Merge pull request #8554 from yanrayw/issue/8221/fix-tls-suiteB-profile
TLS: remove RSA signature algorithms in `suite B` profile
diff --git a/.gitignore b/.gitignore
index 185bd7a..4f29d5b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -63,5 +63,7 @@
/cscope*.out
/tags
-# Clangd compilation database
+# clangd compilation database
compile_commands.json
+# clangd index files
+/.cache/clangd/index/
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 36baa3b..ad05646 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -117,7 +117,7 @@
# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR)
set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
- CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull"
+ CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan TSanDbg"
FORCE)
endif()
@@ -212,6 +212,8 @@
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
+ set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3")
+ set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
set(CMAKE_C_FLAGS_CHECK "-Os")
set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
endif(CMAKE_COMPILER_IS_GNU)
@@ -225,6 +227,8 @@
set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
set(CMAKE_C_FLAGS_MEMSAN "-fsanitize=memory -O3")
set(CMAKE_C_FLAGS_MEMSANDBG "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2")
+ set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3")
+ set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
set(CMAKE_C_FLAGS_CHECK "-Os")
endif(CMAKE_COMPILER_IS_CLANG)
diff --git a/ChangeLog.d/add-block-cipher-no-decrypt.txt b/ChangeLog.d/add-block-cipher-no-decrypt.txt
new file mode 100644
index 0000000..d05bf86
--- /dev/null
+++ b/ChangeLog.d/add-block-cipher-no-decrypt.txt
@@ -0,0 +1,6 @@
+Features
+ * Enable the new option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT to omit
+ the decryption direction of block ciphers (AES, ARIA, Camellia).
+ This affects both the low-level modules and the high-level APIs
+ (the cipher and PSA interfaces). This option is incompatible with modes
+ that use the decryption direction (ECB in PSA, CBC, XTS, KW) and with DES.
diff --git a/ChangeLog.d/add-record-size-limit-extension-support.txt b/ChangeLog.d/add-record-size-limit-extension-support.txt
new file mode 100644
index 0000000..3562b85
--- /dev/null
+++ b/ChangeLog.d/add-record-size-limit-extension-support.txt
@@ -0,0 +1,5 @@
+Features
+ * Add support for record size limit extension as defined by RFC 8449
+ and configured with MBEDTLS_SSL_RECORD_SIZE_LIMIT.
+ Application data sent and received will be fragmented according to
+ Record size limits negotiated during handshake.
diff --git a/ChangeLog.d/armv8-aesce.txt b/ChangeLog.d/armv8-aesce.txt
new file mode 100644
index 0000000..ec5889c
--- /dev/null
+++ b/ChangeLog.d/armv8-aesce.txt
@@ -0,0 +1,3 @@
+Features
+ * Support use of Armv8-A Cryptographic Extensions for hardware acclerated
+ AES when compiling for Thumb (T32) or 32-bit Arm (A32).
diff --git a/ChangeLog.d/driver-only-cipher.txt b/ChangeLog.d/driver-only-cipher.txt
new file mode 100644
index 0000000..331b2f9
--- /dev/null
+++ b/ChangeLog.d/driver-only-cipher.txt
@@ -0,0 +1,11 @@
+Features
+ * If a cipher or AEAD mechanism has a PSA driver, you can now build the
+ library without the corresponding built-in implementation. Generally
+ speaking that requires both the key type and algorithm to be accelerated
+ or they'll both be built in. However, for CCM and GCM the built-in
+ implementation is able to take advantage of a driver that only
+ accelerates the key type (that is, the block cipher primitive). See
+ docs/driver-only-builds.md for full details and current limitations.
+ * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is
+ disabled. This requires PSA_WANT_ALG_ECB_NO_PADDING in addition to
+ MBEDTLS_PSA_CRYPTO_C and PSA_WANT_KEY_TYPE_AES.
diff --git a/ChangeLog.d/fix-tls13-server-min-version-check.txt b/ChangeLog.d/fix-tls13-server-min-version-check.txt
new file mode 100644
index 0000000..258ec6d
--- /dev/null
+++ b/ChangeLog.d/fix-tls13-server-min-version-check.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix TLS server accepting TLS 1.2 handshake while TLS 1.2
+ is disabled at runtime. Fixes #8593.
diff --git a/ChangeLog.d/move-mbedtls-ecc-psa-helpers.txt b/ChangeLog.d/move-mbedtls-ecc-psa-helpers.txt
new file mode 100644
index 0000000..85d970c
--- /dev/null
+++ b/ChangeLog.d/move-mbedtls-ecc-psa-helpers.txt
@@ -0,0 +1,3 @@
+Changes
+ * Moved declaration of functions mbedtls_ecc_group_to_psa and
+ mbedtls_ecc_group_of_psa from psa/crypto_extra.h to mbedtls/psa_util.h
diff --git a/ChangeLog.d/no-cipher.txt b/ChangeLog.d/no-cipher.txt
new file mode 100644
index 0000000..87f2f6d
--- /dev/null
+++ b/ChangeLog.d/no-cipher.txt
@@ -0,0 +1,9 @@
+Features
+ * Fewer modules depend on MBEDTLS_CIPHER_C, making it possible to save code
+ size by disabling it in more circumstances. In particular, the CCM and
+ GCM modules no longer depend on MBEDTLS_CIPHER_C. Also,
+ MBEDTLS_PSA_CRYPTO can now be enabled without MBEDTLS_CIPHER_C if all
+ unauthenticated (non-AEAD) ciphers are disabled, or if they're all
+ fully provided by drivers. See docs/driver-only-builds.md for full
+ details and current limitations; in particular, NIST_KW and PKCS5/PKCS12
+ decryption still unconditionally depend on MBEDTLS_CIPHER_C.
diff --git a/ChangeLog.d/non-psa-pk-implementation.txt b/ChangeLog.d/non-psa-pk-implementation.txt
new file mode 100644
index 0000000..535bbf5
--- /dev/null
+++ b/ChangeLog.d/non-psa-pk-implementation.txt
@@ -0,0 +1,3 @@
+Changes
+ * mbedtls_pk_sign_ext() is now always available, not just when
+ PSA (MBEDTLS_PSA_CRYPTO_C) is enabled.
diff --git a/configs/config-tfm.h b/configs/config-tfm.h
index 191e4c4..14896d4 100644
--- a/configs/config-tfm.h
+++ b/configs/config-tfm.h
@@ -21,20 +21,48 @@
/* MBEDTLS_PSA_CRYPTO_SPM needs third-party files, so disable it. */
#undef MBEDTLS_PSA_CRYPTO_SPM
-/* TF-M provides its own dummy implementations to save code size.
- * We don't have any way to disable the tests that need these feature,
- * so we just keep AES decryption enabled. We will resolve this through
- * an official way to disable AES decryption, then this deviation
- * will no longer be needed:
- * https://github.com/Mbed-TLS/mbedtls/issues/7368
- */
-#undef MBEDTLS_AES_SETKEY_DEC_ALT
-#undef MBEDTLS_AES_DECRYPT_ALT
-
-/* Use built-in platform entropy functions (TF-M provides its own). */
-#undef MBEDTLS_NO_PLATFORM_ENTROPY
-
/* Disable buffer-based memory allocator. This isn't strictly required,
* but using the native allocator is faster and works better with
* memory management analysis frameworks such as ASan. */
#undef MBEDTLS_MEMORY_BUFFER_ALLOC_C
+
+// This macro is enabled in TFM Medium but is disabled here because it is
+// incompatible with baremetal builds in Mbed TLS.
+#undef MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+// This macro is enabled in TFM Medium but is disabled here because it is
+// incompatible with baremetal builds in Mbed TLS.
+#undef MBEDTLS_ENTROPY_NV_SEED
+
+// These platform-related TF-M settings are not useful here.
+#undef MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+#undef MBEDTLS_PLATFORM_STD_MEM_HDR
+#undef MBEDTLS_PLATFORM_SNPRINTF_MACRO
+#undef MBEDTLS_PLATFORM_PRINTF_ALT
+#undef MBEDTLS_PLATFORM_STD_EXIT_SUCCESS
+#undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE
+
+/*
+ * In order to get an example config that works cleanly out-of-the-box
+ * for both baremetal and non-baremetal builds, we detect baremetal builds
+ * (either IAR, Arm compiler or __ARM_EABI__ defined), and adjust some
+ * variables accordingly.
+ */
+#if defined(__IAR_SYSTEMS_ICC__) || defined(__ARMCC_VERSION) || defined(__ARM_EABI__)
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+#else
+/* Use built-in platform entropy functions (TF-M provides its own). */
+#undef MBEDTLS_NO_PLATFORM_ENTROPY
+#endif
+
+/***********************************************************************
+ * Local changes to crypto config below this delimiter
+ **********************************************************************/
+
+// We expect TF-M to pick this up soon
+#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
+
+/* CCM is the only cipher/AEAD enabled in TF-M configuration files, but it
+ * does not need CIPHER_C to be enabled, so we can disable it in order
+ * to reduce code size further. */
+#undef MBEDTLS_CIPHER_C
diff --git a/configs/ext/README.md b/configs/ext/README.md
new file mode 100644
index 0000000..1358bd4
--- /dev/null
+++ b/configs/ext/README.md
@@ -0,0 +1,25 @@
+Summary
+-------
+
+The two files:
+
+* crypto_config_profile_medium.h
+* tfm_mbedcrypto_config_profile_medium.h
+
+are copyright The Mbed TLS Contributors, and are distributed under the license normally
+used by Mbed TLS: a dual Apache 2.0 or GPLv2-or-later license.
+
+Background
+----------
+
+The two files crypto_config_profile_medium.h and tfm_mbedcrypto_config_profile_medium.h
+are taken verbatim from the TF-M source code here:
+
+https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/lib/ext/mbedcrypto/mbedcrypto_config
+
+In TF-M, they are distributed under a 3-Clause BSD license, as noted at the top of the files.
+
+In Mbed TLS, with permission from the TF-M project, they are distributed under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license, with copyright assigned to The Mbed TLS Contributors.
+
+We only retain the note at the top of the files because we are taking the files verbatim, for ease of
+maintenance.
diff --git a/configs/ext/config_tfm.h b/configs/ext/config_tfm.h
new file mode 100644
index 0000000..60d855e
--- /dev/null
+++ b/configs/ext/config_tfm.h
@@ -0,0 +1,13 @@
+/*
+ * Empty placeholder
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * This file is intentionally empty.
+ *
+ * Having an empty file here allows us to build the TF-M config, which references this file,
+ * without making any changes to the TF-M config.
+ */
diff --git a/configs/ext/crypto_config_profile_medium.h b/configs/ext/crypto_config_profile_medium.h
index 682835a..af8869f 100644
--- a/configs/ext/crypto_config_profile_medium.h
+++ b/configs/ext/crypto_config_profile_medium.h
@@ -1,13 +1,14 @@
+/*
+ * Copyright (c) 2018-2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
/**
* \file psa/crypto_config.h
* \brief PSA crypto configuration options (set of defines)
*
*/
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
/**
* When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h,
@@ -50,7 +51,7 @@
//#define PSA_WANT_ALG_CFB 1
//#define PSA_WANT_ALG_CHACHA20_POLY1305 1
//#define PSA_WANT_ALG_CTR 1
-#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
+//#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
//#define PSA_WANT_ALG_ECB_NO_PADDING 1
#define PSA_WANT_ALG_ECDH 1
#define PSA_WANT_ALG_ECDSA 1
@@ -105,33 +106,27 @@
//#define PSA_WANT_KEY_TYPE_CAMELLIA 1
//#define PSA_WANT_KEY_TYPE_CHACHA20 1
//#define PSA_WANT_KEY_TYPE_DES 1
-#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
+//#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 /* Deprecated */
+#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
+#define PSA_WANT_KEY_TYPE_RAW_DATA 1
+//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 /* Deprecated */
+//#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
+
+/*
+ * The following symbols extend and deprecate the legacy
+ * PSA_WANT_KEY_TYPE_xxx_KEY_PAIR ones. They include the usage of that key in
+ * the name's suffix. "_USE" is the most generic and it can be used to describe
+ * a generic suport, whereas other ones add more features on top of that and
+ * they are more specific.
+ */
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
-#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
-#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
-#define PSA_WANT_KEY_TYPE_RAW_DATA 1
-//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
-//#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
+//#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
-/***********************************************************************
- * Local edits below this delimiter
- **********************************************************************/
-
-/* Between Mbed TLS 3.4 and 3.5, the PSA_WANT_KEY_TYPE_RSA_KEY_PAIR macro
- * (commented-out above) has been replaced with the following new macros: */
-//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
-//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
-//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
-//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
-//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE 1 /* Not supported */
-
-/* Between Mbed TLS 3.4 and 3.5, the following macros have been added: */
-//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
-//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
-//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
-//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
-//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE 1 // Not supported
+#ifdef CRYPTO_HW_ACCELERATOR
+#include "crypto_accelerator_config.h"
+#endif
#endif /* PROFILE_M_PSA_CRYPTO_CONFIG_H */
diff --git a/configs/ext/mbedtls_entropy_nv_seed_config.h b/configs/ext/mbedtls_entropy_nv_seed_config.h
new file mode 100644
index 0000000..60d855e
--- /dev/null
+++ b/configs/ext/mbedtls_entropy_nv_seed_config.h
@@ -0,0 +1,13 @@
+/*
+ * Empty placeholder
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * This file is intentionally empty.
+ *
+ * Having an empty file here allows us to build the TF-M config, which references this file,
+ * without making any changes to the TF-M config.
+ */
diff --git a/configs/ext/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h
index 34a3bd4..ecdecea 100644
--- a/configs/ext/tfm_mbedcrypto_config_profile_medium.h
+++ b/configs/ext/tfm_mbedcrypto_config_profile_medium.h
@@ -8,13 +8,29 @@
* memory footprint.
*/
/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ * Copyright (C) 2006-2023, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
*/
#ifndef PROFILE_M_MBEDTLS_CONFIG_H
#define PROFILE_M_MBEDTLS_CONFIG_H
+#include "config_tfm.h"
+
#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
#define _CRT_SECURE_NO_DEPRECATE 1
#endif
@@ -81,44 +97,6 @@
*/
/**
- * \def MBEDTLS_MD2_PROCESS_ALT
- *
- * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
- * alternate core implementation of symmetric crypto or hash function. Keep in
- * mind that function prototypes should remain the same.
- *
- * This replaces only one function. The header file from mbed TLS is still
- * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
- *
- * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
- * no longer provide the mbedtls_sha1_process() function, but it will still provide
- * the other function (using your mbedtls_sha1_process() function) and the definition
- * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
- * with this definition.
- *
- * \note Because of a signature change, the core AES encryption and decryption routines are
- * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
- * respectively. When setting up alternative implementations, these functions should
- * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
- * must stay untouched.
- *
- * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
- * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
- * tables.
- *
- * Uncomment a macro to enable alternate implementation of the corresponding
- * function.
- *
- * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
- * constitutes a security risk. If possible, we recommend avoiding
- * dependencies on them, and considering stronger message digests
- * and ciphers instead.
- *
- */
-#define MBEDTLS_AES_SETKEY_DEC_ALT
-#define MBEDTLS_AES_DECRYPT_ALT
-
-/**
* \def MBEDTLS_AES_ROM_TABLES
*
* Use precomputed AES tables stored in ROM.
@@ -172,21 +150,6 @@
#define MBEDTLS_ECP_NIST_OPTIM
/**
- * \def MBEDTLS_ERROR_STRERROR_DUMMY
- *
- * Enable a dummy error function to make use of mbedtls_strerror() in
- * third party libraries easier when MBEDTLS_ERROR_C is disabled
- * (no effect when MBEDTLS_ERROR_C is enabled).
- *
- * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
- * not using mbedtls_strerror() or error_strerror() in your application.
- *
- * Disable if you run into name conflicts and want to really remove the
- * mbedtls_strerror()
- */
-#define MBEDTLS_ERROR_STRERROR_DUMMY
-
-/**
* \def MBEDTLS_NO_PLATFORM_ENTROPY
*
* Do not use built-in platform entropy functions.
@@ -223,26 +186,7 @@
* \note The entropy collector will write to the seed file before entropy is
* given to an external source, to update it.
*/
-// This macro is enabled in TFM Medium but is disabled here because it is
-// incompatible with baremetal builds in Mbed TLS.
-//#define MBEDTLS_ENTROPY_NV_SEED
-
-/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- *
- * Enable key identifiers that encode a key owner identifier.
- *
- * This is only meaningful when building the library as part of a
- * multi-client service. When you activate this option, you must provide an
- * implementation of the type mbedtls_key_owner_id_t and a translation from
- * mbedtls_svc_key_id_t to file name in all the storage backends that you
- * you wish to support.
- *
- * Note that while this define has been removed from TF-M's copy of this config
- * file, TF-M still passes this option to Mbed TLS during the build via CMake.
- * Therefore we keep it in our copy. See discussion on PR #7426 for more info.
- *
- */
-#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+#define MBEDTLS_ENTROPY_NV_SEED
/**
* \def MBEDTLS_PSA_CRYPTO_SPM
@@ -326,6 +270,23 @@
#define MBEDTLS_AES_C
/**
+ * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+ *
+ * Use only 128-bit keys in AES operations to save ROM.
+ *
+ * Uncomment this macro to remove support for AES operations that use 192-
+ * or 256-bit keys.
+ *
+ * Uncommenting this macro reduces the size of AES code by ~300 bytes
+ * on v8-M/Thumb2.
+ *
+ * Module: library/aes.c
+ *
+ * Requires: MBEDTLS_AES_C
+ */
+#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+
+/**
* \def MBEDTLS_CIPHER_C
*
* Enable the generic cipher layer.
@@ -367,18 +328,6 @@
#define MBEDTLS_ENTROPY_C
/**
- * \def MBEDTLS_ERROR_C
- *
- * Enable error code to error string conversion.
- *
- * Module: library/error.c
- * Caller:
- *
- * This module enables mbedtls_strerror().
- */
-#define MBEDTLS_ERROR_C
-
-/**
* \def MBEDTLS_HKDF_C
*
* Enable the HKDF algorithm (RFC 5869).
@@ -391,40 +340,7 @@
* This module adds support for the Hashed Message Authentication Code
* (HMAC)-based key derivation function (HKDF).
*/
-#define MBEDTLS_HKDF_C /* Used for HUK deriviation */
-
-/**
- * \def MBEDTLS_MD_C
- *
- * Enable the generic layer for message digest (hashing) and HMAC.
- *
- * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C,
- * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C,
- * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least
- * one hash.
- * Module: library/md.c
- * Caller: library/constant_time.c
- * library/ecdsa.c
- * library/ecjpake.c
- * library/hkdf.c
- * library/hmac_drbg.c
- * library/pk.c
- * library/pkcs5.c
- * library/pkcs12.c
- * library/psa_crypto_ecp.c
- * library/psa_crypto_rsa.c
- * library/rsa.c
- * library/ssl_cookie.c
- * library/ssl_msg.c
- * library/ssl_tls.c
- * library/x509.c
- * library/x509_crt.c
- * library/x509write_crt.c
- * library/x509write_csr.c
- *
- * Uncomment to enable generic message digest wrappers.
- */
-#define MBEDTLS_MD_C
+//#define MBEDTLS_HKDF_C /* Used for HUK deriviation */
/**
* \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
@@ -462,6 +378,15 @@
*/
#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h>
+
+#include <stdio.h>
+
+#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf
+#define MBEDTLS_PLATFORM_PRINTF_ALT
+#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE EXIT_FAILURE
/**
* \def MBEDTLS_PSA_CRYPTO_C
@@ -486,9 +411,7 @@
* either MBEDTLS_PSA_ITS_FILE_C or a native implementation of
* the PSA ITS interface
*/
-// This macro is enabled in TFM Medium but is disabled here because it is
-// incompatible with baremetal builds in Mbed TLS.
-//#define MBEDTLS_PSA_CRYPTO_STORAGE_C
+#define MBEDTLS_PSA_CRYPTO_STORAGE_C
/* \} name SECTION: mbed TLS modules */
@@ -592,6 +515,47 @@
/* ECP options */
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 /**< Disable fixed-point speed-up */
+/**
+ * Uncomment to enable p256-m. This is an alternative implementation of
+ * key generation, ECDH and (randomized) ECDSA on the curve SECP256R1.
+ * Compared to the default implementation:
+ *
+ * - p256-m has a much smaller code size and RAM footprint.
+ * - p256-m is only available via the PSA API. This includes the pk module
+ * when #MBEDTLS_USE_PSA_CRYPTO is enabled.
+ * - p256-m does not support deterministic ECDSA, EC-JPAKE, custom protocols
+ * over the core arithmetic, or deterministic derivation of keys.
+ *
+ * We recommend enabling this option if your application uses the PSA API
+ * and the only elliptic curve support it needs is ECDH and ECDSA over
+ * SECP256R1.
+ *
+ * If you enable this option, you do not need to enable any ECC-related
+ * MBEDTLS_xxx option. You do need to separately request support for the
+ * cryptographic mechanisms through the PSA API:
+ * - #MBEDTLS_PSA_CRYPTO_C and #MBEDTLS_PSA_CRYPTO_CONFIG for PSA-based
+ * configuration;
+ * - #MBEDTLS_USE_PSA_CRYPTO if you want to use p256-m from PK, X.509 or TLS;
+ * - #PSA_WANT_ECC_SECP_R1_256;
+ * - #PSA_WANT_ALG_ECDH and/or #PSA_WANT_ALG_ECDSA as needed;
+ * - #PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY, #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC,
+ * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT,
+ * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT and/or
+ * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE as needed.
+ *
+ * \note To benefit from the smaller code size of p256-m, make sure that you
+ * do not enable any ECC-related option not supported by p256-m: this
+ * would cause the built-in ECC implementation to be built as well, in
+ * order to provide the required option.
+ * Make sure #PSA_WANT_ALG_DETERMINISTIC_ECDSA, #PSA_WANT_ALG_JPAKE and
+ * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE, and curves other than
+ * SECP256R1 are disabled as they are not supported by this driver.
+ * Also, avoid defining #MBEDTLS_PK_PARSE_EC_COMPRESSED or
+ * #MBEDTLS_PK_PARSE_EC_EXTENDED as those currently require a subset of
+ * the built-in ECC implementation, see docs/driver-only-builds.md.
+ */
+#define MBEDTLS_PSA_P256M_DRIVER_ENABLED
+
/* \} name SECTION: Customisation configuration options */
#if CRYPTO_NV_SEED
diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md
index 355f561..eda65a3 100644
--- a/docs/architecture/psa-migration/md-cipher-dispatch.md
+++ b/docs/architecture/psa-migration/md-cipher-dispatch.md
@@ -99,8 +99,8 @@
* Software implementations of primitive cryptographic mechanisms. These are not expected to change.
* Software implementations of constructed cryptographic mechanisms (e.g. HMAC, CTR_DRBG, RSA (calling a hash for PSS/OAEP, and needing to know the hash length in PKCS1v1.5 sign/verify), …). These need to keep working whenever a legacy implementation of the auxiliary mechanism is available, regardless of whether a PSA implementation is also available.
* Code implementing the PSA crypto interface. This is not expected to change, except perhaps to expose some internal functionality to overhauled glue code.
-* Code that's subject to `MBEDTLS_USE_PSA_CRYPTO`: `pk.h`, X.509, TLS (excluding TLS 1.3).
-* Code that always uses PSA for crypto: TLS 1.3, LMS.
+* Code that's subject to `MBEDTLS_USE_PSA_CRYPTO`: `pk.h`, X.509, TLS (excluding parts specific TLS 1.3).
+* Code that always uses PSA for crypto: TLS 1.3 (except things common with 1.2), LMS.
For the purposes of this work, three domains emerge:
@@ -110,23 +110,79 @@
#### Non-use-PSA modules
-The following modules in Mbed TLS call another module to perform cryptographic operations which, in the long term, will be provided through a PSA interface, but cannot make any PSA-related assumption:
+The following modules in Mbed TLS call another module to perform cryptographic operations which, in the long term, will be provided through a PSA interface, but cannot make any PSA-related assumption.
-* CCM (block cipher in ECB mode; interdependent with cipher)
-* cipher (cipher and AEAD algorithms)
-* CMAC (AES-ECB and DES-ECB, but could be extended to the other block ciphers; interdependent with cipher)
-* CTR\_DRBG (AES-ECB, but could be extended to the other block ciphers)
-* entropy (hashes via low-level)
+Hashes and HMAC (after the work on driver-only hashes):
+
+* entropy (hashes via MD-light)
* ECDSA (HMAC\_DRBG; `md.h` exposed through API)
-* ECJPAKE (hashes via md; `md.h` exposed through API)
-* GCM (block cipher in ECB mode; interdependent with cipher)
-* md (hashes and HMAC)
-* NIST\_KW (AES-ECB; interdependent with cipher)
+* ECJPAKE (hashes via MD-light; `md.h` exposed through API)
+* MD (hashes and HMAC)
+* HKDF (HMAC via `md.h`; `md.h` exposed through API)
* HMAC\_DRBG (hashes and HMAC via `md.h`; `md.h` exposed through API)
-* PEM (AES and DES in CBC mode without padding; MD5 hash via low-level)
-* PKCS12 (cipher, generically, selected from ASN.1 or function parameters; hashes via md; `cipher.h` exposed through API)
-* PKCS5 (cipher, generically, selected from ASN.1; HMAC via `md.h`; `md.h` exposed through API)
-* RSA (hash via md for PSS and OAEP; `md.h` exposed through API)
+* PKCS12 (hashes via MD-light)
+* PKCS5 (HMAC via `md.h`; `md.h` exposed through API)
+* PKCS7 (hashes via MD)
+* RSA (hash via MD-light for PSS and OAEP; `md.h` exposed through API)
+* PEM (MD5 hash via MD-light)
+
+Symmetric ciphers and AEADs (before work on driver-only cipher):
+
+* PEM:
+ * AES, DES or 3DES in CBC mode without padding, decrypt only (!).
+ * Currently using low-level non-generic APIs.
+ * No hard dependency, features guarded by `AES_C` resp. `DES_C`.
+ * Functions called: `setkey_dec()` + `crypt_cbc()`.
+* PKCS12:
+ * In practice: 2DES or 3DES in CBC mode with PKCS7 padding, decrypt only
+ (when called from pkparse).
+ * In principle: any cipher-mode (default padding), passed an
+ `mbedtls_cipher_type_t` as an argument, no documented restriction.
+ * Cipher, generically, selected from ASN.1 or function parameters;
+ no documented restriction but in practice TODO (inc. padding and
+ en/decrypt, look at standards and tests)
+ * Unconditional dependency on `CIPHER_C` in `check_config.h`.
+ * Note: `cipher.h` exposed through API.
+ * Functions called: `setup`, `setkey`, `set_iv`, `reset`, `update`, `finish` (in sequence, once).
+* PKCS5 (PBES2, `mbedtls_pkcs5_pbes2()`):
+ * 3DES or DES in CBC mode with PKCS7 padding, both encrypt and decrypt.
+ * Note: could also be AES in the future, see #7038.
+ * Unconditional dependency on `CIPHER_C` in `check_config.h`.
+ * Functions called: `setup`, `setkey`, `crypt`.
+* CTR\_DRBG:
+ * AES in ECB mode, encrypt only.
+ * Currently using low-level non-generic API (`aes.h`).
+ * Unconditional dependency on `AES_C` in `check_config.h`.
+ * Functions called: `setkey_enc`, `crypt_ecb`.
+* CCM:
+ * AES, Camellia or Aria in ECB mode, encrypt only.
+ * Unconditional dependency on `AES_C || CAMELLIA_C || ARIA_C` in `check_config.h`.
+ * Unconditional dependency on `CIPHER_C` in `check_config.h`.
+ * Note: also called by `cipher.c` if enabled.
+ * Functions called: `info`, `setup`, `setkey`, `update` (several times) - (never finish)
+* CMAC:
+ * AES or DES in ECB mode, encrypt only.
+ * Unconditional dependency on `AES_C || DES_C` in `check_config.h`.
+ * Unconditional dependency on `CIPHER_C` in `check_config.h`.
+ * Note: also called by `cipher.c` if enabled.
+ * Functions called: `info`, `setup`, `setkey`, `update` (several times) - (never finish)
+* GCM:
+ * AES, Camellia or Aria in ECB mode, encrypt only.
+ * Unconditional dependency on `AES_C || CAMELLIA_C || ARIA_C` in `check_config.h`.
+ * Unconditional dependency on `CIPHER_C` in `check_config.h`.
+ * Note: also called by `cipher.c` if enabled.
+ * Functions called: `info`, `setup`, `setkey`, `update` (several times) - (never finish)
+* NIST\_KW:
+ * AES in ECB mode, both encryt and decrypt.
+ * Unconditional dependency on `AES_C || DES_C` in `check_config.h`.
+ * Unconditional dependency on `CIPHER_C` in `check_config.h`.
+ * Note: also called by `cipher.c` if enabled.
+ * Note: `cipher.h` exposed through API.
+ * Functions called: `info`, `setup`, `setkey`, `update` (several times) - (never finish)
+* Cipher:
+ * potentially any cipher/AEAD in any mode and any direction
+
+Note: PSA cipher is built on Cipher, but PSA AEAD directly calls the underlying AEAD modules (GCM, CCM, ChachaPoly).
### Difficulties
@@ -263,12 +319,72 @@
* We can make names and HMAC optional. The mixed-domain hash interface won't be the full `MBEDTLS_MD_C` but a subset.
* We can optimize `md.c` without making API changes to `md.h`.
+### Scope reductions and priorities for 3.x
+
+This section documents things that we chose to temporarily exclude from the scope in the 3.x branch (which will eventually be in scope again after 4.0) as well as things we chose to prioritize if we don't have time to support everything.
+
+#### Don't support PK, X.509 and TLS without `MBEDTLS_USE_PSA_CRYPTO`
+
+We do not need to support driver-only hashes and ciphers in PK. X.509 and TLS without `MBEDTLS_USE_PSA_CRYPTO`. Users who want to take full advantage of drivers will need to enabled this macro.
+
+Note that this applies to TLS 1.3 as well, as some uses of hashes and all uses of ciphers there are common with TLS 1.2, hence governed by `MBEDTLS_USE_PSA_CRYPTO`, see [this macro's extended documentation](../../docs/use-psa-crypto.html).
+
+This will go away naturally in 4.0 when this macros is not longer an option (because it's always on).
+
+#### Don't support for `MBEDTLS_PSA_CRYPTO_CLIENT` without `MBEDTLS_PSA_CRYPTO_C`
+
+We generally don't really support builds with `MBEDTLS_PSA_CRYPTO_CLIENT` without `MBEDTLS_PSA_CRYPTO_C`. For example, both `MBEDTLS_USE_PSA_CRYPTO` and `MBEDTLS_SSL_PROTO_TLS1_3` require `MBEDTLS_PSA_CRYPTO_C`, while in principle they should only require `MBEDTLS_PSA_CRYPTO_CLIENT`.
+
+Considering this existing restriction which we do not plan to lift before 4.0, it is acceptable driver-only hashes and cipher support to have the same restriction in 3.x.
+
+It is however desirable for the design to keep support for `MBEDTLS_PSA_CRYPTO_CLIENT` in mind, in order to avoid making it more difficult to add in the future.
+
+#### For cipher: prioritize constrained devices and modern TLS
+
+The primary target is a configuration like TF-M's medium profile, plus TLS with only AEAD ciphersuites.
+
+This excludes things like:
+- Support for encrypted PEM, PKCS5 and PKCS12 encryption, and PKCS8 encrypted keys in PK parse. (Not widely used on highly constrained devices.)
+- Support for NIST-KW. (Same justification.)
+- Support for CMAC. (Same justification, plus can be directly accelerated.)
+- Support for CBC ciphersuites in TLS. (They've been recommended against for a while now.)
+
+### Dual-dispatch for block cipher primitives
+
+Considering the priorities stated above, initially we want to support GCM, CCM and CTR-DRBG. All three of them use the block cipher primitive only in the encrypt direction. Currently, GCM and CCM use the Cipher layer in order to work with AES, Aria and Camellia (DES is excluded by the standards due to its smaller block size) and CTR-DRBG directly uses the low-level API from `aes.h`. In all cases, access to the "block cipher primitive" is done by using "ECB mode" (which for both Cipher and `aes.h` only allows a single block, contrary to PSA which implements actual ECB mode).
+
+The two AEAD modes, GCM and CCM, have very similar needs and positions in the stack, strongly suggesting using the same design for both. On the other hand, there are a number of differences between CTR-DRBG and them.
+- CTR-DRBG only uses AES (and there is no plan to extend it to other block ciphers at the moment), while GCM and CCM need to work with 3 block ciphers already.
+- CTR-DRBG holds a special position in the stack: most users don't care about it per se, they only care about getting random numbers - in fact PSA users don't even need to know what DRBG is used. In particular, no part of the stack is asking questions like "is CTR-DRBG-AES available?" - an RNG needs to be available and that's it - contrary to similar questions about AES-GCM etc. which are asked for example by TLS.
+
+So, it makes sense to use different designs for CTR-DRBG on one hand, and GCM/CCM on the other hand:
+- CTR-DRBG can just check if `AES_C` is present and "fall back" to PSA if not.
+- GCM and CCM need an common abstraction layer that allows:
+ - Using AES, Aria or Camellia in a uniform way.
+ - Dispatching to built-in or driver.
+
+The abstraction layer used by GCM and CCM may either be a new internal module, or a subset of the existing Cipher API, extended with the ability to dispatch to a PSA driver.
+
+Reasons for making this layer's API a subset of the existing Cipher API:
+- No need to design, implement and test a new module. (Will need to test the new subset though, as well as the extended behaviour.)
+- No code change in GCM and CCM - only need to update dependencies.
+- No risk for code duplication between a potential new module and Cipher: source-level, and in in particular in builds that still have `CIPHER_C` enabled. (Compiled-code duplication could be avoided by excluding the new module in such builds, though.)
+- If want to support other users of Cipher later (such as NIST-KW, CMAC, PKCS5 and PKCS12), we can just extend dual-dispatch support to other modes/operations in Cipher and keep those extra modules unchanged as well.
+
+Possible costs of re-using (a subset of) the existing Cipher API instead of defining a new one:
+- We carry over costs associated with `cipher_info_t` structures. (Currently the info structure is used for 3 things: (1) to check if the cipher is supported, (2) to check its block size, (3) because `setup()` requires it).
+- We carry over questionable implementation decisions, like dynamic allocation of context.
+
+Those costs could be avoided by refactoring (parts of) Cipher, but that would probably mean either:
+- significant differences in how the `cipher.h` API is implemented between builds with the full Cipher or only a subset;
+- or more work to apply the simplifications to all of Cipher.
+
+Prototyping both approaches showed better code size savings and cleaner code with a new internal module (see section "Internal "block cipher" abstraction (Cipher light)" below).
+
## Specification
### MD light
-https://github.com/Mbed-TLS/mbedtls/pull/6474 implements part of this specification, but it's based on Mbed TLS 3.2, so it needs to be rewritten for 3.3.
-
#### Definition of MD light
MD light is a subset of `md.h` that implements the hash calculation interface described in ”[Designing an interface for hashes](#designing-an-interface-for-hashes)”. It is activated by `MBEDTLS_MD_LIGHT` in `mbedtls_config.h`.
@@ -378,7 +494,7 @@
The job of this private function is to return 1 if `hash_alg` can be performed through PSA now, and 0 otherwise. It is only defined on algorithms that are enabled via PSA.
-As a starting point, return 1 if PSA crypto has been initialized. This will be refined later (to return 1 if the [accelerator subsystem](https://github.com/Mbed-TLS/mbedtls/issues/6007) has been initialized).
+As a starting point, return 1 if PSA crypto's driver subsystem has been initialized.
Usage note: for algorithms that are not enabled via PSA, calling `psa_can_do_hash` is generally safe: whether it returns 0 or 1, you can call a PSA hash function on the algorithm and it will return `PSA_ERROR_NOT_SUPPORTED`.
@@ -398,31 +514,7 @@
#### Error code conversion
-After calling a PSA function, call `mbedtls_md_error_from_psa` to convert its status code. This function is currently defined in `hash_info.c`.
-
-### Migration to MD light
-
-#### Migration of modules that used to call MD and now do the legacy-or-PSA dance
-
-Get rid of the case where `MBEDTLS_MD_C` is undefined. Enable `MBEDTLS_MD_LIGHT` in `build_info.h`.
-
-#### Migration of modules that used to call a low-level hash module and now do the legacy-or-PSA dance
-
-Switch to calling MD (light) unconditionally. Enable `MBEDTLS_MD_LIGHT` in `build_info.h`.
-
-#### Migration of modules that call a low-level hash module
-
-Switch to calling MD (light). Enable `MBEDTLS_MD_LIGHT` in `build_info.h`.
-
-#### Migration of use-PSA mixed code
-
-Instead of calling `hash_info.h` functions to obtain metadata, get it from `md.h`.
-
-Optionally, code that currently tests on `MBEDTLS_USE_PSA_CRYPTO` just to determine whether to call MD or PSA to calculate hashes can switch to just having the MD variant.
-
-#### Remove `legacy_or_psa.h`
-
-It's no longer used.
+After calling a PSA function, MD light calls `mbedtls_md_error_from_psa` to convert its status code.
### Support all legacy algorithms in PSA
@@ -461,10 +553,6 @@
Work in progress on this conversion is at https://github.com/gilles-peskine-arm/mbedtls/tree/hash-unify-ids-wip-1
-#### Get rid of the hash_info module
-
-The hash_info module is redundant with MD light. Move `mbedtls_md_error_from_psa` to `md.c`, defined only when `MBEDTLS_MD_SOME_PSA` is defined. The rest is no longer used.
-
#### Unify HMAC with PSA
PSA has its own HMAC implementation. In builds with both `MBEDTLS_MD_C` and `PSA_WANT_ALG_HMAC` not fully provided by drivers, we should have a single implementation. Replace the one in `md.h` by calls to the PSA driver interface. This will also give mixed-domain modules access to HMAC accelerated directly by a PSA driver (eliminating the need to a HMAC interface in software if all supported hashes have an accelerator that includes HMAC support).
@@ -477,3 +565,52 @@
* Compile-time dependencies: instead of checking `defined(MBEDTLS_PSA_CRYPTO_C)`, check `defined(MBEDTLS_PSA_CRYPTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)`.
* Implementers of `MBEDTLS_PSA_CRYPTO_CLIENT` will need to provide `psa_can_do_hash()` (or a more general function `psa_can_do`) alongside `psa_crypto_init()`. Note that at this point, it will become a public interface, hence we won't be able to change it at a whim.
+
+### Internal "block cipher" abstraction (previously known as "Cipher light")
+
+#### Definition
+
+The new module is automatically enabled in `config_adjust_legacy_crypto.h` by modules that need
+it (namely: CCM, GCM) only when `CIPHER_C` is not available, or the new module
+is needed for PSA dispatch (see next section). Note: CCM and GCM currently
+depend on the full `CIPHER_C` (enforced by `check_config.h`); this hard
+dependency would be replaced by the above auto-enablement.
+
+The following API functions are offered:
+```
+void mbedtls_block_cipher_init(mbedtls_block_cipher_context_t *ctx);
+void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx);
+int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx,
+ mbedtls_cipher_id_t cipher_id);
+int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx,
+ const unsigned char *key,
+ unsigned key_bitlen);
+int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx,
+ const unsigned char input[16],
+ unsigned char output[16]);
+```
+
+The only supported ciphers are AES, ARIA and Camellia. They are identified by
+an `mbedtls_cipher_id_t` in the `setup()` function, because that's how they're
+identifed by callers (GCM/CCM).
+
+#### Block cipher dual dispatch
+
+Support for dual dispatch in the new internal module `block_cipher` is extremely similar to that in MD light.
+
+A block cipher context contains either a legacy module's context (AES, ARIA, Camellia) or a PSA key identifier; it has a field indicating which one is in use. All fields are private.
+
+The `engine` field is almost redundant with knowledge about `type`. However, when an algorithm is available both via a legacy module and a PSA accelerator, we will choose based on the runtime availability of the accelerator when the context is set up. This choice needs to be recorded in the context structure.
+
+Support is determined at runtime using the new internal function
+```
+int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg);
+```
+
+The job of this private function is to return 1 if `hash_alg` can be performed through PSA now, and 0 otherwise. It is only defined on algorithms that are enabled via PSA. As a starting point, return 1 if PSA crypto's driver subsystem has been initialized.
+
+Each function in the module needs to know whether to dispatch via PSA or legacy. All functions consult the context's `engine` field, except `setup()` which will set it according to the key type and the return value of `psa_can_do_cipher()` as discussed above.
+
+Note that this assumes that an operation that has been started via PSA can be completed. This implies that `mbedtls_psa_crypto_free` must not be called while an operation using PSA is in progress.
+
+After calling a PSA function, `block_cipher` functions call `mbedtls_cipher_error_from_psa` to convert its status code.
diff --git a/docs/architecture/psa-thread-safety/key-slot-state-transitions.png b/docs/architecture/psa-thread-safety/key-slot-state-transitions.png
new file mode 100644
index 0000000..34cc79b
--- /dev/null
+++ b/docs/architecture/psa-thread-safety/key-slot-state-transitions.png
Binary files differ
diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md
similarity index 76%
rename from docs/architecture/psa-thread-safety.md
rename to docs/architecture/psa-thread-safety/psa-thread-safety.md
index 0d03e32..dc5d7e1 100644
--- a/docs/architecture/psa-thread-safety.md
+++ b/docs/architecture/psa-thread-safety/psa-thread-safety.md
@@ -29,7 +29,7 @@
If you build with `MBEDTLS_PSA_CRYPTO_C` and `MBEDTLS_THREADING_C`, the code must be functionally correct: no race conditions, deadlocks or livelocks.
-The [PSA Crypto API specification](https://armmbed.github.io/mbed-crypto/html/overview/conventions.html#concurrent-calls) defines minimum expectations for concurrent calls. They must work as if they had been executed one at a time, except that the following cases have undefined behavior:
+The [PSA Crypto API specification](https://armmbed.github.io/mbed-crypto/html/overview/conventions.html#concurrent-calls) defines minimum expectations for concurrent calls. They must work as if they had been executed one at a time (excluding resource-management errors), except that the following cases have undefined behavior:
* Destroying a key while it's in use.
* Concurrent calls using the same operation object. (An operation object may not be used by more than one thread at a time. But it can move from one thread to another between calls.)
@@ -281,28 +281,56 @@
#### Slot states
-For concurrency purposes, a slot can be in one of three states:
+For concurrency purposes, a slot can be in one of four states:
-* UNUSED: no thread is currently accessing the slot. It may be occupied by a volatile key or a cached key.
-* WRITING: a thread has exclusive access to the slot. This can only happen in specific circumstances as detailed below.
-* READING: any thread may read from the slot.
+* EMPTY: no thread is currently accessing the slot, and no information is stored in the slot. Any thread is able to change the slot's state to FILLING and begin loading data.
+* FILLING: one thread is currently loading or creating material to fill the slot, this thread is responsible for the next state transition. Other threads cannot read the contents of a slot which is in FILLING.
+* FULL: the slot contains a key, and any thread is able to use the key after registering as a reader.
+* PENDING_DELETION: the key within the slot has been destroyed or marked for destruction, but at least one thread is still registered as a reader. No thread can register to read this slot. The slot must not be wiped until the last reader de-registers, wiping the slot by calling `psa_wipe_key_slot`.
-A high-level view of state transitions:
+To change `slot` to state `new_state`, a function must call `psa_slot_state_transition(slot, new_state)`.
-* `psa_get_empty_key_slot`: UNUSED → WRITING.
-* `psa_get_and_lock_key_slot_in_memory`: UNUSED or READING → READING. This function only accepts slots in the UNUSED or READING state. A slot with the correct id but in the WRITING state is considered free.
-* `psa_unlock_key_slot`: READING → UNUSED or READING.
-* `psa_finish_key_creation`: WRITING → READING.
-* `psa_fail_key_creation`: WRITING → UNUSED.
-* `psa_wipe_key_slot`: any → UNUSED. If the slot is READING or WRITING on entry, this function must wait until the writer or all readers have finished. (By the way, the WRITING state is possible if `mbedtls_psa_crypto_free` is called while a key creation is in progress.) See [“Destruction of a key in use”](#destruction-of-a-key-in-use).
+A counter field within each slot keeps track of how many readers have registered. Library functions must call `psa_register_read` before reading the key data within a slot, and `psa_unregister_read` after they have finished operating.
-The current `state->lock_count` corresponds to the difference between UNUSED and READING: a slot is in use iff its lock count is nonzero, so `lock_count == 0` corresponds to UNUSED and `lock_count != 0` corresponds to READING.
+Any call to `psa_slot_state_transition`, `psa_register_read` or `psa_unregister_read` must be performed by a thread which holds the global mutex.
-There is currently no indication of when a slot is in the WRITING state. This only happens between a call to `psa_start_key_creation` and a call to one of `psa_finish_key_creation` or `psa_fail_key_creation`. This new state can be conveyed by a new boolean flag, or by setting `lock_count` to `~0`.
+##### Linearizability of the system
+
+To satisfy the requirements in [Correctness out of the box](#correctness-out-of-the-box), we require our functions to be "linearizable" (under certain constraints). This means that any (constraint satisfying) set of concurrent calls are performed as if they were executed in some sequential order.
+
+The standard way of reasoning that this is the case is to identify a "linearization point" for each call, this is a single execution step where the function takes effect (this is usually a step in which the effects of the call become visible to other threads). If every call has a linearization point, the set of calls is equivalent to sequentially performing the calls in order of when their linearization point occurred.
+
+We only require linearizability to hold in the case where a resource-management error is not returned. In a set of concurrent calls, it is permitted for a call c to fail with a PSA_ERROR_INSUFFICIENT_MEMORY return code even if there does not exist a sequential ordering of the calls in which c returns this error. Even if such an error occurs, all calls are still required to be functionally correct.
+
+We only access and modify a slot's state and reader count while we hold the global lock. This ensures the memory in which these fields are stored is correctly synchronized. It also ensures that the key data within the slot is synchronised where needed (the writer unlocks the mutex after filling the data, and any reader must lock the mutex before reading the data).
+
+To help justify that our system is linearizable, here is a list of key slot state changing functions and their linearization points (for the sake of brevity not all failure cases are covered, but those cases are not complex):
+* `psa_wipe_key_slot, psa_register_read, psa_unregister_read, psa_slot_state_transition,` - These functions are all always performed under the global mutex, so they have no effects visible to other threads (this implies that they are linearizable).
+* `psa_get_empty_key_slot, psa_get_and_lock_key_slot_in_memory, psa_load_X_key_into_slot, psa_fail_key_creation` - These functions hold the mutex for all non-setup/finalizing code, their linearization points are the release of the mutex.
+* `psa_get_and_lock_key_slot` - If the key is already in a slot, the linearization point is the linearization point of the call to `psa_get_and_lock_key_slot_in_memory`. If the key is not in a slot and is loaded into one, the linearization point is the linearization point of the call to `psa_load_X_key_into_slot`.
+* `psa_start_key_creation` - From the perspective of other threads, the only effect of a successful call to this function is that the amount of usable resources decreases (a key slot which was usable is now unusable). Since we do not consider resource management as linearizable behaviour, when arguing for linearizability of the system we consider this function to have no visible effect to other threads.
+* `psa_finish_key_creation` - On a successful load, we lock the mutex and set the state of the slot to FULL, the linearization point is then the following unlock. On an unsuccessful load, the linearization point is when we return - no action we have performed has been made visible to another thread as the slot is still in a FILLING state.
+* `psa_destroy_key, psa_close_key, psa_purge_key` - As per the requirements, we need only argue for the case where the key is not in use here. The linearization point is the unlock after wiping the data and setting the slot state to EMPTY.
+* `psa_import_key, psa_copy_key, psa_generate_key, mbedtls_psa_register_se_key` - These functions call both `psa_start_key_creation` and `psa_finish_key_creation`, the linearization point of a successful call is the linearization point of the call to `psa_finish_key_creation`. The linearization point of an unsuccessful call is the linearization point of the call to `psa_fail_key_creation`.
+* `psa_key_derivation_output_key` - Same as above. If the operation object is in use by multiple threads, the behaviour need not be linearizable.
+
+Library functions which operate on a slot will return `PSA_ERROR_BAD_STATE` if the slot is in an inappropriate state for the function at the linearization point.
+
+##### Key slot state transition diagram
+
+
+
+In the state transition diagram above, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point.
+
+##### Generating the key slot state transition diagram from source
+
+To generate the state transition diagram in https://app.diagrams.net/, open the following url:
+
+https://viewer.diagrams.net/?tags=%7B%7D&highlight=FFFFFF&edit=_blank&layers=1&nav=1&title=key-slot-state-transitions#R5Vxbd5s4EP4t%2B%2BDH5iAJcXms4ySbrdtNT7qX9MWHgGyrxcABHNv59SsM2EhgDBhs3PVL0CANoBl9fDMaMkC3i%2FWDb3jzz65F7AGUrPUAjQYQAqBh9ieSbGKJIqFYMPOplXTaC57pO0mEUiJdUosEXMfQde2QerzQdB2HmCEnM3zfXfHdpq7NX9UzZiQneDYNOy%2F9h1rhPJZqUN3Lfyd0Nk%2BvDBQ9PrMw0s7JkwRzw3JXGRG6G6Bb33XD%2BGixviV2NHnpvMTj7g%2Bc3d2YT5ywyoDv4H08%2Ffvxj9VX3XGGw5cf3o9PHxJjvBn2MnngAVRspm9o0Td2OIsO7%2F8aj1Mx0585U9B5bgQTnxgW8YP07Ksv9he1bOcn3KSTzm6c2Zc1hqs5DcmzZ5jRmRVzsegK4cJmLcAOjcCLjT6la2LtVGUnJZmnN%2BKHZJ0RJZP0QNwFCf0N65KclbXEYDuPTdqrjP0T0Txj%2BlRmJB4322neG4UdJHapYSMACowkzphjfYy8nbVM2wgCavIT5btLx4pmaCSxFpscf%2FNvcmrbeMk2Rutsv9Emba1puBvEjl8y8v2QqJGOOGiNwF36Jjnul6Hhz0hY0k%2BO%2BxGLW8V522Zshwtsl8p8YhshfePXfpFBkys8uZQ92UHXwYrgE%2FFzJ6Oya1VUpOo3euancWplJKiNpymnduttu0k4wQFhzgGXjk9mNAiJv13seX9kBhkbr%2BxlwK9Xm86cyEeZQxCfCaJlSRnafkxOLKhlRTqGPgnou%2FG61Re5khc93PZx8XCAR4XOVb56RADYvTOSq3CwXAQM0g2UVJ2zxAd4mt%2BkaoAwxJ1OA9KNLasA%2Ft3np28v14nevQNvvXXwTmBYysAwKIXhHdxLWbiXjsB9c%2FCGFcEb9Au8ec%2FJgWxl7D7yDugYrFO6mXE4LzAmU4Pak59kMzEZXofUdfoM2ema6SNkJ5ohp1Qc3x1%2B51%2FF94%2Fj8eOXh17DMFIuDMNyldderTjnt18u0Lm4kXAVIz3dfRlt3b2inUZ347tvj39%2BuU4b9Y7PqF3RmepRZbPotTmdSdNOx%2BgM7BWdgRJ7%2BWkyVAGLJmWs8G9BLCs3KsAq1FTMGkhQX5XrAEUgTfJ5yY5WyHXYFSdk4YWbLeEJbDfsMdlJF1Qfuc5OjXwuegOKXtTt48sNbhIwxaMuGjL1K98VYYwkpRijMDjg0QBEWawUZJAmqc1QRpYElGG%2BjgSX7DoFVow0U%2BrQYH41cVW6uE7Gmg%2FM7rKu8mCDWvEpRSvUegboKaKfgi3Npf%2B2RZaYbZwv51492dMcg6rm3FGvMEhWMecwitowb4MVQZHIoQ9ADPMBY5PplizPwzes82imSlL5fUGhPzjSX9bK9LOD%2BI6bLp7RUDYBfTA9%2B50sH%2Bkz%2Fvi0rha6CVsGFQO4lNEZjjWxXfNnhtTV0GDabkCiobVGeUtm8uyo%2BtFjf9A%2FtVEb6A%2BQxntZO1k1nr5CfC7sR0X74K3QzixwVwxrMzyz2zy9XBHw%2B5WnhyrkvATjhoAPDuVWzsQpUVGsUwhDFglC392cDl%2FtQGVvIW63jFsIpmVN4aOZdBmc6L47HN5wkNc9xsmX4LfHwKs%2BTB6Eu57AE6N3mcwa0gBnbaSCorO1uaqsZpJ7CtDrXKQjHouQVn7P4l2iIzwWl%2BrvhsfmyyOup9JFbo3gsegeC47bEvh1kUgsNGT7%2BxSXxrfW6BzsFV4iIbzFTesukCpkCSvG72153HXtRZQumlYiRF3YcmqLPqVZzC4ThIWzc5ZKrspbEzwMdbg1UTUtiHsNKwpoCitCPZfSXfFtMSMprufiQsLeAkprhVwRoECekbQVj%2FG7GF0UchXb9UxV%2FcehoQkMNYcTXBFO%2BhXVwQNJ%2BNpwAgWWonRXHlrsdrDA7XJpoFzQUyN9tKIeyeXoryNvXr5Q26jQ2H0P1y6IAXQhEMuT3pwlz55TOohNfcESIXHSeMcSbbNAGpahrMs6RBoS9XLVGbAS0NRNA7GnyV4F6PxNqBK6UaG0%2B6HyJwJ6qTIA6ijDze%2Bso%2BxSPoToZXqpfK3%2Fz9JLT3S5Hk%2FhRNNmX9%2B%2B338yHccr%2FIyqHfLGlZw1%2BiSzM%2BpWtRC2X0VqSKgew2JeqDLc4iOZqvaoW6HPVWJuEQOzXcOaeMQPIlxxwi0ZY%2Ffk1q%2Ba2Gp6XVI7pM4JakrLN66DGpaiQAuIiGVQGIie6Pxnq6CAl6wAqu9Cv9gXl1VT%2F1VL9%2Fa74OmW%2Brk2T%2Fnkbu57gsolw4KiqrUde0WnLBnW3P9fj7j7%2Fr%2BjoLv%2FAA%3D%3D
#### Destruction of a key in use
-Problem: In [Key destruction long-term requirements](#key-destruction-long-term-requirements) we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (READING or WRITING).
+Problem: In [Key destruction long-term requirements](#key-destruction-long-term-requirements) we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (FILLING or with at least one reader).
How do we ensure that? This needs something more sophisticated than mutexes (concurrency number >2)! Even a per-slot mutex isn't enough (we'd need a reader-writer lock).
@@ -310,11 +338,11 @@
##### Mutex only
-When calling `psa_wipe_key_slot` it is the callers responsibility to set the slot state to WRITING first. For most functions this is a clean UNUSED -> WRITING transition: psa_get_empty_key_slot, psa_get_and_lock_key_slot, psa_close_key, psa_purge_key.
+When calling `psa_wipe_key_slot` it is the callers responsibility to set the slot state to PENDING_DELETION first. For most functions this is a clean {FULL, !has_readers} -> PENDING_DELETION transition: psa_get_empty_key_slot, psa_get_and_lock_key_slot, psa_close_key, psa_purge_key.
`psa_wipe_all_key_slots` is only called from `mbedtls_psa_crypto_free`, here we will need to return an error as we won't be able to free the key store if a key is in use without compromising the state of the secure side. This is acceptable as an untrusted application cannot call `mbedtls_psa_crypto_free` in a crypto service. In a service integration, `mbedtls_psa_crypto_free` on the client cuts the communication with the crypto service. Also, this is the current behaviour.
-`psa_destroy_key` marks the slot as deleted, deletes persistent keys and opaque keys and returns. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). When the last reading operation finishes, it wipes the key slot. This will free the key ID, but the slot might be still in use. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it.
+`psa_destroy_key` registers as a reader, marks the slot as deleted, deletes persistent keys and opaque keys and unregisters before returning. This will free the key ID, but the slot might be still in use. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). `psa_destroy_key` transfers to PENDING_DELETION as an intermediate state. The last reading operation will wipe the key slot upon unregistering. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it.
These are serious limitations, but this can be implemented with mutexes only and arguably satisfies the [Key destruction short-term requirements](#key-destruction-short-term-requirements).
@@ -329,9 +357,9 @@
#### Condition variables
-Clean UNUSED -> WRITING transition works as before.
+Clean UNUSED -> PENDING_DELETION transition works as before.
-`psa_wipe_all_key_slots` and `psa_destroy_key` mark the slot as deleted and go to sleep until the slot state becomes UNUSED. When waking up, they wipe the slot, and return.
+`psa_wipe_all_key_slots` and `psa_destroy_key` mark the slot as deleted and go to sleep until the slot has no registered readers. When waking up, they wipe the slot, and return.
If the slot is already marked as deleted the threads calling `psa_wipe_all_key_slots` and `psa_destroy_key` go to sleep until the deletion completes. To satisfy [Key destruction long-term requirements](#key-destruction-long-term-requirements) none of the threads may return from the call until the slot is deleted completely. This can be achieved by signalling them when the slot has already been wiped and ready for use, that is not marked for deletion anymore. To handle spurious wake-ups, these threads need to be able to tell whether the slot was already deleted. This is not trivial, because by the time the thread wakes up, theoretically the slot might be in any state. It might have been reused and maybe even marked for deletion again.
@@ -354,7 +382,7 @@
#### Drivers
-Each driver that hasn’t got the "thread_safe” property set has a dedicated mutex.
+Each driver that hasn’t got the "thread_safe” property set has a dedicated mutex.
Implementing "thread_safe” drivers depends on the condition variable protection in the key store, as we must guarantee that the core never starts the destruction of a key while there are operations in progress on it.
diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md
index 4bad2e8..f59420e 100644
--- a/docs/driver-only-builds.md
+++ b/docs/driver-only-builds.md
@@ -16,6 +16,7 @@
In order to have some mechanism provided only by a driver, you'll want
the following compile-time configuration options enabled:
+
- `MBEDTLS_PSA_CRYPTO_C` (enabled by default) - this enables PSA Crypto.
- `MBEDTLS_USE_PSA_CRYPTO` (disabled by default) - this makes PK, X.509 and
TLS use PSA Crypto. You need to enable this if you're using PK, X.509 or TLS
@@ -28,6 +29,7 @@
TLS](proposed/psa-conditional-inclusion-c.md) for details.
In addition, for each mechanism you want provided only by your driver:
+
- Define the corresponding `PSA_WANT` macro in `psa/crypto_config.h` - this
means the algorithm will be available in the PSA Crypto API.
- Define the corresponding `MBEDTLS_PSA_ACCEL` in your build. This could be
@@ -52,9 +54,21 @@
------------------
For now, only the following (families of) mechanisms are supported:
+
- hashes: SHA-3, SHA-2, SHA-1, MD5, etc.
- elliptic-curve cryptography (ECC): ECDH, ECDSA, EC J-PAKE, ECC key types.
- finite-field Diffie-Hellman: FFDH algorithm, DH key types.
+- RSA: PKCS#1 v1.5 and v2.1 signature and encryption algorithms, RSA key types
+ (for now, only crypto, no X.509 or TLS support).
+- AEADs:
+ - GCM and CCM with AES, ARIA and Camellia key types
+ - ChachaPoly with ChaCha20 Key type
+- Unauthenticated ciphers:
+ - key types: AES, ARIA, Camellia, DES
+ - modes: ECB, CBC, CTR, CFB, OFB, XTS
+
+For each family listed above, all the mentioned alorithms/key types are also
+all the mechanisms that exist in PSA API.
Supported means that when those are provided only by drivers, everything
(including PK, X.509 and TLS if `MBEDTLS_USE_PSA_CRYPTO` is enabled) should
@@ -62,18 +76,13 @@
in the "Limitations" sub-sections of the sections dedicated to each family
below.
-In the near future (end of 2023), we are planning to also add support for
-ciphers (AES) and AEADs (GCM, CCM, ChachaPoly).
-
-Currently (mid-2023) we don't have plans to extend this to RSA. If
-you're interested in driver-only support for RSA, please let us know.
-
Hashes
------
It is possible to have all hash operations provided only by a driver.
More precisely:
+
- you can enable `PSA_WANT_ALG_SHA_256` without `MBEDTLS_SHA256_C`, provided
you have `MBEDTLS_PSA_ACCEL_ALG_SHA_256` enabled;
- and similarly for all supported hash algorithms: `MD5`, `RIPEMD160`,
@@ -92,6 +101,7 @@
If you want to check at compile-time whether a certain hash algorithm is
available in the present build of Mbed TLS, regardless of whether it's
provided by a driver or built-in, you should use the following macros:
+
- for code that uses only the PSA Crypto API: `PSA_WANT_ALG_xxx` from
`psa/crypto.h`;
- for code that uses non-PSA crypto APIs: `MBEDTLS_MD_CAN_xxx` from
@@ -101,10 +111,12 @@
---------------------------------
It is possible to have most ECC operations provided only by a driver:
+
- the ECDH, ECDSA and EC J-PAKE algorithms;
- key import, export, and random generation.
More precisely, if:
+
- you have driver support for ECC public and using private keys (that is,
`MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY` and
`MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC` are enabled), and
@@ -113,6 +125,7 @@
`MBEDTLS_PSA_ACCEL_ECC_xxx` macros is enabled as well);
then you can:
+
- enable `PSA_WANT_ALG_ECDH` without `MBEDTLS_ECDH_C`, provided
`MBEDTLS_PSA_ACCEL_ALG_ECDH` is enabled
- enable `PSA_WANT_ALG_ECDSA` without `MBEDTLS_ECDSA_C`, provided
@@ -121,6 +134,7 @@
`MBEDTLS_PSA_ACCEL_ALG_JPAKE` is enabled.
In addition, if:
+
- none of `MBEDTLS_ECDH_C`, `MBEDTLS_ECDSA_C`, `MBEDTLS_ECJPAKE_C` are enabled
(see conditions above), and
- you have driver support for all enabled ECC key pair operations - that is,
@@ -132,9 +146,11 @@
still be included in the build, see limitations sub-section below.
In addition, if:
-- `MBEDTLS_ECP_C` is fully removed (see limitation sub-section below), and
-- support for RSA key types and algorithms is fully disabled, and
-- support for DH key types and the FFDH algorithm is either disabled, or
+
+- `MBEDTLS_ECP_C` is fully removed (see limitation sub-section below),
+- and support for RSA key types and algorithms is either fully disabled or
+ fully provided by a driver,
+- and support for DH key types and the FFDH algorithm is either disabled or
fully provided by a driver,
then you can also disable `MBEDTLS_BIGNUM_C`.
@@ -142,6 +158,7 @@
In such builds, all crypto operations via the PSA Crypto API will work as
usual, as well as the PK, X.509 and TLS modules if `MBEDTLS_USE_PSA_CRYPTO` is
enabled, with the following exceptions:
+
- direct calls to APIs from the disabled modules are not possible;
- PK, X.509 and TLS will not support restartable ECC operations (see
limitation sub-section below).
@@ -149,6 +166,7 @@
If you want to check at compile-time whether a certain curve is available in
the present build of Mbed TLS, regardless of whether ECC is provided by a
driver or built-in, you should use the following macros:
+
- for code that uses only the PSA Crypto API: `PSA_WANT_ECC_xxx` from
`psa/crypto.h`;
- for code that may also use non-PSA crypto APIs: `MBEDTLS_ECP_HAVE_xxx` from
@@ -164,6 +182,7 @@
A limited subset of `ecp.c` will still be automatically re-enabled if any of
the following is enabled:
+
- `MBEDTLS_PK_PARSE_EC_COMPRESSED` - support for parsing ECC keys where the
public part is in compressed format;
- `MBEDTLS_PK_PARSE_EC_EXTENDED` - support for parsing ECC keys where the
@@ -237,6 +256,184 @@
`[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow builds accelerating FFDH and
removing builtin support (i.e. `MBEDTLS_DHM_C`).
-### Limitations
-Support for deterministic derivation of a DH keypair
-(i.e. `PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE`) is not supported.
+RSA
+---
+
+It is possible for all RSA operations to be provided only by a driver.
+
+More precisely, if:
+
+- all the RSA algorithms that are enabled (`PSA_WANT_ALG_RSA_*`) are also
+ accelerated (`MBEDTLS_PSA_ACCEL_ALG_RSA_*`),
+- and all the RSA key types that are enabled (`PSA_WANT_KEY_TYPE_RSA_*`) are
+ also accelerated (`MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_*`),
+
+then you can disable `MBEDTLS_RSA_C`, `MBEDTLS_PKCS1_V15` and
+`MBEDTLS_PKCS1_V21`, and RSA will still work in PSA Crypto.
+
+### Limitations on RSA acceleration
+
+Unlike other mechanisms, for now in configurations with driver-only RSA, only
+PSA Crypto works. In particular, PK, X.509 and TLS will _not_ work with
+driver-only RSA even if `MBEDTLS_USE_PSA_CRYPTO` is enabled.
+
+Currently (early 2024) we don't have plans to extend this support. If you're
+interested in wider driver-only support for RSA, please let us know.
+
+Ciphers (unauthenticated and AEAD)
+----------------------------------
+
+It is possible to have all ciphers and AEAD operations provided only by a
+driver. More precisely, for each desired combination of key type and
+algorithm/mode you can:
+
+- Enable desired PSA key type(s):
+ - `PSA_WANT_KEY_TYPE_AES`,
+ - `PSA_WANT_KEY_TYPE_ARIA`,
+ - `PSA_WANT_KEY_TYPE_CAMELLIA`,
+ - `PSA_WANT_KEY_TYPE_CHACHA20`,
+ - `PSA_WANT_KEY_TYPE_DES`.
+- Enable desired PSA algorithm(s):
+ - Unauthenticated ciphers modes:
+ - `PSA_WANT_ALG_CBC_NO_PADDING`,
+ - `PSA_WANT_ALG_CBC_PKCS7`,
+ - `PSA_WANT_ALG_CCM_STAR_NO_TAG`,
+ - `PSA_WANT_ALG_CFB`,
+ - `PSA_WANT_ALG_CTR`,
+ - `PSA_WANT_ALG_ECB_NO_PADDING`,
+ - `PSA_WANT_ALG_OFB`,
+ - `PSA_WANT_ALG_STREAM_CIPHER`.
+ - AEADs:
+ - `PSA_WANT_ALG_CCM`,
+ - `PSA_WANT_ALG_GCM`,
+ - `PSA_WANT_ALG_CHACHA20_POLY1305`.
+- Enable `MBEDTLS_PSA_ACCEL_[KEY_TYPE_xxx|ALG_yyy]` symbol(s) which correspond
+ to the `PSA_WANT_KEY_TYPE_xxx` and `PSA_WANT_ALG_yyy` of the previous steps.
+- Disable builtin support of key types:
+ - `MBEDTLS_AES_C`,
+ - `MBEDTLS_ARIA_C`,
+ - `MBEDTLS_CAMELLIA_C`,
+ - `MBEDTLS_DES_C`,
+ - `MBEDTLS_CHACHA20_C`.
+ and algorithms/modes:
+ - `MBEDTLS_CBC_C`,
+ - `MBEDTLS_CFB_C`,
+ - `MBEDTLS_CTR_C`,
+ - `MBEDTLS_OFB_C`,
+ - `MBEDTLS_XTS_C`,
+ - `MBEDTLS_CCM_C`,
+ - `MBEDTLS_GCM_C`,
+ - `MBEDTLS_CHACHAPOLY_C`,
+ - `MBEDTLS_NULL_CIPHER`.
+
+Once a key type and related algorithm are accelerated, all the PSA Crypto APIs
+will work, as well as X.509 and TLS (with `MBEDTLS_USE_PSA_CRYPTO` enabled) but
+some non-PSA APIs will be absent or have reduced functionality, see
+[Restrictions](#restrictions) for details.
+
+### Restrictions
+
+- If an algorithm other than CCM and GCM (see
+ ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-ccmgcm) below)
+ is enabled but not accelerated, then all key types that can be used with it
+ will need to be built-in.
+- If a key type is enabled but not accelerated, then all algorithms that can be
+ used with it will need to be built-in.
+
+Some legacy modules can't take advantage of PSA drivers yet, and will either
+need to be disabled, or have reduced features when the built-in implementations
+of some ciphers are removed:
+
+- `MBEDTLS_NIST_KW_C` needs built-in AES: it must be disabled when
+ `MBEDTLS_AES_C` is disabled.
+- `MBEDTLS_CMAC_C` needs built-in AES/DES: it must be disabled when
+ `MBEDTLS_AES_C` and `MBEDTLS_DES_C` are both disabled. When only one of them
+ is enabled, then only the corresponding cipher will be available at runtime
+ for use with `mbedtls_cipher_cmac_xxx`. (Note: if there is driver support for
+ CMAC and all compatible key types, then `PSA_WANT_ALG_CMAC` can be enabled
+ without `MBEDTLS_CMAC_C` and CMAC will be usable with `psa_max_xxx` APIs.)
+- `MBEDTLS_CIPHER_C`: the `mbedtls_cipher_xxx()` APIs will only work with
+ ciphers that are built-in - that is, both the underlying cipher
+ (eg `MBEDTLS_AES_C`) and the mode (eg `MBEDTLS_CIPHER_MODE_CBC` or
+ `MBEDTLS_GCM_C`).
+- `MBEDTLS_PKCS5_C`: encryption/decryption (PBES2, PBE) will only work with
+ ciphers that are built-in.
+- PEM decryption will only work with ciphers that are built-in.
+- PK parse will only be able to parse encrypted keys using built-in ciphers.
+
+Note that if you also disable `MBEDTLS_CIPHER_C`, there will be additional
+restrictions, see [Disabling `MBEDTLS_CIPHER_C`](#disabling-mbedtls_cipher_c).
+
+### Legacy <-> PSA matching
+
+Note that the relationship between legacy (i.e. `MBEDTLS_xxx_C`) and PSA
+(i.e. `PSA_WANT_xxx`) symbols is not always 1:1. For example:
+
+- ECB mode is always enabled in the legacy configuration for each key type that
+ allows it (AES, ARIA, Camellia, DES), whereas it must be explicitly enabled
+ in PSA with `PSA_WANT_ALG_ECB_NO_PADDING`.
+- In the legacy API, `MBEDTLS_CHACHA20_C` enables the ChaCha20 stream cipher, and
+ enabling `MBEDTLS_CHACHAPOLY_C` also enables the ChaCha20-Poly1305 AEAD. In the
+ PSA API, you need to enable `PSA_KEY_TYPE_CHACHA20` for both, plus
+ `PSA_ALG_STREAM_CIPHER` or `PSA_ALG_CHACHA20_POLY1305` as desired.
+- The legacy symbol `MBEDTLS_CCM_C` adds support for both cipher and AEAD,
+ whereas in PSA there are 2 different symbols: `PSA_WANT_ALG_CCM_STAR_NO_TAG`
+ and `PSA_WANT_ALG_CCM`, respectively.
+
+### Partial acceleration for CCM/GCM
+
+[This section depends on #8598 so it might be updated while that PR progresses.]
+
+In case legacy CCM/GCM algorithms are enabled, it is still possible to benefit
+from PSA acceleration of the underlying block cipher by enabling support for
+ECB mode (`PSA_WANT_ALG_ECB_NO_PADDING` + `MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING`)
+together with desired key type(s) (`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]` +
+`MBEDTLS_PSA_ACCEL_KEY_TYPE_[AES|ARIA|CAMELLIA]`).
+
+In such configurations it is possible to:
+
+- Use CCM and GCM via the PSA Crypto APIs.
+- Use CCM and GCM via legacy functions `mbedtls_[ccm|gcm]_xxx()` (but not the
+ legacy functions `mbedtls_cipher_xxx()`).
+- Disable legacy key types (`MBEDTLS_[AES|ARIA|CAMELLIA]_C`) if there is no
+ other dependency requiring them.
+
+ChaChaPoly has no such feature, so it requires full acceleration (key type +
+algorithm) in order to work with a driver.
+
+### CTR-DRBG
+
+The legacy CTR-DRBG module (enabled by `MBEDTLS_CTR_DRBG_C`) can also benefit
+from PSA acceleration if both of the following conditions are met:
+
+- The legacy AES module (`MBEDTLS_AES_C`) is not enabled and
+- AES is supported on the PSA side together with ECB mode, i.e.
+ `PSA_WANT_KEY_TYPE_AES` + `PSA_WANT_ALG_ECB_NO_PADDING`.
+
+### Disabling `MBEDTLS_CIPHER_C`
+
+It is possible to save code size by disabling MBEDTLS_CIPHER_C when all of the
+following conditions are met:
+
+- The application is not using the `mbedtls_cipher_` API.
+- In PSA, all unauthenticated (that is, non-AEAD) ciphers are either disabled or
+ fully accelerated (that is, all compatible key types are accelerated too).
+- Either TLS is disabled, or `MBEDTLS_USE_PSA_CRYPTO` is enabled.
+- `MBEDTLS_NIST_KW` is disabled.
+- `MBEDTLS_CMAC_C` is disabled. (Note: support for CMAC in PSA can be provided by
+ a driver.)
+
+In such a build, everything will work as usual except for the following:
+
+- Encryption/decryption functions from the PKCS5 and PKCS12 module will not be
+ available (only key derivation functions).
+- Parsing of PKCS5- or PKCS12-encrypted keys in PK parse will fail.
+
+Note: AEAD ciphers (CCM, GCM, ChachaPoly) do not have a dependency on
+MBEDTLS_CIPHER_C even when using the built-in implementations.
+
+If you also have some ciphers fully accelerated and the built-ins removed, see
+[Restrictions](#restrictions) for restrictions related to removing the built-ins.
+
+
+
diff --git a/docs/psa-transition.md b/docs/psa-transition.md
new file mode 100644
index 0000000..067ffaf
--- /dev/null
+++ b/docs/psa-transition.md
@@ -0,0 +1,1341 @@
+# Transitioning to the PSA API
+
+> I have code written for `mbedtls_` cryptography APIs. How do I migrate to `psa_` APIs?
+
+## Introduction
+
+Mbed TLS is gradually moving from legacy `mbedtls_xxx` APIs to newer `psa_xxx` APIs for cryptography. Note that this only concerns cryptography APIs, not X.509 or SSL/TLS APIs.
+
+This guide is intended to help migrate existing applications that use Mbed TLS for cryptography. It aims to cover common use cases, but cannot cover all possible scenarios.
+
+### Suggested reading
+
+This document is long, but you probably don't need to read all of it. You should start with the following sections:
+
+1. [Where can I find documentation?](#where-can-i-find-documentation)
+2. [General considerations](#general-considerations)
+
+Then use the [summary of API modules](#summary-of-api-modules), the table of contents or a text search to locate the sections that interest you, based on what legacy interfaces your code is currently using.
+
+### Where can I find documentation?
+
+**Tutorial**: See the [getting started guide](https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/).
+
+**Reference**: The [PSA Crypto API specification](https://arm-software.github.io/psa-api/crypto/) is available online. Mbed TLS implements a large subset of the specification which is documented in the [`psa/crypto*.h` headers](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto_8h/).
+
+### Additional resources
+
+* [Mbed TLS open issues](https://github.com/Mbed-TLS/mbedtls/issues)
+* [PSA API open issues](https://github.com/ARM-software/psa-api/issues) (not just cryptography APIs)
+* [Mbed TLS mailing list](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org/)
+
+### Why change the API?
+
+* Mbed TLS APIs are traditionally very transparent: the caller can access internal fields of operations. This is less true in the 3.x major version than before, but still the case to some extent. This offers applications some flexibility, but it removes flexibility from the implementation. For example, it is hard to support hardware acceleration, because the API constrains how the data must be represented. PSA APIs were designed to be more opaque, giving more freedom to the implementation.
+* Mbed TLS legacy APIs require key material to be present in the application memory. The PSA Crypto API natively supports operations on keys stored in an external [location](https://arm-software.github.io/psa-api/crypto/1.1/api/keys/lifetimes.html#c.psa_key_location_t) (secure enclave, secure element, HSM, etc.).
+* PSA APIs have [consistent conventions](https://arm-software.github.io/psa-api/crypto/1.1/overview/conventions.html#parameter-conventions) which many legacy APIs in Mbed TLS do not follow. For example, many legacy cryptography functions require the caller to know how large an output buffer needs to be based on the selected algorithm, whereas in the PSA API, all buffer arguments have a well-defined size and those sizes are checked.
+* Mbed TLS legacy APIs require passing around a random generator argument where needed. This has historically been problematic with functions that were created without an RNG argument but later needed one as part of a security countermeasure. The PSA crypto subsystem maintains a global random generator, resolving this problem.
+
+### Migration timeline
+
+* Mbed TLS 2.15.0 (Nov 2018): first release with a draft implementation of the PSA API.
+* Mbed TLS 2.18.0 (Jun 2019): The PSA API is available in the default build.
+* Mbed TLS 3.1.0 (Dec 2021): TLS 1.3 support is the first major feature that requires the PSA API.
+* Mbed TLS 4.0.0 (2024?): X.509 and TLS require the PSA API. Removal of some legacy crypto APIs.
+* Mbed TLS 5.0.0 (??): Removal of the remaining non-PSA crypto APIs.
+
+## General considerations
+
+### Configuration of the PSA subsystem
+
+To make the PSA API available, make sure that the configuration option [`MBEDTLS_PSA_CRYPTO_C`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#c.MBEDTLS_PSA_CRYPTO_C) is enabled. (It is enabled in the default configuration.)
+
+You should probably enable [`MBEDTLS_USE_PSA_CRYPTO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a70fd7b97d5f11170546583f2095942a6) as well (it is disabled by default). This option causes the PK, X.509 and TLS modules to use PSA crypto under the hood. Some functions that facilitate the transition (for example, to convert between metadata encodings or between key representations) are only available when `MBEDTLS_USE_PSA_CRYPTO` is enabled.
+
+By default, the PSA crypto API offers a similar set of cryptographic mechanisms as those offered by the legacy API (configured by `MBEDTLS_XXX` macros). The PSA crypto API also has its own configuration mechanism; see “[Cryptographic mechanism availability](#cryptographic-mechanism-availability)”.
+
+### Header files
+
+Applications only need to include a single header file:
+```
+#include <psa/crypto.h>
+```
+
+### General application layout
+
+Before any cryptographic operation, call [`psa_crypto_init`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__initialization/#group__initialization_1ga2de150803fc2f7dc6101d5af7e921dd9) and check that it succeeds. (A failure indicates an abnormal system state from which most applications cannot recover.)
+
+If you wish to free all resources associated with PSA cryptography, call [`mbedtls_psa_crypto_free`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#_CPPv423mbedtls_psa_crypto_freev).
+
+The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually (no need to create an `mbedtls_entropy_context` and an `mbedtls_xxx_drbg_context`).
+
+### Error codes
+
+Mbed TLS functions return a status of type `int`: 0 for success (or occasionally a positive value which is the output length), or a negative value `MBEDTLS_ERR_xxx` indicating an error.
+
+PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/#group__error_1ga05676e70ba5c6a7565aff3c36677c1f9): `PSA_SUCCESS == 0` for success, or a negative value [`PSA_ERROR_xxx`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/) indicating an error.
+
+### Memory management
+
+Apart from keys, as described in “[Key management](#key-management)” below, APIs that need to preserve state between function calls store this state in a structure allocated by the calling code. For example, multipart operations store state in a multipart operation object.
+
+All PSA operation objects must be zero-initialized (or equivalently, initialized with the provided `PSA_XXX_INIT` macro or `psa_xxx_init()` function) before calling any API function.
+
+Functions that output data require an output buffer of sufficient size. For all PSA crypto API functions that have an output buffer, there is a corresponding macro, generally called `PSA_XXX_OUTPUT_SIZE`, that calculates a sufficient size for the output buffer, given the relevant parameters. In some cases, there may be macros with less precision which can be resolved at compile time. For example, for the size of a buffer containing a hash, you can use `PSA_HASH_LENGTH(hash_alg)` where `hash_alg` is a specific hash algorithm, or `PSA_HASH_MAX_SIZE` for a buffer that is long enough for any supported hash. See the relevant sections of this document and of the reference documentation for more details.
+
+#### Key management
+
+One of the major differences between the legacy API and the PSA API is that in the PSA API, access to keys is indirect. Operations that require a key take a parameter of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t), which is an identifier for the key. This allows the API to be used with keys that are not directly accessible to the application, for example because they are stored in a secure environment that does not allow the key material to be exported.
+
+To use a key:
+
+1. First create a key object with a key creation function. The two most common ones are [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) if you have the key material available and [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) to create a random key. The key creation function has the key identifier as an output parameter.
+2. Use the key as desired, passing the key identifier obtained during the key creation.
+3. Finally destroy the key object with [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2).
+
+See “[Cipher key management](#cipher-key-management)”, “[MAC key management](#mac-key-management)”, “[Key lifecycle for asymmetric cryptography](#key-lifecycle-for-asymmetric-cryptography)”, “[Creating keys for asymmetric cryptography](#creating-keys-for-asymmetric-cryptography)” and “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)” for more details about key management in specific workflows, including information about choosing the key's attributes.
+
+If you need access to the key material, call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf). If you need the public key corresponding to a key pair object, call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062).
+
+Note that a key consumes a key store entry, which is distinct from heap memory, until it is destroyed or the application exits. (This is not true for persistent keys, which instead consume disk space. Since persistent keys have no analog in the legacy API, we will not discuss them further in this document.)
