd0bda524b5beb66a622c63e":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":64:"edffe55c60235556":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"201751d3da98bd39ff4e5990a56cfea7":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":64:"66c247e5ad4e1d6a":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"201751d3da98bd39ff4e5990a56cfea7":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":64:"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bc0dcb5261a641a08e6cb00d23e4deb":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":64:"f5289e1204ace3b2":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bc0dcb5261a641a08e6cb00d23e4deb":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":64:"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"239c15492d6deec979e79236baca4635":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":32:"fc08cbbe":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"239c15492d6deec979e79236baca4635":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":32:"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db68a96e216b0dd9945f14b878487e03":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":32:"9251d3e3":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db68a96e216b0dd9945f14b878487e03":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":32:"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":32:"8e5a6a79":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":32:"8e5a6a79":"FAIL":"":0
AES-GCM Bad IV (AES-128,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
diff --git a/tests/suites/test_suite_gcm.aes192_de.data b/tests/suites/test_suite_gcm.aes192_de.data
index 9e7bad0..34f74ac 100644
--- a/tests/suites/test_suite_gcm.aes192_de.data
+++ b/tests/suites/test_suite_gcm.aes192_de.data
@@ -1,674 +1,674 @@
AES-GCM NIST Validation (AES-192,128,0,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"":"4f801c772395c4519ec830980c8ca5a4":"":128:"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"":"4f801c772395c4519ec830980c8ca5a4":"":128:"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"":"335ca01a07081fea4e605eb5f23a778e":"":128:"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"":"335ca01a07081fea4e605eb5f23a778e":"":128:"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"":"d9172c3344d37ff93d2dcb2170ea5d01":"":128:"017fef05260a496654896d4703db3888":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"":"d9172c3344d37ff93d2dcb2170ea5d01":"":128:"017fef05260a496654896d4703db3888":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"":"f47e915163fa3df7f6c15b9d69f53907":"":120:"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"":"f47e915163fa3df7f6c15b9d69f53907":"":120:"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"":"a35b397b34a14a8e24d05a37be4d1822":"":120:"e045ecba220d22c80826b77a21b013":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"":"a35b397b34a14a8e24d05a37be4d1822":"":120:"e045ecba220d22c80826b77a21b013":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"":"169a449ccb3eb29805b15304d603b132":"":120:"3a807251f3d6242849a69972b14f6d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"":"169a449ccb3eb29805b15304d603b132":"":120:"3a807251f3d6242849a69972b14f6d":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"":"538641f7d1cc5c68715971cee607da73":"":112:"07d68fffe417adc3397706d73b95":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"":"538641f7d1cc5c68715971cee607da73":"":112:"07d68fffe417adc3397706d73b95":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"":"0d8eb78032d83c676820b2ef5ccc2cc8":"":112:"7da181563b26c7aefeb29e71cc69":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"":"0d8eb78032d83c676820b2ef5ccc2cc8":"":112:"7da181563b26c7aefeb29e71cc69":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"":"646a91d83ae72b9b9e9fce64135cbf73":"":112:"169e717e2bae42e3eb61d0a1a29b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"":"646a91d83ae72b9b9e9fce64135cbf73":"":112:"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"":"55e10d5e9b438b02505d30f211b16fea":"":104:"95c0a4ea9e80f91a4acce500f7":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"":"55e10d5e9b438b02505d30f211b16fea":"":104:"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"":"e25ef162a4295d7d24de75a673172346":"":104:"89ea4d1f34edb716b322ea7f6f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"":"e25ef162a4295d7d24de75a673172346":"":104:"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"":"08ea464baac54469b0498419d83820e6":"":104:"ab064a8d380fe2cda38e61f9e1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"":"08ea464baac54469b0498419d83820e6":"":104:"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"":"766996fb67ace9e6a22d7f802455d4ef":"":96:"9a641be173dc3557ea015372":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"":"766996fb67ace9e6a22d7f802455d4ef":"":96:"9a641be173dc3557ea015372":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"":"75cdb8b83017f3dc5ac8733016ab47c7":"":96:"81e3a5580234d8e0b2204bc3":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"":"75cdb8b83017f3dc5ac8733016ab47c7":"":96:"81e3a5580234d8e0b2204bc3":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"":"cfbefe265583ab3a2285e8080141ba48":"":96:"355a43bcebbe7f72b6cd27ea":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"":"cfbefe265583ab3a2285e8080141ba48":"":96:"355a43bcebbe7f72b6cd27ea":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":64:"34b8e037084b3f2d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":64:"34b8e037084b3f2d":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"":"118d0283294d4084127cce4b0cd5b5fa":"":64:"507a361d8ac59882":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"":"118d0283294d4084127cce4b0cd5b5fa":"":64:"507a361d8ac59882":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"":"b78d518b6c41a9e031a00b10fb178327":"":64:"f401d546c8b739ff":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"":"b78d518b6c41a9e031a00b10fb178327":"":64:"f401d546c8b739ff":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"":"14eb280288740d464e3b8f296c642daa":"":32:"39e64d7a":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"":"14eb280288740d464e3b8f296c642daa":"":32:"39e64d7a":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"":"f54bf4aac8fb631c8b6ff5e96465fae6":"":32:"1ec1c1a1":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"":"f54bf4aac8fb631c8b6ff5e96465fae6":"":32:"1ec1c1a1":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"":"75532d15e582e6c477b411e727d4171e":"":32:"76a0e017":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"":"75532d15e582e6c477b411e727d4171e":"":32:"76a0e017":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":128:"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":128:"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":128:"04b80f25ae9d07f5fd8220263ac3f2f7":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":128:"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":128:"d22407fd3ae1921d1b380461d2e60210":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":128:"d22407fd3ae1921d1b380461d2e60210":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":120:"fcbb932ddb0128df78a71971c52838":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":120:"fcbb932ddb0128df78a71971c52838":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":120:"18fd1feec5e3bbf0985312dd6100d1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":120:"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":120:"fd78b9956e4e4522605db410f97e84":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":120:"fd78b9956e4e4522605db410f97e84":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":112:"b11f5c0e8cb6fea1a170c9342437":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":112:"b11f5c0e8cb6fea1a170c9342437":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":112:"6cdf60e62c91a6a944fa80da1854":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":112:"6cdf60e62c91a6a944fa80da1854":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc9922299b47725952f06272168b728218d2443028d81597":"":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":112:"dd515e5a8b41ecc441443a749b31":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc9922299b47725952f06272168b728218d2443028d81597":"":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":112:"dd515e5a8b41ecc441443a749b31":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":104:"f33e8f42b58f45a0456f83a13e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":104:"f33e8f42b58f45a0456f83a13e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":104:"380128ad7f35be87a17c9590fa":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":104:"380128ad7f35be87a17c9590fa":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":104:"e9e5beea7d39c9250347a2a33d":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":104:"e9e5beea7d39c9250347a2a33d":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":96:"24483a57c20826a709b7d10a":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":96:"24483a57c20826a709b7d10a":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":96:"23012503febbf26dc2d872dc":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":96:"23012503febbf26dc2d872dc":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":96:"e8e80bf6e5c4a55e7964f455":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":96:"e8e80bf6e5c4a55e7964f455":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":64:"74264163131d16ac":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":64:"74264163131d16ac":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":64:"8f4877806daff10e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":64:"8f4877806daff10e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":64:"4eff7227b42f9a7d":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":64:"4eff7227b42f9a7d":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":32:"ff355f10":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":32:"ff355f10":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":32:"cb4d8c1d":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":32:"cb4d8c1d":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":32:"4a28ec97":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":32:"4a28ec97":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"eb16ed8de81efde2915a901f557fba95":"":128:"804056dca9f102c4a13a930c81d77eca":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"eb16ed8de81efde2915a901f557fba95":"":128:"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":128:"951c1c89b6d95661630d739dd9120a73":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":128:"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"70835abab9f945c84ef4e97cdcf2a694":"":128:"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"70835abab9f945c84ef4e97cdcf2a694":"":128:"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"7f770140df5b8678bc9c4b962b8c9034":"":120:"9823e3242b3f890c6a456f1837e039":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"7f770140df5b8678bc9c4b962b8c9034":"":120:"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"151fd3ba32f5bde72adce6291bcf63ea":"":120:"f0626cc07f2ed1a7570386a4110fc1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"151fd3ba32f5bde72adce6291bcf63ea":"":120:"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"743699d3759781e82a3d21c7cd7991c8":"":120:"1da347f9b6341049e63140395ad445":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"743699d3759781e82a3d21c7cd7991c8":"":120:"1da347f9b6341049e63140395ad445":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"85b241d516b94759c9ef975f557bccea":"":112:"bbf289df539f78c3a912b141da3a":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"85b241d516b94759c9ef975f557bccea":"":112:"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"9769f71c76b5b6c60462a845d2c123ad":"":112:"394b6c631a69be3ed8c90770f3d4":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"9769f71c76b5b6c60462a845d2c123ad":"":112:"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"4b12c6701534098e23e1b4659f684d6f":"":112:"729b31c65d8699c93d741caac8e3":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"4b12c6701534098e23e1b4659f684d6f":"":112:"729b31c65d8699c93d741caac8e3":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":104:"fe1e427bcb15ce026413a0da87":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":104:"fe1e427bcb15ce026413a0da87":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"927ce8a596ed28c85d9cb8e688a829e6":"":104:"3a98f471112a8a646460e8efd0":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"927ce8a596ed28c85d9cb8e688a829e6":"":104:"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"508c55f1726896f5b9f0a7024fe2fad0":"":104:"3b8026268caf599ee677ecfd70":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"508c55f1726896f5b9f0a7024fe2fad0":"":104:"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"b2a7c0d52fc60bacc3d1a94f33087095":"":96:"0a7a36ec128d0deb60869893":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"b2a7c0d52fc60bacc3d1a94f33087095":"":96:"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"1bd17f04d1dc2e447b41665952ad9031":"":96:"01b0a815dc6da3e32851e1fb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"1bd17f04d1dc2e447b41665952ad9031":"":96:"01b0a815dc6da3e32851e1fb":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"5ea9198b860679759357befdbb106b62":"":96:"d58752f66b2cb9bb2bc388eb":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"5ea9198b860679759357befdbb106b62":"":96:"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7474d9b07739001b25baf6867254994e06e54c578508232f":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"3ade6c92fe2dc575c136e3fbbba5c484":"":64:"67c25240b8e39b63":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7474d9b07739001b25baf6867254994e06e54c578508232f":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"3ade6c92fe2dc575c136e3fbbba5c484":"":64:"67c25240b8e39b63":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"41b37c04ab8a80f5a8d9d82a3a444772":"":64:"4ee54d280829e6ef":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"41b37c04ab8a80f5a8d9d82a3a444772":"":64:"4ee54d280829e6ef":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"9af53cf6891a749ab286f5c34238088a":"":64:"6f6f344dd43b0d20":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"9af53cf6891a749ab286f5c34238088a":"":64:"6f6f344dd43b0d20":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"623df5a0922d1e8c883debb2e0e5e0b1":"":32:"14f690d7":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"623df5a0922d1e8c883debb2e0e5e0b1":"":32:"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"9265abe966cb83838d7fd9302938f49d":"":32:"6f6c38bc":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"9265abe966cb83838d7fd9302938f49d":"":32:"6f6c38bc":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"9b3781165e7ff113ecd1d83d1df2366d":"":32:"62f32d4e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"9b3781165e7ff113ecd1d83d1df2366d":"":32:"62f32d4e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":128:"2ddda790aae2ca427f5fb032c29673e6":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":128:"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":128:"bb9ba3a9ac7d63e67bd78d71dc3133b3":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":128:"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":128:"29a2d607b2d2d9c96d093000b401a94f":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":128:"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":120:"0943abb85adee47741540900cc833f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":120:"0943abb85adee47741540900cc833f":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":120:"a93bd682b57e1d1bf4af97e93b8927":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":120:"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":120:"7d9f97c97c3424c79966f5b45af090":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":120:"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":112:"a5100c5e9a16aedf0e1bd8604335":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":112:"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":112:"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":112:"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":112:"4da85b8ec861dd8be54787bb83f1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":112:"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":104:"8781b045a509c4239b9f44624e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":104:"8781b045a509c4239b9f44624e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":104:"2ad4520ddc3b907414d934cc1d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":104:"2ad4520ddc3b907414d934cc1d":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4382507dddccf1385fc831da8924147563416d0656e168ec":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":104:"4221818d4be45306e205813789":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4382507dddccf1385fc831da8924147563416d0656e168ec":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":104:"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":96:"4af02b81b26104d1d31e295a":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":96:"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":96:"b124eea927e2a62a875494a1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":96:"b124eea927e2a62a875494a1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":96:"f536a3b8c333b1aa520d6440":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":96:"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":64:"69e06c72ead69501":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":64:"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":64:"dc4c97fe8cc53350":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":64:"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":64:"44f760787f7bc3c0":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":64:"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":32:"c5098340":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":32:"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":32:"dc413c4c":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":32:"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":32:"e6d6df7a":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":32:"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"":"f1a23ce6e2bc9088a62c887abecd30ae":"":128:"d4d5c22f993c8c610145fcbe4e021687":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"":"f1a23ce6e2bc9088a62c887abecd30ae":"":128:"d4d5c22f993c8c610145fcbe4e021687":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"":"ef221a1c66fda17906190b7c99ab60b8":"":128:"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"":"ef221a1c66fda17906190b7c99ab60b8":"":128:"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"":"7c29b3196d44df78fa514a1967fcd3a6":"":128:"fc123944bbea6c5075a5f987aed9cf99":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"":"7c29b3196d44df78fa514a1967fcd3a6":"":128:"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"":"783f9a3c36b6d0c9fd57c15105316535":"":120:"23e21a803cac5237777014686564f2":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"":"783f9a3c36b6d0c9fd57c15105316535":"":120:"23e21a803cac5237777014686564f2":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"":"2acc2073089a34d4651eee39a262e8ae":"":120:"7ac742c859a02a543b50464c66dcf5":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"":"2acc2073089a34d4651eee39a262e8ae":"":120:"7ac742c859a02a543b50464c66dcf5":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"":"c937615675738f4b3227c799833d1e61":"":120:"88300bd65b12dcb341f1f6d8a15584":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"":"c937615675738f4b3227c799833d1e61":"":120:"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"":"1f939226feab012dabfc2193637d15b1":"":112:"eed5fcb7607c038b354746d91c5b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"":"1f939226feab012dabfc2193637d15b1":"":112:"eed5fcb7607c038b354746d91c5b":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"":"e2076e1050070d468659885ea77e88d0":"":112:"b4586bdbd4b6b899648f2333eee0":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"":"e2076e1050070d468659885ea77e88d0":"":112:"b4586bdbd4b6b899648f2333eee0":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"":"2d07bb8616fc0bbb71755a1bd256e7fb":"":112:"6b60d645220cfde42d88296ac193":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"":"2d07bb8616fc0bbb71755a1bd256e7fb":"":112:"6b60d645220cfde42d88296ac193":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"":"6c31194df99d08881fa5b1dd33b45a92":"":104:"69431593c376c9f8052bf10747":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"":"6c31194df99d08881fa5b1dd33b45a92":"":104:"69431593c376c9f8052bf10747":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"":"73599275f8237f14c4a52b283c07275d":"":104:"6f7249d25c9f273434c4720275":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"":"73599275f8237f14c4a52b283c07275d":"":104:"6f7249d25c9f273434c4720275":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"":"d0871bfc3693245be478e6a257c79efb":"":104:"5a99d59631d0e12f58b7b95ccd":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"":"d0871bfc3693245be478e6a257c79efb":"":104:"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"":"c72bb300b624c27cded863eba56e7587":"":96:"ea2528e7439be2ed0a0d6b2a":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"":"c72bb300b624c27cded863eba56e7587":"":96:"ea2528e7439be2ed0a0d6b2a":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"":"28899601fa95f532b030f11bbeb87011":"":96:"35625638589bb7f6ccdb0222":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"":"28899601fa95f532b030f11bbeb87011":"":96:"35625638589bb7f6ccdb0222":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"":"375d4134e8649367f4db9bdb07aa8594":"":96:"70610bf329683e15ecf8c79f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"":"375d4134e8649367f4db9bdb07aa8594":"":96:"70610bf329683e15ecf8c79f":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"":"9f502fb5ac90ff5f5616dd1fa837387d":"":64:"a4b5138122e1209d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"":"9f502fb5ac90ff5f5616dd1fa837387d":"":64:"a4b5138122e1209d":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"":"2ee96384dd29f8a4c4a6102549a026ab":"":64:"3b33a10189338c3b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"":"2ee96384dd29f8a4c4a6102549a026ab":"":64:"3b33a10189338c3b":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"":"8d97f354564d8185b57f7727626850a0":"":64:"813d2f98a760130c":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"":"8d97f354564d8185b57f7727626850a0":"":64:"813d2f98a760130c":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"":"daf13501a47ee73c0197d8b774eec399":"":32:"a6d108c0":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"":"daf13501a47ee73c0197d8b774eec399":"":32:"a6d108c0":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":32:"a47cdadd":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":32:"a47cdadd":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"":"817199254a912880405c9729d75ed391":"":32:"d81d9b41":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"":"817199254a912880405c9729d75ed391":"":32:"d81d9b41":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":128:"dd153cfd7aa946280660c445f586fa28":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":128:"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":128:"c59231ddaae98e0e8db6b3fe8f4d3427":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":128:"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":128:"2c84bf7a8947ab93b10ae408243b4993":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":128:"2c84bf7a8947ab93b10ae408243b4993":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":120:"e8aac14b53cdbc2028d330fc8d92a7":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":120:"e8aac14b53cdbc2028d330fc8d92a7":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":120:"dc034564d4be7de243ff059b5f9160":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":120:"dc034564d4be7de243ff059b5f9160":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":120:"942b52277e9dc0a30d737d00f5e597":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":120:"942b52277e9dc0a30d737d00f5e597":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":112:"87737873b82586bb29b406946cae":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":112:"87737873b82586bb29b406946cae":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":112:"06f95ca69c222a8985887925b15e":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":112:"06f95ca69c222a8985887925b15e":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":112:"c68842cafc50070799f7c8acd62a":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":112:"c68842cafc50070799f7c8acd62a":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":104:"ec9a79a88a164e1a6253d8312e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":104:"ec9a79a88a164e1a6253d8312e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":104:"9779b7c3ece6c23d5813e243ec":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":104:"9779b7c3ece6c23d5813e243ec":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":104:"ca82448429106009094c21d70b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":104:"ca82448429106009094c21d70b":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":96:"9d1603799e2485a03e7b05a0":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":96:"9d1603799e2485a03e7b05a0":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":96:"05ee6ce13711535864674a5b":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":96:"05ee6ce13711535864674a5b":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":96:"0c9c17388d0610f99d0a093f":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":96:"0c9c17388d0610f99d0a093f":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":64:"1c3bd1e0d4918e36":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":64:"1c3bd1e0d4918e36":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":64:"dab612351f75e2cb":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":64:"dab612351f75e2cb":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":64:"f1d743b7e1b73af5":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":64:"f1d743b7e1b73af5":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":32:"4dc74971":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":32:"4dc74971":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":32:"fb845ab7":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":32:"fb845ab7":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":32:"c840d994":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":32:"c840d994":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"cff291d2364fc06a3a89e867b0e67e56":"":128:"81f1eb568d0af29680518df7378ba3e8":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"cff291d2364fc06a3a89e867b0e67e56":"":128:"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"1c8f41424acaf009996ceaa815b24ad4":"":128:"9f3c0349c5a4a740a82d6d63bf00fb17":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"1c8f41424acaf009996ceaa815b24ad4":"":128:"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"a950ab0dd84115e3829ab0ad3bbb1193":"":128:"25cfde73e7a29115828dfe1617f8b53e":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"a950ab0dd84115e3829ab0ad3bbb1193":"":128:"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"3a2acf69bba19f5d1d1947af2cfda781":"":120:"f826d212f7c1212fb8a8bf23996826":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"3a2acf69bba19f5d1d1947af2cfda781":"":120:"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"3cd95429c6de1d327b9eb3c45424a87c":"":120:"13521236f190f78e75c0897c5fb237":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"3cd95429c6de1d327b9eb3c45424a87c":"":120:"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"bd505fcba464e6e2c58fdf29f5695fb9":"":120:"8510fff71bb879f56ea2fe43f6ff50":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"bd505fcba464e6e2c58fdf29f5695fb9":"":120:"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"776248381941e16908f52d19207881f5":"":112:"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"776248381941e16908f52d19207881f5":"":112:"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"603977845d82faccb401817ecce6e2fe":"":112:"c955a3bc316841be07e406d289c8":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"603977845d82faccb401817ecce6e2fe":"":112:"c955a3bc316841be07e406d289c8":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"4cd56de54e5140a587be7dfd02d3a39e":"":112:"1a29527a41330259f918d99d7509":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"4cd56de54e5140a587be7dfd02d3a39e":"":112:"1a29527a41330259f918d99d7509":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"afe986ead799727063958e2ce13ca846f76c51605439f839":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"f85a95ed10b69623162ab68d1098de94":"":104:"3cf1cdb4a4fdc48da78a8b4e81":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"afe986ead799727063958e2ce13ca846f76c51605439f839":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"f85a95ed10b69623162ab68d1098de94":"":104:"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"537a4ee307af3072e745570aaaadce34":"":104:"df01cffbd3978850e07328e6b8":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"537a4ee307af3072e745570aaaadce34":"":104:"df01cffbd3978850e07328e6b8":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"5124b410c43d875eca6ce298c45994a7":"":104:"56ad9c1653f11a41fd649cccd8":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"5124b410c43d875eca6ce298c45994a7":"":104:"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"ff10234524433b871202c2cca6acb194":"":96:"984943355a7aef15c4fb8033":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"ff10234524433b871202c2cca6acb194":"":96:"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"49da91e926091a448d57d521cc90f3c0":"":96:"99198f55f9fa763651bba58e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"49da91e926091a448d57d521cc90f3c0":"":96:"99198f55f9fa763651bba58e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"b5efb9feae3de41b5ce9aa75583b8d21":"":96:"9604d031fa43dcd0853e641c":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"b5efb9feae3de41b5ce9aa75583b8d21":"":96:"9604d031fa43dcd0853e641c":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"aef257dd44d14d0bc75f9311ef24e85a":"":64:"d951becb0d55f9fb":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"aef257dd44d14d0bc75f9311ef24e85a":"":64:"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c15c9c0b0b70c7321df044bfde2b15fb":"":64:"c5c9851a6bf686d0":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c15c9c0b0b70c7321df044bfde2b15fb":"":64:"c5c9851a6bf686d0":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"0bd64d222532dae8ab63dc299355bf2a":"":64:"3477cad1fd4098b2":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"0bd64d222532dae8ab63dc299355bf2a":"":64:"3477cad1fd4098b2":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"37e3a300542d9caf3975c6429cb8a2e8":"":32:"06bfca29":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"37e3a300542d9caf3975c6429cb8a2e8":"":32:"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"6cba4efc8d4840aa044a92d03d6b4d69":"":32:"92750ac9":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"6cba4efc8d4840aa044a92d03d6b4d69":"":32:"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"4f4636d1b283bfa72c82809eb4f12519":"":32:"16c80a62":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"4f4636d1b283bfa72c82809eb4f12519":"":32:"16c80a62":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87b5372571fb244648053c99405999130f87a7c178052297":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":128:"98177b3428e64bc98631375905c0100f":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87b5372571fb244648053c99405999130f87a7c178052297":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":128:"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":128:"010195091d4e1684029e58439039d91e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":128:"010195091d4e1684029e58439039d91e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":128:"63a310b4f43b421a863fb00fafd7eac4":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":128:"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":120:"28a43253d8b37795433140641e9ffd":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":120:"28a43253d8b37795433140641e9ffd":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":120:"ab738073228bdf1e8fd4430b5c7d79":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":120:"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":120:"d4356cb417953b01f7b1110c8aa3eb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":120:"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":112:"62646fc8bfe38b3ba6d62f9011e3":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":112:"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":112:"6c5f38232e8a43871ab72a3419ad":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":112:"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":112:"3269922affb9d767f5abe041cc8e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":112:"3269922affb9d767f5abe041cc8e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":104:"22c2efeddfd5d9cb528861c4eb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":104:"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":104:"673afea592b2ce16bd058469f1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":104:"673afea592b2ce16bd058469f1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":104:"079e8db9c3e6eddb0335b1cf64":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":104:"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":96:"e5dc92f4ad4000e9b62fb637":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":96:"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":96:"8e8320912fff628f47e92430":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":96:"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":96:"974bd0c4a8cac1563a0e0ce0":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":96:"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":64:"84f1efd34ff84e83":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":64:"84f1efd34ff84e83":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":64:"15d456da7645abf2":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":64:"15d456da7645abf2":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":64:"a1e19ef2f0d4b9f1":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":64:"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":32:"5412f25c":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":32:"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":32:"613ba486":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":32:"613ba486":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":32:"28d730ea":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":32:"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0
AES-GCM Bad IV (AES-192,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
diff --git a/tests/suites/test_suite_gcm.aes256_de.data b/tests/suites/test_suite_gcm.aes256_de.data
index 9696a62..d207212 100644
--- a/tests/suites/test_suite_gcm.aes256_de.data
+++ b/tests/suites/test_suite_gcm.aes256_de.data
@@ -1,674 +1,674 @@
AES-GCM NIST Validation (AES-256,128,0,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"":"3a0324d63a70400490c92e7604a3ba97":"":128:"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"":"3a0324d63a70400490c92e7604a3ba97":"":128:"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"":"7156358b203a44ef173706fdc81900f8":"":128:"9687fb231c4742a74d6bf78c62b8ac53":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"":"7156358b203a44ef173706fdc81900f8":"":128:"9687fb231c4742a74d6bf78c62b8ac53":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"":"4fe6ace582c4e26ce71ee7f756fb7a88":"":128:"d5bdf8ec2896acafb7022708d74646c7":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"":"4fe6ace582c4e26ce71ee7f756fb7a88":"":128:"d5bdf8ec2896acafb7022708d74646c7":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"":"404efd26b665c97ea75437892cf676b6":"":120:"e491075851eec28c723159cc1b2c76":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"":"404efd26b665c97ea75437892cf676b6":"":120:"e491075851eec28c723159cc1b2c76":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"":"4037eadb11249884b6b38b5525ba2df4":"":120:"360c6ef41cbd9cd4a4e649712d2930":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"":"4037eadb11249884b6b38b5525ba2df4":"":120:"360c6ef41cbd9cd4a4e649712d2930":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"":"cebbce06a88852d3bb2978dbe2b5995a":"":120:"bd7ca9f6bd1099cde87c0f0d7cc887":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"":"cebbce06a88852d3bb2978dbe2b5995a":"":120:"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"":"008d040fbd7342464209f330cf56722c":"":112:"c87107585751e666bedae2b1b7e8":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"":"008d040fbd7342464209f330cf56722c":"":112:"c87107585751e666bedae2b1b7e8":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"":"947c5f0432723f2d7b560eca90842df1":"":112:"7d331fedcea0fd1e9e6a84385467":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"":"947c5f0432723f2d7b560eca90842df1":"":112:"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"":"51f639467083377795111d44f7d16592":"":112:"02d31f29e15f60ae3bee1ad7ea65":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"":"51f639467083377795111d44f7d16592":"":112:"02d31f29e15f60ae3bee1ad7ea65":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"":"aea6f8690f865bca9f77a5ff843d2365":"":104:"7f2280776d6cd6802b3c85083c":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"":"aea6f8690f865bca9f77a5ff843d2365":"":104:"7f2280776d6cd6802b3c85083c":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":104:"ea01723a22838ed65ceb80b1cf":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":104:"ea01723a22838ed65ceb80b1cf":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"":"ae07f8c7ac82c4f4c086e04a20db12bc":"":104:"1132e4fff06db51ff135ed9ced":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"":"ae07f8c7ac82c4f4c086e04a20db12bc":"":104:"1132e4fff06db51ff135ed9ced":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"":"929b006eb30d69b49a7f52392d7d3f11":"":96:"33940d330f7c019a57b74f2d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"":"929b006eb30d69b49a7f52392d7d3f11":"":96:"33940d330f7c019a57b74f2d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"":"e34b19381f05693f7606ce043626664d":"":96:"2adc2c45947bfa7faa5c464a":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"":"e34b19381f05693f7606ce043626664d":"":96:"2adc2c45947bfa7faa5c464a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"":"a56f27709e670b85e5917d5c1d5b0cc2":"":96:"177b9a5e6d9731419dd33c5c":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"":"a56f27709e670b85e5917d5c1d5b0cc2":"":96:"177b9a5e6d9731419dd33c5c":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":64:"fe82300adffd8c17":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":64:"fe82300adffd8c17":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"":"1bd9ea6186450f9cd253ccfed2812b1c":"":64:"35214bbc510430e3":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"":"1bd9ea6186450f9cd253ccfed2812b1c":"":64:"35214bbc510430e3":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"":"728cb9608b67a489a382aa677b1f4f5b":"":64:"e2ef5d9cc5791c01":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"":"728cb9608b67a489a382aa677b1f4f5b":"":64:"e2ef5d9cc5791c01":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":32:"0fe57572":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":32:"0fe57572":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"":"7b722fdd43cff20832812f9baf2d6791":"":32:"72dea6cc":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"":"7b722fdd43cff20832812f9baf2d6791":"":32:"72dea6cc":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"":"729baa4c0ef75ed8aae746376b39fe3c":"":32:"2a0d607c":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"":"729baa4c0ef75ed8aae746376b39fe3c":"":32:"2a0d607c":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":128:"c595b9d99414891228c9fa5edb5fcce3":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":128:"c595b9d99414891228c9fa5edb5fcce3":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":128:"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":128:"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":128:"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":128:"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":120:"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":120:"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":120:"a8e29e08623a3efdbbe8b111de30a4":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":120:"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":120:"e3645db0c600dba52044efcecfc331":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":120:"e3645db0c600dba52044efcecfc331":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":112:"c25fc157c3f2474885e2eea48aea":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":112:"c25fc157c3f2474885e2eea48aea":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":112:"4ed91af6340e70b0c2b94ab6f82e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":112:"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":112:"3bcb5c2a4261d75bfa106fb25ee1":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":112:"3bcb5c2a4261d75bfa106fb25ee1":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":104:"0e463806ff34e206f703dd96b3":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":104:"0e463806ff34e206f703dd96b3":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":104:"3f0ccc134091e0c0425887b1b9":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":104:"3f0ccc134091e0c0425887b1b9":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":104:"888b836c9111073924a9b43069":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":104:"888b836c9111073924a9b43069":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":96:"b6044c4d7f59491f68b2c61e":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":96:"b6044c4d7f59491f68b2c61e":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":96:"5c5683e587baf2bd32de3df5":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":96:"5c5683e587baf2bd32de3df5":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":96:"52e10495105799ead991547b":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":96:"52e10495105799ead991547b":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":64:"6ff8fd87e5a31eb6":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":64:"6ff8fd87e5a31eb6":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":64:"49aaa806cb2eeadd":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":64:"49aaa806cb2eeadd":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":64:"a5b71ecf845b25d0":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":64:"a5b71ecf845b25d0":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":32:"e9cdbc52":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":32:"e9cdbc52":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":32:"e35dbac8":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":32:"e35dbac8":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":32:"e7a37f15":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":32:"e7a37f15":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"2fc1afc1395d8409919248709f468496":"":128:"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"2fc1afc1395d8409919248709f468496":"":128:"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"c571ce0e911de5d883dc4a0787483235":"":128:"6d9d3a5dbc8dce385f092fff14bfffda":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"c571ce0e911de5d883dc4a0787483235":"":128:"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"275393276745bc43bae4af1e5d43a31e":"":128:"a82ff1e87d26e4d6e417b60fb2d3ce23":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"275393276745bc43bae4af1e5d43a31e":"":128:"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"47f5264f7a5b65b671892a05fa556f63":"":120:"660462b4088f6628a630f2e4170b21":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"47f5264f7a5b65b671892a05fa556f63":"":120:"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":120:"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":120:"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"4e022d8d86efbd347e8cbab7e979771f":"":120:"e7df79af0aef011299c3b882e3a45b":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"4e022d8d86efbd347e8cbab7e979771f":"":120:"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"7c0f49fb54f5e68c84e81add009284e6":"":112:"b2ec0f3da02a9eb3132fb4ebe3b8":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"7c0f49fb54f5e68c84e81add009284e6":"":112:"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"5cea906737518c2cb901016e30206276":"":112:"3a3a771dd5f31c977e154ef5c73a":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"5cea906737518c2cb901016e30206276":"":112:"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"387ee8c1e7f047e94d06d0322eec02fc":"":112:"62356850d12b54e39872357cfa03":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"387ee8c1e7f047e94d06d0322eec02fc":"":112:"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"d2b277f78e98f1fa16f977ce72ee22a7":"":104:"4c81c044101f458fdfac9ca3b9":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"d2b277f78e98f1fa16f977ce72ee22a7":"":104:"4c81c044101f458fdfac9ca3b9":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"94886a1845aebba5ed6b86f580be47f9":"":104:"4be34ff42085ef4443c8b6042d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"94886a1845aebba5ed6b86f580be47f9":"":104:"4be34ff42085ef4443c8b6042d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"e5ca84b907ac761a5e68a9080da0a88a":"":104:"c8f78e4139dd3eaf2baef8aafb":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"e5ca84b907ac761a5e68a9080da0a88a":"":104:"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"fa549b33b5a43d85f012929a4816297a":"":96:"afa61e843cee615c97de42a7":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"fa549b33b5a43d85f012929a4816297a":"":96:"afa61e843cee615c97de42a7":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"2f8512bb7e214db774a217a4615139e1":"":96:"f1da1cebe00d80eb4e025feb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"2f8512bb7e214db774a217a4615139e1":"":96:"f1da1cebe00d80eb4e025feb":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"3da9af3567d70553ca3a9636f0b26470":"":96:"e1026b3d15d261b2fb47632e":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"3da9af3567d70553ca3a9636f0b26470":"":96:"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"b957f05921d21f2192f587768dc12b4f":"":64:"322374fbb192abbc":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"b957f05921d21f2192f587768dc12b4f":"":64:"322374fbb192abbc":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"31bd7c971a6d330b566567ab19590545":"":64:"efc5a1acf433aaa3":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"31bd7c971a6d330b566567ab19590545":"":64:"efc5a1acf433aaa3":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"2f9c0647a4af7f61ced45f28d45c43f1":"":64:"ab74877a0b223e1c":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"2f9c0647a4af7f61ced45f28d45c43f1":"":64:"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"69d81c73008a6827a692fa636fbab8bb":"":32:"be2dda5c":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"69d81c73008a6827a692fa636fbab8bb":"":32:"be2dda5c":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"e119e166471ecf44bc3a070639619931":"":32:"b2f54b3a":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"e119e166471ecf44bc3a070639619931":"":32:"b2f54b3a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"cf296aa43cb7b328e09c8975e067404e":"":32:"56015c1e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"cf296aa43cb7b328e09c8975e067404e":"":32:"56015c1e":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":128:"72ddd9966ede9b684bc981cbb2113313":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":128:"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":128:"9e8b59b4971130557aa84ec3ac7e4133":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":128:"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":128:"e49beb083a9b008ae97a17e3825692f0":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":128:"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":120:"03cfe6c36c3f54b3188a6ef3866b84":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":120:"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":120:"ffdf56e1c1a7252b88422787536484":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":120:"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":120:"ba61edeb7b8966188854fc7926aad2":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":120:"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":112:"993fc8e7176557ee9eb8dd944691":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":112:"993fc8e7176557ee9eb8dd944691":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":112:"ee6d85d3f3703b45adb4f9b2f155":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":112:"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":112:"92282b022e393924ab9c65b258c2":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":112:"92282b022e393924ab9c65b258c2":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":104:"6154c6799ad7cdc2d89801943a":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":104:"6154c6799ad7cdc2d89801943a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":104:"1d6cd4ab3914e109f22668867f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":104:"1d6cd4ab3914e109f22668867f":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":104:"ca4bfeedcd19d301d3f08cb729":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":104:"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":96:"9e45029f4f13a4767ee05cec":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":96:"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":96:"01a573d8e99c884563310954":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":96:"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":96:"43470bc3d7c573cb3a5230f5":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":96:"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":64:"d8bd7d8773893519":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":64:"d8bd7d8773893519":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":64:"74110471ccd75912":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":64:"74110471ccd75912":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":64:"6fb0b5c83b5212bf":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":64:"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":32:"86acc02f":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":32:"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":32:"30298885":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":32:"30298885":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":32:"1997daa9":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":32:"1997daa9":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"":"7f8368254955e1b6d55b5c64458f3e66":"":128:"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"":"7f8368254955e1b6d55b5c64458f3e66":"":128:"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"":"274367f31ec16601fe87a8e35b7a22dd":"":128:"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"":"274367f31ec16601fe87a8e35b7a22dd":"":128:"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"":"796efaff4f172bef78453d36a237cd36":"":128:"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"":"796efaff4f172bef78453d36a237cd36":"":128:"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"":"45e6b23f8b3feefd4b0ea06880b2c324":"":120:"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"":"45e6b23f8b3feefd4b0ea06880b2c324":"":120:"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"":"548c9c8fcc16416a9d2b35c29f0dacb3":"":120:"3aa21f221266e7773eeba4440d1d01":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"":"548c9c8fcc16416a9d2b35c29f0dacb3":"":120:"3aa21f221266e7773eeba4440d1d01":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"":"a5129e2530f47bcad42fc5774ee09fe7":"":120:"6bb09ed183527c5d5ed46f568af35f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"":"a5129e2530f47bcad42fc5774ee09fe7":"":120:"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":112:"55952a01eee29d8a1734bbdf3f8f":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":112:"55952a01eee29d8a1734bbdf3f8f":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"":"6404b111c6289eefa0d88ed6117bb730":"":112:"637f82e592831531a8e877adfc2c":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"":"6404b111c6289eefa0d88ed6117bb730":"":112:"637f82e592831531a8e877adfc2c":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"":"3b87b08337a82272b192bd067e3245ec":"":112:"1f2dda372f20ffddd9dd4810e05f":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"":"3b87b08337a82272b192bd067e3245ec":"":112:"1f2dda372f20ffddd9dd4810e05f":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"":"58e70095c6f3a0cda2cdc7775e2f383d":"":104:"1763573f7dab8b46bc177e6147":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"":"58e70095c6f3a0cda2cdc7775e2f383d":"":104:"1763573f7dab8b46bc177e6147":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"":"d565c9cdfb5d0a25c4083b51729626bd":"":104:"78738d3e9f5e00b49635ac9a2d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"":"d565c9cdfb5d0a25c4083b51729626bd":"":104:"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":104:"ea7b52490943380ccc902ca5ae":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":104:"ea7b52490943380ccc902ca5ae":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"":"c993c1802df0f075ce92963eb9bff9bd":"":96:"edfab013213591beb53e6419":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"":"c993c1802df0f075ce92963eb9bff9bd":"":96:"edfab013213591beb53e6419":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"":"8f7e1621c2227839da4ea60548290ffa":"":96:"f9da62f59c080160ec30b43d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"":"8f7e1621c2227839da4ea60548290ffa":"":96:"f9da62f59c080160ec30b43d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"":"05d363b2452beff4b47afb052ac3c973":"":96:"6b4a16d1ea1c21b22bdcb235":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"":"05d363b2452beff4b47afb052ac3c973":"":96:"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"":"774f4e70a7577b5101c0c3d019655d3e":"":64:"98ff89a8e28c03fd":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"":"774f4e70a7577b5101c0c3d019655d3e":"":64:"98ff89a8e28c03fd":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"":"99f25cebd6cfa7f41390b42df6a65f48":"":64:"8e14a0a4853a156a":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"":"99f25cebd6cfa7f41390b42df6a65f48":"":64:"8e14a0a4853a156a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"":"c1beff1ff6cdd62339aa21149c4da1e6":"":64:"f998d7c08d609b3a":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"":"c1beff1ff6cdd62339aa21149c4da1e6":"":64:"f998d7c08d609b3a":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"":"88126c350dfc079c569210ee44a0e31a":"":32:"f2ebe5e4":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"":"88126c350dfc079c569210ee44a0e31a":"":32:"f2ebe5e4":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"":"af29fdb96f726c76f76c473c873b9e08":"":32:"13fd6dfd":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"":"af29fdb96f726c76f76c473c873b9e08":"":32:"13fd6dfd":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"":"1552604763453b48a57cea1aed8113f4":"":32:"660c5175":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"":"1552604763453b48a57cea1aed8113f4":"":32:"660c5175":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":128:"6b4b1a84f49befe3897d59ce85598a9f":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":128:"6b4b1a84f49befe3897d59ce85598a9f":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":128:"8faa0ffb91311a1a2827b86fec01788d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":128:"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":128:"2211ca91a809adb8cf55f001745c0563":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":128:"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":120:"2e080ba16011e22a779da1922345c2":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":120:"2e080ba16011e22a779da1922345c2":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":120:"83de3f521fcfdaff902386f359e683":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":120:"83de3f521fcfdaff902386f359e683":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":120:"cd4542b26094a1c8e058648874f06f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":120:"cd4542b26094a1c8e058648874f06f":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":112:"96ca402b16b0f2cd0cdff77935d3":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":112:"96ca402b16b0f2cd0cdff77935d3":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":112:"8233588fca3ad1698d07b25fa3c4":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":112:"8233588fca3ad1698d07b25fa3c4":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":112:"477b0a884d788d1905646bd66084":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":112:"477b0a884d788d1905646bd66084":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":104:"0cb67cec1820339fa0552702dd":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":104:"0cb67cec1820339fa0552702dd":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":104:"08d7cc52d1637db2a43c399310":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":104:"08d7cc52d1637db2a43c399310":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":104:"fbb477dd4b9898a9abc5a45c63":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":104:"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":96:"99230019630647aedebbb24b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":96:"99230019630647aedebbb24b":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":96:"9553b583d4f9a1a8946fe053":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":96:"9553b583d4f9a1a8946fe053":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":96:"44b95a37fab232c2efb11231":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":96:"44b95a37fab232c2efb11231":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":64:"072d4118e70cd5ab":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":64:"072d4118e70cd5ab":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":64:"1bcea0ac2c1a0c73":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":64:"1bcea0ac2c1a0c73":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":64:"faa5c13d899f17ea":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":64:"faa5c13d899f17ea":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":32:"a3958500":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":32:"a3958500":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":32:"50fd1798":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":32:"50fd1798":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":32:"07764143":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":32:"07764143":"":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"5714732145470da1c42452e10cd274b5":"":128:"db85b830a03357f408587410ebafd10d":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"5714732145470da1c42452e10cd274b5":"":128:"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"a714e51e43aecfe2fda8f824ea1dc4b7":"":128:"cd30c3618c10d57e9a4477b4a44c5c36":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"a714e51e43aecfe2fda8f824ea1dc4b7":"":128:"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"91d55cfdcdcd7d735d48100ff82227c3":"":128:"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"91d55cfdcdcd7d735d48100ff82227c3":"":128:"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"19788b2e0bd757947596676436e22df1":"":120:"f26a20bea561004267a0bfbf01674e":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"19788b2e0bd757947596676436e22df1":"":120:"f26a20bea561004267a0bfbf01674e":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"c6b26117d9dbd80c1c242ad41abe2acc":"":120:"61051d6c0801b4a6b6ca0124c019f3":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"c6b26117d9dbd80c1c242ad41abe2acc":"":120:"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"0db3ade15cb0dea98a47d1377e034d63":"":120:"e62f910b6046ba4e934d3cfc6e024c":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"0db3ade15cb0dea98a47d1377e034d63":"":120:"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"83f98eec51ee4cae4cb7fe28b64d1355":"":112:"df47eef69ba2faab887aa8f48e4b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"83f98eec51ee4cae4cb7fe28b64d1355":"":112:"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"2bc0847d46f3d1064bbf8fe8567f54a2":"":112:"5a1bf25aa8d5c3fe5cf1be8e54a1":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"2bc0847d46f3d1064bbf8fe8567f54a2":"":112:"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"b9194a4d42b139f04c29178467955f1d":"":112:"05949d591793ca52e679bfdf64f3":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"b9194a4d42b139f04c29178467955f1d":"":112:"05949d591793ca52e679bfdf64f3":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"6a5335901284dd3b64dc4a7f810bab96":"":104:"04b8e5423aee8c06539f435edd":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"6a5335901284dd3b64dc4a7f810bab96":"":104:"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"fcb962c39e4850efc8ffd43d9cd960a6":"":104:"1d8cdadcf1872fb2b697e82ef6":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"fcb962c39e4850efc8ffd43d9cd960a6":"":104:"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"b4d9248bb500e40de99ca2a13e743f1c":"":104:"090d03446d65adcc0a42387e8e":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"b4d9248bb500e40de99ca2a13e743f1c":"":104:"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"160c50c0621c03fd1572df6ba49f0d1e":"":96:"9fef9becf21901496772996f":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"160c50c0621c03fd1572df6ba49f0d1e":"":96:"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"04885a5846f5f75a760193de7f07853c":"":96:"0c13506ed9f082dd08434342":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"04885a5846f5f75a760193de7f07853c":"":96:"0c13506ed9f082dd08434342":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"0a93b883cbd42998ae2e39aab342cb28":"":96:"5c37918edb7aa65b246fd5a6":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"0a93b883cbd42998ae2e39aab342cb28":"":96:"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"e20957a49a27e247d00379850f934d6c":"":64:"c99751516620bf89":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"e20957a49a27e247d00379850f934d6c":"":64:"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"d533c2170c5dc203512c81c34eff4077":"":64:"167ec8675e7f9e12":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"d533c2170c5dc203512c81c34eff4077":"":64:"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"2e2b31214d61276a54daf2ccb98baa36":"":64:"5266e9c67c252164":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"2e2b31214d61276a54daf2ccb98baa36":"":64:"5266e9c67c252164":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"a8339ba505a14786ad05edfe8cebb8d0":"":32:"df3cab08":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"a8339ba505a14786ad05edfe8cebb8d0":"":32:"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"4f23f04904de76d6decd4bd380ff56b1":"":32:"18e92b96":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"4f23f04904de76d6decd4bd380ff56b1":"":32:"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"531248afdaaf1b86cf34d2394900afd9":"":32:"c6885cdd":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"531248afdaaf1b86cf34d2394900afd9":"":32:"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":128:"94c1b9b70f9c48e7efd40ecab320c2d3":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":128:"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":128:"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":128:"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":128:"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":128:"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":120:"0bae9403888efb4d8ec97df604cd5d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":120:"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":120:"7b334d7af54b916821f6136e977a1f":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":120:"7b334d7af54b916821f6136e977a1f":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":120:"d8ef5438b7cf5dc11209a635ce1095":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":120:"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":112:"a4809e072f93deb7b77c52427095":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":112:"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":112:"e3ede170386e76321a575c095966":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":112:"e3ede170386e76321a575c095966":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":112:"5c43fc4dc959fabeebb188dbf3a5":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":112:"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":104:"75a31347598f09fceeea6736fe":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":104:"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":104:"2eb6eb6d516ed4cf1778b4e378":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":104:"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":104:"83155ebb1a42112dd1c474f37b":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":104:"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":96:"f7930e3fab74a91cb6543e72":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":96:"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":96:"bea660e963b08fc657741bc8":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":96:"bea660e963b08fc657741bc8":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":96:"7859f047f32b51833333accf":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":96:"7859f047f32b51833333accf":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":64:"21309d0351cac45e":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":64:"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":64:"2111d55d96a4d84d":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":64:"2111d55d96a4d84d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":64:"bd6c8823c9005c85":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":64:"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":32:"b1ece9fb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":32:"b1ece9fb":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":32:"cb3f5338":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":32:"cb3f5338":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