+
+## Summary of API modules
+
+| Header | Function prefix | PSA equivalent |
+| ------ | --------------- | -------------- |
+| `aes.h` | `mbedtls_aes_` | [Symmetric encryption](#symmetric-encryption) |
+| `aria.h` | `mbedtls_aria_` | [Symmetric encryption](#symmetric-encryption) |
+| `asn1.h` | `mbedtls_asn1_` | No change ([PK support interface](#pk-format-support-interfaces)) |
+| `asn1write.h` | `mbedtls_asn1_write_` | No change ([PK support interface](#pk-format-support-interfaces)) |
+| `base64.h` | `mbedtls_base64_` | No change ([PK support interface](#pk-format-support-interfaces)) |
+| `bignum.h` | `mbedtls_mpi_` | None (no low-level arithmetic) |
+| `build_info.h` | `MBEDTLS_` | No change (not a crypto API) |
+| `camellia.h` | `mbedtls_camellia_` | [Symmetric encryption](#symmetric-encryption) |
+| `ccm.h` | `mbedtls_ccm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) |
+| `chacha20.h` | `mbedtls_chacha20_` | [Symmetric encryption](#symmetric-encryption) |
+| `chachapoly.h` | `mbedtls_chachapoly_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) |
+| `check_config.h` | N/A | No public APIs (internal support header) |
+| `cipher.h` | `mbedtls_cipher_` | [Symmetric encryption](#symmetric-encryption) |
+| `cmac.h` | `mbedtls_cipher_cmac_` | [Hashes and MAC](#hashes-and-mac), [MAC calculation](#mac-calculation) |
+| `compat-2.x.h` | various | None (transitional APIs) |
+| `config_psa.h` | N/A | No public APIs (internal support header) |
+| `constant_time.h` | `mbedtls_ct_` | [Constant-time functions](#constant-time-functions) |
+| `ctr_drbg.h` | `mbedtls_ctr_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) |
+| `debug.h` | `mbedtls_debug_` | No change (not a crypto API) |
+| `des.h` | `mbedtls_des_` | [Symmetric encryption](#symmetric-encryption) |
+| `dhm.h` | `mbedtls_dhm_` | [Asymmetric cryptography](#asymmetric-cryptography) |
+| `ecdh.h` | `mbedtls_ecdh_` | [Asymmetric cryptography](#asymmetric-cryptography) |
+| `ecdsa.h` | `mbedtls_ecdsa_` | [Asymmetric cryptography](#asymmetric-cryptography) |
+| `ecjpake.h` | `mbedtls_ecjpake_` | [EC-JPAKE](#ec-jpake) |
+| `ecp.h` | `mbedtls_ecp_` | [Asymmetric cryptography](#asymmetric-cryptography) |
+| `entropy.h` | `mbedtls_entropy_` | [Random generation interface](#random-generation-interface), [Entropy sources](#entropy-sources) |
+| `error.h` | `mbedtls_*err*` | [Error messages](#error-messages) |
+| `gcm.h` | `mbedtls_gcm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) |
+| `hkdf.h` | `mbedtls_hkdf_` | [HKDF](#hkdf) |
+| `hmac_drbg.h` | `mbedtls_hmac_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) |
+| `lms.h` | `mbedtls_lms_` | No change ([LMS signatures](#lms-signatures)) |
+| `mbedtls_config.h` | `MBEDTLS_` | [Compile-time configuration](#compile-time-configuration) |
+| `md.h` | `mbedtls_md_` | [Hashes and MAC](#hashes-and-mac) |
+| `md5.h` | `mbedtls_md5_` | [Hashes and MAC](#hashes-and-mac) |
+| `memory_buffer_alloc.h` | `mbedtls_memory_buffer_alloc_` | No change (not a crypto API) |
+| `net_sockets.h` | `mbedtls_net_` | No change (not a crypto API) |
+| `nist_kw.h` | `mbedtls_nist_kw_` | Migration path not yet defined |
+| `oid.h` | `mbedtls_oid_` | No change ([PK support interface](#pk-format-support-interfaces)) |
+| `pem.h` | `mbedtls_pem_` | No change ([PK support interface](#pk-format-support-interfaces)) |
+| `pk.h` | `mbedtls_pk_` | [Asymmetric cryptography](#asymmetric-cryptography) |
+| `pkcs5.h` | `mbedtls_pkcs5_` | [PKCS#5 module](#pkcs5-module) |
+| `pkcs7.h` | `mbedtls_pkcs7_` | No change (not a crypto API) |
+| `pkcs12.h` | `mbedtls_pkcs12_` | [PKCS#12 module](#pkcs12-module) |
+| `platform.h` | `mbedtls_platform_` | No change (not a crypto API) |
+| `platform_time.h` | `mbedtls_*time*` | No change (not a crypto API) |
+| `platform_util.h` | `mbedtls_platform_` | No change (not a crypto API) |
+| `poly1305.h` | `mbedtls_poly1305_` | None (but there is Chacha20-Poly1305 [AEAD](#symmetric-encryption)) |
+| `private_access.h` | N/A | No public APIs (internal support header) |
+| `psa_util.h` | N/A | No public APIs (internal support header) |
+| `ripemd160.h` | `mbedtls_ripemd160_` | [Hashes and MAC](#hashes-and-mac) |
+| `rsa.h` | `mbedtls_rsa_` | [Asymmetric cryptography](#asymmetric-cryptography) |
+| `sha1.h` | `mbedtls_sha1_` | [Hashes and MAC](#hashes-and-mac) |
+| `sha3.h` | `mbedtls_sha3_` | [Hashes and MAC](#hashes-and-mac) |
+| `sha256.h` | `mbedtls_sha256_` | [Hashes and MAC](#hashes-and-mac) |
+| `sha512.h` | `mbedtls_sha512_` | [Hashes and MAC](#hashes-and-mac) |
+| `ssl.h` | `mbedtls_ssl_` | No change (not a crypto API) |
+| `ssl_cache.h` | `mbedtls_ssl_cache_` | No change (not a crypto API) |
+| `ssl_ciphersuites.h` | `mbedtls_ssl_ciphersuite_` | No change (not a crypto API) |
+| `ssl_cookie.h` | `mbedtls_ssl_cookie_` | No change (not a crypto API) |
+| `ssl_ticket.h` | `mbedtls_ssl_ticket_` | No change (not a crypto API) |
+| `threading.h` | `mbedtls_threading_` | No change (not a crypto API) |
+| `timing.h` | `mbedtls_timing_` | No change (not a crypto API) |
+| `version.h` | `mbedtls_version_` | No change (not a crypto API) |
+| `x509.h` | `mbedtls_x509` | No change (not a crypto API) |
+| `x509_crl.h` | `mbedtls_x509` | No change (not a crypto API) |
+| `x509_crt.h` | `mbedtls_x509` | No change (not a crypto API) |
+| `x509_csr.h` | `mbedtls_x509` | No change (not a crypto API) |
+
+## Compile-time configuration
+
+### Cryptographic mechanism availability
+
+**This section only applies if `MBEDTLS_PSA_CRYPTO_CONFIG` is enabled.** This option is disabled in the default configuration.
+
+When the configuration option [`MBEDTLS_PSA_CRYPTO_CONFIG`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a5aca5ddcffb586acad82f9aef26db056) is enabled, the cryptographic mechanisms available through the PSA API are determined by the contents of the header file `"psa/crypto_config.h"`. You can override the file location with the macro [`MBEDTLS_PSA_CRYPTO_CONFIG_FILE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a25f7e358caa101570cb9519705c2b873), and you can set [`MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1abd1870cc0d2681183a3018a7247cb137) to the path of an additional file (similar to `MBEDTLS_CONFIG_FILE` and `MBEDTLS_USER_CONFIG_FILE` for legacy configuration symbols).
+
+The availability of cryptographic mechanisms in the PSA API is based on a systematic pattern:
+
+* To make `PSA_ALG_aaa` available, enable `PSA_WANT_ALG_aaa`.
+ For parametrized algorithms, there is a `PSA_WANT_` symbol both for the main macro and for each argument. For example, to make `PSA_ALG_HMAC(PSA_ALG_SHA_256)` available, enable both `PSA_WANT_ALG_HMAC` and `PSA_WANT_ALG_SHA_256`.
+
+* To make `PSA_KEY_TYPE_ttt` available, enable `PSA_WANT_KEY_TYPE_ttt`.
+
+ As an exception, starting in Mbed TLS 3.5.0, for key pair types, the feature selection is more fine-grained, with an additional suffix:
+ * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` enables basic support for the key type, and in particular support for operations with a key of that type for enabled algorithms. This is automatically enabled if any of the other `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy` options are enabled.
+ * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_IMPORT` enables support for `psa_import_key` to import a key of that type.
+ * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_GENERATE` enables support for `psa_generate_key` to randomly generate a key of that type.
+ * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_DERIVE` enables support for `psa_key_derivation_output_key` to deterministically derive a key of that type.
+ * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_EXPORT` enables support for `psa_export_key` to export a key of that type.
+
+ Enabling any support for a key pair type automatically enables support for the corresponding public key type, as well as support for `psa_export_public_key` on the private key.
+
+* To make `PSA_ECC_FAMILY_fff` available for size sss, enable `PSA_WANT_ECC_fff_sss`.
+
+Note that all `PSA_WANT_xxx` symbols must be set to a non-zero value. In particular, setting `PSA_WANT_xxx` to an empty value may not be handled consistently.
+
+For example, the following configuration enables hashing with SHA-256, AEAD with AES-GCM, signature with deterministic ECDSA using SHA-256 on the curve secp256r1 using a randomly generated key as well as the corresponding verification, and ECDH key exchange on secp256r1 and Curve25519.
+
+```
+#define PSA_WANT_ALG_SHA_256 1
+
+#define PSA_WANT_KEY_TYPE_AES 1
+#define PSA_WANT_ALG_GCM 1
+
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
+// ^^ In Mbed TLS <= 3.4, enable PSA_WANT_KEY_TYPE_ECC_KEY_PAIR instead
+// ^^ implicitly enables PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+#define PSA_WANT_ECC_SECP_R1_256 1 // secp256r1 (suitable for ECDSA and ECDH)
+#define PSA_WANT_ECC_MONTGOMERY_255 1 // Curve25519 (suitable for ECDH)
+#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
+#define PSA_WANT_ALG_ECDH
+```
+
+If a mechanism is not enabled by `PSA_WANT_xxx`, Mbed TLS will normally not include it. This allows builds that use few features to have a small code size. However, this is not guaranteed: a mechanism that is not explicitly requested can be enabled because it is a dependency of another configuration option, because it is used internally, or because the granularity is not fine enough to distinguish between it and another mechanism that is requested.
+
+Under the hood, `PSA_WANT_xxx` enables the necessary legacy modules. Note that if a mechanism has a PSA accelerator driver, the corresponding legacy module is typically not needed. Thus applications that use a cryptographic mechanism both through the legacy API and through the PSA API need to explicitly enable both the `PSA_WANT_xxx` symbols and the `MBEDTLS_xxx` symbols.
+
+### Optimization options
+
+When PSA Crypto mechanisms are implemented by the built-in code from Mbed TLS, the legacy optimization options (e.g. `MBEDTLS_SHA256_SMALLER`, `MBEDTLS_ECP_WINDOW_SIZE`, etc.) apply to the PSA implementation as well (they invoke the same code under the hood).
+
+The PSA Crypto API may use accelerator drivers. In this case any options controlling the driver behavior are driver-specific.
+
+### Alternative implementations (`MBEDTLS_xxx_ALT` options)
+
+In the Mbed TLS legacy interface, you can replace some cryptographic primitives and modes by an alternative implementation, by enabling configuration options of the form `MBEDTLS_xxx_ALT` and linking with your own implementation of the affected function or module. Alternative implementations remain supported in Mbed TLS 3.x even if the application code uses the PSA API. However, they will be removed from the next version of the library.
+
+The corresponding PSA feature is accelerator drivers. To implement an accelerator driver, see the [PSA cryptoprocessor driver example and guide](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/psa-driver-example-and-guide.md). In an application that uses both the legacy interface and the PSA interface for the same mechanism, only some algorithms support calling a PSA driver from the legacy interface. See the [Guide to driver-only builds](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/driver-only-builds.md) for more information.
+
+### Self-tests
+
+There is currently [no PSA equivalent to the self-tests](https://github.com/Mbed-TLS/mbedtls/issues/7781) enabled by `MBEDTLS_SELF_TEST`.
+
+## Miscellaneous support modules
+
+### Error messages
+
+At the time of writing, there is no equivalent to the error messages provided by `mbedtls_strerror`. However, you can use the companion program `programs/psa/psa_constant_names` to convert various numbers (`psa_status_t`, `psa_algorithm_t`, `psa_key_type_t`, `psa_ecc_family_t`, `psa_dh_family_t`, `psa_key_usage_t`) to a programmer-friendly representation. The conversion doesn't depend on the library configuration or the target platform, so you can use a native build of this program even if you cross-compile your application.
+
+```
+$ programs/psa/psa_constant_names error -138
+PSA_ERROR_BUFFER_TOO_SMALL
+$ programs/psa/psa_constant_names type 0x7112
+PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)
+$ programs/psa/psa_constant_names alg 0x06000609
+PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+```
+
+The other functions in `error.h` are specific to the construction of Mbed TLS error code and are not relevant to the PSA API. PSA error codes are never the combination of multiple codes.
+
+### Constant-time functions
+
+The PSA API does not have an equivalent to the timing-side-channel-resistance utility functions in `constant_time.h`. Continue using `constant_time.h` as needed.
+
+Note that the PSA API does include features that reduce the need for `mbedtls_ct_memcmp`:
+
+* To compare a MAC with a reference value, use `psa_mac_verify` rather than `psa_mac_compute` followed by `mbedtls_ct_memcmp`, or use `psa_mac_verify_setup` and `psa_mac_verify_finish` in the multi-part case. See “[MAC calculation](#mac-calculation)”.
+* The AEAD decryption functions take care of verifying the tag. See “[Authenticated cipher operations](#authenticated-cipher-operations)”.
+
+## Symmetric encryption
+
+All PSA APIs have algorithm agility, where the functions depend only on the nature of the operation and the choice of a specific algorithm comes from an argument. There is no special API for a particular block cipher (`aes.h`, `aria.h`, `camellia.h`, `des.h`), a particular block cipher mode (`ccm.h`, `gcm.h`) or a particular stream cipher (`chacha20.h`, `chachapoly.h`). To migrate code using those low-level modules, please follow the recommendations in the following sections, using the same principles as the corresponding `cipher.h` API.
+
+### Cipher mechanism selection
+
+Instead of `mbedtls_cipher_id_t` (`MBEDTLS_CIPHER_ID_xxx` constants), `mbedtls_cipher_type_t` (`MBEDTLS_CIPHER_base_size_mode` constants), `mbedtls_cipher_mode_t` (`MBEDTLS_CIPHER_MODE_xxx` constants) and `mbedtls_cipher_padding_t` (`MBEDTLS_CIPHER_PADDING_xxx` constants), use the [`PSA_KEY_TYPE_xxx` and `PSA_ALG_xxx` constants](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/).
+
+For modes that are based on a block cipher, the key type encodes the choice of block cipher:
+[`PSA_KEY_TYPE_AES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga6ee54579dcf278c677eda4bb1a29575e),
+[`PSA_KEY_TYPE_ARIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#c.PSA_KEY_TYPE_ARIA),
+[`PSA_KEY_TYPE_CAMELLIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad8e5da742343fd5519f9d8a630c2ed81),
+[`PSA_KEY_TYPE_DES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga577562bfbbc691c820d55ec308333138).
+The algorithm encodes the mode and if relevant the padding type:
+
+* Unauthenticated cipher modes:
+ [`PSA_ALG_CTR`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad318309706a769cffdc64e4c7e06b2e9),
+ [`PSA_ALG_CFB`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0088c933e01d671f263a9a1f177cb5bc),
+ [`PSA_ALG_OFB`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gae96bb421fa634c6fa8f571f0112f1ddb),
+ [`PSA_ALG_XTS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa722c0e426a797fd6d99623f59748125),
+ [`PSA_ALG_ECB_NO_PADDING`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab8f0609cd0f12cccc9c950fd5a81a0e3),
+ [`PSA_ALG_CBC_NO_PADDING`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gacb332d72716958880ee7f97d8365ae66),
+ [`PSA_ALG_CBC_PKCS7`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaef50d2e9716eb6d476046608e4e0c78c),
+ [`PSA_ALG_CCM_STAR_NO_TAG`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga89627bb27ec3ce642853ab8554a88572).
+* Other padding modes, which are obsolete, are not available in the PSA API. If you need them, handle the padding in your application code and use the `NO_PADDING` algorithm.
+* AEAD modes:
+ [`PSA_ALG_CCM`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2c0e7d21f1b2df5e76bcb4a8f84273c),
+ [`PSA_ALG_GCM`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0d7d02b15aaae490d38277d99f1c637c).
+* KW/KWP modes are not available in the PSA API at the time of writing.
+
+For the ChaCha20 unauthenticated cipher, use [`PSA_KEY_TYPE_CHACHA20`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga901548883b3bce56cc21c3a22cf8d93c) with [`PSA_ALG_STREAM_CIPHER`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad98c105198f7428f7d1dffcb2cd398cd).
+For the Chacha20+Poly1305 AEAD, use [`PSA_KEY_TYPE_CHACHA20`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga901548883b3bce56cc21c3a22cf8d93c) with [`PSA_ALG_CHACHA20_POLY1305`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1fec55093541640a71bdd022d4adfb9c)
+
+### Cipher mechanism availability
+
+For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a non-zero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a non-zero value if the library is built with support for that algorithm. Note that for a mechanism to be supported, both the key type and the algorithm must be supported.
+
+For example, to test if AES-CBC-PKCS7 is supported, in the legacy API, you could write:
+```
+#if defined(MBEDTLS_AES_C) && \
+ defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+```
+The equivalent in the PSA API is
+```
+#if PSA_WANT_KEY_TYPE_AES && PSA_WANT_ALG_CBC_PKCS7
+```
+
+### Cipher metadata
+
+Both APIs express key sizes in bits. Note however that in the PSA API, the size of a _buffer_ is always expressed in bytes, even if that buffer contains a key.
+
+The following table lists corresponding PSA macros for maximum-size macros that take all supported algorithms into account.
+
+| Legacy macro | PSA macro |
+| ------------ | --------- |
+| `MBEDTLS_MAX_IV_LENGTH` | [`PSA_CIPHER_IV_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_MAX_SIZE), [`PSA_AEAD_NONCE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1ac2a332765ba4ccfc24935d6f7f48fcc7) |
+| `MBEDTLS_MAX_BLOCK_LENGTH` | [`PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) |
+| `MBEDTLS_MAX_KEY_LENGTH` | no equivalent|
+
+There is no equivalent to the type `mbedtls_cipher_info_t` and the functions `mbedtls_cipher_info_from_type` and `mbedtls_cipher_info_from_values` in the PSA API because it is unnecessary. All macros and functions operate directly on key type values (`psa_key_type_t`, `PSA_KEY_TYPE_xxx` constants) and algorithm values (`psa_algorithm_t`, `PSA_ALG_xxx` constants).
+
+| Legacy function | PSA macro |
+| --------------- | --------- |
+| `mbedtls_cipher_info_get_iv_size` | [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH), [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH) |
+| `mbedtls_cipher_info_get_block_size` | not available (use specific macros for the IV, nonce or tag length) |
+
+The following features have no PSA equivalent:
+
+* `mbedtls_cipher_list`: the PSA API does not currently have a discovery mechanism for cryptographic mechanisms, but one may be added in the future.
+* `mbedtls_cipher_info_has_variable_key_bitlen`, `mbedtls_cipher_info_has_variable_iv_size`: the PSA API does not currently have such mechanism for high-level metadata information.
+* `mbedtls_cipher_info_from_string`: there is no equivalent of Mbed TLS's lookup based on a (nonstandard) name.
+
+### Cipher key management
+
+The legacy API and the PSA API have a different organization of operations in several respects:
+
+* In the legacy API, each operation object contains the necessary key material. In the PSA API, an operation object contains a reference to a key object. To perform a cryptographic operation, you must create a key object first. However, for a one-shot operation, you do not need an operation object, just a single function call.
+* The legacy API uses the same interface for authenticated and non-authenticated ciphers, while the PSA API has separate functions.
+* The legacy API uses the same functions for encryption and decryption, while the PSA API has separate functions where applicable.
+
+Here is an overview of the lifecycle of a key object.
+
+1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters:
+ * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”).
+ * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material.
+ * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `PSA_ALG_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”). By design, the same key cannot be used with multiple algorithms.
+ * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_ENCRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_ENCRYPT) or [`PSA_KEY_USAGE_DECRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_DECRYPT), depending on which direction you want to use the key in. To allow both directions, use the flag mask `PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT`. The same policy flags cover authenticated and non-authenticated encryption/decryption.
+2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object.
+ * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material.
+ * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5).
+ * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1).
+3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations.
+4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished.
+
+### Unauthenticated cipher operations
+
+Recall the workflow of an unauthenticated cipher operation in the legacy Mbed TLS cipher API:
+
+1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`.
+2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_cipher_setkey` (or `mbedtls_cipher_setup_psa`), `mbedtls_cipher_set_padding_mode` if applicable.
+3. Set the IV with `mbedtls_cipher_set_iv` (except for ECB which does not use an IV).
+4. For a one-shot operation, call `mbedtls_cipher_crypt`. To pass the input in multiple parts, call `mbedtls_cipher_update` as many times as necessary followed by `mbedtls_cipher_finish`.
+5. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`.
+
+For a one-shot operation (where the whole plaintext or ciphertext is passed as a single input), the equivalent workflow with the PSA API is to call a single function:
+
+* [`psa_cipher_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga61f02fbfa681c2659546eca52277dbf1) to perform encryption with a random IV of the default size (indicated by [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH)). (To encrypt with a specified IV, use the multi-part API described below.) You can use the macro [`PSA_CIPHER_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+* [`psa_cipher_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gab3593f5f14d8c0431dd306d80929215e) to perform decryption with a specified IV. You can use the macro [`PSA_CIPHER_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+
+For a multi-part operation, the equivalent workflow with the PSA API is as follows:
+
+1. Create an operation object of type [`psa_cipher_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1399de29db657e3737bb09927aae51fa) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Select the key and algorithm with [`psa_cipher_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga587374c0eb8137a572f8e2fc409bb2b4) or [`psa_cipher_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaa4ba3a167066eaef2ea49abc5dcd1d4b) depending on the desired direction.
+3. When encrypting with a random IV, use [`psa_cipher_generate_iv`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga29fd7d32a5729226a2f73e7b6487bd8a). When encrypting with a chosen IV, or when decrypting, set the IV with [`psa_cipher_set_iv`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga9caddac1a429a5032d6d4a907fb70ba1). Skip this step with ECB since it does not use an IV.
+4. Call [`psa_cipher_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gac3ca27ac6682917c48247d01fd96cd0f) as many times as needed. You can use [`PSA_CIPHER_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE) or [`PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1ab1f6598efd6a7dc56e7ad7e34719eb32) to determine a sufficient size for the output buffer.
+5. Call [`psa_cipher_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1dcb58b8befe23f8a4d7a1d49c99249b) to obtain the last part of the output. You can use [`PSA_CIPHER_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_SIZE) or [`PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+
+If you need to interrupt the operation after calling the setup function without calling the finish function, call [`psa_cipher_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaad482cdca2098bca0620596aaa02eaa4).
+
+### Authenticated cipher operations
+
+Recall the workflow of an authenticated cipher operation in the legacy Mbed TLS cipher API (or similar workflows in the `chachapoly`, `ccm` and `gcm` modules):
+
+1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`.
+2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_cipher_setkey` (or `mbedtls_cipher_setup_psa`), `mbedtls_cipher_set_padding_mode` if applicable.
+3. Set the nonce with `mbedtls_cipher_set_iv` (or the `starts` function for low-level modules). For CCM, which requires direct use of the `ccm` module, also call `mbedtls_ccm_set_lengths` to set the length of the additional data and of the plaintext.
+4. Call `mbedtls_cipher_update_ad` to pass the unencrypted additional data.
+5. Call `mbedtls_cipher_update` as many times as necessary to pass the input plaintext or ciphertext.
+6. Call `mbedtls_cipher_finish` to obtain the last part of the output. Then call `mbedtls_cipher_write_tag` (when encrypting) or `mbedtls_cipher_check_tag` (when decrypting) to process the authentication tag.
+7. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`.
+
+Steps 3–6 can be replaced by a single call to `mbedtls_cipher_auth_encrypt_ext` or `mbedtls_cipher_auth_decrypt_ext` for a one-shot operation (where the whole plaintext or ciphertext is passed as a single input).
+
+For a one-shot operation, the PSA API allows you to call a single function:
+
+* [`psa_aead_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae72e1eb3c2da3ebd843bb9c8db8df509) to perform authenticated encryption with a random nonce of the default size (indicated by [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH)), with the authentication tag written at the end of the output. (To encrypt with a specified nonce, or to separate the tag from the rest of the ciphertext, use the multi-part API described below.) You can use the macro [`PSA_AEAD_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE) or [`PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+* [`psa_aead_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae799f6196a22d50c216c947e0320d3ba) to perform authenticated decryption of a ciphertext with the authentication tag at the end. (If the tag is separate, use the multi-part API described below.) You can use the macro [`PSA_AEAD_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+
+For a multi-part operation, the equivalent workflow with the PSA API is as follows:
+
+1. Create an operation object of type [`psa_aead_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga14f6a01afbaa8c5b3d8c5d345cbaa3ed) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Select the key and algorithm with [`psa_aead_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga2732c40ce8f3619d41359a329e9b46c4) or [`psa_aead_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaaa5c5018e67a7a6514b7e76b9a14de26) depending on the desired direction.
+3. When encrypting with a random nonce, use [`psa_aead_generate_nonce`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga5799df1c555efd35970b65be51cb07d1). When encrypting with a chosen nonce, or when decrypting, set the nonce with [`psa_aead_set_nonce`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga59132751a6f843d038924cb217b5e13b). If the algorithm is CCM, you must also call [`psa_aead_set_lengths`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gad3431e28d05002c2a7b0760610176050) before or after setting the nonce (for other algorithms, this is permitted but not needed).
+4. Call [`psa_aead_update_ad`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga6d0eed03f832e5c9c91cb8adf2882569) as many times as needed.
+5. Call [`psa_aead_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaf6d49864951ca42136b4a9b71ea26e5c) as many times as needed. You can use [`PSA_AEAD_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_SIZE) or [`PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+6. Finally:
+ * When encrypting, call [`psa_aead_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga759791bbe1763b377c3b5447641f1fc8) to obtain the last part of the ciphertext and the authentication tag. You can use [`PSA_AEAD_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_SIZE) or [`PSA_AEAD_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+ * When decrypting, call [`psa_aead_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae0280e2e61a185b893c36d858453f0d0) to obtain the last part of the plaintext and check the authentication tag. You can use [`PSA_AEAD_VERIFY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_SIZE) or [`PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+
+If you need to interrupt the operation after calling the setup function without calling the finish or verify function, call [`psa_aead_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae8a5f93d92318c8f592ee9fbb9d36ba0).
+
+### Miscellaneous cipher operation management
+
+The equivalent of `mbedtls_cipher_reset` is to call [`psa_cipher_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaad482cdca2098bca0620596aaa02eaa4) or [`psa_aead_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae8a5f93d92318c8f592ee9fbb9d36ba0). Note that you must set the key again with a setup function: the PSA API does not have a special way to reuse an operation object with the same key.
+
+There is no equivalent for the `mbedtls_cipher_get_xxx` functions to extract information from an ongoing PSA cipher or AEAD operation. Applications that need this information will need to save it from the key and operation parameters.
+
+## Hashes and MAC
+
+The PSA API groups functions by purpose rather than by underlying primitive: there is a MAC API (equivalent to `md.h` for HMAC, and `cmac.h` for CMAC) and a hash API (equivalent to `md.h` for hashing). There is no special API for a particular hash algorithm (`md5.h`, `sha1.h`, `sha256.h`, `sha512.h`, `sha3.h`). To migrate code using those low-level modules, please follow the recommendations in the following section, using the same principles as the corresponding `md.h` API.
+
+The PSA API does not have a direct interface for the AES-CMAC-PRF-128 algorithm from RFC 4615 calculated by `mbedtls_aes_cmac_prf_128` at the time of writing. You can implement it using the MAC interface with an AES key and the CMAC algorithm.
+
+### Hash mechanism selection
+
+The equivalent to `mbedtls_md_type_t` and `MBEDTLS_MD_XXX` constants is the type `psa_algorithm_t` and `PSA_ALG_xxx` constants (the type encompasses all categories of cryptographic algorithms, not just hashes). PSA offers a similar selection of algorithms, but note that SHA-1 and SHA-2 are spelled slightly differently.
+
+| Mbed TLS constant | PSA constant |
+| ---------------------- | ------------------- |
+| `MBEDTLS_MD_MD5` | `PSA_ALG_MD5` |
+| `MBEDTLS_MD_SHA1` | `PSA_ALG_SHA_1` |
+| `MBEDTLS_MD_SHA224` | `PSA_ALG_SHA_224` |
+| `MBEDTLS_MD_SHA256` | `PSA_ALG_SHA_256` |
+| `MBEDTLS_MD_SHA384` | `PSA_ALG_SHA_384` |
+| `MBEDTLS_MD_SHA512` | `PSA_ALG_SHA_512` |
+| `MBEDTLS_MD_RIPEMD160` | `PSA_ALG_RIPEMD160` |
+| `MBEDTLS_MD_SHA3_224` | `PSA_ALG_SHA3_224` |
+| `MBEDTLS_MD_SHA3_256` | `PSA_ALG_SHA3_256` |
+| `MBEDTLS_MD_SHA3_384` | `PSA_ALG_SHA3_384` |
+| `MBEDTLS_MD_SHA3_512` | `PSA_ALG_SHA3_512` |
+
+### MAC mechanism selection
+
+PSA Crypto has a generic API with the same functions for all MAC mechanisms. The mechanism is determined by a combination of an algorithm value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69) and a key type value of type [`psa_key_type_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga63fce6880ca5933b5d6baa257febf1f6).
+
+* For HMAC, the algorithm is [`PSA_ALG_HMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga70f397425684b3efcde1e0e34c28261f)`(hash)` where `hash` is the underlying hash algorithm (see “[Hash mechanism selection](#hash-mechanism-selection)”),
+ for example `PSA_ALG_HMAC(PSA_ALG_SHA_256)` for HMAC-SHA-256.
+ The key type is [`PSA_KEY_TYPE_HMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_KEY_TYPE_HMAC) regardless of the hash algorithm.
+* For CMAC, the algorithm is [`PSA_ALG_CMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_CMAC) regardless of the underlying block cipher. The key type determines the block cipher:
+ [`PSA_KEY_TYPE_AES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga6ee54579dcf278c677eda4bb1a29575e),
+ [`PSA_KEY_TYPE_ARIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#c.PSA_KEY_TYPE_ARIA),
+ [`PSA_KEY_TYPE_CAMELLIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad8e5da742343fd5519f9d8a630c2ed81) or
+ [`PSA_KEY_TYPE_DES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga577562bfbbc691c820d55ec308333138).
+
+### Hash and MAC mechanism availability
+
+For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a non-zero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a non-zero value if the library is built with support for that algorithm. For a compound mechanism, all parts must be supported. In particular, for HMAC, all three of `PSA_WANT_KEY_TYPE_HMAC`, `PSA_WANT_ALG_HMAC` and the underlying hash must be enabled. (A configuration with only one of `PSA_WANT_KEY_TYPE_HMAC` and `PSA_WANT_ALG_HMAC` is technically possible but not useful.)
+
+For example, to test if HMAC-SHA-256 is supported, in the legacy API, you could write:
+```
+#if defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)
+```
+The equivalent in the PSA API is
+```
+#if PSA_WANT_KEY_TYPE_HMAC && PSA_WANT_ALG_HMAC && PSA_WANT_ALG_SHA_256
+```
+
+To test if AES-CMAC is supported, in the legacy API, you could write:
+```
+if defined(MBEDTLS_AES_C) && defined(MBEDTLS_CMAC_C)
+```
+The equivalent in the PSA API is
+```
+#if PSA_WANT_KEY_TYPE_AES && PSA_WANT_ALG_CMAC
+```
+
+### Hash algorithm metadata
+
+There is no equivalent to the type `mbedtls_md_info_t` and the functions `mbedtls_md_info_from_type` and `mbedtls_md_get_type` in the PSA API because it is unnecessary. All macros and functions operate directly on algorithm (`psa_algorithm_t`, `PSA_ALG_xxx` constants).
+
+| Legacy macro | PSA macro |
+| ------------ | --------- |
+| `MBEDTLS_MD_MAX_SIZE` | [`PSA_HASH_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_MAX_SIZE) |
+| `MBEDTLS_MD_MAX_BLOCK_SIZE` | [`PSA_HMAC_MAX_HASH_BLOCK_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HMAC_MAX_HASH_BLOCK_SIZE) |
+| `mbedtls_md_get_size` | [`PSA_HASH_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_LENGTH) |
+| `mbedtls_md_get_size_from_type` | [`PSA_HASH_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_LENGTH) |
+
+The following features have no PSA equivalent:
+
+* `mbedtls_md_list`: the PSA API does not currently have a discovery mechanism for cryptographic mechanisms, but one may be added in the future.
+* `mbedtls_md_info_from_ctx`
+* `mbedtls_cipher_info_from_string`, `mbedtls_md_get_name`: there is no equivalent of Mbed TLS's lookup based on a (nonstandard) name.
+
+### Hash calculation
+
+The equivalent of `mbedtls_md` for a one-shot hash calculation is [`psa_hash_compute`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gac69f7f19d96a56c28cf3799d11b12156). In addition, to compare the hash of a message with an expected value, you can call [`psa_hash_compare`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga0c08f4797bec96b886c8c8d7acc2a553) instead of `mbedtls_md` followed by `memcmp` or a constant-time equivalent.
+
+For a multi-part hash calculation, the legacy process is as follows:
+
+1. Create a digest context of type `mbedtls_md_context_t` and initialize it with `mbedtls_md_init`.
+2. Call `mbedtls_md_setup` to select the hash algorithm, with `hmac=0`. Then call `mbedtls_md_starts` to start the hash operation.
+3. Call `mbedtls_md_update` as many times as necessary.
+4. Call `mbedtls_md_finish`. If verifying the hash against an expected value, compare the result with the expected value.
+5. Finally free the resources associated with the operation object by calling `mbedtls_md_free`.
+
+The equivalent process in the PSA API is as follows:
+
+1. Create an operation object of type [`psa_hash_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga3c4205d2ce66c4095fc5c78c25273fab) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Call [`psa_hash_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga8d72896cf70fc4d514c5c6b978912515) to specify the algorithm.
+3. Call [`psa_hash_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga65b16ef97d7f650899b7db4b7d1112ff) as many times as necessary.
+4. To obtain the hash, call [`psa_hash_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga4795fd06a0067b0adcd92e9627b8c97e). Alternatively, to verify the hash against an expected value, call [`psa_hash_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga7be923c5700c9c70ef77ee9b76d1a5c0).
+
+If you need to interrupt the operation after calling the setup function without calling the finish or verify function, call [`psa_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gab0b4d5f9912a615559497a467b532928).
+
+There is no equivalent to `mbedtls_md_file` in the PSA API. Load the file data and calculate its hash.
+
+### MAC key management
+
+The legacy API and the PSA API have a different organization of operations in several respects:
+
+* In the legacy API, each operation object contains the necessary key material. In the PSA API, an operation object contains a reference to a key object. To perform a cryptographic operation, you must create a key object first. However, for a one-shot operation, you do not need an operation object, just a single function call.
+* The legacy API uses the same interface for authenticated and non-authenticated ciphers, while the PSA API has separate functions.
+* The legacy API uses the same functions for encryption and decryption, while the PSA API has separate functions where applicable.
+
+Here is an overview of the lifecycle of a key object.
+
+1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters:
+ * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”).
+ * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material.
+ * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `PSA_ALG_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”). By design, the same key cannot be used with multiple algorithms.
+ * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_SIGN_MESSAGE) to calculate a MAC or [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_VERIFY_MESSAGE) to verify the MAC of a message. To allow both directions, use the flag mask `PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE`.
+2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object.
+ * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material.
+ * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5).
+ * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1).
+3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations.
+4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished.
+
+### MAC calculation
+
+The process for a HMAC operation in the legacy API is as follows:
+
+1. Create a digest context of type `mbedtls_md_context_t` and initialize it with `mbedtls_md_init`.
+2. Call `mbedtls_md_setup` to select the hash algorithm, with `hmac=1`. Then call `mbedtls_md_hmac_starts` to set the key.
+3. Call `mbedtls_md_hmac_update` as many times as necessary.
+4. Call `mbedtls_md_hmac_finish`. If verifying the MAC against an expected value, compare the result with the expected value. Note that this comparison should be in constant time to avoid a side channel vulnerability, for example using `mbedtls_ct_memcmp`.
+5. Finally free the resources associated with the operation object by calling `mbedtls_md_free`.
+
+The process for a CMAC operation in the legacy API is as follows:
+
+1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`.
+2. Call `mbedtls_cipher_setup` to select the block cipher. Then call `mbedtls_md_cmac_starts` to set the key.
+3. Call `mbedtls_cipher_cmac_update` as many times as necessary.
+4. Call `mbedtls_cipher_cmac_finish`. If verifying the MAC against an expected value, compare the result with the expected value. Note that this comparison should be in constant time to avoid a side channel vulnerability, for example using `mbedtls_ct_memcmp`.
+5. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`.
+
+The process in the PSA API to calculate a MAC is as follows:
+
+1. Create an operation object of type [`psa_mac_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga78f0838b0c4e3db28b26355624d4bd37) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Call [`psa_mac_sign_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga03bc3e3c0b7e55b20d2a238e418d46cd) to specify the algorithm and the key. See “[MAC key management](#mac-key-management)” for how to obtain a key identifier.
+3. Call [`psa_mac_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga5560af371497babefe03c9da4e8a1c05) as many times as necessary.
+4. To obtain the MAC, call [`psa_mac_sign_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gac22bc0125580c96724a09226cfbc97f2).
+
+To verify a MAC against an expected value, use the following process instead:
+
+1. Create an operation object of type [`psa_mac_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga78f0838b0c4e3db28b26355624d4bd37) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Call [`psa_mac_verify_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga08ae327fcbc5f8e201172fe11e536984) to specify the algorithm and the key. See “[MAC key management](#mac-key-management)” for how to obtain a key identifier.
+3. Call [`psa_mac_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga5560af371497babefe03c9da4e8a1c05) as many times as necessary.
+4. To verify the MAC against an expected value, call [`psa_mac_verify_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gac92b2930d6728e1be4d011c05d485822).
+
+If you need to interrupt the operation after calling the setup function without calling the finish function, call [`psa_mac_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gacd8dd54855ba1bc0a03f104f252884fd).
+
+The PSA API also offers functions for a one-shot MAC calculation, similar to `mbedtls_cipher_cmac` and `mbedtls_md_hmac`:
+
+* [`psa_mac_compute`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gabf02ebd3595ea15436967092b5d52878) to calculate the MAC of a buffer in memory.
+* [`psa_mac_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gaf6988545df5d5e2466c34d753443b15a) to verify the MAC of a buffer in memory against an expected value.
+
+In both cases, see “[MAC key management](#mac-key-management)” for how to obtain a key identifier.
+
+### Miscellaneous hash or MAC operation management
+
+The equivalent of `mbedtls_md_reset`, `mbedtls_md_hmac_reset` or `mbedtls_cmac_reset` is to call [`psa_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gab0b4d5f9912a615559497a467b532928) or [`psa_mac_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gacd8dd54855ba1bc0a03f104f252884fd). Note that you must call a setup function to specify the algorithm and the key (for MAC) again, and they can be different ones.
+
+The equivalent of `mbedtls_md_clone` to clone a hash operation is [`psa_hash_clone`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga39673348f3302b4646bd780034a5aeda). A PSA MAC operation cannot be cloned.
+
+## Key derivation
+
+### HKDF
+
+PSA Crypto provides access to HKDF, HKDF-Extract and HKDF-Expand via its [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/). This is a generic interface using an operation object with one function call for each input and one function call for each output.
+
+1. Create an operation object of type [`psa_key_derivation_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga5f099b63799a0959c3d46718c86c2609) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Call [`psa_key_derivation_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac0b6a76e45cceb1862752bf041701859) to select the algorithm, which is a value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69). For HKDF and variants, use one of the macros [`PSA_ALG_HKDF`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF), [`PSA_ALG_HKDF_EXTRACT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF_EXTRACT) or [`PSA_ALG_HKDF_EXPAND`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF_EXPAND) with the [hash algorithm](#hash-mechanism-selection) passed as an argument. For example `PSA_ALG_HKDF(PSA_ALG_SHA_256)` selects HKDF-SHA-256.
+3. Call [`psa_key_derivation_input_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga8fd934dfb0ca45cbf89542ef2a5494c2) on each of the inputs in the order listed below. (Use [`psa_key_derivation_input_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gab2d7ce8705dd8e4a093f4b8a21a0c15a) instead for an input that is a PSA key object.) The input step value for each step is as follows:
+ 1. [`PSA_KEY_DERIVATION_INPUT_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gab62757fb125243562c3947a752470d4a) for the salt used during the extraction step. Omit this step for HKDF-Expand. For HKDF, you may omit this step if the salt is empty.
+ 2. [`PSA_KEY_DERIVATION_INPUT_SECRET`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1ga0ddfbe764baba995c402b1b0ef59392e) for the secret input.
+ 3. [`PSA_KEY_DERIVATION_INPUT_INFO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gacef8df989e09c769233f4b779acb5b7d) for the info string used during the expansion step. Omit this step for HKDF-Extract.
+4. Call [`psa_key_derivation_output_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga06b7eb34a2fa88965f68e3d023fa12b9) to obtain the output of the derivation. You may call this function more than once to retrieve the output in successive chunks. Use [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1) instead if you want to use a chunk as a PSA key.
+5. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object.
+
+### PKCS#5 module
+
+Applications currently using `mbedtls_pkcs5_pbkdf2_hmac` or `mbedtls_pkcs5_pbkdf2_hmac_ext` can switch to the PSA key derivation API for PBKDF2. This is a generic interface using an operation object with one function call for each input and one function call for each output.
+
+1. Create an operation object of type [`psa_key_derivation_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga5f099b63799a0959c3d46718c86c2609) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Call [`psa_key_derivation_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac0b6a76e45cceb1862752bf041701859) to select the algorithm, which is a value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69). For PBKDF2-HMAC, select `PSA_ALG_PBKDF2_HMAC(hash)` where `hash` is the underlying hash algorithm (see “[Hash mechanism selection](#hash-mechanism-selection)”).
+3. Call `psa_key_derivation_input_cost` with the step `PSA_KEY_DERIVATION_INPUT_COST` to select the iteration count.
+4. Call [`psa_key_derivation_input_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga8fd934dfb0ca45cbf89542ef2a5494c2) on each of the inputs in the order listed below. (Use [`psa_key_derivation_input_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gab2d7ce8705dd8e4a093f4b8a21a0c15a) instead for an input that is a PSA key object.) The input step value for each step is as follows:
+ 1. [`PSA_KEY_DERIVATION_INPUT_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gab62757fb125243562c3947a752470d4a) for the salt used during the extraction step. You may repeat this step to pass the salt in pieces (for example a salt and a pepper).
+ 2. [`PSA_KEY_DERIVATION_INPUT_SECRET`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1ga0ddfbe764baba995c402b1b0ef59392e) for the password.
+5. Call [`psa_key_derivation_output_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga06b7eb34a2fa88965f68e3d023fa12b9) to obtain the output of the derivation. You may call this function more than once to retrieve the output in successive chunks.
+ Use [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1) instead if you want to use a chunk as a PSA key.
+ If you want to verify the output against an expected value (for authentication, rather than to derive key material), call [`psa_key_derivation_verify_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gaf01520beb7ba932143ffe733b0795b08) or [`psa_key_derivation_verify_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac041714e34a94742e8ee006ac7dfea5a) instead of `psa_key_derivation_output_bytes`. (Note that the `verify` functions are not yet present in the 3.5 release of Mbed TLS. They are expected to be released in version 3.6.0.)
+6. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object.
+
+The function `mbedtls_pkcs5_pbes2` is only intended as a support function to parse encrypted private keys in the PK module. It has no PSA equivalent.
+
+### PKCS#12 module
+
+The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbe` are only intended as support functions to parse encrypted private keys in the PK module. They have no PSA equivalent.
+
+## Random generation
+
+### Random generation interface
+
+The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually, so most applications using PSA crypto do not need the interfaces from `entropy.h`, `ctr_drbg.h` and `hmac_drbg.h`. See the next sections for remaining use cases for [entropy](#entropy-sources) and [DRBG](#deterministic-pseudorandom-generation).
+
+The PSA API uses its internal random generator to generate keys (`psa_generate_key`), nonces for encryption (`psa_cipher_generate_iv`, `psa_cipher_encrypt`, `psa_aead_generate_nonce`, `psa_aead_encrypt`, `psa_asymmetric_encrypt`), and other random material as needed. If you need random data for some other purposes, call [`psa_generate_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5).
+
+If your application mixes uses of the PSA crypto API and the mbedtls API and you need to pass an RNG argument to a legacy or X.509/TLS function, include the header file `<mbedtls/psa_util.h>` and use:
+
+* [`mbedtls_psa_get_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#_CPPv422mbedtls_psa_get_randomPvPh6size_t) as the `f_rng` argument;
+* [`MBEDTLS_PSA_RANDOM_STATE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#c.MBEDTLS_PSA_RANDOM_STATE) as the `p_rng` argument.
+
+You can remove the Mbed TLS RNG boilerplate (`mbedtls_entropy_init`, `mbedtls_ctr_drbg_init`, `mbedtls_ctr_drbg_seed`, `mbedtls_ctr_drbg_random`, `mbedtls_ctr_drbg_free`, `mbedtls_entropy_free` — or `hmac_drbg` equivalents of the `ctr_drbg` functions) once you have finished replacing the references to `mbedtls_ctr_drbg_random` (or `mbedtls_hmac_drbg_random`) by `mbedtls_psa_get_random`.
+
+### Entropy sources
+
+Unless explicitly configured otherwise, the PSA random generator uses the default entropy sources configured through the legacy interface (`MBEDTLS_ENTROPY_xxx` symbols). Its set of sources is equivalent to an entropy object configured with `mbedtls_entropy_init`.
+
+A future version of Mbed TLS will include a PSA interface for configuring entropy sources. This is likely to replace the legacy interface in Mbed TLS 4.0.
+
+### Deterministic pseudorandom generation
+
+The PSA API does not have a dedicated interface for pseudorandom generation. The [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) can serve a similar purpose in some applications, but it does not offer CTR\_DRBG or HMAC\_DRBG. If you need these algorithms, keep using `ctr_drbg.h` and `hmac_drbg.h`, but note that they may be removed from the public API in Mbed TLS 4.0.
+
+## Asymmetric cryptography
+
+The PSA API supports RSA (see “[RSA mechanism selection](#rsa-mechanism-selection)”), elliptic curve cryptography (see “[ECC mechanism selection](#elliptic-curve-mechanism-selection)” and “[EC-JPAKE](#ec-jpake)”) and finite-field Diffie-Hellman (see “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”).
+
+### Key lifecycle for asymmetric cryptography
+
+In the PSA API, keys are referenced by an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t).
+(Some documentation references [`mbedtls_svc_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv420mbedtls_svc_key_id_t); the two types are identical except when the library is configured for use in a multi-client cryptography service.)
+The PSA key identifier tends to play the same role as an `mbedtls_pk_context`, `mbedtls_rsa_context` or `mbedtls_ecp_keypair` structure in the legacy API. However, there are major differences in the way the two APIs can be used to create keys or to obtain information about a key.
+
+Here is an overview of the lifecycle of a PSA key object.
+
+1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters:
+ * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”).
+ * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's conceptual size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material.
+ * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the permitted algorithm to the desired `PSA_ALG_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” as well as “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+ * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable the desired usage types (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object.
+ * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material.
+ * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5).
+ * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1).
+3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations.
+4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished.
+
+### Public-key cryptography policies
+
+A key's policy indicates what algorithm(s) it can be used with (usage algorithm policy) and what operations are permitted (usage flags).
+
+The following table lists the relevant usage flags for asymmetric cryptography. You can pass those flags (combined with bitwise-or) to [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de).
+
+| Usage | Flag |
+| ----- | ---- |
+| export public key | 0 (always permitted) |
+| export private key | [`PSA_KEY_USAGE_EXPORT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga7dddccdd1303176e87a4d20c87b589ed) |
+| Sign a message directly | [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) |
+| Sign an already-calculated hash | at least one of [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) or [`PSA_KEY_USAGE_SIGN_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) |
+| Verify a message directly | [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gabea7ec4173f4f943110329ac2953b2b1) |
+| Verify an already-calculated hash | at least one of [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gabea7ec4173f4f943110329ac2953b2b1) or [`PSA_KEY_USAGE_VERIFY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gafadf131ef2182045e3483d03aadaa1bd) |
+| Encryption | [`PSA_KEY_USAGE_ENCRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga75153b296d045d529d97203a6a995dad) |
+| Decryption | [`PSA_KEY_USAGE_DECRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gac3f2d2e5983db1edde9f142ca9bf8e6a) |
+| Key agreement | [`PSA_KEY_USAGE_DERIVE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gaf19022acc5ef23cf12477f632b48a0b2) |
+
+The sections “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” cover the available algorithm values for each key type. Normally, a key can only be used with a single algorithm, following standard good practice. However, there are two ways to relax this requirement.
+
+* Many signature algorithms encode a hash algorithm. Sometimes the same key may need to be used to sign messages with multiple different hashes. In an algorithm policy, you can use [`PSA_ALG_ANY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_ANY_HASH) instead of a hash algorithm value to allow the key to be used with any hash. For example, `psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH))` allows the key to be used with RSASSA-PSS, with different hash algorithms in each operation.
+* In addition to the algorithm (or wildcard) selected with [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98), you can use [`psa_set_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaffa134b74aa52aa3ed9397fcab4005aa) to permit a second algorithm (or wildcard). This is intended for scenarios where a key is normally used with a single algorithm, but needs to be used with a different algorithm for enrollment (such as an ECDH key for which an ECDSA proof-of-possession is also required).
+
+### Asymmetric cryptographic mechanisms
+
+#### RSA mechanism selection
+
+The PK types `MBEDTLS_PK_RSA`, `MBEDTLS_PK_RSASSA_PSS` and `MBEDTLS_PK_RSA_ALT` correspond to RSA key types in the PSA API. In the PSA API, key pairs and public keys are separate object types.
+See “[RSA-ALT interface](#rsa-alt-interface)” for more information about `MBEDTLS_PK_RSA_ALT`.
+
+The PSA API uses policies and algorithm parameters rather than key types to distinguish between RSA-based mechanisms. The PSA algorithm selection corresponds to the `mbedtls_pk_type_t` value passed to `mbedtls_pk_{sign,verify}_ext`. It also replaces the use of `mbedtls_rsa_set_padding` on an `mbedtls_rsa_context` object. See the list of algorithms below and the signature and encryption sections for more information.
+
+An RSA public key has the type [`PSA_KEY_TYPE_RSA_PUBLIC_KEY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9ba0878f56c8bcd1995ac017a74f513b).
+
+An RSA key pair has the type [`PSA_KEY_TYPE_RSA_KEY_PAIR`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11745b110166e927e2abeabc7d532051). A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key).
+You can always use a private key for operations on the corresponding public key (as long as the policy permits it).
+
+The following cryptographic algorithms work with RSA keys:
+
+* PKCS#1v1.5 RSA signature: [`PSA_ALG_RSA_PKCS1V15_SIGN`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga702ff75385a6ae7d4247033f479439af), [`PSA_ALG_RSA_PKCS1V15_SIGN_RAW`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4215e2a78dcf834e9a625927faa2a817).
+* PKCS#1v1.5 RSA encryption: [`PSA_ALG_RSA_PKCS1V15_CRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4c540d3abe43fb9abcb94f2bc51acef9).
+* PKCS#1 RSASSA-PSS signature: [`PSA_ALG_RSA_PSS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga62152bf4cb4bf6aace5e1be8f143564d), [`PSA_ALG_RSA_PSS_ANY_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9b7355a2cd6bde88177634d539127f2b).
+* PKCS#1 RSAES-OAEP encryption: [`PSA_ALG_RSA_OAEP`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa1235dc3fdd9839c6c1b1a9857344c76).
+
+#### Elliptic curve mechanism selection
+
+The PK types `MBEDTLS_PK_ECKEY`, `MBEDTLS_PK_ECKEY_DH` and `MBEDTLS_PK_ECDSA` correspond to elliptic-curve key types in the PSA API. In the PSA API, key pairs and public keys are separate object types. The PSA API uses policies and algorithm parameters rather than key types to distinguish between the PK EC types.
+
+An ECC public key has the type [`PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad54c03d3b47020e571a72cd01d978cf2) where `curve` is a curve family identifier.
+
+An ECC key pair has the type [`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0b6f5d4d5037c54ffa850d8059c32df0) where `curve` is a curve family identifier. A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key).
+You can always use a private key for operations on the corresponding public key (as long as the policy permits it).
+
+A curve is fully determined by a curve family identifier and the private key size in bits. The following table gives the correspondence between legacy and PSA elliptic curve designations.
+
+| Mbed TLS legacy curve identifier | PSA curve family | Curve bit-size |
+| -------------------------------- | ---------------- | -------------- |
+| `MBEDTLS_ECP_DP_SECP192R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 192 |
+| `MBEDTLS_ECP_DP_SECP224R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 224 |
+| `MBEDTLS_ECP_DP_SECP256R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 |
+| `MBEDTLS_ECP_DP_SECP384R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 384 |
+| `MBEDTLS_ECP_DP_SECP521R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 521 |
+| `MBEDTLS_ECP_DP_BP256R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 256 |
+| `MBEDTLS_ECP_DP_BP384R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 384 |
+| `MBEDTLS_ECP_DP_BP512R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 512 |
+| `MBEDTLS_ECP_DP_CURVE25519` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 255 |
+| `MBEDTLS_ECP_DP_SECP192K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 192 |
+| `MBEDTLS_ECP_DP_SECP224K1` | not supported | N/A |
+| `MBEDTLS_ECP_DP_SECP256K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 |
+| `MBEDTLS_ECP_DP_CURVE448` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 448 |
+
+The following cryptographic algorithms work with ECC keys:
+
+* ECDH key agreement (including X25519 and X448): [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43).
+* ECDSA: [`PSA_ALG_ECDSA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7e3ce9f514a227d5ba5d8318870452e3), [`PSA_ALG_ECDSA_ANY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga51d6b6044a62e33cae0cf64bfc3b22a4), [`PSA_ALG_DETERMINISTIC_ECDSA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11da566bcd341661c8de921e2ca5ed03).
+* EC-JPAKE (see “[EC-JPAKE](#ec-jpake)”.
+
+#### Diffie-Hellman mechanism selection
+
+A finite-field Diffie-Hellman key pair has the type [`PSA_KEY_TYPE_DH_KEY_PAIR(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c) where `group` is a group family as explained below.
+
+A finite-field Diffie-Hellman public key has the type [`PSA_KEY_TYPE_DH_PUBLIC_KEY(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa22f0f2ea89b929f2fadc19890cc5d5c) where `group` is a group family as explained below. Due to the design of the API, there is rarely a need to use Diffie-Hellman public key objects.
+
+The PSA API only supports Diffie-Hellman with predefined groups. A group is fully determined by a group family identifier and the public key size in bits.
+
+| Mbed TLS DH group P value | PSA DH group family | Bit-size |
+| ------------------------- | ------------------- | -------- |
+| `MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 2048 |
+| `MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 3072 |
+| `MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 4096 |
+| `MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 6144 |
+| `MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 8192 |
+
+A finite-field Diffie-Hellman key can be used for key agreement with the algorithm [`PSA_ALG_FFDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0ebbb6f93a05b6511e6f108ffd2d1eb4).
+
+### Creating keys for asymmetric cryptography
+
+The easiest way to create a key pair object is by randomly generating it with [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). Compared with the low-level functions from the legacy API (`mbedtls_rsa_gen_key`, `mbedtls_ecp_gen_privkey`, `mbedtls_ecp_gen_keypair`, `mbedtls_ecp_gen_keypair_base`, `mbedtls_ecdsa_genkey`), this directly creates an object that can be used with high-level APIs, but removes some of the flexibility. Note that if you want to export the generated private key, you must pass the flag [`PSA_KEY_USAGE_EXPORT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga7dddccdd1303176e87a4d20c87b589ed) to [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de); exporting the public key with [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) is always permitted.
+
+For RSA keys, `psa_generate_key` always uses 65537 as the public exponent. If you need a different public exponent, use the legacy interface to create the key then import it as described in “[Importing legacy keys via the PK module](#importing-legacy-keys-via-the-pk-module)”.
+
+To create a key object from existing material, use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). While this function has the same basic goal as the PK parse functions (`mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`), it is limited to a single format that just contains the number(s) that make up the key, with very little metadata. This format is a substring of one of the formats accepted by the PK functions (except for finite-field Diffie-Hellman which the PK module does not support). The table below summarizes the PSA import/export format for key pairs and public keys; see the documentation of [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) and [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) for more details.
+
+| Key type | PSA import/export format |
+| -------- | ------------------------ |
+| RSA key pair | PKCS#1 RSAPrivateKey DER encoding (including both private exponent and CRT parameters) |
+| RSA public key | PKCS#1 RSAPublicKey DER encoding |
+| ECC key pair | Fixed-length private value (not containing the public key) |
+| ECC public key (Weierstrass curve) | Fixed-length uncompressed point |
+| ECC public key (Montgomery curve) | Fixed-length public value |
+| FFDH key pair | Fixed-length private value (not containing the public key) |
+| FFDH public key | Fixed-length public value |
+
+There is no equivalent of `mbedtls_pk_parse_keyfile` and `mbedtls_pk_parse_public_keyfile`. Either call the legacy function or load the file data manually.
+
+A future extension of the PSA API will support other import formats. Until those are implemented, see the following subsections for ways to use the PK module for key parsing and construct a PSA key object from the PK object.
+
+#### Importing legacy keys via the PK module
+
+You can use glue functions in the PK module to create a key object using the legacy API, then import that object into the PSA subsystem. This is useful for use cases that the PSA API does not currently cover, such as:
+
+* Parsing a key in a format with metadata without knowing its type ahead of time.
+* Importing a key which you have in the form of a list of numbers, rather than the binary encoding required by `psa_import_key`.
+* Importing a key with less information than what the PSA API needs, for example an ECC public key in a compressed format, an RSA private key without the private exponent, or an RSA private key without the CRT parameters.
+* Generating an RSA key with $e \ne 65537$.
+
+#### Importing a PK key by wrapping
+
+If you have a PK object, you can call `mbedtls_pk_wrap_as_opaque` to create a PSA key object with the same key material. (This function is only present in builds with `MBEDTLS_USE_PSA_CRYPTO` enabled. It is experimental and [will likely be replaced by a slightly different interface in a future version of Mbed TLS](https://github.com/Mbed-TLS/mbedtls/issues/7760)). This function automatically determines the PSA key type and lets you specify the usage policy (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Once you've called this function, you can destroy the PK object. This function calls `psa_import_key` internally; call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to destroy the PSA key object once your application no longer needs it. Common scenarios where this workflow is useful are:
+
+* You have working code that's calling `mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`, `mbedtls_pk_parse_keyfile` or `mbedtls_pk_parse_public_keyfile` to create a PK object.
+* You have working code that's using the `rsa.h` or `ecp.h` API to create a key object, and there is no PSA equivalent.
+
+You can use this workflow to import an RSA key via an `mbedtls_rsa_context` object or an ECC key via an `mbedtls_ecp_keypair` object:
+
+1. Call `mbedtls_pk_init` then `mbedtls_pk_setup` to set up a PK context for the desired key type (`MBEDTLS_PK_RSA` or `MBEDTLS_PK_ECKEY`).
+2. Call `mbedtls_pk_rsa` or `mbedtls_pk_ec` to obtain the underlying low-level context.
+3. Call `mbedtls_rsa_xxx` or `mbedtls_ecp_xxx` functions to construct the desired key. For example:
+ * `mbedtls_rsa_import` or `mbedtls_rsa_import_raw` followed by `mbedtls_rsa_complete` to create an RSA private key without all the parameters required by the PSA API.
+ * `mbedtls_rsa_gen_key` to generate an RSA private key with a custom public exponent.
+4. Call `mbedtls_pk_wrap_as_opaque` as described above to create a corresponding PSA key object.
+5. Call `mbedtls_pk_free` to free the resources associated with the PK object.
+
+#### Importing a PK key by export-import
+
+This section explains how to export a PK object in the PSA import format. The process depends on the key type. You can use `mbedtls_pk_get_type` or `mbedtls_pk_can_do` to distinguish between RSA and ECC keys. The snippets below assume that the key is in an `mbedtls_pk_context pk`, and omit error checking.
+
+For an RSA private key:
+
+```
+unsigned char buf[PSA_EXPORT_KEY_PAIR_MAX_SIZE];
+size_t length = mbedtls_pk_write_key_der(&pk, buf, sizeof(buf));
+psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+psa_set_key_attributes(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR);
+psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...);
+psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...);
+psa_key_id_t key_id = 0;
+psa_import_key(&attributes, buf + sizeof(buf) - length, length, &key_id);
+mbedtls_pk_free(&pk);
+```
+
+For an ECC private key (a future version of Mbed TLS [will provide a more direct way to find the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764)):
+
+```
+unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)];
+size_t length = PSA_BITS_TO_BYTES(mbedtls_pk_bitlen(&pk));
+mbedtls_ecp_keypair *ec = mbedtls_pk_ec(&pk);
+psa_ecc_curve_t curve;
+{
+ mbedtls_ecp_group grp;
+ mbedtls_ecp_group_init(&grp);
+ mbedtls_ecp_point Q;
+ mbedtls_ecp_point_init(&Q);
+ mbedtls_mpi d;
+ mbedtls_mpi_init(&d);
+ mbedtls_ecp_export(ec, &grp, &d, &Q);
+ size_t bits;
+ curve = mbedtls_ecc_group_to_psa(grp.id, &bits);
+ mbedtls_ecp_group_free(&grp);
+ mbedtls_ecp_point_free(&Q);
+ mbedtls_mpi_free(&d);
+}
+mbedtls_ecp_write_key(ec, buf, length);
+psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(curve));
+psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...);
+psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...);
+psa_key_id_t key_id = 0;
+psa_import_key(&attributes, buf, length, &key_id);
+mbedtls_pk_free(&pk);
+```
+
+For an RSA or ECC public key:
+
+```
+unsigned char buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+size_t length = mbedtls_pk_write_pubkey(&pk, buf, sizeof(buf));
+psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+psa_set_key_attributes(&attributes, ...); // need to determine the type manually
+psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...);
+psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...);
+psa_key_id_t key_id = 0;
+psa_import_key(&attributes, buf + sizeof(buf) - length, length, &key_id);
+mbedtls_pk_free(&pk);
+```
+
+#### Importing an elliptic curve key from ECP
+
+This section explains how to use the `ecp.h` API to create an elliptic curve key in a format suitable for `psa_import_key`.
+
+You can use this, for example, to import an ECC key in the form of a compressed point by calling `mbedtls_ecp_point_read_binary` then following the process below.
+
+The following code snippet illustrates how to import a private key which is initially in an `mbedtls_ecp_keypair` object. (This includes `mbedtls_ecdsa_keypair` objects since that is just a type alias.) Error checks are omitted for simplicity. A future version of Mbed TLS [will provide a function to calculate the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764).
+
+```
+mbedtls_ecp_keypair ec;
+mbedtls_ecp_keypair_init(&ec);
+// Omitted: fill ec with key material
+// (the public key will not be used and does not need to be set)
+unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)];
+size_t length = PSA_BITS_TO_BYTES(mbedtls_pk_bitlen(&pk));
+mbedtls_ecp_write_key(&ec, buf, length);
+psa_ecc_curve_t curve = ...; // need to determine the curve family manually
+psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+psa_set_key_attributes(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(curve));
+psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...);
+psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...);
+psa_key_id_t key_id = 0;
+psa_import_key(&attributes, buf, length, &key_id);
+mbedtls_ecp_keypair_free(&ec);
+```
+The following code snippet illustrates how to import a private key which is initially in an `mbedtls_ecp_keypair` object. Error checks are omitted for simplicity.
+
+```
+mbedtls_ecp_group grp;
+mbedtls_ecp_group_init(&grp);
+mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_...);
+mbedtls_ecp_point pt;
+mbedtls_ecp_point_init(&pt);
+// Omitted: fill pt with key material
+unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_PUBLIC_KEY_MAX_SIZE)];
+size_t length;
+mbedtls_ecp_point_write_binary(&grp, &pt, &length, buf, sizeof(buf));
+psa_ecc_curve_t curve = ...; // need to determine the curve family manually
+psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+psa_set_key_attributes(&attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve));
+psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...);
+psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...);
+psa_key_id_t key_id = 0;
+psa_import_key(&attributes, buf, length, &key_id);
+mbedtls_ecp_point_free(&pt);
+mbedtls_ecp_group_free(&grp);
+```
+
+### Key pair and public key metadata
+
+There is no equivalent to the type `mbedtls_pk_info_t` and the functions `mbedtls_pk_info_from_type` in the PSA API because it is unnecessary. All macros and functions operate directly on key type values (`psa_key_type_t`, `PSA_KEY_TYPE_xxx` constants) and algorithm values (`psa_algorithm_t`, `PSA_ALG_xxx` constants).
+
+You can call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) to populate a structure with the attributes of a key, then functions such as [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain a key's type (`PSA_KEY_TYPE_xxx` value) and size (nominal size in bits).
+
+The bit-size from `psa_get_key_bits` is the same as the one from `mbedtls_pk_get_bitlen`. To convert to bytes as `mbedtls_pk_get_len` or `mbedtls_rsa_get_len` do, you can use the macro `PSA_BITS_TO_BYTES`. However, note that the PSA API has generic macros for each related buffer size (export, signature size, etc.), so you should generally use those instead. The present document lists those macros where it explains the usage of the corresponding function.
+
+Most code that calls `mbedtls_pk_get_type` or `mbedtls_pk_can_do` only requires the key's type as reported by [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918). For code that uses both `mbedtls_pk_context` objects and PSA metadata encoding, [`mbedtls_pk_can_do_ext`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/pk_8h/#pk_8h_1a256d3e8d4323a45aafa7d2b6c59a36f6) checks the compatibility between a key object and a mechanism. If needed, you can also access a key's policy from its attributes with [`psa_get_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaa1af20f142ca722222c6d98678a0c448), [`psa_get_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac255da850a00bbed925390044f016b34) and [`psa_get_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga39803b62a97198cf630854db9b53c588). The algorithm policy also conveys the padding and hash information provided by `mbedtls_rsa_get_padding_mode` and `mbedtls_rsa_get_md_alg`.
+
+### Exporting a public key or a key pair
+
+To export a PSA key pair or public key, call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf). If the key is a key pair, its policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+
+To export a PSA public key or to export the public key of a PSA key pair object, call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062). This is always permitted regardless of the key's policy.
+
+The export format is the same format used for `psa_import_key`, described in “[Creating keys for asymmetric cryptography](#creating-keys-for-asymmetric-cryptography)” above.
+
+A future extension of the PSA API will support other export formats. Until those are implemented, see “[Exporting a PK key by wrapping](#exporting-a-pk-key-by-wrapping)” for ways to use the PK module to format a PSA key.
+
+#### Exporting a PK key by wrapping
+
+You can wrap a PSA key object in a PK key context with `mbedtls_pk_setup_opaque`. This allows you to call functions such as `mbedtls_pk_write_key_der`, `mbedtls_pk_write_pubkey_der`, `mbedtls_pk_write_pubkey_pem`, `mbedtls_pk_write_key_pem` or `mbedtls_pk_write_pubkey` to export the key data in various formats.
+
+### Signature operations
+
+The equivalent of `mbedtls_pk_sign` or `mbedtls_pk_sign_ext` to sign an already calculated hash is [`psa_sign_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga785e746a31a7b2a35ae5175c5ace3c5c).
+The key must be a key pair allowing the usage `PSA_KEY_USAGE_SIGN_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+Use [`PSA_SIGN_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGN_OUTPUT_SIZE) or [`PSA_SIGNATURE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGNATURE_MAX_SIZE) (similar to `MBEDTLS_PK_SIGNATURE_MAX_SIZE`) to determine a sufficient size for the output buffer.
+This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pss_sign`, `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext` and `mbedtls_ecdsa_write_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details.
+
+The equivalent of `mbedtls_pk_verify` or `mbedtls_pk_verify_ext` to verify an already calculated hash is [`psa_verify_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gae2ffbf01e5266391aff22b101a49f5f5).
+The key must be a public key (or a key pair) allowing the usage `PSA_KEY_USAGE_VERIFY_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_verify`, `mbedtls_rsa_rsassa_pkcs1_v15_verify`, `mbedtls_rsa_rsassa_pss_verify`, `mbedtls_rsa_rsassa_pss_verify_ext`, `mbedtls_ecdsa_verify` amd `mbedtls_ecdsa_read_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details.
+
+Generally, `psa_sign_hash` and `psa_verify_hash` require the input to have the correct length for the hash (this has historically not always been enforced in the corresponding legacy APIs).
+
+See also “[Restartable ECDSA signature](#restartable-ecdsa-signature)” for a restartable variant of this API.
+
+The PSA API also has functions [`psa_sign_message`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga963ecadae9c38c85826f9a13cf1529b9) and [`psa_verify_message`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga01c11f480b185a4268bebd013df7c14c). These functions combine the hash calculation with the signature calculation or verification.
+For `psa_sign_message`, either the usage flag `PSA_KEY_USAGE_SIGN_MESSAGE` or `PSA_KEY_USAGE_SIGN_HASH` is sufficient.
+For `psa_verify_message`, either the usage flag `PSA_KEY_USAGE_VERIFY_MESSAGE` or `PSA_KEY_USAGE_VERIFY_HASH` is sufficient.
+
+Most signature algorithms involve a hash algorithm. See “[Hash mechanism selection](#hash-mechanism-selection)”.
+
+The following subsections describe the PSA signature mechanisms that correspond to legacy Mbed TLS mechanisms.
+
+#### ECDSA signature
+
+**Note: in the PSA API, the format of an ECDSA signature is the raw fixed-size format. This is different from the legacy API** which uses the ASN.1 DER format for ECDSA signatures. A future version of Mbed TLS [will provide a way to convert between the two formats](https://github.com/Mbed-TLS/mbedtls/issues/7765).
+<!-- The following are specific to the DER format and therefore have no PSA equivalent: MBEDTLS_ECDSA_MAX_SIG_LEN, MBEDTLS_ECDSA_MAX_LEN -->
+
+ECDSA is the mechanism provided by `mbedtls_pk_sign` and `mbedtls_pk_verify` for ECDSA keys, as well as by `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext`, `mbedtls_ecdsa_write_signature`, `mbedtls_ecdsa_verify` and `mbedtls_ecdsa_read_signature`.
+
+The PSA API offers three algorithm constructors for ECDSA. They differ only for signature, and have exactly the same behavior for verification.
+
+* [`PSA_ALG_ECDSA(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7e3ce9f514a227d5ba5d8318870452e3) is a randomized ECDSA signature of a hash calculated with the algorithm `hash`.
+* [`PSA_ALG_ECDSA_ANY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga51d6b6044a62e33cae0cf64bfc3b22a4) is equivalent to `PSA_ALG_ECDSA`, but does not require specifying a hash as part of the algorithm. It can only be used with `psa_sign_hash` and `psa_verify_hash`, with no constraint on the length of the hash.
+* [`PSA_ALG_DETERMINISTIC_ECDSA(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11da566bcd341661c8de921e2ca5ed03) is a deterministic ECDSA signature of a hash calculated with the algorithm `hash`. This is the same as the functionality offered by `MBEDTLS_ECDSA_DETERMINISTIC` in the legacy API.
+ * For `psa_sign_message` with `PSA_ALG_DETERMINISTIC_ECDSA`, the same hash algorithm is used to hash the message and to parametrize the deterministic signature generation.
+
+Unlike the legacy API, where `mbedtls_pk_sign` and `mbedtls_ecdsa_write_signature` automatically select deterministic ECDSA if both are available, the PSA API requires the application to select the preferred variant. ECDSA verification cannot distinguish between randomized and deterministic ECDSA (except in so far as if the same message is signed twice and the signatures are different, then at least one of the signatures is not the determinstic variant), so in most cases switching between the two is a compatible change.
+
+#### Restartable ECDSA signature
+
+The legacy API includes an API for “restartable” ECC operations: the operation returns after doing partial computation, and can be resumed. This is intended for highly constrained devices where long cryptographic calculations need to be broken up to poll some inputs, where interrupt-based scheduling is not desired. The legacy API consists of the functions `mbedtls_pk_sign_restartable`, `mbedtls_pk_verify_restartable`, `mbedtls_ecdsa_sign_restartable`, `mbedtls_ecdsa_verify_restartable`, `mbedtls_ecdsa_write_signature_restartable`, `mbedtls_ecdsa_read_signature_restartable`, as well as several configuration and data manipulation functions.
+
+The PSA API offers similar functionality via “interruptible” public-key operations. As of Mbed TLS 3.5, it is only implemented for ECDSA, for the same curves as the legacy API. This will likely be extended to ECDH in the short term. At the time of writing, no extension is planned to other curves or other algorithms.
+
+The flow of operations for an interruptible signature operation is as follows:
+
+1. Create an operation object of type [`psa_sign_hash_interruptible_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6948d4653175b1b530a265540066a7e7) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Call [`psa_sign_hash_start`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga441988da830205182b3e791352537fac) with the private key object and the hash to verify.
+3. Call [`psa_sign_hash_complete`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga79849aaa7004a85d2ffbc4b658a333dd) repeatedly until it returns a status other than `PSA_OPERATION_INCOMPLETE`.
+
+The flow of operations for an interruptible signature verification operation is as follows:
+
+1. Create an operation object of type [`psa_verify_hash_interruptible_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga537054cf4909ad1426331ae4ce7148bb) and zero-initialize it (or use the corresponding `INIT` macro).
+2. Call [`psa_verify_hash_start`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga912eb51fb94056858f451f276ee289cb) with the private key object and the hash and signature to verify.
+3. Call [`psa_verify_hash_complete`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga67fe82352bc2f8c0343e231a70a5bc7d) repeatedly until it returns a status other than `PSA_OPERATION_INCOMPLETE`.
+
+If you need to cancel the operation after calling the start function without waiting for the loop calling the complete function to finish, call [`psa_sign_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1gae893a4813aa8e03bd201fe4f1bbbb403) or [`psa_verify_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga18dc9c0cc27d590c5e3b186094d90f88).
+
+Call [`psa_interruptible_set_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6d86790b31657c13705214f373af869e) to set the number of basic operations per call. This is the same unit as `mbedtls_ecp_set_max_ops`. You can retrieve the current value with [`psa_interruptible_get_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga73e66a6d93f2690b626fcea20ada62b2). The value is [`PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible/#group__interruptible_1gad19c1da7f6b7d59d5873d5b68eb943d4) if operations are not restartable, which corresponds to `mbedtls_ecp_restart_is_enabled()` being false.
+
+#### PKCS#1 v1.5 RSA signature
+
+This mechanism corresponds to `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_rsa_pkcs1_sign` and `mbedtls_rsa_pkcs1_verify` for an RSA key, unless PSS has been selected with `mbedtls_rsa_set_padding` on the underlying RSA key context. This mechanism also corresponds to `mbedtls_rsa_rsassa_pkcs1_v15_sign` and `mbedtls_rsa_rsassa_pkcs1_v15_verify`.
+
+The PSA API has two algorithm constructors:
+
+* [`PSA_ALG_RSA_PKCS1V15_SIGN(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga702ff75385a6ae7d4247033f479439af) formats the hash as specified in PKCS#1. The hash algorithm corresponds to the `md_alg` parameter of the legacy functions.
+* [`PSA_ALG_RSA_PKCS1V15_SIGN_RAW`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4215e2a78dcf834e9a625927faa2a817) uses the “hash” input in lieu of a DigestInfo structure. This is the same as calling the legacy functions with `md_alg=MBEDTLS_MD_NONE`.
+
+#### PKCS#1 RSASSA-PSS signature
+
+This mechanism corresponds to `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext` for an RSA key, as well as `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_rsa_pkcs1_sign` and `mbedtls_rsa_pkcs1_verify` if PSS has been selected on the underlying RSA context with `mbedlts_rsa_set_padding`.
+It also corresponds to `mbedtls_rsa_rsassa_pss_sign` and `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_rsa_rsassa_pss_verify` and `mbedtls_rsa_rsassa_pss_verify_ext`.
+
+The PSA API has two algorithm constructors: [`PSA_ALG_RSA_PSS(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga62152bf4cb4bf6aace5e1be8f143564d) and [`PSA_ALG_RSA_PSS_ANY_SALT(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9b7355a2cd6bde88177634d539127f2b). They differ only for verification, and have exactly the same behavior for signature. The hash algorithm `hash` corresponds to the `md_alg` parameter passed to the legacy API. It is used to hash the message, to create the salted hash, and for the mask generation with MGF1. The PSA API does not support using different hash algorithms for these different purposes.
+
+With respect to the salt length:
+
+* When signing, the salt is random, and the salt length is the largest possible salt length up to the hash length. This is the same as passing `MBEDTLS_RSA_SALT_LEN_ANY` as the salt length to `xxx_ext` legacy functions or using a legacy function that does not have a `saltlen` argument.
+* When verifying, `PSA_ALG_RSA_PSS` requires the the salt length to the largest possible salt length up to the hash length (i.e. the same that would be used for signing).
+* When verifying, `PSA_ALG_RSA_PSS_ANY_SALT` accepts any salt length. This is the same as passing `MBEDTLS_RSA_SALT_LEN_ANY` as the salt length to `xxx_ext` legacy functions or using a legacy function that does not have a `saltlen` argument.
+
+### Asymmetric encryption and decryption
+
+The equivalent of `mbedtls_pk_encrypt`, `mbedtls_rsa_pkcs1_encrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_encrypt` or `mbedtls_rsa_rsaes_oaep_encrypt` to encrypt a short message (typically a symmetric key) is [`psa_asymmetric_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gaa17f61e4ddafd1823d2c834b3706c290).
+The key must be a public key (or a key pair) allowing the usage `PSA_KEY_USAGE_ENCRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+Use the macro [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1a66ba3bd93e5ec52870ccc3848778bad8) or [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE) to determine the output buffer size.
+
+The equivalent of `mbedtls_pk_decrypt`, `mbedtls_rsa_pkcs1_decrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_decrypt` or `mbedtls_rsa_rsaes_oaep_decrypt` to decrypt a short message (typically a symmetric key) is [`psa_asymmetric_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga4f968756f6b22aab362b598b202d83d7).
+The key must be a key pair allowing the usage `PSA_KEY_USAGE_DECRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+Use the macro [`PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1a61a246f3eac41989821d982e56fea6c1) or [`PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE) to determine the output buffer size.
+
+The following subsections describe the PSA asymmetric encryption mechanisms that correspond to legacy Mbed TLS mechanisms.
+
+#### RSA PKCS#1v1.5 encryption
+
+This is the mechanism used by the PK functions and by `mbedtls_rsa_pkcs1_{encrypt,decrypt}` unless `mbedtls_rsa_set_padding` has been called on the underlying RSA key context.
+This is also the mechanism used by `mbedtls_rsa_rsaes_pkcs1_v15_{encrypt,decrypt}`.
+
+The PSA algorithm is [`PSA_ALG_RSA_PKCS1V15_CRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4c540d3abe43fb9abcb94f2bc51acef9).
+
+Beware that PKCS#1v1.5 decryption is subject to padding oracle attacks. Revealing when `psa_asymmetric_decrypt` returns `PSA_ERROR_INVALID_PADDING` may allow an adversary to decrypt arbitrary ciphertexts.
+
+#### RSA RSAES-OAEP
+
+This is the mechanism used by `mbedtls_rsa_rsaes_oaep_{encrypt,decrypt}`.
+
+The PSA algorithm is [`PSA_ALG_RSA_OAEP(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa1235dc3fdd9839c6c1b1a9857344c76) where `hash` is a hash algorithm value (`PSA_ALG_xxx`, see “[Hash mechanism selection](#hash-mechanism-selection)”).
+
+As with the PK API, the mask generation is MGF1, the label is empty, and the same hash algorithm is used for MGF1 and to hash the label. The PSA API does not offer a way to choose a different label or a different hash algorithm for the label.
+
+### Private-public key consistency
+
+There is no direct equivalent of the functions `mbedtls_rsa_check_privkey`, `mbedtls_rsa_check_pubkey`,`mbedtls_ecp_check_privkey`, `mbedtls_ecp_check_pubkey`. The PSA API performs some basic checks when it imports a key, and may perform additional checks before performing an operation if needed, so it will never perform an operation on a key that does not satisfy these checks, but the details of when the check is performed may change between versions of the library.
+
+The legacy API provides functions `mbedtls_pk_check_pair`, `mbedtls_rsa_check_pub_priv` and `mbedtls_ecp_check_pub_priv`, which can be used to check the consistency between a private key and a public key. To perform such a check with the PSA API, you can export the public keys; this works because the PSA representation of public keys is canonical.
+
+* Prepare a key object containing the private key, for example with [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b).
+* Prepare a key object containing the public key, for example with [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b).
+* Export both public keys with [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) (this is possible regardless of the usage policies on the keys) and compare the output.
+ ```
+ // Error checking omitted
+ unsigned char pub1[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+ unsigned char pub2[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+ size_t length1, length2;
+ psa_export_public_key(key1, pub1, sizeof(pub1), &length1);
+ psa_export_public_key(key2, pub2, sizeof(pub2), &length2);
+ if (length1 == length2 && !memcmp(pub1, pub2, length1))
+ puts("The keys match");
+ else
+ puts("The keys do not match");
+ ```
+
+### PK functionality with no PSA equivalent
+
+There is no PSA equivalent of the debug functionality provided by `mbedtls_pk_debug`. Use `psa_export_key` to export the key if desired.
+
+There is no PSA equivalent to Mbed TLS's custom key type names exposed by `mbedtls_pk_get_name`.
+
+### Key agreement
+
+The PSA API has a generic interface for key agreement, covering the main use of both `ecdh.h` and `dhm.h`.
+
+<!-- TODO: static FFDH/ECDH (including `mbedtls_ecdh_get_params`)
+ https://github.com/Mbed-TLS/mbedtls/pull/7766#discussion_r1410568541
+ -->
+
+#### Diffie-Hellman key pair management
+
+The PSA API manipulates keys as such, rather than via an operation context. Thus, to use Diffie-Hellman, you need to create a key object, then perform the key exchange, then destroy the key. There is no equivalent to the types `mbedtls_ecdh_context` and `mbedtls_dhm_context`.
+
+Here is an overview of the lifecycle of a key object.
+
+1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters:
+ * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value:
+ * [`PSA_KEY_TYPE_DH_KEY_PAIR(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c) for finite-field Diffie-Hellman (see “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”).
+ * [`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0b6f5d4d5037c54ffa850d8059c32df0) for elliptic-curve Diffie-Hellman (see “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)”).
+ * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the private key size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material.
+ * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to select the appropriate algorithm:
+ * [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43) or [`PSA_ALG_FFDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0ebbb6f93a05b6511e6f108ffd2d1eb4) for a raw key agreement.
+ * [`PSA_ALG_KEY_AGREEMENT(ka, kdf)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga78bb81cffb87a635c247725eeb2a2682) if the key will be used as part of a key derivation, where:
+ * `ka` is either `PSA_ALG_ECDH` or `PSA_ALG_FFDH`.
+ * `kdf` is a key derivation algorithm.
+ * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_DERIVE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_DERIVE). See “[Public-key cryptography policies](#public-key-cryptography-policies)” for more information.
+2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object.
+ * Use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) to generate a random key. This is normally the case for a Diffie-Hellman key.
+ * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material.
+ * If the key is derived deterministically from other material, use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1).
+3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations.
+4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished.
+
+#### Performing a key agreement
+
+Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain the public key that needs to be sent to the other party.
+Use the macros [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to determine a sufficient size for the output buffer.
+
+Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to calculate the shared secret from your private key and the other party's public key.
+Use the macros [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
+
+Call [`psa_key_derivation_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga2cd5a8ac906747d3204ec442db78745f) instead of `psa_raw_key_agreement` to use the resulting shared secret as the secret input to a key derivation. See “[HKDF](#hkdf)” for an example of the key derivation interface.
+
+#### Translating a legacy key agreement contextless workflow
+
+A typical workflow for ECDH using the legacy API without a context object is:
+
+1. Initialize objects:
+ * `mbedtls_ecp_group grp` for the curve;
+ * `mbedtls_mpi our_priv` for our private key;
+ * `mbedtls_ecp_point our_pub` for our public key;
+ * `mbedtls_ecp_point their_pub` for their public key (this may be the same variable as `our_pub` if the application does not need to hold both at the same time);
+ * `mbedtls_mpi z` for the shared secret (this may be the same variable as `our_priv` when doing ephemeral ECDH).
+2. Call `mbedtls_ecp_group_load` on `grp` to select the curve.
+3. Call `mbedtls_ecdh_gen_public` on `grp`, `our_priv` (output) and `our_pub` (output) to generate a key pair and retrieve the corresponding public key.
+4. Send `our_pub` to the peer. Retrieve the peer's public key and import it into `their_pub`. These two actions may be performed in either order.
+5. Call `mbedtls_ecdh_compute_shared` on `grp`, `z` (output), `their_pub` and `our_priv`. Use the raw shared secret `z`, typically, to construct a shared key.
+6. Free `grp`, `our_priv`, `our_pub`, `their_pub` and `z`.
+
+The corresponding workflow with the PSA API is as follows:
+
+1. Initialize objects:
+ * `psa_key_id_t our_key`: a handle to our key pair;
+ * `psa_key_attributes_t attributes`: key attributes used in steps 2–3;;
+ * `our_pub`: a buffer of size [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) (where `key_type` is the value passed to `psa_set_key_size` in step 2) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to hold our key.
+ * `their_pub`: a buffer of the same size, to hold the peer's key. This can be the same as `our_pub` if the application does not need to hold both at the same time;
+ * `shared_secret`: a buffer of size [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) (if not using a key derivation operation).
+2. Prepare an attribute structure as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”, in particular selecting the curve with `psa_set_key_type`.
+3. Call [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) on `attributes` and `our_key` (output) to generate a key pair, then [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on `our_key` and `our_pub` (output) to obtain our public key.
+4. Send `our_pub` to the peer. Retrieve the peer's public key and import it into `their_pub`. These two actions may be performed in either order.
+5. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output).
+ Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”).
+6. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) on `key_id`, and free the memory buffers.
+
+Steps 4–6 are only performed once for a "true" ephemeral Diffie-Hellman. They may be repeated multiple times for a "fake ephemeral" Diffie-Hellman where the same private key is used for multiple key exchanges, but it not saved.
+
+#### Translating a legacy ephemeral key agreement TLS server workflow
+
+The legacy API offers the following workflow for an ephemeral Diffie-Hellman key agreement in a TLS 1.2 server. The PSA version of this workflow can also be used with other protocols, on the side of the party that selects the curve or group and sends its public key first.
+
+1. Setup phase:
+ 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`.
+ 2. Call `mbedtls_ecdh_setup` or `mbedtls_dhm_set_group` to select the curve or group.
+ 3. Call `mbedtls_ecdh_make_params` or `mbedtls_dhm_make_params` to generate our key pair and obtain a TLS ServerKeyExchange message encoding the selected curve/group and our public key.
+2. Send the ServerKeyExchange message to the peer.
+3. Retrieve the peer's public key.
+4. Call `mbedtls_ecdh_read_public` or `mbedtls_dhm_read_public` on the peer's public key, then call `mbedtls_ecdh_calc_secret` or `mbedtls_dhm_calc_secret` to calculate the shared secret.
+5. Free the context with `mbedtls_ecdh_free` or `mbedtls_dhm_free`.
+
+The corresponding workflow with the PSA API is as follows:
+
+1. Setup phase:
+ 1. Generate an ECDH or DHM key pair with `psa_generate_key` as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”.
+ 2. Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain our public key.
+ 3. Format a ServerKeyExchange message containing the curve/group selection and our public key.
+2. Send the ServerKeyExchange message to the peer.
+3. Retrieve the peer's public key.
+4. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output).
+ Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”).
+5. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to free the resources associated with our key pair.
+
+#### Translating a legacy ephemeral key agreement TLS client workflow
+
+The legacy API offers the following workflow for an ephemeral Diffie-Hellman key agreement in a TLS 1.2 client. The PSA version of this workflow can also be used with other protocols, on the side of the party that receives a message indicating both the choice of curve or group, and the peer's public key.
+
+1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key:
+ 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`.
+ 2. Call `mbedtls_ecdh_read_params` or `mbedtls_dhm_read_params` to input the data from the ServerKeyExchange message.
+2. Call `mbedtls_ecdh_make_public` or `mbedtls_dh_make_public` to generate our private key and export our public key.
+3. Send our public key to the peer.
+4. Call `mbedtls_ecdh_calc_secret` or `mbedtls_dhm_calc_secret` to calculate the shared secret.
+5. Free the context with `mbedtls_ecdh_free` or `mbedtls_dhm_free`.
+
+The corresponding workflow with the PSA API is as follows:
+
+1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key:
+ 1. Decode the selected curve/group and use this to determine a PSA key type (`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)` or `PSA_KEY_TYPE_DH_KEY_PAIR(group)`), a key size and an algorithm.
+2. Generate an ECDH or DHM key pair with `psa_generate_key` as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”.
+ Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain our public key.
+3. Send our public key to the peer.
+4. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output).
+ Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”).
+5. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to free the resources associated with our key pair.
+
+#### ECDH and DHM metadata functions
+
+You can obtain data and metadata from an ECDH key agreement through the PSA API as follows:
+
+* With either side, accessing the group: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the key identifier, then [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain metadata about the key.
+* Accessing our public key: call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on the PSA key identifier.
+* Accessing our private key: call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+* Accessing the peer's public key: there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately.
+
+The functions `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len` and `mbedtls_dhm_get_value` allow the caller to obtain metadata about the keys used for the key exchange. The PSA equivalents access the key identifier:
+
+* `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len`: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the PSA key identifier, then [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06).
+* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_X` (our private key): call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
+* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GX` (our public key): call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on the PSA key identifier.
+* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GY` (peer's public key): the there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately.
+* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_K` (shared secret): this is the value calculated by `psa_raw_key_agreement` or `psa_key_derivation_key_agreement`. If you need to use it multiple times (for example to derive multiple values independently), call `psa_raw_key_agreement` and make a copy.
+* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_P` or `MBEDTLS_DHM_PARAM_G` (group parameters): [there is no PSA API to retrieve these values](https://github.com/Mbed-TLS/mbedtls/issues/7780).
+
+The PSA API for finite-field Diffie-Hellman only supports predefined groups. Therefore there is no equivalent to `mbedtls_dhm_parse_dhm`, `mbedtls_dhm_parse_dhmfile`, and the `MBEDTLS_DHM_xxx_BIN` macros.
+
+#### Restartable key agreement
+
+Restartable key agreement (enabled by `mbedtls_ecdh_enable_restart`) is not yet available through the PSA API. It will be added under the name “interruptible key agreement” in a future version of the library, with an interface that's similar to the interruptible signature interface described in “[Restartable ECDSA signature](#restartable-ecdsa-signature)”.
+
+### Additional information about Elliptic-curve cryptography
+
+#### Information about a curve
+
+The legacy API identifies a curve by an `MBEDTLS_ECP_DP_xxx` value of type `mbedtls_ecp_group_id`. The PSA API identifies a curve by a `PSA_ECC_FAMILY_xxx` value and the private value's bit-size. See “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” for the correspondence between the two sets of values.
+
+There is no PSA equivalent of the `mbedtls_ecp_group` data structure (and so no equivalent to `mbedtls_ecp_group_init`, `mbedtls_ecp_group_load`, `mbedtls_ecp_group_copy` and `mbedtls_ecp_group_free`) or of the `mbedtls_ecp_curve_info` data structure (and so no equivalent to `mbedtls_ecp_curve_info_from_grp_id`) because they are not needed. All API elements identify the curve directly by its family and size.
+
+The bit-size used by the PSA API is the size of the private key. For most curves, the PSA bit-size, the `bit_size` field in `mbedtls_ecp_curve_info`, the `nbits` field in `mbedtls_ecp_group` and the `pbits` field in `mbedtls_ecp_group` are the same. The following table lists curves for which they are different.
+
+| Curve | `grp->nbits` | `grp->pbits` | `curve_info->bit_size` | PSA bit-size |
+| ----- | ------------ | ------------ | ---------------------- | ------------ |
+| secp224k1 | 225 | 224 | 224 | not supported |
+| Curve25519 | 253 | 255 | 256 | 255 |
+| Curve448 | 446 | 448 | 448 | 448 |
+
+There is no exact PSA equivalent of the type `mbedtls_ecp_curve_type` and the function `mbedtls_ecp_get_type`, but the curve family encodes the same information. `PSA_ECC_FAMILY_MONTGOMERY` is the only Montgomery family. All other families supported in Mbed TLS 3.4.0 are short Weierstrass families.
+
+There is no PSA equivalent for the following functionality:
+
+* The `name` field of `mbedtls_ecp_curve_info`, and the function `mbedtls_ecp_curve_info_from_name`. There is no equivalent of Mbed TLS's lookup based on the name used for the curve in TLS specifications.
+* The `tls_id` field of `mbedtls_ecp_curve_info`, the constant `MBEDTLS_ECP_TLS_NAMED_CURVE`, and the functions `mbedtls_ecp_curve_info_from_tls_id`, `mbedtls_ecp_tls_read_group`, `mbedtls_ecp_tls_read_group_id` and `mbedtls_ecp_tls_write_group`. The PSA crypto API does not have this dedicated support for the TLS protocol.
+* Retrieving the parameters of a curve from the fields of an `mbedtls_ecp_group` structure.
+
+#### Information about supported curves
+
+The PSA API does not currently have a discovery mechanism for cryptographic mechanisms (although one may be added in the future). Thus there is no equivalent for `MBEDTLS_ECP_DP_MAX` and the functions `mbedtls_ecp_curve_list` and `mbedtls_ecp_grp_id_list`.
+
+The API provides macros that give the maximum supported sizes for various kinds of objects. The following table lists equivalents for `MBEDTLS_ECP_MAX_xxx` macros.
+
+| Legacy macro | PSA equivalent |
+| ------------ | -------------- |
+| `MBEDTLS_ECP_MAX_BITS` | [`PSA_VENDOR_ECC_MAX_CURVE_BITS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_VENDOR_ECC_MAX_CURVE_BITS) |
+| `MBEDTLS_ECP_MAX_BYTES` | `PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)` |
+| `MBEDTLS_ECP_MAX_PT_LEN` | [`PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE) |
+
+#### Restartable ECC
+
+The PSA API supports the equivalent of restartable operations, but only for signatures at the time of writing. See “[Restartable ECDSA signature](#restartable-ecdsa-signature)”.
+
+There is no PSA API for elliptic curve arithmetic as such, and therefore no equivalent of `mbedtls_ecp_restart_ctx` and functions that operate on it.
+
+There is PSA no equivalent of the `MBEDTLS_ECP_OPS_xxx` constants.
+
+#### ECC functionality with no PSA equivalent
+
+There is no PSA equivalent of `mbedtls_ecdsa_can_do` and `mbedtls_ecdh_can_do` to query the capabilities of a curve at runtime. Check the documentation of each curve family to see what algorithms it supports.
+
+There is no PSA equivalent to the types `mbedtls_ecdsa_context` and `mbedtls_ecdsa_restart_ctx`, and to basic ECDSA context manipulation functions including `mbedtls_ecdsa_from_keypair`, because they are not needed: the PSA API does not have ECDSA-specific context types.
+
+#### No curve arithmetic
+
+The PSA API is a cryptography API, not an arithmetic API. As a consequence, there is no PSA equivalent for the ECC arithmetic functionality exposed by `ecp.h`:
+
+* Manipulation of point objects and input-output: the type `mbedtls_ecp_point` and functions operating on it (`mbedtls_ecp_point_xxx`, `mbedtls_ecp_copy`, `mbedtls_ecp_{set,is}_zero`, `mbedtls_ecp_tls_{read,write}_point`). Note that the PSA export format for public keys corresponds to the uncompressed point format (`MBEDTLS_ECP_PF_UNCOMPRESSED`), so [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b), [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) and [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) are equivalent to `mbedtls_ecp_point_read_binary` and `mbedtls_ecp_point_write_binary` for uncompressed points. The PSA API does not currently support compressed points, but it is likely that such support will be added in the future.
+* Manipulation of key pairs as such, with a bridge to bignum arithmetic (`mbedtls_ecp_keypair` type, `mbedtls_ecp_export`). However, the PSA export format for ECC private keys used by [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b), [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) is the same as the format used by `mbedtls_ecp_read_key` and `mbedtls_ecp_write_key`.
+* Elliptic curve arithmetic (`mbedtls_ecp_mul`, `mbedtls_ecp_muladd` and their restartable variants).
+
+### Additional information about RSA
+
+#### RSA-ALT interface
+
+Implementers of the RSA-ALT interface (`MBEDTLS_PK_RSA_ALT` pk type, `mbedtls_pk_setup_rsa_alt` setup function) should migrate to the [PSA cryptoprocessor driver interface](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/psa-driver-example-and-guide.md).
+
+* If the purpose of the ALT interface is acceleration only: use the accelerator driver interface. This is fully transparent to application code.
+* If the purpose of the ALT interface is to isolate the private key in a high-security environment: use the opaque driver interface. This is mostly transparent to user code. Code that uses a key via its key identifier does not need to know whether the key is transparent (equivalent of `MBEDTLS_PK_RSA`) or opaque (equivalent of `MBEDTLS_PK_RSA_ALT`). When creating a key, it will be transparent by default; to create an opaque key, call [`psa_set_key_lifetime`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac03ccf09ca6d36cc3d5b43f8303db6f7) to set the key's location to the chosen location value for the driver, e.g.
+ ```
+ psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_VOLATILE, MY_RSA_DRIVER_LOCATION));
+ ```
+
+The PSA subsystem uses its internal random generator both for randomized algorithms and to generate blinding values. As a consequence, none of the API functions take an RNG parameter.
+
+#### RSA functionality with no PSA equivalent
+
+The PSA API does not provide direct access to the exponentiation primitive as with `mbedtls_rsa_public` and `mbedtls_rsa_private`. If you need an RSA-based mechanism that is not supported by the PSA API, please [submit an issue on GitHub](https://github.com/ARM-software/psa-api/issues) so that we can extend the API to support it.
+
+The PSA API does not support constructing RSA keys progressively from numbers with `mbedtls_rsa_import` or `mbedtls_rsa_import_raw` followed by `mbedtls_rsa_complete`. See “[Importing a PK key by wrapping](#importing-a-pk-key-by-wrapping)”.
+
+There is no direct equivalent of `mbedtls_rsa_export`, `mbedtls_rsa_export_raw` and `mbedtls_rsa_export_crt` to export some of the numbers in a key. You can export the whole key with `psa_export_key`, or with `psa_export_public_key` to export the public key from a key pair object. See also “[Exporting a public key or a key pair](#exporting-a-public-key-or-a-key-pair)”.
+
+A PSA key object is immutable, so there is no need for an equivalent of `mbedtls_rsa_copy`. (There is a function `psa_copy_key`, but it is only useful to make a copy of a key with a different policy of ownership; both concepts are out of scope of this document since they have no equivalent in the legacy API.)
+
+### LMS signatures
+
+A future version of Mbed TLS will support LMS keys and signatures through the PSA API (`psa_generate_key`, `psa_export_public_key`, `psa_import_key`, `psa_sign_hash`, `psa_verify_hash`, etc.). However, this is likely to happen after Mbed TLS 4.0, therefore the next major version of Mbed TLS will likely keep the existing `lms.h` interface.
+
+### PK format support interfaces
+
+The interfaces in `base64.h`, `asn1.h`, `asn1write.h`, `oid.h` and `pem.h` are intended to support X.509 and key file formats. They have no PSA equivalent since they are not directly about cryptography.
+
+In Mbed TLS 4.0, we are planning to keep the ASN.1 interfaces mostly unchanged. The evolution of Base64, OID and PEM as separate interfaces is still undecided at the time of writing.
+
+## EC-JPAKE
+
+The PSA API exposes EC-JPAKE via the algorithm [`PSA_ALG_JPAKE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#c.PSA_ALG_JPAKE) and the PAKE API functions. At the time of writing, the PAKE API is still experimental, but it should offer the same functionality as the legacy `ecjpake.h`. Please consult the documentation of your version of Mbed TLS for more information.
+
+Please note a few differences between the two APIs: the legacy API is geared towards the use of EC-JPAKE in TLS 1.2, whereas the PSA API is protocol-agnostic.
+
+* The PSA API is finer-grained and offers more flexibility in message ordering. Where the legacy API makes a single function call, the PSA API may require multiple calls.
+* The legacy API uses the TLS 1.2 wire format in the input or output format of several functions. In particular, one of the messages embeds the curve identifier in the TLS protocol. The PSA API uses protocol-agnostic formats.
+* The legacy API always applies the key derivation specified by TLS 1.2 to the shared secret. With the PSA API, use a key derivation with `PSA_ALG_TLS12_ECJPAKE_TO_PMS` for the same calculation.
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 77ecffd..d5eb1fd 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -155,6 +155,7 @@
int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/**
* \brief This function sets the decryption key.
*
@@ -173,6 +174,7 @@
MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits);
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
@@ -592,6 +594,7 @@
const unsigned char input[16],
unsigned char output[16]);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/**
* \brief Internal AES block decryption function. This is only
* exposed to allow overriding it using see
@@ -607,6 +610,7 @@
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h
index abb8a3d..c685fc3 100644
--- a/include/mbedtls/aria.h
+++ b/include/mbedtls/aria.h
@@ -98,6 +98,7 @@
const unsigned char *key,
unsigned int keybits);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/**
* \brief This function sets the decryption key.
*
@@ -116,6 +117,7 @@
int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
const unsigned char *key,
unsigned int keybits);
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/**
* \brief This function performs an ARIA single-block encryption or
diff --git a/include/mbedtls/block_cipher.h b/include/mbedtls/block_cipher.h
index 154ae26..3f60f6f 100644
--- a/include/mbedtls/block_cipher.h
+++ b/include/mbedtls/block_cipher.h
@@ -24,6 +24,10 @@
#include "mbedtls/camellia.h"
#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+#include "psa/crypto_types.h"
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -35,8 +39,22 @@
MBEDTLS_BLOCK_CIPHER_ID_ARIA, /**< The Aria cipher. */
} mbedtls_block_cipher_id_t;
+/**
+ * Used internally to indicate whether a context uses legacy or PSA.
+ *
+ * Internal use only.
+ */
+typedef enum {
+ MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY = 0,
+ MBEDTLS_BLOCK_CIPHER_ENGINE_PSA,
+} mbedtls_block_cipher_engine_t;
+
typedef struct {
mbedtls_block_cipher_id_t MBEDTLS_PRIVATE(id);
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+ mbedtls_block_cipher_engine_t MBEDTLS_PRIVATE(engine);
+ mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_key_id);
+#endif
union {
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_AES_C)
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index 44ecacf..7a70e25 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -62,6 +62,11 @@
#define MBEDTLS_ARCH_IS_X86
#endif
+#if !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) && \
+ (defined(_M_ARM64) || defined(_M_ARM64EC))
+#define MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64
+#endif
+
/* This is defined if the architecture is Armv8-A, or higher */
#if !defined(MBEDTLS_ARCH_IS_ARMV8_A)
#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE)
diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h
index 6c674fe..557f472 100644
--- a/include/mbedtls/camellia.h
+++ b/include/mbedtls/camellia.h
@@ -81,6 +81,7 @@
const unsigned char *key,
unsigned int keybits);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/**
* \brief Perform a CAMELLIA key schedule operation for decryption.
*
@@ -96,6 +97,7 @@
int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
const unsigned char *key,
unsigned int keybits);
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/**
* \brief Perform a CAMELLIA-ECB block encryption/decryption operation.
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index a98111b..1da57c9 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -40,6 +40,10 @@
#include "mbedtls/cipher.h"
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+#include "mbedtls/block_cipher.h"
+#endif
+
#define MBEDTLS_CCM_DECRYPT 0
#define MBEDTLS_CCM_ENCRYPT 1
#define MBEDTLS_CCM_STAR_DECRYPT 2
@@ -80,7 +84,11 @@
#MBEDTLS_CCM_DECRYPT or
#MBEDTLS_CCM_STAR_ENCRYPT or
#MBEDTLS_CCM_STAR_DECRYPT. */
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ mbedtls_block_cipher_context_t MBEDTLS_PRIVATE(block_cipher_ctx); /*!< The cipher context used. */
+#else
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
+#endif
int MBEDTLS_PRIVATE(state); /*!< Working value holding context's
state. Used for chunked data input */
}
@@ -501,7 +509,7 @@
int mbedtls_ccm_finish(mbedtls_ccm_context *ctx,
unsigned char *tag, size_t tag_len);
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_CCM_GCM_CAN_AES)
/**
* \brief The CCM checkup routine.
*
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 951db31..b211356 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -153,7 +153,9 @@
#endif /* not all curves accelerated */
#endif /* some curve accelerated */
-#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_CTR_DRBG_C) && !(defined(MBEDTLS_AES_C) || \
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_KEY_TYPE_AES) && \
+ defined(PSA_WANT_ALG_ECB_NO_PADDING)))
#error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
#endif
@@ -171,6 +173,36 @@
#error "MBEDTLS_NIST_KW_C defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) && defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
+#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_NO_PADDING cannot be defined simultaneously"
+#endif
+#if defined(PSA_WANT_ALG_CBC_PKCS7)
+#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_PKCS7 cannot be defined simultaneously"
+#endif
+#if defined(PSA_WANT_ALG_ECB_NO_PADDING)
+#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_ECB_NO_PADDING cannot be defined simultaneously"
+#endif
+#if defined(PSA_WANT_KEY_TYPE_DES)
+#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_KEY_TYPE_DES cannot be defined simultaneously"
+#endif
+#endif
+
+#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_CBC cannot be defined simultaneously"
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_XTS cannot be defined simultaneously"
+#endif
+#if defined(MBEDTLS_DES_C)
+#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_DES_C cannot be defined simultaneously"
+#endif
+#if defined(MBEDTLS_NIST_KW_C)
+#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_NIST_KW_C cannot be defined simultaneously"
+#endif
+#endif
+
#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECDH_C defined, but not all prerequisites"
#endif
@@ -249,15 +281,6 @@
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_PKCS12_C) && !defined(MBEDTLS_CIPHER_C)
-#error "MBEDTLS_PKCS12_C defined, but not all prerequisites"
-#endif
-
-#if defined(MBEDTLS_PKCS5_C) && \
- !defined(MBEDTLS_CIPHER_C)
-#error "MBEDTLS_PKCS5_C defined, but not all prerequisites"
-#endif
-
/* Helpers for hash dependencies, will be undefined at the end of the file */
/* Do SHA-256, 384, 512 to cover Entropy and TLS. */
#if defined(MBEDTLS_SHA256_C) || \
@@ -301,21 +324,15 @@
#endif
#undef MBEDTLS_HAS_MEMSAN
-#if defined(MBEDTLS_CCM_C) && ( \
- !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
+#if defined(MBEDTLS_CCM_C) && \
+ !(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \
+ defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA))
#error "MBEDTLS_CCM_C defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_CCM_C) && !defined(MBEDTLS_CIPHER_C)
-#error "MBEDTLS_CCM_C defined, but not all prerequisites"
-#endif
-
-#if defined(MBEDTLS_GCM_C) && ( \
- !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
-#error "MBEDTLS_GCM_C defined, but not all prerequisites"
-#endif
-
-#if defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CIPHER_C)
+#if defined(MBEDTLS_GCM_C) && \
+ !(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \
+ defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA))
#error "MBEDTLS_GCM_C defined, but not all prerequisites"
#endif
@@ -763,9 +780,8 @@
#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)"
#endif
-#if defined(MBEDTLS_PSA_CRYPTO_C) && \
- (defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || defined(PSA_HAVE_SOFT_BLOCK_AEAD)) && \
- !defined(MBEDTLS_CIPHER_C)
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_HAVE_SOFT_BLOCK_MODE) && \
+ defined(PSA_HAVE_SOFT_BLOCK_CIPHER) && !defined(MBEDTLS_CIPHER_C)
#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 2596baa..815b5bb 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -480,7 +480,7 @@
if (info == NULL) {
return 0;
} else {
- return info->MBEDTLS_PRIVATE(key_bitlen) << MBEDTLS_KEY_BITLEN_SHIFT;
+ return ((size_t) info->MBEDTLS_PRIVATE(key_bitlen)) << MBEDTLS_KEY_BITLEN_SHIFT;
}
}
diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h
index c60e1e3..696266c 100644
--- a/include/mbedtls/config_adjust_legacy_crypto.h
+++ b/include/mbedtls/config_adjust_legacy_crypto.h
@@ -22,11 +22,18 @@
#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
#define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
-/* Temporary hack to pacify check_names.py.
- * (GCM and CCM still hard-depend on CIPHER_C for now.) */
-#if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \
- !defined(MBEDTLS_CIPHER_C)
-#define MBEDTLS_BLOCK_CIPHER_C
+/* Auto-enable CIPHER_C when any of the unauthenticated ciphers is builtin
+ * in PSA. */
+#if defined(MBEDTLS_PSA_CRYPTO_C) && \
+ (defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG))
+#define MBEDTLS_CIPHER_C
#endif
/* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C.
@@ -165,6 +172,88 @@
#endif /* MBEDTLS_MD_LIGHT */
+/* BLOCK_CIPHER module can dispatch to PSA when:
+ * - PSA is enabled and drivers have been initialized
+ * - desired key type is supported on the PSA side
+ * If the above conditions are not met, but the legacy support is enabled, then
+ * BLOCK_CIPHER will dynamically fallback to it.
+ *
+ * In case BLOCK_CIPHER is defined (see below) the following symbols/helpers
+ * can be used to define its capabilities:
+ * - MBEDTLS_BLOCK_CIPHER_SOME_PSA: there is at least 1 key type between AES,
+ * ARIA and Camellia which is supported through a driver;
+ * - MBEDTLS_BLOCK_CIPHER_xxx_VIA_PSA: xxx key type is supported through a
+ * driver;
+ * - MBEDTLS_BLOCK_CIPHER_xxx_VIA_LEGACY: xxx key type is supported through
+ * a legacy module (i.e. MBEDTLS_xxx_C)
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#define MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA
+#define MBEDTLS_BLOCK_CIPHER_SOME_PSA
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
+#define MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA
+#define MBEDTLS_BLOCK_CIPHER_SOME_PSA
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
+#define MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA
+#define MBEDTLS_BLOCK_CIPHER_SOME_PSA
+#endif
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+#if defined(MBEDTLS_AES_C)
+#define MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY
+#endif
+#if defined(MBEDTLS_ARIA_C)
+#define MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+#define MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY
+#endif
+
+/* Helpers to state that BLOCK_CIPHER module supports AES, ARIA and/or Camellia
+ * block ciphers via either PSA or legacy. */
+#if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA) || \
+ defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY)
+#define MBEDTLS_BLOCK_CIPHER_CAN_AES
+#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA) || \
+ defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY)
+#define MBEDTLS_BLOCK_CIPHER_CAN_ARIA
+#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA) || \
+ defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY)
+#define MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA
+#endif
+
+/* GCM_C and CCM_C can either depend on (in order of preference) BLOCK_CIPHER_C
+ * or CIPHER_C. The former is auto-enabled when:
+ * - CIPHER_C is not defined, which is also the legacy solution;
+ * - BLOCK_CIPHER_SOME_PSA because in this case BLOCK_CIPHER can take advantage
+ * of the driver's acceleration.
+ */
+#if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \
+ (!defined(MBEDTLS_CIPHER_C) || defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA))
+#define MBEDTLS_BLOCK_CIPHER_C
+#endif
+
+/* Helpers for GCM/CCM capabilities */
+#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_AES_C)) || \
+ (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_AES))
+#define MBEDTLS_CCM_GCM_CAN_AES
+#endif
+
+#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_ARIA_C)) || \
+ (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_ARIA))
+#define MBEDTLS_CCM_GCM_CAN_ARIA
+#endif
+
+#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_CAMELLIA_C)) || \
+ (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA))
+#define MBEDTLS_CCM_GCM_CAN_CAMELLIA
+#endif
+
/* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols:
* - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions
* for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for
@@ -235,9 +324,9 @@
#define MBEDTLS_PSA_CRYPTO_CLIENT
#endif /* MBEDTLS_PSA_CRYPTO_C */
-/* The PK wrappers need pk_write functions to format RSA key objects
- * when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO,
- * and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). */
+/* The PK wrappers need pk_write/pk_parse functions to format RSA key objects
+ * when they are dispatching to the PSA API. This happens under MBEDTLS_USE_PSA_CRYPTO,
+ * and even under just MBEDTLS_PSA_CRYPTO_C in psa_crypto_rsa.c. */
#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C)
#define MBEDTLS_PK_C
#define MBEDTLS_PK_WRITE_C
diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h
index bf87c36..691fed6 100644
--- a/include/mbedtls/config_adjust_legacy_from_psa.h
+++ b/include/mbedtls/config_adjust_legacy_from_psa.h
@@ -692,11 +692,6 @@
#define PSA_HAVE_SOFT_BLOCK_MODE 1
#endif
-#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \
- (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM))
-#define PSA_HAVE_SOFT_BLOCK_AEAD 1
-#endif
-
#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
@@ -709,8 +704,7 @@
#define PSA_HAVE_SOFT_KEY_TYPE_AES 1
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
- defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
- defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+ defined(PSA_HAVE_SOFT_BLOCK_MODE)
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
#define MBEDTLS_AES_C
#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
@@ -721,8 +715,7 @@
#define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
#if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
- defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
- defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+ defined(PSA_HAVE_SOFT_BLOCK_MODE)
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
#define MBEDTLS_ARIA_C
#endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
@@ -733,8 +726,7 @@
#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
- defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
- defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+ defined(PSA_HAVE_SOFT_BLOCK_MODE)
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
#define MBEDTLS_CAMELLIA_C
#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/include/mbedtls/config_adjust_psa_from_legacy.h
index 60b00c1..b841875 100644
--- a/include/mbedtls/config_adjust_psa_from_legacy.h
+++ b/include/mbedtls/config_adjust_psa_from_legacy.h
@@ -25,9 +25,11 @@
#if defined(MBEDTLS_CCM_C)
#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
-#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
#define PSA_WANT_ALG_CCM 1
+#if defined(MBEDTLS_CIPHER_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
+#endif /* MBEDTLS_CIPHER_C */
#endif /* MBEDTLS_CCM_C */
#if defined(MBEDTLS_CMAC_C)
@@ -247,8 +249,9 @@
#endif
#endif
-#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
- defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)
+#if (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
+ defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)) && \
+ defined(MBEDTLS_CIPHER_C)
#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
#define PSA_WANT_ALG_ECB_NO_PADDING 1
#endif
diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h
index 8415f3e..5dd331c 100644
--- a/include/mbedtls/config_adjust_ssl.h
+++ b/include/mbedtls/config_adjust_ssl.h
@@ -65,6 +65,7 @@
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
#undef MBEDTLS_SSL_EARLY_DATA
+#undef MBEDTLS_SSL_RECORD_SIZE_LIMIT
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index d1f19e6..c00756d 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -32,7 +32,14 @@
#include "mbedtls/build_info.h"
+/* In case AES_C is defined then it is the primary option for backward
+ * compatibility purposes. If that's not available, PSA is used instead */
+#if defined(MBEDTLS_AES_C)
#include "mbedtls/aes.h"
+#else
+#include "psa/crypto.h"
+#endif
+
#include "entropy.h"
#if defined(MBEDTLS_THREADING_C)
@@ -150,6 +157,13 @@
#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
#endif
+#if !defined(MBEDTLS_AES_C)
+typedef struct mbedtls_ctr_drbg_psa_context {
+ mbedtls_svc_key_id_t key_id;
+ psa_cipher_operation_t operation;
+} mbedtls_ctr_drbg_psa_context;
+#endif
+
/**
* \brief The CTR_DRBG context structure.
*/
@@ -175,7 +189,11 @@
* This is the maximum number of requests
* that can be made between reseedings. */
+#if defined(MBEDTLS_AES_C)
mbedtls_aes_context MBEDTLS_PRIVATE(aes_ctx); /*!< The AES context. */
+#else
+ mbedtls_ctr_drbg_psa_context MBEDTLS_PRIVATE(psa_ctx); /*!< The PSA context. */
+#endif
/*
* Callbacks (Entropy)
diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index 9a17488..922e5be 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -230,7 +230,7 @@
const char *text, const mbedtls_mpi *X);
#endif
-#if defined(MBEDTLS_ECP_C)
+#if defined(MBEDTLS_ECP_LIGHT)
/**
* \brief Print an ECP point to the debug output. This function is always
* used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index 837cecc..631b392 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -24,6 +24,10 @@
#include "mbedtls/cipher.h"
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+#include "mbedtls/block_cipher.h"
+#endif
+
#include <stdint.h>
#define MBEDTLS_GCM_ENCRYPT 1
@@ -46,7 +50,11 @@
* \brief The GCM context structure.
*/
typedef struct mbedtls_gcm_context {
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ mbedtls_block_cipher_context_t MBEDTLS_PRIVATE(block_cipher_ctx); /*!< The cipher context used. */
+#else
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
+#endif
uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */
uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */
uint64_t MBEDTLS_PRIVATE(len); /*!< The total length of the encrypted data. */
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index a4e90c5..6a5828c 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -2191,6 +2191,8 @@
* Enable parsing and verification of X.509 certificates, CRLs and CSRS
* signed with RSASSA-PSS (aka PKCS#1 v2.1).
*
+ * Requires: MBEDTLS_PKCS1_V21
+ *
* Comment this macro to disallow using RSASSA-PSS in certificates.
*/
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
@@ -2238,7 +2240,7 @@
/**
* \def MBEDTLS_AESCE_C
*
- * Enable AES cryptographic extension support on 64-bit Arm.
+ * Enable AES cryptographic extension support on Armv8.
*
* Module: library/aesce.c
* Caller: library/aes.c
@@ -2249,13 +2251,15 @@
* system, Armv8-A Cryptographic Extensions must be supported by
* the CPU when this option is enabled.
*
- * \note Minimum compiler versions for this feature are Clang 4.0,
- * armclang 6.6, GCC 6.0 or MSVC 2019 version 16.11.2.
+ * \note Minimum compiler versions for this feature when targeting aarch64
+ * are Clang 4.0; armclang 6.6; GCC 6.0; or MSVC 2019 version 16.11.2.
+ * Minimum compiler versions for this feature when targeting 32-bit
+ * Arm or Thumb are Clang 11.0; armclang 6.20; or GCC 6.0.
*
* \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for
* armclang <= 6.9
*
- * This module adds support for the AES Armv8-A Cryptographic Extensions on Aarch64 systems.
+ * This module adds support for the AES Armv8-A Cryptographic Extensions on Armv8 systems.
*/
#define MBEDTLS_AESCE_C
@@ -2375,6 +2379,28 @@
#define MBEDTLS_BASE64_C
/**
+ * \def MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
+ *
+ * Remove decryption operation for AES, ARIA and Camellia block cipher.
+ *
+ * \note This feature is incompatible with insecure block cipher,
+ * MBEDTLS_DES_C, and cipher modes which always require decryption
+ * operation, MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and
+ * MBEDTLS_NIST_KW_C. When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled,
+ * this feature is incompatible with following supported PSA equivalence,
+ * PSA_WANT_ALG_ECB_NO_PADDING, PSA_WANT_ALG_CBC_NO_PADDING,
+ * PSA_WANT_ALG_CBC_PKCS7 and PSA_WANT_KEY_TYPE_DES.
+ *
+ * Module: library/aes.c
+ * library/aesce.c
+ * library/aesni.c
+ * library/aria.c
+ * library/camellia.c
+ * library/cipher.c
+ */
+//#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
+
+/**
* \def MBEDTLS_BIGNUM_C
*
* Enable the multi-precision integer library.
@@ -2553,6 +2579,8 @@
* library/ssl_ciphersuites.c
* library/ssl_msg.c
* library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled)
+ * Auto-enabled by: MBEDTLS_PSA_CRYPTO_C depending on which ciphers are enabled
+ * (see the documentation of that option for details).
*
* Uncomment to enable generic cipher wrappers.
*/
@@ -2583,6 +2611,13 @@
* The CTR_DRBG generator uses AES-256 by default.
* To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above.
*
+ * AES support can either be achived through builtin (MBEDTLS_AES_C) or PSA.
+ * Builtin is the default option when MBEDTLS_AES_C is defined otherwise PSA
+ * is used.
+ *
+ * \warning When using PSA, the user should call `psa_crypto_init()` before
+ * using any CTR_DRBG operation (except `mbedtls_ctr_drbg_init()`).
+ *
* \note AES-128 will be used if \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set.
*
* \note To achieve a 256-bit security strength with CTR_DRBG,
@@ -2592,7 +2627,9 @@
* Module: library/ctr_drbg.c
* Caller:
*
- * Requires: MBEDTLS_AES_C
+ * Requires: MBEDTLS_AES_C or
+ * (PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING and
+ * MBEDTLS_PSA_CRYPTO_C)
*
* This module provides the CTR_DRBG AES random number generator.
*/
@@ -3049,7 +3086,6 @@
*
* Module: library/pkcs5.c
*
- * Requires: MBEDTLS_CIPHER_C
* Auto-enables: MBEDTLS_MD_C
*
* \warning If using a hash that is only provided by PSA drivers, you must
@@ -3084,8 +3120,8 @@
* Module: library/pkcs12.c
* Caller: library/pkparse.c
*
- * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either
- * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C.
+ * Requires: MBEDTLS_ASN1_PARSE_C and either MBEDTLS_MD_C or
+ * MBEDTLS_PSA_CRYPTO_C.
*
* \warning If using a hash that is only provided by PSA drivers, you must
* call psa_crypto_init() before doing any PKCS12 operations.
@@ -3131,11 +3167,12 @@
*
* Module: library/psa_crypto.c
*
- * Requires: MBEDTLS_CIPHER_C,
- * either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C,
+ * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C,
* or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C,
* or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG.
- *
+ * Auto-enables: MBEDTLS_CIPHER_C if any unauthenticated (ie, non-AEAD) cipher
+ * is enabled in PSA (unless it's fully accelerated, see
+ * docs/driver-only-builds.md about that).
*/
#define MBEDTLS_PSA_CRYPTO_C
diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index 026f627..85c1197 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -143,7 +143,7 @@
* \param client_ctx Will contain the connected client socket
* \param client_ip Will contain the client IP address, can be NULL
* \param buf_size Size of the client_ip buffer
- * \param ip_len Will receive the size of the client IP written,
+ * \param cip_len Will receive the size of the client IP written,
* can be NULL if client_ip is null
*
* \return 0 if successful, or
@@ -156,7 +156,7 @@
*/
int mbedtls_net_accept(mbedtls_net_context *bind_ctx,
mbedtls_net_context *client_ctx,
- void *client_ip, size_t buf_size, size_t *ip_len);
+ void *client_ip, size_t buf_size, size_t *cip_len);
/**
* \brief Check and wait for the context to be ready for read/write
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index e48817d..8a67486 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -698,7 +698,6 @@
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg);
-#endif /* MBEDTLS_CIPHER_C */
#if defined(MBEDTLS_PKCS12_C)
/**
@@ -714,6 +713,7 @@
int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
mbedtls_cipher_type_t *cipher_alg);
#endif /* MBEDTLS_PKCS12_C */
+#endif /* MBEDTLS_CIPHER_C */
#ifdef __cplusplus
}
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 24b1188..27768bd 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -28,7 +28,7 @@
#include "mbedtls/ecdsa.h"
#endif
-#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#endif
@@ -229,7 +229,7 @@
void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
/* The following field is used to store the ID of a private key in the
* following cases:
- * - opaque key when MBEDTLS_PSA_CRYPTO_C is defined
+ * - opaque key when MBEDTLS_USE_PSA_CRYPTO is defined
* - normal key when MBEDTLS_PK_USE_PSA_EC_DATA is defined. In this case:
* - the pk_ctx above is not not used to store the private key anymore.
* Actually that field not populated at all in this case because also
@@ -239,15 +239,10 @@
*
* Note: this private key storing solution only affects EC keys, not the
* other ones. The latters still use the pk_ctx to store their own
- * context.
- *
- * Note: this priv_id is guarded by MBEDTLS_PSA_CRYPTO_C and not by
- * MBEDTLS_PK_USE_PSA_EC_DATA (as the public counterpart below) because,
- * when working with opaque keys, it can be used also in
- * mbedtls_pk_sign_ext for RSA keys. */
-#if defined(MBEDTLS_PSA_CRYPTO_C)
+ * context. */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(priv_id); /**< Key ID for opaque keys */
-#endif /* MBEDTLS_PSA_CRYPTO_C */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* The following fields are meant for storing the public key in raw format
* which is handy for:
* - easily importing it into the PSA context
@@ -615,7 +610,6 @@
unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
-#if defined(MBEDTLS_PSA_CRYPTO_C)
/**
* \brief Make signature given a signature type.
*
@@ -652,7 +646,6 @@
unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng);
-#endif /* MBEDTLS_PSA_CRYPTO_C */
/**
* \brief Restartable version of \c mbedtls_pk_sign()
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index 42e8453..87f7681 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -31,14 +31,14 @@
#define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */
#define MBEDTLS_PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */
-#define MBEDTLS_PKCS12_PBE_DECRYPT 0
-#define MBEDTLS_PKCS12_PBE_ENCRYPT 1
+#define MBEDTLS_PKCS12_PBE_DECRYPT MBEDTLS_DECRYPT
+#define MBEDTLS_PKCS12_PBE_ENCRYPT MBEDTLS_ENCRYPT
#ifdef __cplusplus
extern "C" {
#endif
-#if defined(MBEDTLS_ASN1_PARSE_C)
+#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
/**
@@ -145,7 +145,7 @@
#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
-#endif /* MBEDTLS_ASN1_PARSE_C */
+#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C */
/**
* \brief The PKCS#12 derivation function uses a password and a salt
diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h
index e004f45..9ba5689 100644
--- a/include/mbedtls/pkcs5.h
+++ b/include/mbedtls/pkcs5.h
@@ -17,6 +17,7 @@
#include "mbedtls/asn1.h"
#include "mbedtls/md.h"
+#include "mbedtls/cipher.h"
#include <stddef.h>
#include <stdint.h>
@@ -30,14 +31,14 @@
/** Given private key password does not allow for correct decryption. */
#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00
-#define MBEDTLS_PKCS5_DECRYPT 0
-#define MBEDTLS_PKCS5_ENCRYPT 1
+#define MBEDTLS_PKCS5_DECRYPT MBEDTLS_DECRYPT
+#define MBEDTLS_PKCS5_ENCRYPT MBEDTLS_ENCRYPT
#ifdef __cplusplus
extern "C" {
#endif
-#if defined(MBEDTLS_ASN1_PARSE_C)
+#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
/**
@@ -129,7 +130,7 @@
#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
-#endif /* MBEDTLS_ASN1_PARSE_C */
+#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C*/
/**
* \brief PKCS#5 PBKDF2 using HMAC without using the HMAC context
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 643e8aa..5f6a053 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -14,6 +14,8 @@
#include "mbedtls/build_info.h"
+#include "psa/crypto.h"
+
#if defined(MBEDTLS_PSA_CRYPTO_C)
/* Expose whatever RNG the PSA subsystem uses to applications using the
@@ -100,5 +102,53 @@
#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+/** \defgroup psa_tls_helpers TLS helper functions
+ * @{
+ */
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+#include <mbedtls/ecp.h>
+
+/** Convert an ECC curve identifier from the Mbed TLS encoding to PSA.
+ *
+ * \note This function is provided solely for the convenience of
+ * Mbed TLS and may be removed at any time without notice.
+ *
+ * \param grpid An Mbed TLS elliptic curve identifier
+ * (`MBEDTLS_ECP_DP_xxx`).
+ * \param[out] bits On success, the bit size of the curve.
+ *
+ * \return The corresponding PSA elliptic curve identifier
+ * (`PSA_ECC_FAMILY_xxx`).
+ * \return \c 0 on failure (\p grpid is not recognized).
+ */
+psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
+ size_t *bits);
+
+/** Convert an ECC curve identifier from the PSA encoding to Mbed TLS.
+ *
+ * \note This function is provided solely for the convenience of
+ * Mbed TLS and may be removed at any time without notice.
+ *
+ * \param curve A PSA elliptic curve identifier
+ * (`PSA_ECC_FAMILY_xxx`).
+ * \param bits The bit-length of a private key on \p curve.
+ * \param bits_is_sloppy If true, \p bits may be the bit-length rounded up
+ * to the nearest multiple of 8. This allows the caller
+ * to infer the exact curve from the length of a key
+ * which is supplied as a byte string.
+ *
+ * \return The corresponding Mbed TLS elliptic curve identifier
+ * (`MBEDTLS_ECP_DP_xxx`).
+ * \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized.
+ * \return #MBEDTLS_ECP_DP_NONE if \p bits is not
+ * correct for \p curve.
+ */
+mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
+ size_t bits,
+ int bits_is_sloppy);
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
+
+/**@}*/
+
#endif /* MBEDTLS_PSA_CRYPTO_C */
#endif /* MBEDTLS_PSA_UTIL_H */
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index df66524..e5e172f 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -869,6 +869,7 @@
const unsigned char *hash,
unsigned char *sig);
+#if defined(MBEDTLS_PKCS1_V21)
/**
* \brief This function performs a PKCS#1 v2.1 PSS signature
* operation (RSASSA-PSS-SIGN).
@@ -969,6 +970,7 @@
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig);
+#endif /* MBEDTLS_PKCS1_V21 */
/**
* \brief This function performs a public RSA operation and checks
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 0ca802b..3629526 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -687,7 +687,6 @@
MBEDTLS_SSL_SERVER_FINISHED,
MBEDTLS_SSL_FLUSH_BUFFERS,
MBEDTLS_SSL_HANDSHAKE_WRAPUP,
-
MBEDTLS_SSL_NEW_SESSION_TICKET,
MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT,
MBEDTLS_SSL_HELLO_RETRY_REQUEST,
@@ -1189,6 +1188,11 @@
unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+/*!< RecordSizeLimit received from the peer */
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ uint16_t MBEDTLS_PRIVATE(record_size_limit);
+#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
+
unsigned char MBEDTLS_PRIVATE(exported);
/** TLS version negotiated in the session. Used if and when renegotiating
@@ -3752,6 +3756,8 @@
* used for certificate signature are controlled by the
* verification profile, see \c mbedtls_ssl_conf_cert_profile().
*
+ * \deprecated Superseded by mbedtls_ssl_conf_sig_algs().
+ *
* \note This list should be ordered by decreasing preference
* (preferred hash first).
*
@@ -3776,13 +3782,16 @@
#endif /* !MBEDTLS_DEPRECATED_REMOVED && MBEDTLS_SSL_PROTO_TLS1_2 */
/**
- * \brief Configure allowed signature algorithms for use in TLS 1.3
+ * \brief Configure allowed signature algorithms for use in TLS
*
* \param conf The SSL configuration to use.
* \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms,
- * terminated by \c MBEDTLS_TLS1_3_SIG_NONE. The list must remain
- * available throughout the lifetime of the conf object. Supported
- * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX
+ * terminated by #MBEDTLS_TLS1_3_SIG_NONE. The list must remain
+ * available throughout the lifetime of the conf object.
+ * - For TLS 1.3, values of \c MBEDTLS_TLS1_3_SIG_XXXX should be
+ * used.
+ * - For TLS 1.2, values should be given as
+ * "(HashAlgorithm << 8) | SignatureAlgorithm".
*/
void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf,
const uint16_t *sig_algs);
diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h
index ed16a23..b504233 100644
--- a/include/mbedtls/threading.h
+++ b/include/mbedtls/threading.h
@@ -28,10 +28,14 @@
#include <pthread.h>
typedef struct mbedtls_threading_mutex_t {
pthread_mutex_t MBEDTLS_PRIVATE(mutex);
- /* is_valid is 0 after a failed init or a free, and nonzero after a
- * successful init. This field is not considered part of the public
- * API of Mbed TLS and may change without notice. */
- char MBEDTLS_PRIVATE(is_valid);
+
+ /* WARNING - state should only be accessed when holding the mutex lock in
+ * tests/src/threading_helpers.c, otherwise corruption can occur.
+ * state will be 0 after a failed init or a free, and nonzero after a
+ * successful init. This field is for testing only and thus not considered
+ * part of the public API of Mbed TLS and may change without notice.*/
+ char MBEDTLS_PRIVATE(state);
+
} mbedtls_threading_mutex_t;
#endif
diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h
index 35c2e29..c14f5dd 100644
--- a/include/psa/crypto_builtin_composites.h
+++ b/include/psa/crypto_builtin_composites.h
@@ -25,8 +25,12 @@
#include <psa/crypto_driver_common.h>
#include "mbedtls/cmac.h"
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
#include "mbedtls/gcm.h"
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
#include "mbedtls/ccm.h"
+#endif
#include "mbedtls/chachapoly.h"
/*
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index ef29b77..fc9bf4f 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -428,6 +428,7 @@
* of psa_set_key_type() when you need to specify domain parameters.
*
* The format for the required domain parameters varies based on the key type.
+ * Mbed TLS supports the following key type with domain parameters:
*
* - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEY_PAIR),
* the domain parameter data consists of the public exponent,
@@ -437,32 +438,6 @@
* key data and the exponent recorded in the attribute structure is ignored.
* As an exception, the public exponent 65537 is represented by an empty
* byte string.
- * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEY_PAIR),
- * the `Dss-Params` format as defined by RFC 3279 §2.3.2.
- * ```
- * Dss-Params ::= SEQUENCE {
- * p INTEGER,
- * q INTEGER,
- * g INTEGER
- * }
- * ```
- * - For Diffie-Hellman key exchange keys
- * (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or
- * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM)), the
- * `DomainParameters` format as defined by RFC 3279 §2.3.3.
- * ```
- * DomainParameters ::= SEQUENCE {
- * p INTEGER, -- odd prime, p=jq +1
- * g INTEGER, -- generator, g
- * q INTEGER, -- factor of p-1
- * j INTEGER OPTIONAL, -- subgroup factor
- * validationParams ValidationParams OPTIONAL
- * }
- * ValidationParams ::= SEQUENCE {
- * seed BIT STRING,
- * pgenCounter INTEGER
- * }
- * ```
*
* \note This function may allocate memory or other resources.
* Once you have called this function on an attribute structure,
@@ -471,6 +446,9 @@
* \note This is an experimental extension to the interface. It may change
* in future versions of the library.
*
+ * \note Due to an implementation limitation, domain parameters are ignored
+ * for keys that are managed by a driver.
+ *
* \param[in,out] attributes Attribute structure where the specified domain
* parameters will be stored.
* If this function fails, the content of
@@ -486,10 +464,13 @@
* \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
*/
+#if !defined(PSA_SET_KEY_DOMAIN_PARAMETERS)
+#define PSA_SET_KEY_DOMAIN_PARAMETERS
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
psa_key_type_t type,
const uint8_t *data,
size_t data_length);
+#endif /* PSA_SET_KEY_DOMAIN_PARAMETERS */
/**
* \brief Get domain parameters for a key.
@@ -501,6 +482,9 @@
* \note This is an experimental extension to the interface. It may change
* in future versions of the library.
*
+ * \note Due to an implementation limitation, domain parameters are not
+ * supported with keys that are managed by a driver.
+ *
* \param[in] attributes The key attribute structure to query.
* \param[out] data On success, the key domain parameters.
* \param data_size Size of the \p data buffer in bytes.
@@ -513,6 +497,8 @@
*
* \retval #PSA_SUCCESS \emptydescription
* \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * The key is managed by a driver.
*/
psa_status_t psa_get_key_domain_parameters(
const psa_key_attributes_t *attributes,
@@ -557,53 +543,6 @@
/**@}*/
-/** \defgroup psa_tls_helpers TLS helper functions
- * @{
- */
-#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
-#include <mbedtls/ecp.h>
-
-/** Convert an ECC curve identifier from the Mbed TLS encoding to PSA.
- *
- * \note This function is provided solely for the convenience of
- * Mbed TLS and may be removed at any time without notice.
- *
- * \param grpid An Mbed TLS elliptic curve identifier
- * (`MBEDTLS_ECP_DP_xxx`).
- * \param[out] bits On success, the bit size of the curve.
- *
- * \return The corresponding PSA elliptic curve identifier
- * (`PSA_ECC_FAMILY_xxx`).
- * \return \c 0 on failure (\p grpid is not recognized).
- */
-psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
- size_t *bits);
-
-/** Convert an ECC curve identifier from the PSA encoding to Mbed TLS.
- *
- * \note This function is provided solely for the convenience of
- * Mbed TLS and may be removed at any time without notice.
- *
- * \param curve A PSA elliptic curve identifier
- * (`PSA_ECC_FAMILY_xxx`).
- * \param bits The bit-length of a private key on \p curve.
- * \param bits_is_sloppy If true, \p bits may be the bit-length rounded up
- * to the nearest multiple of 8. This allows the caller
- * to infer the exact curve from the length of a key
- * which is supplied as a byte string.
- *
- * \return The corresponding Mbed TLS elliptic curve identifier
- * (`MBEDTLS_ECP_DP_xxx`).
- * \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized.
- * \return #MBEDTLS_ECP_DP_NONE if \p bits is not
- * correct for \p curve.
- */
-mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
- size_t bits,
- int bits_is_sloppy);
-#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
-
-/**@}*/
/** \defgroup psa_external_rng External random generator
* @{
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 5639ad0..3a19618 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -254,6 +254,18 @@
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number);
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+ /* Unlike normal buffers, there are three cases for domain_parameters
+ * and domain_parameters_size:
+ * - domain_parameters_size == SIZE_MAX && domain_parameters == NULL:
+ * Access to domain parameters is not supported for this key.
+ * This is a hack which should not exist, intended for keys managed
+ * by a driver, because drivers don't support domain parameters.
+ * - domain_parameters_size == 0 && domain_parameters == NULL:
+ * The domain parameters are empty.
+ * - domain_parameters_size > 0 &&
+ * domain_parameters == valid pointer to domain_parameters_size bytes:
+ * The domain parameters are non-empty.
+ */
void *MBEDTLS_PRIVATE(domain_parameters);
size_t MBEDTLS_PRIVATE(domain_parameters_size);
};
@@ -356,10 +368,13 @@
/* This function is declared in crypto_extra.h, which comes after this
* header file, but we need the function here, so repeat the declaration. */
+#if !defined(PSA_SET_KEY_DOMAIN_PARAMETERS)
+#define PSA_SET_KEY_DOMAIN_PARAMETERS
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
psa_key_type_t type,
const uint8_t *data,
size_t data_length);
+#endif /* PSA_SET_KEY_DOMAIN_PARAMETERS */
static inline void psa_set_key_type(psa_key_attributes_t *attributes,
psa_key_type_t type)
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 5e33f6b..8d30bf0 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -594,19 +594,23 @@
* They are defined in _Standards for Efficient Cryptography_,
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
+ *
+ * \note For secp224k1, the bit-size is 225 (size of a private value).
+ *
+ * \note Mbed TLS only supports secp192k1 and secp256k1.
*/
#define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
/** SEC random curves over prime fields.
*
* This family comprises the following curves:
- * secp192k1, secp224r1, secp256r1, secp384r1, secp521r1.
+ * secp192r1, secp224r1, secp256r1, secp384r1, secp521r1.
* They are defined in _Standards for Efficient Cryptography_,
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
*/
#define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
-/* SECP160R2 (SEC2 v1, obsolete) */
+/* SECP160R2 (SEC2 v1, obsolete, not supported in Mbed TLS) */
#define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
/** SEC Koblitz curves over binary fields.
@@ -616,6 +620,8 @@
* They are defined in _Standards for Efficient Cryptography_,
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
+ *
+ * \note Mbed TLS does not support any curve in this family.
*/
#define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
@@ -626,6 +632,8 @@
* They are defined in _Standards for Efficient Cryptography_,
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
+ *
+ * \note Mbed TLS does not support any curve in this family.
*/
#define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
@@ -636,6 +644,8 @@
* It is defined in _Standards for Efficient Cryptography_,
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
+ *
+ * \note Mbed TLS does not support any curve in this family.
*/
#define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
@@ -645,6 +655,9 @@
* brainpoolP160r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1,
* brainpoolP320r1, brainpoolP384r1, brainpoolP512r1.
* It is defined in RFC 5639.
+ *
+ * \note Mbed TLS only supports the 256-bit, 384-bit and 512-bit curves
+ * in this family.
*/
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
@@ -673,6 +686,8 @@
* - 448-bit: Edwards448, the twisted Edwards curve birationally equivalent
* to Curve448.
* Hamburg, _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015.
+ *
+ * \note Mbed TLS does not support Edwards curves yet.
*/
#define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
diff --git a/library/aes.c b/library/aes.c
index 05f4c3c..f4b9739 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -23,9 +23,9 @@
#include "mbedtls/error.h"
#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#if !((defined(MBEDTLS_ARCH_IS_ARM64) && defined(MBEDTLS_AESCE_C)) || \
- (defined(MBEDTLS_ARCH_IS_X64) && defined(MBEDTLS_AESNI_C)) || \
- (defined(MBEDTLS_ARCH_IS_X86) && defined(MBEDTLS_AESNI_C)))
+#if !((defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(MBEDTLS_AESCE_C)) || \
+ (defined(MBEDTLS_ARCH_IS_X64) && defined(MBEDTLS_AESNI_C)) || \
+ (defined(MBEDTLS_ARCH_IS_X86) && defined(MBEDTLS_AESNI_C)))
#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
#endif
#endif
@@ -54,6 +54,16 @@
#include "mbedtls/platform.h"
+/*
+ * This is a convenience shorthand macro to check if we need reverse S-box and
+ * reverse tables. It's private and only defined in this file.
+ */
+#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || \
+ (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY))) && \
+ !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+#define MBEDTLS_AES_NEED_REVERSE_TABLES
+#endif
+
#if !defined(MBEDTLS_AES_ALT)
#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
@@ -389,7 +399,9 @@
* generate the forward and reverse S-boxes
*/
FSb[0x00] = 0x63;
+#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES)
RSb[0x63] = 0x00;
+#endif
for (i = 1; i < 256; i++) {
x = pow[255 - log[i]];
@@ -401,7 +413,9 @@
x ^= y ^ 0x63;
FSb[i] = x;
+#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES)
RSb[x] = (unsigned char) i;
+#endif
}
/*
@@ -423,10 +437,9 @@
FT3[i] = ROTL8(FT2[i]);
#endif /* !MBEDTLS_AES_FEWER_TABLES */
+#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES)
x = RSb[i];
-#if !defined(MBEDTLS_AES_DECRYPT_ALT) || \
- (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY))
RT0[i] = ((uint32_t) MUL(0x0E, x)) ^
((uint32_t) MUL(0x09, x) << 8) ^
((uint32_t) MUL(0x0D, x) << 16) ^
@@ -437,8 +450,7 @@
RT2[i] = ROTL8(RT1[i]);
RT3[i] = ROTL8(RT2[i]);
#endif /* !MBEDTLS_AES_FEWER_TABLES */
-#endif \
- /* !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) */
+#endif /* MBEDTLS_AES_NEED_REVERSE_TABLES */
}
}
@@ -670,7 +682,7 @@
/*
* AES key schedule (decryption)
*/
-#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits)
{
@@ -739,7 +751,7 @@
return ret;
}
-#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */
+#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
static int mbedtls_aes_xts_decode_keys(const unsigned char *key,
@@ -928,7 +940,7 @@
/*
* AES-ECB block decryption
*/
-#if !defined(MBEDTLS_AES_DECRYPT_ALT)
+#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
@@ -985,7 +997,7 @@
return 0;
}
-#endif /* !MBEDTLS_AES_DECRYPT_ALT */
+#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/* VIA Padlock and our intrinsics-based implementation of AESNI require
* the round keys to be aligned on a 16-byte boundary. We take care of this
@@ -1040,13 +1052,15 @@
#endif
#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
- if (mode == MBEDTLS_AES_ENCRYPT) {
- return mbedtls_internal_aes_encrypt(ctx, input, output);
- } else {
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+ if (mode == MBEDTLS_AES_DECRYPT) {
return mbedtls_internal_aes_decrypt(ctx, input, output);
- }
+ } else
#endif
-
+ {
+ return mbedtls_internal_aes_encrypt(ctx, input, output);
+ }
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1472,6 +1486,7 @@
*
* http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip
*/
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static const unsigned char aes_test_ecb_dec[][16] =
{
{ 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58,
@@ -1483,6 +1498,7 @@
0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE }
#endif
};
+#endif
static const unsigned char aes_test_ecb_enc[][16] =
{
@@ -1864,7 +1880,7 @@
*/
{
static const int num_tests =
- sizeof(aes_test_ecb_dec) / sizeof(*aes_test_ecb_dec);
+ sizeof(aes_test_ecb_enc) / sizeof(*aes_test_ecb_enc);
for (i = 0; i < num_tests << 1; i++) {
u = i >> 1;
@@ -1875,13 +1891,24 @@
mbedtls_printf(" AES-ECB-%3u (%s): ", keybits,
(mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc");
}
+#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+ if (mode == MBEDTLS_AES_DECRYPT) {
+ if (verbose != 0) {
+ mbedtls_printf("skipped\n");
+ }
+ continue;
+ }
+#endif
memset(buf, 0, 16);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (mode == MBEDTLS_AES_DECRYPT) {
ret = mbedtls_aes_setkey_dec(&ctx, key, keybits);
aes_tests = aes_test_ecb_dec[u];
- } else {
+ } else
+#endif
+ {
ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
aes_tests = aes_test_ecb_enc[u];
}
diff --git a/library/aesce.c b/library/aesce.c
index f2bdce2..eaaa5b5 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -5,8 +5,17 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
-#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \
- defined(__clang__) && __clang_major__ >= 4
+#if defined(__clang__) && (__clang_major__ >= 4)
+
+/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8_A in the following #if,
+ * but that is defined by build_info.h, and we need this block to happen first. */
+#if defined(__ARM_ARCH)
+#if __ARM_ARCH >= 8
+#define MBEDTLS_AESCE_ARCH_IS_ARMV8_A
+#endif
+#endif
+
+#if defined(MBEDTLS_AESCE_ARCH_IS_ARMV8_A) && !defined(__ARM_FEATURE_CRYPTO)
/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged.
*
* The intrinsic declaration are guarded by predefined ACLE macros in clang:
@@ -14,7 +23,7 @@
* By defining the macros ourselves we gain access to those declarations without
* requiring -march on the command line.
*
- * `arm_neon.h` could be included by any header file, so we put these defines
+ * `arm_neon.h` is included by common.h, so we put these defines
* at the top of this file, before any includes.
*/
#define __ARM_FEATURE_CRYPTO 1
@@ -27,6 +36,8 @@
#define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG
#endif
+#endif /* defined(__clang__) && (__clang_major__ >= 4) */
+
#include <string.h>
#include "common.h"
@@ -34,12 +45,14 @@
#include "aesce.h"
-#if defined(MBEDTLS_ARCH_IS_ARM64)
+#if defined(MBEDTLS_AESCE_HAVE_CODE)
/* Compiler version checks. */
#if defined(__clang__)
-# if __clang_major__ < 4
-# error "Minimum version of Clang for MBEDTLS_AESCE_C is 4.0."
+# if defined(MBEDTLS_ARCH_IS_ARM32) && (__clang_major__ < 11)
+# error "Minimum version of Clang for MBEDTLS_AESCE_C on 32-bit Arm or Thumb is 11.0."
+# elif defined(MBEDTLS_ARCH_IS_ARM64) && (__clang_major__ < 4)
+# error "Minimum version of Clang for MBEDTLS_AESCE_C on aarch64 is 4.0."
# endif
#elif defined(__GNUC__)
# if __GNUC__ < 6
@@ -52,12 +65,15 @@
# if _MSC_VER < 1929
# error "Minimum version of MSVC for MBEDTLS_AESCE_C is 2019 version 16.11.2."
# endif
-#endif
-
-#ifdef __ARM_NEON
-#include <arm_neon.h>
-#else
-#error "Target does not support NEON instructions"
+#elif defined(__ARMCC_VERSION)
+# if defined(MBEDTLS_ARCH_IS_ARM32) && (__ARMCC_VERSION < 6200002)
+/* TODO: We haven't verified armclang for 32-bit Arm/Thumb prior to 6.20.
+ * If someone verified that, please update this and document of
+ * `MBEDTLS_AESCE_C` in `mbedtls_config.h`. */
+# error "Minimum version of armclang for MBEDTLS_AESCE_C on 32-bit Arm is 6.20."
+# elif defined(MBEDTLS_ARCH_IS_ARM64) && (__ARMCC_VERSION < 6060000)
+# error "Minimum version of armclang for MBEDTLS_AESCE_C on aarch64 is 6.6."
+# endif
#endif
#if !(defined(__ARM_FEATURE_CRYPTO) || defined(__ARM_FEATURE_AES)) || \
@@ -84,8 +100,19 @@
#if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#include <asm/hwcap.h>
#include <sys/auxv.h>
+#if !defined(HWCAP_NEON)
+#define HWCAP_NEON (1 << 12)
+#endif
+#if !defined(HWCAP2_AES)
+#define HWCAP2_AES (1 << 0)
+#endif
+#if !defined(HWCAP_AES)
+#define HWCAP_AES (1 << 3)
+#endif
+#if !defined(HWCAP_ASIMD)
+#define HWCAP_ASIMD (1 << 1)
+#endif
signed char mbedtls_aesce_has_support_result = -1;
@@ -102,6 +129,16 @@
* once, but that is harmless.
*/
if (mbedtls_aesce_has_support_result == -1) {
+#if defined(MBEDTLS_ARCH_IS_ARM32)
+ unsigned long auxval = getauxval(AT_HWCAP);
+ unsigned long auxval2 = getauxval(AT_HWCAP2);
+ if (((auxval & HWCAP_NEON) == HWCAP_NEON) &&
+ ((auxval2 & HWCAP2_AES) == HWCAP2_AES)) {
+ mbedtls_aesce_has_support_result = 1;
+ } else {
+ mbedtls_aesce_has_support_result = 0;
+ }
+#else
unsigned long auxval = getauxval(AT_HWCAP);
if ((auxval & (HWCAP_ASIMD | HWCAP_AES)) ==
(HWCAP_ASIMD | HWCAP_AES)) {
@@ -109,6 +146,7 @@
} else {
mbedtls_aesce_has_support_result = 0;
}
+#endif
}
return mbedtls_aesce_has_support_result;
}
@@ -187,6 +225,7 @@
/* Two rounds of AESCE decryption */
#define AESCE_DECRYPT_ROUND_X2 AESCE_DECRYPT_ROUND; AESCE_DECRYPT_ROUND
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static uint8x16_t aesce_decrypt_block(uint8x16_t block,
unsigned char *keys,
int rounds)
@@ -218,6 +257,7 @@
return block;
}
+#endif
/*
* AES-ECB block en(de)cryption
@@ -230,10 +270,15 @@
uint8x16_t block = vld1q_u8(&input[0]);
unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset);
- if (mode == MBEDTLS_AES_ENCRYPT) {
- block = aesce_encrypt_block(block, keys, ctx->nr);
- } else {
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+ if (mode == MBEDTLS_AES_DECRYPT) {
block = aesce_decrypt_block(block, keys, ctx->nr);
+ } else
+#else
+ (void) mode;
+#endif
+ {
+ block = aesce_encrypt_block(block, keys, ctx->nr);
}
vst1q_u8(&output[0], block);
@@ -243,6 +288,7 @@
/*
* Compute decryption round keys from encryption round keys
*/
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
void mbedtls_aesce_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey,
int nr)
@@ -257,6 +303,7 @@
vst1q_u8(invkey + i * 16, vld1q_u8(fwdkey + j * 16));
}
+#endif
static inline uint32_t aes_rot_word(uint32_t word)
{
@@ -300,7 +347,7 @@
rki + key_len_in_words < rko_end;
rki += key_len_in_words) {
- size_t iteration = (rki - (uint32_t *) rk) / key_len_in_words;
+ size_t iteration = (size_t) (rki - (uint32_t *) rk) / key_len_in_words;
uint32_t *rko;
rko = rki + key_len_in_words;
rko[0] = aes_rot_word(aes_sub_word(rki[key_len_in_words - 1]));
@@ -353,24 +400,91 @@
#if defined(MBEDTLS_GCM_C)
-#if !defined(__clang__) && defined(__GNUC__) && __GNUC__ == 5
-/* Some intrinsics are not available for GCC 5.X. */
-#define vreinterpretq_p64_u8(a) ((poly64x2_t) a)
-#define vreinterpretq_u8_p128(a) ((uint8x16_t) a)
-static inline poly64_t vget_low_p64(poly64x2_t __a)
+#if defined(MBEDTLS_ARCH_IS_ARM32)
+
+#if defined(__clang__)
+/* On clang for A32/T32, work around some missing intrinsics and types which are listed in
+ * [ACLE](https://arm-software.github.io/acle/neon_intrinsics/advsimd.html#polynomial-1)
+ * These are only required for GCM.
+ */
+#define vreinterpretq_u64_p64(a) ((uint64x2_t) a)
+
+typedef uint8x16_t poly128_t;
+
+static inline poly128_t vmull_p64(poly64_t a, poly64_t b)
{
- uint64x2_t tmp = (uint64x2_t) (__a);
- uint64x1_t lo = vcreate_u64(vgetq_lane_u64(tmp, 0));
- return (poly64_t) (lo);
+ poly128_t r;
+ asm ("vmull.p64 %[r], %[a], %[b]" : [r] "=w" (r) : [a] "w" (a), [b] "w" (b) :);
+ return r;
}
-#endif /* !__clang__ && __GNUC__ && __GNUC__ == 5*/
+
+/* This is set to cause some more missing intrinsics to be defined below */
+#define COMMON_MISSING_INTRINSICS
+
+static inline poly128_t vmull_high_p64(poly64x2_t a, poly64x2_t b)
+{
+ return vmull_p64((poly64_t) (vget_high_u64((uint64x2_t) a)),
+ (poly64_t) (vget_high_u64((uint64x2_t) b)));
+}
+
+#endif /* defined(__clang__) */
+
+static inline uint8x16_t vrbitq_u8(uint8x16_t x)
+{
+ /* There is no vrbitq_u8 instruction in A32/T32, so provide
+ * an equivalent non-Neon implementation. Reverse bit order in each
+ * byte with 4x rbit, rev. */
+ asm ("ldm %[p], { r2-r5 } \n\t"
+ "rbit r2, r2 \n\t"
+ "rev r2, r2 \n\t"
+ "rbit r3, r3 \n\t"
+ "rev r3, r3 \n\t"
+ "rbit r4, r4 \n\t"
+ "rev r4, r4 \n\t"
+ "rbit r5, r5 \n\t"
+ "rev r5, r5 \n\t"
+ "stm %[p], { r2-r5 } \n\t"
+ :
+ /* Output: 16 bytes of memory pointed to by &x */
+ "+m" (*(uint8_t(*)[16]) &x)
+ :
+ [p] "r" (&x)
+ :
+ "r2", "r3", "r4", "r5"
+ );
+ return x;
+}
+
+#endif /* defined(MBEDTLS_ARCH_IS_ARM32) */
+
+#if defined(MBEDTLS_COMPILER_IS_GCC) && __GNUC__ == 5
+/* Some intrinsics are not available for GCC 5.X. */
+#define COMMON_MISSING_INTRINSICS
+#endif /* MBEDTLS_COMPILER_IS_GCC && __GNUC__ == 5 */
+
+
+#if defined(COMMON_MISSING_INTRINSICS)
+
+/* Missing intrinsics common to both GCC 5, and Clang on 32-bit */
+
+#define vreinterpretq_p64_u8(a) ((poly64x2_t) a)
+#define vreinterpretq_u8_p128(a) ((uint8x16_t) a)
+
+static inline poly64x1_t vget_low_p64(poly64x2_t a)
+{
+ uint64x1_t r = vget_low_u64(vreinterpretq_u64_p64(a));
+ return (poly64x1_t) r;
+
+}
+
+#endif /* COMMON_MISSING_INTRINSICS */
/* vmull_p64/vmull_high_p64 wrappers.
*
* Older compilers miss some intrinsic functions for `poly*_t`. We use
* uint8x16_t and uint8x16x3_t as input/output parameters.
*/
-#if defined(__GNUC__) && !defined(__clang__)
+#if defined(MBEDTLS_COMPILER_IS_GCC)
/* GCC reports incompatible type error without cast. GCC think poly64_t and
* poly64x1_t are different, that is different with MSVC and Clang. */
#define MBEDTLS_VMULL_P64(a, b) vmull_p64((poly64_t) a, (poly64_t) b)
@@ -379,14 +493,15 @@
* error with/without cast. And I think poly64_t and poly64x1_t are same, no
* cast for clang also. */
#define MBEDTLS_VMULL_P64(a, b) vmull_p64(a, b)
-#endif
+#endif /* MBEDTLS_COMPILER_IS_GCC */
+
static inline uint8x16_t pmull_low(uint8x16_t a, uint8x16_t b)
{
return vreinterpretq_u8_p128(
MBEDTLS_VMULL_P64(
- vget_low_p64(vreinterpretq_p64_u8(a)),
- vget_low_p64(vreinterpretq_p64_u8(b))
+ (poly64_t) vget_low_p64(vreinterpretq_p64_u8(a)),
+ (poly64_t) vget_low_p64(vreinterpretq_p64_u8(b))
));
}
@@ -455,7 +570,7 @@
/* use 'asm' as an optimisation barrier to prevent loading MODULO from
* memory. It is for GNUC compatible compilers.
*/
- asm ("" : "+w" (r));
+ asm volatile ("" : "+w" (r));
#endif
uint8x16_t const MODULO = vreinterpretq_u8_u64(vshrq_n_u64(r, 64 - 8));
uint8x16_t h, m, l; /* input high/middle/low 128b */
@@ -498,6 +613,6 @@
#undef MBEDTLS_POP_TARGET_PRAGMA
#endif
-#endif /* MBEDTLS_ARCH_IS_ARM64 */
+#endif /* MBEDTLS_AESCE_HAVE_CODE */
#endif /* MBEDTLS_AESCE_C */
diff --git a/library/aesce.h b/library/aesce.h
index 9206a6b..a14d085 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -2,7 +2,7 @@
* \file aesce.h
*
* \brief Support hardware AES acceleration on Armv8-A processors with
- * the Armv8-A Cryptographic Extension in AArch64 execution state.
+ * the Armv8-A Cryptographic Extension.
*
* \warning These functions are only for internal use by other library
* functions; you must not call them directly.
@@ -15,12 +15,18 @@
#define MBEDTLS_AESCE_H
#include "mbedtls/build_info.h"
+#include "common.h"
#include "mbedtls/aes.h"
-#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64)
+#if defined(MBEDTLS_AESCE_C) \
+ && defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(MBEDTLS_HAVE_NEON_INTRINSICS) \
+ && (defined(MBEDTLS_COMPILER_IS_GCC) || defined(__clang__) || defined(MSC_VER))
+/* MBEDTLS_AESCE_HAVE_CODE is defined if we have a suitable target platform, and a
+ * potentially suitable compiler (compiler version & flags are not checked when defining
+ * this). */
#define MBEDTLS_AESCE_HAVE_CODE
#ifdef __cplusplus
@@ -87,6 +93,7 @@
const unsigned char b[16]);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/**
* \brief Internal round key inversion. This function computes
* decryption round keys from the encryption round keys.
@@ -98,6 +105,7 @@
void mbedtls_aesce_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey,
int nr);
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/**
* \brief Internal key expansion for encryption
@@ -116,6 +124,13 @@
}
#endif
-#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARM64 */
+#else
+
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && defined(MBEDTLS_ARCH_IS_ARMV8_A)
+#error "AES hardware acceleration not supported on this platform / compiler"
+#endif
+
+#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8_A && MBEDTLS_HAVE_NEON_INTRINSICS &&
+ (MBEDTLS_COMPILER_IS_GCC || __clang__ || MSC_VER) */
#endif /* MBEDTLS_AESCE_H */
diff --git a/library/aesni.c b/library/aesni.c
index b92c73c..8e5bd55 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -36,7 +36,7 @@
#pragma GCC push_options
#pragma GCC target ("pclmul,sse2,aes")
#define MBEDTLS_POP_TARGET_PRAGMA
-#elif defined(__clang__)
+#elif defined(__clang__) && (__clang_major__ >= 5)
#pragma clang attribute push (__attribute__((target("pclmul,sse2,aes"))), apply_to=function)
#define MBEDTLS_POP_TARGET_PRAGMA
#endif
@@ -94,14 +94,19 @@
++rk;
--nr;
- if (mode == 0) {
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+ if (mode == MBEDTLS_AES_DECRYPT) {
while (nr != 0) {
state = _mm_aesdec_si128(state, *rk);
++rk;
--nr;
}
state = _mm_aesdeclast_si128(state, *rk);
- } else {
+ } else
+#else
+ (void) mode;
+#endif
+ {
while (nr != 0) {
state = _mm_aesenc_si128(state, *rk);
++rk;
@@ -218,6 +223,7 @@
/*
* Compute decryption round keys from encryption round keys
*/
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey, int nr)
{
@@ -230,6 +236,7 @@
}
*ik = *fk;
}
+#endif
/*
* Key expansion, 128-bit case
@@ -465,6 +472,7 @@
"jnz 1b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key
AESENCLAST(xmm1_xmm0) // last round
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
"jmp 3f \n\t"
"2: \n\t" // decryption loop
@@ -475,6 +483,7 @@
"jnz 2b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key
AESDECLAST(xmm1_xmm0) // last round
+#endif
"3: \n\t"
"movdqu %%xmm0, (%4) \n\t" // export output
@@ -601,6 +610,7 @@
/*
* Compute decryption round keys from encryption round keys
*/
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey, int nr)
{
@@ -620,6 +630,7 @@
memcpy(ik, fk, 16);
}
+#endif
/*
* Key expansion, 128-bit case
diff --git a/library/aesni.h b/library/aesni.h
index e22ae16..59e27af 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -119,6 +119,7 @@
const unsigned char a[16],
const unsigned char b[16]);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/**
* \brief Internal round key inversion. This function computes
* decryption round keys from the encryption round keys.