depends_on:MBEDTLS_AES_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":32:"3105dddb":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":32:"3105dddb":"FAIL":"":0
AES-GCM Bad IV (AES-256,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
diff --git a/tests/suites/test_suite_gcm.camellia.data b/tests/suites/test_suite_gcm.camellia.data
index 5f739d5..9b71d7c 100644
--- a/tests/suites/test_suite_gcm.camellia.data
+++ b/tests/suites/test_suite_gcm.camellia.data
@@ -72,144 +72,144 @@
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #1 (128-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":128:"f5574acc3148dfcb9015200631024df9":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":128:"f5574acc3148dfcb9015200631024df9":"":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #2 (128-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"defe3e0b5c54c94b4f2a0f5a46f6210d":"000000000000000000000000":"":128:"f672b94d192266c7c8c8dbb427cc989a":"00000000000000000000000000000000":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"defe3e0b5c54c94b4f2a0f5a46f6210d":"000000000000000000000000":"":128:"f672b94d192266c7c8c8dbb427cc989a":"":"00000000000000000000000000000000":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #3 (128-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":"cafebabefacedbaddecaf888":"":128:"86e318012dd8329dc9dae6a170f61b24":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":"cafebabefacedbaddecaf888":"":128:"86e318012dd8329dc9dae6a170f61b24":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #4 (128-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"9f458869431576ea6a095456ec6b8101":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"9f458869431576ea6a095456ec6b8101":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #5 (128-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e86f8f2e730c49d536f00fb5225d28b1":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e86f8f2e730c49d536f00fb5225d28b1":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #6 (128-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"2e582b8417c93f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"ceae5569b2af8641572622731aed3e53":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"2e582b8417c93f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"ceae5569b2af8641572622731aed3e53":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #7 (192-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"ba9ae89fddce4b51131e17c4d65ce587":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"ba9ae89fddce4b51131e17c4d65ce587":"":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #8 (192-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"8f9c0aa2549714c88bb2665e8af86d41":"000000000000000000000000":"":128:"783cff5c5aca7197320658a74279ab37":"00000000000000000000000000000000":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"8f9c0aa2549714c88bb2665e8af86d41":"000000000000000000000000":"":128:"783cff5c5aca7197320658a74279ab37":"":"00000000000000000000000000000000":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #9 (192-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":"cafebabefacedbaddecaf888":"":128:"8d645a0b0e48d3c3b60a014157cb49b4":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":"cafebabefacedbaddecaf888":"":128:"8d645a0b0e48d3c3b60a014157cb49b4":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #10 (192-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"01b15bb5ab6fac0c422014e91eacbf2b":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"01b15bb5ab6fac0c422014e91eacbf2b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #11 (192-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"f876143d933214a5035ff0bb96ff650b":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"f876143d933214a5035ff0bb96ff650b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #12 (192-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4b72e520b2521e63d240ed5c903216fa":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4b72e520b2521e63d240ed5c903216fa":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #13 (256-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"9cdb269b5d293bc5db9c55b057d9b591":"":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"9cdb269b5d293bc5db9c55b057d9b591":"":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #14 (256-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"3d4b2cde666761ba5dfb305178e667fb":"000000000000000000000000":"":128:"284b63bb143c40ce100fb4dea6bb617b":"00000000000000000000000000000000":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"3d4b2cde666761ba5dfb305178e667fb":"000000000000000000000000":"":128:"284b63bb143c40ce100fb4dea6bb617b":"":"00000000000000000000000000000000":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #15 (256-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":"cafebabefacedbaddecaf888":"":128:"c912686270a2b9966415fca3be75c468":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":"cafebabefacedbaddecaf888":"":128:"c912686270a2b9966415fca3be75c468":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #16 (256-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4e4b178d8fe26fdc95e2e7246dd94bec":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4e4b178d8fe26fdc95e2e7246dd94bec":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #17 (256-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e6472b8ebd331bfcc7c0fa63ce094461":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e6472b8ebd331bfcc7c0fa63ce094461":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #18 (256-de)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"5791883f822013f8bd136fc36fb9946b":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"5791883f822013f8bd136fc36fb9946b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #1 (128-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":128:"f5574acc3148dfcb9015200631024df8":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":128:"f5574acc3148dfcb9015200631024df8":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #2 (128-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"defe3e0b5c54c94b4f2a0f5a46f7210d":"000000000000000000000000":"":128:"f672b94d192266c7c8c8dbb427cc989a":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"defe3e0b5c54c94b4f2a0f5a46f7210d":"000000000000000000000000":"":128:"f672b94d192266c7c8c8dbb427cc989a":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #3 (128-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":"cafebabefacedbaddecaf889":"":128:"86e318012dd8329dc9dae6a170f61b24":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":"cafebabefacedbaddecaf889":"":128:"86e318012dd8329dc9dae6a170f61b24":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #4 (128-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"9f458869431576ea6a095456ec6b8100":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"9f458869431576ea6a095456ec6b8100":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #5 (128-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":"cafebabefacedbad":"feedfadedeadbeeffeedfacedeadbeefabaddad2":128:"e86f8f2e730c49d536f00fb5225d28b1":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":"cafebabefacedbad":"feedfadedeadbeeffeedfacedeadbeefabaddad2":128:"e86f8f2e730c49d536f00fb5225d28b1":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #6 (128-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"2e582b8417c83f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"ceae5569b2af8641572622731aed3e53":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"2e582b8417c83f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"ceae5569b2af8641572622731aed3e53":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #7 (192-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"ba9ae89fddce4b51131e17c4d65ce586":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"ba9ae89fddce4b51131e17c4d65ce586":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #8 (192-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"8f9c0aa2549714c88bb2665e8af86d42":"000000000000000000000000":"":128:"783cff5c5aca7197320658a74279ab37":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"8f9c0aa2549714c88bb2665e8af86d42":"000000000000000000000000":"":128:"783cff5c5aca7197320658a74279ab37":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #9 (192-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"ffffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":"cafebabefacedbaddecaf888":"":128:"8d645a0b0e48d3c3b60a014157cb49b4":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"ffffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":"cafebabefacedbaddecaf888":"":128:"8d645a0b0e48d3c3b60a014157cb49b4":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #10 (192-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"11b15bb5ab6fac0c422014e91eacbf2b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"11b15bb5ab6fac0c422014e91eacbf2b":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #11 (192-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad3":128:"f876143d933214a5035ff0bb96ff650b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad3":128:"f876143d933214a5035ff0bb96ff650b":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #12 (192-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a328a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4b72e520b2521e63d240ed5c903216fa":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a328a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4b72e520b2521e63d240ed5c903216fa":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #13 (256-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000001":"":"000000000000000000000000":"":128:"9cdb269b5d293bc5db9c55b057d9b591":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000001":"":"000000000000000000000000":"":128:"9cdb269b5d293bc5db9c55b057d9b591":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #14 (256-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"3d4b2cde666761ba5dfb305178e667fb":"000000000000000000000001":"":128:"284b63bb143c40ce100fb4dea6bb617b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"3d4b2cde666761ba5dfb305178e667fb":"000000000000000000000001":"":128:"284b63bb143c40ce100fb4dea6bb617b":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #15 (256-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4949d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":"cafebabefacedbaddecaf888":"":128:"c912686270a2b9966415fca3be75c468":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4949d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":"cafebabefacedbaddecaf888":"":128:"c912686270a2b9966415fca3be75c468":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #16 (256-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":"cafebabefacedbaddecaf888":"ffedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4e4b178d8fe26fdc95e2e7246dd94bec":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":"cafebabefacedbaddecaf888":"ffedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4e4b178d8fe26fdc95e2e7246dd94bec":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #17 (256-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e6472b8ebd331bfcc7c0fa63ce094462":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e6472b8ebd331bfcc7c0fa63ce094462":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #18 (256-bad)
depends_on:MBEDTLS_CAMELLIA_C
-gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a9f9467308308feffe9928665731c6d6a8f9467308308":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"5791883f822013f8bd136fc36fb9946b":"FAIL":0
+gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a9f9467308308feffe9928665731c6d6a8f9467308308":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"5791883f822013f8bd136fc36fb9946b":"FAIL":"":0
diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function
index 3d0830e..4d3bba1 100644
--- a/tests/suites/test_suite_gcm.function
+++ b/tests/suites/test_suite_gcm.function
@@ -9,41 +9,23 @@
/* BEGIN_CASE */
void gcm_bad_parameters( int cipher_id, int direction,
- char *hex_key_string, char *hex_src_string,
- char *hex_iv_string, char *hex_add_string,
+ data_t *key_str, data_t *src_str,
+ data_t *iv_str, data_t *add_str,
int tag_len_bits, int gcm_result )
{
- unsigned char key_str[128];
- unsigned char src_str[128];
- unsigned char dst_str[257];
- unsigned char iv_str[128];
- unsigned char add_str[128];
- unsigned char tag_str[128];
unsigned char output[128];
unsigned char tag_output[16];
mbedtls_gcm_context ctx;
- unsigned int key_len;
- size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
+ size_t tag_len = tag_len_bits / 8;
mbedtls_gcm_init( &ctx );
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
- memset( dst_str, 0x00, sizeof( dst_str ) );
- memset( iv_str, 0x00, sizeof( iv_str ) );
- memset( add_str, 0x00, sizeof( add_str ) );
- memset( tag_str, 0x00, sizeof( tag_str ) );
memset( output, 0x00, sizeof( output ) );
memset( tag_output, 0x00, sizeof( tag_output ) );
- key_len = unhexify( key_str, hex_key_string );
- pt_len = unhexify( src_str, hex_src_string );
- iv_len = unhexify( iv_str, hex_iv_string );
- add_len = unhexify( add_str, hex_add_string );
-
- TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == 0 );
- TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, direction, pt_len, iv_str, iv_len,
- add_str, add_len, src_str, output, tag_len, tag_output ) == gcm_result );
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+ TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, direction, src_str->len, iv_str->x, iv_str->len,
+ add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == gcm_result );
exit:
mbedtls_gcm_free( &ctx );
@@ -51,49 +33,30 @@
/* END_CASE */
/* BEGIN_CASE */
-void gcm_encrypt_and_tag( int cipher_id,
- char *hex_key_string, char *hex_src_string,
- char *hex_iv_string, char *hex_add_string,
- char *hex_dst_string, int tag_len_bits,
- char *hex_tag_string, int init_result )
+void gcm_encrypt_and_tag( int cipher_id, data_t * key_str,
+ data_t * src_str, data_t * iv_str,
+ data_t * add_str, data_t * hex_dst_string,
+ int tag_len_bits, data_t * hex_tag_string,
+ int init_result )
{
- unsigned char key_str[128];
- unsigned char src_str[128];
- unsigned char dst_str[257];
- unsigned char iv_str[128];
- unsigned char add_str[128];
- unsigned char tag_str[128];
unsigned char output[128];
unsigned char tag_output[16];
mbedtls_gcm_context ctx;
- unsigned int key_len;
- size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
+ size_t tag_len = tag_len_bits / 8;
mbedtls_gcm_init( &ctx );
- memset(key_str, 0x00, 128);
- memset(src_str, 0x00, 128);
- memset(dst_str, 0x00, 257);
- memset(iv_str, 0x00, 128);
- memset(add_str, 0x00, 128);
- memset(tag_str, 0x00, 128);
memset(output, 0x00, 128);
memset(tag_output, 0x00, 16);
- key_len = unhexify( key_str, hex_key_string );
- pt_len = unhexify( src_str, hex_src_string );
- iv_len = unhexify( iv_str, hex_iv_string );
- add_len = unhexify( add_str, hex_add_string );
- TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result );
if( init_result == 0 )
{
- TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, pt_len, iv_str, iv_len, add_str, add_len, src_str, output, tag_len, tag_output ) == 0 );
- hexify( dst_str, output, pt_len );
- hexify( tag_str, tag_output, tag_len );
+ TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
- TEST_ASSERT( strcmp( (char *) tag_str, hex_tag_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
+ TEST_ASSERT( hexcmp( tag_output, hex_tag_string->x, tag_len, hex_tag_string->len ) == 0 );
}
exit:
@@ -102,55 +65,36 @@
/* END_CASE */
/* BEGIN_CASE */
-void gcm_decrypt_and_verify( int cipher_id,
- char *hex_key_string, char *hex_src_string,
- char *hex_iv_string, char *hex_add_string,
- int tag_len_bits, char *hex_tag_string,
- char *pt_result, int init_result )
+void gcm_decrypt_and_verify( int cipher_id, data_t * key_str,
+ data_t * src_str, data_t * iv_str,
+ data_t * add_str, int tag_len_bits,
+ data_t * tag_str, char * result,
+ data_t * pt_result, int init_result )
{
- unsigned char key_str[128];
- unsigned char src_str[128];
- unsigned char dst_str[257];
- unsigned char iv_str[128];
- unsigned char add_str[128];
- unsigned char tag_str[128];
unsigned char output[128];
mbedtls_gcm_context ctx;
- unsigned int key_len;
- size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
int ret;
+ size_t tag_len = tag_len_bits / 8;
mbedtls_gcm_init( &ctx );
- memset(key_str, 0x00, 128);
- memset(src_str, 0x00, 128);
- memset(dst_str, 0x00, 257);
- memset(iv_str, 0x00, 128);
- memset(add_str, 0x00, 128);
- memset(tag_str, 0x00, 128);
memset(output, 0x00, 128);
- key_len = unhexify( key_str, hex_key_string );
- pt_len = unhexify( src_str, hex_src_string );
- iv_len = unhexify( iv_str, hex_iv_string );
- add_len = unhexify( add_str, hex_add_string );
- unhexify( tag_str, hex_tag_string );
- TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result );
if( init_result == 0 )
{
- ret = mbedtls_gcm_auth_decrypt( &ctx, pt_len, iv_str, iv_len, add_str, add_len, tag_str, tag_len, src_str, output );
+ ret = mbedtls_gcm_auth_decrypt( &ctx, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, tag_str->x, tag_len, src_str->x, output );
- if( strcmp( "FAIL", pt_result ) == 0 )
+ if( strcmp( "FAIL", result ) == 0 )
{
TEST_ASSERT( ret == MBEDTLS_ERR_GCM_AUTH_FAILED );
}
else
{
TEST_ASSERT( ret == 0 );
- hexify( dst_str, output, pt_len );
- TEST_ASSERT( strcmp( (char *) dst_str, pt_result ) == 0 );
+ TEST_ASSERT( hexcmp( output, pt_result->x, src_str->len, pt_result->len ) == 0 );
}
}
@@ -160,7 +104,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void gcm_selftest()
+void gcm_selftest( )
{
TEST_ASSERT( mbedtls_gcm_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function
index a413f5e..13bc400 100644
--- a/tests/suites/test_suite_hmac_drbg.function
+++ b/tests/suites/test_suite_hmac_drbg.function
@@ -1,5 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/hmac_drbg.h"
+#include "string.h"
typedef struct
{
@@ -109,7 +110,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void hmac_drbg_seed_file( int md_alg, char *path, int ret )
+void hmac_drbg_seed_file( int md_alg, char * path, int ret )
{
const mbedtls_md_info_t *md_info;
mbedtls_hmac_drbg_context ctx;
@@ -160,59 +161,47 @@
/* END_CASE */
/* BEGIN_CASE */
-void hmac_drbg_no_reseed( int md_alg,
- char *entropy_hex, char *custom_hex,
- char *add1_hex, char *add2_hex,
- char *output_hex )
+void hmac_drbg_no_reseed( int md_alg, data_t * entropy,
+ data_t * custom, data_t * add1,
+ data_t * add2, data_t * output )
{
unsigned char data[1024];
- unsigned char entropy[512];
- unsigned char custom[512];
- unsigned char add1[512];
- unsigned char add2[512];
- unsigned char output[512];
unsigned char my_output[512];
- size_t custom_len, add1_len, add2_len, out_len;
entropy_ctx p_entropy;
const mbedtls_md_info_t *md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
- memset( my_output, 0, sizeof my_output );
- custom_len = unhexify( custom, custom_hex );
- add1_len = unhexify( add1, add1_hex );
- add2_len = unhexify( add2, add2_hex );
- out_len = unhexify( output, output_hex );
- p_entropy.len = unhexify( entropy, entropy_hex );
- p_entropy.p = entropy;
+ p_entropy.p = entropy->x;
+ p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
/* Test the simplified buffer-based variant */
- memcpy( data, entropy, p_entropy.len );
- memcpy( data + p_entropy.len, custom, custom_len );
+ memcpy( data, entropy->x, p_entropy.len );
+ memcpy( data + p_entropy.len, custom->x, custom->len );
TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info,
- data, p_entropy.len + custom_len ) == 0 );
- TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
- add1, add1_len ) == 0 );
- TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
- add2, add2_len ) == 0 );
+ data, p_entropy.len + custom->len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
+ add1->x, add1->len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
+ add2->x, add2->len ) == 0 );
/* clear for second run */
mbedtls_hmac_drbg_free( &ctx );
- TEST_ASSERT( memcmp( my_output, output, out_len ) == 0 );
+ TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 );
/* And now the normal entropy-based variant */
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
- custom, custom_len ) == 0 );
- TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
- add1, add1_len ) == 0 );
- TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
- add2, add2_len ) == 0 );
- TEST_ASSERT( memcmp( my_output, output, out_len ) == 0 );
+ custom->x, custom->len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
+ add1->x, add1->len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
+ add2->x, add2->len ) == 0 );
+ TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 );
exit:
mbedtls_hmac_drbg_free( &ctx );
@@ -220,46 +209,32 @@
/* END_CASE */
/* BEGIN_CASE */
-void hmac_drbg_nopr( int md_alg,
- char *entropy_hex, char *custom_hex,
- char *add1_hex, char *add2_hex, char *add3_hex,
- char *output_hex )
+void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom,
+ data_t * add1, data_t * add2, data_t * add3,
+ data_t * output )
{
- unsigned char entropy[512];
- unsigned char custom[512];
- unsigned char add1[512];
- unsigned char add2[512];
- unsigned char add3[512];
- unsigned char output[512];
unsigned char my_output[512];
- size_t custom_len, add1_len, add2_len, add3_len, out_len;
entropy_ctx p_entropy;
const mbedtls_md_info_t *md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
- memset( my_output, 0, sizeof my_output );
- custom_len = unhexify( custom, custom_hex );
- add1_len = unhexify( add1, add1_hex );
- add2_len = unhexify( add2, add2_hex );
- add3_len = unhexify( add3, add3_hex );
- out_len = unhexify( output, output_hex );
- p_entropy.len = unhexify( entropy, entropy_hex );
- p_entropy.p = entropy;
+ p_entropy.p = entropy->x;
+ p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
- custom, custom_len ) == 0 );
- TEST_ASSERT( mbedtls_hmac_drbg_reseed( &ctx, add1, add1_len ) == 0 );
- TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
- add2, add2_len ) == 0 );
- TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
- add3, add3_len ) == 0 );
+ custom->x, custom->len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_reseed( &ctx, add1->x, add1->len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
+ add2->x, add2->len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
+ add3->x, add3->len ) == 0 );
- TEST_ASSERT( memcmp( my_output, output, out_len ) == 0 );
+ TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 );
exit:
mbedtls_hmac_drbg_free( &ctx );
@@ -267,44 +242,31 @@
/* END_CASE */
/* BEGIN_CASE */
-void hmac_drbg_pr( int md_alg,
- char *entropy_hex, char *custom_hex,
- char *add1_hex, char *add2_hex,
- char *output_hex )
+void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom,
+ data_t * add1, data_t * add2, data_t * output )
{
- unsigned char entropy[512];
- unsigned char custom[512];
- unsigned char add1[512];
- unsigned char add2[512];
- unsigned char output[512];
unsigned char my_output[512];
- size_t custom_len, add1_len, add2_len, out_len;
entropy_ctx p_entropy;
const mbedtls_md_info_t *md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
- memset( my_output, 0, sizeof my_output );
- custom_len = unhexify( custom, custom_hex );
- add1_len = unhexify( add1, add1_hex );
- add2_len = unhexify( add2, add2_hex );
- out_len = unhexify( output, output_hex );
- p_entropy.len = unhexify( entropy, entropy_hex );
- p_entropy.p = entropy;
+ p_entropy.p = entropy->x;
+ p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
- custom, custom_len ) == 0 );
+ custom->x, custom->len ) == 0 );
mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
- TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
- add1, add1_len ) == 0 );
- TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
- add2, add2_len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
+ add1->x, add1->len ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
+ add2->x, add2->len ) == 0 );
- TEST_ASSERT( memcmp( my_output, output, out_len ) == 0 );
+ TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 );
exit:
mbedtls_hmac_drbg_free( &ctx );
@@ -312,7 +274,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void hmac_drbg_selftest( )
+void hmac_drbg_selftest( )
{
TEST_ASSERT( mbedtls_hmac_drbg_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function
index 6ac834e..11cf88a 100644
--- a/tests/suites/test_suite_md.function
+++ b/tests/suites/test_suite_md.function
@@ -8,7 +8,7 @@
*/
/* BEGIN_CASE */
-void mbedtls_md_process( )
+void mbedtls_md_process( )
{
const int *md_type_ptr;
const mbedtls_md_info_t *info;
@@ -40,7 +40,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void md_null_args( )
+void md_null_args( )
{
mbedtls_md_context_t ctx;
const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) );
@@ -103,7 +103,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void md_info( int md_type, char *md_name, int md_size )
+void md_info( int md_type, char * md_name, int md_size )
{
const mbedtls_md_info_t *md_info;
const int *md_type_ptr;
@@ -126,17 +126,16 @@
/* END_CASE */
/* BEGIN_CASE */
-void md_text( char *text_md_name, char *text_src_string, char *hex_hash_string )
+void md_text( char * text_md_name, char * text_src_string,
+ data_t * hex_hash_string )
{
char md_name[100];
unsigned char src_str[1000];
- unsigned char hash_str[1000];
unsigned char output[100];
const mbedtls_md_info_t *md_info = NULL;
memset( md_name, 0x00, 100 );
memset( src_str, 0x00, 1000 );
- memset( hash_str, 0x00, 1000 );
memset( output, 0x00, 100 );
strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 );
@@ -145,47 +144,40 @@
TEST_ASSERT( md_info != NULL );
TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, mbedtls_md_get_size( md_info ), hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE */
-void md_hex( char *text_md_name, char *hex_src_string, char *hex_hash_string )
+void md_hex( char * text_md_name, data_t * src_str,
+ data_t * hex_hash_string )
{
char md_name[100];
- unsigned char src_str[10000];
- unsigned char hash_str[10000];
unsigned char output[100];
- int src_len;
const mbedtls_md_info_t *md_info = NULL;
memset( md_name, 0x00, 100 );
- memset( src_str, 0x00, 10000 );
- memset( hash_str, 0x00, 10000 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
TEST_ASSERT( md_info != NULL );
- src_len = unhexify( src_str, hex_src_string );
- TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, src_len, output ) );
+ TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x,
+ mbedtls_md_get_size( md_info ), hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE */
-void md_text_multi( char *text_md_name, char *text_src_string,
- char *hex_hash_string )
+void md_text_multi( char * text_md_name, char * text_src_string,
+ data_t * hex_hash_string )
{
char md_name[100];
unsigned char src_str[1000];
- unsigned char hash_str[1000];
unsigned char output[100];
int halfway, len;
@@ -197,7 +189,6 @@
memset( md_name, 0x00, 100 );
memset( src_str, 0x00, 1000 );
- memset( hash_str, 0x00, 1000 );
memset( output, 0x00, 100 );
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
@@ -217,17 +208,15 @@
TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str + halfway, len - halfway ) );
TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx, output ) );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x,
+ mbedtls_md_get_size( md_info ), hex_hash_string->len) == 0 );
/* Test clone */
- memset( hash_str, 0x00, 1000 );
memset( output, 0x00, 100 );
TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str + halfway, len - halfway ) );
TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx_copy, output ) );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, mbedtls_md_get_size( md_info ), hex_hash_string->len ) == 0 );
exit:
mbedtls_md_free( &ctx );
@@ -236,23 +225,19 @@
/* END_CASE */
/* BEGIN_CASE */
-void md_hex_multi( char *text_md_name, char *hex_src_string,
- char *hex_hash_string )
+void md_hex_multi( char * text_md_name, data_t * src_str,
+ data_t * hex_hash_string )
{
char md_name[100];
- unsigned char src_str[10000];
- unsigned char hash_str[10000];
unsigned char output[100];
- int src_len, halfway;
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_context_t ctx, ctx_copy;
+ int halfway;
mbedtls_md_init( &ctx );
mbedtls_md_init( &ctx_copy );
memset( md_name, 0x00, 100 );
- memset( src_str, 0x00, 10000 );
- memset( hash_str, 0x00, 10000 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
@@ -261,27 +246,23 @@
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) );
- src_len = unhexify( src_str, hex_src_string );
- halfway = src_len / 2;
+ halfway = src_str->len / 2;
TEST_ASSERT ( 0 == mbedtls_md_starts( &ctx ) );
TEST_ASSERT ( ctx.md_ctx != NULL );
- TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str, halfway ) );
+ TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str->x, halfway ) );
TEST_ASSERT ( 0 == mbedtls_md_clone( &ctx_copy, &ctx ) );
- TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str + halfway, src_len - halfway) );
+ TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str->x + halfway, src_str->len - halfway) );
TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx, output ) );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, mbedtls_md_get_size( md_info ), hex_hash_string->len ) == 0 );
/* Test clone */
- memset( hash_str, 0x00, 10000 );
memset( output, 0x00, 100 );
- TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str + halfway, src_len - halfway ) );
+ TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str->x + halfway, src_str->len - halfway ) );
TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx_copy, output ) );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, mbedtls_md_get_size( md_info ), hex_hash_string->len ) == 0 );
exit:
mbedtls_md_free( &ctx );
@@ -290,56 +271,41 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_md_hmac( char *text_md_name, int trunc_size, char *hex_key_string,
- char *hex_src_string, char *hex_hash_string )
+void mbedtls_md_hmac( char * text_md_name, int trunc_size,
+ data_t * key_str, data_t * src_str,
+ data_t * hex_hash_string )
{
char md_name[100];
- unsigned char src_str[10000];
- unsigned char key_str[10000];
- unsigned char hash_str[10000];
unsigned char output[100];
- int key_len, src_len;
const mbedtls_md_info_t *md_info = NULL;
memset( md_name, 0x00, 100 );
- memset( src_str, 0x00, 10000 );
- memset( key_str, 0x00, 10000 );
- memset( hash_str, 0x00, 10000 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
TEST_ASSERT( md_info != NULL );
- key_len = unhexify( key_str, hex_key_string );
- src_len = unhexify( src_str, hex_src_string );
- TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str, key_len, src_str, src_len, output ) == 0 );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
+ TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 );
- TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, trunc_size, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE */
-void md_hmac_multi( char *text_md_name, int trunc_size, char *hex_key_string,
- char *hex_src_string, char *hex_hash_string )
+void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str,
+ data_t * src_str, data_t * hex_hash_string )
{
char md_name[100];
- unsigned char src_str[10000];
- unsigned char key_str[10000];
- unsigned char hash_str[10000];
unsigned char output[100];
- int key_len, src_len, halfway;
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_context_t ctx;
+ int halfway;
mbedtls_md_init( &ctx );
memset( md_name, 0x00, 100 );
- memset( src_str, 0x00, 10000 );
- memset( key_str, 0x00, 10000 );
- memset( hash_str, 0x00, 10000 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
@@ -347,30 +313,25 @@
TEST_ASSERT( md_info != NULL );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) );
- key_len = unhexify( key_str, hex_key_string );
- src_len = unhexify( src_str, hex_src_string );
- halfway = src_len / 2;
+ halfway = src_str->len / 2;
- TEST_ASSERT ( 0 == mbedtls_md_hmac_starts( &ctx, key_str, key_len ) );
+ TEST_ASSERT ( 0 == mbedtls_md_hmac_starts( &ctx, key_str->x, key_str->len ) );
TEST_ASSERT ( ctx.md_ctx != NULL );
- TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str, halfway ) );
- TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str + halfway, src_len - halfway ) );
+ TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x, halfway ) );
+ TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x + halfway, src_str->len - halfway ) );
TEST_ASSERT ( 0 == mbedtls_md_hmac_finish( &ctx, output ) );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, trunc_size, hex_hash_string->len ) == 0 );
/* Test again, for reset() */
- memset( hash_str, 0x00, 10000 );
memset( output, 0x00, 100 );
TEST_ASSERT ( 0 == mbedtls_md_hmac_reset( &ctx ) );
- TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str, halfway ) );
- TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str + halfway, src_len - halfway ) );
+ TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x, halfway ) );
+ TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x + halfway, src_str->len - halfway ) );
TEST_ASSERT ( 0 == mbedtls_md_hmac_finish( &ctx, output ) );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, trunc_size, hex_hash_string->len ) == 0 );
exit:
mbedtls_md_free( &ctx );
@@ -378,15 +339,14 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void mbedtls_md_file( char *text_md_name, char *filename, char *hex_hash_string )
+void mbedtls_md_file( char * text_md_name, char * filename,
+ data_t * hex_hash_string )
{
char md_name[100];
- unsigned char hash_str[1000];
unsigned char output[100];
const mbedtls_md_info_t *md_info = NULL;
memset( md_name, 0x00, 100 );
- memset( hash_str, 0x00, 1000 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
@@ -394,8 +354,7 @@
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 );
- hexify( hash_str, output, mbedtls_md_get_size( md_info ) );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, mbedtls_md_get_size( md_info ), hex_hash_string->len ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function
index 648a9cc..02004ef 100644
--- a/tests/suites/test_suite_mdx.function
+++ b/tests/suites/test_suite_mdx.function
@@ -6,116 +6,104 @@
/* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_MD2_C */
-void md2_text( char *text_src_string, char *hex_hash_string )
+void md2_text( char * text_src_string, data_t * hex_hash_string )
{
int ret;
unsigned char src_str[100];
- unsigned char hash_str[33];
unsigned char output[16];
memset( src_str, 0x00, sizeof src_str );
- memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
ret = mbedtls_md2_ret( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 ) ;
- hexify( hash_str, output, sizeof output );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, sizeof output, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD4_C */
-void md4_text( char *text_src_string, char *hex_hash_string )
+void md4_text( char * text_src_string, data_t * hex_hash_string )
{
int ret;
unsigned char src_str[100];
- unsigned char hash_str[33];
unsigned char output[16];
memset( src_str, 0x00, sizeof src_str );
- memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
ret = mbedtls_md4_ret( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 );
- hexify( hash_str, output, sizeof output );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, sizeof output, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD5_C */
-void md5_text( char *text_src_string, char *hex_hash_string )
+void md5_text( char * text_src_string, data_t * hex_hash_string )
{
int ret;
unsigned char src_str[100];
- unsigned char hash_str[33];
unsigned char output[16];
memset( src_str, 0x00, sizeof src_str );
- memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
ret = mbedtls_md5_ret( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 );
- hexify( hash_str, output, sizeof output );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, sizeof output, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C */
-void ripemd160_text( char *text_src_string, char *hex_hash_string )
+void ripemd160_text( char * text_src_string, data_t * hex_hash_string )
{
int ret;
unsigned char src_str[100];
- unsigned char hash_str[41];
unsigned char output[20];
memset(src_str, 0x00, sizeof src_str);
- memset(hash_str, 0x00, sizeof hash_str);
memset(output, 0x00, sizeof output);
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
ret = mbedtls_ripemd160_ret( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 );
- hexify( hash_str, output, sizeof output );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, sizeof output, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */
-void md2_selftest()
+void md2_selftest( )
{
TEST_ASSERT( mbedtls_md2_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */
-void md4_selftest()
+void md4_selftest( )
{
TEST_ASSERT( mbedtls_md4_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */
-void md5_selftest()
+void md5_selftest( )
{
TEST_ASSERT( mbedtls_md5_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_SELF_TEST */
-void ripemd160_selftest()
+void ripemd160_selftest( )
{
TEST_ASSERT( mbedtls_ripemd160_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_memory_buffer_alloc.function b/tests/suites/test_suite_memory_buffer_alloc.function
index 09684c1..bc03436 100644
--- a/tests/suites/test_suite_memory_buffer_alloc.function
+++ b/tests/suites/test_suite_memory_buffer_alloc.function
@@ -23,7 +23,7 @@
/* END_SUITE_HELPERS */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void mbedtls_memory_buffer_alloc_self_test( )
+void mbedtls_memory_buffer_alloc_self_test( )
{
TEST_ASSERT( mbedtls_memory_buffer_alloc_self_test( 1 ) == 0 );
}
@@ -31,10 +31,9 @@
/* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */
void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes,
- int d_bytes,
- int free_a, int free_b, int free_c,
- int free_d,
- int e_bytes, int f_bytes )
+ int d_bytes, int free_a, int free_b,
+ int free_c, int free_d, int e_bytes,
+ int f_bytes )
{
unsigned char buf[1024];
unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL, *ptr_d = NULL,
@@ -190,7 +189,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */
-void memory_buffer_alloc_oom_test()
+void memory_buffer_alloc_oom_test( )
{
unsigned char buf[1024];
unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL;
diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data
index c450088..227c472 100644
--- a/tests/suites/test_suite_mpi.data
+++ b/tests/suites/test_suite_mpi.data
@@ -59,7 +59,7 @@
mbedtls_mpi_write_binary:16:"123123123123123123123123123":"0123123123123123123123123123":14:0
Test mbedtls_mpi_write_binary #2 (Buffer too small)
-mbedtls_mpi_write_binary:16:"123123123123123123123123123":"123123123123123123123123123":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+mbedtls_mpi_write_binary:16:"123123123123123123123123123":"23123123123123123123123123":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
Base test mbedtls_mpi_read_file #1
mbedtls_mpi_read_file:10:"data_files/mpi_10":"01f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":0
diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index 6ae27af..4754c6e 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -8,7 +8,7 @@
*/
/* BEGIN_CASE */
-void mpi_null( )
+void mpi_null( )
{
mbedtls_mpi X, Y, Z;
@@ -27,8 +27,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mpi_read_write_string( int radix_X, char *input_X, int radix_A,
- char *input_A, int output_size, int result_read,
+void mpi_read_write_string( int radix_X, char * input_X, int radix_A,
+ char * input_A, int output_size, int result_read,
int result_write )
{
mbedtls_mpi X;
@@ -53,19 +53,16 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_read_binary( char *input_X, int radix_A, char *input_A )
+void mbedtls_mpi_read_binary( data_t * buf, int radix_A, char * input_A )
{
mbedtls_mpi X;
unsigned char str[1000];
- unsigned char buf[1000];
size_t len;
- size_t input_len;
mbedtls_mpi_init( &X );
- input_len = unhexify( buf, input_X );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf, input_len ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, (char *) str, sizeof( str ), &len ) == 0 );
TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
@@ -75,16 +72,15 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_write_binary( int radix_X, char *input_X, char *input_A,
- int output_size, int result )
+void mbedtls_mpi_write_binary( int radix_X, char * input_X,
+ data_t * input_A, int output_size,
+ int result )
{
mbedtls_mpi X;
- unsigned char str[1000];
unsigned char buf[1000];
size_t buflen;
memset( buf, 0x00, 1000 );
- memset( str, 0x00, 1000 );
mbedtls_mpi_init( &X );
@@ -97,9 +93,8 @@
TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == result );
if( result == 0)
{
- hexify( str, buf, buflen );
- TEST_ASSERT( strcasecmp( (char *) str, input_A ) == 0 );
+ TEST_ASSERT( hexcmp( buf, input_A->x, buflen, input_A->len ) == 0 );
}
exit:
@@ -108,18 +103,16 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void mbedtls_mpi_read_file( int radix_X, char *input_file, char *input_A,
- int result )
+void mbedtls_mpi_read_file( int radix_X, char * input_file,
+ data_t * input_A, int result )
{
mbedtls_mpi X;
- unsigned char str[1000];
unsigned char buf[1000];
size_t buflen;
FILE *file;
int ret;
memset( buf, 0x00, 1000 );
- memset( str, 0x00, 1000 );
mbedtls_mpi_init( &X );
@@ -134,9 +127,8 @@
buflen = mbedtls_mpi_size( &X );
TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 );
- hexify( str, buf, buflen );
- TEST_ASSERT( strcasecmp( (char *) str, input_A ) == 0 );
+ TEST_ASSERT( hexcmp( buf, input_A->x, buflen, input_A->len ) == 0 );
}
exit:
@@ -145,8 +137,8 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void mbedtls_mpi_write_file( int radix_X, char *input_X, int output_radix,
- char *output_file )
+void mbedtls_mpi_write_file( int radix_X, char * input_X, int output_radix,
+ char * output_file )
{
mbedtls_mpi X, Y;
FILE *file_out, *file_in;
@@ -176,7 +168,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_get_bit( int radix_X, char *input_X, int pos, int val )
+void mbedtls_mpi_get_bit( int radix_X, char * input_X, int pos, int val )
{
mbedtls_mpi X;
mbedtls_mpi_init( &X );
@@ -189,8 +181,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_set_bit( int radix_X, char *input_X, int pos, int val,
- int radix_Y, char *output_Y, int result )
+void mbedtls_mpi_set_bit( int radix_X, char * input_X, int pos, int val,
+ int radix_Y, char * output_Y, int result )
{
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
@@ -210,7 +202,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_lsb( int radix_X, char *input_X, int nr_bits )
+void mbedtls_mpi_lsb( int radix_X, char * input_X, int nr_bits )
{
mbedtls_mpi X;
mbedtls_mpi_init( &X );
@@ -224,7 +216,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_bitlen( int radix_X, char *input_X, int nr_bits )
+void mbedtls_mpi_bitlen( int radix_X, char * input_X, int nr_bits )
{
mbedtls_mpi X;
mbedtls_mpi_init( &X );
@@ -238,8 +230,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_gcd( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A )
+void mbedtls_mpi_gcd( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi A, X, Y, Z;
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
@@ -270,8 +262,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_cmp_mpi( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int input_A )
+void mbedtls_mpi_cmp_mpi( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int input_A )
{
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
@@ -286,8 +278,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_cmp_abs( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int input_A )
+void mbedtls_mpi_cmp_abs( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int input_A )
{
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
@@ -354,8 +346,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_assign( int x_sign, char *x_str,
- int y_sign, char *y_str )
+void mbedtls_mpi_safe_cond_assign( int x_sign, char * x_str, int y_sign,
+ char * y_str )
{
mbedtls_mpi X, Y, XX;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &XX );
@@ -378,8 +370,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_swap( int x_sign, char *x_str,
- int y_sign, char *y_str )
+void mbedtls_mpi_safe_cond_swap( int x_sign, char * x_str, int y_sign,
+ char * y_str )
{
mbedtls_mpi X, Y, XX, YY;
@@ -409,7 +401,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_swap( int input_X, int input_Y )
+void mbedtls_mpi_swap( int input_X, int input_Y )
{
mbedtls_mpi X, Y, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
@@ -429,8 +421,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_add_mpi( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A )
+void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
@@ -447,7 +439,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_add_mpi_inplace( int radix_X, char *input_X, int radix_A, char *input_A )
+void mbedtls_mpi_add_mpi_inplace( int radix_X, char * input_X, int radix_A,
+ char * input_A )
{
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
@@ -473,8 +466,8 @@
/* BEGIN_CASE */
-void mbedtls_mpi_add_abs( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A )
+void mbedtls_mpi_add_abs( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
@@ -491,8 +484,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mpi_add_abs_add_first( int radix_X, char *input_X, int radix_Y,
- char *input_Y, int radix_A, char *input_A )
+void mpi_add_abs_add_first( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
@@ -509,8 +502,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mpi_add_abs_add_second( int radix_X, char *input_X, int radix_Y,
- char *input_Y, int radix_A, char *input_A )
+void mpi_add_abs_add_second( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
@@ -527,8 +520,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_add_int( int radix_X, char *input_X, int input_Y, int radix_A,
- char *input_A )
+void mbedtls_mpi_add_int( int radix_X, char * input_X, int input_Y,
+ int radix_A, char * input_A )
{
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
@@ -544,8 +537,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_sub_mpi( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A )
+void mbedtls_mpi_sub_mpi( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
@@ -562,8 +555,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_sub_abs( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A, int sub_result )
+void mbedtls_mpi_sub_abs( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A,
+ int sub_result )
{
mbedtls_mpi X, Y, Z, A;
int res;
@@ -584,8 +578,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_sub_int( int radix_X, char *input_X, int input_Y, int radix_A,
- char *input_A )
+void mbedtls_mpi_sub_int( int radix_X, char * input_X, int input_Y,
+ int radix_A, char * input_A )
{
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
@@ -601,8 +595,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_mul_mpi( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A )
+void mbedtls_mpi_mul_mpi( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
@@ -619,8 +613,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_mul_int( int radix_X, char *input_X, int input_Y, int radix_A,
- char *input_A, char *result_comparison )
+void mbedtls_mpi_mul_int( int radix_X, char * input_X, int input_Y,
+ int radix_A, char * input_A,
+ char * result_comparison )
{
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
@@ -641,9 +636,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_div_mpi( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A, int radix_B, char *input_B,
- int div_result )
+void mbedtls_mpi_div_mpi( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A,
+ int radix_B, char * input_B, int div_result )
{
mbedtls_mpi X, Y, Q, R, A, B;
int res;
@@ -669,8 +664,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_div_int( int radix_X, char *input_X, int input_Y, int radix_A,
- char *input_A, int radix_B, char *input_B, int div_result )
+void mbedtls_mpi_div_int( int radix_X, char * input_X, int input_Y,
+ int radix_A, char * input_A, int radix_B,
+ char * input_B, int div_result )
{
mbedtls_mpi X, Q, R, A, B;
int res;
@@ -695,8 +691,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_mod_mpi( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A, int div_result )
+void mbedtls_mpi_mod_mpi( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A,
+ int div_result )
{
mbedtls_mpi X, Y, A;
int res;
@@ -718,8 +715,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_mod_int( int radix_X, char *input_X, int input_Y, int input_A,
- int div_result )
+void mbedtls_mpi_mod_int( int radix_X, char * input_X, int input_Y,
+ int input_A, int div_result )
{
mbedtls_mpi X;
int res;
@@ -740,9 +737,10 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_exp_mod( int radix_A, char *input_A, int radix_E, char *input_E,
- int radix_N, char *input_N, int radix_RR, char *input_RR,
- int radix_X, char *input_X, int div_result )
+void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E,
+ char * input_E, int radix_N, char * input_N,
+ int radix_RR, char * input_RR, int radix_X,
+ char * input_X, int div_result )
{
mbedtls_mpi A, E, N, RR, Z, X;
int res;
@@ -771,8 +769,9 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_inv_mod( int radix_X, char *input_X, int radix_Y, char *input_Y,
- int radix_A, char *input_A, int div_result )
+void mbedtls_mpi_inv_mod( int radix_X, char * input_X, int radix_Y,
+ char * input_Y, int radix_A, char * input_A,
+ int div_result )
{
mbedtls_mpi X, Y, Z, A;
int res;
@@ -794,7 +793,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
-void mbedtls_mpi_is_prime( int radix_X, char *input_X, int div_result )
+void mbedtls_mpi_is_prime( int radix_X, char * input_X, int div_result )
{
mbedtls_mpi X;
int res;
@@ -842,8 +841,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_shift_l( int radix_X, char *input_X, int shift_X, int radix_A,
- char *input_A)
+void mbedtls_mpi_shift_l( int radix_X, char * input_X, int shift_X,
+ int radix_A, char * input_A )
{
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
@@ -859,8 +858,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_shift_r( int radix_X, char *input_X, int shift_X, int radix_A,
- char *input_A )
+void mbedtls_mpi_shift_r( int radix_X, char * input_X, int shift_X,
+ int radix_A, char * input_A )
{
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
@@ -876,7 +875,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void mpi_selftest()
+void mpi_selftest( )
{
TEST_ASSERT( mbedtls_mpi_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_nist_kw.data b/tests/suites/test_suite_nist_kw.data
new file mode 100644
index 0000000..4462558
--- /dev/null
+++ b/tests/suites/test_suite_nist_kw.data
@@ -0,0 +1,483 @@
+NIST KW self test
+mbedtls_nist_kw_self_test:
+
+NIST KW mix contexts and modes
+mbedtls_nist_kw_mix_contexts:
+
+NIST KW init #1 wrapping AES-128: OK
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_AES:128:1:0
+
+NIST KW init #2 unwrapping AES-128: OK
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_AES:128:1:0
+
+NIST KW init #3 CAMELLIA-256: unsupported cipher
+depends_on:MBEDTLS_CAMELLIA_C
+mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_CAMELLIA:256:0:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
+
+NIST KW init #4 AES-224: bad key size
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_AES:224:1:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW init #5 BLOWFISH-128: bad cipher
+depends_on:MBEDTLS_BLOWFISH_C
+mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_BLOWFISH:128:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #1 KW plaintext OK (2 to 2^54 - 1 semiblocks)
+nist_kw_plaintext_lengths:16:24:MBEDTLS_KW_MODE_KW:0
+
+NIST KW lengths #2 KWP plaintext OK (1 to 2^32 - 1 octets)
+nist_kw_plaintext_lengths:5:16:MBEDTLS_KW_MODE_KWP:0
+
+NIST KW lengths #3 KW ciphertext OK (3 to 2^54 semiblocks)
+nist_kw_ciphertext_lengths:32:24:MBEDTLS_KW_MODE_KW:0
+
+NIST KW lengths #4 KWP ciphertext OK (2 to 2^29 semiblocks)
+nist_kw_ciphertext_lengths:24:16:MBEDTLS_KW_MODE_KWP:0
+
+NIST KW lengths #5 KW plaintext too short (2 to 2^54 - 1 semiblocks)
+nist_kw_plaintext_lengths:5:13:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #6 KWP plaintext too short (1 to 2^32 - 1 octets)
+nist_kw_plaintext_lengths:0:8:MBEDTLS_KW_MODE_KWP:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #8 KW ciphertext too short (3 to 2^54 semiblocks)
+nist_kw_ciphertext_lengths:16:8:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #9 KWP ciphertext too short (2 to 2^29 semiblocks)
+nist_kw_ciphertext_lengths:8:8:MBEDTLS_KW_MODE_KWP:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #10 KW plaintext not a multiple of semiblocks.