@@ -133,6 +134,7 @@
void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey,
int nr);
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/**
* \brief Internal key expansion for encryption
@@ -155,6 +157,6 @@
#endif
#endif /* MBEDTLS_AESNI_HAVE_CODE */
-#endif /* MBEDTLS_AESNI_C */
+#endif /* MBEDTLS_AESNI_C && (MBEDTLS_ARCH_IS_X64 || MBEDTLS_ARCH_IS_X86) */
#endif /* MBEDTLS_AESNI_H */
diff --git a/library/alignment.h b/library/alignment.h
index 4bca10e..9e1e044 100644
--- a/library/alignment.h
+++ b/library/alignment.h
@@ -23,11 +23,16 @@
* efficient when this is not defined.
*/
#if defined(__ARM_FEATURE_UNALIGNED) \
- || defined(__i386__) || defined(__amd64__) || defined(__x86_64__)
+ || defined(MBEDTLS_ARCH_IS_X86) || defined(MBEDTLS_ARCH_IS_X64) \
+ || defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64)
/*
* __ARM_FEATURE_UNALIGNED is defined where appropriate by armcc, gcc 7, clang 9
* (and later versions) for Arm v7 and later; all x86 platforms should have
* efficient unaligned access.
+ *
+ * https://learn.microsoft.com/en-us/cpp/build/arm64-windows-abi-conventions?view=msvc-170#alignment
+ * specifies that on Windows-on-Arm64, unaligned access is safe (except for uncached
+ * device memory).
*/
#define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS
#endif
@@ -175,6 +180,16 @@
#define MBEDTLS_BSWAP32 __rev
#endif
+/* Detect IAR built-in byteswap routine */
+#if defined(__IAR_SYSTEMS_ICC__)
+#if defined(__ARM_ACLE)
+#include <arm_acle.h>
+#define MBEDTLS_BSWAP16(x) ((uint16_t) __rev16((uint32_t) (x)))
+#define MBEDTLS_BSWAP32 __rev
+#define MBEDTLS_BSWAP64 __revll
+#endif
+#endif
+
/*
* Where compiler built-ins are not present, fall back to C code that the
* compiler may be able to detect and transform into the relevant bswap or
@@ -219,10 +234,25 @@
#endif /* !defined(MBEDTLS_BSWAP64) */
#if !defined(__BYTE_ORDER__)
+
+#if defined(__LITTLE_ENDIAN__)
+/* IAR defines __xxx_ENDIAN__, but not __BYTE_ORDER__ */
+#define MBEDTLS_IS_BIG_ENDIAN 0
+#elif defined(__BIG_ENDIAN__)
+#define MBEDTLS_IS_BIG_ENDIAN 1
+#else
static const uint16_t mbedtls_byte_order_detector = { 0x100 };
#define MBEDTLS_IS_BIG_ENDIAN (*((unsigned char *) (&mbedtls_byte_order_detector)) == 0x01)
+#endif
+
#else
-#define MBEDTLS_IS_BIG_ENDIAN ((__BYTE_ORDER__) == (__ORDER_BIG_ENDIAN__))
+
+#if (__BYTE_ORDER__) == (__ORDER_BIG_ENDIAN__)
+#define MBEDTLS_IS_BIG_ENDIAN 1
+#else
+#define MBEDTLS_IS_BIG_ENDIAN 0
+#endif
+
#endif /* !defined(__BYTE_ORDER__) */
/**
diff --git a/library/aria.c b/library/aria.c
index 07a434f..ba12578 100644
--- a/library/aria.c
+++ b/library/aria.c
@@ -413,6 +413,7 @@
/*
* Set decryption key
*/
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
const unsigned char *key, unsigned int keybits)
{
@@ -442,6 +443,7 @@
return 0;
}
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/*
* Encrypt a block
@@ -872,12 +874,18 @@
/* test ECB decryption */
if (verbose) {
mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i);
+#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+ mbedtls_printf("skipped\n");
+#endif
}
+
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i);
mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk);
ARIA_SELF_TEST_ASSERT(
memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE)
!= 0);
+#endif
}
if (verbose) {
mbedtls_printf("\n");
diff --git a/library/base64.c b/library/base64.c
index a58717d..9677dee 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -116,7 +116,7 @@
*p++ = '=';
}
- *olen = p - dst;
+ *olen = (size_t) (p - dst);
*p = 0;
return 0;
@@ -225,7 +225,7 @@
}
}
- *olen = p - dst;
+ *olen = (size_t) (p - dst);
return 0;
}
diff --git a/library/bignum.c b/library/bignum.c
index 09ce030..1869137 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -102,7 +102,8 @@
* about whether the assignment was made or not.
* (Leaking information about the respective sizes of X and Y is ok however.)
*/
-#if defined(_MSC_VER) && defined(_M_ARM64) && (_MSC_FULL_VER < 193131103)
+#if defined(_MSC_VER) && defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) && \
+ (_MSC_FULL_VER < 193131103)
/*
* MSVC miscompiles this function if it's inlined prior to Visual Studio 2022 version 17.1. See:
* https://developercommunity.visualstudio.com/t/c-compiler-miscompiles-part-of-mbedtls-library-on/1646989
@@ -701,7 +702,7 @@
}
*p++ = '\0';
- *olen = p - buf;
+ *olen = (size_t) (p - buf);
cleanup:
diff --git a/library/block_cipher.c b/library/block_cipher.c
index 1118d3a..04cd7fb 100644
--- a/library/block_cipher.c
+++ b/library/block_cipher.c
@@ -11,12 +11,52 @@
#include "common.h"
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_util_internal.h"
+#endif
+
#include "block_cipher_internal.h"
#if defined(MBEDTLS_BLOCK_CIPHER_C)
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+static psa_key_type_t psa_key_type_from_block_cipher_id(mbedtls_block_cipher_id_t cipher_id)
+{
+ switch (cipher_id) {
+#if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA)
+ case MBEDTLS_BLOCK_CIPHER_ID_AES:
+ return PSA_KEY_TYPE_AES;
+#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA)
+ case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+ return PSA_KEY_TYPE_ARIA;
+#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA)
+ case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+ return PSA_KEY_TYPE_CAMELLIA;
+#endif
+ default:
+ return PSA_KEY_TYPE_NONE;
+ }
+}
+
+static int mbedtls_cipher_error_from_psa(psa_status_t status)
+{
+ return PSA_TO_MBEDTLS_ERR_LIST(status, psa_to_cipher_errors,
+ psa_generic_status_to_mbedtls);
+}
+#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
+
void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx)
{
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+ if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
+ psa_destroy_key(ctx->psa_key_id);
+ return;
+ }
+#endif
switch (ctx->id) {
#if defined(MBEDTLS_AES_C)
case MBEDTLS_BLOCK_CIPHER_ID_AES:
@@ -42,26 +82,39 @@
int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx,
mbedtls_cipher_id_t cipher_id)
{
- switch (cipher_id) {
+ ctx->id = (cipher_id == MBEDTLS_CIPHER_ID_AES) ? MBEDTLS_BLOCK_CIPHER_ID_AES :
+ (cipher_id == MBEDTLS_CIPHER_ID_ARIA) ? MBEDTLS_BLOCK_CIPHER_ID_ARIA :
+ (cipher_id == MBEDTLS_CIPHER_ID_CAMELLIA) ? MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA :
+ MBEDTLS_BLOCK_CIPHER_ID_NONE;
+
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+ psa_key_type_t psa_key_type = psa_key_type_from_block_cipher_id(ctx->id);
+ if (psa_key_type != PSA_KEY_TYPE_NONE &&
+ psa_can_do_cipher(psa_key_type, PSA_ALG_ECB_NO_PADDING)) {
+ ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_PSA;
+ return 0;
+ }
+ ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY;
+#endif
+
+ switch (ctx->id) {
#if defined(MBEDTLS_AES_C)
- case MBEDTLS_CIPHER_ID_AES:
- ctx->id = MBEDTLS_BLOCK_CIPHER_ID_AES;
+ case MBEDTLS_BLOCK_CIPHER_ID_AES:
mbedtls_aes_init(&ctx->ctx.aes);
return 0;
#endif
#if defined(MBEDTLS_ARIA_C)
- case MBEDTLS_CIPHER_ID_ARIA:
- ctx->id = MBEDTLS_BLOCK_CIPHER_ID_ARIA;
+ case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
mbedtls_aria_init(&ctx->ctx.aria);
return 0;
#endif
#if defined(MBEDTLS_CAMELLIA_C)
- case MBEDTLS_CIPHER_ID_CAMELLIA:
- ctx->id = MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA;
+ case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
mbedtls_camellia_init(&ctx->ctx.camellia);
return 0;
#endif
default:
+ ctx->id = MBEDTLS_BLOCK_CIPHER_ID_NONE;
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
}
@@ -70,6 +123,26 @@
const unsigned char *key,
unsigned key_bitlen)
{
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+ if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
+ psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
+ psa_status_t status;
+
+ psa_set_key_type(&key_attr, psa_key_type_from_block_cipher_id(ctx->id));
+ psa_set_key_bits(&key_attr, key_bitlen);
+ psa_set_key_algorithm(&key_attr, PSA_ALG_ECB_NO_PADDING);
+ psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_ENCRYPT);
+
+ status = psa_import_key(&key_attr, key, PSA_BITS_TO_BYTES(key_bitlen), &ctx->psa_key_id);
+ if (status != PSA_SUCCESS) {
+ return mbedtls_cipher_error_from_psa(status);
+ }
+ psa_reset_key_attributes(&key_attr);
+
+ return 0;
+ }
+#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
+
switch (ctx->id) {
#if defined(MBEDTLS_AES_C)
case MBEDTLS_BLOCK_CIPHER_ID_AES:
@@ -92,6 +165,20 @@
const unsigned char input[16],
unsigned char output[16])
{
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+ if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
+ psa_status_t status;
+ size_t olen;
+
+ status = psa_cipher_encrypt(ctx->psa_key_id, PSA_ALG_ECB_NO_PADDING,
+ input, 16, output, 16, &olen);
+ if (status != PSA_SUCCESS) {
+ return mbedtls_cipher_error_from_psa(status);
+ }
+ return 0;
+ }
+#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
+
switch (ctx->id) {
#if defined(MBEDTLS_AES_C)
case MBEDTLS_BLOCK_CIPHER_ID_AES:
diff --git a/library/camellia.c b/library/camellia.c
index 86c8bbf..b1c0a08 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -399,6 +399,7 @@
/*
* Camellia key schedule (decryption)
*/
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
const unsigned char *key,
unsigned int keybits)
@@ -444,6 +445,7 @@
return ret;
}
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/*
* Camellia-ECB block encryption/decryption
@@ -888,14 +890,26 @@
(v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
}
+#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+ if (v == MBEDTLS_CAMELLIA_DECRYPT) {
+ if (verbose != 0) {
+ mbedtls_printf("skipped\n");
+ }
+ continue;
+ }
+#endif
+
for (i = 0; i < CAMELLIA_TESTS_ECB; i++) {
memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (v == MBEDTLS_CAMELLIA_DECRYPT) {
mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64);
memcpy(src, camellia_test_ecb_cipher[u][i], 16);
memcpy(dst, camellia_test_ecb_plain[i], 16);
- } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
+ } else
+#endif
+ { /* MBEDTLS_CAMELLIA_ENCRYPT */
mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64);
memcpy(src, camellia_test_ecb_plain[i], 16);
memcpy(dst, camellia_test_ecb_cipher[u][i], 16);
diff --git a/library/ccm.c b/library/ccm.c
index 2cccd28..45ed697 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -23,6 +23,10 @@
#include "mbedtls/error.h"
#include "mbedtls/constant_time.h"
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+#include "block_cipher_internal.h"
+#endif
+
#include <string.h>
#if defined(MBEDTLS_PLATFORM_C)
@@ -51,6 +55,18 @@
unsigned int keybits)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ mbedtls_block_cipher_free(&ctx->block_cipher_ctx);
+
+ if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) {
+ return MBEDTLS_ERR_CCM_BAD_INPUT;
+ }
+
+ if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) {
+ return MBEDTLS_ERR_CCM_BAD_INPUT;
+ }
+#else
const mbedtls_cipher_info_t *cipher_info;
cipher_info = mbedtls_cipher_info_from_values(cipher, keybits,
@@ -73,8 +89,9 @@
MBEDTLS_ENCRYPT)) != 0) {
return ret;
}
+#endif
- return 0;
+ return ret;
}
/*
@@ -85,7 +102,11 @@
if (ctx == NULL) {
return;
}
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ mbedtls_block_cipher_free(&ctx->block_cipher_ctx);
+#else
mbedtls_cipher_free(&ctx->cipher_ctx);
+#endif
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context));
}
@@ -104,12 +125,16 @@
const unsigned char *input,
unsigned char *output)
{
- size_t olen = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char tmp_buf[16] = { 0 };
- if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf,
- &olen)) != 0) {
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf);
+#else
+ size_t olen = 0;
+ ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen);
+#endif
+ if (ret != 0) {
ctx->state |= CCM_STATE__ERROR;
mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf));
return ret;
@@ -132,7 +157,10 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char i;
- size_t len_left, olen;
+ size_t len_left;
+#if !defined(MBEDTLS_BLOCK_CIPHER_C)
+ size_t olen;
+#endif
/* length calculation can be done only after both
* mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed
@@ -178,7 +206,12 @@
}
/* Start CBC-MAC with first block*/
- if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y);
+#else
+ ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen);
+#endif
+ if (ret != 0) {
ctx->state |= CCM_STATE__ERROR;
return ret;
}
@@ -258,7 +291,10 @@
size_t add_len)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t olen, use_len, offset;
+ size_t use_len, offset;
+#if !defined(MBEDTLS_BLOCK_CIPHER_C)
+ size_t olen;
+#endif
if (ctx->state & CCM_STATE__ERROR) {
return MBEDTLS_ERR_CCM_BAD_INPUT;
@@ -298,8 +334,12 @@
add += use_len;
if (use_len + offset == 16 || ctx->processed == ctx->add_len) {
- if ((ret =
- mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y);
+#else
+ ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen);
+#endif
+ if (ret != 0) {
ctx->state |= CCM_STATE__ERROR;
return ret;
}
@@ -322,7 +362,10 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char i;
- size_t use_len, offset, olen;
+ size_t use_len, offset;
+#if !defined(MBEDTLS_BLOCK_CIPHER_C)
+ size_t olen;
+#endif
unsigned char local_output[16];
@@ -360,8 +403,12 @@
mbedtls_xor(ctx->y + offset, ctx->y + offset, input, use_len);
if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
- if ((ret =
- mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y);
+#else
+ ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen);
+#endif
+ if (ret != 0) {
ctx->state |= CCM_STATE__ERROR;
goto exit;
}
@@ -391,8 +438,12 @@
memcpy(output, local_output, use_len);
if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
- if ((ret =
- mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y);
+#else
+ ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen);
+#endif
+ if (ret != 0) {
ctx->state |= CCM_STATE__ERROR;
goto exit;
}
@@ -577,7 +628,7 @@
}
#endif /* !MBEDTLS_CCM_ALT */
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_CCM_GCM_CAN_AES)
/*
* Examples 1 to 3 from SP800-38C Appendix C
*/
diff --git a/library/cipher.c b/library/cipher.c
index c8217b9..0683677 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -310,6 +310,12 @@
if (ctx->cipher_info == NULL) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
+#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+ if (MBEDTLS_MODE_ECB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) &&
+ MBEDTLS_DECRYPT == operation) {
+ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+ }
+#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
@@ -377,6 +383,7 @@
ctx->key_bitlen = key_bitlen;
ctx->operation = operation;
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/*
* For OFB, CFB and CTR mode always use the encryption key schedule
*/
@@ -392,6 +399,12 @@
return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_dec_func(ctx->cipher_ctx, key,
ctx->key_bitlen);
}
+#else
+ if (operation == MBEDTLS_ENCRYPT || operation == MBEDTLS_DECRYPT) {
+ return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key,
+ ctx->key_bitlen);
+ }
+#endif
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index ef3aa8d..d2fee22 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -114,7 +114,9 @@
MBEDTLS_CIPHER_BASE_PREVENT_EMPTY_ENUM
};
-#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_GCM_C) && \
+ (defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) || \
+ defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C))
/* shared by all GCM ciphers */
static void *gcm_ctx_alloc(void)
{
@@ -134,7 +136,9 @@
}
#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CCM_C)
+#if defined(MBEDTLS_CCM_C) && \
+ (defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) || \
+ defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C))
/* shared by all CCM ciphers */
static void *ccm_ctx_alloc(void)
{
@@ -226,11 +230,13 @@
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static int aes_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
{
return mbedtls_aes_setkey_dec((mbedtls_aes_context *) ctx, key, key_bitlen);
}
+#endif
static int aes_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
@@ -279,7 +285,9 @@
NULL,
#endif
aes_setkey_enc_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
aes_setkey_dec_wrap,
+#endif
aes_ctx_alloc,
aes_ctx_free
};
@@ -558,14 +566,14 @@
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#endif /* MBEDTLS_AES_C */
-#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_CCM_GCM_CAN_AES)
static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
{
return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
key, key_bitlen);
}
-#endif /* MBEDTLS_GCM_C && MBEDTLS_AES_C */
+#endif /* MBEDTLS_GCM_C && MBEDTLS_CCM_GCM_CAN_AES */
#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA)
static const mbedtls_cipher_base_t gcm_aes_info = {
@@ -591,7 +599,9 @@
#endif
#if defined(MBEDTLS_GCM_C)
gcm_aes_setkey_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
gcm_aes_setkey_wrap,
+#endif
gcm_ctx_alloc,
gcm_ctx_free,
#else
@@ -640,14 +650,14 @@
#endif
#endif /* MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA */
-#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_CCM_GCM_CAN_AES)
static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
{
return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
key, key_bitlen);
}
-#endif /* MBEDTLS_CCM_C && MBEDTLS_AES_C */
+#endif /* MBEDTLS_CCM_C && MBEDTLS_CCM_GCM_CAN_AES */
#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA)
static const mbedtls_cipher_base_t ccm_aes_info = {
@@ -673,7 +683,9 @@
#endif
#if defined(MBEDTLS_CCM_C)
ccm_aes_setkey_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
ccm_aes_setkey_wrap,
+#endif
ccm_ctx_alloc,
ccm_ctx_free,
#else
@@ -799,11 +811,13 @@
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static int camellia_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
{
return mbedtls_camellia_setkey_dec((mbedtls_camellia_context *) ctx, key, key_bitlen);
}
+#endif
static int camellia_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
@@ -853,7 +867,9 @@
NULL,
#endif
camellia_setkey_enc_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
camellia_setkey_dec_wrap,
+#endif
camellia_ctx_alloc,
camellia_ctx_free
};
@@ -1026,7 +1042,9 @@
NULL,
#endif
gcm_camellia_setkey_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
gcm_camellia_setkey_wrap,
+#endif
gcm_ctx_alloc,
gcm_ctx_free,
};
@@ -1095,7 +1113,9 @@
NULL,
#endif
ccm_camellia_setkey_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
ccm_camellia_setkey_wrap,
+#endif
ccm_ctx_alloc,
ccm_ctx_free,
};
@@ -1209,11 +1229,13 @@
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static int aria_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
{
return mbedtls_aria_setkey_dec((mbedtls_aria_context *) ctx, key, key_bitlen);
}
+#endif
static int aria_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
@@ -1263,7 +1285,9 @@
NULL,
#endif
aria_setkey_enc_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
aria_setkey_dec_wrap,
+#endif
aria_ctx_alloc,
aria_ctx_free
};
@@ -1436,7 +1460,9 @@
NULL,
#endif
gcm_aria_setkey_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
gcm_aria_setkey_wrap,
+#endif
gcm_ctx_alloc,
gcm_ctx_free,
};
@@ -1505,7 +1531,9 @@
NULL,
#endif
ccm_aria_setkey_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
ccm_aria_setkey_wrap,
+#endif
ccm_ctx_alloc,
ccm_ctx_free,
};
@@ -1925,7 +1953,9 @@
chacha20_stream_wrap,
#endif
chacha20_setkey_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
chacha20_setkey_wrap,
+#endif
chacha20_ctx_alloc,
chacha20_ctx_free
};
@@ -2000,7 +2030,9 @@
NULL,
#endif
chachapoly_setkey_wrap,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
chachapoly_setkey_wrap,
+#endif
chachapoly_ctx_alloc,
chachapoly_ctx_free
};
@@ -2068,7 +2100,9 @@
null_crypt_stream,
#endif
null_setkey,
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
null_setkey,
+#endif
null_ctx_alloc,
null_ctx_free
};
diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h
index a9254fd..f229151 100644
--- a/library/cipher_wrap.h
+++ b/library/cipher_wrap.h
@@ -125,9 +125,11 @@
int (*setkey_enc_func)(void *ctx, const unsigned char *key,
unsigned int key_bitlen);
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/** Set key for decryption purposes */
int (*setkey_dec_func)(void *ctx, const unsigned char *key,
unsigned int key_bitlen);
+#endif
/** Allocate a new context */
void * (*ctx_alloc_func)(void);
diff --git a/library/common.h b/library/common.h
index c20f6b2..e532777 100644
--- a/library/common.h
+++ b/library/common.h
@@ -21,7 +21,20 @@
#if defined(__ARM_NEON)
#include <arm_neon.h>
-#endif /* __ARM_NEON */
+#define MBEDTLS_HAVE_NEON_INTRINSICS
+#elif defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64)
+#include <arm64_neon.h>
+#define MBEDTLS_HAVE_NEON_INTRINSICS
+#endif
+
+
+#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \
+ && !defined(__llvm__) && !defined(__INTEL_COMPILER)
+/* Defined if the compiler really is gcc and not clang, etc */
+#define MBEDTLS_COMPILER_IS_GCC
+#define MBEDTLS_GCC_VERSION \
+ (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
+#endif
/** Helper to define a function as static except when building invasive tests.
*
@@ -169,14 +182,16 @@
{
size_t i = 0;
#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS)
-#if defined(__ARM_NEON)
+#if defined(MBEDTLS_HAVE_NEON_INTRINSICS) && \
+ (!(defined(MBEDTLS_COMPILER_IS_GCC) && MBEDTLS_GCC_VERSION < 70300))
+ /* Old GCC versions generate a warning here, so disable the NEON path for these compilers */
for (; (i + 16) <= n; i += 16) {
uint8x16_t v1 = vld1q_u8(a + i);
uint8x16_t v2 = vld1q_u8(b + i);
uint8x16_t x = veorq_u8(v1, v2);
vst1q_u8(r + i, x);
}
-#elif defined(__amd64__) || defined(__x86_64__) || defined(__aarch64__)
+#elif defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64)
/* This codepath probably only makes sense on architectures with 64-bit registers */
for (; (i + 8) <= n; i += 8) {
uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i);
@@ -215,7 +230,7 @@
{
size_t i = 0;
#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS)
-#if defined(__amd64__) || defined(__x86_64__) || defined(__aarch64__)
+#if defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64)
/* This codepath probably only makes sense on architectures with 64-bit registers */
for (; (i + 8) <= n; i += 8) {
uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i);
@@ -324,12 +339,6 @@
#define MBEDTLS_ASSUME(x) do { } while (0)
#endif
-#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \
- && !defined(__llvm__) && !defined(__INTEL_COMPILER)
-/* Defined if the compiler really is gcc and not clang, etc */
-#define MBEDTLS_COMPILER_IS_GCC
-#endif
-
/* For gcc -Os, override with -O2 for a given function.
*
* This will not affect behaviour for other optimisation settings, e.g. -O0.
diff --git a/library/constant_time.c b/library/constant_time.c
index c7077c3..d212ddf 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -21,19 +21,6 @@
#include <string.h>
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
-#include "psa/crypto.h"
-/* Define a local translating function to save code size by not using too many
- * arguments in each translating place. */
-static int local_err_translation(psa_status_t status)
-{
- return psa_status_to_mbedtls(status, psa_to_ssl_errors,
- ARRAY_LENGTH(psa_to_ssl_errors),
- psa_generic_status_to_mbedtls);
-}
-#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status)
-#endif
-
#if !defined(MBEDTLS_CT_ASM)
/*
* Define an object with the value zero, such that the compiler cannot prove that it
diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 18a967b..2a4574b 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -31,7 +31,7 @@
* Disable -Wredundant-decls so that gcc does not warn about this. This is re-enabled
* at the bottom of this file.
*/
-#ifdef __GNUC__
+#if defined(MBEDTLS_COMPILER_IS_GCC) && (__GNUC__ > 4)
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wredundant-decls"
#endif
@@ -548,7 +548,7 @@
return (mbedtls_ct_condition_t) (~x);
}
-#ifdef __GNUC__
+#if defined(MBEDTLS_COMPILER_IS_GCC) && (__GNUC__ > 4)
/* Restore warnings for -Wredundant-decls on gcc */
#pragma GCC diagnostic pop
#endif
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index cf3816e..da34f95 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -24,15 +24,60 @@
#include <stdio.h>
#endif
+/* Using error translation functions from PSA to MbedTLS */
+#if !defined(MBEDTLS_AES_C)
+#include "psa_util_internal.h"
+#endif
+
#include "mbedtls/platform.h"
+#if !defined(MBEDTLS_AES_C)
+static psa_status_t ctr_drbg_setup_psa_context(mbedtls_ctr_drbg_psa_context *psa_ctx,
+ unsigned char *key, size_t key_len)
+{
+ psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
+ psa_status_t status;
+
+ psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_ENCRYPT);
+ psa_set_key_algorithm(&key_attr, PSA_ALG_ECB_NO_PADDING);
+ psa_set_key_type(&key_attr, PSA_KEY_TYPE_AES);
+ status = psa_import_key(&key_attr, key, key_len, &psa_ctx->key_id);
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+
+ status = psa_cipher_encrypt_setup(&psa_ctx->operation, psa_ctx->key_id, PSA_ALG_ECB_NO_PADDING);
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+
+exit:
+ psa_reset_key_attributes(&key_attr);
+ return status;
+}
+
+static void ctr_drbg_destroy_psa_contex(mbedtls_ctr_drbg_psa_context *psa_ctx)
+{
+ psa_cipher_abort(&psa_ctx->operation);
+ psa_destroy_key(psa_ctx->key_id);
+
+ psa_ctx->operation = psa_cipher_operation_init();
+ psa_ctx->key_id = MBEDTLS_SVC_KEY_ID_INIT;
+}
+#endif
+
/*
* CTR_DRBG context initialization
*/
void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx)
{
memset(ctx, 0, sizeof(mbedtls_ctr_drbg_context));
+#if defined(MBEDTLS_AES_C)
mbedtls_aes_init(&ctx->aes_ctx);
+#else
+ ctx->psa_ctx.key_id = MBEDTLS_SVC_KEY_ID_INIT;
+ ctx->psa_ctx.operation = psa_cipher_operation_init();
+#endif
/* Indicate that the entropy nonce length is not set explicitly.
* See mbedtls_ctr_drbg_set_nonce_len(). */
ctx->reseed_counter = -1;
@@ -56,7 +101,11 @@
mbedtls_mutex_free(&ctx->mutex);
}
#endif
+#if defined(MBEDTLS_AES_C)
mbedtls_aes_free(&ctx->aes_ctx);
+#else
+ ctr_drbg_destroy_psa_contex(&ctx->psa_ctx);
+#endif
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ctr_drbg_context));
ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
ctx->reseed_counter = -1;
@@ -117,8 +166,17 @@
unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
unsigned char *p, *iv;
- mbedtls_aes_context aes_ctx;
int ret = 0;
+#if defined(MBEDTLS_AES_C)
+ mbedtls_aes_context aes_ctx;
+#else
+ psa_status_t status;
+ size_t tmp_len;
+ mbedtls_ctr_drbg_psa_context psa_ctx;
+
+ psa_ctx.key_id = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_ctx.operation = psa_cipher_operation_init();
+#endif
int i, j;
size_t buf_len, use_len;
@@ -129,7 +187,6 @@
memset(buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
MBEDTLS_CTR_DRBG_BLOCKSIZE + 16);
- mbedtls_aes_init(&aes_ctx);
/*
* Construct IV (16 bytes) and S in buffer
@@ -151,10 +208,20 @@
key[i] = i;
}
+#if defined(MBEDTLS_AES_C)
+ mbedtls_aes_init(&aes_ctx);
+
if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, key,
MBEDTLS_CTR_DRBG_KEYBITS)) != 0) {
goto exit;
}
+#else
+ status = ctr_drbg_setup_psa_context(&psa_ctx, key, sizeof(key));
+ if (status != PSA_SUCCESS) {
+ ret = psa_generic_status_to_mbedtls(status);
+ goto exit;
+ }
+#endif
/*
* Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data
@@ -170,10 +237,19 @@
use_len -= (use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE) ?
MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
+#if defined(MBEDTLS_AES_C)
if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT,
chain, chain)) != 0) {
goto exit;
}
+#else
+ status = psa_cipher_update(&psa_ctx.operation, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE,
+ chain, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len);
+ if (status != PSA_SUCCESS) {
+ ret = psa_generic_status_to_mbedtls(status);
+ goto exit;
+ }
+#endif
}
memcpy(tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE);
@@ -187,23 +263,46 @@
/*
* Do final encryption with reduced data
*/
+#if defined(MBEDTLS_AES_C)
if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, tmp,
MBEDTLS_CTR_DRBG_KEYBITS)) != 0) {
goto exit;
}
+#else
+ ctr_drbg_destroy_psa_contex(&psa_ctx);
+
+ status = ctr_drbg_setup_psa_context(&psa_ctx, tmp, MBEDTLS_CTR_DRBG_KEYSIZE);
+ if (status != PSA_SUCCESS) {
+ ret = psa_generic_status_to_mbedtls(status);
+ goto exit;
+ }
+#endif
iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE;
p = output;
for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) {
+#if defined(MBEDTLS_AES_C)
if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT,
iv, iv)) != 0) {
goto exit;
}
+#else
+ status = psa_cipher_update(&psa_ctx.operation, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE,
+ iv, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len);
+ if (status != PSA_SUCCESS) {
+ ret = psa_generic_status_to_mbedtls(status);
+ goto exit;
+ }
+#endif
memcpy(p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE);
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
}
exit:
+#if defined(MBEDTLS_AES_C)
mbedtls_aes_free(&aes_ctx);
+#else
+ ctr_drbg_destroy_psa_contex(&psa_ctx);
+#endif
/*
* tidy up the stack
*/
@@ -236,6 +335,10 @@
unsigned char *p = tmp;
int i, j;
int ret = 0;
+#if !defined(MBEDTLS_AES_C)
+ psa_status_t status;
+ size_t tmp_len;
+#endif
memset(tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN);
@@ -252,10 +355,19 @@
/*
* Crypt counter block
*/
+#if defined(MBEDTLS_AES_C)
if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
ctx->counter, p)) != 0) {
goto exit;
}
+#else
+ status = psa_cipher_update(&ctx->psa_ctx.operation, ctx->counter, sizeof(ctx->counter),
+ p, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len);
+ if (status != PSA_SUCCESS) {
+ ret = psa_generic_status_to_mbedtls(status);
+ goto exit;
+ }
+#endif
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
}
@@ -267,10 +379,20 @@
/*
* Update key and counter
*/
+#if defined(MBEDTLS_AES_C)
if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, tmp,
MBEDTLS_CTR_DRBG_KEYBITS)) != 0) {
goto exit;
}
+#else
+ ctr_drbg_destroy_psa_contex(&ctx->psa_ctx);
+
+ status = ctr_drbg_setup_psa_context(&ctx->psa_ctx, tmp, MBEDTLS_CTR_DRBG_KEYSIZE);
+ if (status != PSA_SUCCESS) {
+ ret = psa_generic_status_to_mbedtls(status);
+ goto exit;
+ }
+#endif
memcpy(ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE,
MBEDTLS_CTR_DRBG_BLOCKSIZE);
@@ -447,10 +569,20 @@
good_nonce_len(ctx->entropy_len));
/* Initialize with an empty key. */
+#if defined(MBEDTLS_AES_C)
if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, key,
MBEDTLS_CTR_DRBG_KEYBITS)) != 0) {
return ret;
}
+#else
+ psa_status_t status;
+
+ status = ctr_drbg_setup_psa_context(&ctx->psa_ctx, key, MBEDTLS_CTR_DRBG_KEYSIZE);
+ if (status != PSA_SUCCESS) {
+ ret = psa_generic_status_to_mbedtls(status);
+ return status;
+ }
+#endif
/* Do the initial seeding. */
if ((ret = mbedtls_ctr_drbg_reseed_internal(ctx, custom, len,
@@ -531,10 +663,22 @@
/*
* Crypt counter block
*/
+#if defined(MBEDTLS_AES_C)
if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
ctx->counter, tmp)) != 0) {
goto exit;
}
+#else
+ psa_status_t status;
+ size_t tmp_len;
+
+ status = psa_cipher_update(&ctx->psa_ctx.operation, ctx->counter, sizeof(ctx->counter),
+ tmp, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len);
+ if (status != PSA_SUCCESS) {
+ ret = psa_generic_status_to_mbedtls(status);
+ goto exit;
+ }
+#endif
use_len = (output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE)
? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len;
diff --git a/library/debug.c b/library/debug.c
index c7bbd41..a9d58e5 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -366,7 +366,7 @@
start = text;
for (cur = text; *cur != '\0'; cur++) {
if (*cur == '\n') {
- size_t len = cur - start + 1;
+ size_t len = (size_t) (cur - start) + 1;
if (len > DEBUG_BUF_SIZE - 1) {
len = DEBUG_BUF_SIZE - 1;
}
diff --git a/library/dhm.c b/library/dhm.c
index 3daf0c2..bcc07f5 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -48,10 +48,10 @@
return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
}
- n = ((*p)[0] << 8) | (*p)[1];
+ n = MBEDTLS_GET_UINT16_BE(*p, 0);
(*p) += 2;
- if ((int) (end - *p) < n) {
+ if ((size_t) (end - *p) < (size_t) n) {
return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
}
@@ -257,7 +257,7 @@
DHM_MPI_EXPORT(&ctx->G, n2);
DHM_MPI_EXPORT(&ctx->GX, n3);
- *olen = p - output;
+ *olen = (size_t) (p - output);
cleanup:
if (ret != 0 && ret > -128) {
diff --git a/library/ecdh.c b/library/ecdh.c
index e060b18..52b1617 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c
@@ -363,7 +363,7 @@
const unsigned char *end)
{
return mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, buf,
- end - *buf);
+ (size_t) (end - *buf));
}
/*
@@ -379,7 +379,7 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ecp_group_id grp_id;
- if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, end - *buf))
+ if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, (size_t) (end - *buf)))
!= 0) {
return ret;
}
diff --git a/library/ecjpake.c b/library/ecjpake.c
index fb13a39..cdf5d7e 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -168,7 +168,7 @@
}
ret = mbedtls_ecp_point_write_binary(grp, P, pf,
- &len, *p + 4, end - (*p + 4));
+ &len, *p + 4, (size_t) (end - (*p + 4)));
if (ret != 0) {
return ret;
}
@@ -226,7 +226,7 @@
/* Compute hash */
MBEDTLS_MPI_CHK(mbedtls_ecjpake_compute_hash(md_type,
- buf, p - buf, hash));
+ buf, (size_t) (p - buf), hash));
/* Turn it into an integer mod n */
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(h, hash,
@@ -269,7 +269,7 @@
return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
}
- MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, end - *p));
+ MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, (size_t) (end - *p)));
if (end < *p || (size_t) (end - *p) < 1) {
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
@@ -346,7 +346,7 @@
/* Write it out */
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, &V,
- pf, &len, *p, end - *p));
+ pf, &len, *p, (size_t) (end - *p)));
*p += len;
len = mbedtls_mpi_size(&h); /* actually r */
@@ -392,7 +392,7 @@
* ECSchnorrZKP zkp;
* } ECJPAKEKeyKP;
*/
- MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, end - *p));
+ MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, (size_t) (end - *p)));
if (mbedtls_ecp_is_zero(X)) {
ret = MBEDTLS_ERR_ECP_INVALID_KEY;
goto cleanup;
@@ -431,7 +431,7 @@
MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp, G, x, X,
f_rng, p_rng));
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, X,
- pf, &len, *p, end - *p));
+ pf, &len, *p, (size_t) (end - *p)));
*p += len;
/* Generate and write proof */
@@ -504,7 +504,7 @@
MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_type, grp, pf, G, xm2, Xb, id,
&p, end, f_rng, p_rng));
- *olen = p - buf;
+ *olen = (size_t) (p - buf);
cleanup:
return ret;
@@ -693,7 +693,7 @@
goto cleanup;
}
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_group(&ctx->grp, &ec_len,
- p, end - p));
+ p, (size_t) (end - p)));
p += ec_len;
}
@@ -702,7 +702,7 @@
goto cleanup;
}
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(&ctx->grp, &Xm,
- ctx->point_format, &ec_len, p, end - p));
+ ctx->point_format, &ec_len, p, (size_t) (end - p)));
p += ec_len;
MBEDTLS_MPI_CHK(ecjpake_zkp_write(ctx->md_type, &ctx->grp,
@@ -710,7 +710,7 @@
&G, &xm, &Xm, ID_MINE,
&p, end, f_rng, p_rng));
- *olen = p - buf;
+ *olen = (size_t) (p - buf);
cleanup:
mbedtls_ecp_point_free(&G);
diff --git a/library/ecp.c b/library/ecp.c
index b6ea070..ee86cbc 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -1074,13 +1074,7 @@
MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi((N), (N), &grp->P)); \
} while (0)
-#if (defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \
- !(defined(MBEDTLS_ECP_NO_FALLBACK) && \
- defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \
- defined(MBEDTLS_ECP_ADD_MIXED_ALT))) || \
- (defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) && \
- !(defined(MBEDTLS_ECP_NO_FALLBACK) && \
- defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)))
+MBEDTLS_MAYBE_UNUSED
static inline int mbedtls_mpi_sub_mod(const mbedtls_ecp_group *grp,
mbedtls_mpi *X,
const mbedtls_mpi *A,
@@ -1092,7 +1086,6 @@
cleanup:
return ret;
}
-#endif /* All functions referencing mbedtls_mpi_sub_mod() are alt-implemented without fallback */
/*
* Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int.
@@ -1115,6 +1108,7 @@
return ret;
}
+MBEDTLS_MAYBE_UNUSED
static inline int mbedtls_mpi_mul_int_mod(const mbedtls_ecp_group *grp,
mbedtls_mpi *X,
const mbedtls_mpi *A,
@@ -1128,6 +1122,7 @@
return ret;
}
+MBEDTLS_MAYBE_UNUSED
static inline int mbedtls_mpi_sub_int_mod(const mbedtls_ecp_group *grp,
mbedtls_mpi *X,
const mbedtls_mpi *A,
@@ -1144,10 +1139,7 @@
#define MPI_ECP_SUB_INT(X, A, c) \
MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int_mod(grp, X, A, c))
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \
- !(defined(MBEDTLS_ECP_NO_FALLBACK) && \
- defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \
- defined(MBEDTLS_ECP_ADD_MIXED_ALT))
+MBEDTLS_MAYBE_UNUSED
static inline int mbedtls_mpi_shift_l_mod(const mbedtls_ecp_group *grp,
mbedtls_mpi *X,
size_t count)
@@ -1158,8 +1150,6 @@
cleanup:
return ret;
}
-#endif \
- /* All functions referencing mbedtls_mpi_shift_l_mod() are alt-implemented without fallback */
/*
* Macro wrappers around ECP modular arithmetic
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index e8c669f..de2e038 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -88,7 +88,7 @@
memset(buf, 0, buflen);
#endif
#endif
- return syscall(SYS_getrandom, buf, buflen, flags);
+ return (int) syscall(SYS_getrandom, buf, buflen, flags);
}
#endif /* SYS_getrandom */
#endif /* __linux__ || __midipix__ */
@@ -102,7 +102,7 @@
#define HAVE_GETRANDOM
static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags)
{
- return getrandom(buf, buflen, flags);
+ return (int) getrandom(buf, buflen, flags);
}
#endif /* (__FreeBSD__ && __FreeBSD_version >= 1200000) ||
(__DragonFly__ && __DragonFly_version >= 500700) */
@@ -156,7 +156,7 @@
#if defined(HAVE_GETRANDOM)
ret = getrandom_wrapper(output, len, 0);
if (ret >= 0) {
- *olen = ret;
+ *olen = (size_t) ret;
return 0;
} else if (errno != ENOSYS) {
return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
diff --git a/library/gcm.c b/library/gcm.c
index 42fd020..20d55c0 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -25,6 +25,10 @@
#include "mbedtls/error.h"
#include "mbedtls/constant_time.h"
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+#include "block_cipher_internal.h"
+#endif
+
#include <string.h>
#if defined(MBEDTLS_AESNI_C)
@@ -59,10 +63,16 @@
uint64_t hi, lo;
uint64_t vl, vh;
unsigned char h[16];
- size_t olen = 0;
memset(h, 0, 16);
- if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0) {
+
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h);
+#else
+ size_t olen = 0;
+ ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen);
+#endif
+ if (ret != 0) {
return ret;
}
@@ -124,12 +134,24 @@
unsigned int keybits)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- const mbedtls_cipher_info_t *cipher_info;
if (keybits != 128 && keybits != 192 && keybits != 256) {
return MBEDTLS_ERR_GCM_BAD_INPUT;
}
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ mbedtls_block_cipher_free(&ctx->block_cipher_ctx);
+
+ if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) {
+ return ret;
+ }
+
+ if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) {
+ return ret;
+ }
+#else
+ const mbedtls_cipher_info_t *cipher_info;
+
cipher_info = mbedtls_cipher_info_from_values(cipher, keybits,
MBEDTLS_MODE_ECB);
if (cipher_info == NULL) {
@@ -150,6 +172,7 @@
MBEDTLS_ENCRYPT)) != 0) {
return ret;
}
+#endif
if ((ret = gcm_gen_table(ctx)) != 0) {
return ret;
@@ -252,8 +275,11 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char work_buf[16];
const unsigned char *p;
- size_t use_len, olen = 0;
+ size_t use_len;
uint64_t iv_bits;
+#if !defined(MBEDTLS_BLOCK_CIPHER_C)
+ size_t olen = 0;
+#endif
/* IV is limited to 2^64 bits, so 2^61 bytes */
/* IV is not allowed to be zero length */
@@ -293,8 +319,13 @@
gcm_mult(ctx, ctx->y, ctx->y);
}
- if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16,
- ctx->base_ectr, &olen)) != 0) {
+
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->base_ectr);
+#else
+ ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, &olen);
+#endif
+ if (ret != 0) {
return ret;
}
@@ -386,11 +417,15 @@
const unsigned char *input,
unsigned char *output)
{
- size_t olen = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr,
- &olen)) != 0) {
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr);
+#else
+ size_t olen = 0;
+ ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, &olen);
+#endif
+ if (ret != 0) {
mbedtls_platform_zeroize(ectr, 16);
return ret;
}
@@ -614,13 +649,17 @@
if (ctx == NULL) {
return;
}
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+ mbedtls_block_cipher_free(&ctx->block_cipher_ctx);
+#else
mbedtls_cipher_free(&ctx->cipher_ctx);
+#endif
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_gcm_context));
}
#endif /* !MBEDTLS_GCM_ALT */
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_CCM_GCM_CAN_AES)
/*
* AES-GCM test vectors from:
*
diff --git a/library/lmots.c b/library/lmots.c
index e09e3e5..c7091b4 100644
--- a/library/lmots.c
+++ b/library/lmots.c
@@ -69,29 +69,6 @@
int (*mbedtls_lmots_sign_private_key_invalidated_hook)(unsigned char *) = NULL;
#endif /* defined(MBEDTLS_TEST_HOOKS) */
-void mbedtls_lms_unsigned_int_to_network_bytes(unsigned int val, size_t len,
- unsigned char *bytes)
-{
- size_t idx;
-
- for (idx = 0; idx < len; idx++) {
- bytes[idx] = (val >> ((len - 1 - idx) * 8)) & 0xFF;
- }
-}
-
-unsigned int mbedtls_lms_network_bytes_to_unsigned_int(size_t len,
- const unsigned char *bytes)
-{
- size_t idx;
- unsigned int val = 0;
-
- for (idx = 0; idx < len; idx++) {
- val |= ((unsigned int) bytes[idx]) << (8 * (len - 1 - idx));
- }
-
- return val;
-}
-
/* Calculate the checksum digits that are appended to the end of the LMOTS digit
* string. See NIST SP800-208 section 3.1 or RFC8554 Algorithm 2 for details of
* the checksum algorithm.
@@ -191,8 +168,7 @@
}
checksum = lmots_checksum_calculate(params, out);
- mbedtls_lms_unsigned_int_to_network_bytes(checksum, CHECKSUM_LEN,
- out + MBEDTLS_LMOTS_N_HASH_LEN(params->type));
+ MBEDTLS_PUT_UINT16_BE(checksum, out, MBEDTLS_LMOTS_N_HASH_LEN(params->type));
exit:
psa_hash_abort(&op);
@@ -281,17 +257,13 @@
goto exit;
}
- mbedtls_lms_unsigned_int_to_network_bytes(i_digit_idx,
- I_DIGIT_IDX_LEN,
- i_digit_idx_bytes);
+ MBEDTLS_PUT_UINT16_BE(i_digit_idx, i_digit_idx_bytes, 0);
status = psa_hash_update(&op, i_digit_idx_bytes, I_DIGIT_IDX_LEN);
if (status != PSA_SUCCESS) {
goto exit;
}
- mbedtls_lms_unsigned_int_to_network_bytes(j_hash_idx,
- J_HASH_IDX_LEN,
- j_hash_idx_bytes);
+ j_hash_idx_bytes[0] = (uint8_t) j_hash_idx;
status = psa_hash_update(&op, j_hash_idx_bytes, J_HASH_IDX_LEN);
if (status != PSA_SUCCESS) {
goto exit;
@@ -425,11 +397,8 @@
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
- ctx->params.type =
- (mbedtls_lmots_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int(
- MBEDTLS_LMOTS_TYPE_LEN,
- key +
- MBEDTLS_LMOTS_SIG_TYPE_OFFSET);
+ ctx->params.type = (mbedtls_lmots_algorithm_type_t)
+ MBEDTLS_GET_UINT32_BE(key, MBEDTLS_LMOTS_SIG_TYPE_OFFSET);
if (key_len != MBEDTLS_LMOTS_PUBLIC_KEY_LEN(ctx->params.type)) {
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
@@ -464,9 +433,7 @@
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
- mbedtls_lms_unsigned_int_to_network_bytes(ctx->params.type,
- MBEDTLS_LMOTS_TYPE_LEN,
- key + MBEDTLS_LMOTS_SIG_TYPE_OFFSET);
+ MBEDTLS_PUT_UINT32_BE(ctx->params.type, key, MBEDTLS_LMOTS_SIG_TYPE_OFFSET);
memcpy(key + PUBLIC_KEY_I_KEY_ID_OFFSET,
ctx->params.I_key_identifier,
@@ -559,9 +526,7 @@
return MBEDTLS_ERR_LMS_VERIFY_FAILED;
}
- if (mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMOTS_TYPE_LEN,
- sig + MBEDTLS_LMOTS_SIG_TYPE_OFFSET) !=
- MBEDTLS_LMOTS_SHA256_N32_W8) {
+ if (MBEDTLS_GET_UINT32_BE(sig, MBEDTLS_LMOTS_SIG_TYPE_OFFSET) != MBEDTLS_LMOTS_SHA256_N32_W8) {
return MBEDTLS_ERR_LMS_VERIFY_FAILED;
}
@@ -607,7 +572,7 @@
size_t output_hash_len;
unsigned int i_digit_idx;
unsigned char i_digit_idx_bytes[2];
- unsigned char const_bytes[1];
+ unsigned char const_bytes[1] = { 0xFF };
if (ctx->have_private_key) {
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
@@ -623,12 +588,7 @@
I_key_identifier,
sizeof(ctx->params.I_key_identifier));
- mbedtls_lms_unsigned_int_to_network_bytes(q_leaf_identifier,
- MBEDTLS_LMOTS_Q_LEAF_ID_LEN,
- ctx->params.q_leaf_identifier);
-
- mbedtls_lms_unsigned_int_to_network_bytes(0xFF, sizeof(const_bytes),
- const_bytes);
+ MBEDTLS_PUT_UINT32_BE(q_leaf_identifier, ctx->params.q_leaf_identifier, 0);
for (i_digit_idx = 0;
i_digit_idx < MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT(ctx->params.type);
@@ -652,8 +612,7 @@
goto exit;
}
- mbedtls_lms_unsigned_int_to_network_bytes(i_digit_idx, I_DIGIT_IDX_LEN,
- i_digit_idx_bytes);
+ MBEDTLS_PUT_UINT16_BE(i_digit_idx, i_digit_idx_bytes, 0);
status = psa_hash_update(&op, i_digit_idx_bytes, I_DIGIT_IDX_LEN);
if (status != PSA_SUCCESS) {
goto exit;
@@ -774,9 +733,7 @@
goto exit;
}
- mbedtls_lms_unsigned_int_to_network_bytes(ctx->params.type,
- MBEDTLS_LMOTS_TYPE_LEN,
- sig + MBEDTLS_LMOTS_SIG_TYPE_OFFSET);
+ MBEDTLS_PUT_UINT32_BE(ctx->params.type, sig, MBEDTLS_LMOTS_SIG_TYPE_OFFSET);
/* Test hook to check if sig is being written to before we invalidate the
* private key.
diff --git a/library/lmots.h b/library/lmots.h
index 8e495c9..cf92d32 100644
--- a/library/lmots.h
+++ b/library/lmots.h
@@ -44,29 +44,6 @@
extern int (*mbedtls_lmots_sign_private_key_invalidated_hook)(unsigned char *);
#endif /* defined(MBEDTLS_TEST_HOOKS) */
-/**
- * \brief This function converts an unsigned int into a
- * network-byte-order (big endian) string.
- *
- * \param val The unsigned integer value
- * \param len The length of the string.
- * \param bytes The string to output into.
- */
-void mbedtls_lms_unsigned_int_to_network_bytes(unsigned int val, size_t len,
- unsigned char *bytes);
-
-/**
- * \brief This function converts a network-byte-order
- * (big endian) string into an unsigned integer.
- *
- * \param len The length of the string.
- * \param bytes The string.
- *
- * \return The corresponding LMS error code.
- */
-unsigned int mbedtls_lms_network_bytes_to_unsigned_int(size_t len,
- const unsigned char *bytes);
-
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
/**
* \brief This function converts a \ref psa_status_t to a
diff --git a/library/lms.c b/library/lms.c
index 0c470a0..08fe753 100644
--- a/library/lms.c
+++ b/library/lms.c
@@ -112,7 +112,7 @@
goto exit;
}
- mbedtls_lms_unsigned_int_to_network_bytes(r_node_idx, 4, r_node_idx_bytes);
+ MBEDTLS_PUT_UINT32_BE(r_node_idx, r_node_idx_bytes, 0);
status = psa_hash_update(&op, r_node_idx_bytes, 4);
if (status != PSA_SUCCESS) {
goto exit;
@@ -186,7 +186,7 @@
goto exit;
}
- mbedtls_lms_unsigned_int_to_network_bytes(r_node_idx, 4, r_node_idx_bytes);
+ MBEDTLS_PUT_UINT32_BE(r_node_idx, r_node_idx_bytes, 0);
status = psa_hash_update(&op, r_node_idx_bytes, 4);
if (status != PSA_SUCCESS) {
goto exit;
@@ -237,10 +237,7 @@
mbedtls_lms_algorithm_type_t type;
mbedtls_lmots_algorithm_type_t otstype;
- type = (mbedtls_lms_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int(
- MBEDTLS_LMS_TYPE_LEN,
- key +
- PUBLIC_KEY_TYPE_OFFSET);
+ type = (mbedtls_lms_algorithm_type_t) MBEDTLS_GET_UINT32_BE(key, PUBLIC_KEY_TYPE_OFFSET);
if (type != MBEDTLS_LMS_SHA256_M32_H10) {
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
@@ -250,10 +247,8 @@
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
- otstype = (mbedtls_lmots_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int(
- MBEDTLS_LMOTS_TYPE_LEN,
- key +
- PUBLIC_KEY_OTSTYPE_OFFSET);
+ otstype = (mbedtls_lmots_algorithm_type_t)
+ MBEDTLS_GET_UINT32_BE(key, PUBLIC_KEY_OTSTYPE_OFFSET);
if (otstype != MBEDTLS_LMOTS_SHA256_N32_W8) {
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
@@ -282,12 +277,8 @@
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
- mbedtls_lms_unsigned_int_to_network_bytes(
- ctx->params.type,
- MBEDTLS_LMS_TYPE_LEN, key + PUBLIC_KEY_TYPE_OFFSET);
- mbedtls_lms_unsigned_int_to_network_bytes(ctx->params.otstype,
- MBEDTLS_LMOTS_TYPE_LEN,
- key + PUBLIC_KEY_OTSTYPE_OFFSET);
+ MBEDTLS_PUT_UINT32_BE(ctx->params.type, key, PUBLIC_KEY_TYPE_OFFSET);
+ MBEDTLS_PUT_UINT32_BE(ctx->params.otstype, key, PUBLIC_KEY_OTSTYPE_OFFSET);
memcpy(key + PUBLIC_KEY_I_KEY_ID_OFFSET,
ctx->params.I_key_identifier,
MBEDTLS_LMOTS_I_KEY_ID_LEN);
@@ -339,9 +330,7 @@
return MBEDTLS_ERR_LMS_VERIFY_FAILED;
}
- if (mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMOTS_TYPE_LEN,
- sig + SIG_OTS_SIG_OFFSET +
- MBEDTLS_LMOTS_SIG_TYPE_OFFSET)
+ if (MBEDTLS_GET_UINT32_BE(sig, SIG_OTS_SIG_OFFSET + MBEDTLS_LMOTS_SIG_TYPE_OFFSET)
!= MBEDTLS_LMOTS_SHA256_N32_W8) {
return MBEDTLS_ERR_LMS_VERIFY_FAILED;
}
@@ -350,15 +339,13 @@
return MBEDTLS_ERR_LMS_VERIFY_FAILED;
}
- if (mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMS_TYPE_LEN,
- sig + SIG_TYPE_OFFSET(ctx->params.otstype))
+ if (MBEDTLS_GET_UINT32_BE(sig, SIG_TYPE_OFFSET(ctx->params.otstype))
!= MBEDTLS_LMS_SHA256_M32_H10) {
return MBEDTLS_ERR_LMS_VERIFY_FAILED;
}
- q_leaf_identifier = mbedtls_lms_network_bytes_to_unsigned_int(
- MBEDTLS_LMOTS_Q_LEAF_ID_LEN, sig + SIG_Q_LEAF_ID_OFFSET);
+ q_leaf_identifier = MBEDTLS_GET_UINT32_BE(sig, SIG_Q_LEAF_ID_OFFSET);
if (q_leaf_identifier >= MERKLE_TREE_LEAF_NODE_AM(ctx->params.type)) {
return MBEDTLS_ERR_LMS_VERIFY_FAILED;
@@ -367,9 +354,7 @@
memcpy(ots_params.I_key_identifier,
ctx->params.I_key_identifier,
MBEDTLS_LMOTS_I_KEY_ID_LEN);
- mbedtls_lms_unsigned_int_to_network_bytes(q_leaf_identifier,
- MBEDTLS_LMOTS_Q_LEAF_ID_LEN,
- ots_params.q_leaf_identifier);
+ MBEDTLS_PUT_UINT32_BE(q_leaf_identifier, ots_params.q_leaf_identifier, 0);
ots_params.type = ctx->params.otstype;
ret = mbedtls_lmots_calculate_public_key_candidate(&ots_params,
@@ -505,7 +490,7 @@
unsigned int height;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- tree = mbedtls_calloc(MERKLE_TREE_NODE_AM(ctx->params.type),
+ tree = mbedtls_calloc((size_t) MERKLE_TREE_NODE_AM(ctx->params.type),
node_bytes);
if (tree == NULL) {
return MBEDTLS_ERR_LMS_ALLOC_FAILED;
@@ -530,7 +515,7 @@
exit:
mbedtls_zeroize_and_free(tree, node_bytes *
- MERKLE_TREE_NODE_AM(ctx->params.type));
+ (size_t) MERKLE_TREE_NODE_AM(ctx->params.type));
return ret;
}
@@ -669,7 +654,7 @@
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
- tree = mbedtls_calloc(MERKLE_TREE_NODE_AM(priv_ctx->params.type),
+ tree = mbedtls_calloc((size_t) MERKLE_TREE_NODE_AM(priv_ctx->params.type),
node_bytes);
if (tree == NULL) {
return MBEDTLS_ERR_LMS_ALLOC_FAILED;
@@ -692,7 +677,7 @@
exit:
mbedtls_zeroize_and_free(tree, node_bytes *
- MERKLE_TREE_NODE_AM(priv_ctx->params.type));
+ (size_t) MERKLE_TREE_NODE_AM(priv_ctx->params.type));
return ret;
}
@@ -753,12 +738,8 @@
return ret;
}
- mbedtls_lms_unsigned_int_to_network_bytes(ctx->params.type,
- MBEDTLS_LMS_TYPE_LEN,
- sig + SIG_TYPE_OFFSET(ctx->params.otstype));
- mbedtls_lms_unsigned_int_to_network_bytes(q_leaf_identifier,
- MBEDTLS_LMOTS_Q_LEAF_ID_LEN,
- sig + SIG_Q_LEAF_ID_OFFSET);
+ MBEDTLS_PUT_UINT32_BE(ctx->params.type, sig, SIG_TYPE_OFFSET(ctx->params.otstype));
+ MBEDTLS_PUT_UINT32_BE(q_leaf_identifier, sig, SIG_Q_LEAF_ID_OFFSET);
ret = get_merkle_path(ctx,
MERKLE_TREE_INTERNAL_NODE_AM(ctx->params.type) + q_leaf_identifier,
diff --git a/library/net_sockets.c b/library/net_sockets.c
index 2b120c5..edec587 100644
--- a/library/net_sockets.c
+++ b/library/net_sockets.c
@@ -316,7 +316,7 @@
*/
int mbedtls_net_accept(mbedtls_net_context *bind_ctx,
mbedtls_net_context *client_ctx,
- void *client_ip, size_t buf_size, size_t *ip_len)
+ void *client_ip, size_t buf_size, size_t *cip_len)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int type;
@@ -399,22 +399,22 @@
if (client_ip != NULL) {
if (client_addr.ss_family == AF_INET) {
struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr;
- *ip_len = sizeof(addr4->sin_addr.s_addr);
+ *cip_len = sizeof(addr4->sin_addr.s_addr);
- if (buf_size < *ip_len) {
+ if (buf_size < *cip_len) {
return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL;
}
- memcpy(client_ip, &addr4->sin_addr.s_addr, *ip_len);
+ memcpy(client_ip, &addr4->sin_addr.s_addr, *cip_len);
} else {
struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr;
- *ip_len = sizeof(addr6->sin6_addr.s6_addr);
+ *cip_len = sizeof(addr6->sin6_addr.s6_addr);
- if (buf_size < *ip_len) {
+ if (buf_size < *cip_len) {
return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL;
}
- memcpy(client_ip, &addr6->sin6_addr.s6_addr, *ip_len);
+ memcpy(client_ip, &addr6->sin6_addr.s6_addr, *cip_len);
}
}
diff --git a/library/oid.c b/library/oid.c
index 6184abe..d30a464 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -866,7 +866,7 @@
FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac)
FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac)
-#if defined(MBEDTLS_PKCS12_C)
+#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_C)
/*
* For PKCS#12 PBEs
*/
@@ -904,7 +904,7 @@
md_alg,
mbedtls_cipher_type_t,
cipher_alg)
-#endif /* MBEDTLS_PKCS12_C */
+#endif /* MBEDTLS_PKCS12_C && MBEDTLS_CIPHER_C */
/* Return the x.y.z.... style numeric string for the given OID */
int mbedtls_oid_get_numeric_string(char *buf, size_t size,
@@ -1129,7 +1129,7 @@
}
}
- encoded_len = out_ptr - oid->p;
+ encoded_len = (size_t) (out_ptr - oid->p);
resized_mem = mbedtls_calloc(encoded_len, 1);
if (resized_mem == NULL) {
ret = MBEDTLS_ERR_ASN1_ALLOC_FAILED;
diff --git a/library/padlock.c b/library/padlock.c
index 1b03069..1f00691 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -96,6 +96,7 @@
return 0;
}
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* PadLock AES-CBC buffer en(de)cryption
*/
@@ -149,6 +150,7 @@
return 0;
}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
#endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */
diff --git a/library/pem.c b/library/pem.c
index 9500ffc..539134c 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -298,7 +298,7 @@
if (*end == '\n') {
end++;
}
- *use_len = end - data;
+ *use_len = (size_t) (end - data);
enc = 0;
@@ -383,7 +383,7 @@
return MBEDTLS_ERR_PEM_INVALID_DATA;
}
- ret = mbedtls_base64_decode(NULL, 0, &len, s1, s2 - s1);
+ ret = mbedtls_base64_decode(NULL, 0, &len, s1, (size_t) (s2 - s1));
if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret);
@@ -393,7 +393,7 @@
return MBEDTLS_ERR_PEM_ALLOC_FAILED;
}
- if ((ret = mbedtls_base64_decode(buf, len, &len, s1, s2 - s1)) != 0) {
+ if ((ret = mbedtls_base64_decode(buf, len, &len, s1, (size_t) (s2 - s1))) != 0) {
mbedtls_zeroize_and_free(buf, len);
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret);
}
@@ -508,7 +508,7 @@
p += strlen(footer);
*p++ = '\0';
- *olen = p - buf;
+ *olen = (size_t) (p - buf);
/* Clean any remaining data previously written to the buffer */
memset(buf + *olen, 0, buf_len - *olen);
diff --git a/library/pk.c b/library/pk.c
index 5a1698f..61ac0df 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -18,6 +18,9 @@
#if defined(MBEDTLS_RSA_C)
#include "mbedtls/rsa.h"
+#if defined(MBEDTLS_PKCS1_V21) && !defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "rsa_internal.h"
+#endif
#endif
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
#include "mbedtls/ecp.h"
@@ -26,7 +29,7 @@
#include "mbedtls/ecdsa.h"
#endif
-#if defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa_util_internal.h"
#include "md_psa.h"
#endif
@@ -41,9 +44,9 @@
{
ctx->pk_info = NULL;
ctx->pk_ctx = NULL;
-#if defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
ctx->priv_id = MBEDTLS_SVC_KEY_ID_INIT;
-#endif /* MBEDTLS_PSA_CRYPTO_C */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
memset(ctx->pub_raw, 0, sizeof(ctx->pub_raw));
ctx->pub_raw_len = 0;
@@ -311,7 +314,6 @@
}
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_algorithm_t key_alg, key_alg2;
psa_status_t status;
status = psa_get_key_attributes(ctx->priv_id, &attributes);
@@ -319,8 +321,15 @@
return 0;
}
- key_alg = psa_get_key_algorithm(&attributes);
- key_alg2 = psa_get_key_enrollment_algorithm(&attributes);
+ psa_algorithm_t key_alg = psa_get_key_algorithm(&attributes);
+ /* Key's enrollment is available only when MBEDTLS_PSA_CRYPTO_CLIENT is
+ * defined, i.e. when the Mbed TLS implementation of PSA Crypto is being used.
+ * Even though we don't officially support using other implementations of PSA
+ * Crypto with TLS and X.509 (yet), we're still trying to simplify the life of
+ * people who would like to try it before it's officially supported. */
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+ psa_algorithm_t key_alg2 = psa_get_key_enrollment_algorithm(&attributes);
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
key_usage = psa_get_key_usage_flags(&attributes);
psa_reset_key_attributes(&attributes);
@@ -329,18 +338,23 @@
}
/*
- * Common case: the key alg or alg2 only allows alg.
+ * Common case: the key alg [or alg2] only allows alg.
* This will match PSA_ALG_RSA_PKCS1V15_CRYPT & PSA_ALG_IS_ECDH
* directly.
* This would also match ECDSA/RSA_PKCS1V15_SIGN/RSA_PSS with
- * a fixed hash on key_alg/key_alg2.
+ * a fixed hash on key_alg [or key_alg2].
*/
- if (alg == key_alg || alg == key_alg2) {
+ if (alg == key_alg) {
return 1;
}
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+ if (alg == key_alg2) {
+ return 1;
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
/*
- * If key_alg or key_alg2 is a hash-and-sign with a wildcard for the hash,
+ * If key_alg [or key_alg2] is a hash-and-sign with a wildcard for the hash,
* and alg is the same hash-and-sign family with any hash,
* then alg is compliant with this key alg
*/
@@ -351,12 +365,13 @@
(alg & ~PSA_ALG_HASH_MASK) == (key_alg & ~PSA_ALG_HASH_MASK)) {
return 1;
}
-
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
if (PSA_ALG_IS_SIGN_HASH(key_alg2) &&
PSA_ALG_SIGN_GET_HASH(key_alg2) == PSA_ALG_ANY_HASH &&
(alg & ~PSA_ALG_HASH_MASK) == (key_alg2 & ~PSA_ALG_HASH_MASK)) {
return 1;
}
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
}
return 0;
@@ -567,7 +582,7 @@
return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
} else
-#endif
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
{
if (sig_len < mbedtls_pk_get_len(ctx)) {
return MBEDTLS_ERR_RSA_VERIFY_FAILED;
@@ -660,7 +675,6 @@
f_rng, p_rng, NULL);
}
-#if defined(MBEDTLS_PSA_CRYPTO_C)
/*
* Make a signature given a signature type.
*/
@@ -672,11 +686,6 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng)
{
-#if defined(MBEDTLS_RSA_C)
- psa_algorithm_t psa_md_alg;
-#endif /* MBEDTLS_RSA_C */
- *sig_len = 0;
-
if (ctx->pk_info == NULL) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
@@ -690,8 +699,10 @@
sig, sig_size, sig_len, f_rng, p_rng);
}
-#if defined(MBEDTLS_RSA_C)
- psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg);
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ const psa_algorithm_t psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg);
if (psa_md_alg == 0) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
@@ -708,12 +719,31 @@
return mbedtls_pk_psa_rsa_sign_ext(PSA_ALG_RSA_PSS(psa_md_alg),
ctx->pk_ctx, hash, hash_len,
sig, sig_size, sig_len);
-#else /* MBEDTLS_RSA_C */
- return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
-#endif /* !MBEDTLS_RSA_C */
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+ if (sig_size < mbedtls_pk_get_len(ctx)) {
+ return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL;
+ }
+
+ if (pk_hashlen_helper(md_alg, &hash_len) != 0) {
+ return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+ }
+
+ mbedtls_rsa_context *const rsa_ctx = mbedtls_pk_rsa(*ctx);
+
+ const int ret = mbedtls_rsa_rsassa_pss_sign_no_mode_check(rsa_ctx, f_rng, p_rng, md_alg,
+ (unsigned int) hash_len, hash, sig);
+ if (ret == 0) {
+ *sig_len = rsa_ctx->len;
+ }
+ return ret;
+
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#else
+ return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
}
-#endif /* MBEDTLS_PSA_CRYPTO_C */
/*
* Decrypt message
diff --git a/library/pk_internal.h b/library/pk_internal.h
index 571b57e..025ee8b 100644
--- a/library/pk_internal.h
+++ b/library/pk_internal.h
@@ -19,9 +19,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
-#endif
-#if defined(MBEDTLS_PSA_CRYPTO_C)
#include "psa_util_internal.h"
#define PSA_PK_TO_MBEDTLS_ERR(status) psa_pk_status_to_mbedtls(status)
#define PSA_PK_RSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
@@ -30,9 +28,23 @@
#define PSA_PK_ECDSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_pk_ecdsa_errors, \
psa_pk_status_to_mbedtls)
-#endif
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+/* Headers/footers for PEM files */
+#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----"
+#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----"
+#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----"
+#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----"
+#define PEM_BEGIN_PUBLIC_KEY_RSA "-----BEGIN RSA PUBLIC KEY-----"
+#define PEM_END_PUBLIC_KEY_RSA "-----END RSA PUBLIC KEY-----"
+#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----"
+#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----"
+#define PEM_BEGIN_PRIVATE_KEY_PKCS8 "-----BEGIN PRIVATE KEY-----"
+#define PEM_END_PRIVATE_KEY_PKCS8 "-----END PRIVATE KEY-----"
+#define PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----BEGIN ENCRYPTED PRIVATE KEY-----"
+#define PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----END ENCRYPTED PRIVATE KEY-----"
+
+#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
/**
* Public function mbedtls_pk_ec() can be used to get direct access to the
* wrapped ecp_keypair structure pointed to the pk_ctx. However this is not
@@ -68,10 +80,10 @@
return NULL;
}
}
-#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
+#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_PK_USE_PSA_EC_DATA */
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
-static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_context *pk)
+static inline mbedtls_ecp_group_id mbedtls_pk_get_ec_group_id(const mbedtls_pk_context *pk)
{
mbedtls_ecp_group_id id;
@@ -105,6 +117,16 @@
#if defined(MBEDTLS_ECP_HAVE_CURVE25519) || defined(MBEDTLS_ECP_HAVE_CURVE448)
#define MBEDTLS_PK_HAVE_RFC8410_CURVES
#endif /* MBEDTLS_ECP_HAVE_CURVE25519 || MBEDTLS_ECP_DP_CURVE448 */
+
+#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \
+ ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448))
+
+static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk)
+{
+ mbedtls_ecp_group_id id = mbedtls_pk_get_ec_group_id(pk);
+
+ return MBEDTLS_PK_IS_RFC8410_GROUP_ID(id);
+}
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
/* Helper for (deterministic) ECDSA */
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 182d07f..9247945 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -26,17 +26,14 @@
#include "mbedtls/ecdsa.h"
#endif
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa_util_internal.h"
+#include "psa/crypto.h"
+
+#if defined(MBEDTLS_RSA_C)
#include "pkwrite.h"
#endif
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-#include "psa_util_internal.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
#include "mbedtls/asn1write.h"
#include "mbedtls/asn1.h"
@@ -49,123 +46,6 @@
#include <stdint.h>
#include <string.h>
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-int mbedtls_pk_error_from_psa(psa_status_t status)
-{
- switch (status) {
- case PSA_SUCCESS:
- return 0;
- case PSA_ERROR_INVALID_HANDLE:
- return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
- case PSA_ERROR_NOT_PERMITTED:
- return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
- case PSA_ERROR_BUFFER_TOO_SMALL:
- return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL;
- case PSA_ERROR_NOT_SUPPORTED:
- return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
- case PSA_ERROR_INVALID_ARGUMENT:
- return MBEDTLS_ERR_PK_INVALID_ALG;
- case PSA_ERROR_INSUFFICIENT_MEMORY:
- return MBEDTLS_ERR_PK_ALLOC_FAILED;
- case PSA_ERROR_BAD_STATE:
- return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
- case PSA_ERROR_COMMUNICATION_FAILURE:
- case PSA_ERROR_HARDWARE_FAILURE:
- return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
- case PSA_ERROR_DATA_CORRUPT:
- case PSA_ERROR_DATA_INVALID:
- case PSA_ERROR_STORAGE_FAILURE:
- return MBEDTLS_ERR_PK_FILE_IO_ERROR;
- case PSA_ERROR_CORRUPTION_DETECTED:
- return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- default:
- return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
- }
-}
-
-#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \
- defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
-int mbedtls_pk_error_from_psa_rsa(psa_status_t status)
-{
- switch (status) {
- case PSA_ERROR_NOT_PERMITTED:
- case PSA_ERROR_INVALID_ARGUMENT:
- case PSA_ERROR_INVALID_HANDLE:
- return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
- case PSA_ERROR_BUFFER_TOO_SMALL:
- return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
- case PSA_ERROR_INSUFFICIENT_ENTROPY:
- return MBEDTLS_ERR_RSA_RNG_FAILED;
- case PSA_ERROR_INVALID_SIGNATURE:
- return MBEDTLS_ERR_RSA_VERIFY_FAILED;
- case PSA_ERROR_INVALID_PADDING:
- return MBEDTLS_ERR_RSA_INVALID_PADDING;
- case PSA_SUCCESS:
- return 0;
- case PSA_ERROR_NOT_SUPPORTED:
- return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
- case PSA_ERROR_INSUFFICIENT_MEMORY:
- return MBEDTLS_ERR_PK_ALLOC_FAILED;
- case PSA_ERROR_BAD_STATE:
- return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
- case PSA_ERROR_COMMUNICATION_FAILURE:
- case PSA_ERROR_HARDWARE_FAILURE:
- return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
- case PSA_ERROR_DATA_CORRUPT:
- case PSA_ERROR_DATA_INVALID:
- case PSA_ERROR_STORAGE_FAILURE:
- return MBEDTLS_ERR_PK_FILE_IO_ERROR;
- case PSA_ERROR_CORRUPTION_DETECTED:
- return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- default:
- return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
- }
-}
-#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
-#endif /* MBEDTLS_PSA_CRYPTO_C */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
-int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status)
-{
- switch (status) {
- case PSA_ERROR_NOT_PERMITTED:
- case PSA_ERROR_INVALID_ARGUMENT:
- return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
- case PSA_ERROR_INVALID_HANDLE:
- return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
- case PSA_ERROR_BUFFER_TOO_SMALL:
- return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
- case PSA_ERROR_INSUFFICIENT_ENTROPY:
- return MBEDTLS_ERR_ECP_RANDOM_FAILED;
- case PSA_ERROR_INVALID_SIGNATURE:
- return MBEDTLS_ERR_ECP_VERIFY_FAILED;
- case PSA_SUCCESS:
- return 0;
- case PSA_ERROR_NOT_SUPPORTED:
- return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
- case PSA_ERROR_INSUFFICIENT_MEMORY:
- return MBEDTLS_ERR_PK_ALLOC_FAILED;
- case PSA_ERROR_BAD_STATE:
- return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
- case PSA_ERROR_COMMUNICATION_FAILURE:
- case PSA_ERROR_HARDWARE_FAILURE:
- return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
- case PSA_ERROR_DATA_CORRUPT:
- case PSA_ERROR_DATA_INVALID:
- case PSA_ERROR_STORAGE_FAILURE:
- return MBEDTLS_ERR_PK_FILE_IO_ERROR;
- case PSA_ERROR_CORRUPTION_DETECTED:
- return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- default:
- return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
- }
-}
-#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
#if defined(MBEDTLS_RSA_C)
static int rsa_can_do(mbedtls_pk_type_t type)
{
@@ -281,7 +161,7 @@
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#if defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg,
mbedtls_rsa_context *rsa_ctx,
const unsigned char *hash, size_t hash_len,
@@ -344,7 +224,7 @@
}
return ret;
}
-#endif /* MBEDTLS_PSA_CRYPTO_C */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
@@ -955,37 +835,34 @@
return 0;
}
-/* Common helper for ECDSA sign using PSA functions. */
+/* Common helper for ECDSA sign using PSA functions.
+ * Instead of extracting key's properties in order to check which kind of ECDSA
+ * signature it supports, we try both deterministic and non-deterministic.
+ */
static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t sig_size, size_t *sig_len)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
psa_status_t status;
- psa_algorithm_t psa_sig_md;
- psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
- psa_algorithm_t alg, alg2;
- status = psa_get_key_attributes(key_id, &key_attr);
- if (status != PSA_SUCCESS) {
+ status = psa_sign_hash(key_id,
+ PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)),
+ hash, hash_len, sig, sig_size, sig_len);
+ if (status == PSA_SUCCESS) {
+ goto done;
+ } else if (status != PSA_ERROR_NOT_PERMITTED) {
return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
}
- alg = psa_get_key_algorithm(&key_attr);
- alg2 = psa_get_key_enrollment_algorithm(&key_attr);
- psa_reset_key_attributes(&key_attr);
- if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) || PSA_ALG_IS_DETERMINISTIC_ECDSA(alg2)) {
- psa_sig_md = PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg));
- } else {
- psa_sig_md = PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg));
- }
-
- status = psa_sign_hash(key_id, psa_sig_md, hash, hash_len,
- sig, sig_size, sig_len);
+ status = psa_sign_hash(key_id,
+ PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)),
+ hash, hash_len, sig, sig_size, sig_len);
if (status != PSA_SUCCESS) {
return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
}
+done:
ret = pk_ecdsa_sig_asn1_from_psa(sig, sig_len, sig_size);
return ret;
diff --git a/library/pk_wrap.h b/library/pk_wrap.h
index 28c815a..be096da 100644
--- a/library/pk_wrap.h
+++ b/library/pk_wrap.h
@@ -15,9 +15,9 @@
#include "mbedtls/pk.h"
-#if defined(MBEDTLS_PSA_CRYPTO_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
-#endif /* MBEDTLS_PSA_CRYPTO_C */
+#endif
struct mbedtls_pk_info_t {
/** Public key type */
@@ -125,24 +125,6 @@
extern const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info;
extern const mbedtls_pk_info_t mbedtls_rsa_opaque_info;
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
-int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status);
-#endif
-#endif
-
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa(psa_status_t status);
-
-#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \
- defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
-int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status);
-#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
#if defined(MBEDTLS_RSA_C)
int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md,
mbedtls_rsa_context *rsa_ctx,
@@ -151,6 +133,6 @@
size_t *sig_len);
#endif /* MBEDTLS_RSA_C */
-#endif /* MBEDTLS_PSA_CRYPTO_C */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_PK_WRAP_H */
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 160dc47..a3467b9 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -17,7 +17,9 @@
#include "mbedtls/pkcs12.h"
#include "mbedtls/asn1.h"
+#if defined(MBEDTLS_CIPHER_C)
#include "mbedtls/cipher.h"
+#endif /* MBEDTLS_CIPHER_C */
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
@@ -29,7 +31,7 @@
#include "psa_util_internal.h"
-#if defined(MBEDTLS_ASN1_PARSE_C)
+#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C)
static int pkcs12_parse_pbe_params(mbedtls_asn1_buf *params,
mbedtls_asn1_buf *salt, int *iterations)
@@ -238,7 +240,7 @@
return ret;
}
-#endif /* MBEDTLS_ASN1_PARSE_C */
+#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C */
static void pkcs12_fill_buffer(unsigned char *data, size_t data_len,
const unsigned char *filler, size_t fill_len)
diff --git a/library/pkcs5.c b/library/pkcs5.c
index d6209bd..c6c5305 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -24,7 +24,9 @@
#if defined(MBEDTLS_ASN1_PARSE_C)
#include "mbedtls/asn1.h"
+#if defined(MBEDTLS_CIPHER_C)
#include "mbedtls/cipher.h"
+#endif /* MBEDTLS_CIPHER_C */
#include "mbedtls/oid.h"
#endif /* MBEDTLS_ASN1_PARSE_C */
@@ -34,7 +36,7 @@
#include "psa_util_internal.h"
-#if defined(MBEDTLS_ASN1_PARSE_C)
+#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C)
static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params,
mbedtls_asn1_buf *salt, int *iterations,
int *keylen, mbedtls_md_type_t *md_type)
@@ -261,7 +263,7 @@
return ret;
}
-#endif /* MBEDTLS_ASN1_PARSE_C */
+#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C */
static int pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx,
const unsigned char *password,
diff --git a/library/pkcs7.c b/library/pkcs7.c
index 36b49f5..0869c2e 100644
--- a/library/pkcs7.c
+++ b/library/pkcs7.c
@@ -316,7 +316,7 @@
goto out;
}
- signer->issuer_raw.len = *p - signer->issuer_raw.p;
+ signer->issuer_raw.len = (size_t) (*p - signer->issuer_raw.p);
ret = mbedtls_x509_get_serial(p, end_issuer_and_sn, &signer->serial);
if (ret != 0) {
diff --git a/library/pkparse.c b/library/pkparse.c
index 3bb5f7b..d36fa3f 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -15,6 +15,8 @@
#include "mbedtls/platform_util.h"
#include "mbedtls/platform.h"
#include "mbedtls/error.h"
+#include "mbedtls/ecp.h"
+#include "pk_internal.h"
#include <string.h>
@@ -27,10 +29,6 @@
#if defined(MBEDTLS_RSA_C)
#include "mbedtls/rsa.h"
#endif
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
-#include "mbedtls/ecp.h"
-#include "pk_internal.h"
-#endif
/* Extended formats */
#if defined(MBEDTLS_PEM_PARSE_C)
@@ -105,16 +103,21 @@
{
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_usage_t flags;
psa_status_t status;
psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family));
- psa_set_key_algorithm(&attributes, PSA_ALG_ECDH);
- psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE;
- /* Montgomery allows only ECDH, others ECDSA too */
- if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) {
- flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE;
- psa_set_key_enrollment_algorithm(&attributes,
- MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH));
+ if (pk->ec_family == PSA_ECC_FAMILY_MONTGOMERY) {
+ /* Do not set algorithm here because Montgomery keys cannot do ECDSA and
+ * the PK module cannot do ECDH. When the key will be used in TLS for
+ * ECDH, it will be exported and then re-imported with proper flags
+ * and algorithm. */
+ flags = PSA_KEY_USAGE_EXPORT;
+ } else {
+ psa_set_key_algorithm(&attributes,
+ MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH));
+ flags = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE |
+ PSA_KEY_USAGE_EXPORT;
}
psa_set_key_usage_flags(&attributes, flags);
@@ -863,12 +866,6 @@
return 0;
}
-/* Helper for Montgomery curves */
-#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES)
-#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \
- ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448))
-#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
-
/*
* SubjectPublicKeyInfo ::= SEQUENCE {
* algorithm AlgorithmIdentifier,
@@ -928,7 +925,7 @@
ret = pk_use_ecparams(&alg_params, pk);
}
if (ret == 0) {
- ret = pk_ecc_set_pubkey(pk, *p, end - *p);
+ ret = pk_ecc_set_pubkey(pk, *p, (size_t) (end - *p));
*p += end - *p;
}
} else
@@ -1233,7 +1230,7 @@
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
}
- if ((ret = pk_ecc_set_pubkey(pk, p, end2 - p)) == 0) {
+ if ((ret = pk_ecc_set_pubkey(pk, p, (size_t) (end2 - p))) == 0) {
pubkey_done = 1;
} else {
/*
@@ -1412,7 +1409,7 @@
unsigned char *buf;
unsigned char *p, *end;
mbedtls_asn1_buf pbe_alg_oid, pbe_params;
-#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) && defined(MBEDTLS_CIPHER_C)
mbedtls_cipher_type_t cipher_alg;
mbedtls_md_type_t md_alg;
#endif
@@ -1460,7 +1457,7 @@
/*
* Decrypt EncryptedData with appropriate PBE
*/
-#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) && defined(MBEDTLS_CIPHER_C)
if (mbedtls_oid_get_pkcs12_pbe_alg(&pbe_alg_oid, &md_alg, &cipher_alg) == 0) {
if ((ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT,
cipher_alg, md_alg,
@@ -1474,8 +1471,8 @@
decrypted = 1;
} else
-#endif /* MBEDTLS_PKCS12_C */
-#if defined(MBEDTLS_PKCS5_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+#endif /* MBEDTLS_PKCS12_C && MBEDTLS_CIPHER_PADDING_PKCS7 && MBEDTLS_CIPHER_C */
+#if defined(MBEDTLS_PKCS5_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) && defined(MBEDTLS_CIPHER_C)
if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid) == 0) {
if ((ret = mbedtls_pkcs5_pbes2_ext(&pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen,
p, len, buf, len, &outlen)) != 0) {
@@ -1488,7 +1485,7 @@
decrypted = 1;
} else
-#endif /* MBEDTLS_PKCS5_C */
+#endif /* MBEDTLS_PKCS5_C && MBEDTLS_CIPHER_PADDING_PKCS7 && MBEDTLS_CIPHER_C */
{
((void) pwd);
}
@@ -1534,8 +1531,7 @@
ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
} else {
ret = mbedtls_pem_read_buffer(&pem,
- "-----BEGIN RSA PRIVATE KEY-----",
- "-----END RSA PRIVATE KEY-----",
+ PEM_BEGIN_PRIVATE_KEY_RSA, PEM_END_PRIVATE_KEY_RSA,
key, pwd, pwdlen, &len);
}
@@ -1564,8 +1560,8 @@
ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
} else {
ret = mbedtls_pem_read_buffer(&pem,
- "-----BEGIN EC PRIVATE KEY-----",
- "-----END EC PRIVATE KEY-----",
+ PEM_BEGIN_PRIVATE_KEY_EC,
+ PEM_END_PRIVATE_KEY_EC,
key, pwd, pwdlen, &len);
}
if (ret == 0) {
@@ -1594,8 +1590,7 @@
ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
} else {
ret = mbedtls_pem_read_buffer(&pem,
- "-----BEGIN PRIVATE KEY-----",
- "-----END PRIVATE KEY-----",
+ PEM_BEGIN_PRIVATE_KEY_PKCS8, PEM_END_PRIVATE_KEY_PKCS8,
key, NULL, 0, &len);
}
if (ret == 0) {
@@ -1616,8 +1611,8 @@
ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
} else {
ret = mbedtls_pem_read_buffer(&pem,
- "-----BEGIN ENCRYPTED PRIVATE KEY-----",
- "-----END ENCRYPTED PRIVATE KEY-----",
+ PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8,
+ PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8,
key, NULL, 0, &len);
}
if (ret == 0) {
@@ -1743,8 +1738,7 @@
ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
} else {
ret = mbedtls_pem_read_buffer(&pem,
- "-----BEGIN RSA PUBLIC KEY-----",
- "-----END RSA PUBLIC KEY-----",
+ PEM_BEGIN_PUBLIC_KEY_RSA, PEM_END_PUBLIC_KEY_RSA,
key, NULL, 0, &len);
}
@@ -1777,8 +1771,7 @@
ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
} else {
ret = mbedtls_pem_read_buffer(&pem,
- "-----BEGIN PUBLIC KEY-----",
- "-----END PUBLIC KEY-----",
+ PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
key, NULL, 0, &len);
}
diff --git a/library/pkwrite.c b/library/pkwrite.c
index 11c0204..1f0d399 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -18,9 +18,6 @@
#include <string.h>
-#if defined(MBEDTLS_RSA_C)
-#include "mbedtls/rsa.h"
-#endif
#if defined(MBEDTLS_ECP_C)
#include "mbedtls/bignum.h"
#include "mbedtls/ecp.h"
@@ -32,9 +29,6 @@
#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_HAVE_ECC_KEYS)
#include "pkwrite.h"
#endif
-#if defined(MBEDTLS_ECDSA_C)
-#include "mbedtls/ecdsa.h"
-#endif
#if defined(MBEDTLS_PEM_WRITE_C)
#include "mbedtls/pem.h"
#endif
@@ -45,62 +39,22 @@
#endif
#include "mbedtls/platform.h"
-/* Helper for Montgomery curves */
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
-#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES)
-static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk)
-{
- mbedtls_ecp_group_id id = mbedtls_pk_get_group_id(pk);
-
-#if defined(MBEDTLS_ECP_HAVE_CURVE25519)
- if (id == MBEDTLS_ECP_DP_CURVE25519) {
- return 1;
- }
+/* Helpers for properly sizing buffers aimed at holding public keys or
+ * key-pairs based on build symbols. */
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+#define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
+#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
+#elif defined(MBEDTLS_USE_PSA_CRYPTO)
+#define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
+#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
+#else
+#define PK_MAX_EC_PUBLIC_KEY_SIZE MBEDTLS_ECP_MAX_PT_LEN
+#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_ECP_MAX_BYTES
#endif
-#if defined(MBEDTLS_ECP_HAVE_CURVE448)
- if (id == MBEDTLS_ECP_DP_CURVE448) {
- return 1;
- }
-#endif
- return 0;
-}
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PEM_WRITE_C)
-/* It is assumed that the input key is opaque */
-static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk)
-{
- psa_ecc_family_t ec_family = 0;
- psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT;
-
- if (psa_get_key_attributes(pk->priv_id, &key_attrs) != PSA_SUCCESS) {
- return 0;
- }
- ec_family = PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(&key_attrs));
- psa_reset_key_attributes(&key_attrs);
-
- return ec_family;
-}
-#endif /* MBETLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C */
-#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-/* It is assumed that the input key is opaque */
-static psa_key_type_t pk_get_opaque_key_type(const mbedtls_pk_context *pk)
-{
- psa_key_attributes_t opaque_attrs = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_type_t opaque_key_type;
-
- if (psa_get_key_attributes(pk->priv_id, &opaque_attrs) != PSA_SUCCESS) {
- return 0;
- }
- opaque_key_type = psa_get_key_type(&opaque_attrs);
- psa_reset_key_attributes(&opaque_attrs);
-
- return opaque_key_type;
-}
-#endif /* MBETLS_USE_PSA_CRYPTO */
-
+/******************************************************************************
+ * Internal functions for RSA keys.
+ ******************************************************************************/
#if defined(MBEDTLS_RSA_C)
/*
* RSAPublicKey ::= SEQUENCE {
@@ -145,425 +99,7 @@
return (int) len;
}
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
-#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
-static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
- const mbedtls_pk_context *pk)
-{
- size_t len = 0;
- uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
-
- if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
- if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {
- return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
- }
- } else {
- len = pk->pub_raw_len;
- memcpy(buf, pk->pub_raw, len);
- }
-
- if (*p < start || (size_t) (*p - start) < len) {
- return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
- }
-
- *p -= len;
- memcpy(*p, buf, len);
-
- return (int) len;
-}
-#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
-static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
- const mbedtls_pk_context *pk)
-{
- size_t len = 0;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
-#else
- unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
- mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk);
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
- if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {
- return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
- }
- *p -= len;
- memcpy(*p, buf, len);
- return (int) len;
- } else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
- {
- if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q,
- MBEDTLS_ECP_PF_UNCOMPRESSED,
- &len, buf, sizeof(buf))) != 0) {
- return ret;
- }
- }
-
- if (*p < start || (size_t) (*p - start) < len) {
- return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
- }
-
- *p -= len;
- memcpy(*p, buf, len);
-
- return (int) len;
-}
-#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
-
-/*
- * ECParameters ::= CHOICE {
- * namedCurve OBJECT IDENTIFIER
- * }
- */
-static int pk_write_ec_param(unsigned char **p, unsigned char *start,
- mbedtls_ecp_group_id grp_id)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t len = 0;
- const char *oid;
- size_t oid_len;
-
- if ((ret = mbedtls_oid_get_oid_by_ec_grp(grp_id, &oid, &oid_len)) != 0) {
- return ret;
- }
-
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len));
-
- return (int) len;
-}
-
-/*
- * privateKey OCTET STRING -- always of length ceil(log2(n)/8)
- */
-#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
-static int pk_write_ec_private(unsigned char **p, unsigned char *start,
- const mbedtls_pk_context *pk)
-{
- size_t byte_length;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH];
- psa_status_t status;
-
- if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
- status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length);
- if (status != PSA_SUCCESS) {
- ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
- return ret;
- }
- } else {
- status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length);
- if (status != PSA_SUCCESS) {
- ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
- goto exit;
- }
- }
-
- ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length);
-exit:
- mbedtls_platform_zeroize(tmp, sizeof(tmp));
- return ret;
-}
-#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
-static int pk_write_ec_private(unsigned char **p, unsigned char *start,
- const mbedtls_pk_context *pk)
-{
- size_t byte_length;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH];
- psa_status_t status;
-#else
- unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
- status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length);
- if (status != PSA_SUCCESS) {
- ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
- return ret;
- }
- } else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
- {
- mbedtls_ecp_keypair *ec = mbedtls_pk_ec_rw(*pk);
- byte_length = (ec->grp.pbits + 7) / 8;
-
- ret = mbedtls_ecp_write_key(ec, tmp, byte_length);
- if (ret != 0) {
- goto exit;
- }
- }
- ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length);
-exit:
- mbedtls_platform_zeroize(tmp, sizeof(tmp));
- return ret;
-}
-#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-static int pk_write_opaque_pubkey(unsigned char **p, unsigned char *start,
- const mbedtls_pk_context *pk)
-{
- size_t buffer_size;
- size_t len = 0;
-
- if (*p < start) {
- return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
- }
-
- buffer_size = (size_t) (*p - start);
- if (psa_export_public_key(pk->priv_id, start, buffer_size,
- &len) != PSA_SUCCESS) {
- return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
- }
-
- *p -= len;
- memmove(*p, start, len);
-
- return (int) len;
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
- const mbedtls_pk_context *key)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t len = 0;
-
-#if defined(MBEDTLS_RSA_C)
- if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
- MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, key));
- } else
-#endif
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) {
- MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, key));
- } else
-#endif
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) {
- MBEDTLS_ASN1_CHK_ADD(len, pk_write_opaque_pubkey(p, start, key));
- } else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
- return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
-
- return (int) len;
-}
-
-int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned char *c;
- int has_par = 1;
- size_t len = 0, par_len = 0, oid_len = 0;
- mbedtls_pk_type_t pk_type;
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- mbedtls_ecp_group_id ec_grp_id = MBEDTLS_ECP_DP_NONE;
-#endif
- const char *oid = NULL;
-
- if (size == 0) {
- return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
- }
-
- c = buf + size;
-
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_pk_write_pubkey(&c, buf, key));
-
- if (c - buf < 1) {
- return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
- }
-
- /*
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- */
- *--c = 0;
- len += 1;
-
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING));
-
- pk_type = mbedtls_pk_get_type(key);
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- if (pk_type == MBEDTLS_PK_ECKEY) {
- ec_grp_id = mbedtls_pk_get_group_id(key);
- }
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if (pk_type == MBEDTLS_PK_OPAQUE) {
- psa_key_type_t opaque_key_type = pk_get_opaque_key_type(key);
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- if (PSA_KEY_TYPE_IS_ECC(opaque_key_type)) {
- pk_type = MBEDTLS_PK_ECKEY;
- ec_grp_id = mbedtls_pk_get_group_id(key);
- } else
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
- if (PSA_KEY_TYPE_IS_RSA(opaque_key_type)) {
- /* The rest of the function works as for legacy RSA contexts. */
- pk_type = MBEDTLS_PK_RSA;
- }
- }
- /* `pk_type` will have been changed to non-opaque by here if this function can handle it */
- if (pk_type == MBEDTLS_PK_OPAQUE) {
- return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
- }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- if (pk_type == MBEDTLS_PK_ECKEY) {
- /* Some groups have their own AlgorithmIdentifier OID, others are handled
- * by mbedtls_oid_get_oid_by_pk_alg() below */
- ret = mbedtls_oid_get_oid_by_ec_grp_algid(ec_grp_id, &oid, &oid_len);
-
- if (ret == 0) {
- /* Currently, none of the supported algorithms that have their own
- * AlgorithmIdentifier OID have any parameters */
- has_par = 0;
- } else if (ret == MBEDTLS_ERR_OID_NOT_FOUND) {
- MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec_grp_id));
- } else {
- return ret;
- }
- }
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
-
- if (oid_len == 0) {
- if ((ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid,
- &oid_len)) != 0) {
- return ret;
- }
- }
-
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier_ext(&c, buf, oid, oid_len,
- par_len, has_par));
-
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE));
-
- return (int) len;
-}
-
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
-#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES)
-/*
- * RFC8410 section 7
- *
- * OneAsymmetricKey ::= SEQUENCE {
- * version Version,
- * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
- * privateKey PrivateKey,
- * attributes [0] IMPLICIT Attributes OPTIONAL,
- * ...,
- * [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
- * ...
- * }
- * ...
- * CurvePrivateKey ::= OCTET STRING
- */
-static int pk_write_ec_rfc8410_der(unsigned char **p, unsigned char *buf,
- const mbedtls_pk_context *pk)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t len = 0;
- size_t oid_len = 0;
- const char *oid;
- mbedtls_ecp_group_id grp_id;
-
- /* privateKey */
- MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk));
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len));
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_OCTET_STRING));
-
- grp_id = mbedtls_pk_get_group_id(pk);
- /* privateKeyAlgorithm */
- if ((ret = mbedtls_oid_get_oid_by_ec_grp_algid(grp_id, &oid, &oid_len)) != 0) {
- return ret;
- }
- MBEDTLS_ASN1_CHK_ADD(len,
- mbedtls_asn1_write_algorithm_identifier_ext(p, buf, oid, oid_len, 0, 0));
-
- /* version */
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0));
-
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len));
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE));
-
- return (int) len;
-}
-#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
-
-/*
- * RFC 5915, or SEC1 Appendix C.4
- *
- * ECPrivateKey ::= SEQUENCE {
- * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
- * privateKey OCTET STRING,
- * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
- * publicKey [1] BIT STRING OPTIONAL
- * }
- */
-static int pk_write_ec_der(unsigned char **p, unsigned char *buf,
- const mbedtls_pk_context *pk)
-{
- size_t len = 0;
- int ret;
- size_t pub_len = 0, par_len = 0;
- mbedtls_ecp_group_id grp_id;
-
- /* publicKey */
- MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(p, buf, pk));
-
- if (*p - buf < 1) {
- return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
- }
- (*p)--;
- **p = 0;
- pub_len += 1;
-
- MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len));
- MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_BIT_STRING));
-
- MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len));
- MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf,
- MBEDTLS_ASN1_CONTEXT_SPECIFIC |
- MBEDTLS_ASN1_CONSTRUCTED | 1));
- len += pub_len;
-
- /* parameters */
- grp_id = mbedtls_pk_get_group_id(pk);
- MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(p, buf, grp_id));
- MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(p, buf, par_len));
- MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(p, buf,
- MBEDTLS_ASN1_CONTEXT_SPECIFIC |
- MBEDTLS_ASN1_CONSTRUCTED | 0));
- len += par_len;
-
- /* privateKey */
- MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk));
-
- /* version */
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 1));
-
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len));
- MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE));
-
- return (int) len;
-}
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
-
-#if defined(MBEDTLS_RSA_C)
static int pk_write_rsa_der(unsigned char **p, unsigned char *buf,
const mbedtls_pk_context *pk)
{
@@ -673,18 +209,366 @@
}
#endif /* MBEDTLS_RSA_C */
-int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size)
-{
- unsigned char *c;
-#if defined(MBEDTLS_RSA_C)
- int is_rsa_opaque = 0;
-#endif /* MBEDTLS_RSA_C */
+/******************************************************************************
+ * Internal functions for EC keys.
+ ******************************************************************************/
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- int is_ec_opaque = 0;
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
+ const mbedtls_pk_context *pk)
+{
+ size_t len = 0;
+ uint8_t buf[PK_MAX_EC_PUBLIC_KEY_SIZE];
+
+ if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
+ if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {
+ return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+ }
+ } else {
+ len = pk->pub_raw_len;
+ memcpy(buf, pk->pub_raw, len);
+ }
+
+ if (*p < start || (size_t) (*p - start) < len) {
+ return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+ }
+
+ *p -= len;
+ memcpy(*p, buf, len);
+
+ return (int) len;
+}
+#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
+static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
+ const mbedtls_pk_context *pk)
+{
+ size_t len = 0;
+ unsigned char buf[PK_MAX_EC_PUBLIC_KEY_SIZE];
+ mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk);
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_key_type_t opaque_key_type;
+ if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
+ if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {
+ return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+ }
+ *p -= len;
+ memcpy(*p, buf, len);
+ return (int) len;
+ } else
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ {
+ if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q,
+ MBEDTLS_ECP_PF_UNCOMPRESSED,
+ &len, buf, sizeof(buf))) != 0) {
+ return ret;
+ }
+ }
+
+ if (*p < start || (size_t) (*p - start) < len) {
+ return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+ }
+
+ *p -= len;
+ memcpy(*p, buf, len);
+
+ return (int) len;
+}
+#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
+
+/*
+ * privateKey OCTET STRING -- always of length ceil(log2(n)/8)
+ */
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+static int pk_write_ec_private(unsigned char **p, unsigned char *start,
+ const mbedtls_pk_context *pk)
+{
+ size_t byte_length;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ unsigned char tmp[PK_MAX_EC_KEY_PAIR_SIZE];
+ psa_status_t status;
+
+ if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
+ status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length);
+ if (status != PSA_SUCCESS) {
+ ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
+ return ret;
+ }
+ } else {
+ status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length);
+ if (status != PSA_SUCCESS) {
+ ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
+ goto exit;
+ }
+ }
+
+ ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length);
+exit:
+ mbedtls_platform_zeroize(tmp, sizeof(tmp));
+ return ret;
+}
+#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
+static int pk_write_ec_private(unsigned char **p, unsigned char *start,
+ const mbedtls_pk_context *pk)
+{
+ size_t byte_length;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ unsigned char tmp[PK_MAX_EC_KEY_PAIR_SIZE];
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_status_t status;
+ if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
+ status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length);
+ if (status != PSA_SUCCESS) {
+ ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
+ return ret;
+ }
+ } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ {
+ mbedtls_ecp_keypair *ec = mbedtls_pk_ec_rw(*pk);
+ byte_length = (ec->grp.pbits + 7) / 8;
+
+ ret = mbedtls_ecp_write_key(ec, tmp, byte_length);
+ if (ret != 0) {
+ goto exit;
+ }
+ }
+ ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length);
+exit:
+ mbedtls_platform_zeroize(tmp, sizeof(tmp));
+ return ret;
+}
+#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
+
+/*
+ * ECParameters ::= CHOICE {
+ * namedCurve OBJECT IDENTIFIER
+ * }
+ */
+static int pk_write_ec_param(unsigned char **p, unsigned char *start,
+ mbedtls_ecp_group_id grp_id)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ size_t len = 0;
+ const char *oid;
+ size_t oid_len;
+
+ if ((ret = mbedtls_oid_get_oid_by_ec_grp(grp_id, &oid, &oid_len)) != 0) {
+ return ret;
+ }
+
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len));
+
+ return (int) len;
+}
+
+#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES)
+/*
+ * RFC8410 section 7
+ *
+ * OneAsymmetricKey ::= SEQUENCE {
+ * version Version,
+ * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
+ * privateKey PrivateKey,
+ * attributes [0] IMPLICIT Attributes OPTIONAL,
+ * ...,
+ * [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
+ * ...
+ * }
+ * ...
+ * CurvePrivateKey ::= OCTET STRING
+ */
+static int pk_write_ec_rfc8410_der(unsigned char **p, unsigned char *buf,
+ const mbedtls_pk_context *pk)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ size_t len = 0;
+ size_t oid_len = 0;
+ const char *oid;
+ mbedtls_ecp_group_id grp_id;
+
+ /* privateKey */
+ MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk));
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len));
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_OCTET_STRING));
+
+ grp_id = mbedtls_pk_get_ec_group_id(pk);
+ /* privateKeyAlgorithm */
+ if ((ret = mbedtls_oid_get_oid_by_ec_grp_algid(grp_id, &oid, &oid_len)) != 0) {
+ return ret;
+ }
+ MBEDTLS_ASN1_CHK_ADD(len,
+ mbedtls_asn1_write_algorithm_identifier_ext(p, buf, oid, oid_len, 0, 0));
+
+ /* version */
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0));
+
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len));
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE));
+
+ return (int) len;
+}
+#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
+
+/*
+ * RFC 5915, or SEC1 Appendix C.4
+ *
+ * ECPrivateKey ::= SEQUENCE {
+ * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+ * privateKey OCTET STRING,
+ * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+ * publicKey [1] BIT STRING OPTIONAL
+ * }
+ */
+static int pk_write_ec_der(unsigned char **p, unsigned char *buf,
+ const mbedtls_pk_context *pk)
+{
+ size_t len = 0;
+ int ret;
+ size_t pub_len = 0, par_len = 0;
+ mbedtls_ecp_group_id grp_id;
+
+ /* publicKey */
+ MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(p, buf, pk));
+
+ if (*p - buf < 1) {
+ return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+ }
+ (*p)--;
+ **p = 0;
+ pub_len += 1;
+
+ MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len));
+ MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_BIT_STRING));
+
+ MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len));
+ MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf,
+ MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+ MBEDTLS_ASN1_CONSTRUCTED | 1));
+ len += pub_len;
+
+ /* parameters */
+ grp_id = mbedtls_pk_get_ec_group_id(pk);
+ MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(p, buf, grp_id));
+ MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(p, buf, par_len));
+ MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(p, buf,
+ MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+ MBEDTLS_ASN1_CONSTRUCTED | 0));
+ len += par_len;
+
+ /* privateKey */
+ MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk));
+
+ /* version */
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 1));
+
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len));
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE));
+
+ return (int) len;
+}
+#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+
+/******************************************************************************
+ * Internal functions for Opaque keys.
+ ******************************************************************************/
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int pk_write_opaque_pubkey(unsigned char **p, unsigned char *start,
+ const mbedtls_pk_context *pk)
+{
+ size_t buffer_size;
+ size_t len = 0;
+
+ if (*p < start) {
+ return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+ }
+
+ buffer_size = (size_t) (*p - start);
+ if (psa_export_public_key(pk->priv_id, start, buffer_size,
+ &len) != PSA_SUCCESS) {
+ return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+ }
+
+ *p -= len;
+ memmove(*p, start, len);
+
+ return (int) len;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+/******************************************************************************
+ * Generic helpers
+ ******************************************************************************/
+
+/* Extend the public mbedtls_pk_get_type() by getting key type also in case of
+ * opaque keys. */
+static mbedtls_pk_type_t pk_get_type_ext(const mbedtls_pk_context *pk)
+{
+ mbedtls_pk_type_t pk_type = mbedtls_pk_get_type(pk);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if (pk_type == MBEDTLS_PK_OPAQUE) {
+ psa_key_attributes_t opaque_attrs = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_type_t opaque_key_type;
+
+ if (psa_get_key_attributes(pk->priv_id, &opaque_attrs) != PSA_SUCCESS) {
+ return MBEDTLS_PK_NONE;
+ }
+ opaque_key_type = psa_get_key_type(&opaque_attrs);
+ psa_reset_key_attributes(&opaque_attrs);
+
+ if (PSA_KEY_TYPE_IS_ECC(opaque_key_type)) {
+ return MBEDTLS_PK_ECKEY;
+ } else if (PSA_KEY_TYPE_IS_RSA(opaque_key_type)) {
+ return MBEDTLS_PK_RSA;
+ } else {
+ return MBEDTLS_PK_NONE;
+ }
+ } else
+#endif
+ return pk_type;
+}
+
+/******************************************************************************
+ * Public functions for writing private/public DER keys.
+ ******************************************************************************/
+int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
+ const mbedtls_pk_context *key)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ size_t len = 0;
+
+#if defined(MBEDTLS_RSA_C)
+ if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
+ MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, key));
+ } else
+#endif
+#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+ if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) {
+ MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, key));
+ } else
+#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) {
+ MBEDTLS_ASN1_CHK_ADD(len, pk_write_opaque_pubkey(p, start, key));
+ } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+
+ return (int) len;
+}
+
+int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ unsigned char *c;
+ int has_par = 1;
+ size_t len = 0, par_len = 0, oid_len = 0;
+ mbedtls_pk_type_t pk_type;
+ const char *oid = NULL;
if (size == 0) {
return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
@@ -692,25 +576,75 @@
c = buf + size;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) {
- opaque_key_type = pk_get_opaque_key_type(key);
-#if defined(MBEDTLS_RSA_C)
- is_rsa_opaque = PSA_KEY_TYPE_IS_RSA(opaque_key_type);
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- is_ec_opaque = PSA_KEY_TYPE_IS_ECC(opaque_key_type);
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_pk_write_pubkey(&c, buf, key));
+
+ if (c - buf < 1) {
+ return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ /*
+ * SubjectPublicKeyInfo ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * subjectPublicKey BIT STRING }
+ */
+ *--c = 0;
+ len += 1;
+
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING));
+
+ pk_type = pk_get_type_ext(key);
+
+#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+ if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) {
+ mbedtls_ecp_group_id ec_grp_id = mbedtls_pk_get_ec_group_id(key);
+ if (MBEDTLS_PK_IS_RFC8410_GROUP_ID(ec_grp_id)) {
+ ret = mbedtls_oid_get_oid_by_ec_grp_algid(ec_grp_id, &oid, &oid_len);
+ if (ret != 0) {
+ return ret;
+ }
+ has_par = 0;
+ } else {
+ MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec_grp_id));
+ }
+ }
+#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+
+ /* At this point oid_len is not null only for EC Montgomery keys. */
+ if (oid_len == 0) {
+ ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid, &oid_len);
+ if (ret != 0) {
+ return ret;
+ }
+ }
+
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier_ext(&c, buf, oid, oid_len,
+ par_len, has_par));
+
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+ MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE));
+
+ return (int) len;
+}
+
+int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size)
+{
+ unsigned char *c;
+
+ if (size == 0) {
+ return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+ }
+
+ c = buf + size;
#if defined(MBEDTLS_RSA_C)
- if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) || is_rsa_opaque) {
+ if (pk_get_type_ext(key) == MBEDTLS_PK_RSA) {
return pk_write_rsa_der(&c, buf, key);
} else
#endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) || is_ec_opaque) {
+ if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) {
#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES)
if (mbedtls_pk_is_rfc8410(key)) {
return pk_write_ec_rfc8410_der(&c, buf, key);
@@ -722,18 +656,11 @@
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
}
+/******************************************************************************
+ * Public functions for wrinting private/public PEM keys.
+ ******************************************************************************/
#if defined(MBEDTLS_PEM_WRITE_C)
-#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
-#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
-
-#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
-#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
-#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
-#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
-#define PEM_BEGIN_PRIVATE_KEY_PKCS8 "-----BEGIN PRIVATE KEY-----\n"
-#define PEM_END_PRIVATE_KEY_PKCS8 "-----END PRIVATE KEY-----\n"
-
#define PUB_DER_MAX_BYTES \
(MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES > MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES ? \
MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES : MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES)
@@ -756,7 +683,7 @@
goto cleanup;
}
- if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
+ if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY "\n", PEM_END_PUBLIC_KEY "\n",
output_buf + PUB_DER_MAX_BYTES - ret,
ret, buf, size, &olen)) != 0) {
goto cleanup;
@@ -778,57 +705,25 @@
}
const char *begin, *end;
size_t olen = 0;
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- int is_ec_opaque = 0;
-#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES)
- int is_montgomery_opaque = 0;
-#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
-#if defined(MBEDTLS_RSA_C)
- int is_rsa_opaque = 0;
-#endif
if ((ret = mbedtls_pk_write_key_der(key, output_buf, PRV_DER_MAX_BYTES)) < 0) {
goto cleanup;
}
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) {
- psa_key_type_t opaque_key_type = pk_get_opaque_key_type(key);
-
#if defined(MBEDTLS_RSA_C)
- is_rsa_opaque = PSA_KEY_TYPE_IS_RSA(opaque_key_type);
-#endif
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- is_ec_opaque = PSA_KEY_TYPE_IS_ECC(opaque_key_type);
-#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES)
- if (pk_get_opaque_ec_family(key) == PSA_ECC_FAMILY_MONTGOMERY) {
- is_montgomery_opaque = 1;
- }
-#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
- }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_RSA_C)
- if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) || is_rsa_opaque) {
- begin = PEM_BEGIN_PRIVATE_KEY_RSA;
- end = PEM_END_PRIVATE_KEY_RSA;
+ if (pk_get_type_ext(key) == MBEDTLS_PK_RSA) {
+ begin = PEM_BEGIN_PRIVATE_KEY_RSA "\n";
+ end = PEM_END_PRIVATE_KEY_RSA "\n";
} else
#endif
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
- if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) || is_ec_opaque) {
-#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES)
- if (is_montgomery_opaque ||
- ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) &&
- (mbedtls_pk_is_rfc8410(key)))) {
- begin = PEM_BEGIN_PRIVATE_KEY_PKCS8;
- end = PEM_END_PRIVATE_KEY_PKCS8;
- } else
-#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
- {
- begin = PEM_BEGIN_PRIVATE_KEY_EC;
- end = PEM_END_PRIVATE_KEY_EC;
+ if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) {
+ if (mbedtls_pk_is_rfc8410(key)) {
+ begin = PEM_BEGIN_PRIVATE_KEY_PKCS8 "\n";
+ end = PEM_END_PRIVATE_KEY_PKCS8 "\n";
+ } else {
+ begin = PEM_BEGIN_PRIVATE_KEY_EC "\n";
+ end = PEM_END_PRIVATE_KEY_EC "\n";
}
} else
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
diff --git a/library/platform_util.c b/library/platform_util.c
index 6d2dd14..63643d2 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -243,10 +243,10 @@
#include <time.h>
#if !defined(_WIN32) && \
(defined(unix) || defined(__unix) || defined(__unix__) || \
- (defined(__APPLE__) && defined(__MACH__)))
+ (defined(__APPLE__) && defined(__MACH__)) || defined(__HAIKU__))
#include <unistd.h>
-#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__)) */
-#if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 199309L)
+#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__) || __HAIKU__) */
+#if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 199309L) || defined(__HAIKU__)
mbedtls_ms_time_t mbedtls_ms_time(void)
{
int ret;
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index bbd6b24..a8baa6b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -115,6 +115,15 @@
(void) hash_alg;
return global_data.drivers_initialized;
}
+
+int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg)
+{
+ (void) key_type;
+ (void) cipher_alg;
+ return global_data.drivers_initialized;
+}
+
+
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) || \
defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
@@ -408,181 +417,6 @@
}
-
-
-/****************************************************************/
-/* Key management */
-/****************************************************************/
-
-#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
-psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
- size_t *bits)
-{
- switch (grpid) {
-#if defined(MBEDTLS_ECP_HAVE_SECP192R1)
- case MBEDTLS_ECP_DP_SECP192R1:
- *bits = 192;
- return PSA_ECC_FAMILY_SECP_R1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_SECP224R1)
- case MBEDTLS_ECP_DP_SECP224R1:
- *bits = 224;
- return PSA_ECC_FAMILY_SECP_R1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_SECP256R1)
- case MBEDTLS_ECP_DP_SECP256R1:
- *bits = 256;
- return PSA_ECC_FAMILY_SECP_R1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_SECP384R1)
- case MBEDTLS_ECP_DP_SECP384R1:
- *bits = 384;
- return PSA_ECC_FAMILY_SECP_R1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_SECP521R1)
- case MBEDTLS_ECP_DP_SECP521R1:
- *bits = 521;
- return PSA_ECC_FAMILY_SECP_R1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_BP256R1)
- case MBEDTLS_ECP_DP_BP256R1:
- *bits = 256;
- return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_BP384R1)
- case MBEDTLS_ECP_DP_BP384R1:
- *bits = 384;
- return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_BP512R1)
- case MBEDTLS_ECP_DP_BP512R1:
- *bits = 512;
- return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_CURVE25519)
- case MBEDTLS_ECP_DP_CURVE25519:
- *bits = 255;
- return PSA_ECC_FAMILY_MONTGOMERY;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_SECP192K1)
- case MBEDTLS_ECP_DP_SECP192K1:
- *bits = 192;
- return PSA_ECC_FAMILY_SECP_K1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_SECP224K1)
- case MBEDTLS_ECP_DP_SECP224K1:
- *bits = 224;
- return PSA_ECC_FAMILY_SECP_K1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_SECP256K1)
- case MBEDTLS_ECP_DP_SECP256K1:
- *bits = 256;
- return PSA_ECC_FAMILY_SECP_K1;
-#endif
-#if defined(MBEDTLS_ECP_HAVE_CURVE448)
- case MBEDTLS_ECP_DP_CURVE448:
- *bits = 448;
- return PSA_ECC_FAMILY_MONTGOMERY;
-#endif
- default:
- *bits = 0;
- return 0;
- }
-}
-
-mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
- size_t bits,
- int bits_is_sloppy)
-{
- switch (curve) {
- case PSA_ECC_FAMILY_SECP_R1:
- switch (bits) {
-#if defined(PSA_WANT_ECC_SECP_R1_192)
- case 192:
- return MBEDTLS_ECP_DP_SECP192R1;
-#endif
-#if defined(PSA_WANT_ECC_SECP_R1_224)
- case 224:
- return MBEDTLS_ECP_DP_SECP224R1;
-#endif
-#if defined(PSA_WANT_ECC_SECP_R1_256)
- case 256:
- return MBEDTLS_ECP_DP_SECP256R1;
-#endif
-#if defined(PSA_WANT_ECC_SECP_R1_384)
- case 384:
- return MBEDTLS_ECP_DP_SECP384R1;
-#endif
-#if defined(PSA_WANT_ECC_SECP_R1_521)
- case 521:
- return MBEDTLS_ECP_DP_SECP521R1;
- case 528:
- if (bits_is_sloppy) {
- return MBEDTLS_ECP_DP_SECP521R1;
- }
- break;
-#endif
- }
- break;
-
- case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
- switch (bits) {
-#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
- case 256:
- return MBEDTLS_ECP_DP_BP256R1;
-#endif
-#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
- case 384:
- return MBEDTLS_ECP_DP_BP384R1;
-#endif
-#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
- case 512:
- return MBEDTLS_ECP_DP_BP512R1;
-#endif
- }
- break;
-
- case PSA_ECC_FAMILY_MONTGOMERY:
- switch (bits) {
-#if defined(PSA_WANT_ECC_MONTGOMERY_255)
- case 255:
- return MBEDTLS_ECP_DP_CURVE25519;
- case 256:
- if (bits_is_sloppy) {
- return MBEDTLS_ECP_DP_CURVE25519;
- }
- break;
-#endif
-#if defined(PSA_WANT_ECC_MONTGOMERY_448)
- case 448:
- return MBEDTLS_ECP_DP_CURVE448;
-#endif
- }
- break;
-
- case PSA_ECC_FAMILY_SECP_K1:
- switch (bits) {
-#if defined(PSA_WANT_ECC_SECP_K1_192)
- case 192:
- return MBEDTLS_ECP_DP_SECP192K1;
-#endif
-#if defined(PSA_WANT_ECC_SECP_K1_224)
- case 224:
- return MBEDTLS_ECP_DP_SECP224K1;
-#endif
-#if defined(PSA_WANT_ECC_SECP_K1_256)
- case 256:
- return MBEDTLS_ECP_DP_SECP256K1;
-#endif
- }
- break;
- }
-
- (void) bits_is_sloppy;
- return MBEDTLS_ECP_DP_NONE;
-}
-#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
-
psa_status_t psa_validate_unstructured_key_bit_size(psa_key_type_t type,
size_t bits)
{
@@ -1378,9 +1212,9 @@
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
case PSA_KEY_TYPE_RSA_KEY_PAIR:
case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
- /* TODO: reporting the public exponent for opaque keys
- * is not yet implemented.
- * https://github.com/ARMmbed/mbed-crypto/issues/216
+ /* TODO: This is a temporary situation where domain parameters are deprecated,
+ * but we need it for namely generating an RSA key with a non-default exponent.
+ * This would be improved after https://github.com/Mbed-TLS/mbedtls/issues/6494.
*/
if (!psa_key_lifetime_is_external(slot->attr.lifetime)) {
mbedtls_rsa_context *rsa = NULL;
@@ -1400,6 +1234,12 @@
mbedtls_free(rsa);
}
break;
+#else
+ case PSA_KEY_TYPE_RSA_KEY_PAIR:
+ case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
+ attributes->domain_parameters = NULL;
+ attributes->domain_parameters_size = SIZE_MAX;
+ break;
#endif /* (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) ||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
@@ -1849,6 +1689,8 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+ slot->status = PSA_SLOT_OCCUPIED;
+
return PSA_SUCCESS;
}
@@ -6625,7 +6467,7 @@
memcpy(cur, data, data_length);
cur += data_length;
- status = psa_tls12_prf_set_key(prf, pms, cur - pms);
+ status = psa_tls12_prf_set_key(prf, pms, (size_t) (cur - pms));
mbedtls_zeroize_and_free(pms, pms_len);
return status;
@@ -7712,6 +7554,11 @@
}
global_data.drivers_initialized = 1;
+ status = psa_initialize_key_slots();
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+
/* Initialize and seed the random generator. */
mbedtls_psa_random_init(&global_data.rng);
global_data.rng_state = RNG_INITIALIZED;
@@ -7721,11 +7568,6 @@
}
global_data.rng_state = RNG_SEEDED;
- status = psa_initialize_key_slots();
- if (status != PSA_SUCCESS) {
- goto exit;
- }
-
#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
status = psa_crypto_load_transaction();
if (status == PSA_SUCCESS) {
diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c
index 564463f..472d3d3 100644
--- a/library/psa_crypto_client.c
+++ b/library/psa_crypto_client.c
@@ -53,6 +53,11 @@
const psa_key_attributes_t *attributes,
uint8_t *data, size_t data_size, size_t *data_length)
{
+ if (attributes->domain_parameters == NULL &&
+ attributes->domain_parameters_size == SIZE_MAX) {
+ return PSA_ERROR_NOT_SUPPORTED;
+ }
+
if (attributes->domain_parameters_size > data_size) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index d406ce4..ff01add 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -33,12 +33,31 @@
*/
int psa_can_do_hash(psa_algorithm_t hash_alg);
+/**
+ * Tell if PSA is ready for this cipher.
+ *
+ * \note For now, only checks the state of the driver subsystem,
+ * not the algorithm. Might do more in the future.
+ *
+ * \param cipher_alg The cipher algorithm (ignored for now).
+ *
+ * \return 1 if the driver subsytem is ready, 0 otherwise.
+ */
+int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg);
+
+typedef enum {
+ PSA_SLOT_EMPTY = 0,
+ PSA_SLOT_OCCUPIED,
+} psa_key_slot_status_t;
+
/** The data structure representing a key slot, containing key material
* and metadata for one key.
*/
typedef struct {
psa_core_key_attributes_t attr;
+ psa_key_slot_status_t status;
+
/*
* Number of locks on the key slot held by the library.
*
@@ -88,7 +107,7 @@
*/
static inline int psa_is_key_slot_occupied(const psa_key_slot_t *slot)
{
- return slot->attr.type != 0;
+ return slot->status == PSA_SLOT_OCCUPIED;
}
/** Test whether a key slot is locked.
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 3b8a319..5ecc3a7 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -237,11 +237,20 @@
data = (psa_se_key_data_storage_t *) key_data;
status = psa_copy_key_material_into_slot(
slot, data->slot_number, sizeof(data->slot_number));
+
+ if (status == PSA_SUCCESS) {
+ slot->status = PSA_SLOT_OCCUPIED;
+ }
goto exit;
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
status = psa_copy_key_material_into_slot(slot, key_data, key_data_length);
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+
+ slot->status = PSA_SLOT_OCCUPIED;
exit:
psa_free_persistent_key_data(key_data, key_data_length);
@@ -315,6 +324,7 @@
/* Copy actual key length and core attributes into the slot on success */
slot->key.bytes = key_buffer_length;
slot->attr = attributes.core;
+ slot->status = PSA_SLOT_OCCUPIED;
exit:
if (status != PSA_SUCCESS) {
diff --git a/library/psa_its_file.c b/library/psa_its_file.c
index 3f32d7d..9567137 100644
--- a/library/psa_its_file.c
+++ b/library/psa_its_file.c
@@ -98,14 +98,9 @@
return PSA_ERROR_DATA_CORRUPT;
}
- p_info->size = (header.size[0] |
- header.size[1] << 8 |
- header.size[2] << 16 |
- header.size[3] << 24);
- p_info->flags = (header.flags[0] |
- header.flags[1] << 8 |
- header.flags[2] << 16 |
- header.flags[3] << 24);
+ p_info->size = MBEDTLS_GET_UINT32_LE(header.size, 0);
+ p_info->flags = MBEDTLS_GET_UINT32_LE(header.flags, 0);
+
return PSA_SUCCESS;
}
diff --git a/library/psa_util.c b/library/psa_util.c
index 0225bbf..36b7175 100644
--- a/library/psa_util.c
+++ b/library/psa_util.c
@@ -12,7 +12,6 @@
#include <psa/crypto.h>
-#include "psa_crypto_core.h"
#include "psa_util_internal.h"
/* The following includes are needed for MBEDTLS_ERR_XXX macros */
@@ -38,6 +37,9 @@
#if defined(MBEDTLS_PK_C)
#include <mbedtls/pk.h>
#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+#include <mbedtls/cipher.h>
+#endif
/* PSA_SUCCESS is kept at the top of each error table since
* it's the most common status when everything functions properly. */
@@ -50,6 +52,17 @@
{ PSA_ERROR_INSUFFICIENT_MEMORY, MBEDTLS_ERR_MD_ALLOC_FAILED }
};
#endif
+
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+const mbedtls_error_pair_t psa_to_cipher_errors[] =
+{
+ { PSA_SUCCESS, 0 },
+ { PSA_ERROR_NOT_SUPPORTED, MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE },
+ { PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA },
+ { PSA_ERROR_INSUFFICIENT_MEMORY, MBEDTLS_ERR_CIPHER_ALLOC_FAILED }
+};
+#endif
+
#if defined(MBEDTLS_LMS_C)
const mbedtls_error_pair_t psa_to_lms_errors[] =
{
@@ -58,6 +71,7 @@
{ PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_LMS_BAD_INPUT_DATA }
};
#endif
+
#if defined(MBEDTLS_SSL_TLS_C) && \
(defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3))
const mbedtls_error_pair_t psa_to_ssl_errors[] =
@@ -157,4 +171,178 @@
}
}
#endif /* MBEDTLS_PK_C */
+
+/****************************************************************/
+/* Key management */
+/****************************************************************/
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
+ size_t *bits)
+{
+ switch (grpid) {
+#if defined(MBEDTLS_ECP_HAVE_SECP192R1)
+ case MBEDTLS_ECP_DP_SECP192R1:
+ *bits = 192;
+ return PSA_ECC_FAMILY_SECP_R1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_SECP224R1)
+ case MBEDTLS_ECP_DP_SECP224R1:
+ *bits = 224;
+ return PSA_ECC_FAMILY_SECP_R1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_SECP256R1)
+ case MBEDTLS_ECP_DP_SECP256R1:
+ *bits = 256;
+ return PSA_ECC_FAMILY_SECP_R1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_SECP384R1)
+ case MBEDTLS_ECP_DP_SECP384R1:
+ *bits = 384;
+ return PSA_ECC_FAMILY_SECP_R1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_SECP521R1)
+ case MBEDTLS_ECP_DP_SECP521R1:
+ *bits = 521;
+ return PSA_ECC_FAMILY_SECP_R1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_BP256R1)
+ case MBEDTLS_ECP_DP_BP256R1:
+ *bits = 256;
+ return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_BP384R1)
+ case MBEDTLS_ECP_DP_BP384R1:
+ *bits = 384;
+ return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_BP512R1)
+ case MBEDTLS_ECP_DP_BP512R1:
+ *bits = 512;
+ return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_CURVE25519)
+ case MBEDTLS_ECP_DP_CURVE25519:
+ *bits = 255;
+ return PSA_ECC_FAMILY_MONTGOMERY;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_SECP192K1)
+ case MBEDTLS_ECP_DP_SECP192K1:
+ *bits = 192;
+ return PSA_ECC_FAMILY_SECP_K1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_SECP224K1)
+ case MBEDTLS_ECP_DP_SECP224K1:
+ *bits = 224;
+ return PSA_ECC_FAMILY_SECP_K1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_SECP256K1)
+ case MBEDTLS_ECP_DP_SECP256K1:
+ *bits = 256;
+ return PSA_ECC_FAMILY_SECP_K1;
+#endif
+#if defined(MBEDTLS_ECP_HAVE_CURVE448)
+ case MBEDTLS_ECP_DP_CURVE448:
+ *bits = 448;
+ return PSA_ECC_FAMILY_MONTGOMERY;
+#endif
+ default:
+ *bits = 0;
+ return 0;
+ }
+}
+
+mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
+ size_t bits,
+ int bits_is_sloppy)
+{
+ switch (curve) {
+ case PSA_ECC_FAMILY_SECP_R1:
+ switch (bits) {
+#if defined(PSA_WANT_ECC_SECP_R1_192)
+ case 192:
+ return MBEDTLS_ECP_DP_SECP192R1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_224)
+ case 224:
+ return MBEDTLS_ECP_DP_SECP224R1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_256)
+ case 256:
+ return MBEDTLS_ECP_DP_SECP256R1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_384)
+ case 384:
+ return MBEDTLS_ECP_DP_SECP384R1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_521)
+ case 521:
+ return MBEDTLS_ECP_DP_SECP521R1;
+ case 528:
+ if (bits_is_sloppy) {
+ return MBEDTLS_ECP_DP_SECP521R1;
+ }
+ break;
+#endif
+ }
+ break;
+
+ case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
+ switch (bits) {
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
+ case 256:
+ return MBEDTLS_ECP_DP_BP256R1;
+#endif
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
+ case 384:
+ return MBEDTLS_ECP_DP_BP384R1;
+#endif
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
+ case 512:
+ return MBEDTLS_ECP_DP_BP512R1;
+#endif
+ }
+ break;
+
+ case PSA_ECC_FAMILY_MONTGOMERY:
+ switch (bits) {
+#if defined(PSA_WANT_ECC_MONTGOMERY_255)
+ case 255:
+ return MBEDTLS_ECP_DP_CURVE25519;
+ case 256:
+ if (bits_is_sloppy) {
+ return MBEDTLS_ECP_DP_CURVE25519;
+ }
+ break;
+#endif
+#if defined(PSA_WANT_ECC_MONTGOMERY_448)
+ case 448:
+ return MBEDTLS_ECP_DP_CURVE448;
+#endif
+ }
+ break;
+
+ case PSA_ECC_FAMILY_SECP_K1:
+ switch (bits) {
+#if defined(PSA_WANT_ECC_SECP_K1_192)
+ case 192:
+ return MBEDTLS_ECP_DP_SECP192K1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_K1_224)
+ case 224:
+ return MBEDTLS_ECP_DP_SECP224K1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_K1_256)
+ case 256:
+ return MBEDTLS_ECP_DP_SECP256K1;
+#endif
+ }
+ break;
+ }
+
+ (void) bits_is_sloppy;
+ return MBEDTLS_ECP_DP_NONE;
+}
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
+
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_util_internal.h b/library/psa_util_internal.h
index fcc79ae..3e62d5f 100644
--- a/library/psa_util_internal.h
+++ b/library/psa_util_internal.h
@@ -52,6 +52,10 @@
extern const mbedtls_error_pair_t psa_to_md_errors[4];
#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+extern const mbedtls_error_pair_t psa_to_cipher_errors[4];
+#endif
+
#if defined(MBEDTLS_LMS_C)
extern const mbedtls_error_pair_t psa_to_lms_errors[3];
#endif
diff --git a/library/rsa.c b/library/rsa.c
index 38c3dd6..2b9f85b 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -29,6 +29,7 @@
#include "mbedtls/rsa.h"
#include "rsa_alt_helpers.h"
+#include "rsa_internal.h"
#include "mbedtls/oid.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
@@ -1620,12 +1621,12 @@
goto cleanup;
}
- if (ilen - (p - buf) > output_max_len) {
+ if (ilen - ((size_t) (p - buf)) > output_max_len) {
ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
goto cleanup;
}
- *olen = ilen - (p - buf);
+ *olen = ilen - ((size_t) (p - buf));
if (*olen != 0) {
memcpy(output, p, *olen);
}
@@ -1712,14 +1713,14 @@
}
#if defined(MBEDTLS_PKCS1_V21)
-static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- int saltlen,
- unsigned char *sig)
+static int rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ int saltlen,
+ unsigned char *sig)
{
size_t olen;
unsigned char *p = sig;
@@ -1727,15 +1728,12 @@
size_t slen, min_slen, hlen, offset = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t msb;
+ mbedtls_md_type_t hash_id;
if ((md_alg != MBEDTLS_MD_NONE || hashlen != 0) && hash == NULL) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
}
- if (ctx->padding != MBEDTLS_RSA_PKCS_V21) {
- return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
- }
-
if (f_rng == NULL) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
}
@@ -1754,7 +1752,11 @@
}
}
- hlen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) ctx->hash_id);
+ hash_id = (mbedtls_md_type_t) ctx->hash_id;
+ if (hash_id == MBEDTLS_MD_NONE) {
+ hash_id = md_alg;
+ }
+ hlen = mbedtls_md_get_size_from_type(hash_id);
if (hlen == 0) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
}
@@ -1797,7 +1799,7 @@
p += slen;
/* Generate H = Hash( M' ) */
- ret = hash_mprime(hash, hashlen, salt, slen, p, (mbedtls_md_type_t) ctx->hash_id);
+ ret = hash_mprime(hash, hashlen, salt, slen, p, hash_id);
if (ret != 0) {
return ret;
}
@@ -1808,8 +1810,7 @@
}
/* maskedDB: Apply dbMask to DB */
- ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen,
- (mbedtls_md_type_t) ctx->hash_id);
+ ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen, hash_id);
if (ret != 0) {
return ret;
}
@@ -1823,6 +1824,37 @@
return mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig);
}
+static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ int saltlen,
+ unsigned char *sig)
+{
+ if (ctx->padding != MBEDTLS_RSA_PKCS_V21) {
+ return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+ }
+ if (ctx->hash_id == MBEDTLS_MD_NONE) {
+ return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+ }
+ return rsa_rsassa_pss_sign_no_mode_check(ctx, f_rng, p_rng, md_alg, hashlen, hash, saltlen,
+ sig);
+}
+
+int mbedtls_rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ unsigned char *sig)
+{
+ return rsa_rsassa_pss_sign_no_mode_check(ctx, f_rng, p_rng, md_alg,
+ hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig);
+}
+
/*
* Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function with
* the option to pass in the salt length.
@@ -1840,7 +1872,6 @@
hashlen, hash, saltlen, sig);
}
-
/*
* Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function
*/
@@ -2191,7 +2222,7 @@
return MBEDTLS_ERR_RSA_INVALID_PADDING;
}
- observed_salt_len = hash_start - p;
+ observed_salt_len = (size_t) (hash_start - p);
if (expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY &&
observed_salt_len != (size_t) expected_salt_len) {
diff --git a/library/rsa_alt_helpers.h b/library/rsa_alt_helpers.h
index ca0840b..052b024 100644
--- a/library/rsa_alt_helpers.h
+++ b/library/rsa_alt_helpers.h
@@ -37,11 +37,9 @@
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- *
*/
-
-#ifndef MBEDTLS_RSA_INTERNAL_H
-#define MBEDTLS_RSA_INTERNAL_H
+#ifndef MBEDTLS_RSA_ALT_HELPERS_H
+#define MBEDTLS_RSA_ALT_HELPERS_H
#include "mbedtls/build_info.h"
diff --git a/library/rsa_internal.h b/library/rsa_internal.h
new file mode 100644
index 0000000..4081ac6
--- /dev/null
+++ b/library/rsa_internal.h
@@ -0,0 +1,42 @@
+/**
+ * \file rsa_internal.h
+ *
+ * \brief Internal-only RSA public-key cryptosystem API.
+ *
+ * This file declares RSA-related functions that are to be used
+ * only from within the Mbed TLS library itself.
+ *
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_RSA_INTERNAL_H
+#define MBEDTLS_RSA_INTERNAL_H
+
+#include "mbedtls/rsa.h"
+
+#if defined(MBEDTLS_PKCS1_V21)
+/**
+ * \brief This function is analogue to \c mbedtls_rsa_rsassa_pss_sign().
+ * The only difference between them is that this function is more flexible
+ * on the parameters of \p ctx that are set with \c mbedtls_rsa_set_padding().
+ *
+ * \note Compared to its counterpart, this function:
+ * - does not check the padding setting of \p ctx.
+ * - allows the hash_id of \p ctx to be MBEDTLS_MD_NONE,
+ * in which case it uses \p md_alg as the hash_id.
+ *
+ * \note Refer to \c mbedtls_rsa_rsassa_pss_sign() for a description
+ * of the functioning and parameters of this function.
+ */
+int mbedtls_rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ unsigned char *sig);
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#endif /* rsa_internal.h */
diff --git a/library/sha256.c b/library/sha256.c
index 45ad6d8..8788981 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -28,7 +28,7 @@
* By defining the macros ourselves we gain access to those declarations without
* requiring -march on the command line.
*
- * `arm_neon.h` could be included by any header file, so we put these defines
+ * `arm_neon.h` is included by common.h, so we put these defines
* at the top of this file, before any includes.
*/
#define __ARM_FEATURE_CRYPTO 1
@@ -62,9 +62,7 @@
# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \
defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
-# ifdef __ARM_NEON
-# include <arm_neon.h>
-# else
+# if !defined(MBEDTLS_HAVE_NEON_INTRINSICS)
# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT)
# warning "Target does not support NEON instructions"
# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
@@ -126,12 +124,7 @@
# include <signal.h>
# endif
# endif
-#elif defined(_M_ARM64)
-# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \
- defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
-# include <arm64_neon.h>
-# endif
-#else
+#elif !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64)
# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY
# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
#endif
@@ -156,7 +149,7 @@
{
return 1;
}
-#elif defined(_M_ARM64)
+#elif defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64)
#define WIN32_LEAN_AND_MEAN
#include <Windows.h>
#include <processthreadsapi.h>
diff --git a/library/sha512.c b/library/sha512.c
index e7af121..6011254 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -19,7 +19,7 @@
* By defining the macros ourselves we gain access to those declarations without
* requiring -march on the command line.
*
- * `arm_neon.h` could be included by any header file, so we put these defines
+ * `arm_neon.h` is included by common.h, so we put these defines
* at the top of this file, before any includes.
*/
#define __ARM_FEATURE_SHA512 1
@@ -48,9 +48,7 @@
# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \
defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
/* *INDENT-OFF* */
-# ifdef __ARM_NEON
-# include <arm_neon.h>
-# else
+# if !defined(MBEDTLS_HAVE_NEON_INTRINSICS)
# error "Target does not support NEON instructions"
# endif
/*
@@ -109,12 +107,7 @@
# include <signal.h>
# endif
# endif
-#elif defined(_M_ARM64)
-# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \
- defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
-# include <arm64_neon.h>
-# endif
-#else
+#elif !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64)
# undef MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
# undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
#endif
@@ -142,7 +135,7 @@
NULL, 0);
return ret == 0 && value != 0;
}
-#elif defined(_M_ARM64)
+#elif defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64)
/*
* As of March 2022, there don't appear to be any PF_ARM_V8_* flags
* available to pass to IsProcessorFeaturePresent() to check for
diff --git a/library/ssl_client.c b/library/ssl_client.c
index 0e87d86..d585ca5 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -155,7 +155,7 @@
p += protocol_name_len;
}
- *out_len = p - buf;
+ *out_len = (size_t) (p - buf);
/* List length = *out_len - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */
MBEDTLS_PUT_UINT16_BE(*out_len - 6, buf, 4);
@@ -285,7 +285,7 @@
}
/* Length of named_group_list */
- named_group_list_len = p - named_group_list;
+ named_group_list_len = (size_t) (p - named_group_list);
if (named_group_list_len == 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("No group available."));
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@@ -301,7 +301,7 @@
MBEDTLS_SSL_DEBUG_BUF(3, "Supported groups extension",
buf + 4, named_group_list_len + 2);
- *out_len = p - buf;
+ *out_len = (size_t) (p - buf);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_tls13_set_hs_sent_ext_mask(
@@ -391,14 +391,14 @@
}
/* Write the cipher_suites length in number of bytes */
- cipher_suites_len = p - cipher_suites;
+ cipher_suites_len = (size_t) (p - cipher_suites);
MBEDTLS_PUT_UINT16_BE(cipher_suites_len, buf, 0);
MBEDTLS_SSL_DEBUG_MSG(3,
("client hello, got %" MBEDTLS_PRINTF_SIZET " cipher suites",
cipher_suites_len/2));
/* Output the total length of cipher_suites field. */
- *out_len = p - buf;
+ *out_len = (size_t) (p - buf);
return 0;
}
@@ -609,7 +609,7 @@
int ssl_write_supported_groups_ext_flags = 0;
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
- if (propose_tls13 && mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
+ if (propose_tls13 && mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
ssl_write_supported_groups_ext_flags |=
SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_3_FLAG;
}
@@ -637,7 +637,7 @@
int write_sig_alg_ext = 0;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
write_sig_alg_ext = write_sig_alg_ext ||
- (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl));
+ (propose_tls13 && mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl));
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
write_sig_alg_ext = write_sig_alg_ext || propose_tls12;
@@ -668,7 +668,7 @@
/* The "pre_shared_key" extension (RFC 8446 Section 4.2.11)
* MUST be the last extension in the ClientHello.
*/
- if (propose_tls13 && mbedtls_ssl_conf_tls13_some_psk_enabled(ssl)) {
+ if (propose_tls13 && mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) {
ret = mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext(
ssl, p, end, &output_len, binders_len);
if (ret != 0) {
@@ -679,7 +679,7 @@
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
/* Write the length of the list of extensions. */
- extensions_len = p - p_extensions_len - 2;
+ extensions_len = (size_t) (p - p_extensions_len) - 2;
if (extensions_len == 0) {
p = p_extensions_len;
@@ -691,12 +691,7 @@
p_extensions_len, extensions_len);
}
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
- MBEDTLS_SSL_PRINT_EXTS(
- 3, MBEDTLS_SSL_HS_CLIENT_HELLO, handshake->sent_extensions);
-#endif
-
- *out_len = p - buf;
+ *out_len = (size_t) (p - buf);
return 0;
}
@@ -758,7 +753,8 @@
session_negotiate->ticket != NULL) {
mbedtls_ms_time_t now = mbedtls_ms_time();
mbedtls_ms_time_t age = now - session_negotiate->ticket_reception_time;
- if (age < 0 || age > session_negotiate->ticket_lifetime * 1000) {
+ if (age < 0 ||
+ age > (mbedtls_ms_time_t) session_negotiate->ticket_lifetime * 1000) {
/* Without valid ticket, disable session resumption.*/
MBEDTLS_SSL_DEBUG_MSG(
3, ("Ticket expired, disable session resumption"));
@@ -1006,6 +1002,11 @@
#endif
}
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+ MBEDTLS_SSL_PRINT_EXTS(
+ 3, MBEDTLS_SSL_HS_CLIENT_HELLO, ssl->handshake->sent_extensions);
+#endif
+
cleanup:
MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client hello"));
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index c636ad4..96afe76 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -439,6 +439,19 @@
size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+/**
+ * \brief Get the size limit in bytes for the protected outgoing records
+ * as defined in RFC 8449
+ *
+ * \param ssl SSL context
+ *
+ * \return The size limit in bytes for the protected outgoing
+ * records as defined in RFC 8449.
+ */
+size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl);
+#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
+
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
static inline size_t mbedtls_ssl_get_output_buflen(const mbedtls_ssl_context *ctx)
{
@@ -1409,7 +1422,7 @@
* Write handshake message header
*/
MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned hs_type,
+int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned char hs_type,
unsigned char **buf, size_t *buf_len);
MBEDTLS_CHECK_RETURN_CRITICAL
@@ -1901,89 +1914,89 @@
/*
* Helper functions around key exchange modes.
*/
-static inline unsigned mbedtls_ssl_conf_tls13_check_kex_modes(mbedtls_ssl_context *ssl,
- int kex_mode_mask)
+static inline int mbedtls_ssl_conf_tls13_is_kex_mode_enabled(mbedtls_ssl_context *ssl,
+ int kex_mode_mask)
{
return (ssl->conf->tls13_kex_modes & kex_mode_mask) != 0;
}
-static inline int mbedtls_ssl_conf_tls13_psk_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_conf_tls13_is_psk_enabled(mbedtls_ssl_context *ssl)
{
- return mbedtls_ssl_conf_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK);
+ return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK);
}
-static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(mbedtls_ssl_context *ssl)
{
- return mbedtls_ssl_conf_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL);
+ return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL);
}
-static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_conf_tls13_is_ephemeral_enabled(mbedtls_ssl_context *ssl)
{
- return mbedtls_ssl_conf_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL);
+ return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL);
}
-static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(mbedtls_ssl_context *ssl)
{
- return mbedtls_ssl_conf_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL);
+ return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL);
}
-static inline int mbedtls_ssl_conf_tls13_some_psk_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context *ssl)
{
- return mbedtls_ssl_conf_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL);
+ return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL);
}
#if defined(MBEDTLS_SSL_SRV_C) && \
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/**
* Given a list of key exchange modes, check if at least one of them is
- * supported.
+ * supported by peer.
*
* \param[in] ssl SSL context
* \param kex_modes_mask Mask of the key exchange modes to check
*
- * \return 0 if at least one of the key exchange modes is supported,
- * !=0 otherwise.
+ * \return Non-zero if at least one of the key exchange modes is supported by
+ * the peer, otherwise \c 0.
*/
-static inline unsigned mbedtls_ssl_tls13_check_kex_modes(mbedtls_ssl_context *ssl,
- int kex_modes_mask)
+static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *ssl,
+ int kex_modes_mask)
{
- return (ssl->handshake->tls13_kex_modes & kex_modes_mask) == 0;
+ return (ssl->handshake->tls13_kex_modes & kex_modes_mask) != 0;
}
-static inline int mbedtls_ssl_tls13_psk_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_tls13_is_psk_supported(mbedtls_ssl_context *ssl)
{
- return !mbedtls_ssl_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK);
+ return mbedtls_ssl_tls13_is_kex_mode_supported(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK);
}
-static inline int mbedtls_ssl_tls13_psk_ephemeral_enabled(
+static inline int mbedtls_ssl_tls13_is_psk_ephemeral_supported(
mbedtls_ssl_context *ssl)
{
- return !mbedtls_ssl_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL);
+ return mbedtls_ssl_tls13_is_kex_mode_supported(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL);
}
-static inline int mbedtls_ssl_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_tls13_is_ephemeral_supported(mbedtls_ssl_context *ssl)
{
- return !mbedtls_ssl_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL);
+ return mbedtls_ssl_tls13_is_kex_mode_supported(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL);
}
-static inline int mbedtls_ssl_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_tls13_is_some_ephemeral_supported(mbedtls_ssl_context *ssl)
{
- return !mbedtls_ssl_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL);
+ return mbedtls_ssl_tls13_is_kex_mode_supported(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL);
}
-static inline int mbedtls_ssl_tls13_some_psk_enabled(mbedtls_ssl_context *ssl)
+static inline int mbedtls_ssl_tls13_is_some_psk_supported(mbedtls_ssl_context *ssl)
{
- return !mbedtls_ssl_tls13_check_kex_modes(ssl,
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL);
+ return mbedtls_ssl_tls13_is_kex_mode_supported(ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL);
}
#endif /* MBEDTLS_SSL_SRV_C &&
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
@@ -2113,6 +2126,7 @@
#if defined(MBEDTLS_SSL_EARLY_DATA)
int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl,
+ int in_new_session_ticket,
unsigned char *buf,
const unsigned char *end,
size_t *out_len);
@@ -2690,12 +2704,18 @@
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH (2)
-#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN (64)
+#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN (64) /* As defined in RFC 8449 */
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,
const unsigned char *buf,
const unsigned char *end);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl,
+ unsigned char *buf,
+ const unsigned char *end,
+ size_t *out_len);
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
#if defined(MBEDTLS_SSL_ALPN)
@@ -2768,40 +2788,53 @@
#define MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME (604800)
-static inline unsigned int mbedtls_ssl_session_get_ticket_flags(
+static inline unsigned int mbedtls_ssl_tls13_session_get_ticket_flags(
mbedtls_ssl_session *session, unsigned int flags)
{
return session->ticket_flags &
(flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
}
-static inline unsigned int mbedtls_ssl_session_check_ticket_flags(
+/**
+ * Check if at least one of the given flags is set in
+ * the session ticket. See the definition of
+ * `MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK` to get all
+ * permitted flags.
+ */
+static inline int mbedtls_ssl_tls13_session_ticket_has_flags(
mbedtls_ssl_session *session, unsigned int flags)
{
- return mbedtls_ssl_session_get_ticket_flags(session, flags) == 0;
+ return mbedtls_ssl_tls13_session_get_ticket_flags(session, flags) != 0;
}
-static inline unsigned int mbedtls_ssl_session_ticket_allow_psk(
+static inline int mbedtls_ssl_tls13_session_ticket_allow_psk(
mbedtls_ssl_session *session)
{
- return !mbedtls_ssl_session_check_ticket_flags(session,
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION);
+ return mbedtls_ssl_tls13_session_ticket_has_flags(
+ session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION);
}
-static inline unsigned int mbedtls_ssl_session_ticket_allow_psk_ephemeral(
+static inline int mbedtls_ssl_tls13_session_ticket_allow_psk_ephemeral(
mbedtls_ssl_session *session)
{
- return !mbedtls_ssl_session_check_ticket_flags(session,
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION);
+ return mbedtls_ssl_tls13_session_ticket_has_flags(
+ session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION);
}
-static inline void mbedtls_ssl_session_set_ticket_flags(
+static inline unsigned int mbedtls_ssl_tls13_session_ticket_allow_early_data(
+ mbedtls_ssl_session *session)
+{
+ return mbedtls_ssl_tls13_session_ticket_has_flags(
+ session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
+}
+
+static inline void mbedtls_ssl_tls13_session_set_ticket_flags(
mbedtls_ssl_session *session, unsigned int flags)
{
session->ticket_flags |= (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
}
-static inline void mbedtls_ssl_session_clear_ticket_flags(
+static inline void mbedtls_ssl_tls13_session_clear_ticket_flags(
mbedtls_ssl_session *session, unsigned int flags)
{
session->ticket_flags &= ~(flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index cffd1c9..6579c96 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -848,7 +848,7 @@
cur += 2;
}
- *add_data_len = cur - add_data;
+ *add_data_len = (size_t) (cur - add_data);
}
#if defined(MBEDTLS_SSL_HAVE_AEAD)
@@ -1212,7 +1212,7 @@
iv, transform->ivlen,
add_data, add_data_len,
data, rec->data_len, /* src */
- data, rec->buf_len - (data - rec->buf), /* dst */
+ data, rec->buf_len - (size_t) (data - rec->buf), /* dst */
&rec->data_len,
transform->taglen)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_encrypt_ext", ret);
@@ -1635,12 +1635,13 @@
return ret;
}
#else
- if ((ret = mbedtls_cipher_auth_decrypt_ext(&transform->cipher_ctx_dec,
- iv, transform->ivlen,
- add_data, add_data_len,
- data, rec->data_len + transform->taglen, /* src */
- data, rec->buf_len - (data - rec->buf), &olen, /* dst */
- transform->taglen)) != 0) {
+ if ((ret = mbedtls_cipher_auth_decrypt_ext
+ (&transform->cipher_ctx_dec,
+ iv, transform->ivlen,
+ add_data, add_data_len,
+ data, rec->data_len + transform->taglen, /* src */
+ data, rec->buf_len - (size_t) (data - rec->buf), &olen, /* dst */
+ transform->taglen)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_decrypt_ext", ret);
if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) {
@@ -2228,7 +2229,7 @@
MBEDTLS_SSL_DEBUG_MSG(2, ("timer has expired"));
ret = MBEDTLS_ERR_SSL_TIMEOUT;
} else {
- len = in_buf_len - (ssl->in_hdr - ssl->in_buf);
+ len = in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf);
if (mbedtls_ssl_is_handshake_over(ssl) == 0) {
timeout = ssl->handshake->retransmit_timeout;
@@ -2592,7 +2593,7 @@
} else {
const unsigned char * const p = ssl->handshake->cur_msg_p;
const size_t hs_len = cur->len - 12;
- const size_t frag_off = p - (cur->p + 12);
+ const size_t frag_off = (size_t) (p - (cur->p + 12));
const size_t rem_len = hs_len - frag_off;
size_t cur_hs_frag_len, max_hs_frag_len;
@@ -2730,7 +2731,7 @@
/*
* Handshake layer functions
*/
-int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned hs_type,
+int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned char hs_type,
unsigned char **buf, size_t *buf_len)
{
/*
@@ -2969,9 +2970,9 @@
mbedtls_record rec;
rec.buf = ssl->out_iv;
- rec.buf_len = out_buf_len - (ssl->out_iv - ssl->out_buf);
+ rec.buf_len = out_buf_len - (size_t) (ssl->out_iv - ssl->out_buf);
rec.data_len = ssl->out_msglen;
- rec.data_offset = ssl->out_msg - rec.buf;
+ rec.data_offset = (size_t) (ssl->out_msg - rec.buf);
memcpy(&rec.ctr[0], ssl->out_ctr, sizeof(rec.ctr));
mbedtls_ssl_write_version(rec.ver, ssl->conf->transport, tls_ver);
@@ -3096,16 +3097,12 @@
static uint32_t ssl_get_hs_frag_len(mbedtls_ssl_context const *ssl)
{
- return (ssl->in_msg[9] << 16) |
- (ssl->in_msg[10] << 8) |
- ssl->in_msg[11];
+ return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 9);
}
static uint32_t ssl_get_hs_frag_off(mbedtls_ssl_context const *ssl)
{
- return (ssl->in_msg[6] << 16) |
- (ssl->in_msg[7] << 8) |
- ssl->in_msg[8];
+ return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 6);
}
MBEDTLS_CHECK_RETURN_CRITICAL
@@ -3218,9 +3215,7 @@
static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl)
{
- return (ssl->in_msg[1] << 16) |
- (ssl->in_msg[2] << 8) |
- ssl->in_msg[3];
+ return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 1);
}
int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl)
@@ -3241,7 +3236,7 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned int recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5];
+ unsigned int recv_msg_seq = MBEDTLS_GET_UINT16_BE(ssl->in_msg, 4);
if (ssl_check_hs_header(ssl) != 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("invalid handshake header"));
@@ -3594,7 +3589,7 @@
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
- *olen = p - obuf;
+ *olen = (size_t) (p - obuf);
/* Go back and fill length fields */
obuf[27] = (unsigned char) (*olen - 28);
@@ -3632,7 +3627,7 @@
static int ssl_handle_possible_reconnect(mbedtls_ssl_context *ssl)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t len;
+ size_t len = 0;
if (ssl->conf->f_cookie_write == NULL ||
ssl->conf->f_cookie_check == NULL) {
@@ -3856,8 +3851,7 @@
*/
rec->data_offset = rec_hdr_len_offset + rec_hdr_len_len;
- rec->data_len = ((size_t) buf[rec_hdr_len_offset + 0] << 8) |
- ((size_t) buf[rec_hdr_len_offset + 1] << 0);
+ rec->data_len = MBEDTLS_GET_UINT16_BE(buf, rec_hdr_len_offset);
MBEDTLS_SSL_DEBUG_BUF(4, "input record header", buf, rec->data_offset);
MBEDTLS_SSL_DEBUG_MSG(3, ("input record: msgtype = %u, "
@@ -3885,7 +3879,7 @@
*/
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
- rec_epoch = (rec->ctr[0] << 8) | rec->ctr[1];
+ rec_epoch = MBEDTLS_GET_UINT16_BE(rec->ctr, 0);
/* Check that the datagram is large enough to contain a record
* of the advertised length. */
@@ -3935,7 +3929,7 @@
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_check_client_reconnect(mbedtls_ssl_context *ssl)
{
- unsigned int rec_epoch = (ssl->in_ctr[0] << 8) | ssl->in_ctr[1];
+ unsigned int rec_epoch = MBEDTLS_GET_UINT16_BE(ssl->in_ctr, 0);
/*
* Check for an epoch 0 ClientHello. We can't use in_msg here to
@@ -4257,9 +4251,7 @@
hs_buf = &hs->buffering.hs[0];
if ((hs_buf->is_valid == 1) && (hs_buf->is_complete == 1)) {
/* Synthesize a record containing the buffered HS message. */
- size_t msg_len = (hs_buf->data[1] << 16) |
- (hs_buf->data[2] << 8) |
- hs_buf->data[3];
+ size_t msg_len = MBEDTLS_GET_UINT24_BE(hs_buf->data, 1);
/* Double-check that we haven't accidentally buffered
* a message that doesn't fit into the input buffer. */
@@ -4356,7 +4348,7 @@
case MBEDTLS_SSL_MSG_HANDSHAKE:
{
unsigned recv_msg_seq_offset;
- unsigned recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5];
+ unsigned recv_msg_seq = MBEDTLS_GET_UINT16_BE(ssl->in_msg, 4);
mbedtls_ssl_hs_buffer *hs_buf;
size_t msg_len = ssl->in_hslen - 12;
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 61c87be..cd730fb 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -341,7 +341,7 @@
/* Dump session state */
if ((ret = mbedtls_ssl_session_save(session,
- state, end - state,
+ state, (size_t) (end - state),
&clear_len)) != 0 ||
(unsigned long) clear_len > 65535) {
goto cleanup;
@@ -364,7 +364,7 @@
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
state, clear_len,
- state, end - state, &ciph_len,
+ state, (size_t) (end - state), &ciph_len,
TICKET_AUTH_TAG_BYTES)) != 0) {
goto cleanup;
}
@@ -444,7 +444,7 @@
goto cleanup;
}
- enc_len = (enc_len_p[0] << 8) | enc_len_p[1];
+ enc_len = MBEDTLS_GET_UINT16_BE(enc_len_p, 0);
if (len != TICKET_MIN_LEN + enc_len) {
ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
@@ -510,7 +510,8 @@
}
#endif
- mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000;
+ mbedtls_ms_time_t ticket_lifetime =
+ (mbedtls_ms_time_t) ctx->ticket_lifetime * 1000;
if (ticket_age < 0 || ticket_age > ticket_lifetime) {
ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 511e436..8c1e372 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -306,7 +306,7 @@
{
unsigned char *resized_buffer = mbedtls_calloc(1, len_new);
if (resized_buffer == NULL) {
- return -1;
+ return MBEDTLS_ERR_SSL_ALLOC_FAILED;
}
/* We want to copy len_new bytes when downsizing the buffer, and
@@ -1342,7 +1342,7 @@
* bad config.
*
*/
- if (mbedtls_ssl_conf_tls13_ephemeral_enabled(
+ if (mbedtls_ssl_conf_tls13_is_ephemeral_enabled(
(mbedtls_ssl_context *) ssl) &&
ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
ssl->conf->max_tls_version == MBEDTLS_SSL_VERSION_TLS1_3 &&
@@ -2455,6 +2455,7 @@
* uint8 ticket_flags;
* opaque resumption_key<0..255>;
* uint32 max_early_data_size;
+ * uint16 record_size_limit;
* select ( endpoint ) {
* case client: ClientOnlyData;
* case server: uint64 ticket_creation_time;
@@ -2490,6 +2491,9 @@
#if defined(MBEDTLS_SSL_EARLY_DATA)
needed += 4; /* max_early_data_size */
#endif
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ needed += 2; /* record_size_limit */
+#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
#if defined(MBEDTLS_HAVE_TIME)
needed += 8; /* ticket_creation_time or ticket_reception_time */
@@ -2534,6 +2538,10 @@
MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 0);
p += 4;
#endif
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ MBEDTLS_PUT_UINT16_BE(session->record_size_limit, p, 0);
+ p += 2;
+#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
@@ -2610,6 +2618,13 @@
session->max_early_data_size = MBEDTLS_GET_UINT32_BE(p, 0);
p += 4;
#endif
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ if (end - p < 2) {
+ return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+ }
+ session->record_size_limit = MBEDTLS_GET_UINT16_BE(p, 0);
+ p += 2;
+#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
@@ -2623,8 +2638,7 @@
#if defined(MBEDTLS_SSL_CLI_C)
if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) {
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
- defined(MBEDTLS_SSL_SESSION_TICKETS)
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
size_t hostname_len;
/* load host name */
if (end - p < 2) {
@@ -2644,8 +2658,7 @@
memcpy(session->hostname, p, hostname_len);
p += hostname_len;
}
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION &&
- MBEDTLS_SSL_SESSION_TICKETS */
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#if defined(MBEDTLS_HAVE_TIME)
if (end - p < 8) {
@@ -3374,6 +3387,31 @@
}
}
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+
+size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl)
+{
+ const size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
+ size_t record_size_limit = max_len;
+
+ if (ssl->session != NULL &&
+ ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN &&
+ ssl->session->record_size_limit < max_len) {
+ record_size_limit = ssl->session->record_size_limit;
+ }
+
+ // TODO: this is currently untested
+ /* During a handshake, use the value being negotiated */
+ if (ssl->session_negotiate != NULL &&
+ ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN &&
+ ssl->session_negotiate->record_size_limit < max_len) {
+ record_size_limit = ssl->session_negotiate->record_size_limit;
+ }
+
+ return record_size_limit;
+}
+#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
+
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl)
{
@@ -3460,6 +3498,7 @@
size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \
+ !defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) && \
!defined(MBEDTLS_SSL_PROTO_DTLS)
(void) ssl;
#endif
@@ -3472,6 +3511,30 @@
}
#endif
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ const size_t record_size_limit = mbedtls_ssl_get_output_record_size_limit(ssl);
+
+ if (max_len > record_size_limit) {
+ max_len = record_size_limit;
+ }
+#endif
+
+ if (ssl->transform_out != NULL &&
+ ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
+ /*
+ * In TLS 1.3 case, when records are protected, `max_len` as computed
+ * above is the maximum length of the TLSInnerPlaintext structure that
+ * along the plaintext payload contains the inner content type (one byte)
+ * and some zero padding. Given the algorithm used for padding
+ * in mbedtls_ssl_encrypt_buf(), compute the maximum length for
+ * the plaintext payload. Round down to a multiple of
+ * MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY and
+ * subtract 1.