+nist_kw_plaintext_lengths:21:29:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #11 KW ciphertext not a multiple of semiblocks.
+nist_kw_ciphertext_lengths:34:26:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #12 KWP ciphertext not a multiple of semiblocks.
+nist_kw_ciphertext_lengths:30:22:MBEDTLS_KW_MODE_KWP:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #13 KW wrapping output buffer too short
+nist_kw_plaintext_lengths:16:16:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #14 KWP wrapping output buffer too short
+nist_kw_plaintext_lengths:5:10:MBEDTLS_KW_MODE_KWP:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #15 KW unwrapping output buffer too short
+nist_kw_ciphertext_lengths:32:16:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #16 KWP unwrapping output buffer too short
+nist_kw_ciphertext_lengths:24:12:MBEDTLS_KW_MODE_KWP:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #17 KW plaintext NULL (2 to 2^54 - 1 semiblocks)
+nist_kw_plaintext_lengths:0:8:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #18 KW wrapping output NULL
+nist_kw_plaintext_lengths:8:0:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #19 KWP wrapping output NULL
+nist_kw_plaintext_lengths:8:0:MBEDTLS_KW_MODE_KWP:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #20 KW ciphertext NULL
+nist_kw_ciphertext_lengths:0:8:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #21 KWP ciphertext NULL
+nist_kw_ciphertext_lengths:0:8:MBEDTLS_KW_MODE_KWP:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #15 KW unwrapping output NULL
+nist_kw_ciphertext_lengths:32:0:MBEDTLS_KW_MODE_KW:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW lengths #16 KWP unwrapping output NULL
+nist_kw_ciphertext_lengths:24:0:MBEDTLS_KW_MODE_KWP:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+NIST KW wrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 128 count 7
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"095e293f31e317ba6861114b95c90792":"64349d506ae85ecd84459c7a5c423f55":"97de4425572274bd7fb2d6688d5afd4454d992348d42a643"
+
+NIST KW wrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 256 count 11
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"ca8f6c56a9c9300549e9eae75a4604b8":"1542b8662136245162c64d45af1a982302f69f1d01a1a6bc29ef8facafbeaea0":"4d340c10bbbddf5b2014ded264bffce49901bd22adaee074b0f25a2d19c134eb3c7f38c5d0444766"
+
+NIST KW wrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 192 count 8
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"b4902b13ea73f17829b4e334fb359ec4":"2073399c7794c8b73dd782dc250dab31c80a8cba33477ab2":"37eda4eec3096135f5193c37bdeaf498b71e3a205c5638682fe746f236566b11"
+
+NIST KW wrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 320 count 14
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"579448a3d638f093742ae6b24d729849":"464d3162469899955d8bc8bfc0a22555bce609b2415bedf17a942abfe96ad4e124d4a832fbcff49f":"dadd1440a06946eabddf18e784b7719d36caa33cb626aa03aca057585584ea07a8714ecb90ceb232d6b0760845105fbb"
+
+NIST KW wrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"98311985c4661d7e811ee56070e6fecf":"18840c96813864ef3093b48cdde6ac5d78248b96d4a2cd1f15f0b56f98213dbf87e1ccad04e0d4f1954c233ea3e48fdad8f2b1156e54e19e3b5f4a66d2e9149032b876c51249165fe8c28e112a685b2d228a8ac308017574274af36a4ea3877bcc9850bafe8fc0e0a712faca0dea98396f9143bc5819fe4933a806e9b965133e3c695a45f0fbd6961798c400d7477287df64798b651e0d3009c13f7a2246c28f983509b9e5339919f2cdffcdfc550693cba9491c00334c4a62d878c4d0ca57b1104bc0174968ea8e3730b9e68db49678b23cd508ebe3e12e94b0ad3791023a8ef95473f0b32f906738f34e94e45a4480ad768072e1853adb63996b9ac27a1dade70804b82290a2274c6dcc3ccd40a8b38a56a5eb03f59075de015e8f9096f53549f6374e02da947fb849287a447f757cc340b6bded71d480988b6d2fcd984fba841470519830304667fef0a577b4cf84f76aef9deb84dde36abfbd76673c17113dbea7a3e24bf9b57a8fd17173a1ef91497b732b3fa8889bed58a503a0d3e20bc27ec4dbf5d13a93cbad05495e3df15e1fe34a3a6d6f648ea4aa60b2f114f30944ae593675dac2db188f90a3c483fb82cec0f0d295544d798b62cdcb51c6c036af1a341d78babf87b92609c1d866e311a46abccc8ba8c6a41420359bb061d7e752c0ed25990eef57c9f9e190572203f8c473edf8cfc8c26d34e37240f45ded97":"625aea9122b7b57b9f36446f9053acc42c6435a7f69d91b41547026f833291d488e477c7ccba698c143633a304f463d6af4a3e72c189234fcfc360013e65b07b7f7a36c529d3fdbbdbd6224bf100c14bc5354893b44790f54c739a2b1f5bda82d70fb600ed9b0606dbddea52e508b492b72d8779856274aaaaddc0a3edb6cfc788b603101bedfcc3f44baa62336bd950c2e349d5daf04f2e23ec2628893d214e277569c565e5e6aa8b72ffa14118a3b57f814b4deb179980b5eeefa4fd93f1751850466e929be537801babc2120f3ff1ffe5fea813ec7788eaf43f5ef657e5af48395c3ad11aaf741549090b58670695f7c95c68e00576ca18ef0313f2b4b757219fc8db3dc2db28721d6f912547ebfebcd96935c3100aa4e4df9955acae1b4e2c10df1166d46c4285ab631c6d2ce58ad3ae99c07c019dcd15958694055281ccd6f803af290431f188cc4c429e84a4c30fd9c63968dfd0951c417efb71921c207de172a9546bdd3e2bb35b45e140892c649f88c31a438f864e801a69f8010aa3d77a26601a7a89067c81b0f7e70d8e82f21f88c7d0bb0c8ca0db875d6c3f8c6f6d709bbb31c7da2e31f3571daa2c5ab13bfc16624cf35abd526e84269fb45bbd2fcd8c383d6fbb700bc4b5205b3ef8c4323dc0d9e0370e56a3d1e5e76aa4de082e4c2a0afd092845bd5dab52a45943181461b76e3984b95f48bea80a94944241d04b5634c86274e7"
+
+NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 128 count 7
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"13df8fa68a6e096b9b5bbaebb64ace2e6a05485b5cb7e43f":"3ee9367f631fb375ba47241966ad4ab8":"d0309b1291a06c595fcaa6dcf97817dbd7b7ad2cf48ddec2"
+
+NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 256 count 11
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"17c25023ac76a8af777a6f71c0c0f97931554b0a15a79222":"15227ef52412346e83a18c54a75374f69a24de6a07cfba9082596eeb5d758bb0":"0f8e2fe4f3a28c1fcebf20fef2bfd3489deb284e03d057337496285f4ffe62f074bafa0a0a6e44e4"
+
+NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 192 count 8
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"49d1c4ec51f2695ad7e47554efd24170ab03f628eba7d5fb":"8bf961097a6fa75694cf0ea47cfda23928fc433d5fc762e6":"dc72c58faca0dd662e5fefd05cd714987cc2470219db77baf779fca865f31529"
+
+NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 320 count 14
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e06ebf0145b178ea45687abe366fdec559877dbc9300a653":"f0104e9546628d801c4f7e875f1ca4f385e915b0c7bd52ed158b6b42d7301f1df6dd5bfc80d0318a":"5b4b1d4ef349fcf5eb7d720d84b2e79fbabf3db18277ada0752b9883c21f0e24281854420e6751af8fbcc4b98be0c1d7"
+
+NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"932ed6ee1db1c4cf7fd81efce5609641cb5f3409563089dc":"da8dd9c1dc8cbf95b0fa280747c1007ecb086b7c944b0db4dfa3bdf6ed0c9725901cb838c2e30131250188c22bd92b068aa0871ce58a0c22307671612fc4884a655329851d54afd48a9d3a7f97976850d6fd842034548aee67df1272b06f155eb21966858731c3c35d4bb94a1ea351ef5a8c4779c077d648ec1c4f27cfaa48f47541a8f36831e35a961b076307bea928e1856e448d7695a0f7fbcd8c82800d12f530c2086f3b67bc5081d384010b47d327120def5c92f815aaae31d32893cdd18a71ba4e208445ff3a2f68a0a46689458b0f2d6d9cd3726284e56b4c020b97a82d4463f74098cfd7bd7a5f12157a0bc812266b8f2c215933cb67518f900602f0825538e05765318b6d31150007e410b92d5d957e119c5d94aadba193cf6da230387b1c5e6448515f9789a8867571ea82ad34dc5b912d6cd243bd4fc2f19d132bd8f1f5cef00a141e30ec4d3f7a546a215d5b0c7e70c3b0ec4fc34b66c4170bf403ef910dd3897caef33405827a55f943904c4e1b1aee4cc3ffd0ad27e316c164e2b5bbcf73df60d8859201b6602be01ba638aff468f3136120c117ca848ae161ecafade668e2d04b227437d4b91c6fc40ebd9490f211bcd21fd7005d200ef584f37aa2c4c769174551cec0d7f2936ae78f6c389382212703d0e7c82aef1a736056ed9c45e71439731537a2edb8a63741825c678a11c42e5b2281b43e203b0523":"76b6772984932bb6314d1eab8f625e044920f9494789e9a0ac2affd9a209cabb72ee83331a30472934e02ef28697d541a071eff9eb5c7dd49862f11384d46e8f4c2ddb084e76ef382117a285993e4a9f89e1e0ba6612f63b3c8a54784f940d7e6baf12cb67d27038e91d1ad4feceb5bc44daf7444f76fd140ec7a94869b4f99b9fcf6dd68e78c6a0a4794d55a1c91756ceb9d28b43d9c72b26fafc25c71e63dc175b29282d4a70813b833c35354983f29796909a9ba515cc5c37c58e95aa6f35b850500ea933b27a5922188c2da64680362602d71d169f853af0564b53bc613c15772ed82f89c2f8625670179a83536972332509e7ae4e0726271c5381501d3d88a3cc34a56d80e3e553b9b595e358615e92f361d695837734cdaddd7068c441b310aa511407b53806f1fed984a73862ea2ded1ee67d14feb5d8661ed94a62f5768829d6feea30db392bf24f0ea103fd2a60acf1fcd4bb2465641712113375bc2c8d73650795689f9061608b65e0e608f9948f5efcc0fba62c50b8cd97f67df2b0eec4f5a0cd354e982ae6a62070f4127b6556714bb2267d558112638f10c78be201ba165e57ac9cab6f3e35a762b7fe83b3c7c050b77174a4bf14eb2cac4d6d58a94f0c02727ad020a6a05d9ed145151d4f1ed41d5a6d06c50c0e1d5c24d09100d4f06c50d06a332a95845f4192ef577dc484e7acb91f0b2a57c1f8bef97c23294c59099eea13b3"
+
+NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 128 count 7
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e823c6ef53b110eeb3f178871cf436887cca9df061d1f26409ec3b410033d967":"f90c279e9e6423804a6505e8effd924c":"0abb50b222af66058646156d106df7c85c28b708395eb9dd"
+
+NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 256 count 11
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e5cca71056548467bc9c2849aba67cfe0fd74c44d514535d2314022a3f3e6ec8":"326b6da4dce95c94226b63c2d38c4e005c566191b00028b59cc788e0af5261cc":"2a4f331f451589fd103d9a9cbbeae5d5f5be7acf15aa6e21c45e09362263cf34b0ccab7c8a28dfed"
+
+NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 192 count 8
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"6a077f95496aba1bb80831280e7563f3a187e6d014342028349f766b791108ce":"a77b3ddac0e78c9176b7445f9ec349b2d85aa2f57e6cb362":"7c065be0a2173e0f14a3418779e7f3eb6eb7fbb7a3c20fd6c08b37d408bd9423"
+
+NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 320 count 14
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"752b21422647f1006de116360e88e2f6601eeb5aafd27cba56c20193fc1b941a":"a5948c20bc611187d688cb03caa04fb17774aa4f99ae3da5d821bcccfae950d72ca74b3a870008aa":"d71109224edc4233db8819aaca4db9c61ab5aad2806d0e985f1830acd8adde23ce75046b2057e0a23dec7a053bac6c4c"
+
+NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"931bf2c55eac657ae56fc0a9505a6ea7cc9af5162d844ccf01f19debfad09cbe":"aa8074a195abd88930825b947cbf3cca9810eb829d2e7a09f9e9cb1f8271986d00c5be478150fbbe990de8c61af879495274a60d83f98cfecb2473a35d86fba6ce839d259ede318a362e7abc1f8a18168606d5e680f456f1ca19942e67e5aee382536df7c28204b7842b99023336b735a861cf28363e7773d7b0bcf32b5fab14cb524249863fd7ce49a7a7882b53728f7ecd020393852494df09d9a69189ea713e730e002252af18864b948a642d7c0fb17b0cd5671f14ae340fb0e83b4bda920445927b8de8a82ac93158edbbd57fddcc1d908688770a07c27d2bdb7151d986e85cdf1606b0c1c959542e75090d8fdce9c2a9c162e6fd988746c9bc916ff3f20f054690173d143212b74c5a8961cd46663958744ca1334f6c1dfc13fa83c0a9cc229a1030c6c84d01751ffef54d0f9edb2a4851a187d02f097a5c716f8fbae29eae76738239516ed08c14f24f9378451e9e696742a4bcdd9e0ecba49fd05eb93698afaa1b0d5558521c7b4e77b15ca2612619bbd78f670a1562a9a0a0215fe64211115e60476525444b351a4f8ff5551dd198655423f3fcfb5967c4f77e25d3911504de1d034176d3ccecaeb31bd29677c7569c858ea24d7017ce0b31f1911f4fa14b2afa429c06115bc285ea8b90bbedbcc63f5f0829dddcb17e8f9d21bd71501679e514147e1957ccf986e7e96a0e63ded70a9d017162658a901f55b1001d":"6b75fa8070291ef7c89f5cc2060c56270f5077a6df65a8095cc76b717167e67af70dcce96de4aa32293c17d0812f666e1f42e7e662cef7a3148486d2be7f314631ed6606f326e9781c3ed6be1735bef8cd5d3ac7d2b45c4419ea61462baccc0ff87b83b9b6cc85278c0b20bc15e6baa0a15eedd9e99df82c8e61476529c98aebbc9d40d417f9af26e6da5d115acdd6007d83206c616a39fbe21c6331cc45af11c578532a7cac50aaba21f3cf317534564c2ee093ef127484aea62c7a90327fe9bbe8e45627974306d8cc7452e96033f0c8c30ba2d7fb644796a49c9b502d3db7d4995f920fe21962fd2b634c15be0d82e9cf0ae3fd2b6d45524e1003ab9788ee56cff3e2e62c5784061a5ff586b5907098b8ab54bb70fbc6cb066b071fedce10e013014d82162e3cc6f9be3b4067555907a4df55012a9b1001888c55dd94b4f8528bb29e7985ecb8a7958fc8559831db05002479b1f39e5de3659f3a6e8289d9b8ff4eaa3f864b1ea101d84b4c6138aa6ffb95dea4f825d23f5d368727ca0a8cacb74f7bfd70fccbc951db99f2f4a580425c31a8552fa27397cf8b7f420f13fdcddca553a5f31d8645615b98a88795fb4472bc7cd6e8e54707d7be1f3dd7d4871725f6bc0e65762f1e42e22c411fee6dfd8139068798c7ae9781c8e5bcf4732a83f9142edce36e1ee6e20142adf46c5abaea0ca78f61e16b6875927d4141f6b215da1f48748bd33c"
+
+NIST KWP wrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 8 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"d060e5faa705b6c600ecfcd5252bbfba":"3d":"28ccc6da03cd79b78c7207946fcee402"
+
+NIST KWP wrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"663ee3d40628059fe01a9766d5c1c31f":"1c6ccd67438f20de":"c2717ed6e51bb4314388cd26464f4d18"
+
+NIST KWP wrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"7865e20f3c21659ab4690b629cdf3cc4":"bd6843d420378dc896":"41eca956d4aa047eb5cf4efe659661e74db6f8c564e23500"
+
+NIST KWP wrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 248 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"02a92285d0baa874ac94f6648988d44f":"6ac78aff505805e3145fac44eaeb6ac92945ca12d9bc0b6fee8b1e5b983f37":"18b251cf54d2a51ac903af2fd008f6aa2b1bf491fa2e0458dba272866821e98ad037eae4af654811"
+
+NIST KWP wrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"6b8ba9cc9b31068ba175abfcc60c1338":"8af887c58dfbc38ee0423eefcc0e032dcc79dd116638ca65ad75dca2a2459f13934dbe61a62cb26d8bbddbabf9bf52bbe137ef1d3e30eacf0fe456ec808d6798dc29fe54fa1f784aa3c11cf39405009581d3f1d596843813a6685e503fac8535e0c06ecca8561b6a1f22c578eefb691912be2e1667946101ae8c3501e6c66eb17e14f2608c9ce6fbab4a1597ed49ccb3930b1060f98c97d8dc4ce81e35279c4d30d1bf86c9b919a3ce4f0109e77929e58c4c3aeb5de1ec5e0afa38ae896df9121c72c255141f2f5c9a51be5072547cf8a3b067404e62f9615a02479cf8c202e7feb2e258314e0ebe62878a5c4ecd4e9df7dab2e1fa9a7b532c2169acedb7998d5cd8a7118848ce7ee9fb2f68e28c2b279ddc064db70ad73c6dbe10c5e1c56a709c1407f93a727cce1075103a4009ae2f7731b7d71756eee119b828ef4ed61eff164935532a94fa8fe62dc2e22cf20f168ae65f4b6785286c253f365f29453a479dc2824b8bdabd962da3b76ae9c8a720155e158fe389c8cc7fa6ad522c951b5c236bf964b5b1bfb098a39835759b95404b72b17f7dbcda936177ae059269f41ecdac81a49f5bbfd2e801392a043ef06873550a67fcbc039f0b5d30ce490baa979dbbaf9e53d45d7e2dff26b2f7e6628ded694217a39f454b288e7906b79faf4a407a7d207646f93096a157f0d1dca05a7f92e318fc1ff62ce2de7f129b187053":"aea19443d7f8ad7d4501c1ecadc6b5e3f1c23c29eca608905f9cabdd46e34a55e1f7ac8308e75c903675982bda99173a2ba57d2ccf2e01a02589f89dfd4b3c7fd229ec91c9d0c46ea5dee3c048cd4611bfeadc9bf26daa1e02cb72e222cf3dab120dd1e8c2dd9bd58bbefa5d14526abd1e8d2170a6ba8283c243ec2fd5ef07030b1ef5f69f9620e4b17a3639341005887b9ffc793533594703e5dcae67bd0ce7a3c98ca65815a4d067f27e6e66d6636cebb789732566a52ac3970e14c37310dc2fcee0e739a16291029fd2b4d534e30445474b26711a8b3e1ee3cc88b09e8b1745b6cc0f067624ecb232db750b01fe5457fdea77b251b10fe95d3eeedb083bdf109c41dba26cc9654f787bf95735ff07070b175cea8b62302e6087b91a0415474605691099f1a9e2b626c4b3bb7aeb8ead9922bc3617cb427c669b88be5f98aea7edb8b0063bec80af4c081f89778d7c7242ddae88e8d3aff1f80e575e1aab4a5d115bc27636fd14d19bc59433f697635ecd870d17e7f5b004dee4001cddc34ab6e377eeb3fb08e9476970765105d93e4558fe3d4fc6fe053aab9c6cf032f1116e70c2d65f7c8cdeb6ad63ac4291f93d467ebbb29ead265c05ac684d20a6bef09b71830f717e08bcb4f9d3773bec928f66eeb64dc451e958e357ebbfef5a342df28707ac4b8e3e8c854e8d691cb92e87c0d57558e44cd754424865c229c9e1abb28e003b6819400b"
+
+NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 8 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"959b4595778d7b860e08fcb5e24b11f118fd5d67089f2ea4":"65":"1cf986a0fb2208977c37a4c3830eba72"
+
+NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"02dfb6662e0c1b95d34aaba7eb6c1fdd41c52b89213d5b18":"27361c34c2601fe6":"089f835f3210734aa1a2282c6ff30ef9"
+
+NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"9464f1af6aabad076661328bcfd15777da16a288a2660009":"431527c3a644c106bb":"d9b257b400d808a0b0386af3be9154fc7f2fb2d7edc06201"
+
+NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 248 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"df419ca84650ef28a1c5d1cb47917e4480a3aca4bd29dd5e":"3d84df372bc0b854c058441e952738ec79474b673c94e32dc78d23745fb5e7":"497e966414475938204c3b3d606d5160461c54dfdfe903b6624208d7cfc90bb403f384bfd54d1ed2"
+
+NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"a85b4359ebd240012ec749459bc928eaa52c84e887ababb9":"9db71e2a2d40f6fcc1b8311167ae13fb101bdf7b5c4e078373c0c3cb3f3a3ca39a91a6985d3fdd48d93f2b5a09b2a69350da2846ce6a37d018dda95ddac93a92fda7b7c3bb6518dd78f367f70e34e0bf19dbba46fd13d3f3e0a1776350f27138c64b177aa39c54dc06184b320016b6305c2dea19fa6da634cd613d5a4f71bc045f555a1ccee39b8f1ab90840b5bae555932e08719bf38f72bc1057875e8c077a70629f46be91281b977ed6f2a71171a7cbaf8e0566e55da6220a85a7655758de3b372144ef76d0337d3133004c0db096b2c41f524f95706247a331d08a6ff72b425395fee8e1ad308ccfe5b0525c40803e529db72063731fe1644891bdc0d5961397006e1f5d6521ad4e5aee3544da101fd3cf6bcf879220a612b7016e5eefe7369f136086e8f5109ae83e8687519f2008406d20992b64ba1d27b436ea5db1fd734340f3b2279e026a96e3f9c5c7b99553e35ada9e1d7d708a73774718f9b7073c0889a298f212d47ff5960e04743070338f99b11687396da2120b8f132535c0911b04505c0e6c32590c82bf59486fadfbdc0f16a224b2f52082eb66201f041d64b34809e5e91cda89d80d78fe1e15862bcf84f65a301ae68d097c9be09f3411c11cf83225733dbc9306ad2630eb7994a0d112ba83dc542966414137fd008fbb7995f649edf844fe5ee86b94acade1a04f42dae21928b9b0cdde8cc66095772d":"72880f9f173f0ef4d99e3ae71f6f3b94f66a08aaa22be1d206faf431718c1a29bd0a574b1a28b69f0e64d56d3e43617dc73506a939b7de9005ef0ee3f02b9265e91a32aaec58b7ab990f39774f6769c9be9ced3339f6bf0159055abe237c4c755613a6c03271abea3bc89527f284a3e1557ae26b3910b779a77a128e773d11d7d641479d02f4888c989cbb8d928da0136b965531730a3c0c32404351f4c2390d996dff58985ed1d4f4021a5d6ccedf4555066a826a04055cdf8c9c44bdae26619390b3e22b064f86b28382094a3e299d55ab335ade601699e85f19d6f6f12407caf84ad47f03d75198691f1a9b2aa9ed95e508d8551b19601418922f3289fc1efc3abb1ebc2f4886dfe325cddfe25dd908e5aef8ad197ce2703e692b9c46a12201fa71ebc2e323ff8926ecc059ffeeacc0446d3f28496f17f1b4ad6504e4e24188862e25f3dfc36adc7f79920d88e6c53269cc4e5dbbebbba1a2347154683c840d178476ae11d6ce574c26b8b895957b8623807e8831b87b5639aeb415adf1bbef394046deb3bbe91a5c17f2f67131ae5f696352a488e3bed40df025e0a0846e0037847350fe8ae3cf73141d0ec550d82b89c05bbff7337bfe846411d3f0bd012e4de2fe5b83c7210214c0404b40e08abdd3f4bc441f9b6e1efdaa4ac13b85d139f670a6060a1ba8d2528bcd19f241d9ee5077d20c120f2b484c67c9c598b1b209824c3b8aec2b7b"
+
+NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 8 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"0070492ff3aaa190496c72bb0affdb6fac7fa9cb32e6e91a46ea34863422f807":"39":"643a9706af6bd06410b70ee38f546bc2"
+
+NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"c6e882f5b8e361e43bb3e54d5a7b8c690f485bcbec2dd2183c7e623f6b02c5fc":"99ae80eec64630ed":"de0680b34f7374539ad9b75f08f4d8e6"
+
+NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"70da43aac823c6dd37d1109f5b18feb4503c973288989745e2cc1cc21d9570c6":"edf17d966ed896aee3":"d67b5b2ad15c645450e23b5e7b6d682f8ae20e716d470db7"
+
+NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 248 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"e941febe4b683c02dce56194a86b72d4c569e1fc84bc7a6f24c3ae2b39bf5440":"c168cf12acb6679c24d424baa62ed56559caee163a4efa946478ad43d7dbd6":"4ad9979caa72fddff0876c0295a57fcf74e5980fec2cf622191ec6b5aebb75e0adebb12d0862ffae"
+
+NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"20f31cded60b8ed8d9d3fd1e1fa6244e76c7cb7628bfd28a5d63ce8aa2c9494d":"f07225202842c8dede42215301e44b9bb7e625d3812f74f9b6ddbcd024ebd1f33e2cbf280b9004941f3cbf86c880a2357f88f92a6dcf8dad9da7dddcd00f3635efdff0af4382024e93c2af66b991e565eacca6b886f07178c9b4adad6f0d6ada5ff6aa7cd0712519a947a8089cea5e1e3e40ffe1806010b0149f9ffc7c4dd3c31b3d08d5ae1997c52369393d58611dff9bec501c1ab35e6ed3e7f9445a34e211010a8236686f154e0a5ae3433d6a844eb3884961aa6592216d93952b46bb58a4195aa80966ad0ccd4a7e23823912556a90d5ee9c3bb952ecbb9d895dabd3b11ab4f2e3a6c2582de50403289230ef4dc46e7c0d870a3f0cba9d643a0349503c1b162ddb6350e699589eb47bd563999f55a1adb6b78b52f006901b0427ea7d3394bb0adae4637b4f1ad5d5425e2c8ff3083506d7ad7ba4c7405a778b0a3a11760c96900a5256956cc9710091d073a19f46a985d004651fe2b6448ed761bf9bc81619cf273a6783d868d090753bf01318be21afd88d9f3a961a69f93e9d9fb822c80acc7b48cf14a08b5b7ef15c66975721b7cde9761a145b679155472a44dea8fedc0f86ae7ebf6283ecfde5f2444b51569e6723a7a19e28cdf8dec6791ccc14af95abad018f741575b343cb1a20a2a9adf4248f99728069a1e2e78ad8966c41c9918fb7019ef56c153a183a6247d22d9956564bb03075cbfd1b43d96818b28484":"a5b63618fc0c4512960f00a1f226d9837a90480baea75265453b9553b12a58c72153080842d7f8710f317f88fbbbf97caf879ab4bf416ba767ee9aeb34357f4a2d0e8b9571054d98e28804a70bc4d74807f2bfd95ee955bfdbb6f4d6969a0c3c3b541a514647d5cd8c9740ac3496095c3f145c50c97ec98b935158fbdf89705d5330015e48ece89188b8c1bcb2ad6825d865b375a9b9056b743dac720feeac033c9f757f6fe73dd7c4a747661b64cf490a0dd43b547cd791a5d78dac97efcd355f7ebac248fa2a33e4fad640dc34e0d40b0d36588aa32f0864c9446739a6b44ff84666d723bd7d646c5172cda932fec34ddaaba342b02a9604087ef042a2be4774194b5d32cb3fb112438fbf2801050b5424635fa2d3d3fb10332965c73e6669e65195310a3a30602640e9809179cdfc50de585aa1c0072423c626815d281a06eac3b6ffa137716318e288e3f9970e415ef0451bdc557968febf9eb6772c1f77cb8e95701246d9c567048142bb25e340351b87d7391822d9ee7fe51378bc0d08135f9f39cf44b348b87937939dc61f430dfe308cada632722e23aed5a0699e039cf0563ab8025163744b136a13ce3c62c748c89f5e17540f105e7c6ec9ba13515b504342f9e6dc7d65b9a633d8c0b5c9fa858dbb9b3a594406d478a81bb9abfa289730408c1e303c663a61d5caca00f615065312580042862397b9aa8c80ca812887664c439c8c68"
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 128 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e63c2cb1a2c1282d473b66753494a591":"084532f86949dfb7be2cdf09d2b7505418e7bca5185661e1":"a26e8ee007ab90f599a1bc31cdabd5fe":0
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 256 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"83da6e02404d5abfd47d15da591840e2":"3f4cbf3a98029243da87a756b3c52553f91366f4ff4b103b2c73e68aa8ca81f01ebda35d718741ac":"67dfd627346ebd217849a5ba5bca6e9ce07a7747bed1ba119ec01503202a075a":0
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 192 count 7
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e5c2fc20f9263da4f15b817874dd987d":"0538fdca42f1fd72afadbe689fa8a396996d734e4f082c8c4ef41ef11dc6246e":"35a261169f240dffe4701ce41f6dff986764afa6e84f63c9":0
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 320 count 8
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"3f5501341f617cae30dd0afbfa247c09":"72fcc9e5942344d11c3b23503b170e39cd635da3a83aa9ffb196cfb1d6eeae6dc5f5683238da6e9b49edbf95819bbbdf":"e2a34da9ea2ad66e130251f8a7798b87d7bd7601abc5ae8f7305b024ddb4b3e00351484165e16d25":0
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"adf44a10a05e64f2df87db52f3ae18d3":"a940cfea67b90c81b4ccd793f186dd7c6a3c0ff5a6feb5bbef99eaae2b14a979f1acee92b5e4cd750f40571804d380f470e1f5201a389476f97bf29f6699053f468bf102975895f4c1a679a46cf627b22c8d956679ce53775702899afa223c87621f859dccb876d317f2a486d0a4d4ad6ab7e2d9ebf7a956c394ffcff423377e21b274f8ca3a379273dc8de738c97bfd318871330abfe2539a49d4f03d0eef65856c01ebd426f2e76fab90466acbed8c4c9dc09898929d80244eed4fd51e7eff567c2b340e928f298ec00cc8839e1ce9ccdff40a7edd04e01440f2288c384c673de8a758ba50f6f910b8002e0786d2eb633da0ef7eff025f37b45f7c9b918863a56e2da1f3fcd12b990f959051289a1113054c38c135336f19672c86a51200763678cc4ef50ed290d96fec4afaa53af165aa7ebc11d787ab1c535a0abd00b477b914855759477df2afd516a85a66f8b91fb5f5e98232e601e249b3faa856bc6b26f1945f48542601bb4ff1c0dc46f44ae023c0a33ec9faa7467b1cdf1c08df7d00b800ef28e2f77f1e6941db9ce8e71fcf82a14cc8983614e2ce3cb4b3e976a8dec76e4309492ca68486d119cd566b9692d1a513ff30675737d1777a3a1a95b6588685b5a64d890cb8f79578fae8f1d22b83747bf876da582e56e5267ee8e734e0fa9271f5455c40fd599082c0acb442927643aeefffa5bca0a88c38671db14899adbb4819dd1e2d":"a2b43c25c5f530a6a29c5314319bee95e0ad5a630aa8dd614b3751205118e35117c31de7d1ac41f9d782ae8456ef0387cff49eecfbcedf2d9c0b18182f5e043e3202c527be77e6f0404a9746ea1b18978a916cd47d40093813a3b0ba1cb22280fd7f00a7fb4f8def6a0cc1ef848a45106fc389e0ea00652151b1e61dff2cf2be83fccfbccd4fdce86f19859ac927a3dd08645cf072c3525624b3845a532e5a37d99db5cc943a0a9d42be4bc81134f314fd9e22ebd386e7a896bc2d56c933326edb18120c072579989c5bbb1991993a698f2a19387612b25a303e699d12003072fbea6e45569444107ff9a17675f5454440a6c3cc02c1ba513e26502b74a0cb6d397ff6d7d11877100fbfb5370fd882892ba09635fa3fa78d5344fa00008f488395f04a7185ec7819dbf3b165ee52b35bb4ebd10354f2d85514b2fdc1f825a4a2968ba44b3ff2812d1acc13c24ac49c22343b6080f2a7e7efafe86c6435195cb742c35d8178fe20ede0ca08278db49faeca90f95b9b17fc1ffb9d7b1d064f2266d32bbb6f3e28f3b17deeb9faa64f7c127c90241579399294eaf1dac93346943a3cadfd84d7cae1aec66877e892cfa31b5ae35eaf7c35faa6f4cd9212ef7cb2cf9df5748ed8194c380c3298734e1ccb87d0feaf49be1d275142f8421727b5a6c3415fb30ca44ab598597d136bd6d12435ae6ec3db72f6b85462878d833dfe5e6f":0
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 128 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"5d4899ee66beff1bda1fc717a1ad4c50":"bb7fd0bce778bd775e4e88d904d26a7134364c53a6c493a0":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 256 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"84bc6ce7ee4fd9db512536669d0686da":"c383db930ffd02c0073ac2cc79ec289e6866bdcc6a135a3b776aa42f14ee04f9cca06ed6c0b22901":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 192 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"266b009e911bb55f9aa0661539a6fdd5":"db9c94e7236ec56982d7ddeb9427c24580bc1fb96db98ab19340e03670045b7a":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 320 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"51c2e3d090a74bfa10db090b63ae53aa":"598a16c226e6c848a78ca30fa514edc9467f704b529c02c5522d1890b4dc21588ed6c3b070ed952adc733d865eb9d468":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 4
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"6a7814a80acae9d03eda69cad200ffe5":"e1ebfaad7f6d46cd03c50ce4e9543ff01150e9a9a69c4bc8198fc08601ed71203e39375d600f69fd762b196bf50a7dee2be55574196005c8ad53234d789a9fa6f2f0eb7d7b53c7e39a7c70e9ef93c58bcd45c0f592fbcda19b5ea9a118bc2a0d49c8cf367d4c90823eafab86165db3aaa22eee9323de7d23b7729f7f088be9db421fc8256c20e5874bd0c8348c4a6e50436fc94136e568d0aa4c29d7b65136bb378ef010db091085c9c0802466d565eace2c0bd91648fa82f8045c57cc25c46bd8c9e4060ceb00e092f7beeaece1d4f8a2a01b5b1dc9de3c7d2ada7a44d4600085b7e76929198b9823b5ae0f74c652fb8793cae7c16cf062f39136789b213d1d500d560bda89bfc0df0e6bcb07fb4a48914e1af9058b73751aa4d98ef0363e48f9d1ed42230eca1b7b24631cbad80b2d4bfbc00ad1ab797c1c459214be8f64470b4d267ab576fc1d3c86a42610b8282437dc071336c325e606c2d36de1b24595f4888cfb2ddffb46557c964a4ac53ccc1d214d44ac84b8322c93db03bdf2a04b303de4f8482b8e7ee25030aa5ad8a8bfc5dd683726a0286486356f5a965599313a2c39034774ebf646fa7ccbda35316c54d443c6da466d9c95d716016326603c3989bd7545e3506333ab3e2ad7b45b225bc43ecb37e4c301b389e06b95f09b1a10beb5fd5320234fd6d488d5691ae2e078630f9f57dd0870cd617c30bd67ac8dbf4b3a8cf61067f7":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 128 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"26045402548ee6196fc0a60208ffde21137ddb1c6c5d2ba0":"fcd55c2c60ff6de19ec3e6b13490c2821f0c565abf10be2d":"94b8276743184d086962ce6c4e63bd53":0
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 256 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"b3a0aa60fb14b658e1eb1c1a5a8e1f60307c9b9faa2f1587":"fdeda2a10e51da1817af2ba4c9f200414aec67545f5e71c608e85d14da8c5567bf51dec4ff2d8c05":"65986b3a6a3658a66cb5beb302540bb032b36c76d040b24fe278a1473ad4c32f":0
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 192 count 6
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"f0ee8ab6f804a2629e163b58c1a9e9039b53ac60493df11d":"3593dda0daead2dcf850f8670b7d0692332f57068213a772a8244d058e5634d7":"401df0c06aa4c58a71b9438e11a11a239f577b6037adf350":0
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 320 count 8
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"579e58b2bf9c34c31e8c644faef6b698131624063fb2d795":"b39acd09d9bf9daaa89304f76402065cc3d863e12df8a966f037146db9619e7be5ccbf50206773c5eca35e36492ef4b7":"9c1f66267c2083a42f3da4e754a073c1ff151681e2bc070e6e4682065fd109088a096e72024fdcb0":0
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"366af2c7a1d7a1ee5a7c239fd526024472f674ab039bba25":"36fb77bd3890aa0a4a4d6f65d671156683c48214a327e5b2b0916c0031f9f4f2c643ca721aa22e84853096bcedd7ef57ab2ae05628099bdbb55111358a06c1e99233b94a568a3f59b06d8a64332acf888cb5bd1fe8ed344937137eff629bee3ad57c73344df80b303994889bbfcd0ec08b13b687ec909cc847f383d3ba91d108c84254af4ab4c22df19897fef44b62d88b0c1b269163de9a2db56a26c4dbd0481026d27e5003153eec761f21c02f4d04898dd3ed961ab158e572aaf3b828a30eedf62a8a7b0911eff27db48ce1b7bb79b14ba43d7ecc1f87c82664c99ea857746c99a993db5807f0fb06114c00428b85ddeb9cfb698d282b1d70eb7c17d4d12575e58103ef1ed37c558d7c312f0fb1d72cbadb84561a41e4745492c8b1eea557efb9f1e9664ee995aa82e7f2a1c86dabed0b2fecd9e938c796dbf2f9b4dc269545ece94e354ca3436e4c6936b51cea7abcd2e49fa263f79757c4b5a8d18c2c6a26435fbbaf3fc759bb323ffb962bdd445dc7e5c84f9d98812e7eae254d19a06ea378b1b262daf22b634dc30aaf9d911cfff0905e5e2cfdd7dde4dbca75729bf33ef6d27d5993f19c9a3e60fccf5fa201963cea0e7caec99d79f83435d11e3a90905103c302851c8d33cef77b39c104ad4d8f45abdb111780c46784e6fd6a78e57862350a671ecbf01dd936b8dae4ce4a91d86efad8b04724d7c17a89b1d43d8abd650f88e17f5df1":"40bc409ed0ba1966e733be4b2ff9d23691e6a9f44b0abebe971a47b4ebd51bb13bcf70bc1359f6b5e670be2e6b008ce9d219abd61ad20edd97aff7458b81e6114ea6d9c85a03400477b1a32f09ac5cd1a963731246011ef4908bacdbfae5e5921cba143b9395d17386e924db6ce40361740c6ae5acfdc979d45c8af70b443878adbb04bad439c9937a30bbecfc50b7005782bd01e3a87538220ca149286855129bd189f9bdb55ed1f7ab786f99c289032123c814e683db2f10970db79d2ef87f5a8a2cbbf7b9e2c447cb22d2a9d0f8c2b093a4d8aee57f0b05c2ac4f4ef780bad406b847d3c9d175f659105795236b072e96738043cbb8499292ad45acf7e576d8decdb635aeda6611da6c00a1badc11962dfa0643a83b865099de79416c86448280aad32f6797ef2fd879ba46abf36c9da45da4d0c936f6e25240cf30ffc79647720bf10ee18743f1ee3397dc0ed967445bb7b0df8eff0887d3f84abf20f0b2036837dd0308ed4a01f9d6447a9eccc9c471e75bd32f7d760216c326901ecd8590afcc2e697311e29f9d704dbeec409cc8c7fecc12fcf70cf9f718c12579fd17cef1e6bb44f89ad418005c2629a96275965f08c54a53e31cabcd4fb17021889bdcd4851ad33bb0d5438e55ba3b759dbf3c50fe20e6f3b8f1989f560818db1f2079b91b1e2d8bb22a7523c3137e9a30ab970f6019eca225e4b42bbe061f3b7b43":0
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 128 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"9200a0f688d86c0b6bfd9abeff66341684a373fe3f9a3057":"5c685c8596e374710fe327bafc45cd09190215fdcc03d010":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 256 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"95c9e644559919cace6f93f545dbfe48b130808ed66d0964":"7b8d1307e992221f6ffdcc7909d972d5f02e92187139cfd77f79345cb998bbdbabedb3ac00a6cdc4":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 192 count 7
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"ffdbcbd0abc94c7f15e5b6e8a7190f1ed4f01be11f4f7ccb":"e9ad95c8e9185a001509c50ae0098d45f7032575c7b8fd90a561716d2e5804fb":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 320 count 9
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"253a5cbe79a291c0af1a3d7460e7f284bd672cd026753fc4":"f71014ba711602df5cff2b93e86253775ea308bf83fde65fbc9a9a7852f87357330450072aaa3d6ef8dffbee20d2de7c":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"ff8666e4e538a6cf0a2a002b63716b06ec5f187785c2fc1b":"f5bfda19b535cf39e240d5b42db06f385fb002be273e46d9e5ceed6be4b5f636031bd0622ea0b3abd0087a7280844ce7260594201214e601ada0f686da6e9b45fedbe36c7d13db025746fa6bba2e540a417a29cdde32f9a7ff56325233bf60929bfd49f80e21acc23f3abf572d81e96b556f6f4f20a7e00c1cacd6fad07df30d40de593c99f73dbd61bf9d9d5269a56006ae85d588324f7e140d9775403af631e695f7856b1bcaa377aa7f4f12c68096a974ef703435102d7110f4eeaca787744c942be1186d132bff2b39f160157617bcead75ae59288880fc0e7db9877d854f553e90e1c917a99b8f357082c50bf3b71cd30d016f164ccb85bff50212bab13cca8dcfff0be984daead905ab13054eb12908a73f37ed42c5638a5a410ba182a2bee2caa84e76af2a715ddd24e837988ec475e506faa130f0241e08d92567a69c9645fc2be3945d65a77387cfa307562c9b6c7055f98956c547ccc109da9277292f47cf43e3cbc0d2e91c916e4fbd70df4a980e9430f5c1c8cfbd6c83f0f756c436bc07e86d5c75aec7e4c039349f71fbb959db709427a33869c523c3486be0095c1fd61ac912cafb9065b94916afd9166d73678ffbcc396a037ebe75e44cd824b2196903950b528f537c8baa70530251bfd8a6f37b202453993534c06aada0d1dbf760879d0898026997f1baf63e343e94ae076da7d41ea325dd23ff2a9cbee74baca05a538543d":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 128 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e594f0067cedb74e883e7746d29ba725c884c25375323f367cf49d17ad0f567b":"3b51ae2b0e3ddeed94efd7bfdc22630187e1f7624d15ed78":"587e3f6c75644bb5c3db9c74714f5556":0
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 256 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"049c7bcba03e04395c2a22e6a9215cdae0f762b077b1244b443147f5695799fa":"776b1e91e935d1f80a537902186d6b00dfc6afc12000f1bde913df5d67407061db8227fcd08953d4":"e617831c7db8038fda4c59403775c3d435136a566f3509c273e1da1ef9f50aea":0
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 192 count 7
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e86b9c1f74cc87ab8ca6a2fa1723fef173077e684345b90dacd3d485f587d320":"c97e8c25d498430300982cdcef592e34176e33e45cd59b19f7605f52e3c7b997":"261313cbea4b246e53affe1f84bd4c900c9b1d1842d79337":0
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 320 count 8
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"5b7f48b8ce77007481667e9900f3077a0c9407a70082b0de29bbfbd716a07149":"3ed16c7e4fed98d76092936e94fa5696c787ab63cb764e930fd37f917be4e7e60c90f327f0865d279e6c449b96301ed7":"4e0e6c45137efbf858ce896c815268a10d9869ef5668a90739b7eff99617691fe63b911afa53feca":0
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"9e92fc974e09541e6cdf1415575511436ac04a56db186bc0e60f0fac9bd58c6a":"201010a2a33fac1d20230bf5254204801de29e66cc44eb391b8e77284b3dbcfa3fabbdd4d9423d96af64ee0dde35786d79b7433021da27d6be753f91d2c1d63b40e9dc265b4a27cb2a61018a60ba5e29813c012b6acbf7d7d101ce227e45b5bc8a16c604c83a99ef35aaaa44fcd2033cddb6122db2dfb944d4b5c16dce911c5f4a1d8db46785534e7a090e31fd2192be64fe5b72efaa8b7965552bab4a20c8eac9a9e7b35e77df0277a90b0b1167e14a8be8d0bc37757354eff920ef93ad65c5a49b04bd553883efe9376811986002d4270d25c5749ee1454270a191084fdca53ae693f5a31b13929fbfd68b331a4fdd2259031f812ecf50d042a55fab302375057cb5b36735bcd2d75f745fd4a92580ecfd0fec44313ba9ca8cb1893f7a329638c17608c170de0ef68123c2233fea878fb1b49ec7478d9cf70591101bfd2d6b0328a27f7c497061b79289b6db4e46199c5db8121e9e1adcc8d64c85c27e329883775073d5f61b0bc470169ce8837b61fc23bbbe7e07d265b32cda5a94acea4bb2e52af17e13818a7ea424ca7fae7677caf405f04e37c2cad0c77eadfb4ead593f79ecbd8292e47b7838d775af9d9e252c6ceb147ccc2aadb01f8541871e5080109f9d94afc9103579bc9dbfcff8791d5eaa68521806590eeea74f411731b920a91c4f4542a60e6ffccb1285dd30e74292d5f37f33d4cb74742ac98c7a0475e069828dcd7d8301fc":"4b6f2257197b0692e6026d531bbe2f222a6764fe1cf277b0320a6bdf9efea0a3f304e94fd22372712f751aa377264b1600f3c1e7e0ada846082ab4885a5c9a51b1b25a593a269a7ca1b62a28f1a11b80fde57f0b9c0fc0e38e8edea8a294e18b4b1e0e24a5ae0e9d9fa0d8cf02378e592b322ff04c5a487332b5f58ad3fe9a0c20a205f6872c9e2d0c52c5b29c5c2f008444a3e8400b4822d39f646f9ed390c352615c4cca8cc0099ac1ec23ad7ef581ed33f9fd4a8a58eb240fc79bfc2df7c1606cc52fb97493fa59a0dc8dc01fdd9fc9fb51a2f1e9fd6a89cba67f001d105c456d99c3b1fd68dc9d01b1b8e0e4c2ed4eed63c0110ea6ee96b54eebcd56c5446dda210a9e143366014e72d5e4bf78bacc230641789ae7caa0e37682190d8007aad0a0983e7c970a6feb1112ee5920f628ba03493cc3b340aa9452e6698f818e6e409cd0a7f660094df05646ea0e6c6aa94e933f4fa4feae6207eb473f9d80e335d6020138f1fcd085a336bdea158823cd47079a89ac18bc8541918ccb6bbbe1aab5ba7d9c6b5fc9ba17cae707a556c2bf7d1f991f9a8ebe0f9aa6e395defecbb508cbbf68db8da443ce8fc40149c3c84314986615ca5685e5e2162ebc617929a7e402a6262a28e646d7f503253c30ff2e37ed6580676a9978aa2f5b4fe82e1c2fb83754fa855ee54a61e64a16b64a680732b14671ff55b3f2a6415233206188":0
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 128 count 4
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"08c936b25b567a0aa679c29f201bf8b190327df0c2563e39cee061f149f4d91b":"e227eb8ae9d239ccd8928adec39c28810ca9b3dc1f366444":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 256 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"605b22935f1eee56ba884bc7a869febc159ac306b66fb9767a7cc6ab7068dffa":"6607f5a64c8f9fd96dc6f9f735b06a193762cdbacfc367e410926c1bfe6dd715490adbad5b9697a6":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 192 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"81c93da5baa5157bf700fd38d7d67662670778b690cfbca9fe11e06268b35605":"875e1ca385586f83d1e23e44ca201006df04e1854e41b933fd607a7383ae1a39":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 320 count 4
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"c42c53da9bd5393e63818ecc1336ec6dfcf1d633e51ebb51c68fb0997c979e7a":"52f7b481f72bc2d41edade5388d38c2ff75765939576e49bab400040a14ff488848bef57d1502c06a3faad471f5c3178":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"7b51259246dd7252f6a7215fb11fbeabfabafb0f8856afae525af8feb81d3490":"c625853da9fdb8665264c30539a258ba61da8bbd214f3f493e292f686dce73c003aea5c4070ea94b19e486019b18a2f3f1d836b85414bab14eb99baa283cafffabc8498cf1151489a6a6a0d01e7041633c94f9cc6cc3dfcd661c9c4a0bf77d9be168eec29cb0efef33c74d2dad18ae2ac2b5efb519f4c1f12eaa7a7d7959e7a6dec681e4d1878b20054b7925d2da0b2f8730604445ff3fca3a06285a4a2d86648f10a2bc3cd422646f70224ec9025e7ce701c8b521c0392fd7d2ac883f2a37bb7e4d53a92a620e65e090b91dbcdd616a13b3948eb1b5a6b1bde80f03dad61aba3223fd91ca3df68b0749fd049813a7ab0268445793b16677bc1af00f877097cb14798777ac817d0df82507aec246f755ddf95b19bb56ef9f2e730bcf2863648d8b164656df37977d54eaf05063b0ee8ba61c2a2ba7dda8fae337d5f6ba965d9e643b4534ed9f4eea7b2b26680fff50260e245fa0d63139b40e2f152da3a976589e957be22cb0885cd582aa9468b08f08a22b486767a6b99c1778ecbd763ebfe2bd83c6191f4e8a84972e4920452b2b2dd28be5d7bda05dc3422419793ca8c26defd3b42b2cc99bbad98e7461f034abf137d7b3166c94e20bdba091653c6a17ccc4faf86a7ba6d2abc0ecada9103e73d9ee4659b6e991a1a209d2ebd96c24759c69ad13a03431ddc05abc20dc8581b1e526f4d98f6352ca4c77f5479db234125fa585ba275fbcbdbf":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 8 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"20501013aa1578ab32704a4287029098":"382179a39d75756f57763486d038b50f":"14":0
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"a099fff482dbaeb53aad84f81b916da0":"b831c7137facaed059cbf268767e230f":"0d24299443bcc444":0
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"4d49e260348172c38a79eb925b189b12":"54755a93ff5173aec60d1eaa8fd7d4090f00f638c2831aa9":"2bbe64479da7c45976":0
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 248 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"6a5a5ac4ccedf055d7562ac58ee7819c":"46904a5583e8a22f4b2f5aa8d071f5cbfc938130f1b33f2e6401aee7cccdef2159a89c9b682cfaf4":"33ac6837955300e569b29958985cdbd434c18208779a949d20b110b0b719e1":0