+ */
+ max_len = ((max_len / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) *
+ MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1;
+ }
+
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (mbedtls_ssl_get_current_mtu(ssl) != 0) {
const size_t mtu = mbedtls_ssl_get_current_mtu(ssl);
@@ -3494,7 +3557,8 @@
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \
- !defined(MBEDTLS_SSL_PROTO_DTLS)
+ !defined(MBEDTLS_SSL_PROTO_DTLS) && \
+ !defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
((void) ssl);
#endif
@@ -3808,7 +3872,7 @@
session->tls_version = (mbedtls_ssl_protocol_version) (0x0300 | *p++);
/* Dispatch according to TLS version. */
- remaining_len = (end - p);
+ remaining_len = (size_t) (end - p);
switch (session->tls_version) {
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
case MBEDTLS_SSL_VERSION_TLS1_2:
@@ -4519,7 +4583,7 @@
}
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
- used += 2 + ssl->transform->in_cid_len + ssl->transform->out_cid_len;
+ used += 2U + ssl->transform->in_cid_len + ssl->transform->out_cid_len;
if (used <= buf_len) {
*p++ = ssl->transform->in_cid_len;
memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len);
@@ -4800,7 +4864,7 @@
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
- ssl->mtu = (p[0] << 8) | p[1];
+ ssl->mtu = MBEDTLS_GET_UINT16_BE(p, 0);
p += 2;
#endif /* MBEDTLS_SSL_PROTO_DTLS */
@@ -5731,7 +5795,7 @@
uint32_t *flags)
{
int ret = 0;
- int usage = 0;
+ unsigned int usage = 0;
const char *ext_oid;
size_t ext_len;
@@ -6834,7 +6898,7 @@
/* Write length only when we know the actual value */
if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,
- p + 2, end - (p + 2), &len,
+ p + 2, (size_t) (end - (p + 2)), &len,
ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret);
return ret;
@@ -6851,7 +6915,7 @@
size_t zlen;
if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen,
- p + 2, end - (p + 2),
+ p + 2, (size_t) (end - (p + 2)),
ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret);
return ret;
@@ -6884,7 +6948,7 @@
memcpy(p, psk, psk_len);
p += psk_len;
- ssl->handshake->pmslen = p - ssl->handshake->premaster;
+ ssl->handshake->pmslen = (size_t) (p - ssl->handshake->premaster);
return 0;
}
@@ -7142,7 +7206,7 @@
/*
* Same message structure as in mbedtls_ssl_write_certificate()
*/
- n = (ssl->in_msg[i+1] << 8) | ssl->in_msg[i+2];
+ n = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i + 1);
if (ssl->in_msg[i] != 0 ||
ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len(ssl)) {
@@ -7176,8 +7240,7 @@
}
/* Read length of the next CRT in the chain. */
- n = ((unsigned int) ssl->in_msg[i + 1] << 8)
- | (unsigned int) ssl->in_msg[i + 2];
+ n = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i + 1);
i += 3;
if (n < 128 || i + n > ssl->in_hslen) {
@@ -7408,7 +7471,7 @@
/* and in the unlikely case the above assumption no longer holds
* we are making sure that pk_ec() here does not return a NULL
*/
- mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(pk);
+ mbedtls_ecp_group_id grp_id = mbedtls_pk_get_ec_group_id(pk);
if (grp_id == MBEDTLS_ECP_DP_NONE) {
MBEDTLS_SSL_DEBUG_MSG(1, ("invalid group ID"));
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@@ -7705,7 +7768,7 @@
unsigned char *padbuf, size_t hlen,
unsigned char *buf, int from)
{
- int len = 12;
+ unsigned int len = 12;
const char *sender;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status;
@@ -7905,7 +7968,8 @@
int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl)
{
- int ret, hash_len;
+ int ret;
+ unsigned int hash_len;
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write finished"));
@@ -8203,14 +8267,6 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
#endif
-#if !defined(MBEDTLS_DEBUG_C) && \
- !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
- if (ssl->f_export_keys == NULL) {
- ssl = NULL; /* make sure we don't use it except for these cases */
- (void) ssl;
- }
-#endif
-
/*
* Some data just needs copying into the structure
*/
@@ -8482,7 +8538,7 @@
goto end;
}
- if (ssl != NULL && ssl->f_export_keys != NULL) {
+ if (ssl->f_export_keys != NULL) {
ssl->f_export_keys(ssl->p_export_keys,
MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET,
master, 48,
@@ -9077,7 +9133,7 @@
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
- session->ciphersuite = (p[0] << 8) | p[1];
+ session->ciphersuite = MBEDTLS_GET_UINT16_BE(p, 0);
p += 2;
session->id_len = *p++;
@@ -9113,7 +9169,7 @@
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
- cert_len = (p[0] << 16) | (p[1] << 8) | p[2];
+ cert_len = MBEDTLS_GET_UINT24_BE(p, 0);
p += 3;
if (cert_len != 0) {
@@ -9185,7 +9241,7 @@
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
- session->ticket_len = (p[0] << 16) | (p[1] << 8) | p[2];
+ session->ticket_len = MBEDTLS_GET_UINT24_BE(p, 0);
p += 3;
if (session->ticket_len != 0) {
@@ -9367,7 +9423,7 @@
}
/* Length of supported_signature_algorithms */
- supported_sig_alg_len = p - supported_sig_alg;
+ supported_sig_alg_len = (size_t) (p - supported_sig_alg);
if (supported_sig_alg_len == 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("No signature algorithms defined."));
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@@ -9377,7 +9433,7 @@
MBEDTLS_PUT_UINT16_BE(supported_sig_alg_len + 2, buf, 2);
MBEDTLS_PUT_UINT16_BE(supported_sig_alg_len, buf, 4);
- *out_len = p - buf;
+ *out_len = (size_t) (p - buf);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_SIG_ALG);
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 9aa46bd..0c5af87 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -607,7 +607,7 @@
p += ext_len;
#endif
- *out_len = p - buf;
+ *out_len = (size_t) (p - buf);
return 0;
}
@@ -941,7 +941,7 @@
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- list_len = (buf[0] << 8) | buf[1];
+ list_len = MBEDTLS_GET_UINT16_BE(buf, 0);
if (list_len != len - 2) {
mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
@@ -1304,8 +1304,7 @@
}
if (ssl->in_hslen > mbedtls_ssl_hs_hdr_len(ssl) + 39 + n) {
- ext_len = ((buf[38 + n] << 8)
- | (buf[39 + n]));
+ ext_len = MBEDTLS_GET_UINT16_BE(buf, 38 + n);
if ((ext_len > 0 && ext_len < 4) ||
ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 40 + n + ext_len) {
@@ -1326,7 +1325,7 @@
}
/* ciphersuite (used later) */
- i = (buf[35 + n] << 8) | buf[36 + n];
+ i = (int) MBEDTLS_GET_UINT16_BE(buf, n + 35);
/*
* Read and check compression
@@ -1447,10 +1446,8 @@
ext_len));
while (ext_len) {
- unsigned int ext_id = ((ext[0] << 8)
- | (ext[1]));
- unsigned int ext_size = ((ext[2] << 8)
- | (ext[3]));
+ unsigned int ext_id = MBEDTLS_GET_UINT16_BE(ext, 0);
+ unsigned int ext_size = MBEDTLS_GET_UINT16_BE(ext, 2);
if (ext_size + 4 > ext_len) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
@@ -1741,9 +1738,8 @@
}
/* Next two bytes are the namedcurve value */
- tls_id = *(*p)++;
- tls_id <<= 8;
- tls_id |= *(*p)++;
+ tls_id = MBEDTLS_GET_UINT16_BE(*p, 0);
+ *p += 2;
/* Check it's a curve we offered */
if (mbedtls_ssl_check_curve_tls_id(ssl, tls_id) != 0) {
@@ -1883,7 +1879,7 @@
("bad server key exchange message (psk_identity_hint length)"));
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- len = (*p)[0] << 8 | (*p)[1];
+ len = MBEDTLS_GET_UINT16_BE(*p, 0);
*p += 2;
if (end - (*p) < len) {
@@ -2016,7 +2012,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
uint16_t tls_id = 0;
psa_key_type_t key_type = PSA_KEY_TYPE_NONE;
- mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(peer_pk);
+ mbedtls_ecp_group_id grp_id = mbedtls_pk_get_ec_group_id(peer_pk);
if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad server certificate (ECDH curve)"));
@@ -2174,7 +2170,7 @@
#endif
p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
end = ssl->in_msg + ssl->in_hslen;
- MBEDTLS_SSL_DEBUG_BUF(3, "server key exchange", p, end - p);
+ MBEDTLS_SSL_DEBUG_BUF(3, "server key exchange", p, (size_t) (end - p));
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
@@ -2299,7 +2295,7 @@
mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
- size_t params_len = p - params;
+ size_t params_len = (size_t) (p - params);
void *rs_ctx = NULL;
uint16_t sig_alg;
@@ -2357,7 +2353,7 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- sig_len = (p[0] << 8) | p[1];
+ sig_len = MBEDTLS_GET_UINT16_BE(p, 0);
p += 2;
if (p != end - sig_len) {
@@ -2585,8 +2581,7 @@
}
/* supported_signature_algorithms */
- sig_alg_len = ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] << 8)
- | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n]));
+ sig_alg_len = MBEDTLS_GET_UINT16_BE(buf, mbedtls_ssl_hs_hdr_len(ssl) + 1 + n);
/*
* The furthest access in buf is in the loop few lines below:
@@ -2621,8 +2616,7 @@
n += 2 + sig_alg_len;
/* certificate_authorities */
- dn_len = ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] << 8)
- | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n]));
+ dn_len = MBEDTLS_GET_UINT16_BE(buf, mbedtls_ssl_hs_hdr_len(ssl) + 1 + n);
n += dn_len;
if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 3 + n) {
@@ -3252,9 +3246,9 @@
size_t hashlen;
void *rs_ctx = NULL;
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
- size_t out_buf_len = ssl->out_buf_len - (ssl->out_msg - ssl->out_buf);
+ size_t out_buf_len = ssl->out_buf_len - (size_t) (ssl->out_msg - ssl->out_buf);
#else
- size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (ssl->out_msg - ssl->out_buf);
+ size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (size_t) (ssl->out_msg - ssl->out_buf);
#endif
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify"));
@@ -3421,10 +3415,9 @@
msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
- lifetime = (((uint32_t) msg[0]) << 24) | (msg[1] << 16) |
- (msg[2] << 8) | (msg[3]);
+ lifetime = MBEDTLS_GET_UINT32_BE(msg, 0);
- ticket_len = (msg[4] << 8) | (msg[5]);
+ ticket_len = MBEDTLS_GET_UINT16_BE(msg, 4);
if (ticket_len + 6 + mbedtls_ssl_hs_hdr_len(ssl) != ssl->in_hslen) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message"));
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index b007e5c..5a9f6ca 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -192,7 +192,7 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- list_size = ((buf[0] << 8) | (buf[1]));
+ list_size = MBEDTLS_GET_UINT16_BE(buf, 0);
if (list_size + 2 != len ||
list_size % 2 != 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
@@ -664,7 +664,7 @@
uint16_t *curves_tls_id)
{
uint16_t *curr_tls_id = curves_tls_id;
- mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(pk);
+ mbedtls_ecp_group_id grp_id = mbedtls_pk_get_ec_group_id(pk);
mbedtls_ecp_group_id curr_grp_id;
while (*curr_tls_id != 0) {
@@ -957,7 +957,7 @@
}
MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, message len.: %d",
- (ssl->in_len[0] << 8) | ssl->in_len[1]));
+ MBEDTLS_GET_UINT16_BE(ssl->in_len, 0)));
MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, protocol version: [%d:%d]",
buf[1], buf[2]));
@@ -993,7 +993,7 @@
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- msg_len = (ssl->in_len[0] << 8) | ssl->in_len[1];
+ msg_len = MBEDTLS_GET_UINT16_BE(ssl->in_len, 0);
#if defined(MBEDTLS_SSL_RENEGOTIATION)
if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
@@ -1128,11 +1128,11 @@
msg_len -= mbedtls_ssl_hs_hdr_len(ssl);
/*
- * ClientHello layer:
+ * ClientHello layout:
* 0 . 1 protocol version
* 2 . 33 random bytes (starting with 4 bytes of Unix time)
- * 34 . 35 session id length (1 byte)
- * 35 . 34+x session id
+ * 34 . 34 session id length (1 byte)
+ * 35 . 34+x session id, where x = session id length from byte 34
* 35+x . 35+x DTLS only: cookie length (1 byte)
* 36+x . .. DTLS only: cookie
* .. . .. ciphersuite list length (2 bytes)
@@ -1251,8 +1251,7 @@
#endif /* MBEDTLS_SSL_PROTO_DTLS */
ciph_offset = 35 + sess_len;
- ciph_len = (buf[ciph_offset + 0] << 8)
- | (buf[ciph_offset + 1]);
+ ciph_len = MBEDTLS_GET_UINT16_BE(buf, ciph_offset);
if (ciph_len < 2 ||
ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */
@@ -1300,8 +1299,7 @@
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- ext_len = (buf[ext_offset + 0] << 8)
- | (buf[ext_offset + 1]);
+ ext_len = MBEDTLS_GET_UINT16_BE(buf, ext_offset);
if (msg_len != ext_offset + 2 + ext_len) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
@@ -1325,8 +1323,8 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- ext_id = ((ext[0] << 8) | (ext[1]));
- ext_size = ((ext[2] << 8) | (ext[3]));
+ ext_id = MBEDTLS_GET_UINT16_BE(ext, 0);
+ ext_size = MBEDTLS_GET_UINT16_BE(ext, 2);
if (ext_size + 4 > ext_len) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
@@ -1858,7 +1856,7 @@
*p++ = 0x00;
}
- *olen = p - buf;
+ *olen = (size_t) (p - buf);
}
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@@ -1950,7 +1948,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = mbedtls_psa_ecjpake_write_round(&ssl->handshake->psa_pake_ctx,
- p + 2, end - p - 2, &kkpp_len,
+ p + 2, (size_t) (end - p - 2), &kkpp_len,
MBEDTLS_ECJPAKE_ROUND_ONE);
if (ret != 0) {
psa_destroy_key(ssl->handshake->psa_pake_password);
@@ -1960,7 +1958,7 @@
}
#else
ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx,
- p + 2, end - p - 2, &kkpp_len,
+ p + 2, (size_t) (end - p - 2), &kkpp_len,
ssl->conf->f_rng, ssl->conf->p_rng);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_one", ret);
@@ -2081,7 +2079,7 @@
MBEDTLS_SSL_DEBUG_BUF(3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte);
- ssl->out_msglen = p - ssl->out_msg;
+ ssl->out_msglen = (size_t) (p - ssl->out_msg);
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST;
@@ -2386,7 +2384,7 @@
p += 2 + ext_len;
}
- ssl->out_msglen = p - buf;
+ ssl->out_msglen = (size_t) (p - buf);
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO;
@@ -2570,12 +2568,12 @@
MBEDTLS_SSL_DEBUG_BUF(3, "requested DN", p - dn_size, dn_size);
- total_dn_size += 2 + dn_size;
+ total_dn_size += (unsigned short) (2 + dn_size);
crt = crt->next;
}
}
- ssl->out_msglen = p - buf;
+ ssl->out_msglen = (size_t) (p - buf);
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST;
MBEDTLS_PUT_UINT16_BE(total_dn_size, ssl->out_msg, 4 + ct_len + sa_len);
@@ -2599,12 +2597,12 @@
mbedtls_pk_context *pk;
mbedtls_pk_type_t pk_type;
psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ unsigned char buf[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)];
+ size_t key_len;
#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
uint16_t tls_id = 0;
psa_key_type_t key_type = PSA_KEY_TYPE_NONE;
- size_t key_len;
mbedtls_ecp_group_id grp_id;
- unsigned char buf[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)];
mbedtls_ecp_keypair *key;
#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
@@ -2627,22 +2625,51 @@
return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
}
- ssl->handshake->xxdh_psa_privkey = pk->priv_id;
-
- /* Key should not be destroyed in the TLS library */
- ssl->handshake->xxdh_psa_privkey_is_external = 1;
-
- status = psa_get_key_attributes(ssl->handshake->xxdh_psa_privkey,
- &key_attributes);
+ /* Get the attributes of the key previously parsed by PK module in
+ * order to extract its type and length (in bits). */
+ status = psa_get_key_attributes(pk->priv_id, &key_attributes);
if (status != PSA_SUCCESS) {
- ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
- return PSA_TO_MBEDTLS_ERR(status);
+ ret = PSA_TO_MBEDTLS_ERR(status);
+ goto exit;
}
-
ssl->handshake->xxdh_psa_type = psa_get_key_type(&key_attributes);
ssl->handshake->xxdh_psa_bits = psa_get_key_bits(&key_attributes);
- psa_reset_key_attributes(&key_attributes);
+ if (pk_type == MBEDTLS_PK_OPAQUE) {
+ /* Opaque key is created by the user (externally from Mbed TLS)
+ * so we assume it already has the right algorithm and flags
+ * set. Just copy its ID as reference. */
+ ssl->handshake->xxdh_psa_privkey = pk->priv_id;
+ ssl->handshake->xxdh_psa_privkey_is_external = 1;
+ } else {
+ /* PK_ECKEY[_DH] and PK_ECDSA instead as parsed from the PK
+ * module and only have ECDSA capabilities. Since we need
+ * them for ECDH later, we export and then re-import them with
+ * proper flags and algorithm. Of course We also set key's type
+ * and bits that we just got above. */
+ key_attributes = psa_key_attributes_init();
+ psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
+ psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH);
+ psa_set_key_type(&key_attributes,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type));
+ psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_psa_bits);
+
+ status = psa_export_key(pk->priv_id, buf, sizeof(buf), &key_len);
+ if (status != PSA_SUCCESS) {
+ ret = PSA_TO_MBEDTLS_ERR(status);
+ goto exit;
+ }
+ status = psa_import_key(&key_attributes, buf, key_len,
+ &ssl->handshake->xxdh_psa_privkey);
+ if (status != PSA_SUCCESS) {
+ ret = PSA_TO_MBEDTLS_ERR(status);
+ goto exit;
+ }
+
+ /* Set this key as owned by the TLS library: it will be its duty
+ * to clear it exit. */
+ ssl->handshake->xxdh_psa_privkey_is_external = 0;
+ }
ret = 0;
break;
@@ -2651,7 +2678,7 @@
case MBEDTLS_PK_ECKEY_DH:
case MBEDTLS_PK_ECDSA:
key = mbedtls_pk_ec_rw(*pk);
- grp_id = mbedtls_pk_get_group_id(pk);
+ grp_id = mbedtls_pk_get_ec_group_id(pk);
if (grp_id == MBEDTLS_ECP_DP_NONE) {
return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
}
@@ -2698,6 +2725,10 @@
ret = MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
}
+exit:
+ psa_reset_key_attributes(&key_attributes);
+ mbedtls_platform_zeroize(buf, sizeof(buf));
+
return ret;
}
#else /* MBEDTLS_USE_PSA_CRYPTO */
@@ -2779,9 +2810,9 @@
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
- size_t out_buf_len = ssl->out_buf_len - (ssl->out_msg - ssl->out_buf);
+ size_t out_buf_len = ssl->out_buf_len - (size_t) (ssl->out_msg - ssl->out_buf);
#else
- size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (ssl->out_msg - ssl->out_buf);
+ size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (size_t) (ssl->out_msg - ssl->out_buf);
#endif
#endif
@@ -3086,7 +3117,7 @@
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
- size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed;
+ size_t dig_signed_len = (size_t) (ssl->out_msg + ssl->out_msglen - dig_signed);
size_t hashlen = 0;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
@@ -3101,8 +3132,8 @@
mbedtls_pk_type_t sig_alg =
mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info);
- unsigned int sig_hash =
- mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg(
+ unsigned char sig_hash =
+ (unsigned char) mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg(
ssl, mbedtls_ssl_sig_from_pk_alg(sig_alg));
mbedtls_md_type_t md_alg = mbedtls_ssl_md_alg_from_hash(sig_hash);
@@ -3360,7 +3391,7 @@
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- n = ((*p)[0] << 8) | (*p)[1];
+ n = MBEDTLS_GET_UINT16_BE(*p, 0);
*p += 2;
if (*p + n > end) {
@@ -3593,7 +3624,7 @@
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- n = ((*p)[0] << 8) | (*p)[1];
+ n = MBEDTLS_GET_UINT16_BE(*p, 0);
*p += 2;
if (n == 0 || n > end - *p) {
@@ -3763,7 +3794,7 @@
handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
#else
if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx,
- p, end - p)) != 0) {
+ p, (size_t) (end - p))) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret);
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
@@ -3976,7 +4007,7 @@
}
if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx,
- p, end - p)) != 0) {
+ p, (size_t) (end - p))) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret);
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
@@ -4005,7 +4036,7 @@
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if ((ret = mbedtls_psa_ecjpake_read_round(
- &ssl->handshake->psa_pake_ctx, p, end - p,
+ &ssl->handshake->psa_pake_ctx, p, (size_t) (end - p),
MBEDTLS_ECJPAKE_ROUND_TWO)) != 0) {
psa_destroy_key(ssl->handshake->psa_pake_password);
psa_pake_abort(&ssl->handshake->psa_pake_ctx);
@@ -4015,7 +4046,7 @@
}
#else
ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx,
- p, end - p);
+ p, (size_t) (end - p));
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret);
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@@ -4189,7 +4220,7 @@
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
- sig_len = (ssl->in_msg[i] << 8) | ssl->in_msg[i+1];
+ sig_len = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i);
i += 2;
if (i + sig_len != ssl->in_hslen) {
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 44814b9..5c668bd 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -621,7 +621,7 @@
/* Skip writing extension if no PSK key exchange mode
* is enabled in the config.
*/
- if (!mbedtls_ssl_conf_tls13_some_psk_enabled(ssl)) {
+ if (!mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) {
MBEDTLS_SSL_DEBUG_MSG(3, ("skip psk_key_exchange_modes extension"));
return 0;
}
@@ -640,14 +640,14 @@
*/
p += 5;
- if (mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl)) {
+ if (mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl)) {
*p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_ECDHE;
ke_modes_len++;
MBEDTLS_SSL_DEBUG_MSG(4, ("Adding PSK-ECDHE key exchange mode"));
}
- if (mbedtls_ssl_conf_tls13_psk_enabled(ssl)) {
+ if (mbedtls_ssl_conf_tls13_is_psk_enabled(ssl)) {
*p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_PURE;
ke_modes_len++;
@@ -684,8 +684,8 @@
mbedtls_ssl_session *session = ssl->session_negotiate;
return ssl->handshake->resume &&
session != NULL && session->ticket != NULL &&
- mbedtls_ssl_conf_tls13_check_kex_modes(
- ssl, mbedtls_ssl_session_get_ticket_flags(
+ mbedtls_ssl_conf_tls13_is_kex_mode_enabled(
+ ssl, mbedtls_ssl_tls13_session_get_ticket_flags(
session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL));
}
@@ -695,10 +695,8 @@
mbedtls_ssl_session *session = ssl->session_negotiate;
return ssl->handshake->resume &&
session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 &&
- (session->ticket_flags &
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) &&
- mbedtls_ssl_tls13_cipher_suite_is_offered(
- ssl, session->ciphersuite);
+ mbedtls_ssl_tls13_session_ticket_allow_early_data(session) &&
+ mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite);
}
#endif
@@ -1162,8 +1160,17 @@
}
p += ext_len;
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ ret = mbedtls_ssl_tls13_write_record_size_limit_ext(
+ ssl, p, end, &ext_len);
+ if (ret != 0) {
+ return ret;
+ }
+ p += ext_len;
+#endif
+
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
- if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
+ if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len);
if (ret != 0) {
return ret;
@@ -1173,10 +1180,12 @@
#endif
#if defined(MBEDTLS_SSL_EARLY_DATA)
- if (mbedtls_ssl_conf_tls13_some_psk_enabled(ssl) &&
+ if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) &&
ssl_tls13_early_data_has_valid_ticket(ssl) &&
ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) {
- ret = mbedtls_ssl_tls13_write_early_data_ext(ssl, p, end, &ext_len);
+
+ ret = mbedtls_ssl_tls13_write_early_data_ext(
+ ssl, 0, p, end, &ext_len);
if (ret != 0) {
return ret;
}
@@ -1457,7 +1466,7 @@
ssl, MBEDTLS_SSL_HS_SERVER_HELLO,
buf, (size_t) (end - buf)));
- if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
+ if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
ret = ssl_tls13_reset_key_share(ssl);
if (ret != 0) {
return ret;
@@ -1499,7 +1508,7 @@
* in the ClientHello.
* In a PSK only key exchange that what we expect.
*/
- if (!mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
+ if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
MBEDTLS_SSL_DEBUG_MSG(1,
("Unexpected HRR in pure PSK key exchange."));
MBEDTLS_SSL_PEND_FATAL_ALERT(
@@ -1776,7 +1785,7 @@
case MBEDTLS_TLS_EXT_KEY_SHARE:
MBEDTLS_SSL_DEBUG_MSG(3, ("found key_shares extension"));
- if (!mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
+ if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
fatal_alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT;
goto cleanup;
}
@@ -1879,7 +1888,7 @@
goto cleanup;
}
- if (!mbedtls_ssl_conf_tls13_check_kex_modes(
+ if (!mbedtls_ssl_conf_tls13_is_kex_mode_enabled(
ssl, handshake->key_exchange_mode)) {
ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
MBEDTLS_SSL_DEBUG_MSG(
@@ -1925,7 +1934,6 @@
mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake);
MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic"));
- ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id;
ssl->session_in = ssl->session_negotiate;
cleanup:
@@ -2114,12 +2122,11 @@
ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(
ssl, p, p + extension_data_len);
-
- /* TODO: Return unconditionally here until we handle the record
- * size limit correctly. Once handled correctly, only return in
- * case of errors. */
- return ret;
-
+ if (ret != 0) {
+ MBEDTLS_SSL_DEBUG_RET(
+ 1, ("mbedtls_ssl_tls13_parse_record_size_limit_ext"), ret);
+ return ret;
+ }
break;
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
@@ -2133,6 +2140,17 @@
p += extension_data_len;
}
+ if ((handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) &&
+ (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(MAX_FRAGMENT_LENGTH))) {
+ MBEDTLS_SSL_DEBUG_MSG(3,
+ (
+ "Record size limit extension cannot be used with max fragment length extension"));
+ MBEDTLS_SSL_PEND_FATAL_ALERT(
+ MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
+ MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);
+ return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
+ }
+
MBEDTLS_SSL_PRINT_EXTS(3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
handshake->received_extensions);
@@ -2153,9 +2171,7 @@
int ret;
unsigned char *buf;
size_t buf_len;
-#if defined(MBEDTLS_SSL_EARLY_DATA)
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
-#endif
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse encrypted extensions"));
@@ -2185,11 +2201,19 @@
* - The selected cipher suite
* - The selected ALPN [RFC7301] protocol, if any
*
- * We check here that when early data is involved the server
- * selected the cipher suite associated to the pre-shared key
- * as it must have.
+ * The server has sent an early data extension in its Encrypted
+ * Extension message thus accepted to receive early data. We
+ * check here that the additional constraints on the handshake
+ * parameters, when early data are exchanged, are met,
+ * namely:
+ * - a PSK has been selected for the handshake
+ * - the selected PSK for the handshake was the first one proposed
+ * by the client.
+ * - the selected ciphersuite for the handshake is the ciphersuite
+ * associated with the selected PSK.
*/
- if (handshake->selected_identity != 0 ||
+ if ((!mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) ||
+ handshake->selected_identity != 0 ||
handshake->ciphersuite_info->id !=
ssl->session_negotiate->ciphersuite) {
@@ -2203,6 +2227,18 @@
}
#endif
+ /*
+ * In case the client has proposed a PSK associated with a ticket,
+ * `ssl->session_negotiate->ciphersuite` still contains at this point the
+ * identifier of the ciphersuite associated with the ticket. This is that
+ * way because, if an exchange of early data is agreed upon, we need
+ * it to check that the ciphersuite selected for the handshake is the
+ * ticket ciphersuite (see above). This information is not needed
+ * anymore thus we can now set it to the identifier of the ciphersuite
+ * used in this session under negotiation.
+ */
+ ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id;
+
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
buf, buf_len));
@@ -2647,6 +2683,37 @@
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+/* From RFC 8446 section 4.2.10
+ *
+ * struct {
+ * select (Handshake.msg_type) {
+ * case new_session_ticket: uint32 max_early_data_size;
+ * ...
+ * };
+ * } EarlyDataIndication;
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_tls13_parse_new_session_ticket_early_data_ext(
+ mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ const unsigned char *end)
+{
+ mbedtls_ssl_session *session = ssl->session;
+
+ MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4);
+
+ session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0);
+ mbedtls_ssl_tls13_session_set_ticket_flags(
+ session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
+ MBEDTLS_SSL_DEBUG_MSG(
+ 3, ("received max_early_data_size: %u",
+ (unsigned int) session->max_early_data_size));
+
+ return 0;
+}
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl,
const unsigned char *buf,
@@ -2680,15 +2747,12 @@
switch (extension_type) {
#if defined(MBEDTLS_SSL_EARLY_DATA)
case MBEDTLS_TLS_EXT_EARLY_DATA:
- if (extension_data_len != 4) {
- MBEDTLS_SSL_PEND_FATAL_ALERT(
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
- MBEDTLS_ERR_SSL_DECODE_ERROR);
- return MBEDTLS_ERR_SSL_DECODE_ERROR;
- }
- if (ssl->session != NULL) {
- ssl->session->ticket_flags |=
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA;
+ ret = ssl_tls13_parse_new_session_ticket_early_data_ext(
+ ssl, p, p + extension_data_len);
+ if (ret != 0) {
+ MBEDTLS_SSL_DEBUG_RET(
+ 1, "ssl_tls13_parse_new_session_ticket_early_data_ext",
+ ret);
}
break;
#endif /* MBEDTLS_SSL_EARLY_DATA */
@@ -2791,7 +2855,7 @@
session->ticket_len = ticket_len;
/* Clear all flags in ticket_flags */
- mbedtls_ssl_session_clear_ticket_flags(
+ mbedtls_ssl_tls13_session_clear_ticket_flags(
session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2);
@@ -2878,7 +2942,7 @@
session->resumption_key_len);
/* Set ticket_flags depends on the selected key exchange modes */
- mbedtls_ssl_session_set_ticket_flags(
+ mbedtls_ssl_tls13_session_set_ticket_flags(
session, ssl->conf->tls13_kex_modes);
MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags);
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index cc77a94..47fa65c 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -1402,7 +1402,7 @@
*
* struct {
* select ( Handshake.msg_type ) {
- * ...
+ * case new_session_ticket: uint32 max_early_data_size;
* case client_hello: Empty;
* case encrypted_extensions: Empty;
* };
@@ -1410,20 +1410,37 @@
*/
#if defined(MBEDTLS_SSL_EARLY_DATA)
int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl,
+ int in_new_session_ticket,
unsigned char *buf,
const unsigned char *end,
size_t *out_len)
{
unsigned char *p = buf;
- *out_len = 0;
- ((void) ssl);
- MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4);
+#if defined(MBEDTLS_SSL_SRV_C)
+ const size_t needed = in_new_session_ticket ? 8 : 4;
+#else
+ const size_t needed = 4;
+ ((void) in_new_session_ticket);
+#endif
+
+ *out_len = 0;
+
+ MBEDTLS_SSL_CHK_BUF_PTR(p, end, needed);
MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EARLY_DATA, p, 0);
- MBEDTLS_PUT_UINT16_BE(0, p, 2);
+ MBEDTLS_PUT_UINT16_BE(needed - 4, p, 2);
- *out_len = 4;
+#if defined(MBEDTLS_SSL_SRV_C)
+ if (in_new_session_ticket) {
+ MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4);
+ MBEDTLS_SSL_DEBUG_MSG(
+ 4, ("Sent max_early_data_size=%u",
+ (unsigned int) ssl->conf->max_early_data_size));
+ }
+#endif
+
+ *out_len = needed;
mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_EARLY_DATA);
@@ -1681,6 +1698,7 @@
}
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+
/* RFC 8449, section 4:
*
* The ExtensionData of the "record_size_limit" extension is
@@ -1714,27 +1732,56 @@
MBEDTLS_SSL_DEBUG_MSG(2, ("RecordSizeLimit: %u Bytes", record_size_limit));
- /* RFC 8449, section 4
+ /* RFC 8449, section 4:
*
* Endpoints MUST NOT send a "record_size_limit" extension with a value
* smaller than 64. An endpoint MUST treat receipt of a smaller value
* as a fatal error and generate an "illegal_parameter" alert.
*/
if (record_size_limit < MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN) {
+ MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid record size limit : %u Bytes",
+ record_size_limit));
MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
}
- MBEDTLS_SSL_DEBUG_MSG(
- 2, ("record_size_limit extension is still in development. Aborting handshake."));
+ ssl->session_negotiate->record_size_limit = record_size_limit;
- MBEDTLS_SSL_PEND_FATAL_ALERT(
- MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT,
- MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION);
- return MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION;
+ return 0;
}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl,
+ unsigned char *buf,
+ const unsigned char *end,
+ size_t *out_len)
+{
+ unsigned char *p = buf;
+ *out_len = 0;
+
+ MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_IN_CONTENT_LEN >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN,
+ "MBEDTLS_SSL_IN_CONTENT_LEN is less than the "
+ "minimum record size limit");
+
+ MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6);
+
+ MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT, p, 0);
+ MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH,
+ p, 2);
+ MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_IN_CONTENT_LEN, p, 4);
+
+ *out_len = 6;
+
+ MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %d Bytes",
+ MBEDTLS_SSL_IN_CONTENT_LEN));
+
+ mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT);
+
+ return 0;
+}
+
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
#endif /* MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_PROTO_TLS1_3 */
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index a6a2915..9b775ec 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -1140,8 +1140,8 @@
size_t hash_len;
unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE];
size_t transcript_len;
- size_t key_len;
- size_t iv_len;
+ size_t key_len = 0;
+ size_t iv_len = 0;
mbedtls_ssl_tls13_early_secrets tls13_early_secrets;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
@@ -1341,8 +1341,8 @@
size_t hash_len;
unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE];
size_t transcript_len;
- size_t key_len;
- size_t iv_len;
+ size_t key_len = 0;
+ size_t iv_len = 0;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
@@ -1592,7 +1592,7 @@
size_t hash_len;
/* Variables relating to the cipher for the chosen ciphersuite. */
- size_t key_len, iv_len;
+ size_t key_len = 0, iv_len = 0;
MBEDTLS_SSL_DEBUG_MSG(2, ("=> derive application traffic keys"));
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index d983a00..6e2866a 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -95,9 +95,9 @@
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl);
+static int ssl_tls13_key_exchange_is_psk_available(mbedtls_ssl_context *ssl);
MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl);
+static int ssl_tls13_key_exchange_is_psk_ephemeral_available(mbedtls_ssl_context *ssl);
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_offered_psks_check_identity_match_ticket(
@@ -175,12 +175,12 @@
MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags);
key_exchanges = 0;
- if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) &&
- ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) {
+ if (mbedtls_ssl_tls13_session_ticket_allow_psk_ephemeral(session) &&
+ ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) {
key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
}
- if (mbedtls_ssl_session_ticket_allow_psk(session) &&
- ssl_tls13_check_psk_key_exchange(ssl)) {
+ if (mbedtls_ssl_tls13_session_ticket_allow_psk(session) &&
+ ssl_tls13_key_exchange_is_psk_available(ssl)) {
key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
}
@@ -1003,12 +1003,12 @@
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_tls13_ticket_permission_check(mbedtls_ssl_context *ssl,
- unsigned int kex_mode)
+static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl,
+ unsigned int kex_mode)
{
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
if (ssl->handshake->resume) {
- if (mbedtls_ssl_session_check_ticket_flags(
+ if (!mbedtls_ssl_tls13_session_ticket_has_flags(
ssl->session_negotiate, kex_mode)) {
return 0;
}
@@ -1022,10 +1022,10 @@
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl)
+static int ssl_tls13_key_exchange_is_ephemeral_available(mbedtls_ssl_context *ssl)
{
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
- return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) &&
+ return mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl) &&
ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(ssl);
#else
((void) ssl);
@@ -1034,13 +1034,13 @@
}
MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl)
+static int ssl_tls13_key_exchange_is_psk_available(mbedtls_ssl_context *ssl)
{
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED)
- return ssl_tls13_ticket_permission_check(
+ return ssl_tls13_ticket_is_kex_mode_permitted(
ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) &&
- mbedtls_ssl_conf_tls13_psk_enabled(ssl) &&
- mbedtls_ssl_tls13_psk_enabled(ssl) &&
+ mbedtls_ssl_conf_tls13_is_psk_enabled(ssl) &&
+ mbedtls_ssl_tls13_is_psk_supported(ssl) &&
ssl_tls13_client_hello_has_exts_for_psk_key_exchange(ssl);
#else
((void) ssl);
@@ -1049,13 +1049,13 @@
}
MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl)
+static int ssl_tls13_key_exchange_is_psk_ephemeral_available(mbedtls_ssl_context *ssl)
{
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
- return ssl_tls13_ticket_permission_check(
+ return ssl_tls13_ticket_is_kex_mode_permitted(
ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) &&
- mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) &&
- mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) &&
+ mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl) &&
+ mbedtls_ssl_tls13_is_psk_ephemeral_supported(ssl) &&
ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(ssl);
#else
((void) ssl);
@@ -1083,17 +1083,17 @@
ssl->handshake->key_exchange_mode =
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE;
- if (ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) {
+ if (ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) {
ssl->handshake->key_exchange_mode =
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk_ephemeral"));
} else
- if (ssl_tls13_check_ephemeral_key_exchange(ssl)) {
+ if (ssl_tls13_key_exchange_is_ephemeral_available(ssl)) {
ssl->handshake->key_exchange_mode =
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: ephemeral"));
} else
- if (ssl_tls13_check_psk_key_exchange(ssl)) {
+ if (ssl_tls13_key_exchange_is_psk_available(ssl)) {
ssl->handshake->key_exchange_mode =
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk"));
@@ -1699,14 +1699,11 @@
ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(
ssl, p, extension_data_end);
-
- /*
- * TODO: Return unconditionally here until we handle the record
- * size limit correctly.
- * Once handled correctly, only return in case of errors.
- */
- return ret;
-
+ if (ret != 0) {
+ MBEDTLS_SSL_DEBUG_RET(
+ 1, ("mbedtls_ssl_tls13_parse_record_size_limit_ext"), ret);
+ return ret;
+ }
break;
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
@@ -1737,8 +1734,8 @@
* - The content up to but excluding the PSK extension, if present.
*/
/* If we've settled on a PSK-based exchange, parse PSK identity ext */
- if (ssl_tls13_check_psk_key_exchange(ssl) ||
- ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) {
+ if (ssl_tls13_key_exchange_is_psk_available(ssl) ||
+ ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) {
ret = handshake->update_checksum(ssl, buf,
pre_shared_key_ext - buf);
if (0 != ret) {
@@ -1845,6 +1842,13 @@
}
+ if (!mbedtls_ssl_tls13_session_ticket_allow_early_data(ssl->session_negotiate)) {
+ MBEDTLS_SSL_DEBUG_MSG(
+ 1,
+ ("EarlyData: rejected, early_data not allowed in ticket "
+ "permission bits."));
+ return;
+ }
ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED;
@@ -1880,10 +1884,18 @@
#if defined(MBEDTLS_SSL_EARLY_DATA)
/* There is enough information, update early data state. */
ssl_tls13_update_early_data_status(ssl);
+
+ if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ ret = mbedtls_ssl_tls13_compute_early_transform(ssl);
+ if (ret != 0) {
+ MBEDTLS_SSL_DEBUG_RET(
+ 1, "mbedtls_ssl_tls13_compute_early_transform", ret);
+ return ret;
+ }
+ }
#endif /* MBEDTLS_SSL_EARLY_DATA */
return 0;
-
}
/*
@@ -1913,13 +1925,23 @@
* by MBEDTLS_SSL_PROC_CHK_NEG. */
/*
- * Version 1.2 of the protocol has been chosen, set the
+ * Version 1.2 of the protocol has to be used for the handshake.
+ * If TLS 1.2 is not supported, abort the handshake. Otherwise, set the
* ssl->keep_current_message flag for the ClientHello to be kept and parsed
* as a TLS 1.2 ClientHello. We also change ssl->tls_version to
* MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step()
* will dispatch to the TLS 1.2 state machine.
*/
if (SSL_CLIENT_HELLO_TLS1_2 == parse_client_hello_ret) {
+ /* Check if server supports TLS 1.2 */
+ if (!mbedtls_ssl_conf_is_tls12_enabled(ssl->conf)) {
+ MBEDTLS_SSL_DEBUG_MSG(
+ 1, ("TLS 1.2 not supported."));
+ MBEDTLS_SSL_PEND_FATAL_ALERT(
+ MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION,
+ MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION);
+ return MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION;
+ }
ssl->keep_current_message = 1;
ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
return 0;
@@ -2509,7 +2531,8 @@
#if defined(MBEDTLS_SSL_EARLY_DATA)
if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
- ret = mbedtls_ssl_tls13_write_early_data_ext(ssl, p, end, &output_len);
+ ret = mbedtls_ssl_tls13_write_early_data_ext(
+ ssl, 0, p, end, &output_len);
if (ret != 0) {
return ret;
}
@@ -2517,6 +2540,17 @@
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ if (ssl->handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) {
+ ret = mbedtls_ssl_tls13_write_record_size_limit_ext(
+ ssl, p, end, &output_len);
+ if (ret != 0) {
+ return ret;
+ }
+ p += output_len;
+ }
+#endif
+
extensions_len = (p - p_extensions_len) - 2;
MBEDTLS_PUT_UINT16_BE(extensions_len, p_extensions_len, 0);
@@ -2749,6 +2783,59 @@
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
/*
+ * RFC 8446 section A.2
+ *
+ * | Send ServerHello
+ * | K_send = handshake
+ * | Send EncryptedExtensions
+ * | [Send CertificateRequest]
+ * Can send | [Send Certificate + CertificateVerify]
+ * app data | Send Finished
+ * after --> | K_send = application
+ * here +--------+--------+
+ * No 0-RTT | | 0-RTT
+ * | |
+ * K_recv = handshake | | K_recv = early data
+ * [Skip decrypt errors] | +------> WAIT_EOED -+
+ * | | Recv | | Recv EndOfEarlyData
+ * | | early data | | K_recv = handshake
+ * | +------------+ |
+ * | |
+ * +> WAIT_FLIGHT2 <--------+
+ * |
+ * +--------+--------+
+ * No auth | | Client auth
+ * | |
+ * | v
+ * | WAIT_CERT
+ * | Recv | | Recv Certificate
+ * | empty | v
+ * | Certificate | WAIT_CV
+ * | | | Recv
+ * | v | CertificateVerify
+ * +-> WAIT_FINISHED <---+
+ * | Recv Finished
+ *
+ *
+ * The following function handles the state changes after WAIT_FLIGHT2 in the
+ * above diagram. We are not going to receive early data related messages
+ * anymore, prepare to receive the first handshake message of the client
+ * second flight.
+ */
+static void ssl_tls13_prepare_for_handshake_second_flight(
+ mbedtls_ssl_context *ssl)
+{
+ if (ssl->handshake->certificate_request_sent) {
+ mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);
+ } else {
+ MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate"));
+ MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate verify"));
+
+ mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED);
+ }
+}
+
+/*
* Handler for MBEDTLS_SSL_SERVER_FINISHED
*/
MBEDTLS_CHECK_RETURN_CRITICAL
@@ -2769,20 +2856,200 @@
return ret;
}
- MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic"));
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ /* See RFC 8446 section A.2 for more information */
+ MBEDTLS_SSL_DEBUG_MSG(
+ 1, ("Switch to early keys for inbound traffic. "
+ "( K_recv = early data )"));
+ mbedtls_ssl_set_inbound_transform(
+ ssl, ssl->handshake->transform_earlydata);
+ mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA);
+ return 0;
+ }
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+ MBEDTLS_SSL_DEBUG_MSG(
+ 1, ("Switch to handshake keys for inbound traffic "
+ "( K_recv = handshake )"));
mbedtls_ssl_set_inbound_transform(ssl, ssl->handshake->transform_handshake);
- if (ssl->handshake->certificate_request_sent) {
- mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);
- } else {
- MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate"));
- MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate verify"));
- mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED);
- }
+ ssl_tls13_prepare_for_handshake_second_flight(ssl);
return 0;
}
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+/*
+ * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA
+ */
+#define SSL_GOT_END_OF_EARLY_DATA 0
+#define SSL_GOT_EARLY_DATA 1
+/* Coordination:
+ * Deals with the ambiguity of not knowing if the next message is an
+ * EndOfEarlyData message or an application message containing early data.
+ * Returns a negative code on failure, or
+ * - SSL_GOT_END_OF_EARLY_DATA
+ * - SSL_GOT_EARLY_DATA
+ * indicating which message is received.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_tls13_end_of_early_data_coordinate(mbedtls_ssl_context *ssl)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) {
+ MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+ return ret;
+ }
+ ssl->keep_current_message = 1;
+
+ if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+ ssl->in_msg[0] == MBEDTLS_SSL_HS_END_OF_EARLY_DATA) {
+ MBEDTLS_SSL_DEBUG_MSG(3, ("Received an end_of_early_data message."));
+ return SSL_GOT_END_OF_EARLY_DATA;
+ }
+
+ if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) {
+ MBEDTLS_SSL_DEBUG_MSG(3, ("Received early data"));
+ return SSL_GOT_EARLY_DATA;
+ }
+
+ MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE,
+ MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE);
+ return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_tls13_parse_end_of_early_data(mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ const unsigned char *end)
+{
+ /* RFC 8446 section 4.5
+ *
+ * struct {} EndOfEarlyData;
+ */
+ if (buf != end) {
+ MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
+ MBEDTLS_ERR_SSL_DECODE_ERROR);
+ return MBEDTLS_ERR_SSL_DECODE_ERROR;
+ }
+ return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_tls13_process_early_application_data(mbedtls_ssl_context *ssl)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) {
+ MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+ return ret;
+ }
+
+ /*
+ * Output early data
+ *
+ * For the time being, we print received data via debug message.
+ *
+ * TODO: Remove it when `mbedtls_ssl_read_early_data` is ready.
+ */
+ ssl->in_msg[ssl->in_msglen] = 0;
+ MBEDTLS_SSL_DEBUG_MSG(3, ("\n%s", ssl->in_msg));
+
+ /* RFC 8446 section 4.6.1
+ *
+ * A server receiving more than max_early_data_size bytes of 0-RTT data
+ * SHOULD terminate the connection with an "unexpected_message" alert.
+ *
+ * TODO: Add received data size check here.
+ */
+
+ return 0;
+}
+
+/*
+ * RFC 8446 section A.2
+ *
+ * | Send ServerHello
+ * | K_send = handshake
+ * | Send EncryptedExtensions
+ * | [Send CertificateRequest]
+ * Can send | [Send Certificate + CertificateVerify]
+ * app data | Send Finished
+ * after --> | K_send = application
+ * here +--------+--------+
+ * No 0-RTT | | 0-RTT
+ * | |
+ * K_recv = handshake | | K_recv = early data
+ * [Skip decrypt errors] | +------> WAIT_EOED -+
+ * | | Recv | | Recv EndOfEarlyData
+ * | | early data | | K_recv = handshake
+ * | +------------+ |
+ * | |
+ * +> WAIT_FLIGHT2 <--------+
+ * |
+ * +--------+--------+
+ * No auth | | Client auth
+ * | |
+ * | v
+ * | WAIT_CERT
+ * | Recv | | Recv Certificate
+ * | empty | v
+ * | Certificate | WAIT_CV
+ * | | | Recv
+ * | v | CertificateVerify
+ * +-> WAIT_FINISHED <---+
+ * | Recv Finished
+ *
+ * The function handles actions and state changes from 0-RTT to WAIT_FLIGHT2 in
+ * the above diagram.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_process_end_of_early_data"));
+
+ MBEDTLS_SSL_PROC_CHK_NEG(ssl_tls13_end_of_early_data_coordinate(ssl));
+
+ if (ret == SSL_GOT_END_OF_EARLY_DATA) {
+ unsigned char *buf;
+ size_t buf_len;
+
+ MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(
+ ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA,
+ &buf, &buf_len));
+
+ MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data(
+ ssl, buf, buf + buf_len));
+
+ MBEDTLS_SSL_DEBUG_MSG(
+ 1, ("Switch to handshake keys for inbound traffic"
+ "( K_recv = handshake )"));
+ mbedtls_ssl_set_inbound_transform(
+ ssl, ssl->handshake->transform_handshake);
+
+ MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
+ ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA,
+ buf, buf_len));
+
+ ssl_tls13_prepare_for_handshake_second_flight(ssl);
+
+ } else if (ret == SSL_GOT_EARLY_DATA) {
+ MBEDTLS_SSL_PROC_CHK(ssl_tls13_process_early_application_data(ssl));
+ } else {
+ MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+ ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+ goto cleanup;
+ }
+
+cleanup:
+ MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_end_of_early_data"));
+ return ret;
+}
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
/*
* Handler for MBEDTLS_SSL_CLIENT_FINISHED
*/
@@ -2823,7 +3090,7 @@
* expected to be resolved with issue#6395.
*/
/* Sent NewSessionTicket message only when client supports PSK */
- if (mbedtls_ssl_tls13_some_psk_enabled(ssl)) {
+ if (mbedtls_ssl_tls13_is_some_psk_supported(ssl)) {
mbedtls_ssl_handshake_set_state(
ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET);
} else
@@ -2882,12 +3149,21 @@
#endif
/* Set ticket_flags depends on the advertised psk key exchange mode */
- mbedtls_ssl_session_clear_ticket_flags(
+ mbedtls_ssl_tls13_session_clear_ticket_flags(
session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
- mbedtls_ssl_session_set_ticket_flags(
+ mbedtls_ssl_tls13_session_set_ticket_flags(
session, ssl->handshake->tls13_kex_modes);
#endif
+
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED &&
+ ssl->conf->max_early_data_size > 0) {
+ mbedtls_ssl_tls13_session_set_ticket_flags(
+ session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
+ }
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags);
/* Generate ticket_age_add */
@@ -2971,12 +3247,13 @@
* The following fields are placed inside the ticket by the
* f_ticket_write() function:
*
- * - creation time (start)
- * - flags (flags)
+ * - creation time (ticket_creation_time)
+ * - flags (ticket_flags)
* - age add (ticket_age_add)
- * - key (key)
- * - key length (key_len)
+ * - key (resumption_key)
+ * - key length (resumption_key_len)
* - ciphersuite (ciphersuite)
+ * - max_early_data_size (max_early_data_size)
*/
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl,
@@ -2991,6 +3268,7 @@
mbedtls_ssl_session *session = ssl->session;
size_t ticket_len;
uint32_t ticket_lifetime;
+ unsigned char *p_extensions_len;
*out_len = 0;
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write NewSessionTicket msg"));
@@ -3052,15 +3330,35 @@
/* Ticket Extensions
*
- * Note: We currently don't have any extensions.
- * Set length to zero.
+ * Extension extensions<0..2^16-2>;
*/
ssl->handshake->sent_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2);
- MBEDTLS_PUT_UINT16_BE(0, p, 0);
+ p_extensions_len = p;
p += 2;
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ if (mbedtls_ssl_tls13_session_ticket_allow_early_data(session)) {
+ size_t output_len;
+
+ if ((ret = mbedtls_ssl_tls13_write_early_data_ext(
+ ssl, 1, p, end, &output_len)) != 0) {
+ MBEDTLS_SSL_DEBUG_RET(
+ 1, "mbedtls_ssl_tls13_write_early_data_ext", ret);
+ return ret;
+ }
+ p += output_len;
+ } else {
+ MBEDTLS_SSL_DEBUG_MSG(
+ 4, ("early_data not allowed, "
+ "skip early_data extension in NewSessionTicket"));
+ }
+
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
+ MBEDTLS_PUT_UINT16_BE(p - p_extensions_len - 2, p_extensions_len, 0);
+
*out_len = p - buf;
MBEDTLS_SSL_DEBUG_BUF(4, "ticket", buf, *out_len);
MBEDTLS_SSL_DEBUG_MSG(2, ("<= write new session ticket"));
@@ -3207,6 +3505,12 @@
ret = ssl_tls13_write_server_finished(ssl);
break;
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ case MBEDTLS_SSL_END_OF_EARLY_DATA:
+ ret = ssl_tls13_process_end_of_early_data(ssl);
+ break;
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
case MBEDTLS_SSL_CLIENT_FINISHED:
ret = ssl_tls13_process_client_finished(ssl);
break;
diff --git a/library/threading.c b/library/threading.c
index 52fe8fc..873b507 100644
--- a/library/threading.c
+++ b/library/threading.c
@@ -56,28 +56,27 @@
return;
}
- /* A nonzero value of is_valid indicates a successfully initialized
- * mutex. This is a workaround for not being able to return an error
- * code for this function. The lock/unlock functions return an error
- * if is_valid is nonzero. The Mbed TLS unit test code uses this field
- * to distinguish more states of the mutex; see
- * tests/src/threading_helpers for details. */
- mutex->is_valid = pthread_mutex_init(&mutex->mutex, NULL) == 0;
+ /* One problem here is that calling lock on a pthread mutex without first
+ * having initialised it is undefined behaviour. Obviously we cannot check
+ * this here in a thread safe manner without a significant performance
+ * hit, so state transitions are checked in tests only via the state
+ * variable. Please make sure any new mutex that gets added is exercised in
+ * tests; see tests/src/threading_helpers.c for more details. */
+ (void) pthread_mutex_init(&mutex->mutex, NULL);
}
static void threading_mutex_free_pthread(mbedtls_threading_mutex_t *mutex)
{
- if (mutex == NULL || !mutex->is_valid) {
+ if (mutex == NULL) {
return;
}
(void) pthread_mutex_destroy(&mutex->mutex);
- mutex->is_valid = 0;
}
static int threading_mutex_lock_pthread(mbedtls_threading_mutex_t *mutex)
{
- if (mutex == NULL || !mutex->is_valid) {
+ if (mutex == NULL) {
return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
}
@@ -90,7 +89,7 @@
static int threading_mutex_unlock_pthread(mbedtls_threading_mutex_t *mutex)
{
- if (mutex == NULL || !mutex->is_valid) {
+ if (mutex == NULL) {
return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
}
diff --git a/library/x509_create.c b/library/x509_create.c
index 424cce1..f7a17e7 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -169,7 +169,7 @@
return MBEDTLS_ERR_X509_INVALID_NAME;
}
}
- *data_len = d - data;
+ *data_len = (size_t) (d - data);
return 0;
}
@@ -297,8 +297,8 @@
while (c <= end) {
if (in_attr_type && *c == '=') {
- if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) {
- if ((mbedtls_oid_from_numeric_string(&oid, s, c - s)) != 0) {
+ if ((attr_descr = x509_attr_descr_from_name(s, (size_t) (c - s))) == NULL) {
+ if ((mbedtls_oid_from_numeric_string(&oid, s, (size_t) (c - s))) != 0) {
return MBEDTLS_ERR_X509_INVALID_NAME;
} else {
numericoid = 1;
@@ -322,7 +322,7 @@
/* We know that c >= s (loop invariant) and c != s (in this
* else branch), hence c - s - 1 >= 0. */
parse_ret = parse_attribute_value_hex_der_encoded(
- s + 1, c - s - 1,
+ s + 1, (size_t) (c - s) - 1,
data, sizeof(data), &data_len, &tag);
if (parse_ret != 0) {
mbedtls_free(oid.p);
@@ -382,6 +382,10 @@
{
mbedtls_asn1_named_data *cur;
+ if (val_len > (SIZE_MAX - 1)) {
+ return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+ }
+
if ((cur = mbedtls_asn1_store_named_data(head, oid, oid_len,
NULL, val_len + 1)) == NULL) {
return MBEDTLS_ERR_X509_ALLOC_FAILED;
diff --git a/library/x509_crl.c b/library/x509_crl.c
index cad784e..fdbad23 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -367,7 +367,7 @@
}
end = p + len;
- crl->tbs.len = end - crl->tbs.p;
+ crl->tbs.len = (size_t) (end - crl->tbs.p);
/*
* Version ::= INTEGER OPTIONAL { v1(0), v2(1) }
@@ -411,7 +411,7 @@
return ret;
}
- crl->issuer_raw.len = p - crl->issuer_raw.p;
+ crl->issuer_raw.len = (size_t) (p - crl->issuer_raw.p);
/*
* thisUpdate Time
diff --git a/library/x509_crt.c b/library/x509_crt.c
index f41eb47..4e7672e 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -222,7 +222,7 @@
if (pk_alg == MBEDTLS_PK_ECDSA ||
pk_alg == MBEDTLS_PK_ECKEY ||
pk_alg == MBEDTLS_PK_ECKEY_DH) {
- const mbedtls_ecp_group_id gid = mbedtls_pk_get_group_id(pk);
+ const mbedtls_ecp_group_id gid = mbedtls_pk_get_ec_group_id(pk);
if (gid == MBEDTLS_ECP_DP_NONE) {
return -1;
@@ -1108,7 +1108,7 @@
}
end = crt_end = p + len;
- crt->raw.len = crt_end - buf;
+ crt->raw.len = (size_t) (crt_end - buf);
if (make_copy != 0) {
/* Create and populate a new buffer for the raw field. */
crt->raw.p = p = mbedtls_calloc(1, crt->raw.len);
@@ -1138,7 +1138,7 @@
}
end = p + len;
- crt->tbs.len = end - crt->tbs.p;
+ crt->tbs.len = (size_t) (end - crt->tbs.p);
/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
@@ -1185,7 +1185,7 @@
return ret;
}
- crt->issuer_raw.len = p - crt->issuer_raw.p;
+ crt->issuer_raw.len = (size_t) (p - crt->issuer_raw.p);
/*
* Validity ::= SEQUENCE {
@@ -1215,7 +1215,7 @@
return ret;
}
- crt->subject_raw.len = p - crt->subject_raw.p;
+ crt->subject_raw.len = (size_t) (p - crt->subject_raw.p);
/*
* SubjectPublicKeyInfo
@@ -1225,7 +1225,7 @@
mbedtls_x509_crt_free(crt);
return ret;
}
- crt->pk_raw.len = p - crt->pk_raw.p;
+ crt->pk_raw.len = (size_t) (p - crt->pk_raw.p);
/*
* issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
diff --git a/library/x509_csr.c b/library/x509_csr.c
index a293ec0..79b1589 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -328,7 +328,7 @@
}
end = p + len;
- csr->cri.len = end - csr->cri.p;
+ csr->cri.len = (size_t) (end - csr->cri.p);
/*
* Version ::= INTEGER { v1(0) }
@@ -361,7 +361,7 @@
return ret;
}
- csr->subject_raw.len = p - csr->subject_raw.p;
+ csr->subject_raw.len = (size_t) (p - csr->subject_raw.p);
/*
* subjectPKInfo SubjectPublicKeyInfo
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 4c019ee..44b6b17 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -481,7 +481,7 @@
*/
MBEDTLS_ASN1_CHK_ADD(pub_len,
mbedtls_pk_write_pubkey_der(ctx->subject_key,
- buf, c - buf));
+ buf, (size_t) (c - buf)));
c -= pub_len;
len += pub_len;
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 4e39755..254da69 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -185,7 +185,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC));
MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_pk_write_pubkey_der(ctx->key,
- buf, c - buf));
+ buf, (size_t) (c - buf)));
c -= pub_len;
len += pub_len;
@@ -276,7 +276,7 @@
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE));
/* Zero the unused bytes at the start of buf */
- memset(buf, 0, c2 - buf);
+ memset(buf, 0, (size_t) (c2 - buf));
return (int) len;
}
diff --git a/programs/Makefile b/programs/Makefile
index a3fa816..82c8569 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -1,21 +1,5 @@
-
-# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
-
-CFLAGS ?= -O2
-WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
-WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
-LDFLAGS ?=
-
-MBEDTLS_TEST_PATH:=../tests/src
-MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c))
-
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64
-LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -I../tests/include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
- -L../library \
- -lmbedtls$(SHARED_SUFFIX) \
- -lmbedx509$(SHARED_SUFFIX) \
- -lmbedcrypto$(SHARED_SUFFIX)
+MBEDTLS_TEST_PATH = ../tests
+include ../scripts/common.make
ifeq ($(shell uname -s),Linux)
DLOPEN_LDFLAGS ?= -ldl
@@ -23,44 +7,8 @@
DLOPEN_LDFLAGS ?=
endif
-include ../3rdparty/Makefile.inc
-LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
-
-ifndef SHARED
-MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
-else
-MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
-endif
DEP=${MBEDLIBS} ${MBEDTLS_TEST_OBJS}
-ifdef DEBUG
-LOCAL_CFLAGS += -g3
-endif
-
-# if we're running on Windows, build for Windows
-ifdef WINDOWS
-WINDOWS_BUILD=1
-endif
-
-ifdef WINDOWS_BUILD
-DLEXT=dll
-EXEXT=.exe
-LOCAL_LDFLAGS += -lws2_32 -lbcrypt
-ifdef SHARED
-SHARED_SUFFIX=.$(DLEXT)
-endif
-else
-DLEXT ?= so
-EXEXT=
-SHARED_SUFFIX=
-endif
-
-ifdef WINDOWS
-PYTHON ?= python
-else
-PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi)
-endif
-
# Only build the dlopen test in shared library builds, and not when building
# for Windows.
ifdef BUILD_DLOPEN
@@ -139,7 +87,7 @@
x509/req_app \
# End of APPS
-ifdef PTHREAD
+ifeq ($(THREADING),pthread)
APPS += ssl/ssl_pthread_server
endif
@@ -168,9 +116,6 @@
fuzz: ${MBEDTLS_TEST_OBJS}
$(MAKE) -C fuzz THIRDPARTY_INCLUDES=$(THIRDPARTY_INCLUDES)
-$(MBEDLIBS):
- $(MAKE) -C ../library
-
${MBEDTLS_TEST_OBJS}:
$(MAKE) -C ../tests mbedtls_test
@@ -178,14 +123,6 @@
GENERATED_FILES = psa/psa_constant_names_generated.c test/query_config.c
generated_files: $(GENERATED_FILES)
-# See root Makefile
-GEN_FILES ?= yes
-ifdef GEN_FILES
-gen_file_dep =
-else
-gen_file_dep = |
-endif
-
psa/psa_constant_names_generated.c: $(gen_file_dep) ../scripts/generate_psa_constants.py
psa/psa_constant_names_generated.c: $(gen_file_dep) ../include/psa/crypto_values.h
psa/psa_constant_names_generated.c: $(gen_file_dep) ../include/psa/crypto_extra.h
@@ -487,12 +424,5 @@
endif
$(MAKE) -C fuzz clean
-neat: clean
-ifndef WINDOWS
- rm -f $(GENERATED_FILES)
-else
- for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f
-endif
-
list:
echo $(EXES)
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index 226718b..b2cd704 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -103,7 +103,11 @@
list = mbedtls_cipher_list();
while (*list) {
cipher_info = mbedtls_cipher_info_from_type(*list);
- mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info));
+ const char *name = mbedtls_cipher_info_get_name(cipher_info);
+
+ if (name) {
+ mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info));
+ }
list++;
}
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 946e049..0cb1562 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -44,6 +44,13 @@
"MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n");
mbedtls_exit(0);
}
+
+#elif defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+int main(void)
+{
+ mbedtls_printf("MBEDTLS_BLOCK_CIPHER_NO_DECRYPT defined.\n");
+ mbedtls_exit(0);
+}
#else
diff --git a/programs/psa/psa_hash_demo.sh b/programs/psa/psa_hash_demo.sh
new file mode 100755
index 0000000..a26697c
--- /dev/null
+++ b/programs/psa/psa_hash_demo.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+. "${0%/*}/../demo_common.sh"
+
+msg <<'EOF'
+This program demonstrates the use of the PSA cryptography interface to
+compute a SHA-256 hash of a test string using the one-shot API call
+and also using the multi-part operation API.
+EOF
+
+depends_on MBEDTLS_PSA_CRYPTO_C PSA_WANT_ALG_SHA_256
+
+program="${0%/*}"/psa_hash
+
+"$program"
+
+cleanup
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index f6a6bb6..1b3dedb 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -52,7 +52,7 @@
#define DFL_KEY_OPAQUE 0
#define DFL_KEY_PWD ""
#define DFL_PSK ""
-#define DFL_EARLY_DATA MBEDTLS_SSL_EARLY_DATA_DISABLED
+#define DFL_EARLY_DATA ""
#define DFL_PSK_OPAQUE 0
#define DFL_PSK_IDENTITY "Client_identity"
#define DFL_ECJPAKE_PW NULL
@@ -347,8 +347,9 @@
#if defined(MBEDTLS_SSL_EARLY_DATA)
#define USAGE_EARLY_DATA \
- " early_data=%%d default: 0 (disabled)\n" \
- " options: 0 (disabled), 1 (enabled)\n"
+ " early_data=%%s The file path to read early data from\n" \
+ " default: \"\" (do nothing)\n" \
+ " option: a file path\n"
#else
#define USAGE_EARLY_DATA ""
#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_PROTO_TLS1_3 */
@@ -543,7 +544,7 @@
int reproducible; /* make communication reproducible */
int skip_close_notify; /* skip sending the close_notify alert */
#if defined(MBEDTLS_SSL_EARLY_DATA)
- int early_data; /* support for early data */
+ const char *early_data; /* the path of the file to read early data from */
#endif
int query_config_mode; /* whether to read config */
int use_srtp; /* Support SRTP */
@@ -741,6 +742,10 @@
size_t cid_renego_len = 0;
#endif
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ FILE *early_data_fp = NULL;
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
#if defined(MBEDTLS_SSL_ALPN)
const char *alpn_list[ALPN_LIST_SIZE];
#endif
@@ -1196,15 +1201,7 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_EARLY_DATA)
else if (strcmp(p, "early_data") == 0) {
- switch (atoi(q)) {
- case 0:
- opt.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED;
- break;
- case 1:
- opt.early_data = MBEDTLS_SSL_EARLY_DATA_ENABLED;
- break;
- default: goto usage;
- }
+ opt.early_data = q;
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
@@ -1971,7 +1968,16 @@
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
- mbedtls_ssl_conf_early_data(&conf, opt.early_data);
+ int early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED;
+ if (strlen(opt.early_data) > 0) {
+ if ((early_data_fp = fopen(opt.early_data, "rb")) == NULL) {
+ mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n",
+ opt.early_data);
+ goto exit;
+ }
+ early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED;
+ }
+ mbedtls_ssl_conf_early_data(&conf, early_data_enabled);
#endif /* MBEDTLS_SSL_EARLY_DATA */
if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
@@ -3029,6 +3035,12 @@
mbedtls_ssl_config_free(&conf);
mbedtls_ssl_session_free(&saved_session);
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ if (early_data_fp != NULL) {
+ fclose(early_data_fp);
+ }
+#endif
+
if (session_data != NULL) {
mbedtls_platform_zeroize(session_data, session_data_len);
}
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index c96128b..598d38c 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -556,6 +556,7 @@
USAGE_GROUPS \
USAGE_SIG_ALGS \
USAGE_KEY_OPAQUE_ALGS \
+ USAGE_EARLY_DATA \
"\n"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
@@ -3520,7 +3521,7 @@
mbedtls_printf(" [ Record expansion is unknown ]\n");
}
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) || defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
mbedtls_printf(" [ Maximum incoming record payload length is %u ]\n",
(unsigned int) mbedtls_ssl_get_max_in_record_payload(&ssl));
mbedtls_printf(" [ Maximum outgoing record payload length is %u ]\n",
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
index 6e0c615..b49dd67 100644
--- a/programs/ssl/ssl_test_lib.c
+++ b/programs/ssl/ssl_test_lib.c
@@ -435,6 +435,9 @@
void test_hooks_free(void)
{
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ mbedtls_test_mutex_usage_end();
+#endif
}
#endif /* MBEDTLS_TEST_HOOKS */
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 3d751d0..755a731 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -83,7 +83,14 @@
#include "mbedtls/memory_buffer_alloc.h"
#endif
+#ifdef MBEDTLS_TIMING_ALT
+void mbedtls_set_alarm(int seconds);
+unsigned long mbedtls_timing_hardclock(void);
+extern volatile int mbedtls_timing_alarmed;
+#else
static void mbedtls_set_alarm(int seconds);
+static unsigned long mbedtls_timing_hardclock(void);
+#endif
/*
* For heap usage estimates, we need an estimate of the overhead per allocated
@@ -227,6 +234,7 @@
} \
} while (0)
+#if !defined(MBEDTLS_TIMING_ALT)
#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
(defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__)
@@ -441,6 +449,7 @@
}
#endif /* _WIN32 && !EFIX64 && !EFI32 */
+#endif /* !MBEDTLS_TIMING_ALT */
static int myrand(void *rng_state, unsigned char *output, size_t len)
{
@@ -1011,7 +1020,7 @@
int keysize;
mbedtls_rsa_context rsa;
- for (keysize = 2048; keysize <= 4096; keysize *= 2) {
+ for (keysize = 2048; keysize <= 4096; keysize += 1024) {
mbedtls_snprintf(title, sizeof(title), "RSA-%d", keysize);
mbedtls_rsa_init(&rsa);
@@ -1057,16 +1066,16 @@
for (i = 0; (size_t) i < sizeof(dhm_sizes) / sizeof(dhm_sizes[0]); i++) {
mbedtls_dhm_init(&dhm);
- if (mbedtls_mpi_read_binary(&dhm.P, dhm_P[i],
+ if (mbedtls_mpi_read_binary(&dhm.MBEDTLS_PRIVATE(P), dhm_P[i],
dhm_P_size[i]) != 0 ||
- mbedtls_mpi_read_binary(&dhm.G, dhm_G[i],
+ mbedtls_mpi_read_binary(&dhm.MBEDTLS_PRIVATE(G), dhm_G[i],
dhm_G_size[i]) != 0) {
mbedtls_exit(1);
}
- n = mbedtls_mpi_size(&dhm.P);
+ n = mbedtls_mpi_size(&dhm.MBEDTLS_PRIVATE(P));
mbedtls_dhm_make_public(&dhm, (int) n, buf, n, myrand, NULL);
- if (mbedtls_mpi_copy(&dhm.GY, &dhm.GX) != 0) {
+ if (mbedtls_mpi_copy(&dhm.MBEDTLS_PRIVATE(GY), &dhm.MBEDTLS_PRIVATE(GX)) != 0) {
mbedtls_exit(1);
}
diff --git a/programs/test/metatest.c b/programs/test/metatest.c
index 2973cce..b8dffa9 100644
--- a/programs/test/metatest.c
+++ b/programs/test/metatest.c
@@ -46,6 +46,12 @@
*/
volatile int false_but_the_compiler_does_not_know = 0;
+/* Hide calls to calloc/free from static checkers such as
+ * `gcc-12 -Wuse-after-free`, to avoid compile-time complaints about
+ * code where we do mean to cause a runtime error. */
+void * (* volatile calloc_but_the_compiler_does_not_know)(size_t, size_t) = mbedtls_calloc;
+void(*volatile free_but_the_compiler_does_not_know)(void *) = mbedtls_free;
+
/* Set n bytes at the address p to all-bits-zero, in such a way that
* the compiler should not know that p is all-bits-zero. */
static void set_to_zero_but_the_compiler_does_not_know(volatile void *p, size_t n)
@@ -98,9 +104,9 @@
void read_after_free(const char *name)
{
(void) name;
- volatile char *p = mbedtls_calloc(1, 1);
+ volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
*p = 'a';
- mbedtls_free((void *) p);
+ free_but_the_compiler_does_not_know((void *) p);
/* Undefined behavior (read after free) */
mbedtls_printf("%u\n", (unsigned) *p);
}
@@ -108,11 +114,11 @@
void double_free(const char *name)
{
(void) name;
- volatile char *p = mbedtls_calloc(1, 1);
+ volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
*p = 'a';
- mbedtls_free((void *) p);
+ free_but_the_compiler_does_not_know((void *) p);
/* Undefined behavior (double free) */
- mbedtls_free((void *) p);
+ free_but_the_compiler_does_not_know((void *) p);
}
void read_uninitialized_stack(const char *name)
@@ -132,7 +138,7 @@
void memory_leak(const char *name)
{
(void) name;
- volatile char *p = mbedtls_calloc(1, 1);
+ volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
mbedtls_printf("%u\n", (unsigned) *p);
/* Leak of a heap object */
}
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index 61dde5e..e132e4c 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -79,6 +79,7 @@
if (verbose) {
mbedtls_printf(" CALLOC(0,1): passed (same non-null)\n");
}
+ empty2 = NULL;
} else {
if (verbose) {
mbedtls_printf(" CALLOC(0,1): passed (distinct non-null)\n");
@@ -103,6 +104,7 @@
if (verbose) {
mbedtls_printf(" CALLOC(1,0): passed (same non-null)\n");
}
+ empty2 = NULL;
} else {
if (verbose) {
mbedtls_printf(" CALLOC(1,0): passed (distinct non-null)\n");
@@ -119,6 +121,7 @@
mbedtls_printf(" CALLOC(1): failed (same buffer twice)\n");
}
++failures;
+ buffer2 = NULL;
} else {
if (verbose) {
mbedtls_printf(" CALLOC(1): passed\n");
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 072441b..6ae43a9 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -261,10 +261,10 @@
} else if (strcmp(q, "DNS") == 0) {
cur->node.type = MBEDTLS_X509_SAN_DNS_NAME;
} else if (strcmp(q, "IP") == 0) {
- size_t ip_len = 0;
+ size_t ip_addr_len = 0;
cur->node.type = MBEDTLS_X509_SAN_IP_ADDRESS;
- ip_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip);
- if (ip_len == 0) {
+ ip_addr_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip);
+ if (ip_addr_len == 0) {
mbedtls_printf("mbedtls_x509_crt_parse_cn_inet_pton failed to parse %s\n",
subtype_value);
goto exit;
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index 8395f74..bf25c4c 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -583,10 +583,10 @@
} else if (strcmp(q, "DNS") == 0) {
cur->node.type = MBEDTLS_X509_SAN_DNS_NAME;
} else if (strcmp(q, "IP") == 0) {
- size_t ip_len = 0;
+ size_t ip_addr_len = 0;
cur->node.type = MBEDTLS_X509_SAN_IP_ADDRESS;
- ip_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip);
- if (ip_len == 0) {
+ ip_addr_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip);
+ if (ip_addr_len == 0) {
mbedtls_printf("mbedtls_x509_crt_parse_cn_inet_pton failed to parse %s\n",
subtype_value);
goto exit;
diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py
index d5f705c..07e6fc5 100755
--- a/scripts/assemble_changelog.py
+++ b/scripts/assemble_changelog.py
@@ -115,7 +115,7 @@
class TextChangelogFormat(ChangelogFormat):
"""The traditional Mbed TLS changelog format."""
- _unreleased_version_text = '= Mbed TLS x.x.x branch released xxxx-xx-xx'
+ _unreleased_version_text = '= {} x.x.x branch released xxxx-xx-xx'
@classmethod
def is_released_version(cls, title):
# Look for an incomplete release date
@@ -123,6 +123,7 @@
_top_version_re = re.compile(r'(?:\A|\n)(=[^\n]*\n+)(.*?\n)(?:=|$)',
re.DOTALL)
+ _name_re = re.compile(r'=\s(.*)\s[0-9x]+\.', re.DOTALL)
@classmethod
def extract_top_version(cls, changelog_file_content):
"""A version section starts with a line starting with '='."""
@@ -131,9 +132,10 @@
top_version_end = m.end(2)
top_version_title = m.group(1)
top_version_body = m.group(2)
+ name = re.match(cls._name_re, top_version_title).group(1)
if cls.is_released_version(top_version_title):
top_version_end = top_version_start
- top_version_title = cls._unreleased_version_text + '\n\n'
+ top_version_title = cls._unreleased_version_text.format(name) + '\n\n'
top_version_body = ''
return (changelog_file_content[:top_version_start],
top_version_title, top_version_body,
@@ -245,6 +247,7 @@
for category in STANDARD_CATEGORIES:
self.categories[category] = ''
offset = (self.header + self.top_version_title).count('\n') + 1
+
self.add_categories_from_text(input_stream.name, offset,
top_version_body, True)
diff --git a/scripts/common.make b/scripts/common.make
new file mode 100644
index 0000000..6c95b42
--- /dev/null
+++ b/scripts/common.make
@@ -0,0 +1,119 @@
+# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
+
+CFLAGS ?= -O2
+WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
+WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
+LDFLAGS ?=
+
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I../include -D_FILE_OFFSET_BITS=64
+LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -I../tests/include -D_FILE_OFFSET_BITS=64
+LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
+ -L../library \
+ -lmbedtls$(SHARED_SUFFIX) \
+ -lmbedx509$(SHARED_SUFFIX) \
+ -lmbedcrypto$(SHARED_SUFFIX)
+
+include ../3rdparty/Makefile.inc
+LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
+
+ifndef SHARED
+MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
+else
+MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
+endif
+
+ifdef DEBUG
+LOCAL_CFLAGS += -g3
+endif
+
+# if we're running on Windows, build for Windows
+ifdef WINDOWS
+WINDOWS_BUILD=1
+endif
+
+## Usage: $(call remove_enabled_options,PREPROCESSOR_INPUT)
+## Remove the preprocessor symbols that are set in the current configuration
+## from PREPROCESSOR_INPUT. Also normalize whitespace.
+## Example:
+## $(call remove_enabled_options,MBEDTLS_FOO MBEDTLS_BAR)
+## This expands to an empty string "" if MBEDTLS_FOO and MBEDTLS_BAR are both
+## enabled, to "MBEDTLS_FOO" if MBEDTLS_BAR is enabled but MBEDTLS_FOO is
+## disabled, etc.
+##
+## This only works with a Unix-like shell environment (Bourne/POSIX-style shell
+## and standard commands) and a Unix-like compiler (supporting -E). In
+## other environments, the output is likely to be empty.
+define remove_enabled_options
+$(strip $(shell
+ exec 2>/dev/null;
+ { echo '#include <mbedtls/build_info.h>'; echo $(1); } |
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -E - |
+ tail -n 1
+))
+endef
+
+ifdef WINDOWS_BUILD
+ DLEXT=dll
+ EXEXT=.exe
+ LOCAL_LDFLAGS += -lws2_32 -lbcrypt
+ ifdef SHARED
+ SHARED_SUFFIX=.$(DLEXT)
+ endif
+
+else # Not building for Windows
+ DLEXT ?= so
+ EXEXT=
+ SHARED_SUFFIX=
+ ifndef THREADING
+ # Auto-detect configurations with pthread.
+ # If the call to remove_enabled_options returns "control", the symbols
+ # are confirmed set and we link with pthread.
+ # If the auto-detection fails, the result of the call is empty and
+ # we keep THREADING undefined.
+ ifeq (control,$(call remove_enabled_options,control MBEDTLS_THREADING_C MBEDTLS_THREADING_PTHREAD))
+ THREADING := pthread
+ endif
+ endif
+
+ ifeq ($(THREADING),pthread)
+ LOCAL_LDFLAGS += -lpthread
+ endif
+endif
+
+ifdef WINDOWS
+PYTHON ?= python
+else
+PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi)
+endif
+
+# See root Makefile
+GEN_FILES ?= yes
+ifdef GEN_FILES
+gen_file_dep =
+else
+gen_file_dep = |
+endif
+
+default: all
+
+$(MBEDLIBS):
+ $(MAKE) -C ../library
+
+neat: clean
+ifndef WINDOWS
+ rm -f $(GENERATED_FILES)
+else
+ for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f
+endif
+
+# Auxiliary modules used by tests and some sample programs
+MBEDTLS_CORE_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard \
+ ${MBEDTLS_TEST_PATH}/src/*.c \
+ ${MBEDTLS_TEST_PATH}/src/drivers/*.c \
+ ))
+# Additional auxiliary modules for TLS testing
+MBEDTLS_TLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard \
+ ${MBEDTLS_TEST_PATH}/src/test_helpers/*.c \
+ ))
+
+MBEDTLS_TEST_OBJS = $(MBEDTLS_CORE_TEST_OBJS) $(MBEDTLS_TLS_TEST_OBJS)
diff --git a/scripts/config.py b/scripts/config.py
index 4878d8b..ab0e5ea 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -180,6 +180,7 @@
#pylint: disable=line-too-long
'MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH', # interacts with CTR_DRBG_128_BIT_KEY
'MBEDTLS_AES_USE_HARDWARE_ONLY', # hardware dependency
+ 'MBEDTLS_BLOCK_CIPHER_NO_DECRYPT', # incompatible with ECB in PSA, CBC/XTS/NIST_KW/DES
'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256
'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options
'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
@@ -206,7 +207,6 @@
'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT
'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT
'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # setting *_USE_ARMV8_A_CRYPTO is sufficient
- 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests
'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan)
'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers)
'MBEDTLS_X509_REMOVE_INFO', # removes a feature
diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py
index 2fdc4cd..624ab81 100755
--- a/scripts/generate_driver_wrappers.py
+++ b/scripts/generate_driver_wrappers.py
@@ -108,17 +108,17 @@
return json_data
-def load_schemas(mbedtls_root: str) -> Dict[str, Any]:
+def load_schemas(project_root: str) -> Dict[str, Any]:
"""
Load schemas map
"""
schema_file_paths = {
- 'transparent': os.path.join(mbedtls_root,
+ 'transparent': os.path.join(project_root,
'scripts',
'data_files',
'driver_jsons',
'driver_transparent_schema.json'),
- 'opaque': os.path.join(mbedtls_root,
+ 'opaque': os.path.join(project_root,
'scripts',
'data_files',
'driver_jsons',
@@ -131,13 +131,13 @@
return driver_schema
-def read_driver_descriptions(mbedtls_root: str,
+def read_driver_descriptions(project_root: str,
json_directory: str,
jsondriver_list: str) -> list:
"""
Merge driver JSON files into a single ordered JSON after validation.
"""
- driver_schema = load_schemas(mbedtls_root)
+ driver_schema = load_schemas(project_root)
with open(file=os.path.join(json_directory, jsondriver_list),
mode='r',
@@ -163,11 +163,11 @@
"""
Main with command line arguments.
"""
- def_arg_mbedtls_root = build_tree.guess_mbedtls_root()
+ def_arg_project_root = build_tree.guess_project_root()
parser = argparse.ArgumentParser()
- parser.add_argument('--mbedtls-root', default=def_arg_mbedtls_root,
- help='root directory of mbedtls source code')
+ parser.add_argument('--project-root', default=def_arg_project_root,
+ help='root directory of repo source code')
parser.add_argument('--template-dir',
help='directory holding the driver templates')
parser.add_argument('--json-dir',
@@ -176,24 +176,27 @@
help='output file\'s location')
args = parser.parse_args()
- mbedtls_root = os.path.abspath(args.mbedtls_root)
+ project_root = os.path.abspath(args.project_root)
+
+ crypto_core_directory = build_tree.crypto_core_directory(project_root)
output_directory = args.output_directory if args.output_directory is not None else \
- os.path.join(mbedtls_root, 'library')
+ crypto_core_directory
+
template_directory = args.template_dir if args.template_dir is not None else \
- os.path.join(mbedtls_root,
+ os.path.join(project_root,
'scripts',
'data_files',
'driver_templates')
json_directory = args.json_dir if args.json_dir is not None else \
- os.path.join(mbedtls_root,
+ os.path.join(project_root,
'scripts',
'data_files',
'driver_jsons')
try:
# Read and validate list of driver jsons from driverlist.json
- merged_driver_json = read_driver_descriptions(mbedtls_root,
+ merged_driver_json = read_driver_descriptions(project_root,
json_directory,
'driverlist.json')
except DriverReaderException as e:
diff --git a/scripts/lcov.sh b/scripts/lcov.sh
index 9258ba7..0584a0a 100755
--- a/scripts/lcov.sh
+++ b/scripts/lcov.sh
@@ -32,8 +32,8 @@
# Repository detection
in_mbedtls_build_dir () {
- test -d library
- }
+ test -d library
+}
# Collect stats and build a HTML report.
lcov_library_report () {
diff --git a/scripts/mbedtls_dev/asymmetric_key_data.py b/scripts/mbedtls_dev/asymmetric_key_data.py
index ef3e3a0..8ca6758 100644
--- a/scripts/mbedtls_dev/asymmetric_key_data.py
+++ b/scripts/mbedtls_dev/asymmetric_key_data.py
@@ -41,13 +41,15 @@
'ECC(PSA_ECC_FAMILY_SECP_K1)': {
192: ("297ac1722ccac7589ecb240dc719842538ca974beb79f228",
"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"),
- 224: ("0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8",
+ 225: ("0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8",
"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"),
256: ("7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9",
"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"),
},
'ECC(PSA_ECC_FAMILY_SECP_R1)': {
- 225: ("872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995",
+ 192: ("d83b57a59c51358d9c8bbb898aff507f44dd14cf16917190",
+ "04e35fcbee11cec3154f80a1a61df7d7612de4f2fd70c5608d0ee3a4a1a5719471adb33966dd9b035fdb774feeba94b04c"),
+ 224: ("872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995",
"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"),
256: ("49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee",
"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"),
diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py
index a657a51..ec67e4c 100644
--- a/scripts/mbedtls_dev/build_tree.py
+++ b/scripts/mbedtls_dev/build_tree.py
@@ -7,6 +7,7 @@
import os
import inspect
+from typing import Optional
def looks_like_tf_psa_crypto_root(path: str) -> bool:
"""Whether the given directory looks like the root of the PSA Crypto source tree."""
@@ -21,9 +22,40 @@
def looks_like_root(path: str) -> bool:
return looks_like_tf_psa_crypto_root(path) or looks_like_mbedtls_root(path)
-def check_repo_path():
+def crypto_core_directory(root: Optional[str] = None, relative: Optional[bool] = False) -> str:
"""
- Check that the current working directory is the project root, and throw
+ Return the path of the directory containing the PSA crypto core
+ for either TF-PSA-Crypto or Mbed TLS.
+
+ Returns either the full path or relative path depending on the
+ "relative" boolean argument.
+ """
+ if root is None:
+ root = guess_project_root()
+ if looks_like_tf_psa_crypto_root(root):
+ if relative:
+ return "core"
+ return os.path.join(root, "core")
+ elif looks_like_mbedtls_root(root):
+ if relative:
+ return "library"
+ return os.path.join(root, "library")
+ else:
+ raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found')
+
+def crypto_library_filename(root: Optional[str] = None) -> str:
+ """Return the crypto library filename for either TF-PSA-Crypto or Mbed TLS."""
+ if root is None:
+ root = guess_project_root()
+ if looks_like_tf_psa_crypto_root(root):
+ return "tfpsacrypto"
+ elif looks_like_mbedtls_root(root):
+ return "mbedcrypto"
+ else:
+ raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found')
+
+def check_repo_path():
+ """Check that the current working directory is the project root, and throw
an exception if not.
"""
if not all(os.path.isdir(d) for d in ["include", "library", "tests"]):
@@ -43,11 +75,10 @@
return
raise Exception('Mbed TLS source tree not found')
+def guess_project_root():
+ """Guess project source code directory.
-def guess_mbedtls_root():
- """Guess mbedTLS source code directory.
-
- Return the first possible mbedTLS root directory
+ Return the first possible project root directory.
"""
dirs = set({})
for frame in inspect.stack():
@@ -60,4 +91,30 @@
dirs.add(d)
if looks_like_root(d):
return d
- raise Exception('Mbed TLS source tree not found')
+ raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found')
+
+def guess_mbedtls_root(root: Optional[str] = None) -> str:
+ """Guess Mbed TLS source code directory.
+
+ Return the first possible Mbed TLS root directory.
+ Raise an exception if we are not in Mbed TLS.
+ """
+ if root is None:
+ root = guess_project_root()
+ if looks_like_mbedtls_root(root):
+ return root
+ else:
+ raise Exception('Mbed TLS source tree not found')
+
+def guess_tf_psa_crypto_root(root: Optional[str] = None) -> str:
+ """Guess TF-PSA-Crypto source code directory.
+
+ Return the first possible TF-PSA-Crypto root directory.
+ Raise an exception if we are not in TF-PSA-Crypto.
+ """
+ if root is None:
+ root = guess_project_root()
+ if looks_like_tf_psa_crypto_root(root):
+ return root
+ else:
+ raise Exception('TF-PSA-Crypto source tree not found')
diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py
index 285d6c6..ebfd55c 100644
--- a/scripts/mbedtls_dev/crypto_knowledge.py
+++ b/scripts/mbedtls_dev/crypto_knowledge.py
@@ -131,8 +131,8 @@
'PSA_DH_FAMILY_RFC7919': (2048, 3072, 4096, 6144, 8192),
} # type: Dict[str, Tuple[int, ...]]
ECC_KEY_SIZES = {
- 'PSA_ECC_FAMILY_SECP_K1': (192, 224, 256),
- 'PSA_ECC_FAMILY_SECP_R1': (225, 256, 384, 521),
+ 'PSA_ECC_FAMILY_SECP_K1': (192, 225, 256),
+ 'PSA_ECC_FAMILY_SECP_R1': (224, 256, 384, 521),
'PSA_ECC_FAMILY_SECP_R2': (160,),
'PSA_ECC_FAMILY_SECT_K1': (163, 233, 239, 283, 409, 571),
'PSA_ECC_FAMILY_SECT_R1': (163, 233, 283, 409, 571),
diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py
index 32e5009..b21a0cf 100644
--- a/scripts/mbedtls_dev/psa_information.py
+++ b/scripts/mbedtls_dev/psa_information.py
@@ -6,7 +6,8 @@
#
import re
-from typing import Dict, FrozenSet, List, Optional
+from collections import OrderedDict
+from typing import FrozenSet, List, Optional
from . import macro_collector
@@ -86,22 +87,31 @@
return sorted(psa_want_symbol(name) for name in used)
# Define set of regular expressions and dependencies to optionally append
-# extra dependencies for test case.
-AES_128BIT_ONLY_DEP_REGEX = r'AES\s(192|256)'
-AES_128BIT_ONLY_DEP = ["!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"]
+# extra dependencies for test case based on key description.
-DEPENDENCY_FROM_KEY = {
- AES_128BIT_ONLY_DEP_REGEX: AES_128BIT_ONLY_DEP
-}#type: Dict[str, List[str]]
-def generate_key_dependencies(description: str) -> List[str]:
- """Return additional dependencies based on pairs of REGEX and dependencies.
+# Skip AES test cases which require 192- or 256-bit key
+# if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH defined
+AES_128BIT_ONLY_DEP_REGEX = re.compile(r'AES\s(192|256)')
+AES_128BIT_ONLY_DEP = ['!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH']
+# Skip AES/ARIA/CAMELLIA test cases which require decrypt operation in ECB mode
+# if MBEDTLS_BLOCK_CIPHER_NO_DECRYPT enabled.
+ECB_NO_PADDING_DEP_REGEX = re.compile(r'(AES|ARIA|CAMELLIA).*ECB_NO_PADDING')
+ECB_NO_PADDING_DEP = ['!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT']
+
+DEPENDENCY_FROM_DESCRIPTION = OrderedDict()
+DEPENDENCY_FROM_DESCRIPTION[AES_128BIT_ONLY_DEP_REGEX] = AES_128BIT_ONLY_DEP
+DEPENDENCY_FROM_DESCRIPTION[ECB_NO_PADDING_DEP_REGEX] = ECB_NO_PADDING_DEP
+def generate_deps_from_description(
+ description: str
+ ) -> List[str]:
+ """Return additional dependencies based on test case description and REGEX.
"""
- deps = []
- for regex, dep in DEPENDENCY_FROM_KEY.items():
+ dep_list = []
+ for regex, deps in DEPENDENCY_FROM_DESCRIPTION.items():
if re.search(regex, description):
- deps += dep
+ dep_list += deps
- return deps
+ return dep_list
# A temporary hack: at the time of writing, not all dependency symbols
# are implemented yet. Skip test cases for which the dependency symbols are
diff --git a/scripts/prepare_release.sh b/scripts/prepare_release.sh
index 7f972e0..3b63ed9 100755
--- a/scripts/prepare_release.sh
+++ b/scripts/prepare_release.sh
@@ -39,11 +39,11 @@
GITIGNORES=$(find . -name ".gitignore")
for GITIGNORE in $GITIGNORES; do
if [ -n "$unrelease" ]; then
- sed -i '/###START_COMMENTED_GENERATED_FILES###/,/###END_COMMENTED_GENERATED_FILES###/s/^# //' $GITIGNORE
+ sed -i '/###START_COMMENTED_GENERATED_FILES###/,/###END_COMMENTED_GENERATED_FILES###/s/^#//' $GITIGNORE
sed -i 's/###START_COMMENTED_GENERATED_FILES###/###START_GENERATED_FILES###/' $GITIGNORE
sed -i 's/###END_COMMENTED_GENERATED_FILES###/###END_GENERATED_FILES###/' $GITIGNORE
else
- sed -i '/###START_GENERATED_FILES###/,/###END_GENERATED_FILES###/s/^/# /' $GITIGNORE
+ sed -i '/###START_GENERATED_FILES###/,/###END_GENERATED_FILES###/s/^/#/' $GITIGNORE
sed -i 's/###START_GENERATED_FILES###/###START_COMMENTED_GENERATED_FILES###/' $GITIGNORE
sed -i 's/###END_GENERATED_FILES###/###END_COMMENTED_GENERATED_FILES###/' $GITIGNORE
fi
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 0869aaa..68bc57f 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -1,5 +1,8 @@
+find_package(Threads)
+
set(libs
${mbedtls_target}
+ ${CMAKE_THREAD_LIBS_INIT}
)
# Set the project root directory if it's not already defined, as may happen if
diff --git a/tests/Makefile b/tests/Makefile
index 2249a55..f82c267 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -1,78 +1,21 @@
-
-# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
-
-CFLAGS ?= -O2
-WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
-LDFLAGS ?=
+MBEDTLS_TEST_PATH = .
+include ../scripts/common.make
# Set this to -v to see the details of failing test cases
TEST_FLAGS ?= $(if $(filter-out 0 OFF Off off NO No no FALSE False false N n,$(CTEST_OUTPUT_ON_FAILURE)),-v,)
-default: all
-
-# Include public header files from ../include, test-specific header files
-# from ./include, and private header files (used by some invasive tests)
-# from ../library.
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I./include -I../include -I../library -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = -L../library \
- -lmbedtls$(SHARED_SUFFIX) \
- -lmbedx509$(SHARED_SUFFIX) \
- -lmbedcrypto$(SHARED_SUFFIX)
-
-include ../3rdparty/Makefile.inc
-LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
+# Also include library headers, for the sake of invasive tests.
+LOCAL_CFLAGS += -I../library
# Enable definition of various functions used throughout the testsuite
# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
# on non-POSIX platforms.
LOCAL_CFLAGS += -D_POSIX_C_SOURCE=200809L
-ifndef SHARED
-MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
-else
-MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
-endif
-
-ifdef DEBUG
-LOCAL_CFLAGS += -g3
-endif
-
ifdef RECORD_PSA_STATUS_COVERAGE_LOG
LOCAL_CFLAGS += -Werror -DRECORD_PSA_STATUS_COVERAGE_LOG
endif
-# if we're running on Windows, build for Windows
-ifdef WINDOWS
-WINDOWS_BUILD=1
-endif
-
-ifdef WINDOWS_BUILD
-DLEXT=dll
-EXEXT=.exe
-LOCAL_LDFLAGS += -lws2_32 -lbcrypt
-ifdef SHARED
-SHARED_SUFFIX=.$(DLEXT)
-endif
-else
-DLEXT ?= so
-EXEXT=
-SHARED_SUFFIX=
-endif
-
-ifdef WINDOWS
-PYTHON ?= python
-else
-PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi)
-endif
-
-# See root Makefile
-GEN_FILES ?= yes
-ifdef GEN_FILES
-gen_file_dep =
-else
-gen_file_dep = |
-endif
-
.PHONY: generated_files
GENERATED_BIGNUM_DATA_FILES := $(patsubst tests/%,%,$(shell \
$(PYTHON) scripts/generate_bignum_tests.py --list || \
@@ -167,11 +110,6 @@
all: $(BINARIES)
-$(MBEDLIBS):
- $(MAKE) -C ../library
-
-MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c src/test_helpers/*.c))
-
mbedtls_test: $(MBEDTLS_TEST_OBJS)
TEST_OBJS_DEPS = $(wildcard include/test/*.h include/test/*/*.h)
@@ -226,7 +164,7 @@
$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS)
echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTLS_TEST_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
clean:
ifndef WINDOWS
@@ -247,13 +185,6 @@
if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h
endif
-neat: clean
-ifndef WINDOWS
- rm -f $(GENERATED_FILES)
-else
- for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f
-endif
-
# Test suites caught by SKIP_TEST_SUITES are built but not executed.
check: $(BINARIES)
perl scripts/run-test-suites.pl $(TEST_FLAGS) --skip=$(SKIP_TEST_SUITES)
diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h
index 950a174..2fe47e4 100644
--- a/tests/include/test/drivers/cipher.h
+++ b/tests/include/test/drivers/cipher.h
@@ -23,11 +23,17 @@
/* If not PSA_SUCCESS, return this error code instead of processing the
* function call. */
psa_status_t forced_status;
+ psa_status_t forced_status_encrypt;
+ psa_status_t forced_status_set_iv;
/* Count the amount of times one of the cipher driver functions is called. */
unsigned long hits;
+ unsigned long hits_encrypt;
+ unsigned long hits_set_iv;
} mbedtls_test_driver_cipher_hooks_t;
-#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 }
+#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, \
+ PSA_SUCCESS, PSA_SUCCESS, PSA_SUCCESS, \
+ 0, 0, 0 }
static inline mbedtls_test_driver_cipher_hooks_t
mbedtls_test_driver_cipher_hooks_init(void)
{
diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h
index 9e2c898..526adbb 100644
--- a/tests/include/test/drivers/key_management.h
+++ b/tests/include/test/drivers/key_management.h
@@ -26,6 +26,8 @@
/* Count the amount of times one of the key management driver functions
* is called. */
unsigned long hits;
+ /* Subset of hits which only counts key operations with EC key */
+ unsigned long hits_export_public_key;
/* Location of the last key management driver called to import a key. */
psa_key_location_t location;
} mbedtls_test_driver_key_management_hooks_t;
@@ -34,7 +36,7 @@
* sense that no PSA specification will assign a meaning to this location
* (stated first in version 1.0.1 of the specification) and that it is not
* used as a location of an opaque test drivers. */
-#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0x800000 }
+#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0, 0x800000 }
static inline mbedtls_test_driver_key_management_hooks_t
mbedtls_test_driver_key_management_hooks_init(void)
{
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index ba117fb..7c962a2 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -20,6 +20,21 @@
#include "mbedtls/build_info.h"
+#if defined(__SANITIZE_ADDRESS__) /* gcc -fsanitize=address */
+# define MBEDTLS_TEST_HAVE_ASAN
+#endif
+#if defined(__has_feature)
+# if __has_feature(address_sanitizer) /* clang -fsanitize=address */
+# define MBEDTLS_TEST_HAVE_ASAN
+# endif
+# if __has_feature(memory_sanitizer) /* clang -fsanitize=memory */
+# define MBEDTLS_TEST_HAVE_MSAN
+# endif
+# if __has_feature(thread_sanitizer) /* clang -fsanitize=thread */
+# define MBEDTLS_TEST_HAVE_TSAN
+# endif
+#endif
+
#if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \
defined(MBEDTLS_TEST_HOOKS)
#define MBEDTLS_TEST_MUTEX_USAGE
@@ -240,10 +255,18 @@
#endif
#if defined(MBEDTLS_TEST_MUTEX_USAGE)
-/** Permanently activate the mutex usage verification framework. See
- * threading_helpers.c for information. */
+/**
+ * Activate the mutex usage verification framework. See threading_helpers.c for
+ * information.
+ * */
void mbedtls_test_mutex_usage_init(void);
+/**
+ * Deactivate the mutex usage verification framework. See threading_helpers.c
+ * for information.
+ */
+void mbedtls_test_mutex_usage_end(void);
+
/** Call this function after executing a test case to check for mutex usage
* errors. */
void mbedtls_test_mutex_usage_check(void);
diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h
index 04b90b9..41d204d 100644
--- a/tests/include/test/psa_crypto_helpers.h
+++ b/tests/include/test/psa_crypto_helpers.h
@@ -367,6 +367,30 @@
#define MD_PSA_DONE() ((void) 0)
#endif /* MBEDTLS_MD_SOME_PSA */
+/** \def BLOCK_CIPHER_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if BLOCK_CIPHER uses a driver,
+ * and do nothing otherwise.
+ *
+ * If the initialization fails, mark the test case as failed and jump to the
+ * \p exit label.
+ */
+/** \def BLOCK_CIPHER_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #BLOCK_CIPHER_PSA_INIT.
+ *
+ * This is like #PSA_DONE except it does nothing under the same conditions as
+ * #BLOCK_CIPHER_PSA_INIT.
+ */
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+#define BLOCK_CIPHER_PSA_INIT() PSA_INIT()
+#define BLOCK_CIPHER_PSA_DONE() PSA_DONE()
+#else /* MBEDTLS_MD_SOME_PSA */
+#define BLOCK_CIPHER_PSA_INIT() ((void) 0)
+#define BLOCK_CIPHER_PSA_DONE() ((void) 0)
+#endif /* MBEDTLS_MD_SOME_PSA */
+
+
/** \def MD_OR_USE_PSA_INIT
*
* Call this macro to initialize the PSA subsystem if MD uses a driver,
@@ -392,4 +416,27 @@
#define MD_OR_USE_PSA_DONE() ((void) 0)
#endif
+/** \def AES_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if AES_C is not defined,
+ * so that CTR_DRBG uses PSA implementation to get AES-ECB.
+ *
+ * If the initialization fails, mark the test case as failed and jump to the
+ * \p exit label.
+ */
+/** \def AES_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #AES_PSA_INIT.
+ *
+ * This is like #PSA_DONE except it does nothing under the same conditions as
+ * #AES_PSA_INIT.
+ */
+#if defined(MBEDTLS_AES_C)
+#define AES_PSA_INIT() ((void) 0)
+#define AES_PSA_DONE() ((void) 0)
+#else /* MBEDTLS_AES_C */
+#define AES_PSA_INIT() PSA_INIT()
+#define AES_PSA_DONE() PSA_DONE()
+#endif /* MBEDTLS_AES_C */
+
#endif /* PSA_CRYPTO_HELPERS_H */
diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh
index 9208384..c1682e3 100755
--- a/tests/opt-testcases/tls13-misc.sh
+++ b/tests/opt-testcases/tls13-misc.sh
@@ -261,9 +261,11 @@
requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3 m->G: EarlyData: basic check, good" \
- "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --earlydata --disable-client-cert" \
- "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \
+ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \
+ --earlydata --maxearlydata 16384 --disable-client-cert" \
+ "$P_CLI debug_level=4 early_data=$EARLY_DATA_INPUT reco_mode=1 reconnect=1 reco_delay=900" \
0 \
+ -c "received max_early_data_size: 16384" \
-c "Reconnecting with saved session" \
-c "NewSessionTicket: early_data(42) extension received." \
-c "ClientHello: early_data(42) extension exists." \
@@ -285,7 +287,7 @@
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3 m->G: EarlyData: no early_data in NewSessionTicket, good" \
"$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --disable-client-cert" \
- "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1" \
+ "$P_CLI debug_level=4 early_data=$EARLY_DATA_INPUT reco_mode=1 reconnect=1" \
0 \
-c "Reconnecting with saved session" \
-C "NewSessionTicket: early_data(42) extension received." \
@@ -489,34 +491,19 @@
EARLY_DATA_INPUT_LEN=$(( $EARLY_DATA_INPUT_LEN_BLOCKS * 32 ))
requires_gnutls_next
-requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \
- MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
- MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
-requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
-run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \
- "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=-1" \
- "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL -d 10 -r --earlydata $EARLY_DATA_INPUT" \
- 1 \
- -s "ClientHello: early_data(42) extension exists." \
- -s "EncryptedExtensions: early_data(42) extension does not exist." \
- -s "NewSessionTicket: early_data(42) extension does not exist." \
- -s "Last error was: -29056 - SSL - Verification of the message MAC failed"
-
-requires_gnutls_next
requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
-run_test "TLS 1.3 G->m: EarlyData: feature is enabled, fail." \
+run_test "TLS 1.3 G->m: EarlyData: feature is enabled, good." \
"$P_SRV force_version=tls13 debug_level=4 max_early_data_size=$EARLY_DATA_INPUT_LEN" \
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:+KX-ALL \
-d 10 -r --earlydata $EARLY_DATA_INPUT " \
- 1 \
+ 0 \
+ -s "NewSessionTicket: early_data(42) extension exists." \
+ -s "Sent max_early_data_size=$EARLY_DATA_INPUT_LEN" \
-s "ClientHello: early_data(42) extension exists." \
-s "EncryptedExtensions: early_data(42) extension exists." \
- -s "NewSessionTicket: early_data(42) extension does not exist." \
- -s "Last error was: -29056 - SSL - Verification of the message MAC failed"
+ -s "$( tail -1 $EARLY_DATA_INPUT )"
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 929b093..44930d2 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -74,6 +74,7 @@
# * component_check_XXX: quick tests that aren't worth parallelizing.
# * component_build_XXX: build things but don't run them.
# * component_test_XXX: build and test.
+# * component_release_XXX: tests that the CI should skip during PR testing.
# * support_XXX: if support_XXX exists and returns false then
# component_XXX is not run by default.
# * post_XXX: things to do after running the tests.
@@ -163,6 +164,9 @@
# basic-build-test.sh as well.
RELEASE_SEED=1
+ # Specify character collation for regular expressions and sorting with C locale
+ export LC_COLLATE=C
+
: ${MBEDTLS_TEST_OUTCOME_FILE=}
: ${MBEDTLS_TEST_PLATFORM="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
export MBEDTLS_TEST_OUTCOME_FILE
@@ -186,6 +190,10 @@
if [ -z "${MAKEFLAGS+set}" ]; then
export MAKEFLAGS="-j$(all_sh_nproc)"
fi
+ # if CC is not set, use clang by default (if present) to improve build times
+ if [ -z "${CC+set}" ] && (type clang > /dev/null 2>&1); then
+ export CC="clang"
+ fi
# Include more verbose output for failing tests run by CMake or make
export CTEST_OUTPUT_ON_FAILURE=1
@@ -193,6 +201,8 @@
# CFLAGS and LDFLAGS for Asan builds that don't use CMake
# default to -O2, use -Ox _after_ this if you want another level
ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all'
+ # Normally, tests should use this compiler for ASAN testing
+ ASAN_CC=clang
# Platform tests have an allocation that returns null
export ASAN_OPTIONS="allocator_may_return_null=1"
@@ -202,15 +212,8 @@
# defined in this script whose name starts with "component_".
ALL_COMPONENTS=$(compgen -A function component_ | sed 's/component_//')
- # Exclude components that are not supported on this platform.
- SUPPORTED_COMPONENTS=
- for component in $ALL_COMPONENTS; do
- case $(type "support_$component" 2>&1) in
- *' function'*)
- if ! support_$component; then continue; fi;;
- esac
- SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component"
- done
+ # Delay determinig SUPPORTED_COMPONENTS until the command line options have a chance to override
+ # the commands set by the environment
}
# Test whether the component $1 is included in the command line patterns.
@@ -397,13 +400,12 @@
FLAGS="$1"
msg "build: ARM Compiler 6 ($FLAGS)"
+ make clean
ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \
WARNING_CFLAGS='-Werror -xc -std=c99' make lib
msg "size: ARM Compiler 6 ($FLAGS)"
"$ARMC6_FROMELF" -z library/*.o
-
- make clean
}
err_msg()
@@ -421,22 +423,11 @@
done
}
-pre_parse_command_line_for_dirs () {
- # Make an early pass through the options given, so we can set directories
- # for Arm compilers, before SUPPORTED_COMPONENTS is determined.
- while [ $# -gt 0 ]; do
- case "$1" in
- --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
- --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
- esac
- shift
- done
-}
-
pre_parse_command_line () {
COMMAND_LINE_COMPONENTS=
all_except=0
error_test=0
+ list_components=0
restore_first=0
no_armcc=
@@ -449,8 +440,8 @@
--arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";;
--arm-linux-gnueabi-gcc-prefix) shift; ARM_LINUX_GNUEABI_GCC_PREFIX="$1";;
--armcc) no_armcc=;;
- --armc5-bin-dir) shift; ;; # assignment to ARMC5_BIN_DIR done in pre_parse_command_line_for_dirs
- --armc6-bin-dir) shift; ;; # assignment to ARMC6_BIN_DIR done in pre_parse_command_line_for_dirs
+ --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
+ --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
--clang-earliest) shift; CLANG_EARLIEST="$1";;
--clang-latest) shift; CLANG_LATEST="$1";;
--error-test) error_test=$((error_test + 1));;
@@ -465,7 +456,7 @@
--help|-h) usage; exit;;
--keep-going|-k) KEEP_GOING=1;;
--list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;;
- --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;;
+ --list-components) list_components=1;;
--memory|-m) MEMORY=1;;
--no-append-outcome) append_outcome=0;;
--no-armcc) no_armcc=1;;
@@ -492,6 +483,21 @@
shift
done
+ # Exclude components that are not supported on this platform.
+ SUPPORTED_COMPONENTS=
+ for component in $ALL_COMPONENTS; do
+ case $(type "support_$component" 2>&1) in
+ *' function'*)
+ if ! support_$component; then continue; fi;;
+ esac
+ SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component"
+ done
+
+ if [ $list_components -eq 1 ]; then
+ printf '%s\n' $SUPPORTED_COMPONENTS
+ exit
+ fi
+
# With no list of components, run everything.
if [ -z "$COMMAND_LINE_COMPONENTS" ] && [ $restore_first -eq 0 ]; then
all_except=1
@@ -745,7 +751,7 @@
# Require OpenSSL and GnuTLS if running any tests (as opposed to
# only doing builds). Not all tests run OpenSSL and GnuTLS, but this
# is a good enough approximation in practice.
- *" test_"*)
+ *" test_"* | *" release_test_"*)
# To avoid setting OpenSSL and GnuTLS for each call to compat.sh
# and ssl-opt.sh, we just export the variables they require.
export OPENSSL="$OPENSSL"
@@ -926,7 +932,7 @@
# Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed.
helper_libtestdriver1_make_drivers() {
loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
- make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
}
# Build the main libraries, programs and tests,
@@ -944,7 +950,7 @@
# we need flags both with and without the LIBTESTDRIVER1_ prefix
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
- make CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@"
}
################################################################
@@ -1047,10 +1053,12 @@
grep -v MBEDTLS_PSA_ |
sort -u > $found
- # Expected ones with justification - keep in sorted order!
+ # Expected ones with justification - keep in sorted order by ASCII table!
rm -f $expected
# No PSA equivalent - WANT_KEY_TYPE_AES means all sizes
echo "!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" >> $expected
+ # No PSA equivalent - used to skip decryption tests in PSA-ECB, CBC/XTS/NIST_KW/DES
+ echo "!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT" >> $expected
# This is used by import_rsa_made_up() in test_suite_psa_crypto in order
# to build a fake RSA key of the wanted size based on
# PSA_VENDOR_RSA_MAX_KEY_BITS. The legacy module is only used by
@@ -1270,14 +1278,14 @@
# whether they're on or off. So, disable cmake's (over-sensitive here)
# dependency resolution for generated files and just rely on them being
# present (thanks to pre_generate_files) by turning GEN_FILES off.
- CC=gcc cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan .
tests/scripts/test-ref-configs.pl
}
component_test_no_renegotiation () {
msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min
scripts/config.py unset MBEDTLS_SSL_RENEGOTIATION
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s
@@ -1293,7 +1301,7 @@
scripts/config.py unset MBEDTLS_FS_IO
scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C # requires a filesystem
scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA ITS
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - main suites (inc. selftests) (ASan build)" # ~ 50s
@@ -1306,7 +1314,7 @@
component_test_rsa_no_crt () {
msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min
scripts/config.py set MBEDTLS_RSA_NO_CRT
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
@@ -1329,7 +1337,7 @@
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: Full minus CTR_DRBG, classic crypto - main suites"
@@ -1351,7 +1359,7 @@
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - main suites"
@@ -1375,7 +1383,7 @@
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: Full minus HMAC_DRBG, classic crypto - main suites"
@@ -1402,7 +1410,7 @@
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - main suites"
@@ -1437,7 +1445,7 @@
# When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG,
# the SSL test programs don't have an RNG and can't work. Explicitly
# make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG.
- make CFLAGS="$ASAN_CFLAGS -O2 -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS"
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites"
make test
@@ -1456,7 +1464,7 @@
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites"
make test
@@ -1471,7 +1479,7 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_CTR_DRBG_C
- make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
make test
@@ -1489,7 +1497,7 @@
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ
scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE
- make CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"
msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY"
make test
@@ -1523,7 +1531,7 @@
# Note: MD-light is auto-enabled in build_info.h by modules that need it,
# which we haven't disabled, so no need to explicitly enable it.
- make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
# Make sure we don't have the HMAC functions, but the hashing functions
not grep mbedtls_md_hmac library/md.o
@@ -1533,7 +1541,7 @@
make test
}
-component_test_full_no_cipher () {
+component_test_full_no_cipher_no_psa_crypto () {
msg "build: full no CIPHER no PSA_CRYPTO_C"
scripts/config.py full
scripts/config.py unset MBEDTLS_CIPHER_C
@@ -1541,12 +1549,8 @@
# (currently ignored anyway because we completely disable PSA)
scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG
# Disable features that depend on CIPHER_C
- scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CMAC_C
- scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_NIST_KW_C
- scripts/config.py unset MBEDTLS_PKCS12_C
- scripts/config.py unset MBEDTLS_PKCS5_C
scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
scripts/config.py unset MBEDTLS_SSL_TLS_C
scripts/config.py unset MBEDTLS_SSL_TICKET_C
@@ -1556,15 +1560,14 @@
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
- make CFLAGS='-DMBEDTLS_BLOCK_CIPHER_C'
msg "test: full no CIPHER no PSA_CRYPTO_C"
make test
}
# This is a common configurator and test function that is used in:
-# - component_test_full_no_cipher_with_crypto
-# - component_test_full_no_cipher_with_crypto_config
+# - component_test_full_no_cipher_with_psa_crypto
+# - component_test_full_no_cipher_with_psa_crypto_config
# It accepts 2 input parameters:
# - $1: boolean value which basically reflects status of MBEDTLS_PSA_CRYPTO_CONFIG
# - $2: a text string which describes the test component
@@ -1582,9 +1585,7 @@
# on CIPHER_C so we disable them.
# This does not hold for KEY_TYPE_CHACHA20 and ALG_CHACHA20_POLY1305
# so we keep them enabled.
- scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG
- scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CMAC
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_NO_PADDING
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_PKCS7
@@ -1593,30 +1594,17 @@
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECB_NO_PADDING
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_OFB
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_STREAM_CIPHER
- scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_AES
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DES
- scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_CAMELLIA
- scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_ARIA
else
# Don't pull in cipher via PSA mechanisms
scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG
# Disable cipher modes/keys that make PSA depend on CIPHER_C.
# Keep CHACHA20 and CHACHAPOLY enabled since they do not depend on CIPHER_C.
scripts/config.py unset-all MBEDTLS_CIPHER_MODE
- scripts/config.py unset MBEDTLS_AES_C
- scripts/config.py unset MBEDTLS_DES_C
- scripts/config.py unset MBEDTLS_ARIA_C
- scripts/config.py unset MBEDTLS_CAMELLIA_C
- # Dependencies on AES_C
- scripts/config.py unset MBEDTLS_CTR_DRBG_C
fi
# The following modules directly depends on CIPHER_C
- scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CMAC_C
- scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_NIST_KW_C
- scripts/config.py unset MBEDTLS_PKCS12_C
- scripts/config.py unset MBEDTLS_PKCS5_C
make
@@ -1627,11 +1615,11 @@
make test
}
-component_test_full_no_cipher_with_crypto() {
+component_test_full_no_cipher_with_psa_crypto() {
common_test_full_no_cipher_with_psa_crypto 0 "full no CIPHER no CRYPTO_CONFIG"
}
-component_test_full_no_cipher_with_crypto_config() {
+component_test_full_no_cipher_with_psa_crypto_config() {
common_test_full_no_cipher_with_psa_crypto 1 "full no CIPHER"
}
@@ -1963,7 +1951,7 @@
scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED"
scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED
- make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
msg "test: Everest ECDH context, only Curve25519" # ~ 50s
make test
@@ -1973,7 +1961,7 @@
msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
@@ -1984,7 +1972,7 @@
msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 4096
scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
@@ -1994,7 +1982,7 @@
component_test_small_ssl_dtls_max_buffering () {
msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0"
scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test"
@@ -2004,7 +1992,7 @@
component_test_small_mbedtls_ssl_dtls_max_buffering () {
msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1"
scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 190
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test"
@@ -2109,7 +2097,7 @@
make test
}
-component_test_valgrind_constant_flow () {
+component_release_test_valgrind_constant_flow () {
# This tests both (1) everything that valgrind's memcheck usually checks
# (heap buffer overflows, use of uninitialized memory, use-after-free,
# etc.) and (2) branches or memory access depending on secret values,
@@ -2143,7 +2131,7 @@
make memcheck
}
-component_test_valgrind_constant_flow_psa () {
+component_release_test_valgrind_constant_flow_psa () {
# This tests both (1) everything that valgrind's memcheck usually checks
# (heap buffer overflows, use of uninitialized memory, use-after-free,
# etc.) and (2) branches or memory access depending on secret values,
@@ -2166,12 +2154,25 @@
make memcheck
}
+component_test_tsan () {
+ msg "build: TSan (clang)"
+ scripts/config.py full
+ scripts/config.py set MBEDTLS_THREADING_C
+ scripts/config.py set MBEDTLS_THREADING_PTHREAD
+
+ CC=clang cmake -D CMAKE_BUILD_TYPE:String=TSan .
+ make
+
+ msg "test: main suites (TSan)"
+ make test
+}
+
component_test_default_no_deprecated () {
# Test that removing the deprecated features from the default
# configuration leaves something consistent.
msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s
scripts/config.py set MBEDTLS_DEPRECATED_REMOVED
- make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
+ make CFLAGS='-O -Werror -Wall -Wextra'
msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s
make test
@@ -2180,7 +2181,7 @@
component_test_full_no_deprecated () {
msg "build: make, full_no_deprecated config" # ~ 30s
scripts/config.py full_no_deprecated
- make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
+ make CFLAGS='-O -Werror -Wall -Wextra'
msg "test: make, full_no_deprecated config" # ~ 5s
make test
@@ -2197,7 +2198,7 @@
scripts/config.py full_no_deprecated
scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED
scripts/config.py set MBEDTLS_DEPRECATED_WARNING
- make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
+ make CFLAGS='-O -Werror -Wall -Wextra'
msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s
make test
@@ -2210,6 +2211,8 @@
scripts/config.py full
scripts/config.py set MBEDTLS_DEPRECATED_WARNING
# Expect warnings from '#warning' directives in check_config.h.
+ # Note that gcc is required to allow the use of -Wno-error=cpp, which allows us to
+ # display #warning messages without them being treated as errors.
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs
msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s
@@ -2380,7 +2383,7 @@
scripts/config.py set MBEDTLS_X509_CRT_WRITE_C
# Only compile - this is primarily to test for compile issues
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy'
+ make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy'
}
component_build_module_alt () {
@@ -2413,7 +2416,7 @@
# We can only compile, not link, since we don't have any implementations
# suitable for testing with the dummy alt headers.
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib
+ make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib
}
component_build_dhm_alt () {
@@ -2424,7 +2427,7 @@
scripts/config.py unset MBEDTLS_DEBUG_C
# We can only compile, not link, since we don't have any implementations
# suitable for testing with the dummy alt headers.
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib
+ make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib
}
component_test_no_use_psa_crypto_full_cmake_asan() {
@@ -2439,7 +2442,7 @@
scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)"
@@ -3250,14 +3253,6 @@
#
# Enable filesystem I/O for the benefit of PK parse/write tests.
echo "#define MBEDTLS_FS_IO" >> "$CONFIG_H"
-
- # Config adjustments for features that are not supported
- # when using only drivers / by p256-m
- #
- # Disable all the features that auto-enable ECP_LIGHT (see config_adjust_legacy_crypto.h)
- scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
- # Disable deterministic ECDSA as p256-m only does randomized
- scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
}
# Keep this in sync with component_test_tfm_config() as they are both meant
@@ -3267,8 +3262,8 @@
common_tfm_config
- # Build crypto library specifying we want to use P256M code for EC operations
- make CFLAGS="$ASAN_CFLAGS -DMBEDTLS_PSA_P256M_DRIVER_ENABLED -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS"
+ # Build crypto library
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS"
# Make sure any built-in EC alg was not re-enabled by accident (additive config)
not grep mbedtls_ecdsa_ library/ecdsa.o
@@ -3279,6 +3274,12 @@
not grep mbedtls_rsa_ library/rsa.o
not grep mbedtls_dhm_ library/dhm.o
not grep mbedtls_mpi_ library/bignum.o
+ # Check that p256m was built
+ grep -q p256_ecdsa_ library/libmbedcrypto.a
+
+ # In "config-tfm.h" we disabled CIPHER_C tweaking TF-M's configuration
+ # files, so we want to ensure that it has not be re-enabled accidentally.
+ not grep mbedtls_cipher library/cipher.o
# Run the tests
msg "test: TF-M config + p256m driver + accel ECDH(E)/ECDSA"
@@ -3291,9 +3292,20 @@
component_test_tfm_config() {
common_tfm_config
+ # Disable P256M driver, which is on by default, so that analyze_outcomes
+ # can compare this test with test_tfm_config_p256m_driver_accel_ec
+ echo "#undef MBEDTLS_PSA_P256M_DRIVER_ENABLED" >> "$CONFIG_H"
+
msg "build: TF-M config"
make CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' tests
+ # Check that p256m was not built
+ not grep p256_ecdsa_ library/libmbedcrypto.a
+
+ # In "config-tfm.h" we disabled CIPHER_C tweaking TF-M's configuration
+ # files, so we want to ensure that it has not be re-enabled accidentally.
+ not grep mbedtls_cipher library/cipher.o
+
msg "test: TF-M config"
make test
}
@@ -3354,7 +3366,7 @@
# crypto_config.h so we just disable the one we don't want.
scripts/config.py -f "$CRYPTO_CONFIG_H" unset "$disabled_psa_want"
- make CC=gcc CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
msg "test: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}"
make test
@@ -3368,77 +3380,75 @@
build_and_test_psa_want_key_pair_partial "ECC" "GENERATE"
}
-component_test_psa_crypto_config_accel_rsa_signature () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature"
+config_psa_crypto_accel_rsa () {
+ driver_only=$1
- loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY"
+ # Start from crypto_full config (no X.509, no TLS)
+ helper_libtestdriver1_adjust_config "crypto_full"
+
+ if [ "$driver_only" -eq 1 ]; then
+ # Remove RSA support and its dependencies
+ scripts/config.py unset MBEDTLS_RSA_C
+ scripts/config.py unset MBEDTLS_PKCS1_V15
+ scripts/config.py unset MBEDTLS_PKCS1_V21
+
+ # We need PEM parsing in the test library as well to support the import
+ # of PEM encoded RSA keys.
+ scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_PEM_PARSE_C
+ scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_BASE64_C
+ fi
+}
+
+component_test_psa_crypto_config_accel_rsa_crypto () {
+ msg "build: crypto_full with accelerated RSA"
+
+ loc_accel_list="ALG_RSA_OAEP ALG_RSA_PSS \
+ ALG_RSA_PKCS1V15_CRYPT ALG_RSA_PKCS1V15_SIGN \
+ KEY_TYPE_RSA_PUBLIC_KEY \
+ KEY_TYPE_RSA_KEY_PAIR_BASIC \
+ KEY_TYPE_RSA_KEY_PAIR_GENERATE \
+ KEY_TYPE_RSA_KEY_PAIR_IMPORT \
+ KEY_TYPE_RSA_KEY_PAIR_EXPORT"
# Configure
# ---------
- # Start from default config (no TLS 1.3, no USE_PSA)
- helper_libtestdriver1_adjust_config "default"
-
- # It seems it is not possible to remove only the support for RSA signature
- # in the library. Thus we have to remove all RSA support (signature and
- # encryption/decryption). AS there is no driver support for asymmetric
- # encryption/decryption so far remove RSA encryption/decryption from the
- # application algorithm list.
- scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
- scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
-
- # Remove RSA support and its dependencies
- scripts/config.py unset MBEDTLS_RSA_C
- scripts/config.py unset MBEDTLS_PKCS1_V15
- scripts/config.py unset MBEDTLS_PKCS1_V21
- scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-
- # Make sure both the library and the test library support the SHA hash
- # algorithms and only those ones (SHA256 is included by default). That way:
- # - the test library can compute the RSA signatures even in the case of a
- # composite RSA signature algorithm based on a SHA hash (no other hash
- # used in the unit tests).
- # - the dependency of RSA signature tests on PSA_WANT_ALG_SHA_xyz is
- # fulfilled as the hash SHA algorithm is supported by the library, and
- # thus the tests are run, not skipped.
- # - when testing a signature key with an algorithm wildcard built from
- # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash
- # algorithm based on the hashes supported by the library is also
- # supported by the test library.
- # Disable unwanted hashes here, we'll enable hashes we want in loc_extra_list.
- scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5
- scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160_C
- scripts/config.py unset MBEDTLS_MD5_C
- scripts/config.py unset MBEDTLS_RIPEMD160_C
-
- # We need PEM parsing in the test library as well to support the import
- # of PEM encoded RSA keys.
- scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_PEM_PARSE_C
- scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_BASE64_C
+ config_psa_crypto_accel_rsa 1
# Build
# -----
- # These hashes are needed for some RSA-PSS signature tests.
+ # These hashes are needed for unit tests.
loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \
- ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512"
+ ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512 ALG_MD5"
helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list"
helper_libtestdriver1_make_main "$loc_accel_list"
# Make sure this was not re-enabled by accident (additive config)
- not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o
- not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o
+ not grep mbedtls_rsa library/rsa.o
# Run the tests
# -------------
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature"
+ msg "test: crypto_full with accelerated RSA"
+ make test
+}
+
+component_test_psa_crypto_config_reference_rsa_crypto () {
+ msg "build: crypto_full with non-accelerated RSA"
+
+ # Configure
+ # ---------
+ config_psa_crypto_accel_rsa 0
+
+ # Build
+ # -----
+ make
+
+ # Run the tests
+ # -------------
+ msg "test: crypto_full with non-accelerated RSA"
make test
}
@@ -3645,13 +3655,20 @@
tests/ssl-opt.sh
}
-component_test_psa_crypto_config_accel_cipher () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher"
+component_test_psa_crypto_config_accel_des () {
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated DES"
+ # Albeit this components aims at accelerating DES which should only support
+ # CBC and ECB modes, we need to accelerate more than that otherwise DES_C
+ # would automatically be re-enabled by "config_adjust_legacy_from_psa.c"
loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 \
ALG_CTR ALG_CFB ALG_OFB ALG_XTS ALG_CMAC \
KEY_TYPE_DES"
+ # Note: we cannot accelerate all ciphers' key types otherwise we would also
+ # have to either disable CCM/GCM or accelerate them, but that's out of scope
+ # of this component. This limitation will be addressed by #8598.
+
# Configure
# ---------
@@ -3681,7 +3698,7 @@
# Run the tests
# -------------
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher"
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated DES"
make test
}
@@ -3725,29 +3742,22 @@
}
# This is a common configuration function used in:
-# - component_test_psa_crypto_config_accel_cipher_aead
-# - component_test_psa_crypto_config_reference_cipher_aead
-common_psa_crypto_config_accel_cipher_aead() {
+# - component_test_psa_crypto_config_accel_cipher_aead_cmac
+# - component_test_psa_crypto_config_reference_cipher_aead_cmac
+common_psa_crypto_config_accel_cipher_aead_cmac() {
# Start from the full config
helper_libtestdriver1_adjust_config "full"
- # CIPHER_C is disabled in the accelerated test component so we disable
- # all the features that depend on it both in the accelerated and in the
- # reference components.
- scripts/config.py unset MBEDTLS_PKCS5_C
- scripts/config.py unset MBEDTLS_PKCS12_C
-
- scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_NIST_KW_C
}
# The 2 following test components, i.e.
-# - component_test_psa_crypto_config_accel_cipher_aead
-# - component_test_psa_crypto_config_reference_cipher_aead
+# - component_test_psa_crypto_config_accel_cipher_aead_cmac
+# - component_test_psa_crypto_config_reference_cipher_aead_cmac
# are meant to be used together in analyze_outcomes.py script in order to test
# driver's coverage for ciphers and AEADs.
-component_test_psa_crypto_config_accel_cipher_aead () {
- msg "build: full config with accelerated cipher and AEAD"
+component_test_psa_crypto_config_accel_cipher_aead_cmac () {
+ msg "build: full config with accelerated cipher inc. AEAD and CMAC"
loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB \
ALG_OFB ALG_XTS ALG_STREAM_CIPHER ALG_CCM_STAR_NO_TAG \
@@ -3757,7 +3767,7 @@
# Configure
# ---------
- common_psa_crypto_config_accel_cipher_aead
+ common_psa_crypto_config_accel_cipher_aead_cmac
# Disable the things that are being accelerated
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
@@ -3801,38 +3811,118 @@
# Run the tests
# -------------
- msg "test: full config with accelerated cipher and AEAD"
+ msg "test: full config with accelerated cipher inc. AEAD and CMAC"
make test
- msg "ssl-opt: full config with accelerated cipher and AEAD"
+ msg "ssl-opt: full config with accelerated cipher inc. AEAD and CMAC"
tests/ssl-opt.sh
- msg "compat.sh: full config with accelerated cipher and AEAD"
+ msg "compat.sh: full config with accelerated cipher inc. AEAD and CMAC"
tests/compat.sh -V NO -p mbedTLS
}
-component_test_psa_crypto_config_reference_cipher_aead () {
- msg "build: full config with non-accelerated cipher and AEAD"
- common_psa_crypto_config_accel_cipher_aead
+component_test_psa_crypto_config_reference_cipher_aead_cmac () {
+ msg "build: full config with non-accelerated cipher inc. AEAD and CMAC"
+ common_psa_crypto_config_accel_cipher_aead_cmac
make
- msg "test: full config with non-accelerated cipher and AEAD"
+ msg "test: full config with non-accelerated cipher inc. AEAD and CMAC"
make test
- msg "ssl-opt: full config with non-accelerated cipher and AEAD"
+ msg "ssl-opt: full config with non-accelerated cipher inc. AEAD and CMAC"
tests/ssl-opt.sh
- msg "compat.sh: full config with non-accelerated cipher and AEAD"
+ msg "compat.sh: full config with non-accelerated cipher inc. AEAD and CMAC"
tests/compat.sh -V NO -p mbedTLS
}
+common_block_cipher_dispatch() {
+ TEST_WITH_DRIVER="$1"
+
+ # Start from the full config
+ helper_libtestdriver1_adjust_config "full"
+
+ if [ "$TEST_WITH_DRIVER" -eq 1 ]; then
+ # Disable key types that are accelerated (there is no legacy equivalent
+ # symbol for ECB)
+ scripts/config.py unset MBEDTLS_AES_C
+ scripts/config.py unset MBEDTLS_ARIA_C
+ scripts/config.py unset MBEDTLS_CAMELLIA_C
+ fi
+
+ # Disable cipher's modes that, when not accelerated, cause
+ # legacy key types to be re-enabled in "config_adjust_legacy_from_psa.h".
+ # Keep this also in the reference component in order to skip the same tests
+ # that were skipped in the accelerated one.
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CTR
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CFB
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_OFB
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM_STAR_NO_TAG
+
+ # Disable direct dependency on AES_C
+ scripts/config.py unset MBEDTLS_NIST_KW_C
+
+ # Prevent the cipher module from using deprecated PSA path. The reason is
+ # that otherwise there will be tests relying on "aes_info" (defined in
+ # "cipher_wrap.c") whose functions are not available when AES_C is
+ # not defined. ARIA and Camellia are not a problem in this case because
+ # the PSA path is not tested for these key types.
+ scripts/config.py set MBEDTLS_DEPRECATED_REMOVED
+}
+
+component_test_full_block_cipher_psa_dispatch () {
+ msg "build: full + PSA dispatch in block_cipher"
+
+ loc_accel_list="ALG_ECB_NO_PADDING \
+ KEY_TYPE_AES KEY_TYPE_ARIA KEY_TYPE_CAMELLIA"
+
+ # Configure
+ # ---------
+
+ common_block_cipher_dispatch 1
+
+ # Build
+ # -----
+
+ helper_libtestdriver1_make_drivers "$loc_accel_list"
+
+ helper_libtestdriver1_make_main "$loc_accel_list"
+
+ # Make sure disabled components were not re-enabled by accident (additive
+ # config)
+ not grep mbedtls_aes_ library/aes.o
+ not grep mbedtls_aria_ library/aria.o
+ not grep mbedtls_camellia_ library/camellia.o
+
+ # Run the tests
+ # -------------
+
+ msg "test: full + PSA dispatch in block_cipher"
+ make test
+}
+
+# This is the reference component of component_test_full_block_cipher_psa_dispatch
+component_test_full_block_cipher_legacy_dispatch () {
+ msg "build: full + legacy dispatch in block_cipher"
+
+ common_block_cipher_dispatch 0
+
+ make
+
+ msg "test: full + legacy dispatch in block_cipher"
+ make test
+}
+
component_test_aead_chachapoly_disabled() {
msg "build: full minus CHACHAPOLY"
scripts/config.py full
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305
- make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
msg "test: full minus CHACHAPOLY"
make test
@@ -3845,7 +3935,7 @@
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM
- make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
msg "test: full minus CHACHAPOLY and GCM"
make test
@@ -3857,7 +3947,7 @@
cp "$CONFIG_TEST_DRIVER_H" "$CONFIG_H"
cp configs/crypto-config-ccm-aes-sha256.h "$CRYPTO_CONFIG_H"
- make CC=gcc
+ make
msg "test: CCM + AES + SHA256 configuration"
make test
@@ -3876,7 +3966,7 @@
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test.
@@ -3886,7 +3976,7 @@
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test.
@@ -3899,7 +3989,7 @@
# Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it.
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test.
@@ -3918,7 +4008,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test.
@@ -3937,7 +4027,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test.
@@ -3956,7 +4046,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test.
@@ -3972,7 +4062,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test.
@@ -3988,7 +4078,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test.
@@ -4006,7 +4096,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test.
@@ -4025,7 +4115,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4039,7 +4129,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4053,7 +4143,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4067,7 +4157,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4081,7 +4171,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4096,7 +4186,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4108,22 +4198,19 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
}
support_build_tfm_armcc () {
- armc6_cc="$ARMC6_BIN_DIR/armclang"
- (check_tools "$armc6_cc" > /dev/null 2>&1)
+ support_build_armcc
}
component_build_tfm_armcc() {
# test the TF-M configuration can build cleanly with various warning flags enabled
- cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
- cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+ cp configs/config-tfm.h "$CONFIG_H"
msg "build: TF-M config, armclang armv7-m thumb2"
- make clean
armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe"
}
@@ -4133,8 +4220,7 @@
# TF-M configuration needs a TF-M platform. A tweaked version of
# the configuration that works on mainstream platforms is in
# configs/config-tfm.h, tested via test-ref-configs.pl.
- cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
- cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+ cp configs/config-tfm.h "$CONFIG_H"
msg "build: TF-M config, clang, armv7-m thumb2"
make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe"
@@ -4238,6 +4324,7 @@
# aes.o has many #if defined(...) guards that intersect in complex ways.
# Test that all the combinations build cleanly.
+ MBEDTLS_ROOT_DIR="$PWD"
msg "build: aes.o for all combinations of relevant config options"
build_test_config_combos library/aes.o validate_aes_config_variations \
@@ -4245,6 +4332,23 @@
"MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \
"MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \
"MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"
+
+ cd "$MBEDTLS_ROOT_DIR"
+ msg "build: aes.o for all combinations of relevant config options + BLOCK_CIPHER_NO_DECRYPT"
+
+ # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is incompatible with ECB in PSA, CBC/XTS/NIST_KW/DES,
+ # manually set or unset those configurations to check
+ # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with various combinations in aes.o.
+ scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS
+ scripts/config.py unset MBEDTLS_DES_C
+ scripts/config.py unset MBEDTLS_NIST_KW_C
+ build_test_config_combos library/aes.o validate_aes_config_variations \
+ "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \
+ "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \
+ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \
+ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"
}
component_test_no_platform () {
@@ -4307,7 +4411,7 @@
scripts/config.py set MBEDTLS_PLATFORM_MEMORY
scripts/config.py set MBEDTLS_MEMORY_BACKTRACE
scripts/config.py set MBEDTLS_MEMORY_DEBUG
- CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release .
+ cmake -DCMAKE_BUILD_TYPE:String=Release .
make
msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE"
@@ -4318,7 +4422,7 @@
msg "build: default config with memory buffer allocator"
scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.py set MBEDTLS_PLATFORM_MEMORY
- CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release .
+ cmake -DCMAKE_BUILD_TYPE:String=Release .
make
msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C"
@@ -4333,7 +4437,7 @@
# Run max fragment length tests with MFL disabled
msg "build: default config except MFL extension (ASan build)" # ~ 30s
scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: ssl-opt.sh, MFL-related tests"
@@ -4343,7 +4447,7 @@
component_test_asan_remove_peer_certificate () {
msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)"
scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
@@ -4364,7 +4468,7 @@
scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: MFL tests (disabled MFL extension case) & large packet tests"
@@ -4377,7 +4481,7 @@
component_test_variable_ssl_in_out_buffer_len () {
msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled (ASan build)"
scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
@@ -4394,7 +4498,7 @@
msg "build: MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy) enabled (ASan build)"
scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy)"
@@ -4414,7 +4518,7 @@
scripts/config.py set MBEDTLS_MEMORY_DEBUG
scripts/config.py set MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
- CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release .
+ cmake -DCMAKE_BUILD_TYPE:String=Release .
make
msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH"
@@ -4441,7 +4545,7 @@
component_test_no_date_time () {
msg "build: default config without MBEDTLS_HAVE_TIME_DATE"
scripts/config.py unset MBEDTLS_HAVE_TIME_DATE
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Check .
+ cmake -D CMAKE_BUILD_TYPE:String=Check .
make
msg "test: !MBEDTLS_HAVE_TIME_DATE - main suites"
@@ -4453,7 +4557,7 @@
scripts/config.py set MBEDTLS_PLATFORM_MEMORY
scripts/config.py set MBEDTLS_PLATFORM_CALLOC_MACRO calloc
scripts/config.py set MBEDTLS_PLATFORM_FREE_MACRO free
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
@@ -4463,7 +4567,7 @@
component_test_malloc_0_null () {
msg "build: malloc(0) returns NULL (ASan+UBSan build)"
scripts/config.py full
- make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
msg "test: malloc(0) returns NULL (ASan+UBSan build)"
make test
@@ -4548,7 +4652,7 @@
}
support_test_aesni_m32() {
- support_test_m32_o0 && (lscpu | grep -qw aes)
+ support_test_m32_no_asm && (lscpu | grep -qw aes)
}
component_test_aesni_m32 () { # ~ 60s
@@ -4645,6 +4749,63 @@
armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto"
}
+support_build_aes_armce() {
+ # clang >= 4 is required to build with AES extensions
+ ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')"
+ [ "${ver}" -ge 11 ]
+}
+
+component_build_aes_armce () {
+ # Test variations of AES with Armv8 crypto extensions
+ scripts/config.py set MBEDTLS_AESCE_C
+ scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+
+ msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64"
+ make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto"
+
+ msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm"
+ make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm"
+
+ msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb"
+ make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
+
+ scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
+
+ msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64"
+ make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto"
+
+ msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm"
+ make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm"
+
+ msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb"
+ make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
+
+ # test for presence of AES instructions
+ scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+ msg "clang, test A32 crypto instructions built"
+ make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
+ grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
+ msg "clang, test T32 crypto instructions built"
+ make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
+ grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
+ msg "clang, test aarch64 crypto instructions built"
+ make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
+ grep -E 'aes[a-z]+\s*[qv]' library/aesce.o
+
+ # test for absence of AES instructions
+ scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
+ scripts/config.py unset MBEDTLS_AESCE_C
+ msg "clang, test A32 crypto instructions not built"
+ make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
+ not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
+ msg "clang, test T32 crypto instructions not built"
+ make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
+ not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
+ msg "clang, test aarch64 crypto instructions not built"
+ make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
+ not grep -E 'aes[a-z]+\s*[qv]' library/aesce.o
+}
+
support_build_sha_armce() {
if command -v clang > /dev/null ; then
# clang >= 4 is required to build with SHA extensions
@@ -4730,7 +4891,7 @@
scripts/config.py unset MBEDTLS_AESNI_C
scripts/config.py set MBEDTLS_PADLOCK_C
scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
- make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS"
grep -q mbedtls_padlock_has_support ./programs/test/selftest
}
@@ -4750,7 +4911,7 @@
scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
scripts/config.py unset MBEDTLS_PADLOCK_C
- make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+ make CFLAGS='-O2 -Werror -Wall -Wextra'
msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH"
make test
@@ -4775,7 +4936,7 @@
scripts/config.py unset MBEDTLS_AESNI_C
scripts/config.py unset MBEDTLS_AESCE_C
- make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+ make CFLAGS='-O2 -Werror -Wall -Wextra'
msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C"
make test
@@ -4787,7 +4948,7 @@
component_test_aes_fewer_tables () {
msg "build: default config with AES_FEWER_TABLES enabled"
scripts/config.py set MBEDTLS_AES_FEWER_TABLES
- make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+ make CFLAGS='-O2 -Werror -Wall -Wextra'
msg "test: AES_FEWER_TABLES"
make test
@@ -4796,7 +4957,7 @@
component_test_aes_rom_tables () {
msg "build: default config with AES_ROM_TABLES enabled"
scripts/config.py set MBEDTLS_AES_ROM_TABLES
- make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+ make CFLAGS='-O2 -Werror -Wall -Wextra'
msg "test: AES_ROM_TABLES"
make test
@@ -4806,18 +4967,174 @@
msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled"
scripts/config.py set MBEDTLS_AES_FEWER_TABLES
scripts/config.py set MBEDTLS_AES_ROM_TABLES
- make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+ make CFLAGS='-O2 -Werror -Wall -Wextra'
msg "test: AES_FEWER_TABLES + AES_ROM_TABLES"
make test
}
+# helper for common_block_cipher_no_decrypt() which:
+# - enable/disable the list of config options passed from -s/-u respectively.
+# - build
+# - test for tests_suite_xxx
+# - selftest
+#
+# Usage: helper_block_cipher_no_decrypt_build_test
+# [-s set_opts] [-u unset_opts] [-c cflags] [-l ldflags] [option [...]]
+# Options: -s set_opts the list of config options to enable
+# -u unset_opts the list of config options to disable
+# -c cflags the list of options passed to CFLAGS
+# -l ldflags the list of options passed to LDFLAGS
+helper_block_cipher_no_decrypt_build_test () {
+ while [ $# -gt 0 ]; do
+ case "$1" in
+ -s)
+ shift; local set_opts="$1";;
+ -u)
+ shift; local unset_opts="$1";;
+ -c)
+ shift; local cflags="-Werror -Wall -Wextra $1";;
+ -l)
+ shift; local ldflags="$1";;
+ esac
+ shift
+ done
+ set_opts="${set_opts:-}"
+ unset_opts="${unset_opts:-}"
+ cflags="${cflags:-}"
+ ldflags="${ldflags:-}"
+
+ [ -n "$set_opts" ] && echo "Enabling: $set_opts" && scripts/config.py set-all $set_opts
+ [ -n "$unset_opts" ] && echo "Disabling: $unset_opts" && scripts/config.py unset-all $unset_opts
+
+ msg "build: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}"
+ make clean
+ make CFLAGS="-O2 $cflags" LDFLAGS="$ldflags"
+
+ # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA
+ not grep mbedtls_aes_setkey_dec library/aes.o
+ not grep mbedtls_aria_setkey_dec library/aria.o
+ not grep mbedtls_camellia_setkey_dec library/camellia.o
+ # Make sure we don't have mbedtls_internal_aes_decrypt in AES
+ not grep mbedtls_internal_aes_decrypt library/aes.o
+ # Make sure we don't have mbedtls_aesni_inverse_key in AESNI
+ not grep mbedtls_aesni_inverse_key library/aesni.o
+
+ msg "test: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}"
+ make test
+
+ msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}"
+ programs/test/selftest
+}
+
+# This is a common configuration function used in:
+# - component_test_block_cipher_no_decrypt_aesni_legacy()
+# - component_test_block_cipher_no_decrypt_aesni_use_psa()
+# in order to test BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics,
+# AESNI assembly and AES C implementation on x86_64 and with AESNI intrinsics
+# on x86.
+common_block_cipher_no_decrypt () {
+ # test AESNI intrinsics
+ helper_block_cipher_no_decrypt_build_test \
+ -s "MBEDTLS_AESNI_C" \
+ -c "-mpclmul -msse2 -maes"
+
+ # test AESNI assembly
+ helper_block_cipher_no_decrypt_build_test \
+ -s "MBEDTLS_AESNI_C" \
+ -c "-mno-pclmul -mno-sse2 -mno-aes"
+
+ # test AES C implementation
+ helper_block_cipher_no_decrypt_build_test \
+ -u "MBEDTLS_AESNI_C"
+
+ # test AESNI intrinsics for i386 target
+ helper_block_cipher_no_decrypt_build_test \
+ -s "MBEDTLS_AESNI_C" \
+ -c "-m32 -mpclmul -msse2 -maes" \
+ -l "-m32"
+}
+
+# This is a configuration function used in component_test_block_cipher_no_decrypt_xxx:
+# usage: 0: no PSA crypto configuration
+# 1: use PSA crypto configuration
+config_block_cipher_no_decrypt () {
+ use_psa=$1
+
+ scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS
+ scripts/config.py unset MBEDTLS_DES_C
+ scripts/config.py unset MBEDTLS_NIST_KW_C
+
+ if [ "$use_psa" -eq 1 ]; then
+ # Enable support for cryptographic mechanisms through the PSA API.
+ # Note: XTS, KW are not yet supported via the PSA API in Mbed TLS.
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES
+ fi
+}
+
+component_test_block_cipher_no_decrypt_aesni () {
+ # This consistently causes an llvm crash on clang 3.8, so use gcc
+ export CC=gcc
+ config_block_cipher_no_decrypt 0
+ common_block_cipher_no_decrypt
+}
+
+component_test_block_cipher_no_decrypt_aesni_use_psa () {
+ # This consistently causes an llvm crash on clang 3.8, so use gcc
+ export CC=gcc
+ config_block_cipher_no_decrypt 1
+ common_block_cipher_no_decrypt
+}
+
+support_test_block_cipher_no_decrypt_aesce_armcc () {
+ support_build_armcc
+}
+
+component_test_block_cipher_no_decrypt_aesce_armcc () {
+ scripts/config.py baremetal
+
+ # armc[56] don't support SHA-512 intrinsics
+ scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
+
+ # Stop armclang warning about feature detection for A64_CRYPTO.
+ # With this enabled, the library does build correctly under armclang,
+ # but in baremetal builds (as tested here), feature detection is
+ # unavailable, and the user is notified via a #warning. So enabling
+ # this feature would prevent us from building with -Werror on
+ # armclang. Tracked in #7198.
+ scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
+ scripts/config.py set MBEDTLS_HAVE_ASM
+
+ config_block_cipher_no_decrypt 1
+
+ # test AESCE baremetal build
+ scripts/config.py set MBEDTLS_AESCE_C
+ msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESCE"
+ armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto -Werror -Wall -Wextra"
+
+ # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA
+ not grep mbedtls_aes_setkey_dec library/aes.o
+ not grep mbedtls_aria_setkey_dec library/aria.o
+ not grep mbedtls_camellia_setkey_dec library/camellia.o
+ # Make sure we don't have mbedtls_internal_aes_decrypt in AES
+ not grep mbedtls_internal_aes_decrypt library/aes.o
+ # Make sure we don't have mbedtls_aesce_inverse_key and aesce_decrypt_block in AESCE
+ not grep mbedtls_aesce_inverse_key library/aesce.o
+ not grep aesce_decrypt_block library/aesce.o
+}
+
component_test_ctr_drbg_aes_256_sha_256 () {
msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
scripts/config.py full
scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
@@ -4829,7 +5146,7 @@
scripts/config.py full
scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)"
@@ -4842,7 +5159,7 @@
scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
@@ -4866,7 +5183,7 @@
loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
loc_cflags="${loc_cflags} -I../tests/include -O2"
- make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
msg "test: full + test drivers dispatching to builtins"
make test
@@ -5005,18 +5322,23 @@
programs/test/query_included_headers | not grep -x PSA_CRYPTO_STRUCT_H
}
-component_test_m32_o0 () {
- # Build without optimization, so as to use portable C code (in a 32-bit
+component_test_m32_no_asm () {
+ # Build without assembly, so as to use portable C code (in a 32-bit
# build) and not the i386-specific inline assembly.
- msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
+ #
+ # Note that we require gcc, because clang Asan builds fail to link for
+ # this target (cannot find libclang_rt.lsan-i386.a - this is a known clang issue).
+ msg "build: i386, make, gcc, no asm (ASan build)" # ~ 30s
scripts/config.py full
+ scripts/config.py unset MBEDTLS_HAVE_ASM
+ scripts/config.py unset MBEDTLS_PADLOCK_C
scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32
- make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS"
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS"
- msg "test: i386, make, gcc -O0 (ASan build)"
+ msg "test: i386, make, gcc, no asm (ASan build)"
make test
}
-support_test_m32_o0 () {
+support_test_m32_no_asm () {
case $(uname -m) in
amd64|x86_64) true;;
*) false;;
@@ -5029,7 +5351,7 @@
msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32
- make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS"
msg "test: i386, make, gcc -O2 (ASan build)"
make test
@@ -5038,14 +5360,14 @@
tests/ssl-opt.sh
}
support_test_m32_o2 () {
- support_test_m32_o0 "$@"
+ support_test_m32_no_asm "$@"
}
component_test_m32_everest () {
msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min
scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32
- make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS"
msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
make test
@@ -5058,13 +5380,13 @@
tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA'
}
support_test_m32_everest () {
- support_test_m32_o0 "$@"
+ support_test_m32_no_asm "$@"
}
component_test_mx32 () {
msg "build: 64-bit ILP32, make, gcc" # ~ 30s
scripts/config.py full
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32'
+ make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mx32' LDFLAGS='-mx32'
msg "test: 64-bit ILP32, make, gcc"
make test
@@ -5079,7 +5401,7 @@
component_test_min_mpi_window_size () {
msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s
scripts/config.py set MBEDTLS_MPI_WINDOW_SIZE 1
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: MBEDTLS_MPI_WINDOW_SIZE=1 - main suites (inc. selftests) (ASan build)" # ~ 10s
@@ -5092,7 +5414,7 @@
scripts/config.py unset MBEDTLS_AESNI_C
scripts/config.py unset MBEDTLS_PADLOCK_C
scripts/config.py unset MBEDTLS_AESCE_C
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32'
+ make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32'
msg "test: gcc, force 32-bit bignum limbs"
make test
@@ -5104,7 +5426,7 @@
scripts/config.py unset MBEDTLS_AESNI_C
scripts/config.py unset MBEDTLS_PADLOCK_C
scripts/config.py unset MBEDTLS_AESCE_C
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
+ make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
msg "test: gcc, force 64-bit bignum limbs"
make test
@@ -5266,6 +5588,9 @@
# armc[56] don't support SHA-512 intrinsics
scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
+ # older versions of armcc/armclang don't support AESCE_C on 32-bit Arm
+ scripts/config.py unset MBEDTLS_AESCE_C
+
# Stop armclang warning about feature detection for A64_CRYPTO.
# With this enabled, the library does build correctly under armclang,
# but in baremetal builds (as tested here), feature detection is
@@ -5281,8 +5606,6 @@
msg "size: ARM Compiler 5"
"$ARMC5_FROMELF" -z library/*.o
- make clean
-
# Compile mostly with -O1 since some Arm inline assembly is disabled for -O0.
# ARM Compiler 6 - Target ARMv7-A
@@ -5300,14 +5623,18 @@
# ARM Compiler 6 - Target ARMv8-M
armc6_build_test "-O1 --target=arm-arm-none-eabi -march=armv8-m.main"
- # ARM Compiler 6 - Target ARMv8.2-A - AArch64
- armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8.2-a+crypto"
-
# ARM Compiler 6 - Target Cortex-M0 - no optimisation
armc6_build_test "-O0 --target=arm-arm-none-eabi -mcpu=cortex-m0"
# ARM Compiler 6 - Target Cortex-M0
armc6_build_test "-Os --target=arm-arm-none-eabi -mcpu=cortex-m0"
+
+ # ARM Compiler 6 - Target ARMv8.2-A - AArch64
+ #
+ # Re-enable MBEDTLS_AESCE_C as this should be supported by the version of armclang
+ # that we have in our CI
+ scripts/config.py set MBEDTLS_AESCE_C
+ armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8.2-a+crypto"
}
support_build_armcc () {
@@ -5319,6 +5646,7 @@
component_test_tls13_only () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3, without MBEDTLS_SSL_PROTO_TLS1_2"
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
+ scripts/config.py set MBEDTLS_SSL_RECORD_SIZE_LIMIT
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
msg "test: TLS 1.3 only, all key exchange modes enabled"
@@ -5459,7 +5787,7 @@
scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
make test
@@ -5473,7 +5801,7 @@
scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
make test
@@ -5481,21 +5809,6 @@
tests/ssl-opt.sh
}
-component_test_tls13_only_record_size_limit () {
- msg "build: TLS 1.3 only from default, record size limit extension enabled"
- scripts/config.py set MBEDTLS_SSL_RECORD_SIZE_LIMIT
- make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
-
- msg "test_suite_ssl: TLS 1.3 only, record size limit extension enabled"
- cd tests; ./test_suite_ssl; cd ..
-
- msg "ssl-opt.sh: (TLS 1.3 only, record size limit extension tests only)"
- # Both the server and the client will currently abort the handshake when they encounter the
- # record size limit extension. There is no way to prevent gnutls-cli from sending the extension
- # which makes all G_NEXT_CLI + P_SRV tests fail. Thus, run only the tests for the this extension.
- tests/ssl-opt.sh -f "Record Size Limit"
-}
-
component_build_mingw () {
msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 lib programs
@@ -5547,7 +5860,7 @@
fi
}
-component_test_valgrind () {
+component_release_test_valgrind () {
msg "build: Release (clang)"
# default config, in particular without MBEDTLS_USE_PSA_CRYPTO
CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release .
@@ -5575,7 +5888,7 @@
fi
}
-component_test_valgrind_psa () {
+component_release_test_valgrind_psa () {
msg "build: Release, full (clang)"
# full config, in particular with MBEDTLS_USE_PSA_CRYPTO
scripts/config.py full
@@ -5761,7 +6074,7 @@
scripts/config.py full
# Only compile - we're looking for sizeof-pointer-memaccess warnings
- make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess"
+ make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess"
}
@@ -5794,11 +6107,12 @@
}
component_test_psa_compliance () {
+ # The arch tests build with gcc, so require use of gcc here to link properly
msg "build: make, default config (out-of-box), libmbedcrypto.a only"
- make -C library libmbedcrypto.a
+ CC=gcc make -C library libmbedcrypto.a
msg "unit test: test_psa_compliance.py"
- ./tests/scripts/test_psa_compliance.py
+ CC=gcc ./tests/scripts/test_psa_compliance.py
}
support_test_psa_compliance () {
@@ -5932,7 +6246,6 @@
# Preliminary setup
pre_check_environment
-pre_parse_command_line_for_dirs "$@"
pre_initialize_variables
pre_parse_command_line "$@"
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index a070b01..a867971 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -12,9 +12,36 @@
import re
import subprocess
import os
+import typing
import check_test_cases
+
+# `ComponentOutcomes` is a named tuple which is defined as:
+# ComponentOutcomes(
+# successes = {
+# "<suite_case>",
+# ...
+# },
+# failures = {
+# "<suite_case>",
+# ...
+# }
+# )
+# suite_case = "<suite>;<case>"
+ComponentOutcomes = typing.NamedTuple('ComponentOutcomes',
+ [('successes', typing.Set[str]),
+ ('failures', typing.Set[str])])
+
+# `Outcomes` is a representation of the outcomes file,
+# which defined as:
+# Outcomes = {
+# "<component>": ComponentOutcomes,
+# ...
+# }
+Outcomes = typing.Dict[str, ComponentOutcomes]
+
+
class Results:
"""Process analysis results."""
@@ -40,35 +67,12 @@
def _print_line(fmt, *args, **kwargs):
sys.stderr.write((fmt + '\n').format(*args, **kwargs))
-class TestCaseOutcomes:
- """The outcomes of one test case across many configurations."""
- # pylint: disable=too-few-public-methods
-
- def __init__(self):
- # Collect a list of witnesses of the test case succeeding or failing.
- # Currently we don't do anything with witnesses except count them.
- # The format of a witness is determined by the read_outcome_file
- # function; it's the platform and configuration joined by ';'.
- self.successes = []
- self.failures = []
-
- def hits(self):
- """Return the number of times a test case has been run.
-
- This includes passes and failures, but not skips.
- """
- return len(self.successes) + len(self.failures)
-
-def execute_reference_driver_tests(results: Results, ref_component, driver_component, \
- outcome_file):
+def execute_reference_driver_tests(results: Results, ref_component: str, driver_component: str, \
+ outcome_file: str) -> None:
"""Run the tests specified in ref_component and driver_component. Results
are stored in the output_file and they will be used for the following
coverage analysis"""
- # If the outcome file already exists, we assume that the user wants to
- # perform the comparison analysis again without repeating the tests.
- if os.path.exists(outcome_file):
- results.info("Outcome file ({}) already exists. Tests will be skipped.", outcome_file)
- return
+ results.new_section("Test {} and {}", ref_component, driver_component)
shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \
" " + ref_component + " " + driver_component
@@ -78,24 +82,28 @@
if ret_val != 0:
results.error("failed to run reference/driver components")
-def analyze_coverage(results, outcomes, allow_list, full_coverage):
+def analyze_coverage(results: Results, outcomes: Outcomes,
+ allow_list: typing.List[str], full_coverage: bool) -> None:
"""Check that all available test cases are executed at least once."""
available = check_test_cases.collect_available_test_cases()
- for key in available:
- hits = outcomes[key].hits() if key in outcomes else 0
- if hits == 0 and key not in allow_list:
+ for suite_case in available:
+ hit = any(suite_case in comp_outcomes.successes or
+ suite_case in comp_outcomes.failures
+ for comp_outcomes in outcomes.values())
+
+ if not hit and suite_case not in allow_list:
if full_coverage:
- results.error('Test case not executed: {}', key)
+ results.error('Test case not executed: {}', suite_case)
else:
- results.warning('Test case not executed: {}', key)
- elif hits != 0 and key in allow_list:
+ results.warning('Test case not executed: {}', suite_case)
+ elif hit and suite_case in allow_list:
# Test Case should be removed from the allow list.
if full_coverage:
- results.error('Allow listed test case was executed: {}', key)
+ results.error('Allow listed test case was executed: {}', suite_case)
else:
- results.warning('Allow listed test case was executed: {}', key)
+ results.warning('Allow listed test case was executed: {}', suite_case)
-def name_matches_pattern(name, str_or_re):
+def name_matches_pattern(name: str, str_or_re) -> bool:
"""Check if name matches a pattern, that may be a string or regex.
- If the pattern is a string, name must be equal to match.
- If the pattern is a regex, name must fully match.
@@ -103,24 +111,34 @@
# The CI's python is too old for re.Pattern
#if isinstance(str_or_re, re.Pattern):
if not isinstance(str_or_re, str):
- return str_or_re.fullmatch(name)
+ return str_or_re.fullmatch(name) is not None
else:
return str_or_re == name
-def analyze_driver_vs_reference(results: Results, outcomes,
- component_ref, component_driver,
- ignored_suites, ignored_tests=None):
- """Check that all tests executed in the reference component are also
- executed in the corresponding driver component.
+def analyze_driver_vs_reference(results: Results, outcomes: Outcomes,
+ component_ref: str, component_driver: str,
+ ignored_suites: typing.List[str], ignored_tests=None) -> None:
+ """Check that all tests passing in the reference component are also
+ passing in the corresponding driver component.
Skip:
- full test suites provided in ignored_suites list
- only some specific test inside a test suite, for which the corresponding
output string is provided
"""
- seen_reference_passing = False
- for key in outcomes:
- # key is like "test_suite_foo.bar;Description of test case"
- (full_test_suite, test_string) = key.split(';')
+ ref_outcomes = outcomes.get("component_" + component_ref)
+ driver_outcomes = outcomes.get("component_" + component_driver)
+
+ if ref_outcomes is None or driver_outcomes is None:
+ results.error("required components are missing: bad outcome file?")
+ return
+
+ if not ref_outcomes.successes:
+ results.error("no passing test in reference component: bad outcome file?")
+ return
+
+ for suite_case in ref_outcomes.successes:
+ # suite_case is like "test_suite_foo.bar;Description of test case"
+ (full_test_suite, test_string) = suite_case.split(';')
test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name
# Immediately skip fully-ignored test suites
@@ -132,71 +150,52 @@
# but issue an error if they're not (means we have a bad entry).
ignored = False
if full_test_suite in ignored_tests:
- for str_or_re in ignored_tests[test_suite]:
+ for str_or_re in ignored_tests[full_test_suite]:
if name_matches_pattern(test_string, str_or_re):
ignored = True
- # Search for tests that run in reference component and not in driver component
- driver_test_passed = False
- reference_test_passed = False
- for entry in outcomes[key].successes:
- if component_driver in entry:
- driver_test_passed = True
- if component_ref in entry:
- reference_test_passed = True
- seen_reference_passing = True
- if reference_test_passed and not driver_test_passed and not ignored:
- results.error("PASS -> SKIP/FAIL: {}", key)
- if ignored and driver_test_passed:
- results.error("uselessly ignored: {}", key)
+ if not ignored and not suite_case in driver_outcomes.successes:
+ results.error("PASS -> SKIP/FAIL: {}", suite_case)
+ if ignored and suite_case in driver_outcomes.successes:
+ results.error("uselessly ignored: {}", suite_case)
- if not seen_reference_passing:
- results.error("no passing test in reference component: bad outcome file?")
-
-def analyze_outcomes(results: Results, outcomes, args):
+def analyze_outcomes(results: Results, outcomes: Outcomes, args) -> None:
"""Run all analyses on the given outcome collection."""
analyze_coverage(results, outcomes, args['allow_list'],
args['full_coverage'])
-def read_outcome_file(outcome_file):
+def read_outcome_file(outcome_file: str) -> Outcomes:
"""Parse an outcome file and return an outcome collection.
-
-An outcome collection is a dictionary mapping keys to TestCaseOutcomes objects.
-The keys are the test suite name and the test case description, separated
-by a semicolon.
-"""
+ """
outcomes = {}
with open(outcome_file, 'r', encoding='utf-8') as input_file:
for line in input_file:
- (platform, config, suite, case, result, _cause) = line.split(';')
- key = ';'.join([suite, case])
- setup = ';'.join([platform, config])
- if key not in outcomes:
- outcomes[key] = TestCaseOutcomes()
+ (_platform, component, suite, case, result, _cause) = line.split(';')
+ # Note that `component` is not unique. If a test case passes on Linux
+ # and fails on FreeBSD, it'll end up in both the successes set and
+ # the failures set.