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"1dd51f0d3a0a784174ba81b2c9f89005":"e1bde6d2df3b8e48ca127f97b56b5dc2672b3736cc3157c7b80a0316ef1efbdbbce19fea23da831836ccd2e002b2c1dfad206b5cec358446b8434d7f4c39e65b0e0b50897642ffc34bfb3cb3e233aa9c1058ff0d4fd48e98bc8cc3d214c06d514dd97db2278093a308f91f4ae92626d85771fb1447b36a3467fff02ac7e81ddbd0fdbcd02d1acd4f053c989ef3dcc2c01e23bc2f6090f3e8c0ba5f0082341200b1c37b99daa9cb6fec78bce3429aec5badb9fd28fdbdbdc5d53570675a9e39535b4594095658ef950ecd79a162223b60d2eb91765e022dc6e1bbdd86f1bcc280ed9df350da08a801fa16a1bf2701947acfb08f19fdfcaa1d76f466a5de2458a78fb82f6af3e1be68f405a4289f25896f4c9830005c9e895c86e67eceab0ad544856071b8d9585835b5e85a07ab01515f7ab54f98dffb4ca49a15068eefc6a01f7f52fd1adbe3631c59f6f43f79d2b4f2a691e2b30bb1d43a848dc3ee39c7f2e50f0c9deb7ab51e33bf40903ac255bb1510fd61676a6c13c3c776b8aacc6cefb95e24973ebb11192e2692dd0c6a085b58f86e11cc28ee2194988c123e3666da7339c0a4ac6afbacc83f1f100fbb39efff7cc605c9213828224a17c476395aeb9bb0a3150fb8889a8c2a494c8c526203f261642bfa69a94b86de9e6d3d932fe20fffe4bd76d502c0d437a3e1d0d8727b7a8dc0e361967109e93566326b6c517663731c4c9bdd0295d8":"1a4eed4bf5b8d2e2a58f1f1277f164cc32cdadaed848f76fe634034082ff9aa1711870bf3936d01a2aa48de30de5143b9148cf56f4490f9d480dda0b672e8e17a012cd26cec3c68837bd5b2f9beb13e0110f21c6c36343e09e027f39557d1596d4ca406e3e7aa113e9bb8623106bae25f0ea23d46bc29970ba2596f83fe4f73a6f978a4d949fa7c271570a2ae5d2b50792d5ab5c43d455f359fb83c35ca3da37cd73cd66b6adce94d78ecdeabf667daa47ea70799af299e1d898ccf3fca6c42c6fff8cf2ec992f596fed4a0cdb502a00f9b5689302931d15cba691e2f8079a0411332438b714ace5234b91e4aebee8f8dda0e1968c2016fed350430a65d8d206c9436f40b79ce03083b8dc207d6960be1ce97007ed22a388ebb7b3d8f7d2b7d9f8f49731fbcb21e21db0cdd15674c795d5af2b2cd727f83e634e8c47157ed0c6873a5c9419e683f16f4a7827b444967812f9d1adb9201b89a0e66bbcf0591465f5d7036a21cdda0e10099feb819dfc37fdd3105120044dab716882d3971f312e3f4459006fd5a1eab08ff63edf6718f47ddaa37f7f40c9c372995f3aec97bc45e287b64fc8cf5559ab04a4d4d3ed482f5d61d3abd99cc87ee406da3ab9c9cd22ba3b8d191b26754aa94a2412f39e332d77fe72210adb0cbb5c96adebdbde036f1f1aaafad74a7ac2594f81efa734054e2e16dc931d49b970b81756862705fcd4":0
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 8 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"30be7ff51227f0eef786cb7be2482510":"7f61a0a8b2fe7803f2947d233ec3a255":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 64 count 7
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"9ad15907cd05d77b844816b1dd806c92":"7aa0e5d322363afbdd71b531e50d4935":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 72 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"2005cbe9cc66a35cafdff1af119ae6ce":"60f9c736ec3619efdcc7cccc6b90ae5cdb8bb9eceea5dd96":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 248 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"2c3b49efbf60ed01a3ef27ee24ac90b0":"5fa5a87bec09a3e05864656f8966cd38e1c4af48a06b1dab4ec9cca35dd0f92b54015fe5332bdef9":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"4b4c43c9de4fb4a2a7a7adafeabe2dbd":"6e4d08b8124f7d3e23303fac1a842014f95e3d71c438f8f1990307842796dc5e404ad81802e35c183fe000390a12c81ee684c5cf26c1d90e414cfffe6931b0f352936fcf0b31429eb5c7612cc359a15371390e518cf5c6a6bff1bb0348d14e2c39b98c9f30672ed2af1d96296df8b5567db25b9510a2083461810e119735490058ed1b46b7fdfa885041d8749f90a072b43ba49f2f51fbcda0dbf3cf99fca1d8f46330e5f6fe079d6679cfa26214c8831b782aaa023a2e0ea91050d277dab876aa6865f2bb3fc1a4a77db52f6179d5e5325993280948b6b7002b572829641d35ed3d735d8423e5b24673c4570ca25064fc2c2ad4840632536bcfaf2a7a814f3eaed92b4d501bc51c1719a0d8d8f420b66db845682bb41c88038cfedf13417143a3a701b521a9bf0bb639875a728c3b5ce6ca7e7a45bc75285c193902e6b5e7a4c6e720493d3937bf485e587bff894f70fd6165a1d0129cc673a992e0a4f5489d228a066b1df60002ec0521924f8d672cd1452fec927e58e75807b2a390256f920743fa4d0fc8f59f2469a595ef65095ca0c80adfc843e9e69b6d4a3f824af47b2bfbf2a7a6c1b650378f096f6f0bfabc752c8f279d4f45d56d09dce97962c119de3a64d83b93ea55066f24d4238a229ae86e6a7857af1d8aba823370a72fe358046049a84a70213ef31d9e77a722def8e21480e79b71299438070946bd459a7251707446c911e381":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 8 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"716da5cce5877d8f305b5478d671f6c73eb1bff4de15df07":"dbd5247ad2445575cafb00ee7707c218":"bf":0
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"b94bc10b85a8c2f74a66fa723a25ea1b398a4f627efe1ce0":"18eef64a022b2c7db27648cbb5f1d5e6":"19c0f2f78606fae7":0
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"f61cde8e515d59a8ca95efb1a98ed4216c4a9649151babf2":"83fce85e9bfc6ed784b052472e5780fee662f17a91faf1a9":"1c6883862ede37b31b":0
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 248 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"1c883af75147bae6f34205cd656ad30ec97e617456591ce6":"f24f6747711cf72fab0422026c6d548ccdba786d77ab900ac3fb8f39f116d38e92c82d5fd9a045dd":"bdd793f086d8733f69055bd79bbc448be857286e918fd4c54be4acf4eca5e4":0
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"1b38d4b366f844e71a8db6be2b77a05a9e81720d2d3f31ee":"62ddc158ecb048250bde439dc7aad34dbe7667d330a349026266c24cee9742953b623d1e247e501641b45b60cfbab665e68040ce06ebce478d9d77f5f344943a1edb14f0d9f165ecfe407031707961fedcd016559228bff5761cd6542944a5d86f9acf4e0a4114682c2312b8d4e8285d3efe1a7c1526642c73c332a9e484377a1c86714e3cb687781928c8a5fe28b4aa74e79f53ecd00793e00041b39b172e5fedef3d4164dcc6b2d2e47994e73f2ab048a4adb8cd94fcd7767314ae40f8cdbef2b26d25f74277a2f88f1de56342a0ec97fde4df2d052e6ebc62622f65725d845f670a647808666c7325725a3428e26fefe725c2badb8a8b8f04e30456bd1fd39fd0f7c782b7a2bc9d8c53922a54c5f103551271af6d7243133b96cd1c108811e4beb9a56472c1f9823a1e88832c5505e07cb93b9041f4b8d69cd27403680a18bb3848c269babbc52aaf568ee8245f4f72e177257103dd4bdffeee9b48e0660d6c2f4dfdce52462d0ed5cc5114dc0aa5a35601c9a644a1fdd3c57c3153e65a108eb94eea3bc9979a67a2f569eb7398a4bd24547c15faa361bb2950a379a1cad1737f56e7c210652aaea7581f39f07ee09a101fde8c34c3cfc404f2b8f682735fc4c721eceb4bd2295d8a74ee3cb858329509eba9049e7e791e04d8452b50c6e6225b94a8cc10ec1d262588fd2f05eee08113414e770c83caa84d310559286c393799117c177089a2":"b1c88d3e5648218ee085abcfcaf7f362f33e4d6de363cb84182af9f18a31475f0e14ae8eff76ca67455726392a110ca262b90d040abf49beb036db096be053d493787a67e983b63945277044acf648172c75b38d7f81dcd58e3bbcecb963dc95863877784ac04eba83481152c30b1ca9e9b78fe537deee6c95933e1b5fb414cfaf7ca1dbbae8b114f0538f4cbf433ef214b776faec9ce1d29f680f4c88ff7b9ba0e964898dd253f5f82ec9f25663ece9dbff5e284f63b0e0fd07fb13b41aa8359f1ba1666bcb26e65d28b1f899952beb28b8f902f048e31efb6ab4817cafc6d84c7f4676b50936715667a67df7ca965b3ab2a5fc472375b1446c810242eb1cb78b9ac496ed4715e0f89a4e1ae0e2724edd59c954f54196ab55ac1947528fa14e716b7707aeb023bd0a2242da7ac97f3feb7795d9be05cd5b1cc33095599ab4c4d8d583c9e2a4d4ed12b836722370569737fae2d6fa60c8a5b8a80fd71129fe29395746eb746528a8845c5a9d50e7bc4372e7f3f9c6333feec791529a6ae1bc0f620feb604f56969e4ea3445810c72dd0772856feb58f09796f461f7ab1b454c303c810eec7526aeb397520b6114f57a4d906e974e8d4a910afafbb0f030b18887b951052d18578022cb7e33408578cdca34f32012f62d3dd35cb74e9d0fecac52231c5cf5a34d470d3b5413644c4e2af1f1613093a3b0550f8df26d033a35b9b":0
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 8 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"df8f5124b1e03228f2b96f0df31924bac1d3b5d094da22e6":"230bb26c1ea9d5c8fcf7c122ea994f41":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 64 count 7
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"94c8dae772a43b5e00468e0947699b239dfe30ab5f90e2f6":"239c6bceee3583fe7825011e02f01cc0":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 72 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"d81b7162dc6e9e18bea6e258bddb53a1c9f22a4a7177d9dd":"4f3a2b7b229a665776f9cfa42e0c2a615a81f69cc0f0f465":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 248 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"688833d56cf1a0f492bf1f7e35c2fa6299a2b1b5ca2a2823":"4b7c17d7a7189e7955c03abb0ca95fc0c780953787972097ae596d46fe2a8cd75995e6309780ae5f":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"4b0faa630930b0ff8e624aeb4ddfa018a858cfa653132675":"1640db081e87ef7797a9f17509f5bc67d40beaef096131748f413cac3d2500462b61140b31bc3965958af51351903549e4a71db589a6bc67d72ec33b8605a25a539a2043704389e3e0781152dffa9b64d6ec186ed144847434345e6dccefbe26626eebc4c22e3957b2145c46fa11d7819d4195cb43a9db8d2de507c023607548b56a07628ce4c706939fde1bdef8364b2b8fb7db30fc5c8e99f29876130d9f71a8486d99f2c7fc09f646918d4c60e53c7b9f9a8a1e9a023d70448f6b79c3f35cc6b9ace0535147f7f27be66d918895b9106cc83eda1aacdc2bfb7daa75b2867ae63109ecbf9423526511c64c4261e395d9b5a68dd2503ada57cf1b8a18336b8d63d248ec4dedb6e30662336546c86ef83b53504bc3bedd85a027b6b9f0323bd9380d9ba696b77072d98f96b77f9b3ad9e219715122b2dd033529eaf7ecced8be6d1e6467b8e4a61105be9b7a7ce208b6dd6bd34481f80b3bf534fb87904d45986931a088480a8040047c681dc4e8ec1c625a5449d9ab28709d04989c4b1a4ef0f1e379d37fe6f0641b9e705207e9a0652463cd5da71cd50321116d4ff1cbae08063df336482eadc0d117bf119e01f2577afe182e7fa477ec53b754e347a2c742960b9bd355f969e6ae1df2210e75bb44c598b683dd4c8692f4cd1b92125ac9ed10ec4cef6289d3f815cb894e74dff0bb72d51c43cb420d74a31c681c10ad7f9258d77f1f186c926a":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 8 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"da862b25a629d328cf9fac7be0d6ead1cb2404e9bab87a2381a46eb1a81187c5":"5e01a2b9b8413f303a3578d2cc255fda":"d4":0
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"362586d516d38e4d58b50a441443e75064cf6d6cdb6420862932ba7b0480b0fd":"ea7ee0f5af3a271a9777838ed13c61af":"f1b92d0db744bfee":0
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 72 count 1
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"0e6d542f960c7e61ca190d7fd719fda157030a0a013164613a8c522b52ae685d":"b5cae8a82095abb3478ab167dbc0201d2f4dfc5f81bbe44e":"a957eb4ea02e68ba8b":0
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 248 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"0445b86d13b7b76c0089a63dec70c32fded9607af63714b7c3cc724f49c1c6e2":"7f63167976e71e43b7b135c8cd12148f826f56e73f6fb6e7f6cefa23c34302ff374d44dd66b6bb01":"7af8c3b32e61f8b5c027383a273927b8fd09b75692bd0b713ec8ecec0bdd2c":0
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"08f5c088acec18e6cf1f03a8f85d772e327e7fb07f8c2939eb554e84c42ab93d":"dff30fd43647d4be54cf2dfd6187e2ddffb55267313f980fb09c833a9c2bfa558a95861711f0acb2a5c7e731ba22f24a9c4dfdd9e9b0216e9088f817a175b9835b0e17615687a20f68c067205626494cd04fbabc0b3eea7c0a4cd6236bc8b3e52e721dfc357fb8a3722bfcc4c690d8f63dbb864bb6e3a15805aea7270f8eb748deebaa2d066fcda11c2e67221f9a91d2c29a6c79ffae76aa80a2590b4f9e35f623fbf2f8ceb2a205493077556a186e25e5bd52dcff7bcc6909b37a66c1d1431be1b363bb40da25386eaaf5fcabc7be6422a04434a21d1d3105328e7c56770b9f59b03395e4138f5f06fc7e6b80dab87b08caa7bfffc45a095c15263efd3f06c651ded6f58074efc20620d704997fc84721a0a8e9e5b9f5cd330bbb156b31d9d1b1c260e4a24535f30404dc5b2dd6b35d916a1391b25a7d8790be09d85483ed1522074a2785812005bda10dd55acb245b3bd3d9bb777dd23f9b02538ba1a114ba53386d7ca4d9524b2f8a18e0ffb21580b560540bb2146f08f04974b90eb324547d56222df95f44bc6e5f183bef283e4816fb1b2933f9c7c6726a245a495e304d8318d0008c51b0be8090f8f668fbc3f31e073be4b9e97468f4dd8c798e9d682868df493db8a85738b58cfd005190f365849072577772672c6f82555c65046eb34e86fe61103327a063bacbbe33cea7eaa3d1de45471b7269e1b6b38608626e323447a3d5fe0599a6":"8b68f66a3d2f59d419851b94d9a6f2f0e667f8125e11d463a6bc2cea46b12dcc40ce8018b204972c735fdd6d2d05b628f4905c6690f5ac5b1b51e12f3af2dc3ae9b9dab616f0a2a66a1ac197592fd5b15900547f32f54110b58d51a0340aa80e9eeb7b2e0eb97e80aa22ba918f2fe1c678c730ed5c3d8d24774f17d8ab6e01a06243d36e764df1dbb8af1faadbc55281f0242abd7a162c984fd0b05ab8b0bcaedffb2962024f009a8d7c9e71281c09f52ec0707ee3bbeb1ecb918be6ae3e9c1fabbcd3512af928db3ba6c109ff9e9839a616b2a53f092160a48222b84d53cd52490515ef93e1ebb33897263492ab8ec6fad2e633276ae367f76d7f926309478c0205d4f22506a451795dc98f5410d8f5d3e049cbedf381620861e7b4ae08f2d8a71abc1f230248cb636a2d7b4e7717ab2b7b5f2dc6e5b5a18e8043254208b50fd6f8929eaf974c48551233661ad67321b64d69245d536d9a8ca2a6a10966dddb9d2ce36641c9281c460ae524b077867258f638e6ac872cb5f5c6fb216b1ae60a9d0c5ea0dbcd060f255da26111175af4e9935df59ddade6a2a70cddff8cae6a98e4f3843c2dd59d09053b07b648a46f5de0eb21ebb192828279a386ea3eedf2cdc355d73d51111e8c1d522e059752bc56226a4225bcab713bfaaaec78167d7cfd33e913b26fda93ca7524aa8a8b17977c88ff9bc23ea810b4de59eac18d1523b":0
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 8 count 5
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"5fc3ef43eef256993fb00e6ccc90f60319f10a3bc9fe5ca4ec876c165e2a7720":"f3d922a948969acca293bc3daa027e48":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 64 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"398444df32841be9e699c64faa92630c834564b8384876dceb471c4056fc8299":"30032c9a3ed00d29512d8c725fa86a4b":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"64b69233fe392c0bcda28a931cc3527b1a8f29235c1adf6256556c685cb89b9f":"6b5fd75ad16eda04a8b29f1bc0411ae28befbad9e474f2d8":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 248 count 2
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"8c35fb77766d04f48d5b52275c5c5f31f568078419e5c2335918965fbe53cedd":"bacccb1714dbaa4908c2654aa8dbb1ddbddd8ab819429b026619fb1c0fa75a8247372b2feeab1e1d":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 3
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"1726706350c11e6883955f24ea11ab247ce3b2ab54d05e67ad9770b5564483dd":"b006f26a67d0e1e2cbeb5c23b6b300adc1526d1f17bbe964fe8237ae244878158e6b04cb488786b5258ac973c3a2eafd7fcf3a7ca6c825155659fbc53d112bc78b3a770cf059fdd5e68f2b4bfa36de3721231102e5041c947fba3d906bff39592ec3901a398da23035f1190e99b58659330cc2e856ee87ad4197dcc7d16e1f062275bced1ed5cd82163ae3e58da7368dc2aadac855385bd4fa0b8baadef608d0a5c27172d12b88c70b136eeccf37f36364361a990dc50815743cab1636e661bff04ca8345520c30b935a060b450526b1d6ac09170e5b0a327b88f42327b85c9a621d2ca745963c2815a2bfcf509d50b6058ed6e67f369b5608d2aa885238b67d1b8e0d83f9464aa473bf109350fcc02e360c2619236cbfbf895b607895530d8d3d2e41450750dad05b1c37ef15db7fb4707597ac252e8e58d4c1ab2713b427643d198164c908b5d8ff36e9700157284009c7b283633d8b27b378bb65eff8aa59b5fe5e6437a1d53a99c106c2c4d033d3d23950e313a10eb31d68524ae9f8e4f56437acf66db3e8f77407a15bbff4b393e5559908993146d93c673d2aeb7d4cb8fc8d0169de7ed6e2bbe6ce9958a0f5d201419e7acb17e47da827ba380d6b3ad3b5a8c2101c5fb501110c727169065f23297947f538ab3ec165d61edc1f6a9e1735e9b7fc06d4d3406cf8f9c6a68b196cf262324a986705fbc802cdd2e6b4ebcf68e6bb9e793ae644":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+KW AES-128 wrap rfc 3394
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F":"00112233445566778899AABBCCDDEEFF":"1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5"
+
+KW AES-192 wrap rfc 3394
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F1011121314151617":"00112233445566778899AABBCCDDEEFF":"96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D"
+
+KW AES-256 wrap rfc 3394
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00112233445566778899AABBCCDDEEFF":"64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7"
+
+KW AES-128 unwrap rfc 3394
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F":"1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5":"00112233445566778899AABBCCDDEEFF":0
+
+KW AES-192 unwrap rfc 3394
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F1011121314151617":"031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2":"00112233445566778899AABBCCDDEEFF0001020304050607":0
+
+KW AES-256 unwrap rfc 3394
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1":"00112233445566778899AABBCCDDEEFF0001020304050607":0
+
+KWP AES-192 wrap rfc 5649
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"c37b7e6492584340bed12207808941155068f738":"138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a"
+
+KWP AES-192 wrap rfc 5649
+depends_on:MBEDTLS_AES_C
+mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"466f7250617369":"afbeb0f07dfbf5419200f2ccb50bb24f"
diff --git a/tests/suites/test_suite_nist_kw.function b/tests/suites/test_suite_nist_kw.function
new file mode 100644
index 0000000..ae3ef80
--- /dev/null
+++ b/tests/suites/test_suite_nist_kw.function
@@ -0,0 +1,347 @@
+/* BEGIN_HEADER */
+#include "mbedtls/nist_kw.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_NIST_KW_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
+void mbedtls_nist_kw_self_test( )
+{
+ TEST_ASSERT( mbedtls_nist_kw_self_test( 1 ) == 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void mbedtls_nist_kw_mix_contexts( )
+{
+ mbedtls_nist_kw_context ctx1, ctx2;
+ unsigned char key[16];
+ unsigned char plaintext[32];
+ unsigned char ciphertext1[40];
+ unsigned char ciphertext2[40];
+ size_t output_len, i;
+
+ memset( plaintext, 0, sizeof( plaintext ) );
+ memset( ciphertext1, 0, sizeof( ciphertext1 ) );
+ memset( ciphertext2, 0, sizeof( ciphertext2 ) );
+ memset( key, 0, sizeof( key ) );
+
+ /*
+ * 1. Check wrap and unwrap with two seperate contexts
+ */
+ mbedtls_nist_kw_init( &ctx1 );
+ mbedtls_nist_kw_init( &ctx2 );
+
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx1,
+ MBEDTLS_CIPHER_ID_AES,
+ key, sizeof( key ) * 8,
+ 1 ) == 0 );
+
+ TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KW,
+ plaintext, sizeof( plaintext ),
+ ciphertext1, &output_len,
+ sizeof( ciphertext1 ) ) == 0 );
+ TEST_ASSERT( output_len == sizeof( ciphertext1 ) );
+
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx2,
+ MBEDTLS_CIPHER_ID_AES,
+ key, sizeof( key ) * 8,
+ 0 ) == 0 );
+
+ TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KW,
+ ciphertext1, output_len,
+ plaintext, &output_len,
+ sizeof( plaintext ) ) == 0 );
+
+ TEST_ASSERT( output_len == sizeof( plaintext ) );
+ for( i = 0; i < sizeof( plaintext ); i++ )
+ {
+ TEST_ASSERT( plaintext[i] == 0 );
+ }
+ mbedtls_nist_kw_free( &ctx1 );
+ mbedtls_nist_kw_free( &ctx2 );
+
+ /*
+ * 2. Check wrapping with two modes, on same context
+ */
+ mbedtls_nist_kw_init( &ctx1 );
+ mbedtls_nist_kw_init( &ctx2 );
+ output_len = sizeof( ciphertext1 );
+
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx1,
+ MBEDTLS_CIPHER_ID_AES,
+ key, sizeof( key ) * 8,
+ 1 ) == 0 );
+
+ TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KW,
+ plaintext, sizeof( plaintext ),
+ ciphertext1, &output_len,
+ sizeof( ciphertext1 ) ) == 0 );
+ TEST_ASSERT( output_len == sizeof( ciphertext1 ) );
+
+ TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KWP,
+ plaintext, sizeof( plaintext ),
+ ciphertext2, &output_len,
+ sizeof( ciphertext2 ) ) == 0 );
+
+ TEST_ASSERT( output_len == sizeof( ciphertext2 ) );
+
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx2,
+ MBEDTLS_CIPHER_ID_AES,
+ key, sizeof( key ) * 8,
+ 0 ) == 0 );
+
+ TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KW,
+ ciphertext1, sizeof( ciphertext1 ),
+ plaintext, &output_len,
+ sizeof( plaintext ) ) == 0 );
+
+ TEST_ASSERT( output_len == sizeof( plaintext ) );
+
+ for( i = 0; i < sizeof( plaintext ); i++ )
+ {
+ TEST_ASSERT( plaintext[i] == 0 );
+ }
+
+ TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KWP,
+ ciphertext2, sizeof( ciphertext2 ),
+ plaintext, &output_len,
+ sizeof( plaintext ) ) == 0 );
+
+ TEST_ASSERT( output_len == sizeof( plaintext ) );
+
+ for( i = 0; i < sizeof( plaintext ); i++ )
+ {
+ TEST_ASSERT( plaintext[i] == 0 );
+ }
+
+exit:
+ mbedtls_nist_kw_free( &ctx1 );
+ mbedtls_nist_kw_free( &ctx2 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_nist_kw_setkey( int cipher_id, int key_size,
+ int is_wrap, int result )
+{
+ mbedtls_nist_kw_context ctx;
+ unsigned char key[32];
+ int ret;
+
+ mbedtls_nist_kw_init( &ctx );
+
+ memset( key, 0x2A, sizeof( key ) );
+ TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
+
+ ret = mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_size, is_wrap );
+ TEST_ASSERT( ret == result );
+
+exit:
+ mbedtls_nist_kw_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void nist_kw_plaintext_lengths( int in_len, int out_len, int mode, int res )
+{
+ mbedtls_nist_kw_context ctx;
+ unsigned char key[16];
+ unsigned char *plaintext = NULL;
+ unsigned char *ciphertext = NULL;
+ size_t output_len = out_len;
+
+ mbedtls_nist_kw_init( &ctx );
+
+ memset( key, 0, sizeof( key ) );
+
+ if( in_len != 0 )
+ {
+ plaintext = mbedtls_calloc( 1, in_len );
+ TEST_ASSERT( plaintext != NULL );
+ }
+
+ if( out_len != 0 )
+ {
+ ciphertext = mbedtls_calloc( 1, output_len );
+ TEST_ASSERT( ciphertext != NULL );
+ }
+
+ memset( plaintext, 0, in_len );
+ memset( ciphertext, 0, output_len );
+
+
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
+ key, 8 * sizeof( key ), 1 ) == 0 );
+
+ TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, plaintext, in_len,
+ ciphertext, &output_len,
+ output_len ) == res );
+ if( res == 0 )
+ {
+ if( mode == MBEDTLS_KW_MODE_KWP )
+ TEST_ASSERT( output_len == (size_t) in_len + 8 -
+ ( in_len % 8 ) + 8 );
+ else
+ TEST_ASSERT( output_len == (size_t) in_len + 8 );
+ }
+ else
+ {
+ TEST_ASSERT( output_len == 0 );
+ }
+
+exit:
+ mbedtls_free( ciphertext );
+ mbedtls_free( plaintext );
+ mbedtls_nist_kw_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void nist_kw_ciphertext_lengths( int in_len, int out_len, int mode, int res )
+{
+ mbedtls_nist_kw_context ctx;
+ unsigned char key[16];
+ unsigned char *plaintext = NULL;
+ unsigned char *ciphertext = NULL;
+ int unwrap_ret;
+ size_t output_len = out_len;
+
+ mbedtls_nist_kw_init( &ctx );
+
+ memset( key, 0, sizeof( key ) );
+
+ if( out_len != 0 )
+ {
+ plaintext = mbedtls_calloc( 1, output_len );
+ TEST_ASSERT( plaintext != NULL );
+ }
+ if( in_len != 0 )
+ {
+ ciphertext = mbedtls_calloc( 1, in_len );
+ TEST_ASSERT( ciphertext != NULL );
+ }
+
+ memset( plaintext, 0, output_len );
+ memset( ciphertext, 0, in_len );
+
+
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
+ key, 8 * sizeof( key ), 0 ) == 0 );
+ unwrap_ret = mbedtls_nist_kw_unwrap( &ctx, mode, ciphertext, in_len,
+ plaintext, &output_len,
+ output_len );
+
+ if( res == 0 )
+ TEST_ASSERT( unwrap_ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
+ else
+ TEST_ASSERT( unwrap_ret == res );
+
+ TEST_ASSERT( output_len == 0 );
+
+exit:
+ mbedtls_free( ciphertext );
+ mbedtls_free( plaintext );
+ mbedtls_nist_kw_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_nist_kw_wrap( int cipher_id, int mode,
+ char *key_hex, char *msg_hex,
+ char *result_hex )
+{
+ unsigned char key[32];
+ unsigned char msg[512];
+ unsigned char result[528];
+ unsigned char expected_result[528];
+ mbedtls_nist_kw_context ctx;
+ size_t key_len, msg_len, output_len, result_len, i, padlen;
+
+ mbedtls_nist_kw_init( &ctx );
+
+ memset( key, 0x00, sizeof( key ) );
+ memset( msg, 0x00, sizeof( msg ) );
+ memset( result, '+', sizeof( result ) );
+
+ key_len = unhexify( key, key_hex );
+ msg_len = unhexify( msg, msg_hex );
+ result_len = unhexify( expected_result, result_hex );
+ output_len = sizeof( result );
+
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_len * 8, 1 )
+ == 0 );
+
+ /* Test with input == output */
+ TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg, msg_len,
+ result, &output_len, sizeof( result ) ) == 0 );
+
+ TEST_ASSERT( output_len == result_len );
+
+ TEST_ASSERT( memcmp( expected_result, result, result_len ) == 0 );
+
+ padlen = ( msg_len % 8 != 0 ) ? 8 - (msg_len % 8 ) : 0;
+ /* Check that the function didn't write beyond the end of the buffer. */
+ for( i = msg_len + 8 + padlen; i < sizeof( result ); i++ )
+ {
+ TEST_ASSERT( result[i] == '+' );
+ }
+
+exit:
+ mbedtls_nist_kw_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_nist_kw_unwrap( int cipher_id, int mode,
+ char *key_hex, char *msg_hex,
+ char *result_hex, int expected_ret )
+{
+ unsigned char key[32];
+ unsigned char msg[528];
+ unsigned char result[528];
+ unsigned char expected_result[528];
+ mbedtls_nist_kw_context ctx;
+ size_t key_len, msg_len, output_len, result_len, i;
+
+ mbedtls_nist_kw_init( &ctx );
+
+ memset( key, 0x00, sizeof( key ) );
+ memset( msg, 0x00, sizeof( msg ) );
+ memset( result, '+', sizeof( result ) );
+ memset( expected_result, 0x00, sizeof( expected_result ) );
+
+ key_len = unhexify( key, key_hex );
+ msg_len = unhexify( msg, msg_hex );
+ result_len = unhexify( expected_result, result_hex );
+ output_len = sizeof( result );
+
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_len * 8, 0 )
+ == 0 );
+
+ /* Test with input == output */
+ TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg, msg_len,
+ result, &output_len, sizeof( result ) ) == expected_ret );
+ if( expected_ret == 0 )
+ {
+ TEST_ASSERT( output_len == result_len );
+ TEST_ASSERT( memcmp( expected_result, result, result_len ) == 0 );
+ }
+ else
+ {
+ TEST_ASSERT( output_len == 0 );
+ }
+
+ /* Check that the function didn't write beyond the end of the buffer. */
+ for( i = msg_len - 8; i < sizeof( result ); i++ )
+ {
+ TEST_ASSERT( result[i] == '+' );
+ }
+
+exit:
+ mbedtls_nist_kw_free( &ctx );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function
index c24595d..947f1fb 100644
--- a/tests/suites/test_suite_pem.function
+++ b/tests/suites/test_suite_pem.function
@@ -6,25 +6,21 @@
/* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
-void mbedtls_pem_write_buffer( char *start, char *end, char *buf_str, char *result_str )
+void mbedtls_pem_write_buffer( char * start, char * end, data_t * buf,
+ char * result_str )
{
- unsigned char buf[5000];
unsigned char *check_buf = NULL;
int ret;
- size_t buf_len, olen = 0, olen2 = 0;
+ size_t olen = 0, olen2 = 0;
- memset( buf, 0, sizeof( buf ) );
- buf_len = unhexify( buf, buf_str );
-
- ret = mbedtls_pem_write_buffer( start, end, buf, buf_len, NULL, 0, &olen );
+ ret = mbedtls_pem_write_buffer( start, end, buf->x, buf->len, NULL, 0, &olen );
TEST_ASSERT( ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
check_buf = (unsigned char *) mbedtls_calloc( 1, olen );
TEST_ASSERT( check_buf != NULL );
- memset( check_buf, 0, olen );
- ret = mbedtls_pem_write_buffer( start, end, buf, buf_len, check_buf, olen, &olen2 );
+ ret = mbedtls_pem_write_buffer( start, end, buf->x, buf->len, check_buf, olen, &olen2 );
TEST_ASSERT( olen2 <= olen );
TEST_ASSERT( olen > strlen( (char*) result_str ) );
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index a066bd9..478cde7 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -153,3 +153,35 @@
RSA hash_len overflow (size_t vs unsigned int)
depends_on:MBEDTLS_RSA_C:MBEDTLS_HAVE_INT64
pk_rsa_overflow:
+
+ECDSA restartable sign/verify: ECDSA, max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
+
+ECDSA restartable sign/verify: ECKEY, max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
+
+ECDSA restartable sign/verify: ECDSA, max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
+
+ECDSA restartable sign/verify: ECKEY, max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
+
+ECDSA restartable sign/verify: ECDSA, max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
+
+ECDSA restartable sign/verify: ECKEY, max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
+
+ECDSA restartable sign/verify: ECDSA, max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
+
+ECDSA restartable sign/verify: ECKEY, max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index c0c987d..4813f71 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -70,7 +70,7 @@
*/
/* BEGIN_CASE */
-void pk_utils( int type, int size, int len, char *name )
+void pk_utils( int type, int size, int len, char * name )
{
mbedtls_pk_context pk;
@@ -91,7 +91,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */
-void mbedtls_pk_check_pair( char *pub_file, char *prv_file, int ret )
+void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret )
{
mbedtls_pk_context pub, prv, alt;
@@ -121,22 +121,27 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_verify_test_vec( char *message_hex_string, int digest,
- int mod, int radix_N, char *input_N, int radix_E,
- char *input_E, char *result_hex_str, int result )
+void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
+ int radix_N, char * input_N, int radix_E,
+ char * input_E, data_t * result_str,
+ int result )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
- unsigned char result_str[1000];
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
- int msg_len;
+ mbedtls_pk_restart_ctx *rs_ctx = NULL;
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ mbedtls_pk_restart_ctx ctx;
+
+ rs_ctx = &ctx;
+ mbedtls_pk_restart_init( rs_ctx );
+ // this setting would ensure restart would happen if ECC was used
+ mbedtls_ecp_set_max_ops( 1 );
+#endif
mbedtls_pk_init( &pk );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
- memset( result_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
rsa = mbedtls_pk_rsa( pk );
@@ -145,42 +150,41 @@
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
- unhexify( result_str, result_hex_str );
if( mbedtls_md_info_from_type( digest ) != NULL )
- TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
+ TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
- result_str, mbedtls_pk_get_len( &pk ) ) == result );
+ result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
+
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, hash_result, 0,
+ result_str->x, mbedtls_pk_get_len( &pk ), rs_ctx ) == result );
exit:
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ mbedtls_pk_restart_free( rs_ctx );
+#endif
mbedtls_pk_free( &pk );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_verify_ext_test_vec( char *message_hex_string, int digest,
- int mod, int radix_N, char *input_N, int radix_E,
- char *input_E, char *result_hex_str,
- int pk_type, int mgf1_hash_id, int salt_len,
- int result )
+void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
+ int mod, int radix_N, char * input_N,
+ int radix_E, char * input_E,
+ data_t * result_str, int pk_type,
+ int mgf1_hash_id, int salt_len, int result )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
- unsigned char result_str[1000];
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
mbedtls_pk_rsassa_pss_options pss_opts;
void *options;
- int msg_len;
size_t hash_len;
mbedtls_pk_init( &pk );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
- memset( result_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
rsa = mbedtls_pk_rsa( pk );
@@ -189,19 +193,17 @@
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
- unhexify( result_str, result_hex_str );
if( digest != MBEDTLS_MD_NONE )
{
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
- message_str, msg_len, hash_result ) == 0 );
+ message_str->x, message_str->len, hash_result ) == 0 );
hash_len = 0;
}
else
{
- memcpy( hash_result, message_str, msg_len );
- hash_len = msg_len;
+ memcpy( hash_result, message_str->x, message_str->len );
+ hash_len = message_str->len;
}
if( mgf1_hash_id < 0 )
@@ -218,7 +220,7 @@
TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk,
digest, hash_result, hash_len,
- result_str, mbedtls_pk_get_len( &pk ) ) == result );
+ result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
exit:
mbedtls_pk_free( &pk );
@@ -226,19 +228,14 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */
-void pk_ec_test_vec( int type, int id, char *key_str,
- char *hash_str, char * sig_str, int ret )
+void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,
+ data_t * sig, int ret )
{
mbedtls_pk_context pk;
mbedtls_ecp_keypair *eckey;
- unsigned char hash[100], sig[500], key[500];
- size_t hash_len, sig_len, key_len;
mbedtls_pk_init( &pk );
- memset( hash, 0, sizeof( hash ) ); hash_len = unhexify(hash, hash_str);
- memset( sig, 0, sizeof( sig ) ); sig_len = unhexify(sig, sig_str);
- memset( key, 0, sizeof( key ) ); key_len = unhexify(key, key_str);
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
@@ -247,22 +244,135 @@
TEST_ASSERT( mbedtls_ecp_group_load( &eckey->grp, id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
- key, key_len ) == 0 );
+ key->x, key->len ) == 0 );
TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE,
- hash, hash_len, sig, sig_len ) == ret );
+ hash->x, hash->len, sig->x, sig->len ) == ret );
exit:
mbedtls_pk_free( &pk );
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
+void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
+ char *QX_str, char *QY_str,
+ int md_alg, char *msg, char *sig_str,
+ int max_ops, int min_restart, int max_restart )
+{
+ int ret, cnt_restart;
+ mbedtls_pk_restart_ctx rs_ctx;
+ mbedtls_pk_context prv, pub;
+ unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+ unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
+ unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
+ size_t hlen, slen, slen_check;
+ const mbedtls_md_info_t *md_info;
+
+ mbedtls_pk_restart_init( &rs_ctx );
+ mbedtls_pk_init( &prv );
+ mbedtls_pk_init( &pub );
+ memset( hash, 0, sizeof( hash ) );
+ memset( sig, 0, sizeof( sig ) );
+ memset( sig_check, 0, sizeof( sig_check ) );
+
+ TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
+
+ TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 );
+
+ slen_check = unhexify( sig_check, sig_str );
+
+ md_info = mbedtls_md_info_from_type( md_alg );
+ TEST_ASSERT( md_info != NULL );
+
+ hlen = mbedtls_md_get_size( md_info );
+ mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
+
+ mbedtls_ecp_set_max_ops( max_ops );
+
+ slen = sizeof( sig );
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
+ sig, &slen, NULL, NULL, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( slen == slen_check );
+ TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
+
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_pk_verify_restartable( &pub, md_alg,
+ hash, hlen, sig, slen, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ hash[0]++;
+ do {
+ ret = mbedtls_pk_verify_restartable( &pub, md_alg,
+ hash, hlen, sig, slen, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ TEST_ASSERT( ret != 0 );
+ hash[0]--;
+
+ sig[0]++;
+ do {
+ ret = mbedtls_pk_verify_restartable( &pub, md_alg,
+ hash, hlen, sig, slen, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ TEST_ASSERT( ret != 0 );
+ sig[0]--;
+
+ /* Do we leak memory when aborting? try verify then sign
+ * This test only makes sense when we actually restart */
+ if( min_restart > 0 )
+ {
+ ret = mbedtls_pk_verify_restartable( &pub, md_alg,
+ hash, hlen, sig, slen, &rs_ctx );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ mbedtls_pk_restart_free( &rs_ctx );
+
+ slen = sizeof( sig );
+ ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
+ sig, &slen, NULL, NULL, &rs_ctx );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ }
+
+exit:
+ mbedtls_pk_restart_free( &rs_ctx );
+ mbedtls_pk_free( &prv );
+ mbedtls_pk_free( &pub );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
void pk_sign_verify( int type, int sign_ret, int verify_ret )
{
mbedtls_pk_context pk;
unsigned char hash[50], sig[5000];
size_t sig_len;
+ void *rs_ctx = NULL;
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ mbedtls_pk_restart_ctx ctx;
+
+ rs_ctx = &ctx;
+ mbedtls_pk_restart_init( rs_ctx );
+ /* This value is large enough that the operation will complete in one run.
+ * See comments at the top of ecp_test_vect_restart in
+ * test_suite_ecp.function for estimates of operation counts. */
+ mbedtls_ecp_set_max_ops( 42000 );
+#endif
mbedtls_pk_init( &pk );
@@ -272,38 +382,67 @@
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
TEST_ASSERT( pk_genkey( &pk ) == 0 );
- TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
- sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
+ TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256,
+ hash, sizeof hash, sig, &sig_len,
+ rnd_std_rand, NULL, rs_ctx ) == sign_ret );
TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
hash, sizeof hash, sig, sig_len ) == verify_ret );
+ if( verify_ret == 0 )
+ {
+ hash[0]++;
+ TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
+ hash, sizeof hash, sig, sig_len ) != 0 );
+ hash[0]--;
+
+ sig[0]++;
+ TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
+ hash, sizeof hash, sig, sig_len ) != 0 );
+ sig[0]--;
+ }
+
+ TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
+ sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
+
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
+ hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret );
+
+ if( verify_ret == 0 )
+ {
+ hash[0]++;
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
+ hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
+ hash[0]--;
+
+ sig[0]++;
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
+ hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
+ sig[0]--;
+ }
+
exit:
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ mbedtls_pk_restart_free( rs_ctx );
+#endif
mbedtls_pk_free( &pk );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_encrypt_test_vec( char *message_hex, int mod,
- int radix_N, char *input_N,
- int radix_E, char *input_E,
- char *result_hex, int ret )
+void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N,
+ char * input_N, int radix_E, char * input_E,
+ data_t * result, int ret )
{
- unsigned char message[1000];
unsigned char output[1000];
- unsigned char result[1000];
- size_t msg_len, olen, res_len;
rnd_pseudo_info rnd_info;
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
+ size_t olen;
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
- memset( message, 0, sizeof( message ) );
memset( output, 0, sizeof( output ) );
- memset( result, 0, sizeof( result ) );
- msg_len = unhexify( message, message_hex );
- res_len = unhexify( result, result_hex );
mbedtls_pk_init( &pk );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
@@ -313,11 +452,11 @@
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_pk_encrypt( &pk, message, msg_len,
+ TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
output, &olen, sizeof( output ),
rnd_pseudo_rand, &rnd_info ) == ret );
- TEST_ASSERT( olen == res_len );
- TEST_ASSERT( memcmp( output, result, olen ) == 0 );
+ TEST_ASSERT( olen == result->len );
+ TEST_ASSERT( memcmp( output, result->x, olen ) == 0 );
exit:
mbedtls_pk_free( &pk );
@@ -325,32 +464,24 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_decrypt_test_vec( char *cipher_hex, int mod,
- int radix_P, char *input_P,
- int radix_Q, char *input_Q,
- int radix_N, char *input_N,
- int radix_E, char *input_E,
- char *clear_hex, int ret )
+void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P,
+ char * input_P, int radix_Q, char * input_Q,
+ int radix_N, char * input_N, int radix_E,
+ char * input_E, data_t * clear, int ret )
{
- unsigned char clear[1000];
unsigned char output[1000];
- unsigned char cipher[1000];
- size_t clear_len, olen, cipher_len;
rnd_pseudo_info rnd_info;
mbedtls_mpi N, P, Q, E;
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
+ size_t olen;
mbedtls_pk_init( &pk );
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
- memset( clear, 0, sizeof( clear ) );
- memset( cipher, 0, sizeof( cipher ) );
- clear_len = unhexify( clear, clear_hex );
- cipher_len = unhexify( cipher, cipher_hex );
/* init pk-rsa context */
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
@@ -370,13 +501,13 @@
/* decryption test */
memset( output, 0, sizeof( output ) );
olen = 0;
- TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher, cipher_len,
+ TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher->x, cipher->len,
output, &olen, sizeof( output ),
rnd_pseudo_rand, &rnd_info ) == ret );
if( ret == 0 )
{
- TEST_ASSERT( olen == clear_len );
- TEST_ASSERT( memcmp( output, clear, olen ) == 0 );
+ TEST_ASSERT( olen == clear->len );
+ TEST_ASSERT( memcmp( output, clear->x, olen ) == 0 );
}
exit:
@@ -453,7 +584,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
-void pk_rsa_alt( )
+void pk_rsa_alt( )
{
/*
* An rsa_alt context can only do private operations (decrypt, sign).
diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function
index 7f8b1c8..83f417c 100644
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@@ -9,28 +9,22 @@
*/
/* BEGIN_CASE */
-void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char *input_N, int radix_E,
- char *input_E, int hash,
- char *message_hex_string, char *seed,
- char *result_hex_str, int result )
+void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
+ int radix_E, char * input_E, int hash,
+ data_t * message_str, data_t * rnd_buf,
+ data_t * result_hex_str, int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
- unsigned char rnd_buf[1000];
mbedtls_rsa_context ctx;
- size_t msg_len;
rnd_buf_info info;
mbedtls_mpi N, E;
- info.length = unhexify( rnd_buf, seed );
- info.buf = rnd_buf;
+ info.buf = rnd_buf->x;
+ info.length = rnd_buf->len;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
- memset( message_str, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -38,14 +32,12 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
- TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PUBLIC, message_str->len, message_str->x, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
exit:
@@ -55,15 +47,14 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char *input_P,
- int radix_Q, char *input_Q, int radix_N,
- char *input_N, int radix_E, char *input_E,
- int hash, char *result_hex_str, char *seed,
- char *message_hex_string, int result )
+void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P,
+ int radix_Q, char * input_Q, int radix_N,
+ char * input_N, int radix_E, char * input_E,
+ int hash, data_t * result_hex_str,
+ char * seed, data_t * message_str,
+ int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx;
size_t output_len;
rnd_pseudo_info rnd_info;
@@ -74,9 +65,7 @@
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
- memset( message_str, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@@ -89,14 +78,12 @@
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- unhexify( message_str, message_hex_string );
- TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str, output, 1000 ) == result );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, 1000 ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len) == 0 );
}
exit:
@@ -107,33 +94,27 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsassa_v15_sign( int mod, int radix_P, char *input_P, int radix_Q,
- char *input_Q, int radix_N, char *input_N,
- int radix_E, char *input_E, int digest, int hash,
- char *message_hex_string, char *salt,
- char *result_hex_str, int result )
+void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
+ char * input_Q, int radix_N, char * input_N,
+ int radix_E, char * input_E, int digest, int hash,
+ data_t * message_str, data_t * rnd_buf,
+ data_t * result_hex_str, int result )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
- unsigned char rnd_buf[1000];
mbedtls_rsa_context ctx;
mbedtls_mpi N, P, Q, E;
- size_t msg_len;
rnd_buf_info info;
- info.length = unhexify( rnd_buf, salt );
- info.buf = rnd_buf;
+ info.buf = rnd_buf->x;
+ info.length = rnd_buf->len;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
@@ -145,17 +126,15 @@
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
if( mbedtls_md_info_from_type( digest ) != NULL )
- TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
+ TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len);
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
exit:
@@ -166,24 +145,19 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsassa_v15_verify( int mod, int radix_N, char *input_N, int radix_E,
- char *input_E, int digest, int hash,
- char *message_hex_string, char *salt,
- char *result_hex_str, int result )
+void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
+ int radix_E, char * input_E, int digest,
+ int hash, data_t * message_str, char * salt,
+ data_t * result_str, int result )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
- unsigned char result_str[1000];
mbedtls_rsa_context ctx;
- size_t msg_len;
mbedtls_mpi N, E;
((void) salt);
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
- memset( result_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -191,16 +165,11 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
- unhexify( result_str, result_hex_str );
if( mbedtls_md_info_from_type( digest ) != NULL )
- TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
- message_str, msg_len, hash_result ) == 0 );
+ TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
- TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
- digest, 0, hash_result,
- result_str ) == result );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
exit:
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function
index 50da2ff..99be08a 100644
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@@ -9,28 +9,22 @@
*/
/* BEGIN_CASE */
-void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char *input_N, int radix_E,
- char *input_E, int hash,
- char *message_hex_string, char *seed,
- char *result_hex_str, int result )
+void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N,
+ int radix_E, char * input_E, int hash,
+ data_t * message_str, data_t * rnd_buf,
+ data_t * result_hex_str, int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
- unsigned char rnd_buf[1000];
mbedtls_rsa_context ctx;
- size_t msg_len;
rnd_buf_info info;
mbedtls_mpi N, E;
- info.length = unhexify( rnd_buf, seed );
- info.buf = rnd_buf;
+ info.buf = rnd_buf->x;
+ info.length = rnd_buf->len;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
- memset( message_str, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -38,14 +32,12 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
- TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PUBLIC, message_str->len, message_str->x, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
exit:
@@ -55,15 +47,14 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char *input_P,
- int radix_Q, char *input_Q, int radix_N,
- char *input_N, int radix_E, char *input_E,
- int hash, char *result_hex_str, char *seed,
- char *message_hex_string, int result )
+void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P,
+ int radix_Q, char * input_Q, int radix_N,
+ char * input_N, int radix_E, char * input_E,
+ int hash, data_t * result_hex_str,
+ char * seed, data_t * message_str,
+ int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx;
size_t output_len;
rnd_pseudo_info rnd_info;
@@ -75,9 +66,7 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
- memset( message_str, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@@ -90,14 +79,12 @@
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- unhexify( message_str, message_hex_string );
- TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str, output, 1000 ) == result );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, 1000 ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 );
}
exit:
@@ -108,33 +95,27 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsassa_pss_sign( int mod, int radix_P, char *input_P, int radix_Q,
- char *input_Q, int radix_N, char *input_N,
- int radix_E, char *input_E, int digest, int hash,
- char *message_hex_string, char *salt,
- char *result_hex_str, int result )
+void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q,
+ char * input_Q, int radix_N, char * input_N,
+ int radix_E, char * input_E, int digest, int hash,
+ data_t * message_str, data_t * rnd_buf,
+ data_t * result_hex_str, int result )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
- unsigned char rnd_buf[1000];
mbedtls_rsa_context ctx;
- size_t msg_len;
rnd_buf_info info;
mbedtls_mpi N, P, Q, E;
- info.length = unhexify( rnd_buf, salt );
- info.buf = rnd_buf;
+ info.buf = rnd_buf->x;
+ info.length = rnd_buf->len;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
@@ -146,19 +127,16 @@
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
if( mbedtls_md_info_from_type( digest ) != NULL )
- TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str,
- msg_len, hash_result ) == 0 );
+ TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE,
digest, 0, hash_result, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len);
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
exit:
@@ -169,24 +147,19 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsassa_pss_verify( int mod, int radix_N, char *input_N, int radix_E,
- char *input_E, int digest, int hash,
- char *message_hex_string, char *salt,
- char *result_hex_str, int result )
+void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N,
+ int radix_E, char * input_E, int digest,
+ int hash, data_t * message_str, char * salt,
+ data_t * result_str, int result )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
- unsigned char result_str[1000];
mbedtls_rsa_context ctx;
- size_t msg_len;
mbedtls_mpi N, E;
((void) salt);
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
- memset( result_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -195,15 +168,11 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
- unhexify( result_str, result_hex_str );
if( mbedtls_md_info_from_type( digest ) != NULL )
- TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str,
- msg_len, hash_result ) == 0 );
+ TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
- TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
- digest, 0, hash_result, result_str ) == result );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
exit:
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
@@ -212,28 +181,22 @@
/* END_CASE */
/* BEGIN_CASE */
-void pkcs1_rsassa_pss_verify_ext( int mod,
- int radix_N, char *input_N,
- int radix_E, char *input_E,
+void pkcs1_rsassa_pss_verify_ext( int mod, int radix_N, char * input_N,
+ int radix_E, char * input_E,
int msg_digest_id, int ctx_hash,
int mgf_hash, int salt_len,
- char *message_hex_string,
- char *result_hex_str,
- int result_simple,
+ data_t * message_str,
+ data_t * result_str, int result_simple,
int result_full )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
- unsigned char result_str[1000];
mbedtls_rsa_context ctx;
- size_t msg_len, hash_len;
+ size_t hash_len;
mbedtls_mpi N, E;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
- memset( result_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -242,29 +205,27 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
- unhexify( result_str, result_hex_str );
if( msg_digest_id != MBEDTLS_MD_NONE )
{
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( msg_digest_id ),
- message_str, msg_len, hash_result ) == 0 );
+ message_str->x, message_str->len, hash_result ) == 0 );
hash_len = 0;
}
else
{
- memcpy( hash_result, message_str, msg_len );
- hash_len = msg_len;
+ memcpy( hash_result, message_str->x, message_str->len );
+ hash_len = message_str->len;
}
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
msg_digest_id, hash_len, hash_result,
- result_str ) == result_simple );
+ result_str->x ) == result_simple );
TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
msg_digest_id, hash_len, hash_result,
mgf_hash, salt_len,
- result_str ) == result_full );
+ result_str->x ) == result_full );
exit:
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function
index 98546cb..26f1d33 100644
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@@ -8,38 +8,23 @@
*/
/* BEGIN_CASE */
-void pbkdf2_hmac( int hash, char *hex_password_string,
- char *hex_salt_string, int it_cnt, int key_len,
- char *result_key_string )
+void pbkdf2_hmac( int hash, data_t * pw_str, data_t * salt_str,
+ int it_cnt, int key_len, data_t * result_key_string )
{
- unsigned char pw_str[100];
- unsigned char salt_str[100];
- unsigned char dst_str[200];
-
mbedtls_md_context_t ctx;
const mbedtls_md_info_t *info;
- int pw_len, salt_len;
unsigned char key[100];
mbedtls_md_init( &ctx );
- memset(pw_str, 0x00, sizeof(pw_str));
- memset(salt_str, 0x00, sizeof(salt_str));
- memset(dst_str, 0x00, sizeof(dst_str));
-
- pw_len = unhexify( pw_str, hex_password_string );
- salt_len = unhexify( salt_str, hex_salt_string );
-
-
info = mbedtls_md_info_from_type( hash );
TEST_ASSERT( info != NULL );
TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 );
- TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str, pw_len, salt_str, salt_len,
+ TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len,
it_cnt, key_len, key ) == 0 );
- hexify( dst_str, key, key_len );
- TEST_ASSERT( strcmp( (char *) dst_str, result_key_string ) == 0 );
+ TEST_ASSERT( hexcmp( key, result_key_string->x, key_len, result_key_string->len ) == 0 );
exit:
mbedtls_md_free( &ctx );
@@ -47,40 +32,33 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
-void mbedtls_pkcs5_pbes2( int params_tag, char *params_hex, char *pw_hex,
- char *data_hex, int ref_ret, char *ref_out_hex )
+void mbedtls_pkcs5_pbes2( int params_tag, data_t *params_hex, data_t *pw,
+ data_t *data, int ref_ret, data_t *ref_out )
{
int my_ret;
mbedtls_asn1_buf params;
- unsigned char *my_out = NULL, *ref_out = NULL, *data = NULL, *pw = NULL;
- size_t ref_out_len, data_len, pw_len;
+ unsigned char *my_out = NULL;
params.tag = params_tag;
- params.p = unhexify_alloc( params_hex, ¶ms.len );
+ params.p = params_hex->x;
+ params.len = params_hex->len;
- data = unhexify_alloc( data_hex, &data_len );
- pw = unhexify_alloc( pw_hex, &pw_len );
- ref_out = unhexify_alloc( ref_out_hex, &ref_out_len );
- my_out = zero_alloc( ref_out_len );
+ my_out = zero_alloc( ref_out->len );
my_ret = mbedtls_pkcs5_pbes2( ¶ms, MBEDTLS_PKCS5_DECRYPT,
- pw, pw_len, data, data_len, my_out );
+ pw->x, pw->len, data->x, data->len, my_out );
TEST_ASSERT( my_ret == ref_ret );
if( ref_ret == 0 )
- TEST_ASSERT( memcmp( my_out, ref_out, ref_out_len ) == 0 );
+ TEST_ASSERT( memcmp( my_out, ref_out->x, ref_out->len ) == 0 );
exit:
- mbedtls_free( params.p );
- mbedtls_free( data );
- mbedtls_free( pw );
- mbedtls_free( ref_out );
mbedtls_free( my_out );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void pkcs5_selftest( )
+void pkcs5_selftest( )
{
TEST_ASSERT( mbedtls_pkcs5_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data
index cbbbd5b7..4add252 100644
--- a/tests/suites/test_suite_pkparse.data
+++ b/tests/suites/test_suite_pkparse.data
@@ -207,15 +207,15 @@
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #35 (PKCS#8 encrypted SHA1-RC4-128 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der":"PolarSSLTest":0
Parse RSA Key #36 (PKCS#8 encrypted SHA1-RC4-128 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der":"PolarSSLTest":0
Parse RSA Key #37 (PKCS#8 encrypted SHA1-RC4-128 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der":"PolarSSLTest":0
Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES)
@@ -1033,11 +1033,11 @@
pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0
Parse EC Key #6 (PKCS8 encrypted DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.der":"polar":0
Parse EC Key #7 (PKCS8 encrypted PEM)
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.pem":"polar":0
Parse EC Key #8 (SEC1 PEM, secp224r1)
diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function
index 94d25e7..3eb0397 100644
--- a/tests/suites/test_suite_pkparse.function
+++ b/tests/suites/test_suite_pkparse.function
@@ -10,7 +10,7 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
-void pk_parse_keyfile_rsa( char *key_file, char *password, int result )
+void pk_parse_keyfile_rsa( char * key_file, char * password, int result )
{
mbedtls_pk_context ctx;
int res;
@@ -39,7 +39,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
-void pk_parse_public_keyfile_rsa( char *key_file, int result )
+void pk_parse_public_keyfile_rsa( char * key_file, int result )
{
mbedtls_pk_context ctx;
int res;
@@ -64,7 +64,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */
-void pk_parse_public_keyfile_ec( char *key_file, int result )
+void pk_parse_public_keyfile_ec( char * key_file, int result )
{
mbedtls_pk_context ctx;
int res;
@@ -89,7 +89,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */
-void pk_parse_keyfile_ec( char *key_file, char *password, int result )
+void pk_parse_keyfile_ec( char * key_file, char * password, int result )
{
mbedtls_pk_context ctx;
int res;
@@ -113,23 +113,19 @@
}
/* END_CASE */
-/* BEGIN_CASE */
-void pk_parse_key( char *key_data, char *result_str, int result )
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
+void pk_parse_key( data_t * buf, char * result_str, int result )
{
mbedtls_pk_context pk;
- unsigned char buf[2000];
unsigned char output[2000];
- int data_len;
((void) result_str);
mbedtls_pk_init( &pk );
- memset( buf, 0, 2000 );
memset( output, 0, 2000 );
- data_len = unhexify( buf, key_data );
- TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf, data_len, NULL, 0 ) == ( result ) );
+ TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == ( result ) );
if( ( result ) == 0 )
{
TEST_ASSERT( 1 );
diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function
index 8b20640..3ad782d 100644
--- a/tests/suites/test_suite_pkwrite.function
+++ b/tests/suites/test_suite_pkwrite.function
@@ -10,7 +10,7 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
-void pk_write_pubkey_check( char *key_file )
+void pk_write_pubkey_check( char * key_file )
{
mbedtls_pk_context key;
unsigned char buf[5000];
@@ -42,7 +42,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
-void pk_write_key_check( char *key_file )
+void pk_write_key_check( char * key_file )
{
mbedtls_pk_context key;
unsigned char buf[5000];
diff --git a/tests/suites/test_suite_poly1305.data b/tests/suites/test_suite_poly1305.data
new file mode 100644
index 0000000..13912e9
--- /dev/null
+++ b/tests/suites/test_suite_poly1305.data
@@ -0,0 +1,42 @@
+Poly1305 RFC 7539 Example And Test Vector
+mbedtls_poly1305:"85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b":"a8061dc1305136c6c22b8baf0c0127a9":"43727970746f6772617068696320466f72756d2052657365617263682047726f7570"
+
+Poly1305 RFC 7539 Test Vector #1
+mbedtls_poly1305:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+Poly1305 RFC 7539 Test Vector #2
+mbedtls_poly1305:"0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e":"36e5f6b5c5e06070f0efca96227a863e":"416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f"
+
+Poly1305 RFC 7539 Test Vector #3
+mbedtls_poly1305:"36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000":"f3477e7cd95417af89a6b8794c310cf0":"416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f"
+
+Poly1305 RFC 7539 Test Vector #4
+mbedtls_poly1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"4541669a7eaaee61e708dc7cbcc5eb62":"2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e"
+
+Poly1305 RFC 7539 Test Vector #5
+mbedtls_poly1305:"0200000000000000000000000000000000000000000000000000000000000000":"03000000000000000000000000000000":"ffffffffffffffffffffffffffffffff"
+
+Poly1305 RFC 7539 Test Vector #6
+mbedtls_poly1305:"02000000000000000000000000000000ffffffffffffffffffffffffffffffff":"03000000000000000000000000000000":"02000000000000000000000000000000"
+
+Poly1305 RFC 7539 Test Vector #7
+mbedtls_poly1305:"0100000000000000000000000000000000000000000000000000000000000000":"05000000000000000000000000000000":"fffffffffffffffffffffffffffffffff0ffffffffffffffffffffffffffffff11000000000000000000000000000000"
+
+Poly1305 RFC 7539 Test Vector #8
+mbedtls_poly1305:"0100000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"fffffffffffffffffffffffffffffffffbfefefefefefefefefefefefefefefe01010101010101010101010101010101"
+
+Poly1305 RFC 7539 Test Vector #9
+mbedtls_poly1305:"0200000000000000000000000000000000000000000000000000000000000000":"faffffffffffffffffffffffffffffff":"fdffffffffffffffffffffffffffffff"
+
+Poly1305 RFC 7539 Test Vector #10
+mbedtls_poly1305:"0100000000000000040000000000000000000000000000000000000000000000":"14000000000000005500000000000000":"e33594d7505e43b900000000000000003394d7505e4379cd01000000000000000000000000000000000000000000000001000000000000000000000000000000"
+
+Poly1305 RFC 7539 Test Vector #11
+mbedtls_poly1305:"0100000000000000040000000000000000000000000000000000000000000000":"13000000000000000000000000000000":"e33594d7505e43b900000000000000003394d7505e4379cd010000000000000000000000000000000000000000000000"
+
+Poly1305 Parameter validation
+poly1305_bad_params:
+
+Poly1305 Selftest
+depends_on:MBEDTLS_SELF_TEST
+poly1305_selftest:
diff --git a/tests/suites/test_suite_poly1305.function b/tests/suites/test_suite_poly1305.function
new file mode 100644
index 0000000..62d2ad9
--- /dev/null
+++ b/tests/suites/test_suite_poly1305.function
@@ -0,0 +1,140 @@
+/* BEGIN_HEADER */
+#include "mbedtls/poly1305.h"
+#include <stddef.h>
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_POLY1305_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_poly1305( char *hex_key_string, char *hex_mac_string, char *hex_src_string )
+{
+ unsigned char src_str[375]; /* max size of binary input */
+ unsigned char key[32]; /* size set by the standard */
+ unsigned char mac[16]; /* size set by the standard */
+ unsigned char mac_str[33]; /* hex expansion of the above */
+ size_t src_len;
+ mbedtls_poly1305_context ctx;
+
+ memset( src_str, 0x00, sizeof( src_str ) );
+ memset( mac_str, 0x00, sizeof( mac_str ) );
+ memset( key, 0x00, sizeof( key ) );
+ memset( mac, 0x00, sizeof( mac ) );
+
+ src_len = unhexify( src_str, hex_src_string );
+ unhexify( key, hex_key_string );
+
+ /*
+ * Test the integrated API
+ */
+ TEST_ASSERT( mbedtls_poly1305_mac( key, src_str, src_len, mac ) == 0 );
+
+ hexify( mac_str, mac, 16 );
+ TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
+
+ /*
+ * Test the streaming API
+ */
+ mbedtls_poly1305_init( &ctx );
+
+ TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, src_len ) == 0 );
+
+ TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
+
+ hexify( mac_str, mac, 16 );
+ TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
+
+ /*
+ * Test the streaming API again, piecewise
+ */
+
+ /* Don't free/init the context, in order to test that starts() does the
+ * right thing. */
+ if( src_len >= 1 )
+ {
+ TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 1, src_len - 1 ) == 0 );
+
+ TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
+
+ hexify( mac_str, mac, 16 );
+ TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
+ }
+
+ /*
+ * Again with more pieces
+ */
+ if( src_len >= 2 )
+ {
+ TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 1, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 2, src_len - 2 ) == 0 );
+
+ TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
+
+ hexify( mac_str, mac, 16 );
+ TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
+ }
+
+ mbedtls_poly1305_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void poly1305_bad_params()
+{
+ unsigned char src[1];
+ unsigned char key[32];
+ unsigned char mac[16];
+ size_t src_len = sizeof( src );
+ mbedtls_poly1305_context ctx;
+
+ mbedtls_poly1305_init( NULL );
+ mbedtls_poly1305_free( NULL );
+
+ mbedtls_poly1305_init( &ctx );
+
+ TEST_ASSERT( mbedtls_poly1305_starts( NULL, key )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_poly1305_starts( &ctx, NULL )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_poly1305_update( NULL, src, 0 )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, NULL, src_len )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, NULL, 0 )
+ == 0 );
+
+ TEST_ASSERT( mbedtls_poly1305_finish( NULL, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_poly1305_finish( &ctx, NULL )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_poly1305_mac( NULL, src, 0, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_poly1305_mac( key, NULL, src_len, mac )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_poly1305_mac( key, src, 0, NULL )
+ == MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_poly1305_mac( key, NULL, 0, mac )
+ == 0 );
+
+ mbedtls_poly1305_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void poly1305_selftest()
+{
+ TEST_ASSERT( mbedtls_poly1305_self_test( 1 ) == 0 );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index 4114906..e495151 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -237,15 +237,15 @@
RSA PKCS1 Sign #8 (RAW, 2048 bits RSA)
depends_on:MBEDTLS_PKCS1_V15
-rsa_pkcs1_sign_raw:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8"
+rsa_pkcs1_sign_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8"
RSA PKCS1 Sign #8 Verify
depends_on:MBEDTLS_PKCS1_V15
-rsa_pkcs1_verify_raw:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":0
+rsa_pkcs1_verify_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":0
RSA PKCS1 Sign #8 Verify (Wrong raw hash)
depends_on:MBEDTLS_PKCS1_V15
-rsa_pkcs1_verify_raw:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":"1234567890deadcafe":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_VERIFY_FAILED
+rsa_pkcs1_verify_raw:"1234567890deadcafe":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_VERIFY_FAILED
RSA PKCS1 Sign #9 (Invalid Digest type)
depends_on:MBEDTLS_PKCS1_V15
@@ -378,13 +378,13 @@
rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"17":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
RSA Private (Correct)
-mbedtls_rsa_private:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67":0
+mbedtls_rsa_private:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67":0
RSA Private (Data larger than N)
mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
RSA Public (Correct)
-mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0
+mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0
RSA Public (Data larger than N)
mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index fd632da..c43ef20 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -18,28 +18,24 @@
*/
/* BEGIN_CASE */
-void mbedtls_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int digest,
- int mod, int radix_P, char *input_P, int radix_Q,
- char *input_Q, int radix_N, char *input_N, int radix_E,
- char *input_E, char *result_hex_str, int result )
+void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
+ int digest, int mod, int radix_P, char * input_P,
+ int radix_Q, char * input_Q, int radix_N,
+ char * input_N, int radix_E, char * input_E,
+ data_t * result_hex_str, int result )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx;
mbedtls_mpi N, P, Q, E;
- int msg_len;
rnd_pseudo_info rnd_info;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@@ -52,20 +48,17 @@
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
if( mbedtls_md_info_from_type( digest ) != NULL )
- TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
- message_str, msg_len, hash_result ) == 0 );
+ TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
MBEDTLS_RSA_PRIVATE, digest, 0,
hash_result, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
exit:
@@ -76,23 +69,19 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_rsa_pkcs1_verify( char *message_hex_string, int padding_mode, int digest,
- int mod, int radix_N, char *input_N, int radix_E,
- char *input_E, char *result_hex_str, int result )
+void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
+ int digest, int mod, int radix_N,
+ char * input_N, int radix_E, char * input_E,
+ data_t * result_str, int result )
{
- unsigned char message_str[1000];
unsigned char hash_result[1000];
- unsigned char result_str[1000];
mbedtls_rsa_context ctx;
- int msg_len;
mbedtls_mpi N, E;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
- memset( message_str, 0x00, 1000 );
memset( hash_result, 0x00, 1000 );
- memset( result_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -100,13 +89,11 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
- unhexify( result_str, result_hex_str );
if( mbedtls_md_info_from_type( digest ) != NULL )
- TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
+ TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
- TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str ) == result );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
exit:
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
@@ -116,29 +103,22 @@
/* BEGIN_CASE */
-void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
- int padding_mode, int mod, int radix_P, char *input_P,
- int radix_Q, char *input_Q, int radix_N,
- char *input_N, int radix_E, char *input_E,
- char *result_hex_str )
+void rsa_pkcs1_sign_raw( data_t * hash_result,
+ int padding_mode, int mod, int radix_P,
+ char * input_P, int radix_Q, char * input_Q,
+ int radix_N, char * input_N, int radix_E,
+ char * input_E, data_t * result_hex_str )
{
- unsigned char message_str[1000];
- unsigned char hash_result[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx;
mbedtls_mpi N, P, Q, E;
- int hash_len;
rnd_pseudo_info rnd_info;
mbedtls_rsa_init( &ctx, padding_mode, 0 );
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
- memset( message_str, 0x00, 1000 );
- memset( hash_result, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@@ -151,16 +131,14 @@
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- unhexify( message_str, message_hex_string );
- hash_len = unhexify( hash_result, hash_result_string );
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
- hash_len, hash_result, output ) == 0 );
+ hash_result->len, hash_result->x,
+ output ) == 0 );
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
#if defined(MBEDTLS_PKCS1_V15)
/* For PKCS#1 v1.5, there is an alternative way to generate signatures */
@@ -168,11 +146,10 @@
{
int res;
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
&rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
- hash_len, hash_result, output );
+ hash_result->len, hash_result->x, output );
#if !defined(MBEDTLS_RSA_ALT)
TEST_ASSERT( res == 0 );
@@ -183,8 +160,7 @@
if( res == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
}
#endif /* MBEDTLS_PKCS1_V15 */
@@ -198,25 +174,18 @@
/* END_CASE */
/* BEGIN_CASE */
-void rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string,
+void rsa_pkcs1_verify_raw( data_t * hash_result,
int padding_mode, int mod, int radix_N,
- char *input_N, int radix_E, char *input_E,
- char *result_hex_str, int correct )
+ char * input_N, int radix_E, char * input_E,
+ data_t * result_str, int correct )
{
- unsigned char message_str[1000];
- unsigned char hash_result[1000];
- unsigned char result_str[1000];
unsigned char output[1000];
mbedtls_rsa_context ctx;
- size_t hash_len;
mbedtls_mpi N, E;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
- memset( message_str, 0x00, 1000 );
- memset( hash_result, 0x00, 1000 );
- memset( result_str, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
@@ -226,14 +195,8 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- unhexify( message_str, message_hex_string );
- hash_len = unhexify( hash_result, hash_result_string );
- unhexify( result_str, result_hex_str );
- TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
- MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE,
- hash_len, hash_result,
- result_str ) == correct );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
#if defined(MBEDTLS_PKCS1_V15)
/* For PKCS#1 v1.5, there is an alternative way to verify signatures */
@@ -245,7 +208,7 @@
res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
NULL, NULL, MBEDTLS_RSA_PUBLIC,
- &olen, result_str, output, sizeof( output ) );
+ &olen, result_str->x, output, sizeof( output ) );
#if !defined(MBEDTLS_RSA_ALT)
TEST_ASSERT( res == 0 );
@@ -256,7 +219,7 @@
if( res == 0 )
{
- ok = olen == hash_len && memcmp( output, hash_result, olen ) == 0;
+ ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
if( correct == 0 )
TEST_ASSERT( ok == 1 );
else
@@ -272,15 +235,13 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int mod,
- int radix_N, char *input_N, int radix_E, char *input_E,
- char *result_hex_str, int result )
+void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
+ int mod, int radix_N, char * input_N,
+ int radix_E, char * input_E,
+ data_t * result_hex_str, int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx;
- size_t msg_len;
rnd_pseudo_info rnd_info;
mbedtls_mpi N, E;
@@ -289,9 +250,7 @@
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
- memset( message_str, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -300,16 +259,14 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
- MBEDTLS_RSA_PUBLIC, msg_len,
- message_str, output ) == result );
+ MBEDTLS_RSA_PUBLIC, message_str->len,
+ message_str->x, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
exit:
@@ -319,24 +276,19 @@
/* END_CASE */
/* BEGIN_CASE */
-void rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode,
- int mod, int radix_N, char *input_N,
- int radix_E, char *input_E,
- char *result_hex_str, int result )
+void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
+ int mod, int radix_N, char * input_N,
+ int radix_E, char * input_E,
+ data_t * result_hex_str, int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx;
- size_t msg_len;
mbedtls_mpi N, E;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
- memset( message_str, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -345,16 +297,14 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- msg_len = unhexify( message_str, message_hex_string );
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
- MBEDTLS_RSA_PUBLIC, msg_len,
- message_str, output ) == result );
+ MBEDTLS_RSA_PUBLIC, message_str->len,
+ message_str->x, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
exit:
@@ -364,14 +314,14 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_rsa_pkcs1_decrypt( char *message_hex_string, int padding_mode, int mod,
- int radix_P, char *input_P, int radix_Q, char *input_Q,
- int radix_N, char *input_N, int radix_E, char *input_E,
- int max_output, char *result_hex_str, int result )
+void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
+ int mod, int radix_P, char * input_P,
+ int radix_Q, char * input_Q, int radix_N,
+ char * input_N, int radix_E, char * input_E,
+ int max_output, data_t * result_hex_str,
+ int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx;
size_t output_len;
rnd_pseudo_info rnd_info;
@@ -382,9 +332,7 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
- memset( message_str, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
@@ -398,15 +346,13 @@
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- unhexify( message_str, message_hex_string );
output_len = 0;
- TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str, output, max_output ) == result );
+ TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, max_output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 );
}
exit:
@@ -417,12 +363,11 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_rsa_public( char *message_hex_string, int mod, int radix_N, char *input_N,
- int radix_E, char *input_E, char *result_hex_str, int result )
+void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
+ char * input_N, int radix_E, char * input_E,
+ data_t * result_hex_str, int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
mbedtls_mpi N, E;
@@ -430,9 +375,7 @@
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
- memset( message_str, 0x00, 1000 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@@ -441,14 +384,12 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- unhexify( message_str, message_hex_string );
- TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str, output ) == result );
+ TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
/* And now with the copy */
@@ -459,13 +400,11 @@
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
- TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str, output ) == result );
+ TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx2.len );
- TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
exit:
@@ -476,13 +415,13 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_rsa_private( char *message_hex_string, int mod, int radix_P, char *input_P,
- int radix_Q, char *input_Q, int radix_N, char *input_N,
- int radix_E, char *input_E, char *result_hex_str, int result )
+void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
+ char * input_P, int radix_Q, char * input_Q,
+ int radix_N, char * input_N, int radix_E,
+ char * input_E, data_t * result_hex_str,
+ int result )
{
- unsigned char message_str[1000];
unsigned char output[1000];
- unsigned char output_str[1000];
mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
mbedtls_mpi N, P, Q, E;
rnd_pseudo_info rnd_info;
@@ -493,7 +432,6 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
- memset( message_str, 0x00, 1000 );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@@ -506,21 +444,17 @@
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- unhexify( message_str, message_hex_string );
/* repeat three times to test updating of blinding values */
for( i = 0; i < 3; i++ )
{
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
- message_str, output ) == result );
+ message_str->x, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx.len );
- TEST_ASSERT( strcasecmp( (char *) output_str,
- result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
}
}
@@ -532,15 +466,12 @@
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
memset( output, 0x00, 1000 );
- memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
- message_str, output ) == result );
+ message_str->x, output ) == result );
if( result == 0 )
{
- hexify( output_str, output, ctx2.len );
- TEST_ASSERT( strcasecmp( (char *) output_str,
- result_hex_str ) == 0 );
+ TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx2.len, result_hex_str->len ) == 0 );
}
exit:
@@ -552,7 +483,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void rsa_check_privkey_null()
+void rsa_check_privkey_null( )
{
mbedtls_rsa_context ctx;
memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
@@ -562,8 +493,8 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_rsa_check_pubkey( int radix_N, char *input_N, int radix_E, char *input_E,
- int result )
+void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
+ char * input_E, int result )
{
mbedtls_rsa_context ctx;
mbedtls_mpi N, E;
@@ -590,12 +521,13 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_rsa_check_privkey( int mod, int radix_P, char *input_P, int radix_Q,
- char *input_Q, int radix_N, char *input_N,
- int radix_E, char *input_E, int radix_D, char *input_D,
- int radix_DP, char *input_DP, int radix_DQ,
- char *input_DQ, int radix_QP, char *input_QP,
- int result )
+void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
+ int radix_Q, char * input_Q, int radix_N,
+ char * input_N, int radix_E, char * input_E,
+ int radix_D, char * input_D, int radix_DP,
+ char * input_DP, int radix_DQ,
+ char * input_DQ, int radix_QP,
+ char * input_QP, int result )
{
mbedtls_rsa_context ctx;
@@ -649,13 +581,13 @@
/* END_CASE */
/* BEGIN_CASE */
-void rsa_check_pubpriv( int mod, int radix_Npub, char *input_Npub,
- int radix_Epub, char *input_Epub,
- int radix_P, char *input_P, int radix_Q,
- char *input_Q, int radix_N, char *input_N,
- int radix_E, char *input_E, int radix_D, char *input_D,
- int radix_DP, char *input_DP, int radix_DQ,
- char *input_DQ, int radix_QP, char *input_QP,
+void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
+ int radix_Epub, char * input_Epub, int radix_P,
+ char * input_P, int radix_Q, char * input_Q,
+ int radix_N, char * input_N, int radix_E,
+ char * input_E, int radix_D, char * input_D,
+ int radix_DP, char * input_DP, int radix_DQ,
+ char * input_DQ, int radix_QP, char * input_QP,
int result )
{
mbedtls_rsa_context pub, prv;
@@ -1191,64 +1123,29 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
-void mbedtls_rsa_export_raw( char *input_N, char *input_P,
- char *input_Q, char *input_D,
- char *input_E, int is_priv,
+void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
+ data_t *input_Q, data_t *input_D,
+ data_t *input_E, int is_priv,
int successive )
{
- /* Original raw buffers with which we set up the RSA context */
- unsigned char bufN[1000];
- unsigned char bufP[1000];
- unsigned char bufQ[1000];
- unsigned char bufD[1000];
- unsigned char bufE[1000];
-
- size_t lenN = 0;
- size_t lenP = 0;
- size_t lenQ = 0;
- size_t lenD = 0;
- size_t lenE = 0;
-
/* Exported buffers */
- unsigned char bufNe[ sizeof( bufN ) ];
- unsigned char bufPe[ sizeof( bufP ) ];
- unsigned char bufQe[ sizeof( bufQ ) ];
- unsigned char bufDe[ sizeof( bufD ) ];
- unsigned char bufEe[ sizeof( bufE ) ];
-
- const int have_N = ( strlen( input_N ) > 0 );
- const int have_P = ( strlen( input_P ) > 0 );
- const int have_Q = ( strlen( input_Q ) > 0 );
- const int have_D = ( strlen( input_D ) > 0 );
- const int have_E = ( strlen( input_E ) > 0 );
+ unsigned char bufNe[1000];
+ unsigned char bufPe[1000];
+ unsigned char bufQe[1000];
+ unsigned char bufDe[1000];
+ unsigned char bufEe[1000];
mbedtls_rsa_context ctx;
mbedtls_rsa_init( &ctx, 0, 0 );
/* Setup RSA context */
-
- if( have_N )
- lenN = unhexify( bufN, input_N );
-
- if( have_P )
- lenP = unhexify( bufP, input_P );
-
- if( have_Q )
- lenQ = unhexify( bufQ, input_Q );
-
- if( have_D )
- lenD = unhexify( bufD, input_D );
-
- if( have_E )
- lenE = unhexify( bufE, input_E );
-
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
- have_N ? bufN : NULL, lenN,
- have_P ? bufP : NULL, lenP,
- have_Q ? bufQ : NULL, lenQ,
- have_D ? bufD : NULL, lenD,
- have_E ? bufE : NULL, lenE ) == 0 );
+ input_N->len ? input_N->x : NULL, input_N->len,
+ input_P->len ? input_P->x : NULL, input_P->len,
+ input_Q->len ? input_Q->x : NULL, input_Q->len,
+ input_D->len ? input_D->x : NULL, input_D->len,
+ input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
@@ -1259,21 +1156,21 @@
/* N and E must always be present. */
if( !successive )
{
- TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, lenN,
+ TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
NULL, 0, NULL, 0, NULL, 0,
- bufEe, lenE ) == 0 );
+ bufEe, input_E->len ) == 0 );
}
else
{
- TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, lenN,
+ TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
NULL, 0, NULL, 0, NULL, 0,
NULL, 0 ) == 0 );
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
NULL, 0, NULL, 0, NULL, 0,
- bufEe, lenE ) == 0 );
+ bufEe, input_E->len ) == 0 );
}
- TEST_ASSERT( memcmp( bufN, bufNe, lenN ) == 0 );
- TEST_ASSERT( memcmp( bufE, bufEe, lenE ) == 0 );
+ TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
+ TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
/* If we were providing enough information to setup a complete private context,
* we expect to be able to export all core parameters. */
@@ -1283,35 +1180,35 @@
if( !successive )
{
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
- bufPe, lenP ? lenP : sizeof( bufPe ),
- bufQe, lenQ ? lenQ : sizeof( bufQe ),
- bufDe, lenD ? lenD : sizeof( bufDe ),
+ bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
+ bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
+ bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
NULL, 0 ) == 0 );
}
else
{
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
- bufPe, lenP ? lenP : sizeof( bufPe ),
+ bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
NULL, 0, NULL, 0,
NULL, 0 ) == 0 );
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
- bufQe, lenQ ? lenQ : sizeof( bufQe ),
+ bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
NULL, 0, NULL, 0 ) == 0 );
- TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
- NULL, 0, bufDe, lenD ? lenD : sizeof( bufDe ),
+ TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
+ bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
NULL, 0 ) == 0 );
}
- if( have_P )
- TEST_ASSERT( memcmp( bufP, bufPe, lenP ) == 0 );
+ if( input_P->len )
+ TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
- if( have_Q )
- TEST_ASSERT( memcmp( bufQ, bufQe, lenQ ) == 0 );
+ if( input_Q->len )
+ TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
- if( have_D )
- TEST_ASSERT( memcmp( bufD, bufDe, lenD ) == 0 );
+ if( input_D->len )
+ TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
}
@@ -1321,31 +1218,19 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
-void mbedtls_rsa_import_raw( char *input_N,
- char *input_P, char *input_Q,
- char *input_D, char *input_E,
+void mbedtls_rsa_import_raw( data_t *input_N,
+ data_t *input_P, data_t *input_Q,
+ data_t *input_D, data_t *input_E,
int successive,
int is_priv,
int res_check,
int res_complete )
{
- unsigned char bufN[1000];
- unsigned char bufP[1000];
- unsigned char bufQ[1000];
- unsigned char bufD[1000];
- unsigned char bufE[1000];
-
/* Buffers used for encryption-decryption test */
unsigned char *buf_orig = NULL;
unsigned char *buf_enc = NULL;
unsigned char *buf_dec = NULL;
- size_t lenN = 0;
- size_t lenP = 0;
- size_t lenQ = 0;
- size_t lenD = 0;
- size_t lenE = 0;
-
mbedtls_rsa_context ctx;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@@ -1360,29 +1245,14 @@
&entropy, (const unsigned char *) pers,
strlen( pers ) ) == 0 );
- if( strlen( input_N ) )
- lenN = unhexify( bufN, input_N );
-
- if( strlen( input_P ) )
- lenP = unhexify( bufP, input_P );
-
- if( strlen( input_Q ) )
- lenQ = unhexify( bufQ, input_Q );
-
- if( strlen( input_D ) )
- lenD = unhexify( bufD, input_D );
-
- if( strlen( input_E ) )
- lenE = unhexify( bufE, input_E );
-
if( !successive )
{
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
- ( lenN > 0 ) ? bufN : NULL, lenN,
- ( lenP > 0 ) ? bufP : NULL, lenP,
- ( lenQ > 0 ) ? bufQ : NULL, lenQ,
- ( lenD > 0 ) ? bufD : NULL, lenD,
- ( lenE > 0 ) ? bufE : NULL, lenE ) == 0 );
+ ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
+ ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
+ ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
+ ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
+ ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
}
else
{
@@ -1390,27 +1260,27 @@
* This should make no functional difference. */
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
- ( lenN > 0 ) ? bufN : NULL, lenN,
+ ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
NULL, 0,
- ( lenP > 0 ) ? bufP : NULL, lenP,
+ ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
NULL, 0, NULL, 0, NULL, 0 ) == 0 );
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
NULL, 0, NULL, 0,
- ( lenQ > 0 ) ? bufQ : NULL, lenQ,
+ ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
NULL, 0, NULL, 0 ) == 0 );
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
NULL, 0, NULL, 0, NULL, 0,
- ( lenD > 0 ) ? bufD : NULL, lenD,
+ ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
NULL, 0 ) == 0 );
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
NULL, 0, NULL, 0, NULL, 0, NULL, 0,
- ( lenE > 0 ) ? bufE : NULL, lenE ) == 0 );
+ ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
@@ -1467,7 +1337,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void rsa_selftest()
+void rsa_selftest( )
{
TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function
index d704b38..147ae0e 100644
--- a/tests/suites/test_suite_shax.function
+++ b/tests/suites/test_suite_shax.function
@@ -5,126 +5,91 @@
/* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */
-void mbedtls_sha1( char *hex_src_string, char *hex_hash_string )
+void mbedtls_sha1( data_t * src_str, data_t * hex_hash_string )
{
- unsigned char src_str[10000];
- unsigned char hash_str[10000];
unsigned char output[41];
- int src_len;
- memset(src_str, 0x00, 10000);
- memset(hash_str, 0x00, 10000);
memset(output, 0x00, 41);
- src_len = unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_sha1_ret( src_str, src_len, output ) == 0 );
- hexify( hash_str, output, 20 );
+ TEST_ASSERT( mbedtls_sha1_ret( src_str->x, src_str->len, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, 20, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void sha224(char *hex_src_string, char *hex_hash_string )
+void sha224( data_t * src_str, data_t * hex_hash_string )
{
- unsigned char src_str[10000];
- unsigned char hash_str[10000];
unsigned char output[57];
- int src_len;
- memset(src_str, 0x00, 10000);
- memset(hash_str, 0x00, 10000);
memset(output, 0x00, 57);
- src_len = unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_sha256_ret( src_str, src_len, output, 1 ) == 0 );
- hexify( hash_str, output, 28 );
+ TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 1 ) == 0 );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, 28, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void mbedtls_sha256(char *hex_src_string, char *hex_hash_string )
+void mbedtls_sha256( data_t * src_str, data_t * hex_hash_string )
{
- unsigned char src_str[10000];
- unsigned char hash_str[10000];
unsigned char output[65];
- int src_len;
- memset(src_str, 0x00, 10000);
- memset(hash_str, 0x00, 10000);
memset(output, 0x00, 65);
- src_len = unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_sha256_ret( src_str, src_len, output, 0 ) == 0 );
- hexify( hash_str, output, 32 );
+ TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 0 ) == 0 );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, 32, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */
-void sha384(char *hex_src_string, char *hex_hash_string )
+void sha384( data_t * src_str, data_t * hex_hash_string )
{
- unsigned char src_str[10000];
- unsigned char hash_str[10000];
unsigned char output[97];
- int src_len;
- memset(src_str, 0x00, 10000);
- memset(hash_str, 0x00, 10000);
memset(output, 0x00, 97);
- src_len = unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_sha512_ret( src_str, src_len, output, 1 ) == 0 );
- hexify( hash_str, output, 48 );
+ TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 1 ) == 0 );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, 48, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */
-void mbedtls_sha512(char *hex_src_string, char *hex_hash_string )
+void mbedtls_sha512( data_t * src_str, data_t * hex_hash_string )
{
- unsigned char src_str[10000];
- unsigned char hash_str[10000];
unsigned char output[129];
- int src_len;
- memset(src_str, 0x00, 10000);
- memset(hash_str, 0x00, 10000);
memset(output, 0x00, 129);
- src_len = unhexify( src_str, hex_src_string );
- TEST_ASSERT( mbedtls_sha512_ret( src_str, src_len, output, 0 ) == 0 );
- hexify( hash_str, output, 64 );
+ TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 0 ) == 0 );
- TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_hash_string->x, 64, hex_hash_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_SELF_TEST */
-void sha1_selftest()
+void sha1_selftest( )
{
TEST_ASSERT( mbedtls_sha1_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_SELF_TEST */
-void sha256_selftest()
+void sha256_selftest( )
{
TEST_ASSERT( mbedtls_sha256_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_SELF_TEST */
-void sha512_selftest()
+void sha512_selftest( )
{
TEST_ASSERT( mbedtls_sha512_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index b92c1fe..1473507 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -8,52 +8,52 @@
ssl_dtls_replay:"000000000000":"000000000000":-1
SSL DTLS replay: 0-1 seen, 2 arriving
-ssl_dtls_replay:"000000000000,000000000001":"000000000002":0
+ssl_dtls_replay:"000000000000000000000001":"000000000002":0
SSL DTLS replay: 0-1 seen, 1 replayed
-ssl_dtls_replay:"000000000000,000000000001":"000000000001":-1
+ssl_dtls_replay:"000000000000000000000001":"000000000001":-1
SSL DTLS replay: 0-1 seen, 0 replayed
-ssl_dtls_replay:"000000000000,000000000001":"000000000000":-1
+ssl_dtls_replay:"000000000000000000000001":"000000000000":-1
SSL DTLS replay: new
-ssl_dtls_replay:"abcd12340000,abcd12340001,abcd12340003":"abcd12340004":0
+ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340004":0
SSL DTLS replay: way new
-ssl_dtls_replay:"abcd12340000,abcd12340001,abcd12340003":"abcd12350000":0
+ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12350000":0
SSL DTLS replay: delayed
-ssl_dtls_replay:"abcd12340000,abcd12340001,abcd12340003":"abcd12340002":0
+ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340002":0
SSL DTLS replay: lastest replayed
-ssl_dtls_replay:"abcd12340000,abcd12340001,abcd12340003":"abcd12340003":-1
+ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340003":-1
SSL DTLS replay: older replayed
-ssl_dtls_replay:"abcd12340000,abcd12340001,abcd12340003":"abcd12340001":-1
+ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340001":-1
SSL DTLS replay: most recent in window, replayed
-ssl_dtls_replay:"abcd12340000,abcd12340002,abcd12340003":"abcd12340002":-1
+ssl_dtls_replay:"abcd12340000abcd12340002abcd12340003":"abcd12340002":-1
SSL DTLS replay: oldest in window, replayed
-ssl_dtls_replay:"abcd12340000,abcd12340001,abcd1234003f":"abcd12340000":-1
+ssl_dtls_replay:"abcd12340000abcd12340001abcd1234003f":"abcd12340000":-1
SSL DTLS replay: oldest in window, not replayed
-ssl_dtls_replay:"abcd12340001,abcd12340002,abcd1234003f":"abcd12340000":0
+ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd12340000":0
SSL DTLS replay: just out of the window
-ssl_dtls_replay:"abcd12340001,abcd12340002,abcd1234003f":"abcd1233ffff":-1
+ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd1233ffff":-1
SSL DTLS replay: way out of the window
-ssl_dtls_replay:"abcd12340001,abcd12340002,abcd1234003f":"abcd12330000":-1
+ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd12330000":-1
SSL DTLS replay: big jump then replay
-ssl_dtls_replay:"abcd12340000,abcd12340100":"abcd12340100":-1
+ssl_dtls_replay:"abcd12340000abcd12340100":"abcd12340100":-1
SSL DTLS replay: big jump then new
-ssl_dtls_replay:"abcd12340000,abcd12340100":"abcd12340101":0
+ssl_dtls_replay:"abcd12340000abcd12340100":"abcd12340101":0
SSL DTLS replay: big jump then just delayed
-ssl_dtls_replay:"abcd12340000,abcd12340100":"abcd123400ff":0
+ssl_dtls_replay:"abcd12340000abcd12340100":"abcd123400ff":0
SSL SET_HOSTNAME memory leak: call ssl_set_hostname twice
ssl_set_hostname_twice:"server0":"server1"
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 5cc32ab..326f22d 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -9,11 +9,11 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */
-void ssl_dtls_replay( char *prevs, char *new, int ret )
+void ssl_dtls_replay( data_t * prevs, data_t * new, int ret )
{
+ uint32_t len = 0;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
- char *end_prevs = prevs + strlen( prevs ) + 1;
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
@@ -25,15 +25,14 @@
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
/* Read previous record numbers */
- for( ; end_prevs - prevs >= 13; prevs += 13 )
+ for( len = 0; len < prevs->len; len += 6 )
{
- prevs[12] = '\0';
- unhexify( ssl.in_ctr + 2, prevs );
+ memcpy( ssl.in_ctr + 2, prevs->x + len, 6 );
mbedtls_ssl_dtls_replay_update( &ssl );
}
/* Check new number */
- unhexify( ssl.in_ctr + 2, new );
+ memcpy( ssl.in_ctr + 2, new->x, 6 );
TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret );
mbedtls_ssl_free( &ssl );
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index 7631791..c3542e5 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -1,8 +1,8 @@
Check compiletime library version
-check_compiletime_version:"2.11.0"
+check_compiletime_version:"2.13.1"
Check runtime library version
-check_runtime_version:"2.11.0"
+check_runtime_version:"2.13.1"
Check for MBEDTLS_VERSION_C
check_feature:"MBEDTLS_VERSION_C":0
diff --git a/tests/suites/test_suite_version.function b/tests/suites/test_suite_version.function
index a4847f9..10f9e11 100644
--- a/tests/suites/test_suite_version.function
+++ b/tests/suites/test_suite_version.function
@@ -8,7 +8,7 @@
*/
/* BEGIN_CASE */
-void check_compiletime_version( char *version_str )
+void check_compiletime_version( char * version_str )
{
char build_str[100];
char build_str_full[100];
@@ -35,7 +35,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void check_runtime_version( char *version_str )
+void check_runtime_version( char * version_str )
{
char build_str[100];
char get_str[100];
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 406cf59..80e49d2 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -1877,3 +1877,91 @@
X509 Get time (Generalized Time invalid leap year not multiple of 4, 100 or 400)
depends_on:MBEDTLS_X509_USE_C
x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"19910229000000Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
+
+X509 cert verify restart: trusted EE, max_ops=0 (disabled)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+x509_verify_restart:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:0:0:0:0
+
+X509 cert verify restart: trusted EE, max_ops=1
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+x509_verify_restart:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:0:1:0:0
+
+X509 cert verify restart: no intermediate, max_ops=0 (disabled)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:0:0:0
+
+X509 cert verify restart: no intermediate, max_ops=1
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:1:100:10000
+
+X509 cert verify restart: no intermediate, max_ops=40000
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:40000:0:0
+
+X509 cert verify restart: no intermediate, max_ops=500
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:500:20:80
+
+X509 cert verify restart: no intermediate, badsign, max_ops=0 (disabled)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0
+
+X509 cert verify restart: no intermediate, badsign, max_ops=1
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000
+
+X509 cert verify restart: no intermediate, badsign, max_ops=40000
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:40000:0:0
+
+X509 cert verify restart: no intermediate, badsign, max_ops=500
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:20:80
+
+X509 cert verify restart: one int, max_ops=0 (disabled)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:0:0:0
+
+X509 cert verify restart: one int, max_ops=1
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:1:100:10000
+
+X509 cert verify restart: one int, max_ops=30000
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:30000:0:0
+
+X509 cert verify restart: one int, max_ops=500
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:500:25:100
+
+X509 cert verify restart: one int, EE badsign, max_ops=0 (disabled)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0
+
+X509 cert verify restart: one int, EE badsign, max_ops=1
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000
+
+X509 cert verify restart: one int, EE badsign, max_ops=30000
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:30000:0:0
+
+X509 cert verify restart: one int, EE badsign, max_ops=500
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:25:100
+
+X509 cert verify restart: one int, int badsign, max_ops=0 (disabled)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0
+
+X509 cert verify restart: one int, int badsign, max_ops=1
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000
+
+X509 cert verify restart: one int, int badsign, max_ops=30000
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:30000:0:0
+
+X509 cert verify restart: one int, int badsign, max_ops=500
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C
+x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:25:100
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 06f0108..552c494 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -1,4 +1,5 @@
/* BEGIN_HEADER */
+#include "mbedtls/bignum.h"
#include "mbedtls/x509.h"
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_crl.h"
@@ -6,6 +7,7 @@
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
#include "mbedtls/base64.h"
+#include "string.h"
#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19
#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \
@@ -161,7 +163,7 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void x509_cert_info( char *crt_file, char *result_str )
+void x509_cert_info( char * crt_file, char * result_str )
{
mbedtls_x509_crt crt;
char buf[2000];
@@ -184,7 +186,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */
-void mbedtls_x509_crl_info( char *crl_file, char *result_str )
+void mbedtls_x509_crl_info( char * crl_file, char * result_str )
{
mbedtls_x509_crl crl;
char buf[2000];
@@ -207,7 +209,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */
-void mbedtls_x509_crl_parse( char *crl_file, int result )
+void mbedtls_x509_crl_parse( char * crl_file, int result )
{
mbedtls_x509_crl crl;
char buf[2000];
@@ -223,7 +225,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */
-void mbedtls_x509_csr_info( char *csr_file, char *result_str )
+void mbedtls_x509_csr_info( char * csr_file, char * result_str )
{
mbedtls_x509_csr csr;
char buf[2000];
@@ -246,7 +248,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
-void x509_verify_info( int flags, char *prefix, char *result_str )
+void x509_verify_info( int flags, char * prefix, char * result_str )
{
char buf[2000];
int res;
@@ -261,6 +263,62 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C */
+void x509_verify_restart( char *crt_file, char *ca_file,
+ int result, int flags_result,
+ int max_ops, int min_restart, int max_restart )
+{
+ int ret, cnt_restart;
+ mbedtls_x509_crt_restart_ctx rs_ctx;
+ mbedtls_x509_crt crt;
+ mbedtls_x509_crt ca;
+ uint32_t flags = 0;
+
+ /*
+ * See comments on ecp_test_vect_restart() for op count precision.
+ *
+ * For reference, with mbed TLS 2.6 and default settings:
+ * - ecdsa_verify() for P-256: ~ 6700
+ * - ecdsa_verify() for P-384: ~ 18800
+ * - x509_verify() for server5 -> test-ca2: ~ 18800
+ * - x509_verify() for server10 -> int-ca3 -> int-ca2: ~ 25500
+ */
+
+ mbedtls_x509_crt_restart_init( &rs_ctx );
+ mbedtls_x509_crt_init( &crt );
+ mbedtls_x509_crt_init( &ca );
+
+ TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
+ TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
+
+ mbedtls_ecp_set_max_ops( max_ops );
+
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL,
+ &mbedtls_x509_crt_profile_default, NULL, &flags,
+ NULL, NULL, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == result );
+ TEST_ASSERT( flags == (uint32_t) flags_result );
+
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ /* Do we leak memory when aborting? */
+ ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL,
+ &mbedtls_x509_crt_profile_default, NULL, &flags,
+ NULL, NULL, &rs_ctx );
+ TEST_ASSERT( ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+
+exit:
+ mbedtls_x509_crt_restart_free( &rs_ctx );
+ mbedtls_x509_crt_free( &crt );
+ mbedtls_x509_crt_free( &ca );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */
void x509_verify( char *crt_file, char *ca_file, char *crl_file,
char *cn_name_str, int result, int flags_result,
@@ -354,7 +412,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_dn_gets( char *crt_file, char *entity, char *result_str )
+void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str )
{
mbedtls_x509_crt crt;
char buf[2000];
@@ -382,7 +440,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_time_is_past( char *crt_file, char *entity, int result )
+void mbedtls_x509_time_is_past( char * crt_file, char * entity, int result )
{
mbedtls_x509_crt crt;
@@ -403,7 +461,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_time_is_future( char *crt_file, char *entity, int result )
+void mbedtls_x509_time_is_future( char * crt_file, char * entity, int result )
{
mbedtls_x509_crt crt;
@@ -424,7 +482,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */
-void x509parse_crt_file( char *crt_file, int result )
+void x509parse_crt_file( char * crt_file, int result )
{
mbedtls_x509_crt crt;
@@ -438,20 +496,17 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
-void x509parse_crt( char *crt_data, char *result_str, int result )
+void x509parse_crt( data_t * buf, char * result_str, int result )
{
mbedtls_x509_crt crt;
- unsigned char buf[2000];
unsigned char output[2000];
- int data_len, res;
+ int res;
mbedtls_x509_crt_init( &crt );
- memset( buf, 0, 2000 );
memset( output, 0, 2000 );
- data_len = unhexify( buf, crt_data );
- TEST_ASSERT( mbedtls_x509_crt_parse( &crt, buf, data_len ) == ( result ) );
+ TEST_ASSERT( mbedtls_x509_crt_parse( &crt, buf->x, buf->len ) == ( result ) );
if( ( result ) == 0 )
{
res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
@@ -468,20 +523,17 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */
-void x509parse_crl( char *crl_data, char *result_str, int result )
+void x509parse_crl( data_t * buf, char * result_str, int result )
{
mbedtls_x509_crl crl;
- unsigned char buf[2000];
unsigned char output[2000];
- int data_len, res;
+ int res;
mbedtls_x509_crl_init( &crl );
- memset( buf, 0, 2000 );
memset( output, 0, 2000 );
- data_len = unhexify( buf, crl_data );
- TEST_ASSERT( mbedtls_x509_crl_parse( &crl, buf, data_len ) == ( result ) );
+ TEST_ASSERT( mbedtls_x509_crl_parse( &crl, buf->x, buf->len ) == ( result ) );
if( ( result ) == 0 )
{
res = mbedtls_x509_crl_info( (char *) output, 2000, "", &crl );
@@ -498,19 +550,16 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */
-void mbedtls_x509_csr_parse( char *csr_der_hex, char *ref_out, int ref_ret )
+void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret )
{
mbedtls_x509_csr csr;
- unsigned char *csr_der = NULL;
char my_out[1000];
- size_t csr_der_len;
int my_ret;
mbedtls_x509_csr_init( &csr );
memset( my_out, 0, sizeof( my_out ) );
- csr_der = unhexify_alloc( csr_der_hex, &csr_der_len );
- my_ret = mbedtls_x509_csr_parse_der( &csr, csr_der, csr_der_len );
+ my_ret = mbedtls_x509_csr_parse_der( &csr, csr_der->x, csr_der->len );
TEST_ASSERT( my_ret == ref_ret );
if( ref_ret == 0 )
@@ -522,12 +571,11 @@
exit:
mbedtls_x509_csr_free( &csr );
- mbedtls_free( csr_der );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_crt_parse_path( char *crt_path, int ret, int nb_crt )
+void mbedtls_x509_crt_parse_path( char * crt_path, int ret, int nb_crt )
{
mbedtls_x509_crt chain, *cur;
int i;
@@ -629,18 +677,16 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
-void x509_oid_desc( char *oid_str, char *ref_desc )
+void x509_oid_desc( data_t * buf, char * ref_desc )
{
mbedtls_x509_buf oid;
const char *desc = NULL;
- unsigned char buf[20];
int ret;
- memset( buf, 0, sizeof buf );
oid.tag = MBEDTLS_ASN1_OID;
- oid.len = unhexify( buf, oid_str );
- oid.p = buf;
+ oid.p = buf->x;
+ oid.len = buf->len;
ret = mbedtls_oid_get_extended_key_usage( &oid, &desc );
@@ -659,18 +705,16 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
-void x509_oid_numstr( char *oid_str, char *numstr, int blen, int ret )
+void x509_oid_numstr( data_t * oid_buf, char * numstr, int blen, int ret )
{
mbedtls_x509_buf oid;
- unsigned char oid_buf[20];
char num_buf[100];
- memset( oid_buf, 0x00, sizeof oid_buf );
memset( num_buf, 0x2a, sizeof num_buf );
oid.tag = MBEDTLS_ASN1_OID;
- oid.len = unhexify( oid_buf, oid_str );
- oid.p = oid_buf;
+ oid.p = oid_buf->x;
+ oid.len = oid_buf->len;
TEST_ASSERT( (size_t) blen <= sizeof num_buf );
@@ -685,7 +729,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */
-void x509_check_key_usage( char *crt_file, int usage, int ret )
+void x509_check_key_usage( char * crt_file, int usage, int ret )
{
mbedtls_x509_crt crt;
@@ -701,19 +745,17 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
-void x509_check_extended_key_usage( char *crt_file, char *usage_hex, int ret )
+void x509_check_extended_key_usage( char * crt_file, data_t * oid, int ret
+ )
{
mbedtls_x509_crt crt;
- char oid[50];
- size_t len;
mbedtls_x509_crt_init( &crt );
- len = unhexify( (unsigned char *) oid, usage_hex );
TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
- TEST_ASSERT( mbedtls_x509_crt_check_extended_key_usage( &crt, oid, len ) == ret );
+ TEST_ASSERT( mbedtls_x509_crt_check_extended_key_usage( &crt, (const char *)oid->x, oid->len ) == ret );
exit:
mbedtls_x509_crt_free( &crt );
@@ -721,9 +763,8 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
-void x509_get_time( int tag, char *time_str, int ret,
- int year, int mon, int day,
- int hour, int min, int sec )
+void x509_get_time( int tag, char * time_str, int ret, int year, int mon,
+ int day, int hour, int min, int sec )
{
mbedtls_x509_time time;
unsigned char buf[21];
@@ -752,7 +793,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-void x509_parse_rsassa_pss_params( char *hex_params, int params_tag,
+void x509_parse_rsassa_pss_params( data_t * hex_params, int params_tag,
int ref_msg_md, int ref_mgf_md,
int ref_salt_len, int ref_ret )
{
@@ -761,7 +802,8 @@
mbedtls_md_type_t my_msg_md, my_mgf_md;
int my_salt_len;
- params.p = unhexify_alloc( hex_params, ¶ms.len );
+ params.p = hex_params->x;
+ params.len = hex_params->len;
params.tag = params_tag;
my_ret = mbedtls_x509_get_rsassa_pss_params( ¶ms, &my_msg_md, &my_mgf_md,
@@ -777,12 +819,12 @@
}
exit:
- mbedtls_free( params.p );
+ ;;
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */
-void x509_selftest()
+void x509_selftest( )
{
TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 );
}
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 62f82e8..c00b1ac 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -1,4 +1,5 @@
/* BEGIN_HEADER */
+#include "mbedtls/bignum.h"
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h"
#include "mbedtls/pem.h"
@@ -35,8 +36,8 @@
*/
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
-void x509_csr_check( char *key_file, char *cert_req_check_file,
- int md_type, int key_usage, int cert_type )
+void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
+ int key_usage, int cert_type )
{
mbedtls_pk_context key;
mbedtls_x509write_csr req;
@@ -209,7 +210,8 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */
-void mbedtls_x509_string_to_names( char *name, char *parsed_name, int result )
+void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result
+ )
{
int ret;
size_t len = 0;
diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function
index cbc714a..a24a420 100644
--- a/tests/suites/test_suite_xtea.function
+++ b/tests/suites/test_suite_xtea.function
@@ -8,121 +8,77 @@
*/
/* BEGIN_CASE */
-void xtea_encrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string )
+void xtea_encrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_xtea_context ctx;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
- unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- mbedtls_xtea_setup( &ctx, key_str );
- TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str, output ) == 0 );
- hexify( dst_str, output, 8 );
+ mbedtls_xtea_setup( &ctx, key_str->x );
+ TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 8, hex_dst_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE */
-void xtea_decrypt_ecb( char *hex_key_string, char *hex_src_string,
- char *hex_dst_string )
+void xtea_decrypt_ecb( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
unsigned char output[100];
mbedtls_xtea_context ctx;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
- unhexify( key_str, hex_key_string );
- unhexify( src_str, hex_src_string );
- mbedtls_xtea_setup( &ctx, key_str );
- TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_DECRYPT, src_str, output ) == 0 );
- hexify( dst_str, output, 8 );
+ mbedtls_xtea_setup( &ctx, key_str->x );
+ TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 8, hex_dst_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void xtea_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
- unsigned char iv_str[100];
unsigned char output[100];
- size_t len;
mbedtls_xtea_context ctx;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
memset(output, 0x00, 100);
- unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- len = unhexify( src_str, hex_src_string );
- mbedtls_xtea_setup( &ctx, key_str );
- TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_ENCRYPT, len, iv_str,
- src_str, output ) == 0 );
- hexify( dst_str, output, len );
+ mbedtls_xtea_setup( &ctx, key_str->x );
+ TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x,
+ src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void xtea_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string )
+void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str,
+ data_t * src_str, data_t * hex_dst_string )
{
- unsigned char key_str[100];
- unsigned char src_str[100];
- unsigned char dst_str[100];
- unsigned char iv_str[100];
unsigned char output[100];
- size_t len;
mbedtls_xtea_context ctx;
- memset(key_str, 0x00, 100);
- memset(src_str, 0x00, 100);
- memset(dst_str, 0x00, 100);
- memset(iv_str, 0x00, 100);
memset(output, 0x00, 100);
- unhexify( key_str, hex_key_string );
- unhexify( iv_str, hex_iv_string );
- len = unhexify( src_str, hex_src_string );
- mbedtls_xtea_setup( &ctx, key_str );
- TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_DECRYPT, len, iv_str,
- src_str, output ) == 0 );
- hexify( dst_str, output, len );
+ mbedtls_xtea_setup( &ctx, key_str->x );
+ TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x,
+ src_str->x, output ) == 0 );
- TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void xtea_selftest()
+void xtea_selftest( )
{
TEST_ASSERT( mbedtls_xtea_self_test( 1 ) == 0 );
}
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 737556a..73c92bd 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -159,6 +159,8 @@
<ClInclude Include="..\..\include\mbedtls\camellia.h" />
<ClInclude Include="..\..\include\mbedtls\ccm.h" />
<ClInclude Include="..\..\include\mbedtls\certs.h" />
+ <ClInclude Include="..\..\include\mbedtls\chacha20.h" />
+ <ClInclude Include="..\..\include\mbedtls\chachapoly.h" />
<ClInclude Include="..\..\include\mbedtls\check_config.h" />
<ClInclude Include="..\..\include\mbedtls\cipher.h" />
<ClInclude Include="..\..\include\mbedtls\cipher_internal.h" />
@@ -189,6 +191,7 @@
<ClInclude Include="..\..\include\mbedtls\memory_buffer_alloc.h" />
<ClInclude Include="..\..\include\mbedtls\net.h" />
<ClInclude Include="..\..\include\mbedtls\net_sockets.h" />
+ <ClInclude Include="..\..\include\mbedtls\nist_kw.h" />
<ClInclude Include="..\..\include\mbedtls\oid.h" />
<ClInclude Include="..\..\include\mbedtls\padlock.h" />
<ClInclude Include="..\..\include\mbedtls\pem.h" />
@@ -200,6 +203,7 @@
<ClInclude Include="..\..\include\mbedtls\platform.h" />
<ClInclude Include="..\..\include\mbedtls\platform_time.h" />
<ClInclude Include="..\..\include\mbedtls\platform_util.h" />
+ <ClInclude Include="..\..\include\mbedtls\poly1305.h" />
<ClInclude Include="..\..\include\mbedtls\ripemd160.h" />
<ClInclude Include="..\..\include\mbedtls\rsa.h" />
<ClInclude Include="..\..\include\mbedtls\rsa_internal.h" />
@@ -234,6 +238,8 @@
<ClCompile Include="..\..\library\camellia.c" />
<ClCompile Include="..\..\library\ccm.c" />
<ClCompile Include="..\..\library\certs.c" />
+ <ClCompile Include="..\..\library\chacha20.c" />
+ <ClCompile Include="..\..\library\chachapoly.c" />
<ClCompile Include="..\..\library\cipher.c" />
<ClCompile Include="..\..\library\cipher_wrap.c" />
<ClCompile Include="..\..\library\cmac.c" />
@@ -260,6 +266,7 @@
<ClCompile Include="..\..\library\md_wrap.c" />
<ClCompile Include="..\..\library\memory_buffer_alloc.c" />
<ClCompile Include="..\..\library\net_sockets.c" />
+ <ClCompile Include="..\..\library\nist_kw.c" />
<ClCompile Include="..\..\library\oid.c" />
<ClCompile Include="..\..\library\padlock.c" />
<ClCompile Include="..\..\library\pem.c" />
@@ -272,6 +279,7 @@
<ClCompile Include="..\..\library\pkwrite.c" />
<ClCompile Include="..\..\library\platform.c" />
<ClCompile Include="..\..\library\platform_util.c" />
+ <ClCompile Include="..\..\library\poly1305.c" />
<ClCompile Include="..\..\library\ripemd160.c" />
<ClCompile Include="..\..\library\rsa.c" />
<ClCompile Include="..\..\library\rsa_internal.c" />
diff --git a/yotta/.gitignore b/yotta/.gitignore
deleted file mode 100644
index 0cca093..0000000
--- a/yotta/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-module
diff --git a/yotta/create-module.sh b/yotta/create-module.sh
deleted file mode 100755
index 4c79ebe..0000000
--- a/yotta/create-module.sh
+++ /dev/null
@@ -1,47 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-# relative to the script's directory
-TREE=..
-DEST=module
-
-# make sure we're running in our own directory
-if [ -f create-module.sh ]; then :; else
- cd $( dirname $0 )
- if [ -f create-module.sh ]; then :; else
- echo "Please run the script from is directory." >&2
- exit 1
- fi
-fi
-
-# use a temporary directory to build the module, then rsync to DEST
-# this allows touching only new files, for more efficient re-builds
-TMP=$DEST-tmp
-rm -rf $TMP
-
-mkdir -p $TMP/mbedtls $TMP/source
-cp $TREE/include/mbedtls/*.h $TMP/mbedtls
-cp $TREE/library/*.c $TMP/source
-
-# temporary, should depend on external module later
-cp data/entropy_hardware_poll.c $TMP/source
-cp data/target_config.h $TMP/mbedtls
-
-data/adjust-config.sh $TREE/scripts/config.pl $TMP/mbedtls/config.h
-
-mkdir -p $TMP/test
-cp -r data/example-* $TMP/test
-# later we should have the generated test suites here too
-
-cp data/module.json $TMP
-cp data/README.md $TMP
-
-cp ../LICENSE $TMP
-if [ -f ../apache-2.0.txt ]; then cp ../apache-2.0.txt $TMP; fi
-
-mkdir -p $DEST
-rsync -cr --delete --exclude build --exclude yotta_\* $TMP/ $DEST/
-rm -rf $TMP
-
-echo "mbed TLS yotta module created in '$PWD/$DEST'."
diff --git a/yotta/data/README.md b/yotta/data/README.md
deleted file mode 100644
index b748aac..0000000
--- a/yotta/data/README.md
+++ /dev/null
@@ -1,103 +0,0 @@
-# mbed TLS
-
-mbed TLS makes it trivially easy for developers to include cryptographic and SSL/TLS capabilities in their embedded products, with a minimal code footprint. It offers an SSL library with an intuitive API and readable source code.
-
-**Note:** The current release is beta, and implements no secure source of random numbers, weakening its security.
-
-Currently the only supported yotta targets are:
-- `frdm-k64f-gcc`
-- `frdm-k64f-armcc`
-- `x86-linux-native`
-- `x86-osx-native`
-
-## Sample programs
-
-This release includes the following examples:
-
-1. [**Self test:**](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/example-selftest) Tests different basic functions in the mbed TLS library.
-
-2. [**Benchmark:**](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/example-benchmark) Measures the time taken to perform basic cryptographic functions used in the library.
-
-3. [**Hashing:**](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/example-hashing) Demonstrates the various APIs for computing hashes of data (also known as message digests) with SHA-256.
-
-4. [**Authenticated encryption:**](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/example-authcrypt) Demonstrates usage of the Cipher API for encrypting and authenticating data with AES-CCM.
-
-These examples are integrated as yotta tests, so that they are built automatically when you build mbed TLS. Each of them comes with complete usage instructions as a Readme file in the repository.
-
-## Performing TLS and DTLS connections
-
-A high-level API for performing TLS and DTLS connections with mbed TLS in mbed OS is provided in a separate yotta module: [mbed-tls-sockets](https://github.com/ARMmbed/mbed-tls-sockets). We recommend this API for TLS and DTLS connections. It is very similar to the API provided by the [sockets](https://github.com/ARMmbed/sockets) module for unencrypted TCP and UDP connections.
-
-The `mbed-tls-sockets` module includes a complete [example TLS client](https://github.com/ARMmbed/mbed-tls-sockets/blob/master/test/tls-client/main.cpp) with [usage instructions](https://github.com/ARMmbed/mbed-tls-sockets/blob/master/test/tls-client/README.md).
-
-## Configuring mbed TLS features
-
-mbed TLS makes it easy to disable any feature during compilation, if that feature isn't required for a particular project. The default configuration enables all modern and widely-used features, which should meet the needs of new projects, and disables all features that are older or less common, to minimize the code footprint.
-
-The list of available compilation flags is available in the fully documented [config.h file](https://github.com/ARMmbed/mbedtls/blob/development/include/mbedtls/config.h).
-
-If you need to adjust those flags, you can provide your own configuration-adjustment file with suitable `#define` and `#undef` statements. These will be included between the default definitions and the sanity checks. Your configuration file should be in your application's include directory, and can be named freely; you just need to let mbed TLS know the file's name. To do that, use yotta's [configuration system](http://docs.yottabuild.org/reference/config.html). The file's name should be in your `config.json` file, under mbedtls, as the key `user-config-file`.
-
-For example, in an application called `myapp`, if you want to enable the EC J-PAKE key exchange and disable the CBC cipher mode, you can create a file named `mbedtls-config-changes.h` in the `myapp` directory containing the following lines:
-
- #define MBEDTLS_ECJPAKE_C
- #define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
-
- #undef MBEDTLS_CIPHER_MODE_CBC
-
-And then create a file named `config.json` at the root of your application with the following contents:
-
- {
- "mbedtls": {
- "user-config-file": "\"myapp/mbedtls-config-changes.h\""
- }
- }
-
-Please note: you need to provide the exact name that will be used in the `#include` directive, including the `<>` or quotes around the name.
-
-## Getting mbed TLS from GitHub
-
-Like most components of mbed OS, mbed TLS is developed in the open and its source can be found on GitHub: [ARMmbed/mbedtls](https://github.com/ARMmbed/mbedtls). Unlike most other mbed OS components, however, you cannot just clone the repository and run `yotta build` from its root. This is because mbed TLS also exists as an independent component, so its repository includes things that are not relevant for mbed OS, as well as other build systems.
-
-The way to use mbed TLS from a clone of the GitHub repository is to run the following commands from the root of a checkout:
-
- yotta/create-module.sh
- cd yotta/module
-
-You can then run any yotta command you would normally run, such as `yotta build` or `yotta link`.
-
-## Differences between the standalone and mbed OS editions
-
-While the two editions share the same code base, there are still a number of differences, mainly in configuration and integration. You should keep in mind those differences when reading some articles in our [knowledge base](https://tls.mbed.org/kb), as currently all the articles are about the standalone edition.
-
-* The mbed OS edition has a smaller set of features enabled by default in `config.h`, in order to reduce footprint. While the default configuration of the standalone edition puts more emphasize on maintaining interoperability with old peers, the mbed OS edition only enables the most modern ciphers and the latest version of (D)TLS.
-
-* The following components of mbed TLS are disabled in the mbed OS edition: `net_sockets.c` and `timing.c`. This is because mbed OS include their equivalents.
-
-* The mbed OS edition comes with a fully integrated API for (D)TLS connections in a companion module: [mbed-tls-sockets](https://github.com/ARMmbed/mbed-tls-sockets). See "Performing TLS and DTLS connections" above.
-
-## Other resources
-
-The [mbed TLS website](https://tls.mbed.org) contains many other useful
-resources for the developer, such as [developer
-documentation](https://tls.mbed.org/dev-corner), [knowledgebase
-articles](https://tls.mbed.org/kb), and a [support forum](https://tls.mbed.org/discussions).
-
-## Contributing
-
-We gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions:
-
-* Simple bug fixes to existing code do not contain copyright themselves and we can integrate without issue. The same is true of trivial contributions.
-
-* For larger contributions, such as a new feature, the code can possibly fall under copyright law. We then need your consent to share in the ownership of the copyright. We have a form for this, which we will send to you in case you submit a contribution or pull request that we deem this necessary for.
-
-To contribute, please:
-
-* [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://tls.mbed.org/discussions) around a feature idea or a bug.
-
-* Fork the [mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the "development" branch as a basis.
-
-* Write a test that shows that the bug was fixed or that the feature works as expected.
-
-* Send a pull request and bug us until it gets merged and published. We will include your name in the ChangeLog.
-
diff --git a/yotta/data/adjust-config.sh b/yotta/data/adjust-config.sh
deleted file mode 100755
index 3fa8490..0000000
--- a/yotta/data/adjust-config.sh
+++ /dev/null
@@ -1,77 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-if [ $# -ne 2 ]; then
- echo "Usage: $0 path/to/config.pl path/to/config.h" >&2
- exit 1
-fi
-
-SCRIPT=$1
-FILE=$2
-
-conf() {
- $SCRIPT -f $FILE $@
-}
-
-
-# Set the target specific header
-conf set YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE \"mbedtls/target_config.h\"
-
-# not supported on mbed OS, nor used by mbed Client
-conf unset MBEDTLS_NET_C
-conf unset MBEDTLS_TIMING_C
-
-# not supported on all targets with mbed OS, nor used by mbed Client
-conf unset MBEDTLS_FS_IO
-
-conf unset MBEDTLS_CIPHER_MODE_CFB
-conf unset MBEDTLS_CIPHER_MODE_CTR
-conf unset MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
-conf unset MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
-conf unset MBEDTLS_CIPHER_PADDING_ZEROS
-conf unset MBEDTLS_ECP_DP_SECP192R1_ENABLED
-conf unset MBEDTLS_ECP_DP_SECP224R1_ENABLED
-conf unset MBEDTLS_ECP_DP_SECP521R1_ENABLED
-conf unset MBEDTLS_ECP_DP_SECP192K1_ENABLED
-conf unset MBEDTLS_ECP_DP_SECP224K1_ENABLED
-conf unset MBEDTLS_ECP_DP_SECP256K1_ENABLED
-conf unset MBEDTLS_ECP_DP_BP256R1_ENABLED
-conf unset MBEDTLS_ECP_DP_BP384R1_ENABLED
-conf unset MBEDTLS_ECP_DP_BP512R1_ENABLED
-conf unset MBEDTLS_PK_PARSE_EC_EXTENDED
-
-conf unset MBEDTLS_AESNI_C
-conf unset MBEDTLS_ARC4_C
-conf unset MBEDTLS_BLOWFISH_C
-conf unset MBEDTLS_CAMELLIA_C
-conf unset MBEDTLS_DES_C
-conf unset MBEDTLS_DHM_C
-conf unset MBEDTLS_GENPRIME
-conf unset MBEDTLS_MD5_C
-conf unset MBEDTLS_PADLOCK_C
-conf unset MBEDTLS_PEM_WRITE_C
-conf unset MBEDTLS_PKCS5_C
-conf unset MBEDTLS_PKCS12_C
-conf unset MBEDTLS_RIPEMD160_C
-conf unset MBEDTLS_SHA1_C
-conf unset MBEDTLS_XTEA_C
-
-conf unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
-
-conf unset MBEDTLS_X509_CSR_PARSE_C
-conf unset MBEDTLS_X509_CREATE_C
-conf unset MBEDTLS_X509_CRT_WRITE_C
-conf unset MBEDTLS_X509_CSR_WRITE_C
-
-conf unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
-conf unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-conf unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-conf unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
-conf unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-conf unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-conf unset MBEDTLS_SSL_FALLBACK_SCSV
-conf unset MBEDTLS_SSL_CBC_RECORD_SPLITTING
-conf unset MBEDTLS_SSL_PROTO_TLS1
-conf unset MBEDTLS_SSL_PROTO_TLS1_1
-conf unset MBEDTLS_SSL_TRUNCATED_HMAC
diff --git a/yotta/data/entropy_hardware_poll.c b/yotta/data/entropy_hardware_poll.c
deleted file mode 100644
index 3a61e22..0000000
--- a/yotta/data/entropy_hardware_poll.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Hardware entropy collector for the K64F, using Freescale's RNGA
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-/*
- * WARNING: this is temporary!
- * This should be in a separate yotta module which would be a target
- * dependency of mbedtls (see IOTSSL-313)
- */
-
-#if defined(TARGET_LIKE_K64F)
-
-/*
- * Reference: "K64 Sub-Family Reference Manual, Rev. 2", chapter 34
- */
-
-#include "fsl_clock_manager.h"
-
-/*
- * Get one byte of entropy from the RNG, assuming it is up and running.
- * As recommended (34.1.1), get only one bit of each output.
- */
-static void rng_get_byte( unsigned char *byte )
-{
- size_t bit;
-
- /* 34.5 Steps 3-4-5: poll SR and read from OR when ready */
- for( bit = 0; bit < 8; bit++ )
- {
- while( ( RNG->SR & RNG_SR_OREG_LVL_MASK ) == 0 );
- *byte |= ( RNG->OR & 1 ) << bit;
- }
-}
-
-/*
- * Get len bytes of entropy from the hardware RNG.
- */
-int mbedtls_hardware_poll( void *data,
- unsigned char *output, size_t len, size_t *olen )
-{
- size_t i;
- int ret;
- ((void) data);
-
- CLOCK_SYS_EnableRngaClock( 0 );
-
- /* Set "Interrupt Mask", "High Assurance" and "Go",
- * unset "Clear interrupt" and "Sleep" */
- RNG->CR = RNG_CR_INTM_MASK | RNG_CR_HA_MASK | RNG_CR_GO_MASK;
-
- for( i = 0; i < len; i++ )
- rng_get_byte( output + i );
-
- /* Just be extra sure that we didn't do it wrong */
- if( ( RNG->SR & RNG_SR_SECV_MASK ) != 0 )
- {
- ret = -1;
- goto cleanup;
- }
-
- *olen = len;
- ret = 0;
-
-cleanup:
- /* Disable clock to save power - assume we're the only users of RNG */
- CLOCK_SYS_DisableRngaClock( 0 );
-
- return( ret );
-}
-
-#endif
diff --git a/yotta/data/example-authcrypt/README.md b/yotta/data/example-authcrypt/README.md
deleted file mode 100644
index 4498b9d..0000000
--- a/yotta/data/example-authcrypt/README.md
+++ /dev/null
@@ -1,68 +0,0 @@
-# Authenticated Encryption Example
-
-This application performs authenticated encryption and authenticated decryption of a buffer. It serves as a tutorial for the basic authenticated encryption functions of mbed TLS.
-
-## Pre-requisites
-
-To build and run this example you must have:
-
-* A computer with the following software installed:
- * [CMake](http://www.cmake.org/download/).
- * [yotta](https://github.com/ARMmbed/yotta). Please note that **yotta has its own set of dependencies**, listed in the [installation instructions](http://armmbed.github.io/yotta/#installing-on-windows).
- * [Python](https://www.python.org/downloads/).
- * [The ARM GCC toolchain](https://launchpad.net/gcc-arm-embedded).
- * A serial terminal emulator (Like screen, pySerial and cu).
-* An [FRDM-K64F](http://developer.mbed.org/platforms/FRDM-K64F/) development board, or another board supported by mbed OS (in which case you'll have to substitute frdm-k64f-gcc with the appropriate target in the instructions below).
-* A micro-USB cable.
-* If your OS is Windows, please follow the installation instructions [for the serial port driver](https://developer.mbed.org/handbook/Windows-serial-configuration).
-
-## Getting started
-
-1. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the "OpenSDA" connector on the target board.
-
-2. Navigate to the mbedtls directory supplied with your release and open a terminal.
-
-3. Set the yotta target:
-
- ```
- yotta target frdm-k64f-gcc
- ```
-
-4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
-
- ```
- $ yotta build
- ```
-
-5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-authcrypt.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
-
-6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
-
- Use the following settings:
-
- * 115200 baud (not 9600).
- * 8N1.
- * No flow control.
-
-7. Press the Reset button on the board.
-
-8. The output in the terminal window should look like:
-
- ```
- {{timeout;10}}
- {{host_test_name;default}}
- {{description;mbed TLS example authcrypt}}
- {{test_id;MBEDTLS_EX_AUTHCRYPT}}
- {{start}}
-
-
- plaintext message: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400
- ciphertext: c57f7afb94f14c7977d785d08682a2596bd62ee9dcf216b8cccd997afee9b402f5de1739e8e6467aa363749ef39392e5c66622b01c7203ec0a3d14
- decrypted: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400
-
- DONE
- {{success}}
- {{end}}
- ```
-
-The actual output for the ciphertext line will vary on each run because of the use of a random nonce in the encryption process.
diff --git a/yotta/data/example-authcrypt/main.cpp b/yotta/data/example-authcrypt/main.cpp
deleted file mode 100644
index 23fad27..0000000
--- a/yotta/data/example-authcrypt/main.cpp
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * Hello world example of using the authenticated encryption with mbed TLS
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-#include "mbedtls/cipher.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-
-static void print_hex(const char *title, const unsigned char buf[], size_t len)
-{
- printf("%s: ", title);
-
- for (size_t i = 0; i < len; i++)
- printf("%02x", buf[i]);
-
- printf("\r\n");
-}
-
-/*
- * The pre-shared key. Should be generated randomly and be unique to the
- * device/channel/etc. Just used a fixed on here for simplicity.
- */
-static const unsigned char secret_key[16] = {
- 0xf4, 0x82, 0xc6, 0x70, 0x3c, 0xc7, 0x61, 0x0a,
- 0xb9, 0xa0, 0xb8, 0xe9, 0x87, 0xb8, 0xc1, 0x72,
-};
-
-static int example(void)
-{
- /* message that should be protected */
- const char message[] = "Some things are better left unread";
- /* metadata transmitted in the clear but authenticated */
- const char metadata[] = "eg sequence number, routing info";
- /* ciphertext buffer large enough to hold message + nonce + tag */
- unsigned char ciphertext[128] = { 0 };
- int ret;
-
- printf("\r\n\r\n");
- print_hex("plaintext message", (unsigned char *) message, sizeof message);
-
- /*
- * Setup random number generator
- * (Note: later this might be done automatically.)
- */
- mbedtls_entropy_context entropy; /* entropy pool for seeding PRNG */
- mbedtls_ctr_drbg_context drbg; /* pseudo-random generator */
-
- mbedtls_entropy_init(&entropy);
- mbedtls_ctr_drbg_init(&drbg);
-
- /* Seed the PRNG using the entropy pool, and throw in our secret key as an
- * additional source of randomness. */
- ret = mbedtls_ctr_drbg_seed(&drbg, mbedtls_entropy_func, &entropy,
- secret_key, sizeof (secret_key));
- if (ret != 0) {
- printf("mbedtls_ctr_drbg_init() returned -0x%04X\r\n", -ret);
- return 1;
- }
-
- /*
- * Setup AES-CCM contex
- */
- mbedtls_cipher_context_t ctx;
-
- mbedtls_cipher_init(&ctx);
-
- ret = mbedtls_cipher_setup(&ctx, mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_CCM));
- if (ret != 0) {
- printf("mbedtls_cipher_setup() returned -0x%04X\r\n", -ret);
- return 1;
- }
-
- ret = mbedtls_cipher_setkey(&ctx, secret_key, 8 * sizeof secret_key, MBEDTLS_ENCRYPT);
- if (ret != 0) {
- printf("mbedtls_cipher_setkey() returned -0x%04X\r\n", -ret);
- return 1;
- }
-
- /*
- * Encrypt-authenticate the message and authenticate additional data
- *
- * First generate a random 8-byte nonce.
- * Put it directly in the output buffer as the recipient will need it.
- *
- * Warning: you must never re-use the same (key, nonce) pair. One of the
- * best ways to ensure this to use a counter for the nonce. However this
- * means you should save the counter accross rebots, if the key is a
- * long-term one. The alternative we choose here is to generate the nonce
- * randomly. However it only works if you have a good source of
- * randomness.
- */
- const size_t nonce_len = 8;
- mbedtls_ctr_drbg_random(&drbg, ciphertext, nonce_len);
-
- size_t ciphertext_len = 0;
- /* Go for a conservative 16-byte (128-bit) tag
- * and append it to the ciphertext */
- const size_t tag_len = 16;
- ret = mbedtls_cipher_auth_encrypt(&ctx, ciphertext, nonce_len,
- (const unsigned char *) metadata, sizeof metadata,
- (const unsigned char *) message, sizeof message,
- ciphertext + nonce_len, &ciphertext_len,
- ciphertext + nonce_len + sizeof message, tag_len );
- if (ret != 0) {
- printf("mbedtls_cipher_auth_encrypt() returned -0x%04X\r\n", -ret);
- return 1;
- }
- ciphertext_len += nonce_len + tag_len;
-
- /*
- * The following information should now be transmitted:
- * - first ciphertext_len bytes of ciphertext buffer
- * - metadata if not already transmitted elsewhere
- */
- print_hex("ciphertext", ciphertext, ciphertext_len);
-
- /*
- * Decrypt-authenticate
- */
- unsigned char decrypted[128] = { 0 };
- size_t decrypted_len = 0;
-
- ret = mbedtls_cipher_setkey(&ctx, secret_key, 8 * sizeof secret_key, MBEDTLS_DECRYPT);
- if (ret != 0) {
- printf("mbedtls_cipher_setkey() returned -0x%04X\r\n", -ret);
- return 1;
- }
-
- ret = mbedtls_cipher_auth_decrypt(&ctx,
- ciphertext, nonce_len,
- (const unsigned char *) metadata, sizeof metadata,
- ciphertext + nonce_len, ciphertext_len - nonce_len - tag_len,
- decrypted, &decrypted_len,
- ciphertext + ciphertext_len - tag_len, tag_len );
- /* Checking the return code is CRITICAL for security here */
- if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) {
- printf("Something bad is happening! Data is not authentic!\r\n");
- return 1;
- }
- if (ret != 0) {
- printf("mbedtls_cipher_authdecrypt() returned -0x%04X\r\n", -ret);
- return 1;
- }
-
- print_hex("decrypted", decrypted, decrypted_len);
-
- printf("\r\nDONE\r\n");
-
- return 0;
-}
-
-#if defined(TARGET_LIKE_MBED)
-
-#include "mbed-drivers/test_env.h"
-#include "minar/minar.h"
-
-static void run() {
- MBED_HOSTTEST_TIMEOUT(10);
- MBED_HOSTTEST_SELECT(default);
- MBED_HOSTTEST_DESCRIPTION(mbed TLS example authcrypt);
- MBED_HOSTTEST_START("MBEDTLS_EX_AUTHCRYPT");
- MBED_HOSTTEST_RESULT(example() == 0);
-}
-
-void app_start(int, char*[]) {
- /* Use 115200 bps for consistency with other examples */
- get_stdio_serial().baud(115200);
- minar::Scheduler::postCallback(mbed::util::FunctionPointer0<void>(run).bind());
-}
-
-#else
-
-int main() {
- return example();
-}
-
-#endif
diff --git a/yotta/data/example-benchmark/README.md b/yotta/data/example-benchmark/README.md
deleted file mode 100644
index 715abee..0000000
--- a/yotta/data/example-benchmark/README.md
+++ /dev/null
@@ -1,100 +0,0 @@
-# mbed TLS Benchmark Example
-
-This application benchmarks the various cryptographic primitives offered by mbed TLS.
-
-## Pre-requisites
-
-To build and run this example you must have:
-
-* A computer with the following software installed:
- * [CMake](http://www.cmake.org/download/).
- * [yotta](https://github.com/ARMmbed/yotta). Please note that **yotta has its own set of dependencies**, listed in the [installation instructions](http://armmbed.github.io/yotta/#installing-on-windows).
- * [Python](https://www.python.org/downloads/).
- * [The ARM GCC toolchain](https://launchpad.net/gcc-arm-embedded).
- * A serial terminal emulator (Like screen, pySerial and cu).
-* An [FRDM-K64F](http://developer.mbed.org/platforms/FRDM-K64F/) development board, or another board supported by mbed OS (in which case you'll have to substitute frdm-k64f-gcc with the appropriate target in the instructions below).
-* A micro-USB cable.
-* If your OS is Windows, please follow the installation instructions [for the serial port driver](https://developer.mbed.org/handbook/Windows-serial-configuration).
-
-## Getting started
-
-1. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the "OpenSDA" connector on the target board.
-
-2. Navigate to the mbedtls directory supplied with your release and open a terminal.
-
-3. Set the yotta target:
-
- ```
- yotta target frdm-k64f-gcc
- ```
-
-4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
-
- ```
- $ yotta build
- ```
-
-5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-benchmark.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
-
-6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
-
- Use the following settings:
-
- * 115200 baud (not 9600).
- * 8N1.
- * No flow control.
-
-7. Press the Reset button on the board.
-
-8. The output in the terminal window should look like:
-
- ```
- {{timeout;150}}
- {{host_test_name;default}}
- {{description;mbed TLS benchmark program}}
- {{test_id;MBEDTLS_BENCHMARK}}
- {{start}}
-
-
- SHA-1 : 3644 KiB/s, 32 cycles/byte
- SHA-256 : 1957 KiB/s, 59 cycles/byte
- SHA-512 : 587 KiB/s, 200 cycles/byte
- AES-CBC-128 : 1359 KiB/s, 86 cycles/byte
- AES-CBC-192 : 1183 KiB/s, 99 cycles/byte
- AES-CBC-256 : 1048 KiB/s, 111 cycles/byte
- AES-GCM-128 : 421 KiB/s, 279 cycles/byte
- AES-GCM-192 : 403 KiB/s, 292 cycles/byte
- AES-GCM-256 : 385 KiB/s, 305 cycles/byte
- AES-CCM-128 : 542 KiB/s, 216 cycles/byte
- AES-CCM-192 : 484 KiB/s, 242 cycles/byte
- AES-CCM-256 : 437 KiB/s, 268 cycles/byte
- CTR_DRBG (NOPR) : 1002 KiB/s, 117 cycles/byte
- CTR_DRBG (PR) : 705 KiB/s, 166 cycles/byte
- HMAC_DRBG SHA-1 (NOPR) : 228 KiB/s, 517 cycles/byte
- HMAC_DRBG SHA-1 (PR) : 210 KiB/s, 561 cycles/byte
- HMAC_DRBG SHA-256 (NOPR) : 212 KiB/s, 557 cycles/byte
- HMAC_DRBG SHA-256 (PR) : 185 KiB/s, 637 cycles/byte
- RSA-2048 : 41 ms/ public
- RSA-2048 : 1349 ms/private
- RSA-4096 : 134 ms/ public
- RSA-4096 : 7149 ms/private
- ECDSA-secp384r1 : 640 ms/sign
- ECDSA-secp256r1 : 387 ms/sign
- ECDSA-secp384r1 : 1233 ms/verify
- ECDSA-secp256r1 : 751 ms/verify
- ECDHE-secp384r1 : 1191 ms/handshake
- ECDHE-secp256r1 : 730 ms/handshake
- ECDHE-Curve25519 : 611 ms/handshake
- ECDH-secp384r1 : 584 ms/handshake
- ECDH-secp256r1 : 365 ms/handshake
- ECDH-Curve25519 : 303 ms/handshake
-
- {{success}}
- {{end}}
- ```
-
-Any performance data generated by this example application are indicative only of the performance of the mbed TLS module on the platform it's executed on.
-
-Differences in the integration of mbed TLS into the platform, such as whether all available hardware accelerators have been used or not, can lead to significant differences in performance, and so results from the program are not intended to be used to meaningfully compare platforms.
-
-The figures may also slightly change from execution to execution due to variations in the timing functions.
diff --git a/yotta/data/example-benchmark/main.cpp b/yotta/data/example-benchmark/main.cpp
deleted file mode 100644
index d13cde5..0000000
--- a/yotta/data/example-benchmark/main.cpp
+++ /dev/null
@@ -1,951 +0,0 @@
-/*
- * Benchmark demonstration program
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-#if !defined(TARGET_LIKE_MBED)
-
-#include <stdio.h>
-
-int main() {
- printf("this version of this program only works on mbed OS\n");
- return 0;
-}
-
-#else
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_exit exit
-#define mbedtls_printf printf
-#define mbedtls_snprintf snprintf
-#define mbedtls_free free
-#endif
-
-#include <string.h>
-
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "mbedtls/arc4.h"
-#include "mbedtls/des.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/blowfish.h"
-#include "mbedtls/camellia.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/ccm.h"
-#include "mbedtls/havege.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/hmac_drbg.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/ecdh.h"
-#include "mbedtls/error.h"
-
-#include "mbed-drivers/mbed.h"
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-#define RSA_PRIVATE_KEY_2048 \
-"-----BEGIN RSA PRIVATE KEY-----\r\n" \
-"MIIEogIBAAKCAQEA2dwVr+IMGEtA2/MCP6fA5eb/6B18Bq6e7gw8brNPkm3E6LyR\r\n" \
-"4DnMJVxZmw3bPDKBDoKzfntkMESi/Yw5UopLtVfjGfWeQWPClqffLZBsZ60BRAsg\r\n" \
-"/g+ID5tgzxSuxzftypK59uexOVCAm7hCKZHGO3DbI7bLY27j7VAgEP7d/yuaz5Fx\r\n" \
-"Kl/vu7shqrBoz6ABJVJD3KC8nUiMRUCXRINmxbyUUjA4DnicZv6+xrGKr36r6M8h\r\n" \
-"VYLa5msKc8WzbnBWzpUsrpb4/r7ML+qp92gdSfVJ8/bLiU7h2C7faDA59uaqrFK9\r\n" \
-"xmDdx7FaWhGQs3LWW6w1UNgkPS0FDYUslpsnsQIDAQABAoIBAC7IJNwM5V3+IuJY\r\n" \
-"T35Nzo1PyloUosJokvY5KGz5Ejg2XBdCDu0gXCcVqqQyGIbXrYDpLhQV+RCoXHun\r\n" \
-"tdN0oQdC5SB47s/J1Uo2qCUHo0+sBd6PqTkFKsl3KxWssk9TQjvCwC412IefMs69\r\n" \
-"hW+ZvwCanmQP56LleApIr2oW4KLfW8Ry/QfZlua+dizctdN7+H1mWwgZQTY9T27J\r\n" \
-"6RtGRA5NVkKVPzIHVJfdpKoO7xGg1g06aEbPB/VmGvZaaFWWnaf7uRvFjLZecBLu\r\n" \
-"QSx2DA/GDjirlDYj99PJb7DtB4xRtKzsyw0o+xapC8w6OtIl/3xFt9moCu2jGrsx\r\n" \
-"vpjHdfECgYEA7fSACRseIs9gAIVX8wq6gayTpA47DHYWAD6IQfIj35SJ+AgsvbFF\r\n" \
-"4AmrwDhcJVPmDy1N4nLBfyGAMt/2CfiYkdkW6QFX/ULRMMBL/G7kWV8hYQDICB2g\r\n" \
-"xaMRN1lPCmFq6BkSWjwIYTnYDFBDWVm1GVT8TMtJoM8Erej9qC0PeFUCgYEA6mF3\r\n" \
-"bigO3t8f5sig+XepaftEUbkJMzo72TVRnIR2ycdR2ihelPQ+25g9dwV0ZA5XXhBS\r\n" \
-"DKOABWjMM739Mwmy9v26Dlmu9R01zHQktMvtEAyfz7lk2NF0aMuj8285OJUBf9bz\r\n" \
-"Cq3MjtMCD+4CZ6iaEqCdUKOuxfpx5cWVJV+qve0CgYBhD1YaYMFOGaBjFgDl1f51\r\n" \
-"Xltqk5NqZdBbkSYrIAWZ8RDF5y+4wFJsLAWuhk6vuyUgE66tK3nZzWRpXAkT0B8L\r\n" \
-"fq1lpXKqj1KcvBNCiEkEW1VWJ+dvyAYIF5eyJ++hoFLnETL3M32HivyhKSwPihPg\r\n" \
-"nVW8TT9fJJIYDe1JZ/fjcQKBgHJfv7UsrR0LSvkG3K8AOtbx+8PZhOjPuRbk0v+L\r\n" \
-"EKCkuIe5/XW4vtfQMeZb7hFJgk7vrepm+vkoy8VQKDf4urGW3W1VTHBmobM01hi4\r\n" \
-"DuYvEul+Mf0wMRtWjJolo4m+BO5KiW2jpFfqFm6JmfjVqOIAKOSKC6am8V/MDF0h\r\n" \
-"kyN9AoGAT9oOiEXMolbkDZw/QCaBiRoAGlGlNYUkJ+58U6OjIZLISw6aFv+Y2uE0\r\n" \
-"mEImItjuYZtSYKblWikp6ldPoKlt9bwEFe3c6IZ8kJ3+xyEyAGrvjXjEY7PzP6dp\r\n" \
-"Ajbjp9X9uocEBv9W/KsBLdQ7yizcL/toHwdBO4vQqmqTvAc5IIw=\r\n" \
-"-----END RSA PRIVATE KEY-----\r\n"
-
-#define RSA_PRIVATE_KEY_4096 \
-"-----BEGIN RSA PRIVATE KEY-----\r\n" \
-"MIIJKgIBAAKCAgEAmkdGjoIshJuOt2NO47qB3Z3yyvmLg2j351isItSNuFQU3qr+\r\n" \
-"jXHIeANf03yw/K0Zvos8RPd+CqLjoxAQL3QDH4bZAl88bIo29i+SANbNSrKQmc0k\r\n" \
-"pH+yzw3alDzO0GZaOPZjsbo6AwBrno5msi0vRuC2aY8vGLPsZWSyLai7tneS1j/o\r\n" \
-"vYW6XIo8Cj61j2Ypy9HhVUW/4Wc+zAT25D/x7jTpkqJLWWT+YzibNbOY48M5eJcB\r\n" \
-"6/sMyUIeI3/u/wXyMrooNyLiCpedkuHRA0m7u5cWPTUISTunSRlVFij/NHJjuU8e\r\n" \
-"wA3B29yfZFsUqDEnyc+OxniIueAixTomVszxAaVn8zFEbYhFMPqziiFp99u3jfeG\r\n" \
-"k1q9mmUi/uCfUC4e2IC5rqq1ZbKSduH7Ug/Vn2bGQahww0sZFRHDXFrnBcotcW+M\r\n" \
-"bnC290VBDnYgzmdYrIOxuPb2aUwJo4ZlbKh5uBB1PigMuyhLKibQ1a+V5ZJGdpP6\r\n" \
-"SE9PGIdgYWSmh2QEMuLE6v+wTO2LQ5JgqsvFfi3GIZvkn0s8jTS72Jq2uMkFkMer\r\n" \
-"UBjPDYaSPy5kpo103KerWs+cMPOJ/3FtZzI++7MoSUTkWVr1ySQFt5i1EIZ/0Thi\r\n" \
-"jut2jNe8a4AoA3TtC8Rkk/3AIIbg8MVNT4EnT+KHROTMu6gET1oJ3YfBRpUCAwEA\r\n" \
-"AQKCAgEAhuNSmT7PVZH8kfLOAuYKrY1vvm+4v0iDl048Eqfs0QESziyLK3gUYnnw\r\n" \
-"yqP2yrU+EQ8Dvvj0xq/sf6GHxTWVlXb9PcmutueRbmXhLcKg83J0Y0StiPXtjIL8\r\n" \
-"XSddW3Bh6fPi7n14Qy+W6KZwu9AtybanRlvePabyRSRpdOpWVQ7u30w5XZsSed6S\r\n" \
-"6BI0BBC68m2qqje1sInoqdCdXKtcB31TytUDNEHM+UuAyM8iGeGS2hCNqZlycHTS\r\n" \
-"jQ9KEsdMH3YLu0lQgRpWtxmg+VL6ROWwmAtKF12EwbDYZ+uoVl69OkQnCpv8pxKa\r\n" \
-"ec/4m6V+uEA1AOpaAMorHG3fH31IKWC/fTZstovgO/eG2XCtlbcCoWCQ7amFq16l\r\n" \
-"Gh1UKeBHxMXpDj4oDmIUGUvgzSNnEeSN/v76losWvWYQDjXR/LMDa/CNYsD8BmJR\r\n" \
-"PZidIjIXdVRlYOhA7ljtySQvp6RBujBfw3tsVMyZw2XzXFwM9O89b1xXC6+M5jf9\r\n" \
-"DXs/U7Fw+J9qq/YpByABcPCwWdttwdQFRbOxwxaSOKarIqS87TW1JuFcNJ59Ut6G\r\n" \
-"kMvAg6gC34U+0ktkG/AmI1hgjC+P7ErHCXBR2xARoGzcO/CMZF59S+Z2HFchpTSP\r\n" \
-"5T2o4mGy3VfHSBidQQrcZRukg8ZP8M1NF3bXjpY6QZpeLHc4oHECggEBAMjdgzzk\r\n" \
-"xp4mIYFxAEiXYt7tzuUXJk+0UpEJj5uboWLirUZqZmNUPyh6WDnzlREBH++Ms0LO\r\n" \
-"+AWSfaGPDoMb0NE2j3c4FRWAhe7Vn6lj7nLVpF2RdwRo88yGerZ4uwGMY8NUQCtn\r\n" \
-"zum3J7eCJ5DojiceRb6uMxTJ8xZmUC4W2f3J/lrR7wlYjyVnnHqH5HcemYUipWSw\r\n" \
-"sM0/cHp3lrz2VWrbAEu8HVpklvDQpdAgl7cjXt/JHYawY+p426IF/PzQSRROnzgy\r\n" \
-"4WI8FVYNV2tgu0TOFURbkkEvuj/duDKeooUIF0G0XHzha5oAX/j0iWiHbrOF6wHj\r\n" \
-"0xeajL9msKBnmD8CggEBAMSgLWmv7G31x4tndJCcXnX4AyVL7KpygAx/ZwCcyTR8\r\n" \
-"rY1rO07f/ta2noEra/xmEW/BW98qJFCHSU2nSLAQ5FpFSWyuQqrnffrMJnfWyvpr\r\n" \
-"ceQ0yQ/MiA6/JIOvGAjabcspzZijxzGp+Qk3eTT0yOXLSVOCH9B9XVHLodcy4PQM\r\n" \
-"KSCxy0vVHhVNl2SdPEwTXRmxk99Q/rw6IHVpQxBq1OhQt05nTKT+rZMD/grSK22e\r\n" \
-"my2F0DodAJwLo063Zv3RXQZhDYodMmjcp9Hqrtvj9P3HD7J3z6ACiV3SCi8cZumL\r\n" \
-"bSmnKCcd0bb45+aOWm31ieECJuIcJ9rOREEa/KDYTCsCggEBAMG5WkSVhLWsou37\r\n" \
-"dUGNuA63nq42SH3gtS0q4nU6gUkkw+dA4ST1cMByVrr1oRQ4WHup4I4TnQOKyF3T\r\n" \
-"4jQy1I+ipnVeAn+tZ/7zyzwMpEHeqNqRXA9FxbTBEoMAJ6QTqXgOvqDeSqIAQm7r\r\n" \
-"OYu5rrgtqyh/S8bGCwvUe4ooAfCSKx2ekYMbBVwW9MT8YS09tuS/iHJ3Mt2RTMLg\r\n" \
-"qeHvVmxrcXqZoFm44Ba7tN/pP0mi9HKyviZT4tmV3IYEbn3JyGGsfkUuVU9wEUfg\r\n" \
-"MCrgrVxrwfketAzooiHMjkVL2ASjzAJTmEvdAPETYXxzJD9LN0ovY3t8JfAC37IN\r\n" \
-"sVXS8/MCggEBALByOS59Y4Ktq1rLBQx8djwQyuneP0wZohUVAx7Gk7xZIfklQDyg\r\n" \
-"v/R4PrcVezstcPpDnykdjScCsGJR+uWc0v667I/ttP/e6utz5hVmmBGu965dPAzE\r\n" \
-"c1ggaSkOqFfRg/Nr2Qbf+fH0YPnHYSqHe/zSt0OMIvaaeXLcdKhEDSCUBRhE1HWB\r\n" \
-"kxR046WzgBeYzNQwycz9xwqsctJKGpeR9ute+5ANHPd3X9XtID0fqz8ctI5eZaSw\r\n" \
-"wApIW01ZQcAF8B+4WkkVuFXnpWW33yCOaRyPVOPHpnclr5WU1fS+3Q85QkW9rkej\r\n" \
-"97zlkl0QY9AHJqrXnoML1ywAK7ns+MVyNK8CggEAf62xcKZhOb1djeF72Ms+i/i/\r\n" \
-"WIAq4Q4YpsElgvJTHpNH2v9g4ngSTKe3ws3bGc502sWRlhcoTFMOW2rJNe/iqKkb\r\n" \
-"3cdeTkseDbpqozmJWz9dJWSVtXas2bZjzBEa//gQ7nHGVeQdqZJQ9rxPsoOAkfpi\r\n" \
-"qCFrmfUVUqC53e3XMt8+W+aSvKl+JZiB9ozkO9A6Q0vfQLKtjUMdQE3XaCFQT8DI\r\n" \
-"smaLBlBmeRaBpc02ENeC4ADlWosm1SwgxqMhuh2Alba/GrHOoPlVl4hDs9Fb5a6R\r\n" \
-"rmpXSt07GAxnG6j9jssA95E4rc1zO0CVKG5bvjVTxwi/sT0/VVX7VsJM4uTAQg==\r\n" \
-"-----END RSA PRIVATE KEY-----\r\n"
-
-#if defined _MSC_VER && !defined snprintf
-#define snprintf _snprintf
-#endif
-
-/*
- * For heap usage estimates, we need an estimate of the overhead per allocated
- * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block,
- * so use that as our baseline.
- */
-#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) )
-
-/*
- * Size to use for the malloc buffer if MEMORY_BUFFER_ALLOC_C is defined.
- */
-#define HEAP_SIZE (1u << 16) // 64k
-
-#define BUFSIZE 1024
-#define HEADER_FORMAT " %-24s : "
-#define TITLE_LEN 25
-
-#define OPTIONS \
- "md4, md5, ripemd160, sha1, sha256, sha512,\r\n" \
- "arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\r\n" \
- "havege, ctr_drbg, hmac_drbg\r\n" \
- "rsa, dhm, ecdsa, ecdh.\r\n"
-
-#if defined(MBEDTLS_ERROR_C)
-#define PRINT_ERROR \
- mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
- mbedtls_printf( "FAILED: %s\r\n", tmp );
-#else
-#define PRINT_ERROR \
- mbedtls_printf( "FAILED: -0x%04x\r\n", -ret );
-#endif
-
-static unsigned long mbedtls_timing_hardclock( void )
-{
- static int dwt_started = 0;
-
- if( dwt_started == 0 )
- {
- CoreDebug->DEMCR |= CoreDebug_DEMCR_TRCENA_Msk;
- DWT->CTRL |= DWT_CTRL_CYCCNTENA_Msk;
- }
-
- return( DWT->CYCCNT );
-}
-
-static volatile int alarmed;
-static void alarm() { alarmed = 1; }
-
-#define TIME_AND_TSC( TITLE, CODE ) \
-do { \
- unsigned long i, j, tsc; \
- Timeout t; \
- \
- mbedtls_printf( HEADER_FORMAT, TITLE ); \
- fflush( stdout ); \
- \
- for( i = 1, alarmed = 0, t.attach( alarm, 1.0 ); !alarmed; i++ ) \
- { \
- CODE; \
- } \
- \
- tsc = mbedtls_timing_hardclock(); \
- for( j = 0; j < 1024; j++ ) \
- { \
- CODE; \
- } \
- \
- mbedtls_printf( "%9lu KiB/s, %9lu cycles/byte\r\n", \
- i * BUFSIZE / 1024, \
- ( mbedtls_timing_hardclock() - tsc ) / ( j * BUFSIZE ) ); \
-} while( 0 )
-
-#if defined(MBEDTLS_ERROR_C)
-#define PRINT_ERROR \
- mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
- mbedtls_printf( "FAILED: %s\r\n", tmp );
-#else
-#define PRINT_ERROR \
- mbedtls_printf( "FAILED: -0x%04x\r\n", -ret );
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
-
-#define MEMORY_MEASURE_INIT \
- size_t max_used, max_blocks, max_bytes; \
- size_t prv_used, prv_blocks; \
- mbedtls_memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \
- mbedtls_memory_buffer_alloc_max_reset( );
-
-#define MEMORY_MEASURE_PRINT( title_len ) \
- mbedtls_memory_buffer_alloc_max_get( &max_used, &max_blocks ); \
- for( i = 12 - title_len; i != 0; i-- ) mbedtls_printf( " " ); \
- max_used -= prv_used; \
- max_blocks -= prv_blocks; \
- max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \
- mbedtls_printf( "%6u heap bytes", (unsigned) max_bytes );
-
-#else
-#define MEMORY_MEASURE_INIT
-#define MEMORY_MEASURE_PRINT( title_len )
-#endif
-
-#define TIME_PUBLIC( TITLE, TYPE, CODE ) \
-do { \
- unsigned long ms; \
- int ret = 0; \
- Timer t; \
- MEMORY_MEASURE_INIT; \
- \
- mbedtls_printf( HEADER_FORMAT, TITLE ); \
- fflush( stdout ); \
- \
- t.start(); \
- CODE; \
- t.stop(); \
- ms = t.read_ms(); \
- \
- if( ret != 0 ) \
- { \
- PRINT_ERROR; \
- } \
- else \
- { \
- mbedtls_printf( "%6lu ms/" TYPE, ms ); \
- MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \
- mbedtls_printf( "\r\n" ); \
- } \
-} while( 0 )
-
-static int myrand( void *rng_state, unsigned char *output, size_t len )
-{
- size_t use_len;
- int rnd;
-
- if( rng_state != NULL )
- rng_state = NULL;
-
- while( len > 0 )
- {
- use_len = len;
- if( use_len > sizeof(int) )
- use_len = sizeof(int);
-
- rnd = rand();
- memcpy( output, &rnd, use_len );
- output += use_len;
- len -= use_len;
- }
-
- return( 0 );
-}
-
-/*
- * Clear some memory that was used to prepare the context
- */
-#if defined(MBEDTLS_ECP_C)
-void ecp_clear_precomputed( mbedtls_ecp_group *grp )
-{
- if( grp->T != NULL )
- {
- size_t i;
- for( i = 0; i < grp->T_size; i++ )
- mbedtls_ecp_point_free( &grp->T[i] );
- mbedtls_free( grp->T );
- }
- grp->T = NULL;
- grp->T_size = 0;
-}
-#else
-#define ecp_clear_precomputed( g )
-#endif
-
-unsigned char buf[BUFSIZE];
-
-typedef struct {
- char md4, md5, ripemd160, sha1, sha256, sha512,
- arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,
- havege, ctr_drbg, hmac_drbg,
- rsa, dhm, ecdsa, ecdh;
-} todo_list;
-
-int benchmark( int argc, char *argv[] )
-{
- int i;
- unsigned char tmp[200];
- char title[TITLE_LEN];
- todo_list todo;
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- unsigned char malloc_buf[HEAP_SIZE] = { 0 };
-#endif
-
- if( argc <= 1 )
- {
- memset( &todo, 1, sizeof( todo ) );
- }
- else
- {
- memset( &todo, 0, sizeof( todo ) );
-
- for( i = 1; i < argc; i++ )
- {
- if( strcmp( argv[i], "md4" ) == 0 )
- todo.md4 = 1;
- else if( strcmp( argv[i], "md5" ) == 0 )
- todo.md5 = 1;
- else if( strcmp( argv[i], "ripemd160" ) == 0 )
- todo.ripemd160 = 1;
- else if( strcmp( argv[i], "sha1" ) == 0 )
- todo.sha1 = 1;
- else if( strcmp( argv[i], "sha256" ) == 0 )
- todo.sha256 = 1;
- else if( strcmp( argv[i], "sha512" ) == 0 )
- todo.sha512 = 1;
- else if( strcmp( argv[i], "arc4" ) == 0 )
- todo.arc4 = 1;
- else if( strcmp( argv[i], "des3" ) == 0 )
- todo.des3 = 1;
- else if( strcmp( argv[i], "des" ) == 0 )
- todo.des = 1;
- else if( strcmp( argv[i], "aes_cbc" ) == 0 )
- todo.aes_cbc = 1;
- else if( strcmp( argv[i], "aes_gcm" ) == 0 )
- todo.aes_gcm = 1;
- else if( strcmp( argv[i], "aes_ccm" ) == 0 )
- todo.aes_ccm = 1;
- else if( strcmp( argv[i], "camellia" ) == 0 )
- todo.camellia = 1;
- else if( strcmp( argv[i], "blowfish" ) == 0 )
- todo.blowfish = 1;
- else if( strcmp( argv[i], "havege" ) == 0 )
- todo.havege = 1;
- else if( strcmp( argv[i], "ctr_drbg" ) == 0 )
- todo.ctr_drbg = 1;
- else if( strcmp( argv[i], "hmac_drbg" ) == 0 )
- todo.hmac_drbg = 1;
- else if( strcmp( argv[i], "rsa" ) == 0 )
- todo.rsa = 1;
- else if( strcmp( argv[i], "dhm" ) == 0 )
- todo.dhm = 1;
- else if( strcmp( argv[i], "ecdsa" ) == 0 )
- todo.ecdsa = 1;
- else if( strcmp( argv[i], "ecdh" ) == 0 )
- todo.ecdh = 1;
- else
- {
- mbedtls_printf( "Unrecognized option: %s\r\n", argv[i] );
- mbedtls_printf( "Available options: " OPTIONS );
- }
- }
- }
-
- mbedtls_printf( "\r\n\r\n" );
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- mbedtls_memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) );
-#endif
- memset( buf, 0xAA, sizeof( buf ) );
- memset( tmp, 0xBB, sizeof( tmp ) );
-
-#if defined(MBEDTLS_MD4_C)
- if( todo.md4 )
- TIME_AND_TSC( "MD4", mbedtls_md4( buf, BUFSIZE, tmp ) );
-#endif
-
-#if defined(MBEDTLS_MD5_C)
- if( todo.md5 )
- TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) );
-#endif
-
-#if defined(MBEDTLS_RIPEMD160_C)
- if( todo.ripemd160 )
- TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160( buf, BUFSIZE, tmp ) );
-#endif
-
-#if defined(MBEDTLS_SHA1_C)
- if( todo.sha1 )
- TIME_AND_TSC( "SHA-1", mbedtls_sha1( buf, BUFSIZE, tmp ) );
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
- if( todo.sha256 )
- TIME_AND_TSC( "SHA-256", mbedtls_sha256( buf, BUFSIZE, tmp, 0 ) );
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
- if( todo.sha512 )
- TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) );
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
- if( todo.arc4 )
- {
- mbedtls_arc4_context arc4;
- mbedtls_arc4_init( &arc4 );
- mbedtls_arc4_setup( &arc4, tmp, 32 );
- TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) );
- mbedtls_arc4_free( &arc4 );
- }
-#endif
-
-#if defined(MBEDTLS_DES_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.des3 )
- {
- mbedtls_des3_context des3;
- mbedtls_des3_init( &des3 );
- mbedtls_des3_set3key_enc( &des3, tmp );
- TIME_AND_TSC( "3DES",
- mbedtls_des3_crypt_cbc( &des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
- mbedtls_des3_free( &des3 );
- }
-
- if( todo.des )
- {
- mbedtls_des_context des;
- mbedtls_des_init( &des );
- mbedtls_des_setkey_enc( &des, tmp );
- TIME_AND_TSC( "DES",
- mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
- mbedtls_des_free( &des );
- }
-#endif
-
-#if defined(MBEDTLS_AES_C)
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.aes_cbc )
- {
- int keysize;
- mbedtls_aes_context aes;
- mbedtls_aes_init( &aes );
- for( keysize = 128; keysize <= 256; keysize += 64 )
- {
- mbedtls_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
-
- memset( buf, 0, sizeof( buf ) );
- memset( tmp, 0, sizeof( tmp ) );
- mbedtls_aes_setkey_enc( &aes, tmp, keysize );
-
- TIME_AND_TSC( title,
- mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
- }
- mbedtls_aes_free( &aes );
- }
-#endif
-#if defined(MBEDTLS_GCM_C)
- if( todo.aes_gcm )
- {
- int keysize;
- mbedtls_gcm_context gcm;
-
- mbedtls_gcm_init( &gcm );
- for( keysize = 128; keysize <= 256; keysize += 64 )
- {
- mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
-
- memset( buf, 0, sizeof( buf ) );
- memset( tmp, 0, sizeof( tmp ) );
- mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
-
- TIME_AND_TSC( title,
- mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp,
- 12, NULL, 0, buf, buf, 16, tmp ) );
-
- mbedtls_gcm_free( &gcm );
- }
- }
-#endif
-#if defined(MBEDTLS_CCM_C)
- if( todo.aes_ccm )
- {
- int keysize;
- mbedtls_ccm_context ccm;
-
- mbedtls_ccm_init( &ccm );
- for( keysize = 128; keysize <= 256; keysize += 64 )
- {
- mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
-
- memset( buf, 0, sizeof( buf ) );
- memset( tmp, 0, sizeof( tmp ) );
- mbedtls_ccm_setkey( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
-
- TIME_AND_TSC( title,
- mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp,
- 12, NULL, 0, buf, buf, tmp, 16 ) );
-
- mbedtls_ccm_free( &ccm );
- }
- }
-#endif
-#endif
-
-#if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.camellia )
- {
- int keysize;
- mbedtls_camellia_context camellia;
- mbedtls_camellia_init( &camellia );
- for( keysize = 128; keysize <= 256; keysize += 64 )
- {
- mbedtls_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
-
- memset( buf, 0, sizeof( buf ) );
- memset( tmp, 0, sizeof( tmp ) );
- mbedtls_camellia_setkey_enc( &camellia, tmp, keysize );
-
- TIME_AND_TSC( title,
- mbedtls_camellia_crypt_cbc( &camellia, MBEDTLS_CAMELLIA_ENCRYPT,
- BUFSIZE, tmp, buf, buf ) );
- }
- mbedtls_camellia_free( &camellia );
- }
-#endif
-
-#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.blowfish )
- {
- int keysize;
- mbedtls_blowfish_context blowfish;
- mbedtls_blowfish_init( &blowfish );
-
- for( keysize = 128; keysize <= 256; keysize += 64 )
- {
- mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
-
- memset( buf, 0, sizeof( buf ) );
- memset( tmp, 0, sizeof( tmp ) );
- mbedtls_blowfish_setkey( &blowfish, tmp, keysize );
-
- TIME_AND_TSC( title,
- mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE,
- tmp, buf, buf ) );
- }
-
- mbedtls_blowfish_free( &blowfish );
- }
-#endif
-
-#if defined(MBEDTLS_HAVEGE_C)
- if( todo.havege )
- {
- mbedtls_havege_state hs;
- mbedtls_havege_init( &hs );
- TIME_AND_TSC( "HAVEGE", mbedtls_havege_random( &hs, buf, BUFSIZE ) );
- mbedtls_havege_free( &hs );
- }
-#endif
-
-#if defined(MBEDTLS_CTR_DRBG_C)
- if( todo.ctr_drbg )
- {
- mbedtls_ctr_drbg_context ctr_drbg;
-
- mbedtls_ctr_drbg_init( &ctr_drbg );
-
- if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
- mbedtls_exit(1);
- TIME_AND_TSC( "CTR_DRBG (NOPR)",
- if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
-
- if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
- mbedtls_exit(1);
- mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON );
- TIME_AND_TSC( "CTR_DRBG (PR)",
- if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- }
-#endif
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
- if( todo.hmac_drbg )
- {
- mbedtls_hmac_drbg_context hmac_drbg;
- const mbedtls_md_info_t *md_info;
-
- mbedtls_hmac_drbg_init( &hmac_drbg );
-
-#if defined(MBEDTLS_SHA1_C)
- if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
- mbedtls_exit(1);
-
- if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
- mbedtls_exit(1);
- TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
- if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_hmac_drbg_free( &hmac_drbg );
-
- if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
- mbedtls_exit(1);
- mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
- MBEDTLS_HMAC_DRBG_PR_ON );
- TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
- if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_hmac_drbg_free( &hmac_drbg );
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
- if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL )
- mbedtls_exit(1);
-
- if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
- mbedtls_exit(1);
- TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
- if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_hmac_drbg_free( &hmac_drbg );
-
- if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
- mbedtls_exit(1);
- mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
- MBEDTLS_HMAC_DRBG_PR_ON );
- TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
- if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- mbedtls_exit(1) );
- mbedtls_hmac_drbg_free( &hmac_drbg );
-#endif
- }
-#endif
-
-#if defined(MBEDTLS_RSA_C) && \
- defined(MBEDTLS_PEM_PARSE_C) && defined(MBEDTLS_PK_PARSE_C)
- if( todo.rsa )
- {
- mbedtls_pk_context pk;
- mbedtls_rsa_context *rsa;
- const char *rsa_keys[] = { RSA_PRIVATE_KEY_2048, RSA_PRIVATE_KEY_4096 };
- size_t i;
-
- for( i = 0; i < sizeof( rsa_keys ) / sizeof( rsa_keys[0] ); i++ )
- {
- mbedtls_pk_init( &pk );
- mbedtls_pk_parse_key( &pk, (const unsigned char *) rsa_keys[i],
- strlen( rsa_keys[i] ) + 1, NULL, 0 );
- rsa = mbedtls_pk_rsa( pk );
-
- mbedtls_snprintf( title, sizeof( title ), "RSA-%d", mbedtls_pk_get_bitlen( &pk ) );
-
- TIME_PUBLIC( title, " public",
- buf[0] = 0;
- ret = mbedtls_rsa_public( rsa, buf, buf ) );
-
- TIME_PUBLIC( title, "private",
- buf[0] = 0;
- ret = mbedtls_rsa_private( rsa, myrand, NULL, buf, buf ) );
-
- mbedtls_pk_free( &pk );
- }
- }
-#endif
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_BIGNUM_C)
- if( todo.dhm )
- {
- int dhm_sizes[] = { 2048, 3072 };
- const char *dhm_P[] = {
- MBEDTLS_DHM_RFC3526_MODP_2048_P,
- MBEDTLS_DHM_RFC3526_MODP_3072_P,
- };
- const char *dhm_G[] = {
- MBEDTLS_DHM_RFC3526_MODP_2048_G,
- MBEDTLS_DHM_RFC3526_MODP_3072_G,
- };
-
- mbedtls_dhm_context dhm;
- size_t olen;
- for( i = 0; (size_t) i < sizeof( dhm_sizes ) / sizeof( dhm_sizes[0] ); i++ )
- {
- mbedtls_dhm_init( &dhm );
-
- if( mbedtls_mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 ||
- mbedtls_mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 )
- {
- mbedtls_exit( 1 );
- }
-
- dhm.len = mbedtls_mpi_size( &dhm.P );
- mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL );
- if( mbedtls_mpi_copy( &dhm.GY, &dhm.GX ) != 0 )
- mbedtls_exit( 1 );
-
- mbedtls_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
- TIME_PUBLIC( title, "handshake",
- ret |= mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len,
- myrand, NULL );
- ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) );
-
- mbedtls_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
- TIME_PUBLIC( title, "handshake",
- ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) );
-
- mbedtls_dhm_free( &dhm );
- }
- }
-#endif
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_SHA256_C)
- if( todo.ecdsa )
- {
- mbedtls_ecdsa_context ecdsa;
- const mbedtls_ecp_curve_info *curve_info;
- size_t sig_len;
-
- memset( buf, 0x2A, sizeof( buf ) );
-
- for( curve_info = mbedtls_ecp_curve_list();
- curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
- curve_info++ )
- {
- mbedtls_ecdsa_init( &ecdsa );
-
- if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
- mbedtls_exit( 1 );
- ecp_clear_precomputed( &ecdsa.grp );
-
- mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
- curve_info->name );
- TIME_PUBLIC( title, "sign",
- ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
- tmp, &sig_len, myrand, NULL ) );
-
- mbedtls_ecdsa_free( &ecdsa );
- }
-
- for( curve_info = mbedtls_ecp_curve_list();
- curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
- curve_info++ )
- {
- mbedtls_ecdsa_init( &ecdsa );
-
- if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||
- mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
- tmp, &sig_len, myrand, NULL ) != 0 )
- {
- mbedtls_exit( 1 );
- }
- ecp_clear_precomputed( &ecdsa.grp );
-
- mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
- curve_info->name );
- TIME_PUBLIC( title, "verify",
- ret = mbedtls_ecdsa_read_signature( &ecdsa, buf, curve_info->bit_size,
- tmp, sig_len ) );
-
- mbedtls_ecdsa_free( &ecdsa );
- }
- }
-#endif
-
-#if defined(MBEDTLS_ECDH_C)
- if( todo.ecdh )
- {
- mbedtls_ecdh_context ecdh;
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
- mbedtls_mpi z;
-#endif
- const mbedtls_ecp_curve_info *curve_info;
- size_t olen;
-
- for( curve_info = mbedtls_ecp_curve_list();
- curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
- curve_info++ )
- {
- mbedtls_ecdh_init( &ecdh );
-
- if( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) != 0 ||
- mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
- myrand, NULL ) != 0 ||
- mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 )
- {
- mbedtls_exit( 1 );
- }
- ecp_clear_precomputed( &ecdh.grp );
-
- mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s",
- curve_info->name );
- TIME_PUBLIC( title, "handshake",
- ret |= mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
- myrand, NULL );
- ret |= mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
- myrand, NULL ) );
- mbedtls_ecdh_free( &ecdh );
- }
-
- /* Curve25519 needs to be handled separately */
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
- mbedtls_ecdh_init( &ecdh );
- mbedtls_mpi_init( &z );
-
- if( mbedtls_ecp_group_load( &ecdh.grp, MBEDTLS_ECP_DP_CURVE25519 ) != 0 ||
- mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 )
- {
- mbedtls_exit( 1 );
- }
-
- TIME_PUBLIC( "ECDHE-Curve25519", "handshake",
- ret |= mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q,
- myrand, NULL );
- ret |= mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
- myrand, NULL ) );
-
- mbedtls_ecdh_free( &ecdh );
- mbedtls_mpi_free( &z );
-#endif
-
- for( curve_info = mbedtls_ecp_curve_list();
- curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
- curve_info++ )
- {
- mbedtls_ecdh_init( &ecdh );
-
- if( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) != 0 ||
- mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
- myrand, NULL ) != 0 ||
- mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 ||
- mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
- myrand, NULL ) != 0 )
- {
- mbedtls_exit( 1 );
- }
- ecp_clear_precomputed( &ecdh.grp );
-
- mbedtls_snprintf( title, sizeof( title ), "ECDH-%s",
- curve_info->name );
- TIME_PUBLIC( title, "handshake",
- ret |= mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
- myrand, NULL ) );
- mbedtls_ecdh_free( &ecdh );
- }
-
- /* Curve25519 needs to be handled separately */
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
- mbedtls_ecdh_init( &ecdh );
- mbedtls_mpi_init( &z );
-
- if( mbedtls_ecp_group_load( &ecdh.grp, MBEDTLS_ECP_DP_CURVE25519 ) != 0 ||
- mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp,
- myrand, NULL ) != 0 ||
- mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 )
- {
- mbedtls_exit( 1 );
- }
-
- TIME_PUBLIC( "ECDH-Curve25519", "handshake",
- ret |= mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
- myrand, NULL ) );
-
- mbedtls_ecdh_free( &ecdh );
- mbedtls_mpi_free( &z );
-#endif
- }
-#endif
-
- mbedtls_printf( "\r\n" );
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- mbedtls_memory_buffer_alloc_free();
-#endif
-
-#if defined(_WIN32)
- mbedtls_printf( " Press Enter to exit this program.\r\n" );
- fflush( stdout ); getchar();
-#endif
-
- return( 0 );
-}
-
-#include "mbed-drivers/test_env.h"
-#include "minar/minar.h"
-
-static void run() {
- MBED_HOSTTEST_TIMEOUT(150);
- MBED_HOSTTEST_SELECT(default);
- MBED_HOSTTEST_DESCRIPTION(mbed TLS benchmark program);
- MBED_HOSTTEST_START("MBEDTLS_BENCHMARK");
- MBED_HOSTTEST_RESULT(benchmark(0, NULL) == 0);
-}
-
-void app_start(int, char*[]) {
- /* Use 115200 bps for consistency with other examples */
- get_stdio_serial().baud(115200);
- minar::Scheduler::postCallback(mbed::util::FunctionPointer0<void>(run).bind());
-}
-
-#endif /* TARGET_LIKE_MBED */
diff --git a/yotta/data/example-hashing/README.md b/yotta/data/example-hashing/README.md
deleted file mode 100644
index 6f0f969..0000000
--- a/yotta/data/example-hashing/README.md
+++ /dev/null
@@ -1,67 +0,0 @@
-# SHA-256 Hash Example
-
-This application performs hashing of a buffer with SHA-256 using various APIs. It serves as a tutorial for the basic hashing APIs of mbed TLS.
-
-## Pre-requisites
-
-To build and run this example you must have:
-
-* A computer with the following software installed:
- * [CMake](http://www.cmake.org/download/).
- * [yotta](https://github.com/ARMmbed/yotta). Please note that **yotta has its own set of dependencies**, listed in the [installation instructions](http://armmbed.github.io/yotta/#installing-on-windows).
- * [Python](https://www.python.org/downloads/).
- * [The ARM GCC toolchain](https://launchpad.net/gcc-arm-embedded).
- * A serial terminal emulator (Like screen, pySerial and cu).
-* An [FRDM-K64F](http://developer.mbed.org/platforms/FRDM-K64F/) development board, or another board supported by mbed OS (in which case you'll have to substitute frdm-k64f-gcc with the appropriate target in the instructions below).
-* A micro-USB cable.
-* If your OS is Windows, please follow the installation instructions [for the serial port driver](https://developer.mbed.org/handbook/Windows-serial-configuration).
-
-## Getting started
-
-1. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the "OpenSDA" connector on the target board.
-
-2. Navigate to the mbedtls directory supplied with your release and open a terminal.
-
-3. Set the yotta target:
-
- ```
- yotta target frdm-k64f-gcc
- ```
-
-4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
-
- ```
- $ yotta build
- ```
-
-5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-hashing.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
-
-6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
-
- Use the following settings:
-
- * 115200 baud (not 9600).
- * 8N1.
- * No flow control.
-
-7. Press the Reset button on the board.
-
-8. The output in the terminal window should look like:
-
- ```
- {{timeout;10}}
- {{host_test_name;default}}
- {{description;mbed TLS example on hashing}}
- {{test_id;MBEDTLS_EX_HASHING}}
- {{start}}
-
-
- Method 1: 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
- Method 2: 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
- Method 3: 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
- Method 4: 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
-
- DONE
- {{success}}
- {{end}}
- ```
diff --git a/yotta/data/example-hashing/main.cpp b/yotta/data/example-hashing/main.cpp
deleted file mode 100644
index 574152a..0000000
--- a/yotta/data/example-hashing/main.cpp
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * Hello world example of using the hashing functions of mbed TLS
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-/*
- * This program illustrates various ways of hashing a buffer.
- * You normally need only one of these two includes.
- */
-#include "mbedtls/sha256.h" /* SHA-256 only */
-#include "mbedtls/md.h" /* generic interface */
-
-#if defined(TARGET_LIKE_MBED)
-#include "mbed-drivers/mbed.h"
-#endif
-#include <cstdio>
-
-static void print_hex(const char *title, const unsigned char buf[], size_t len)
-{
- printf("%s: ", title);
-
- for (size_t i = 0; i < len; i++)
- printf("%02x", buf[i]);
-
- printf("\r\n");
-}
-
-static const char hello_str[] = "Hello, world!";
-static const unsigned char *hello_buffer = (const unsigned char *) hello_str;
-static const size_t hello_len = sizeof hello_str - 1;
-
-int example(void)
-{
- printf( "\r\n\r\n" );
-
- /*
- * Method 1: use all-in-one function of a specific SHA-xxx module
- */
- unsigned char output1[32]; /* SHA-256 outputs 32 bytes */
-
- /* 0 here means use the full SHA-256, not the SHA-224 variant */
- mbedtls_sha256(hello_buffer, hello_len, output1, 0);
-
- print_hex("Method 1", output1, sizeof output1);
-
-
- /*
- * Method 2: use the streaming interface of a specific SHA-xxx module
- * This is useful if we get our input piecewise.
- */
- unsigned char output2[32];
- mbedtls_sha256_context ctx2;
-
- mbedtls_sha256_init(&ctx2);
- mbedtls_sha256_starts(&ctx2, 0); /* SHA-256, not 224 */
-
- /* Simulating multiple fragments */
- mbedtls_sha256_update(&ctx2, hello_buffer, 1);
- mbedtls_sha256_update(&ctx2, hello_buffer + 1, 1);
- mbedtls_sha256_update(&ctx2, hello_buffer + 2, hello_len - 2);
-
- mbedtls_sha256_finish(&ctx2, output2);
- print_hex("Method 2", output2, sizeof output2);
-
- /* Or you could re-use the context by doing mbedtls_sha256_starts() again */
- mbedtls_sha256_free(&ctx2);
-
- /*
- * Method 3: use all-in-one function of the generice interface
- */
- unsigned char output3[MBEDTLS_MD_MAX_SIZE]; /* Enough for any hash */
-
- /* Can easily pick any hash you want, by identifier */
- const mbedtls_md_info_t *md_info3 = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
-
- if (md_info3 == NULL)
- {
- printf("SHA256 not available\r\n");
- return 1;
- }
-
- int ret3 = mbedtls_md(md_info3, hello_buffer, hello_len, output3);
-
- if (ret3 != 0)
- {
- printf("md() returned -0x%04X\r\n", -ret3);
- return 1;
- }
-
- print_hex("Method 3", output3, mbedtls_md_get_size(md_info3));
-
-
- /*
- * Method 4: streaming & generic interface
- */
- unsigned char output4[MBEDTLS_MD_MAX_SIZE]; /* Enough for any hash */
-
- const mbedtls_md_info_t *md_info4 = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
-
- if (md_info4 == NULL)
- {
- printf("SHA256 not available\r\n");
- return 1;
- }
-
- mbedtls_md_context_t ctx4;
-
- mbedtls_md_init(&ctx4);
-
- int ret4 = mbedtls_md_init_ctx(&ctx4, md_info4);
- if (ret4 != 0)
- {
- printf("md_init_ctx() returned -0x%04X\r\n", -ret4);
- return 1;
- }
-
- mbedtls_md_starts(&ctx4);
-
- /* Simulating multiple fragments */
- mbedtls_md_update(&ctx4, hello_buffer, 1);
- mbedtls_md_update(&ctx4, hello_buffer + 1, 1);
- mbedtls_md_update(&ctx4, hello_buffer + 2, hello_len - 2);
-
- mbedtls_md_finish(&ctx4, output4);
- print_hex("Method 4", output4, mbedtls_md_get_size(md_info4));
-
- /* Or you could re-use the context by doing mbedtls_md_starts() again */
- mbedtls_md_free(&ctx4);
-
-
- printf("\r\nDONE\r\n");
-
- return 0;
-}
-
-#if defined(TARGET_LIKE_MBED)
-
-#include "mbed-drivers/test_env.h"
-#include "minar/minar.h"
-
-static void run() {
- MBED_HOSTTEST_TIMEOUT(10);
- MBED_HOSTTEST_SELECT(default);
- MBED_HOSTTEST_DESCRIPTION(mbed TLS example on hashing);
- MBED_HOSTTEST_START("MBEDTLS_EX_HASHING");
- MBED_HOSTTEST_RESULT(example() == 0);
-}
-
-void app_start(int, char*[]) {
- /* Use 115200 bps for consistency with other examples */
- get_stdio_serial().baud(115200);
- minar::Scheduler::postCallback(mbed::util::FunctionPointer0<void>(run).bind());
-}
-
-#else
-
-int main() {
- return example();
-}
-
-#endif
diff --git a/yotta/data/example-selftest/README.md b/yotta/data/example-selftest/README.md
deleted file mode 100644
index b8e9cd4..0000000
--- a/yotta/data/example-selftest/README.md
+++ /dev/null
@@ -1,82 +0,0 @@
-# mbed TLS Selftest Example
-
-This application runs the various selftest functions of individual mbed TLS components. It serves as a basic sanity check to verify operation of mbed TLS on your platform. In the future, a wider portion of the mbed TLS test suite will become part of this example application.
-
-## Pre-requisites
-
-To build and run this example you must have:
-
-* A computer with the following software installed:
- * [CMake](http://www.cmake.org/download/).
- * [yotta](https://github.com/ARMmbed/yotta). Please note that **yotta has its own set of dependencies**, listed in the [installation instructions](http://armmbed.github.io/yotta/#installing-on-windows).
- * [Python](https://www.python.org/downloads/).
- * [The ARM GCC toolchain](https://launchpad.net/gcc-arm-embedded).
- * A serial terminal emulator (Like screen, pySerial and cu).
-* An [FRDM-K64F](http://developer.mbed.org/platforms/FRDM-K64F/) development board, or another board supported by mbed OS (in which case you'll have to substitute frdm-k64f-gcc with the appropriate target in the instructions below).
-* A micro-USB cable.
-* If your OS is Windows, please follow the installation instructions [for the serial port driver](https://developer.mbed.org/handbook/Windows-serial-configuration).
-
-## Getting started
-
-1. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the "OpenSDA" connector on the target board.
-
-2. Navigate to the mbedtls directory supplied with your release and open a terminal.
-
-3. Set the yotta target:
-
- ```
- yotta target frdm-k64f-gcc
- ```
-
-4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
-
- ```
- $ yotta build
- ```
-
-5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-selftest.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
-
-6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
-
- Use the following settings:
-
- * 115200 baud (not 9600).
- * 8N1.
- * No flow control.
-
-7. Press the Reset button on the board.
-
-8. The output in the terminal window should look like:
-
- ```
- {{timeout;40}}
- {{host_test_name;default}}
- {{description;mbed TLS selftest program}}
- {{test_id;MBEDTLS_SELFTEST}}
- {{start}}
-
- SHA-224 test #1: passed
- SHA-224 test #2: passed
- SHA-224 test #3: passed
- SHA-256 test #1: passed
- SHA-256 test #2: passed
- SHA-256 test #3: passed
-
- [ ... several lines omitted ... ]
-
- CTR_DRBG (PR = TRUE) : passed
- CTR_DRBG (PR = FALSE): passed
-
- HMAC_DRBG (PR = True) : passed
- HMAC_DRBG (PR = False) : passed
-
- ECP test #1 (constant op_count, base point G): passed
- ECP test #2 (constant op_count, other point): passed
-
- ENTROPY test: passed
-
- [ All tests passed ]
-
- {{success}}
- {{end}}
- ```
diff --git a/yotta/data/example-selftest/main.cpp b/yotta/data/example-selftest/main.cpp
deleted file mode 100644
index 0ff5b04..0000000
--- a/yotta/data/example-selftest/main.cpp
+++ /dev/null
@@ -1,268 +0,0 @@
-/*
- * Self-test demonstration program
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-#if !defined(POLARSSL_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/hmac_drbg.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/ccm.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "mbedtls/arc4.h"
-#include "mbedtls/des.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/camellia.h"
-#include "mbedtls/base64.h"
-#include "mbedtls/bignum.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/xtea.h"
-#include "mbedtls/pkcs5.h"
-#include "mbedtls/ecp.h"
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-int selftest( int argc, char *argv[] )
-{
- int ret = 0, v;
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- unsigned char buf[1000000];
-#endif
-
- if( argc == 2 && strcmp( argv[1], "-quiet" ) == 0 )
- v = 0;
- else
- {
- v = 1;
- mbedtls_printf( "\n" );
- }
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- mbedtls_memory_buffer_alloc_init( buf, sizeof(buf) );
-#endif
-
-#if defined(MBEDTLS_MD2_C)
- if( ( ret = mbedtls_md2_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_MD4_C)
- if( ( ret = mbedtls_md4_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_MD5_C)
- if( ( ret = mbedtls_md5_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_RIPEMD160_C)
- if( ( ret = mbedtls_ripemd160_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_SHA1_C)
- if( ( ret = mbedtls_sha1_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
- if( ( ret = mbedtls_sha256_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
- if( ( ret = mbedtls_sha512_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
- if( ( ret = mbedtls_arc4_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_DES_C)
- if( ( ret = mbedtls_des_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_AES_C)
- if( ( ret = mbedtls_aes_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)
- if( ( ret = mbedtls_gcm_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)
- if( ( ret = mbedtls_ccm_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_BASE64_C)
- if( ( ret = mbedtls_base64_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_BIGNUM_C)
- if( ( ret = mbedtls_mpi_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_RSA_C)
- if( ( ret = mbedtls_rsa_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_X509_USE_C)
- if( ( ret = mbedtls_x509_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_XTEA_C)
- if( ( ret = mbedtls_xtea_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_CAMELLIA_C)
- if( ( ret = mbedtls_camellia_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_CTR_DRBG_C)
- if( ( ret = mbedtls_ctr_drbg_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
- if( ( ret = mbedtls_hmac_drbg_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_ECP_C)
- if( ( ret = mbedtls_ecp_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_DHM_C)
- if( ( ret = mbedtls_dhm_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_ENTROPY_C)
- if( ( ret = mbedtls_entropy_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_PKCS5_C)
- if( ( ret = mbedtls_pkcs5_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#if defined(MBEDTLS_TIMING_C)
- if( ( ret = mbedtls_timing_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
-#else
- mbedtls_printf( " POLARSSL_SELF_TEST not defined.\n" );
-#endif
-
- if( v != 0 )
- {
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
- mbedtls_memory_buffer_alloc_status();
-#endif
- }
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- mbedtls_memory_buffer_alloc_free();
-
- if( ( ret = mbedtls_memory_buffer_alloc_self_test( v ) ) != 0 )
- return( ret );
-#endif
-
- if( v != 0 )
- {
- mbedtls_printf( " [ All tests passed ]\n\n" );
-#if defined(_WIN32)
- mbedtls_printf( " Press Enter to exit this program.\n" );
- fflush( stdout ); getchar();
-#endif
- }
-
- return( ret );
-}
-
-#if defined(TARGET_LIKE_MBED)
-
-#include "mbed-drivers/test_env.h"
-#include "minar/minar.h"
-
-static void run() {
- MBED_HOSTTEST_TIMEOUT(40);
- MBED_HOSTTEST_SELECT(default);
- MBED_HOSTTEST_DESCRIPTION(mbed TLS selftest program);
- MBED_HOSTTEST_START("MBEDTLS_SELFTEST");
- MBED_HOSTTEST_RESULT(selftest(0, NULL) == 0);
-}
-
-void app_start(int, char*[]) {
- /* Use 115200 bps for consistency with other examples */
- get_stdio_serial().baud(115200);
- minar::Scheduler::postCallback(mbed::util::FunctionPointer0<void>(run).bind());
-}
-
-#else
-
-int main() {
- return selftest(0, NULL);
-}
-
-#endif
diff --git a/yotta/data/module.json b/yotta/data/module.json
deleted file mode 100644
index 0b8b822..0000000
--- a/yotta/data/module.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
- "name": "mbedtls",
- "version": "2.3.1",
- "description": "The mbed TLS crypto/SSL/TLS library",
- "licenses": [
- {
- "url": "https://spdx.org/licenses/Apache-2.0",
- "type": "Apache-2.0"
- }
- ],
- "dependencies": {},
- "targetDependencies": {
- "mbed": { "cmsis-core": "^1.0.0" }
- },
- "testTargetDependencies": {
- "mbed": { "mbed-drivers": "^1.0.0" }
- }
-}
diff --git a/yotta/data/target_config.h b/yotta/data/target_config.h
deleted file mode 100644
index f350ce3..0000000
--- a/yotta/data/target_config.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Temporary target-specific config.h for entropy collection
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-#if defined(TARGET_LIKE_MBED)
-#define MBEDTLS_NO_PLATFORM_ENTROPY
-#undef MBEDTLS_HAVE_TIME_DATE
-#undef MBEDTLS_FS_IO
-#endif
-
-/*
- * WARNING: this is temporary!
- * This should be in a separate yotta module which would be a target
- * dependency of mbedtls (see IOTSSL-313)
- */
-#if defined(TARGET_LIKE_K64F)
-#define MBEDTLS_ENTROPY_HARDWARE_ALT
-#endif