+ suite_case = ';'.join([suite, case])
+ if component not in outcomes:
+ outcomes[component] = ComponentOutcomes(set(), set())
if result == 'PASS':
- outcomes[key].successes.append(setup)
+ outcomes[component].successes.add(suite_case)
elif result == 'FAIL':
- outcomes[key].failures.append(setup)
+ outcomes[component].failures.add(suite_case)
+
return outcomes
-def do_analyze_coverage(results: Results, outcome_file, args):
+def do_analyze_coverage(results: Results, outcomes: Outcomes, args) -> None:
"""Perform coverage analysis."""
results.new_section("Analyze coverage")
- outcomes = read_outcome_file(outcome_file)
analyze_outcomes(results, outcomes, args)
-def do_analyze_driver_vs_reference(results: Results, outcome_file, args):
+def do_analyze_driver_vs_reference(results: Results, outcomes: Outcomes, args) -> None:
"""Perform driver vs reference analyze."""
results.new_section("Analyze driver {} vs reference {}",
args['component_driver'], args['component_ref'])
- execute_reference_driver_tests(results, args['component_ref'], \
- args['component_driver'], outcome_file)
-
ignored_suites = ['test_suite_' + x for x in args['ignored_suites']]
- outcomes = read_outcome_file(outcome_file)
-
analyze_driver_vs_reference(results, outcomes,
args['component_ref'], args['component_driver'],
ignored_suites, args['ignored_tests'])
@@ -232,19 +231,25 @@
'psa_crypto_low_hash.generated', # testing the builtins
],
'ignored_tests': {
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
}
}
},
- 'analyze_driver_vs_reference_cipher_aead': {
+ 'analyze_driver_vs_reference_cipher_aead_cmac': {
'test_function': do_analyze_driver_vs_reference,
'args': {
- 'component_ref': 'test_psa_crypto_config_reference_cipher_aead',
- 'component_driver': 'test_psa_crypto_config_accel_cipher_aead',
+ 'component_ref': 'test_psa_crypto_config_reference_cipher_aead_cmac',
+ 'component_driver': 'test_psa_crypto_config_accel_cipher_aead_cmac',
# Modules replaced by drivers.
'ignored_suites': [
# low-level (block/stream) cipher modules
'aes', 'aria', 'camellia', 'des', 'chacha20',
- # AEAD modes
+ # AEAD modes and CMAC
'ccm', 'chachapoly', 'cmac', 'gcm',
# The Cipher abstraction layer
'cipher',
@@ -255,6 +260,12 @@
'test_suite_pem': [
re.compile(r'PEM read .*(AES|DES|\bencrypt).*'),
],
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
# Following tests depend on AES_C/DES_C but are not about
# them really, just need to know some error code is there.
'test_suite_error': [
@@ -282,7 +293,7 @@
'test_suite_pkparse': [
'Key ASN1 (Encrypted key PKCS12, trailing garbage data)',
'Key ASN1 (Encrypted key PKCS5, trailing garbage data)',
- re.compile(r'Parse RSA Key .*\(PKCS#8 encrypted .*\)'),
+ re.compile(r'Parse (RSA|EC) Key .*\(.* ([Ee]ncrypted|password).*\)'),
],
}
}
@@ -297,6 +308,12 @@
'ecdsa', 'ecdh', 'ecjpake',
],
'ignored_tests': {
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
# This test wants a legacy function that takes f_rng, p_rng
# arguments, and uses legacy ECDSA for that. The test is
# really about the wrapper around the PSA RNG, not ECDSA.
@@ -330,6 +347,12 @@
'ecp', 'ecdsa', 'ecdh', 'ecjpake',
],
'ignored_tests': {
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
# See ecp_light_only
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
@@ -363,6 +386,12 @@
'bignum.generated', 'bignum.misc',
],
'ignored_tests': {
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
# See ecp_light_only
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
@@ -400,6 +429,12 @@
'bignum.generated', 'bignum.misc',
],
'ignored_tests': {
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
# See ecp_light_only
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
@@ -431,7 +466,14 @@
'component_ref': 'test_psa_crypto_config_reference_ffdh',
'component_driver': 'test_psa_crypto_config_accel_ffdh',
'ignored_suites': ['dhm'],
- 'ignored_tests': {}
+ 'ignored_tests': {
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
+ }
}
},
'analyze_driver_vs_reference_tfm_config': {
@@ -447,12 +489,109 @@
'bignum.generated', 'bignum.misc',
],
'ignored_tests': {
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
# See ecp_light_only
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
}
}
+ },
+ 'analyze_driver_vs_reference_rsa': {
+ 'test_function': do_analyze_driver_vs_reference,
+ 'args': {
+ 'component_ref': 'test_psa_crypto_config_reference_rsa_crypto',
+ 'component_driver': 'test_psa_crypto_config_accel_rsa_crypto',
+ 'ignored_suites': [
+ # Modules replaced by drivers.
+ 'rsa', 'pkcs1_v15', 'pkcs1_v21',
+ # We temporarily don't care about PK stuff.
+ 'pk', 'pkwrite', 'pkparse'
+ ],
+ 'ignored_tests': {
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
+ # Following tests depend on RSA_C but are not about
+ # them really, just need to know some error code is there.
+ 'test_suite_error': [
+ 'Low and high error',
+ 'Single high error'
+ ],
+ # Constant time operations only used for PKCS1_V15
+ 'test_suite_constant_time': [
+ re.compile(r'mbedtls_ct_zeroize_if .*'),
+ re.compile(r'mbedtls_ct_memmove_left .*')
+ ],
+ }
+ }
+ },
+ 'analyze_block_cipher_dispatch': {
+ 'test_function': do_analyze_driver_vs_reference,
+ 'args': {
+ 'component_ref': 'test_full_block_cipher_legacy_dispatch',
+ 'component_driver': 'test_full_block_cipher_psa_dispatch',
+ 'ignored_suites': [
+ # Skipped in the accelerated component
+ 'aes', 'aria', 'camellia',
+ # These require AES_C, ARIA_C or CAMELLIA_C to be enabled in
+ # order for the cipher module (actually cipher_wrapper) to work
+ # properly. However these symbols are disabled in the accelerated
+ # component so we ignore them.
+ 'cipher.ccm', 'cipher.gcm', 'cipher.aes', 'cipher.aria',
+ 'cipher.camellia',
+ ],
+ 'ignored_tests': {
+ 'test_suite_cmac': [
+ # Following tests require AES_C/ARIA_C/CAMELLIA_C to be enabled,
+ # but these are not available in the accelerated component.
+ 'CMAC null arguments',
+ re.compile('CMAC.* (AES|ARIA|Camellia).*'),
+ ],
+ 'test_suite_cipher.padding': [
+ # Following tests require AES_C/CAMELLIA_C to be enabled,
+ # but these are not available in the accelerated component.
+ re.compile('Set( non-existent)? padding with (AES|CAMELLIA).*'),
+ ],
+ 'test_suite_pkparse': [
+ # PEM (called by pkparse) requires AES_C in order to decrypt
+ # the key, but this is not available in the accelerated
+ # component.
+ re.compile('Parse RSA Key.*(password|AES-).*'),
+ ],
+ 'test_suite_pem': [
+ # Following tests require AES_C, but this is diabled in the
+ # accelerated component.
+ 'PEM read (AES-128-CBC + invalid iv)',
+ 'PEM read (malformed PEM AES-128-CBC)',
+ 'PEM read (unknown encryption algorithm)',
+ ],
+ 'test_suite_error': [
+ # Following tests depend on AES_C but are not about them
+ # really, just need to know some error code is there.
+ 'Single low error',
+ 'Low and high error',
+ ],
+ 'test_suite_version': [
+ # Similar to test_suite_error above.
+ 'Check for MBEDTLS_AES_C when already present',
+ ],
+ 'test_suite_platform': [
+ # Incompatible with sanitizers (e.g. ASan). If the driver
+ # component uses a sanitizer but the reference component
+ # doesn't, we have a PASS vs SKIP mismatch.
+ 'Check mbedtls_calloc overallocation',
+ ],
+ }
+ }
}
}
@@ -493,10 +632,31 @@
KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage
+ # If the outcome file exists, parse it once and share the result
+ # among tasks to improve performance.
+ # Otherwise, it will be generated by execute_reference_driver_tests.
+ if not os.path.exists(options.outcomes):
+ if len(tasks_list) > 1:
+ sys.stderr.write("mutiple tasks found, please provide a valid outcomes file.\n")
+ sys.exit(2)
+
+ task_name = tasks_list[0]
+ task = KNOWN_TASKS[task_name]
+ if task['test_function'] != do_analyze_driver_vs_reference: # pylint: disable=comparison-with-callable
+ sys.stderr.write("please provide valid outcomes file for {}.\n".format(task_name))
+ sys.exit(2)
+
+ execute_reference_driver_tests(main_results,
+ task['args']['component_ref'],
+ task['args']['component_driver'],
+ options.outcomes)
+
+ outcomes = read_outcome_file(options.outcomes)
+
for task in tasks_list:
test_function = KNOWN_TASKS[task]['test_function']
test_args = KNOWN_TASKS[task]['args']
- test_function(main_results, options.outcomes, test_args)
+ test_function(main_results, outcomes, test_args)
main_results.info("Overall results: {} warnings and {} errors",
main_results.warning_count, main_results.error_count)
diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh
index 67dedeb..3fe4e8c 100755
--- a/tests/scripts/check-generated-files.sh
+++ b/tests/scripts/check-generated-files.sh
@@ -22,8 +22,20 @@
exit
fi
-if [ -d library -a -d include -a -d tests ]; then :; else
- echo "Must be run from Mbed TLS root" >&2
+in_mbedtls_repo () {
+ test -d include -a -d library -a -d programs -a -d tests
+}
+
+in_tf_psa_crypto_repo () {
+ test -d include -a -d core -a -d drivers -a -d programs -a -d tests
+}
+
+if in_mbedtls_repo; then
+ library_dir='library'
+elif in_tf_psa_crypto_repo; then
+ library_dir='core'
+else
+ echo "Must be run from Mbed TLS root or TF-PSA-Crypto root" >&2
exit 1
fi
@@ -114,16 +126,21 @@
# - **/CMakeLists.txt (to (re)build them with cmake)
# - scripts/make_generated_files.bat (to generate them under Windows)
-check scripts/generate_errors.pl library/error.c
-check scripts/generate_query_config.pl programs/test/query_config.c
-check scripts/generate_driver_wrappers.py library/psa_crypto_driver_wrappers.h library/psa_crypto_driver_wrappers_no_static.c
-check scripts/generate_features.pl library/version_features.c
-check scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c
-# generate_visualc_files enumerates source files (library/*.c). It doesn't
-# care about their content, but the files must exist. So it must run after
-# the step that creates or updates these files.
-check scripts/generate_visualc_files.pl visualc/VS2013
+# These checks are common to Mbed TLS and TF-PSA-Crypto
check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c
check tests/scripts/generate_bignum_tests.py $(tests/scripts/generate_bignum_tests.py --list)
check tests/scripts/generate_ecp_tests.py $(tests/scripts/generate_ecp_tests.py --list)
check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py --list)
+check scripts/generate_driver_wrappers.py $library_dir/psa_crypto_driver_wrappers.h $library_dir/psa_crypto_driver_wrappers_no_static.c
+
+# Additional checks for Mbed TLS only
+if in_mbedtls_repo; then
+ check scripts/generate_errors.pl library/error.c
+ check scripts/generate_query_config.pl programs/test/query_config.c
+ check scripts/generate_features.pl library/version_features.c
+ check scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c
+ # generate_visualc_files enumerates source files (library/*.c). It doesn't
+ # care about their content, but the files must exist. So it must run after
+ # the step that creates or updates these files.
+ check scripts/generate_visualc_files.pl visualc/VS2013
+fi
diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py
index a2a9dfa..65fbc9f 100755
--- a/tests/scripts/check_files.py
+++ b/tests/scripts/check_files.py
@@ -105,6 +105,7 @@
BINARY_FILE_PATH_RE_LIST = [
r'docs/.*\.pdf\Z',
+ r'docs/.*\.png\Z',
r'programs/fuzz/corpuses/[^.]+\Z',
r'tests/data_files/[^.]+\Z',
r'tests/data_files/.*\.(crt|csr|db|der|key|pubkey)\Z',
@@ -317,6 +318,7 @@
heading = "Tabs present:"
suffix_exemptions = frozenset([
+ ".make",
".pem", # some openssl dumps have tabs
".sln",
"/Makefile",
@@ -371,8 +373,9 @@
r'(ChangeLog|LICENSE|[-0-9A-Z_a-z]+\.md)\Z',
# Files imported from TF-M, and not used except in test builds,
# may be under a different license.
- r'configs/crypto_config_profile_medium\.h\Z',
- r'configs/tfm_mbedcrypto_config_profile_medium\.h\Z',
+ r'configs/ext/crypto_config_profile_medium\.h\Z',
+ r'configs/ext/tfm_mbedcrypto_config_profile_medium\.h\Z',
+ r'configs/ext/README\.md\Z',
# Third-party file.
r'dco\.txt\Z',
]
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index 38c184a..1a84531 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -381,7 +381,7 @@
def __init__(self, options, conf):
"""Gather data about the library and establish a list of domains to test."""
- build_command = [options.make_command, 'CFLAGS=-Werror']
+ build_command = [options.make_command, 'CFLAGS=-Werror -O2']
build_and_test = [build_command, [options.make_command, 'test']]
self.all_config_symbols = set(conf.settings.keys())
# Find hash modules by name.
diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py
index 801f8da..fd278f8 100755
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@@ -496,7 +496,7 @@
key.alg.string, key.alg2.string,
)
dependencies = psa_information.finish_family_dependencies(dependencies, key.bits)
- dependencies += psa_information.generate_key_dependencies(key.description)
+ dependencies += psa_information.generate_deps_from_description(key.description)
dependencies = psa_information.fix_key_pair_dependencies(dependencies, 'BASIC')
tc.set_dependencies(dependencies)
tc.set_function('key_storage_' + verb)
diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py
index bed6d84..0d56ddf 100755
--- a/tests/scripts/test_psa_compliance.py
+++ b/tests/scripts/test_psa_compliance.py
@@ -50,12 +50,8 @@
in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir)
- if in_tf_psa_crypto_repo:
- crypto_name = 'tfpsacrypto'
- library_subdir = 'core'
- else:
- crypto_name = 'mbedcrypto'
- library_subdir = 'library'
+ crypto_name = build_tree.crypto_library_filename(root_dir)
+ library_subdir = build_tree.crypto_core_directory(root_dir, relative=True)
crypto_lib_filename = (library_build_dir + '/' +
library_subdir + '/' +
diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c
index c906a66..ff46387 100644
--- a/tests/src/drivers/test_driver_asymmetric_encryption.c
+++ b/tests/src/drivers/test_driver_asymmetric_encryption.c
@@ -46,8 +46,7 @@
return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status;
}
-#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
- defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
return libtestdriver1_mbedtls_psa_asymmetric_encrypt(
(const libtestdriver1_psa_key_attributes_t *) attributes,
key_buffer, key_buffer_size,
@@ -88,8 +87,7 @@
return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status;
}
-#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
- defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
return libtestdriver1_mbedtls_psa_asymmetric_decrypt(
(const libtestdriver1_psa_key_attributes_t *) attributes,
key_buffer, key_buffer_size,
diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c
index 678d8d5..2bc751a 100644
--- a/tests/src/drivers/test_driver_cipher.c
+++ b/tests/src/drivers/test_driver_cipher.c
@@ -41,6 +41,7 @@
size_t *output_length)
{
mbedtls_test_driver_cipher_hooks.hits++;
+ mbedtls_test_driver_cipher_hooks.hits_encrypt++;
if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
@@ -58,6 +59,9 @@
if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
return mbedtls_test_driver_cipher_hooks.forced_status;
}
+ if (mbedtls_test_driver_cipher_hooks.forced_status_encrypt != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status_encrypt;
+ }
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
@@ -208,10 +212,14 @@
size_t iv_length)
{
mbedtls_test_driver_cipher_hooks.hits++;
+ mbedtls_test_driver_cipher_hooks.hits_set_iv++;
if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
return mbedtls_test_driver_cipher_hooks.forced_status;
}
+ if (mbedtls_test_driver_cipher_hooks.forced_status_set_iv != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status_set_iv;
+ }
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c
index 6442f22..d522ebf 100644
--- a/tests/src/drivers/test_driver_key_management.c
+++ b/tests/src/drivers/test_driver_key_management.c
@@ -529,6 +529,7 @@
uint8_t *data, size_t data_size, size_t *data_length)
{
++mbedtls_test_driver_key_management_hooks.hits;
+ ++mbedtls_test_driver_key_management_hooks.hits_export_public_key;
if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
return mbedtls_test_driver_key_management_hooks.forced_status;
diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c
index d59a8f8..e1ea2b5 100644
--- a/tests/src/psa_crypto_helpers.c
+++ b/tests/src/psa_crypto_helpers.c
@@ -70,9 +70,20 @@
mbedtls_psa_get_stats(&stats);
+#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) && \
+ !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ /* When AES_C is not defined and PSA does not have an external RNG,
+ * then CTR_DRBG uses PSA to perform AES-ECB. In this scenario 1 key
+ * slot is used internally from PSA to hold the AES key and it should
+ * not be taken into account when evaluating remaining open slots. */
+ if (stats.volatile_slots > 1) {
+ return "A volatile slot has not been closed properly.";
+ }
+#else
if (stats.volatile_slots != 0) {
return "A volatile slot has not been closed properly.";
}
+#endif
if (stats.persistent_slots != 0) {
return "A persistent slot has not been closed properly.";
}
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index d02d305..3d8937d 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -1776,6 +1776,10 @@
}
#endif /* MBEDTLS_SSL_CLI_C */
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ session->record_size_limit = 2048;
+#endif
+
return 0;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c
index 6f405b0..5fbf65b 100644
--- a/tests/src/threading_helpers.c
+++ b/tests/src/threading_helpers.c
@@ -58,15 +58,15 @@
* indicate the exact location of the problematic call. To locate the error,
* use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error().
*/
-enum value_of_mutex_is_valid_field {
- /* Potential values for the is_valid field of mbedtls_threading_mutex_t.
+enum value_of_mutex_state_field {
+ /* Potential values for the state field of mbedtls_threading_mutex_t.
* Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for
* compatibility with threading_mutex_init_pthread() and
* threading_mutex_free_pthread(). MUTEX_LOCKED could be any nonzero
* value. */
- MUTEX_FREED = 0, //!< Set by threading_mutex_free_pthread
- MUTEX_IDLE = 1, //!< Set by threading_mutex_init_pthread and by our unlock
- MUTEX_LOCKED = 2, //!< Set by our lock
+ MUTEX_FREED = 0, //! < Set by mbedtls_test_wrap_mutex_free
+ MUTEX_IDLE = 1, //! < Set by mbedtls_test_wrap_mutex_init and by mbedtls_test_wrap_mutex_unlock
+ MUTEX_LOCKED = 2, //! < Set by mbedtls_test_wrap_mutex_lock
};
typedef struct {
@@ -77,10 +77,30 @@
} mutex_functions_t;
static mutex_functions_t mutex_functions;
-/** The total number of calls to mbedtls_mutex_init(), minus the total number
- * of calls to mbedtls_mutex_free().
+/**
+ * The mutex used to guard live_mutexes below and access to the status variable
+ * in every mbedtls_threading_mutex_t.
+ * Note that we are not reporting any errors when locking and unlocking this
+ * mutex. This is for a couple of reasons:
*
- * Reset to 0 after each test case.
+ * 1. We have no real way of reporting any errors with this mutex - we cannot
+ * report it back to the caller, as the failure was not that of the mutex
+ * passed in. We could fail the test, but again this would indicate a problem
+ * with the test code that did not exist.
+ *
+ * 2. Any failure to lock is unlikely to be intermittent, and will thus not
+ * give false test results - the overall result would be to turn off the
+ * testing. This is not a situation that is likely to happen with normal
+ * testing and we still have TSan to fall back on should this happen.
+ */
+mbedtls_threading_mutex_t mbedtls_test_mutex_mutex;
+
+/**
+ * The total number of calls to mbedtls_mutex_init(), minus the total number
+ * of calls to mbedtls_mutex_free().
+ *
+ * Do not read or write without holding mbedtls_test_mutex_mutex (above). Reset
+ * to 0 after each test case.
*/
static int live_mutexes;
@@ -88,6 +108,7 @@
const char *msg)
{
(void) mutex;
+
if (mbedtls_test_info.mutex_usage_error == NULL) {
mbedtls_test_info.mutex_usage_error = msg;
}
@@ -101,76 +122,92 @@
static void mbedtls_test_wrap_mutex_init(mbedtls_threading_mutex_t *mutex)
{
mutex_functions.init(mutex);
- if (mutex->is_valid) {
+
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+ mutex->state = MUTEX_IDLE;
++live_mutexes;
+
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
}
}
static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex)
{
- switch (mutex->is_valid) {
- case MUTEX_FREED:
- mbedtls_test_mutex_usage_error(mutex, "free without init or double free");
- break;
- case MUTEX_IDLE:
- /* Do nothing. The underlying free function will reset is_valid
- * to 0. */
- break;
- case MUTEX_LOCKED:
- mbedtls_test_mutex_usage_error(mutex, "free without unlock");
- break;
- default:
- mbedtls_test_mutex_usage_error(mutex, "corrupted state");
- break;
- }
- if (mutex->is_valid) {
- --live_mutexes;
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+
+ switch (mutex->state) {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error(mutex, "free without init or double free");
+ break;
+ case MUTEX_IDLE:
+ mutex->state = MUTEX_FREED;
+ --live_mutexes;
+ break;
+ case MUTEX_LOCKED:
+ mbedtls_test_mutex_usage_error(mutex, "free without unlock");
+ break;
+ default:
+ mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+ break;
+ }
+
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
}
mutex_functions.free(mutex);
}
static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex)
{
+ /* Lock the passed in mutex first, so that the only way to change the state
+ * is to hold the passed in and internal mutex - otherwise we create a race
+ * condition. */
int ret = mutex_functions.lock(mutex);
- switch (mutex->is_valid) {
- case MUTEX_FREED:
- mbedtls_test_mutex_usage_error(mutex, "lock without init");
- break;
- case MUTEX_IDLE:
- if (ret == 0) {
- mutex->is_valid = 2;
- }
- break;
- case MUTEX_LOCKED:
- mbedtls_test_mutex_usage_error(mutex, "double lock");
- break;
- default:
- mbedtls_test_mutex_usage_error(mutex, "corrupted state");
- break;
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+ switch (mutex->state) {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error(mutex, "lock without init");
+ break;
+ case MUTEX_IDLE:
+ if (ret == 0) {
+ mutex->state = MUTEX_LOCKED;
+ }
+ break;
+ case MUTEX_LOCKED:
+ mbedtls_test_mutex_usage_error(mutex, "double lock");
+ break;
+ default:
+ mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+ break;
+ }
+
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
}
return ret;
}
static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex)
{
- int ret = mutex_functions.unlock(mutex);
- switch (mutex->is_valid) {
- case MUTEX_FREED:
- mbedtls_test_mutex_usage_error(mutex, "unlock without init");
- break;
- case MUTEX_IDLE:
- mbedtls_test_mutex_usage_error(mutex, "unlock without lock");
- break;
- case MUTEX_LOCKED:
- if (ret == 0) {
- mutex->is_valid = MUTEX_IDLE;
- }
- break;
- default:
- mbedtls_test_mutex_usage_error(mutex, "corrupted state");
- break;
+ /* Lock the internal mutex first and change state, so that the only way to
+ * change the state is to hold the passed in and internal mutex - otherwise
+ * we create a race condition. */
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+ switch (mutex->state) {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error(mutex, "unlock without init");
+ break;
+ case MUTEX_IDLE:
+ mbedtls_test_mutex_usage_error(mutex, "unlock without lock");
+ break;
+ case MUTEX_LOCKED:
+ mutex->state = MUTEX_IDLE;
+ break;
+ default:
+ mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+ break;
+ }
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
}
- return ret;
+ return mutex_functions.unlock(mutex);
}
void mbedtls_test_mutex_usage_init(void)
@@ -183,6 +220,8 @@
mbedtls_mutex_free = &mbedtls_test_wrap_mutex_free;
mbedtls_mutex_lock = &mbedtls_test_wrap_mutex_lock;
mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock;
+
+ mutex_functions.init(&mbedtls_test_mutex_mutex);
}
void mbedtls_test_mutex_usage_check(void)
@@ -207,4 +246,14 @@
mbedtls_test_info.mutex_usage_error = NULL;
}
+void mbedtls_test_mutex_usage_end(void)
+{
+ mbedtls_mutex_init = mutex_functions.init;
+ mbedtls_mutex_free = mutex_functions.free;
+ mbedtls_mutex_lock = mutex_functions.lock;
+ mbedtls_mutex_unlock = mutex_functions.unlock;
+
+ mutex_functions.free(&mbedtls_test_mutex_mutex);
+}
+
#endif /* MBEDTLS_TEST_MUTEX_USAGE */
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 42f9f5e..26c5a79 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -358,9 +358,18 @@
# Space-separated list of ciphersuites supported by this build of
# Mbed TLS.
-P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
- grep 'TLS-\|TLS1-3' |
- tr -s ' \n' ' ')"
+P_CIPHERSUITES=""
+if [ "$LIST_TESTS" -eq 0 ]; then
+ P_CIPHERSUITES=" $($P_CLI help_ciphersuites 2>/dev/null |
+ grep 'TLS-\|TLS1-3' |
+ tr -s ' \n' ' ')"
+
+ if [ -z "${P_CIPHERSUITES# }" ]; then
+ echo >&2 "$0: fatal error: no cipher suites found!"
+ exit 125
+ fi
+fi
+
requires_ciphersuite_enabled() {
case $P_CIPHERSUITES in
*" $1 "*) :;;
@@ -2332,7 +2341,6 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_hash_alg SHA_256
-requires_config_enabled MBEDTLS_CCM_C
run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \
"$P_SRV key_opaque=1 crt_file=data_files/server5.crt \
key_file=data_files/server5.key key_opaque_algs=ecdh,none \
@@ -2386,7 +2394,6 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_hash_alg SHA_384
-requires_config_enabled MBEDTLS_CCM_C
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \
"$P_SRV key_opaque=1 crt_file=data_files/server5.crt \
@@ -2566,7 +2573,6 @@
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_384
-requires_config_enabled MBEDTLS_GCM_C
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \
"$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \
@@ -4475,7 +4481,7 @@
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Max fragment length: enabled, default" \
- "$P_SRV debug_level=3" \
+ "$P_SRV debug_level=3 force_version=tls12" \
"$P_CLI debug_level=3" \
0 \
-c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
@@ -4490,7 +4496,7 @@
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Max fragment length: enabled, default, larger message" \
- "$P_SRV debug_level=3" \
+ "$P_SRV debug_level=3 force_version=tls12" \
"$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
0 \
-c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
@@ -4528,7 +4534,7 @@
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Max fragment length: disabled, larger message" \
- "$P_SRV debug_level=3" \
+ "$P_SRV debug_level=3 force_version=tls12" \
"$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
0 \
-C "Maximum incoming record payload length is 16384" \
@@ -4542,7 +4548,7 @@
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Max fragment length, DTLS: disabled, larger message" \
- "$P_SRV debug_level=3 dtls=1" \
+ "$P_SRV debug_level=3 dtls=1 force_version=tls12" \
"$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
1 \
-C "Maximum incoming record payload length is 16384" \
@@ -4830,38 +4836,373 @@
requires_gnutls_tls1_3
requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
-run_test "Record Size Limit: TLS 1.3: Server-side parsing, debug output and fatal alert" \
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \
"$P_SRV debug_level=3 force_version=tls13" \
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \
- 1 \
- -c "Preparing extension (Record Size Limit/28) for 'client hello'" \
- -c "Sending extension Record Size Limit/28 (2 bytes)" \
- -s "ClientHello: record_size_limit(28) extension received."\
- -s "found record_size_limit extension" \
+ 0 \
-s "RecordSizeLimit: 16385 Bytes" \
- -c "Received alert \[110]: An unsupported extension was sent"
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 16383" \
+ -s "bytes written in 1 fragments"
requires_gnutls_tls1_3
requires_gnutls_record_size_limit
-requires_gnutls_next_disable_tls13_compat
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
-run_test "Record Size Limit: TLS 1.3: Client-side parsing, debug output and fatal alert" \
- "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL --disable-client-cert -d 4" \
"$P_CLI debug_level=4 force_version=tls13" \
0 \
- -s "Preparing extension (Record Size Limit/28) for 'encrypted extensions'"
-# The P_CLI can not yet send the Record Size Limit extension. Thus, the G_NEXT_SRV does not send
-# a response in its EncryptedExtensions record.
-# -s "Parsing extension 'Record Size Limit/28 (2 bytes)" \
-# -s "Sending extension Record Size Limit/28 (2 bytes)" \
-# -c "EncryptedExtensions: record_size_limit(28) extension received."\
-# -c "found record_size_limit extension" \
-# -c "RecordSizeLimit: 16385 Bytes" \
-# -s "Received alert \[110]: An unsupported extension was sent"
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "EncryptedExtensions: record_size_limit(28) extension received." \
+ -c "RecordSizeLimit: 16385 Bytes" \
+
+# In the following tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the
+# maximum record size using gnutls_record_set_max_size()
+# (https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size).
+# There is currently a lower limit of 512, caused by gnutls_record_set_max_size()
+# not respecting the "%ALLOW_SMALL_RECORDS" priority string and not using the
+# more recent function gnutls_record_set_max_recv_size()
+# (https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-recv-size).
+# There is currently an upper limit of 4096, caused by the cli arg parser:
+# https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/src/cli-args.def#L395.
+# Thus, these tests are currently limited to the value range 512-4096.
+# Also, the value sent in the extension will be one larger than the value
+# set at the command line:
+# https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/ext/record_size_limit.c#L142
+
+# Currently test certificates being used do not fit in 513 record size limit
+# so for 513 record size limit tests we use preshared key to avoid sending
+# the certificate.
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 1 fragment" \
+ "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \
+ psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \
+ response_size=256" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
+ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
+ 0 \
+ -s "RecordSizeLimit: 513 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 511" \
+ -s "256 bytes written in 1 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 2 fragments" \
+ "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \
+ psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \
+ response_size=768" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
+ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
+ 0 \
+ -s "RecordSizeLimit: 513 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 511" \
+ -s "768 bytes written in 2 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 3 fragments" \
+ "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \
+ psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \
+ response_size=1280" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
+ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
+ 0 \
+ -s "RecordSizeLimit: 513 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 511" \
+ -s "1280 bytes written in 3 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 1 fragment" \
+ "$P_SRV debug_level=3 force_version=tls13 response_size=512" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
+ 0 \
+ -s "RecordSizeLimit: 1024 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 1023" \
+ -s "512 bytes written in 1 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 2 fragments" \
+ "$P_SRV debug_level=3 force_version=tls13 response_size=1536" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
+ 0 \
+ -s "RecordSizeLimit: 1024 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 1023" \
+ -s "1536 bytes written in 2 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 3 fragments" \
+ "$P_SRV debug_level=3 force_version=tls13 response_size=2560" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
+ 0 \
+ -s "RecordSizeLimit: 1024 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 1023" \
+ -s "2560 bytes written in 3 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 1 fragment" \
+ "$P_SRV debug_level=3 force_version=tls13 response_size=2048" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
+ 0 \
+ -s "RecordSizeLimit: 4096 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 4095" \
+ -s "2048 bytes written in 1 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 2 fragments" \
+ "$P_SRV debug_level=3 force_version=tls13 response_size=6144" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
+ 0 \
+ -s "RecordSizeLimit: 4096 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 4095" \
+ -s "6144 bytes written in 2 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 3 fragments" \
+ "$P_SRV debug_level=3 force_version=tls13 response_size=10240" \
+ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
+ 0 \
+ -s "RecordSizeLimit: 4096 Bytes" \
+ -s "ClientHello: record_size_limit(28) extension exists." \
+ -s "Sent RecordSizeLimit: 16384 Bytes" \
+ -s "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -s "Maximum outgoing record payload length is 4095" \
+ -s "10240 bytes written in 3 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 1 fragment" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=256" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 513 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 511" \
+ -c "256 bytes written in 1 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 2 fragments" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=768" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 513 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 511" \
+ -c "768 bytes written in 2 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 3 fragments" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=1280" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 513 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 511" \
+ -c "1280 bytes written in 3 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 1 fragment" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=512" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 1024 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 1023" \
+ -c "512 bytes written in 1 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 2 fragments" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=1536" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 1024 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 1023" \
+ -c "1536 bytes written in 2 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 3 fragments" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=2560" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 1024 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 1023" \
+ -c "2560 bytes written in 3 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 1 fragment" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=2048" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 4096 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 4095" \
+ -c "2048 bytes written in 1 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 2 fragments" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=6144" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 4096 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 4095" \
+ -c "6144 bytes written in 2 fragments"
+
+requires_gnutls_tls1_3
+requires_gnutls_record_size_limit
+requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 3 fragments" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \
+ "$P_CLI debug_level=4 force_version=tls13 request_size=10240" \
+ 0 \
+ -c "Sent RecordSizeLimit: 16384 Bytes" \
+ -c "ClientHello: record_size_limit(28) extension exists." \
+ -c "RecordSizeLimit: 4096 Bytes" \
+ -c "EncryptedExtensions: record_size_limit(28) extension exists." \
+ -c "Maximum outgoing record payload length is 4095" \
+ -c "10240 bytes written in 3 fragments"
+
+# TODO: For time being, we send fixed value of RecordSizeLimit defined by
+# MBEDTLS_SSL_IN_CONTENT_LEN. Once we support variable buffer length of
+# RecordSizeLimit, we need to modify value of RecordSizeLimit in below test.
+requires_config_value_equals "MBEDTLS_SSL_IN_CONTENT_LEN" 16384
+requires_all_configs_enabled MBEDTLS_SSL_CLI_C MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size limit (default)" \
+ "$P_SRV debug_level=4 force_version=tls13" \
+ "$P_CLI debug_level=4" \
+ 0 \
+ -c "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \
+ -c "RecordSizeLimit: $MAX_IN_LEN Bytes" \
+ -s "RecordSizeLimit: $MAX_IN_LEN Bytes" \
+ -s "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \
+ -s "Maximum outgoing record payload length is 16383" \
+ -s "Maximum incoming record payload length is 16384"
+
+# End of Record size limit tests
# Tests for renegotiation
+# G_NEXT_SRV is used in renegotiation tests becuase of the increased
+# extensions limit since we exceed the limit in G_SRV when we send
+# TLS 1.3 extensions in the initial handshake.
+
# Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION
run_test "Renegotiation: none, for reference" \
"$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \
@@ -5192,7 +5533,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renegotiation: gnutls server strict, client-initiated" \
- "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
"$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
0 \
-c "client hello, adding renegotiation extension" \
@@ -5206,7 +5547,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renegotiation: gnutls server unsafe, client-initiated default" \
- "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
"$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
1 \
-c "client hello, adding renegotiation extension" \
@@ -5220,7 +5561,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \
- "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
"$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
allow_legacy=0" \
1 \
@@ -5235,7 +5576,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \
- "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
"$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
allow_legacy=1" \
0 \
@@ -5296,7 +5637,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
- "$G_SRV -u --mtu 4096" \
+ "$G_NEXT_SRV -u --mtu 4096" \
"$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \
0 \
-c "client hello, adding renegotiation extension" \
@@ -5311,7 +5652,7 @@
requires_gnutls
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renego ext: gnutls server strict, client default" \
- "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
"$P_CLI debug_level=3" \
0 \
-c "found renegotiation extension" \
@@ -5321,7 +5662,7 @@
requires_gnutls
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renego ext: gnutls server unsafe, client default" \
- "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
"$P_CLI debug_level=3" \
0 \
-C "found renegotiation extension" \
@@ -5331,7 +5672,7 @@
requires_gnutls
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renego ext: gnutls server unsafe, client break legacy" \
- "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
"$P_CLI debug_level=3 allow_legacy=-1" \
1 \
-C "found renegotiation extension" \
@@ -8257,7 +8598,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \
- "$P_SRV buffer_size=100" \
+ "$P_SRV buffer_size=100 force_version=tls12" \
"$P_CLI request_size=$MAX_CONTENT_LEN" \
0 \
-s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))"
@@ -8446,20 +8787,20 @@
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "Large client packet TLS 1.3 AEAD" \
"$P_SRV" \
- "$P_CLI request_size=16384 \
+ "$P_CLI request_size=16383 \
force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
0 \
- -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
- -s "Read from client: $MAX_CONTENT_LEN bytes read"
+ -c "16383 bytes written in $(fragments_for_write 16383) fragments" \
+ -s "Read from client: 16383 bytes read"
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "Large client packet TLS 1.3 AEAD shorter tag" \
"$P_SRV" \
- "$P_CLI request_size=16384 \
+ "$P_CLI request_size=16383 \
force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
0 \
- -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
- -s "Read from client: $MAX_CONTENT_LEN bytes read"
+ -c "16383 bytes written in $(fragments_for_write 16383) fragments" \
+ -s "Read from client: 16383 bytes read"
# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
run_test "Large server packet TLS 1.2 BlockCipher" \
@@ -8502,17 +8843,17 @@
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "Large server packet TLS 1.3 AEAD" \
- "$P_SRV response_size=16384" \
+ "$P_SRV response_size=16383" \
"$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
0 \
- -c "Read from server: 16384 bytes read"
+ -c "Read from server: 16383 bytes read"
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "Large server packet TLS 1.3 AEAD shorter tag" \
- "$P_SRV response_size=16384" \
+ "$P_SRV response_size=16383" \
"$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
0 \
- -c "Read from server: 16384 bytes read"
+ -c "Read from server: 16383 bytes read"
# Tests for restartable ECC
@@ -9115,8 +9456,6 @@
# Tests for ECC extensions (rfc 4492)
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
run_test "Force a non ECC ciphersuite in the client side" \
@@ -9128,8 +9467,6 @@
-S "found supported elliptic curves extension" \
-S "found supported point formats extension"
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
run_test "Force a non ECC ciphersuite in the server side" \
@@ -9139,8 +9476,6 @@
-C "found supported_point_formats extension" \
-S "server hello, supported_point_formats extension"
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_hash_alg SHA_256
run_test "Force an ECC ciphersuite in the client side" \
"$P_SRV debug_level=3" \
@@ -9151,8 +9486,6 @@
-s "found supported elliptic curves extension" \
-s "found supported point formats extension"
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_hash_alg SHA_256
run_test "Force an ECC ciphersuite in the server side" \
"$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
@@ -9677,8 +10010,6 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048
run_test "DTLS fragmenting: both (MTU=512)" \
-p "$P_PXY mtu=512" \
@@ -9707,8 +10038,6 @@
not_with_valgrind
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
-p "$P_PXY mtu=508" \
@@ -9730,8 +10059,6 @@
only_with_valgrind
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
-p "$P_PXY mtu=508" \
@@ -9782,8 +10109,6 @@
not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
-p "$P_PXY mtu=512" \
@@ -9831,8 +10156,6 @@
not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
-p "$P_PXY mtu=512" \
@@ -9866,8 +10189,6 @@
not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
-p "$P_PXY mtu=1450" \
@@ -9895,7 +10216,6 @@
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_CHACHAPOLY_C
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
-p "$P_PXY mtu=512" \
@@ -9909,7 +10229,7 @@
crt_file=data_files/server8_int-ca2.crt \
key_file=data_files/server8.key \
exchanges=2 renegotiation=1 renegotiate=1 \
- force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \
hs_timeout=10000-60000 \
mtu=512" \
0 \
@@ -9925,8 +10245,6 @@
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
-p "$P_PXY mtu=512" \
@@ -9956,8 +10274,6 @@
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CCM_C
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
-p "$P_PXY mtu=1024" \
@@ -9987,8 +10303,6 @@
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
@@ -10019,8 +10333,6 @@
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
-p "$P_PXY mtu=1024" \
@@ -10046,8 +10358,6 @@
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
client_needs_more_time 2
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU + 3d" \
@@ -10069,8 +10379,6 @@
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
-requires_config_enabled MBEDTLS_AES_C
-requires_config_enabled MBEDTLS_GCM_C
client_needs_more_time 2
requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
@@ -11640,6 +11948,21 @@
-S "Version: TLS1.2" \
-C "Protocol : TLSv1.2"
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_SSL_SRV_C
+run_test "TLS 1.3 m->m: Not supported version check: cli TLS 1.2 only, srv TLS 1.3 only, fail" \
+ "$P_SRV debug_level=4 max_version=tls13 min_version=tls13" \
+ "$P_CLI debug_level=4 max_version=tls12 min_version=tls12" \
+ 1 \
+ -c "The SSL configuration is tls12 only" \
+ -c "supported_versions(43) extension does not exist." \
+ -c "A fatal alert message was received from our peer" \
+ -s "The SSL configuration is tls13 only" \
+ -s "TLS 1.2 not supported."
+
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
index d8ff49e..cc28697 100644
--- a/tests/suites/host_test.function
+++ b/tests/suites/host_test.function
@@ -772,6 +772,10 @@
mbedtls_fprintf(stdout, " (%u / %u tests (%u skipped))\n",
total_tests - total_errors, total_tests, total_skipped);
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ mbedtls_test_mutex_usage_end();
+#endif
+
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
!defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
#if defined(MBEDTLS_MEMORY_DEBUG)
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index d495b49..2ca3f7f 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -6,6 +6,7 @@
* master, enc and dec must be AES context objects. They don't need to
* be initialized, and are left freed.
*/
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static int test_copy(const data_t *key,
mbedtls_aes_context *master,
mbedtls_aes_context *enc,
@@ -55,6 +56,7 @@
* with alternative implementations. */
return 0;
}
+#endif
/* END_HEADER */
@@ -86,7 +88,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
void aes_decrypt_ecb(data_t *key_str, data_t *src_str,
data_t *dst, int setkey_result)
{
@@ -523,7 +525,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
void aes_ecb_copy_context(data_t *key)
{
/* We test context copying multiple times, with different alignments
diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function
index 579dddf..f1748d1 100644
--- a/tests/suites/test_suite_aria.function
+++ b/tests/suites/test_suite_aria.function
@@ -86,7 +86,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
void aria_decrypt_ecb(data_t *key_str, data_t *src_str,
data_t *expected_output, int setkey_result)
{
diff --git a/tests/suites/test_suite_block_cipher.data b/tests/suites/test_suite_block_cipher.data
index cf321ae..097b567 100644
--- a/tests/suites/test_suite_block_cipher.data
+++ b/tests/suites/test_suite_block_cipher.data
@@ -182,56 +182,74 @@
test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"00112233445566778899aabbccddeeff":"f92bd7c79fb72e2f2b8f80c1972d24fc"
Camellia-128-ECB Encrypt RFC3713 #1
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba9876543210":"0123456789abcdeffedcba9876543210":"67673138549669730857065648eabe43"
Camellia-192-ECB Encrypt RFC3713 #1
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba98765432100011223344556677":"0123456789abcdeffedcba9876543210":"b4993401b3e996f84ee5cee7d79b09b9"
Camellia-256-ECB Encrypt RFC3713 #1
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff":"0123456789abcdeffedcba9876543210":"9acc237dff16d76c20ef7c919e3a7509"
Camellia-128-ECB Encrypt Perl EVP #1 [#1]
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F":"00112233445566778899AABBCCDDEEFF":"77CF412067AF8270613529149919546F"
Camellia-192-ECB Encrypt Perl EVP #1 [#1]
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F1011121314151617":"00112233445566778899AABBCCDDEEFF":"B22F3C36B72D31329EEE8ADDC2906C68"
Camellia-256-ECB Encrypt Perl EVP #1 [#1]
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00112233445566778899AABBCCDDEEFF":"2EDF1F3418D53B88841FC8985FB1ECF2"
Camellia-128-ECB Encrypt Perl EVP #1 [#2]
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"6BC1BEE22E409F96E93D7E117393172A":"432FC5DCD628115B7C388D770B270C96"
Camellia-128-ECB Encrypt Perl EVP #2
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"0BE1F14023782A22E8384C5ABB7FAB2B"
Camellia-128-ECB Encrypt Perl EVP #3
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"30C81C46A35CE411E5FBC1191A0A52EF":"A0A1ABCD1893AB6FE0FE5B65DF5F8636"
Camellia-128-ECB Encrypt Perl EVP #4
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"F69F2445DF4F9B17AD2B417BE66C3710":"E61925E0D5DFAA9BB29F815B3076E51A"
Camellia-192-ECB Encrypt Perl EVP #1 [#2]
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"6BC1BEE22E409F96E93D7E117393172A":"CCCC6C4E138B45848514D48D0D3439D3"
Camellia-192-ECB Encrypt Perl EVP #2
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"5713C62C14B2EC0F8393B6AFD6F5785A"
Camellia-192-ECB Encrypt Perl EVP #3
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"30C81C46A35CE411E5FBC1191A0A52EF":"B40ED2B60EB54D09D030CF511FEEF366"
Camellia-192-ECB Encrypt Perl EVP #4
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"F69F2445DF4F9B17AD2B417BE66C3710":"909DBD95799096748CB27357E73E1D26"
Camellia-256-ECB Encrypt Perl EVP #1 [#2]
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"6BC1BEE22E409F96E93D7E117393172A":"BEFD219B112FA00098919CD101C9CCFA"
Camellia-256-ECB Encrypt Perl EVP #2
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"C91D3A8F1AEA08A9386CF4B66C0169EA"
Camellia-256-ECB Encrypt Perl EVP #3
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"30C81C46A35CE411E5FBC1191A0A52EF":"A623D711DC5F25A51BB8A80D56397D28"
Camellia-256-ECB Encrypt Perl EVP #4
+depends_on:MBEDTLS_CAMELLIA_C
test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"F69F2445DF4F9B17AD2B417BE66C3710":"7960109FB6DC42947FCFE59EA3C5EB6B"
diff --git a/tests/suites/test_suite_block_cipher.function b/tests/suites/test_suite_block_cipher.function
index 239568c..3350b0f 100644
--- a/tests/suites/test_suite_block_cipher.function
+++ b/tests/suites/test_suite_block_cipher.function
@@ -92,3 +92,38 @@
mbedtls_block_cipher_free(&ctx);
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void block_cipher_psa_dynamic_dispatch(int cipher_type, int pre_psa_ret, int post_psa_engine)
+{
+ mbedtls_block_cipher_context_t ctx;
+ (void) post_psa_engine;
+
+ /* Intentionally no PSA init here! (Will be done later.) */
+
+ mbedtls_block_cipher_init(&ctx);
+
+ /* Before PSA crypto init */
+ TEST_EQUAL(pre_psa_ret, mbedtls_block_cipher_setup(&ctx, cipher_type));
+
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+ TEST_EQUAL(ctx.engine, MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY);
+#endif
+
+ mbedtls_block_cipher_free(&ctx);
+
+ /* Now initilize PSA Crypto */
+ BLOCK_CIPHER_PSA_INIT();
+
+ mbedtls_block_cipher_init(&ctx);
+ /* After PSA Crypto init */
+ TEST_EQUAL(0, mbedtls_block_cipher_setup(&ctx, cipher_type));
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+ TEST_EQUAL(ctx.engine, post_psa_engine);
+#endif
+
+exit:
+ mbedtls_block_cipher_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_block_cipher.psa.data b/tests/suites/test_suite_block_cipher.psa.data
new file mode 100644
index 0000000..eb0c278
--- /dev/null
+++ b/tests/suites/test_suite_block_cipher.psa.data
@@ -0,0 +1,35 @@
+AES - legacy only
+depends_on:MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY:!MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_AES:0:MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY
+
+AES - driver only
+depends_on:!MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_AES:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA
+
+AES - legacy + driver
+depends_on:MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_AES:0:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA
+
+ARIA - legacy only
+depends_on:MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY:!MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_ARIA:0:MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY
+
+ARIA - driver only
+depends_on:!MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_ARIA:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA
+
+ARIA - legacy + driver
+depends_on:MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_ARIA:0:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA
+
+Camellia - legacy only
+depends_on:MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY:!MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_CAMELLIA:0:MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY
+
+Camellia - driver only
+depends_on:!MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_CAMELLIA:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA
+
+Camellia - legacy + driver
+depends_on:MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA
+block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_CAMELLIA:0:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA
diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function
index 1cef97a..6930679 100644
--- a/tests/suites/test_suite_camellia.function
+++ b/tests/suites/test_suite_camellia.function
@@ -67,7 +67,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
void camellia_decrypt_ecb(data_t *key_str, data_t *src_str,
data_t *dst, int setkey_result)
{
diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data
index caf9a74..22150f7 100644
--- a/tests/suites/test_suite_ccm.data
+++ b/tests/suites/test_suite_ccm.data
@@ -2,15 +2,15 @@
mbedtls_ccm_self_test:
CCM init #1 AES-128: OK
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:128:0
CCM init #2 CAMELLIA-256: OK
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_CAMELLIA:256:0
CCM init #3 AES-224: bad key size
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT
CCM init #4 DES: bad block size
@@ -55,1709 +55,1709 @@
ccm_star_lengths:5:10:5:0:0
CCM* encrypt and tag #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_star_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"":"ACDE480000000001":"00000005":2:"08D0842143010000000048DEAC020500000055CF000051525354":"223BC1EC841AB553":0
CCM* encrypt and tag #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_star_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"61626364":"ACDE480000000001":"00000005":4:"69DC842143020000000048DEAC010000000048DEAC0405000000":"D43E022B":0
CCM* encrypt and tag #3
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_star_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"CE":"ACDE480000000001":"00000005":6:"2BDC842143020000000048DEACFFFF010000000048DEAC060500000001":"D84FDE529061F9C6F1":0
CCM* auth decrypt tag #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_star_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"223BC1EC841AB553":"ACDE480000000001":"00000005":2:"08D0842143010000000048DEAC020500000055CF000051525354":"":0
CCM* auth decrypt tag #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_star_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"D43E022B":"ACDE480000000001":"00000005":4:"69DC842143020000000048DEAC010000000048DEAC0405000000":"61626364":0
CCM* auth decrypt tag #3
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_star_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"D84FDE529061F9C6F1":"ACDE480000000001":"00000005":6:"2BDC842143020000000048DEACFFFF010000000048DEAC060500000001":"CE":0
CCM encrypt and tag RFC 3610 #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000003020100A0A1A2A3A4A5":"0001020304050607":"588C979A61C663D2F066D0C2C0F989806D5F6B61DAC38417E8D12CFDF926E0"
CCM encrypt and tag RFC 3610 #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00000004030201A0A1A2A3A4A5":"0001020304050607":"72C91A36E135F8CF291CA894085C87E3CC15C439C9E43A3BA091D56E10400916"
CCM encrypt and tag RFC 3610 #3
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":"00000005040302A0A1A2A3A4A5":"0001020304050607":"51B1E5F44A197D1DA46B0F8E2D282AE871E838BB64DA8596574ADAA76FBD9FB0C5"
CCM encrypt and tag RFC 3610 #4
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"A28C6865939A9A79FAAA5C4C2A9D4A91CDAC8C96C861B9C9E61EF1"
CCM encrypt and tag RFC 3610 #5
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"DCF1FB7B5D9E23FB9D4E131253658AD86EBDCA3E51E83F077D9C2D93"
CCM encrypt and tag RFC 3610 #6
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"6FC1B011F006568B5171A42D953D469B2570A4BD87405A0443AC91CB94"
CCM encrypt and tag RFC 3610 #7
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000009080706A0A1A2A3A4A5":"0001020304050607":"0135D1B2C95F41D5D1D4FEC185D166B8094E999DFED96C048C56602C97ACBB7490"
CCM encrypt and tag RFC 3610 #8
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"7B75399AC0831DD2F0BBD75879A2FD8F6CAE6B6CD9B7DB24C17B4433F434963F34B4"
CCM encrypt and tag RFC 3610 #9
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"82531A60CC24945A4B8279181AB5C84DF21CE7F9B73F42E197EA9C07E56B5EB17E5F4E"
CCM encrypt and tag RFC 3610 #10
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"07342594157785152B074098330ABB141B947B566AA9406B4D999988DD"
CCM encrypt and tag RFC 3610 #11
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"676BB20380B0E301E8AB79590A396DA78B834934F53AA2E9107A8B6C022C"
CCM encrypt and tag RFC 3610 #12
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"C0FFA0D6F05BDB67F24D43A4338D2AA4BED7B20E43CD1AA31662E7AD65D6DB"
CCM encrypt and tag RFC 3610 #13
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3"
CCM encrypt and tag RFC 3610 #14
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"9020EA6F91BDD85AFA0039BA4BAFF9BFB79C7028949CD0EC":"0033568EF7B2633C9696766CFA":"63018F76DC8A1BCB":"4CCB1E7CA981BEFAA0726C55D378061298C85C92814ABC33C52EE81D7D77C08A"
CCM encrypt and tag RFC 3610 #15
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"B916E0EACC1C00D7DCEC68EC0B3BBB1A02DE8A2D1AA346132E":"00103FE41336713C9696766CFA":"AA6CFA36CAE86B40":"B1D23A2220DDC0AC900D9AA03C61FCF4A559A4417767089708A776796EDB723506"
CCM encrypt and tag RFC 3610 #16
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"12DAAC5630EFA5396F770CE1A66B21F7B2101C":"00764C63B8058E3C9696766CFA":"D0D0735C531E1BECF049C244":"14D253C3967B70609B7CBB7C499160283245269A6F49975BCADEAF"
CCM encrypt and tag RFC 3610 #17
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"E88B6A46C78D63E52EB8C546EFB5DE6F75E9CC0D":"00F8B678094E3B3C9696766CFA":"77B60F011C03E1525899BCAE":"5545FF1A085EE2EFBF52B2E04BEE1E2336C73E3F762C0C7744FE7E3C"
CCM encrypt and tag RFC 3610 #18
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"6435ACBAFB11A82E2F071D7CA4A5EBD93A803BA87F":"00D560912D3F703C9696766CFA":"CD9044D2B71FDB8120EA60C0":"009769ECABDF48625594C59251E6035722675E04C847099E5AE0704551"
CCM encrypt and tag RFC 3610 #19
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"8A19B950BCF71A018E5E6701C91787659809D67DBEDD18":"0042FFF8F1951C3C9696766CFA":"D85BC7E69F944FB8":"BC218DAA947427B6DB386A99AC1AEF23ADE0B52939CB6A637CF9BEC2408897C6BA"
CCM encrypt and tag RFC 3610 #20
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"1761433C37C5A35FC1F39F406302EB907C6163BE38C98437":"00920F40E56CDC3C9696766CFA":"74A0EBC9069F5B37":"5810E6FD25874022E80361A478E3E9CF484AB04F447EFFF6F0A477CC2FC9BF548944"
CCM encrypt and tag RFC 3610 #21
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"A434A8E58500C6E41530538862D686EA9E81301B5AE4226BFA":"0027CA0C7120BC3C9696766CFA":"44A3AA3AAE6475CA":"F2BEED7BC5098E83FEB5B31608F8E29C38819A89C8E776F1544D4151A4ED3A8B87B9CE"
CCM encrypt and tag RFC 3610 #22
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"B96B49E21D621741632875DB7F6C9243D2D7C2":"005B8CCBCD9AF83C9696766CFA":"EC46BB63B02520C33C49FD70":"31D750A09DA3ED7FDDD49A2032AABF17EC8EBF7D22C8088C666BE5C197"
CCM encrypt and tag RFC 3610 #23
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"E2FCFBB880442C731BF95167C8FFD7895E337076":"003EBE94044B9A3C9696766CFA":"47A65AC78B3D594227E85E71":"E882F1DBD38CE3EDA7C23F04DD65071EB41342ACDF7E00DCCEC7AE52987D"
CCM encrypt and tag RFC 3610 #24
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"ABF21C0B02FEB88F856DF4A37381BCE3CC128517D4":"008D493B30AE8B3C9696766CFA":"6E37A6EF546D955D34AB6059":"F32905B88A641B04B9C9FFB58CC390900F3DA12AB16DCE9E82EFA16DA62059"
CCM encrypt and tag AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM encrypt and tag NIST VTT AES-128 #1 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43b1a6bc8d0d22d6d1ca95c18593cca5":"a2b381c7d1545c408fe29817a21dc435a154c87256346b05":"9882578e750b9682c6ca7f8f86":"2084f3861c9ad0ccee7c63a7e05aece5db8b34bd8724cc06b4ca99a7f9c4914f":"cc69ed76985e0ed4c8365a72775e5a19bfccc71aeb116c85a8c74677"
CCM encrypt and tag NIST VTT AES-128 #2 (P=24, N=13, A=32, T=6)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"44e89189b815b4649c4e9b38c4275a5a":"8db6ae1eb959963931d1c5224f29ef50019d2b0db7f5f76f":"374c83e94384061ac01963f88d":"cd149d17dba7ec50000b8c5390d114697fafb61025301f4e3eaa9f4535718a08":"df952dce0f843374d33da94c969eff07b7bc2418ca9ee01e32bc2ffa8600"
CCM encrypt and tag NIST VTT AES-128 #3 (P=24, N=13, A=32, T=8)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"368f35a1f80eaaacd6bb136609389727":"1cccd55825316a94c5979e049310d1d717cdfb7624289dac":"842a8445847502ea77363a16b6":"34396dfcfa6f742aea7040976bd596497a7a6fa4fb85ee8e4ca394d02095b7bf":"1a58094f0e8c6035a5584bfa8d1009c5f78fd2ca487ff222f6d1d897d6051618"
CCM encrypt and tag NIST VTT AES-128 #4 (P=24, N=13, A=32, T=10)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"996a09a652fa6c82eae8be7886d7e75e":"84cdd7380f47524b86168ed95386faa402831f22045183d0":"a8b3eb68f205a46d8f632c3367":"c71620d0477c8137b77ec5c72ced4df3a1e987fd9af6b5b10853f0526d876cd5":"a7fbf9dd1b099ed3acf6bcbd0b6f7cae57bee99f9d084f826d86e69c07f053d1a607"
CCM encrypt and tag NIST VTT AES-128 #5 (P=24, N=13, A=32, T=12)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ee186594f110fb788a8bf8aa8be5d4a":"d71864877f2578db092daba2d6a1f9f4698a9c356c7830a1":"44f705d52acf27b7f17196aa9b":"2c16724296ff85e079627be3053ea95adf35722c21886baba343bd6c79b5cb57":"b4dd74e7a0cc51aea45dfb401a41d5822c96901a83247ea0d6965f5aa6e31302a9cc2b36"
CCM encrypt and tag NIST VTT AES-128 #6 (P=24, N=13, A=32, T=14)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b2d52a5186d912cf6b83ace7740ceda":"ea384b081f60bb450808e0c20dc2914ae14a320612c3e1e8":"f47be3a2b019d1beededf5b80c":"76cf3522aff97a44b4edd0eef3b81e3ab3cd1ccc93a767a133afd508315f05ed":"79070f33114a980dfd48215051e224dfd01471ac293242afddb36e37da1ee8a88a77d7f12cc6"
CCM encrypt and tag NIST VTT AES-128 #7 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4189351b5caea375a0299e81c621bf43":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
CCM encrypt and tag NIST VTT AES-192 #1 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"11fd45743d946e6d37341fec49947e8c70482494a8f07fcc":"ee7e6075ba52846de5d6254959a18affc4faf59c8ef63489":"c6aeebcb146cfafaae66f78aab":"7dc8c52144a7cb65b3e5a846e8fd7eae37bf6996c299b56e49144ebf43a1770f":"137d9da59baf5cbfd46620c5f298fc766de10ac68e774edf1f2c5bad"
CCM encrypt and tag NIST VTT AES-192 #2 (P=24, N=13, A=32, T=6)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"146a163bbf10746e7c1201546ba46de769be23f9d7cc2c80":"473b6600559aefb67f7976f0a5cc744fb456efd86f615648":"f5827e51707d8d64bb522985bb":"599b12ebd3347a5ad098772c44c49eed954ec27c3ba6206d899ddaabca23a762":"26d2be30e171439d54a0fec291c6024d1de09d61b44f53258ba1360406f9"
CCM encrypt and tag NIST VTT AES-192 #3 (P=24, N=13, A=32, T=8)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bdf277af2226f03ec1a0ba7a8532ade6aea9b3d519fe2d38":"0ff89eff92a530b66684cd75a39481e7e069a7d05e89b692":"cc3c596be884e7caed503315c0":"4d6546167b3ed55f01c62bd384e02e1039c0d67ef7abe33291fecb136272f73b":"6ef66a52c866bd5df20ec5096de92167ad83cab0e095ad0c778a299f1224f10c"
CCM encrypt and tag NIST VTT AES-192 #4 (P=24, N=13, A=32, T=10)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"62f8eba1c2c5f66215493a6fa6ae007aae5be92f7880336a":"f5522e3405d9b77cbf3257db2b9675e618e8744a0ee03f0f":"15769753f503aa324f4b0e8ee0":"1bc05440ee3e34d0f25e90ca1ecbb555d0fb92b311621d171be6f2b719923d23":"b9103942dbbb93e15086751c9bb0a3d33112b55f95b7d4f32ff0bb90a8879812683f"
CCM encrypt and tag NIST VTT AES-192 #5 (P=24, N=13, A=32, T=12)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a5667197f46b8027980d0a3166c0a419713d4df0629a860":"d0e4024d6e33daafc011fe463545ed20f172872f6f33cefa":"6236b01079d180fce156fbaab4":"29bdf65b29394d363d5243d4249bad087520f8d733a763daa1356be458d487e5":"479f3d408bfa00d1cd1c8bf11a167ce7ae4bcdb011f04e38733013b8ebe5e92b1917640c"
CCM encrypt and tag NIST VTT AES-192 #6 (P=24, N=13, A=32, T=14)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d2d4482ea8e98c1cf309671895a16610152ce283434bca38":"78168e5cc3cddf4b90d5bc11613465030903e0196f1fe443":"6ee177d48f59bd37045ec03731":"9ef2d0d556d05cf9d1ee9dab9b322a389c75cd4e9dee2c0d08eea961efce8690":"e2324a6d5643dfc8aea8c08cbbc245494a3dcbcb800c797c3abcdb0563978785bf7fd71c6c1f"
CCM encrypt and tag NIST VTT AES-192 #7 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7177fd129674c6c91c1c89f4408139afe187026b8114893":"2cea0f7304860a4f40a28c8b890db60f3891b9982478495e":"31bb28f0e1e63c36ca3959dd18":"2529a834668187213f5342a1f3deea0dc2765478c7d71c9c21b9eb1351a5f6cb":"5bb7aa6ab9c02a5712d62343fbe61f774e598d6b87545612380ea23dcffc9574f672bca92e306411"
CCM encrypt and tag NIST VTT AES-256 #1 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9074b1ae4ca3342fe5bf6f14bcf2f27904f0b15179d95a654f61e699692e6f71":"239029f150bccbd67edbb67f8ae456b4ea066a4beee065f9":"2e1e0132468500d4bd47862563":"3c5f5404370abdcb1edde99de60d0682c600b034e063b7d3237723da70ab7552":"9c8d5dd227fd9f81237601830afee4f0115636c8e5d5fd743cb9afed"
CCM encrypt and tag NIST VTT AES-256 #2 (P=24, N=13, A=32, T=6)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8596a69890b0e47d43aeeca54b52029331da06fae63aa3249faaca94e2605feb":"f0b065da6ecb9ddcab855152d3b4155037adfa758ba96070":"20442e1c3f3c88919c39978b78":"4e0d3aa502bd03fe1761b167c4e0df1d228301d3ebaa4a0281becd813266e255":"d6a0f377f7c1b14dcdba729cae5271b027e71cc7850173ec265867a29eb3"
CCM encrypt and tag NIST VTT AES-256 #3 (P=24, N=13, A=32, T=8)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bae73483de27b581a7c13f178a6d7bda168c1b4a1cb9180512a13e3ab914eb61":"28ef408d57930086011b167ac04b866e5b58fe6690a0b9c3":"daf54faef6e4fc7867624b76f2":"7022eaa52c9da821da72d2edd98f6b91dfe474999b75b34699aeb38465f70c1c":"356367c6cee4453658418d9517f7c6faddcd7c65aef460138cf050f48c505151"
CCM encrypt and tag NIST VTT AES-256 #4 (P=24, N=13, A=32, T=10)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5b321b0ac2fedce0933d57d12195c7b9941f4caa95529125ed21c41fac43374":"6aa6ea668df60b0db85592d0a819c9df9e1099916272aafb":"b35fb2262edfa14938a0fba03e":"ba762bbda601d711e2dfc9dbe3003d39df1043ca845612b8e9dc9ff5c5d06ec4":"97027de5effd82c58f8dbfb909d7696fbe2d54916262912001a4d765bc1c95c90a95"
CCM encrypt and tag NIST VTT AES-256 #5 (P=24, N=13, A=32, T=12)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7f4af6765cad1d511db07e33aaafd57646ec279db629048aa6770af24849aa0d":"7ebef26bf4ecf6f0ebb2eb860edbf900f27b75b4a6340fdb":"dde2a362ce81b2b6913abc3095":"404f5df97ece7431987bc098cce994fc3c063b519ffa47b0365226a0015ef695":"353022db9c568bd7183a13c40b1ba30fcc768c54264aa2cd2927a053c9244d3217a7ad05"
CCM encrypt and tag NIST VTT AES-256 #6 (P=24, N=13, A=32, T=14)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c8b59d3e7986c277d5ad51e4a2233251076809ebf59463f47cd10b4aa951f8c":"138ee53b1914d3322c2dd0a4e02faab2236555131d5eea08":"21ff892b743d661189e205c7f3":"f1e0af185180d2eb63e50e37ba692647cac2c6a149d70c81dbd34685ed78feaa":"5b2f3026f30fdd50accc40ddd093b7997f23d7c6d3c8bc425f82c828413643b8794494cb5236"
CCM encrypt and tag NIST VTT AES-256 #7 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"60823b64e0b2da3a7eb772bd5941c534e6ff94ea96b564e2b38f82c78bb54522":"a8be794613835c4366e75817d228438f011a2ec8a86f9797":"48526f1bffc97dd65e42906983":"fab62b3e5deda7a9c1128663cc81c44b74ab1bfe70bc1c9dec7c7fd08173b80a":"cc3efe04d84a4ec5cb6a6c28dc2c2d386a359d9550dbdec963ddd56464aed6d0613159d1aa181dcb"
CCM encrypt and tag NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ebf60f0969013a54a3dedb19d20f6c8":"":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880"
CCM encrypt and tag NIST VPT AES-128 #2 (P=1, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ae7a8e907b8720f4b0d5507c1d0dc41":"0e":"7f18ad442e536a0159e7aa8c0f":"9c9b0f11e020c6512a63dfa1a5ec8df8bd8e2ad83cf87b80b38635621c5dc0d7":"4c201784bdab19e255787fecd02000c49d"
CCM encrypt and tag NIST VPT AES-128 #3 (P=2, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3d746ae6cac5cefd01f021c0bbf4bc3c":"4360":"597b3614ff9cd567afd1aad4e5":"90446190e1ff5e48e8a09d692b217de3ad0ab4a670e7f1b437f9c07a902cad60":"e38fdb77c1f8bbac2903a2ec7bc0f9c5654d"
CCM encrypt and tag NIST VPT AES-128 #4 (P=3, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e4fa1c6f8b00f1296956735ee86e310":"3a6734":"c6a170936568651020edfe15df":"00d57896da2435a4271afb9c98f61a650e63a4955357c47d073c5165dd4ea318":"384be657bfc5f385b179be7333eb3f57df546b"
CCM encrypt and tag NIST VPT AES-128 #5 (P=4, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7ccbb8557f6e08f436d0957d4bbe7fdf":"4cabeb02":"bb8e2ef2ed9484f9021cda7073":"fba1d18a74a3bb38671ab2842ffaa434cd572a0b45320e4145930b3008d8d350":"32501f4235c4dd96e83d5ab4c3c31c523453c317"
CCM encrypt and tag NIST VPT AES-128 #6 (P=5, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3725c7905bfaca415908c617b78f8dee":"f5499a7082":"c98ec4473e051a4d4ac56fd082":"11bc87f1c2d2076ba47c5cb530dd6c2a224f7a0f7f554e23d7d29077c7787680":"e378b776242066751af249d521c6eaebdff40b2642"
CCM encrypt and tag NIST VPT AES-128 #7 (P=6, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80bead98a05d1bb173cd4fca463b8fa3":"e479990bf082":"8a14a6d255aa4032ebff37a3d7":"bb4e706e73d21df66f64173859d47e247527cd9832e20dccff8548ed5f554108":"89c9246238878427f36b1f6c633e4542f32b50ca8edb"
CCM encrypt and tag NIST VPT AES-128 #8 (P=7, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc8ec91184ba18eae31ac2d3b252673f":"2a5775986551c8":"0da4c988f521f5648259f2bec2":"6d5573c9279897d7d1602d8a95c04bb5ca3fad2dbe89a024b3651eb227e73bb5":"4f259f2a718faea852a7c4358dfa9f5467357638acac90"
CCM encrypt and tag NIST VPT AES-128 #9 (P=8, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19f97ef5318b8005fc7133fa31dd1236":"6d972a673fbe1ca1":"01ce9814c6329dbee1d02b1321":"85853f120981f33cf1d50fde6b8bc865fe988a9f12579acdb336f9f992b08b89":"2f12a7e7acecae5d2563309efc19368cdee8266538ca89d3"
CCM encrypt and tag NIST VPT AES-128 #10 (P=9, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c17944bfaeeb808eed66ae7242ab545f":"7caae2640e734539d3":"910b3db64df3728ca98219e01b":"edf64f98b3ab593cbcf68ab37a8c9472e49cb849d4a744deae925a5a43faf262":"0dae8b3ccf0b439f6ff8ee4a233dfb7753f6bfe321b3e26959"
CCM encrypt and tag NIST VPT AES-128 #11 (P=10, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0fb9df6f638847f5de371f003dd938f4":"e10cc36bc1c5d3c646ab":"c9ddf61c052f3502ad6b229819":"4f9938d5bc3dcbe47f6b256d5e99723d0891e50c6175aba41b011e4686113c49":"7f797367de50be6dc04e4cf0d8c24189affd35060cb7ca3dd136"
CCM encrypt and tag NIST VPT AES-128 #12 (P=11, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"006ff7d3153caf906ec7929f5aef9276":"31be1b241cae79c54c2446":"57db1541a185bd9cdc34d62025":"7d9681cac38e778fba11f4464f69ed9ebfea31b7ffcaf2925b3381c65d975974":"9dd8a4244fbdb30b624578a625c43233476bbb959acd9edebe2883"
CCM encrypt and tag NIST VPT AES-128 #13 (P=12, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"026331e98aba9e8c23a9e8a91d0b0c97":"a82200ef3a08c390dec5cbf9":"bccfe69bba168b81cbdf7d018a":"26e011143a686a7224ddb8c5b1e5d31713fa22c386785e2c34f498ae56d07ed5":"adf4fc6f9be113066c09248fcb56a9c1a1c3bb16fbb9fbaedacdb12b"
CCM encrypt and tag NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa":"89f15b1cb665a8851da03b874ca6f73242f2f227350c0277e4e72cdaa6"
CCM encrypt and tag NIST VPT AES-128 #15 (P=14, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7301c907b9d2aaac355c5416ff25c59b":"484300aa3a506afcd313b49ead8d":"7304b65b6dab466273862c88b9":"2c5d114eff62c527cc2e03c33c595a80fe609bfc0fe13ce3380efe05d85cceac":"928ca58b0d373dc50c52afac787ce8eeb5d5b493661259a9d91ea31a5f7e"
CCM encrypt and tag NIST VPT AES-128 #16 (P=15, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"38be46d271bf868c198052391f8a2147":"61bd1385be92097e866550a55278f0":"6758f67db9bfea5f0e0972e08b":"c6de3be97f11d0e2ab85c9353b783f25b37366a78a2012cecf5b7a87138b3c86":"7c9fa8d99b38f825315ece6a2613f55e902f296dcce870263ae50cda4fadae"
CCM encrypt and tag NIST VPT AES-128 #17 (P=16, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"70010ed90e6186ecad41f0d3c7c42ff8":"be322f58efa7f8c68a635e0b9cce77f2":"a5f4f4986e98472965f5abcc4b":"3fec0e5cc24d67139437cbc8112414fc8daccd1a94b49a4c76e2d39303547317":"8e4425ae573974f0f0693a188b525812eef08e3fb15f4227e0d989a4d587a8cf"
CCM encrypt and tag NIST VPT AES-128 #18 (P=17, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"79eae5baddc5887bdf3031fd1d65085b":"001343e6191f5f1738e7d19d4eec2b9592":"9da59614535d1fad35f2ece00f":"46603500af9e4e7a2f9545411a58b21a6efd21f2b5f315d02d964c09270145b3":"2162e27bfbf1d00f2404754a254665fd9270f0edb415993588b2535e2e0e4fd086"
CCM encrypt and tag NIST VPT AES-128 #19 (P=18, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c14eda0f958465246fe6ab541e5dfd75":"617868ae91f705c6b583b5fd7e1e4086a1bb":"32b63ca7e269223f80a56baaaa":"733f8e7670de3446016916510dfe722ce671570121d91331a64feb3d03f210e6":"b2dc1e548b3d3f225a34082f4391980a0788b4cc36852fd64a423fb8e872252b248e"
CCM encrypt and tag NIST VPT AES-128 #20 (P=19, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5e7147f56ba4530b8799ababeb82772":"2f3bf0b566440912a1e47a0c07f1cfd39cb440":"bdd38e173fb20b981659c597d6":"3a069a2bfda44abbb0a82a97e5e9047258c803da2c66190d77149e0f010b3af9":"bd6265dcba9e14c59e515e395dc60bd053345fa6d7568c738e3a7fdf142d8f2d1562c0"
CCM encrypt and tag NIST VPT AES-128 #21 (P=20, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"78c46e3249ca28e1ef0531d80fd37c12":"4802422c9b3b4459ba26e7863ad87b0c172cfe4b":"5de41a86ce3f3fb1b685b3ca4d":"e98a77f2a941b36232589486b05f4278275588665a06d98aec98915cc5607e06":"daea2234ea433533bf0716abe1aa3844b6d3c51e9d5ca3d8ec5065630d2de0717cdeb7d5"
CCM encrypt and tag NIST VPT AES-128 #22 (P=21, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8883002bf13b3a94b2467225970df938":"d516bbff452e7706c91c7ace3e9baa76d65ff7050f":"818a702d5c8ee973b34e9acda1":"545aeac737c0ca2a3d5e1fd966840c3a0d71e0301abbe99c7af18d24cc7e9633":"b85242fdc06344f2bd9a97b408902ebcd22aece3d42f2da4dd4d817c9fa2d44bc02163a0a9"
CCM encrypt and tag NIST VPT AES-128 #23 (P=22, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5cea00ee44cfb9cfbb598d3812e380ef":"33bfd0713f30fcac8f7f95920ac6d9b803ddd5480dd8":"948788a9c8188cb988430a7ebd":"50422c5e6a0fb8231b3bb6e2f89607019be6ad92a4dae8e0fe3f9e486476004b":"b168747dea3ae0fbede4402af9a3dc3185d6d162f859d828101682de32923788c70262b84814"
CCM encrypt and tag NIST VPT AES-128 #24 (P=23, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cb83f77751e72711401cbbf4f61aa0ed":"eede01b08f9a303cdf14c99d7a45732972c6eff2a1db06":"c0b461b2e15b8b116ef9281704":"2bd112231f903fa0dff085db48a2e2a96ec0199249b005d5ab4c2eab753f9ad0":"feb114b7bd3b43497b62454a675a632c3546d2802462c6af57647efda119c59862cd5dd3904efc"
CCM encrypt and tag NIST VPT AES-128 #25 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43c1142877d9f450e12d7b6db47a85ba":"b506a6ba900c1147c806775324b36eb376aa01d4c3eef6f5":"76becd9d27ca8a026215f32712":"6a59aacadd416e465264c15e1a1e9bfa084687492710f9bda832e2571e468224":"14b14fe5b317411392861638ec383ae40ba95fefe34255dc2ec067887114bc370281de6f00836ce4"
CCM encrypt and tag NIST VPT AES-192 #1 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"086e2967cde99e90faaea8a94e168bf0e066c503a849a9f3":"":"929542cd690f1babcf1696cb03":"58f70bab24e0a6137e5cd3eb18656f2b5ccddc3f538a0000c65190e4a3668e71":"3bf9d93af6ffac9ac84cd3202d4e0cc8"
CCM encrypt and tag NIST VPT AES-192 #2 (P=1, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"992d38768b11a236945bd4b327c3728fac24c091238b6553":"1c":"b248a90b84b0122a5ad8e12760":"27cabc40da0e1eda0ea5f8abbb7c179e30776250a7b30d711b0e106c5ee9d84a":"1a96f58c3f38c44d1a345f3e2da6679f20"
CCM encrypt and tag NIST VPT AES-192 #3 (P=2, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5012db40ff6ae23c1e1ce43768c5936c4400b0e79ae77f30":"0c6c":"b67e500b35d60ad7264240027c":"40affd355416200191ba64edec8d7d27ead235a7b2e01a12662273deb36379b8":"c996ef3d6ef9f981557506ecc8797bbaaaa7"
CCM encrypt and tag NIST VPT AES-192 #4 (P=3, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fa15cc7f0de294d7341b1fd79326c8be78e67822343c1992":"bcb898":"e5257aed2bda0495aa44591db4":"31a0338c3839931fa1dd5131cb796c4c6cfde9fb336d8a80ac35dec463be7a94":"68f08298d9a2147776dca9c1a42382bce323b2"
CCM encrypt and tag NIST VPT AES-192 #5 (P=4, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5330a8447d74a7987fb718cfae246b5c7e057991064eeaf":"b46b343e":"2ef29d62b40d8643848797cde8":"1225b036e6044df52314016760e92750de0936120395de750a2c54a7fa0cea82":"c2c39d6f9344e2de064f269d065a2a6108605916"
CCM encrypt and tag NIST VPT AES-192 #6 (P=5, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30419145ae966591b408c29e5fd14d9112542909be5363f7":"8ceaeb89fd":"27e6b2a482bbc6f13702005708":"e04e81e860daf9696098c723085d8023c240ebe7a643131e35359ab04bd650fe":"ec9d5ed36243ddf77b33d8cf2963ba76fd4e19f3c5"
CCM encrypt and tag NIST VPT AES-192 #7 (P=6, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"748ad503388a34041a7bdae6361d57894357c333bacf02ca":"24d6880aed7e":"518b79d194579b19f2d8845b70":"691dd98f61fd213b0840ec5a6f06ef9a1420be0d59bde5e43546347a2a865a94":"270120f9634ec15536e21d961c675070ec4cff9037bc"
CCM encrypt and tag NIST VPT AES-192 #8 (P=7, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b930cca30a3fd230c237c8f3cc6792d0c4084dff5c18d775":"2a755e362373ef":"7574802fd82fe96c05431acd40":"1cf83928b6a9e525fe578c5c0f40c322be71b3092239bff954dd6883738d6d71":"f06238b0450fd1f4b6cab1383adb420c4724aa7bdfefb7"
CCM encrypt and tag NIST VPT AES-192 #9 (P=8, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"314c136999e41d137bd7ba17201a9fa406025868334e39b3":"4d54d8b06b204445":"65f7a0f4c0f5bba9d26f7e0ddb":"5c7ce4819b30b975ae6ce58dcc1bfa29a8b6dda8f4b76c7e23516487745e829c":"2baf90c490b11f9607482362ab3f157c42d0e9c6c5cffcf0"
CCM encrypt and tag NIST VPT AES-192 #10 (P=9, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a19f6be062ec0aaf33046bd52734f3336c85d8368bef86ab":"13511ae5ff6c6860a1":"7f2d07f8169c5672b4df7f6cac":"d68d5f763db6111c5d6324d694cb0236beab877daae8115ecb75d60530777b58":"b3859b757802ebd048467fd8e139eb9ee8fcdca45ed87dc1c8"
CCM encrypt and tag NIST VPT AES-192 #11 (P=10, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"de1c8263345081d2dfa9afdf37675971135e178df554a4d8":"f777aba1fa70f94e6de9":"a301bb82f91a582db01355c388":"9ad52c041390d0d4aaf65a4667c3239c95e7eae6178acc23fb4e70a852d483c6":"9d8bff6d2dcde77104ac6aba025abc01416a7ca9f096ab2529cb"
CCM encrypt and tag NIST VPT AES-192 #12 (P=11, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"248d36bd15f58e47fcf1c948272355821f8492e6e69f3661":"33709d9c7906e2f82dd9e2":"9e8d492c304cf6ad59102bca0e":"9ec08c7ed6b70823d819e9ab019e9929249f966fdb2069311a0ddc680ac468f5":"9114d36b79b1918b2720f40cddce66df9b4802f737bea4bd8f5378"
CCM encrypt and tag NIST VPT AES-192 #13 (P=12, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"77a67fb504b961028633321111aac2c30eb6d71a8cf72056":"10554c062d269ff6dcd98493":"acadc0330194906f8c75ac287f":"8c18486d52571f70f2ba6a747aaa3d4b3ebc2e481ee1b70907dddb94bdfa0ca6":"7f8b0cad79b545e5addf0b04ff4b0f2b2a5067283210aba8630d0306"
CCM encrypt and tag NIST VPT AES-192 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0d423519e4110c06063061323f8c7c95387776b6ee4e4b6e":"4021ff104ff1dbd91e46db249f":"39abe53826d9b8e300fe747533":"cdd9bf1b4f865e922c678ec4947ea0cb02e78bd5c1538f33aeb818ad3f47e519":"7953d3cd66d093785d123f65ba37f16761dd6aedbfc789ad96edf1490d"
CCM encrypt and tag NIST VPT AES-192 #15 (P=14, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a60cf7ceb62bf3118532bc61daa25ce946991047f951b536":"d64f9426febce6a84c954dd5ded5":"7499494faa44a7576f9ed5580d":"baa482c64eefd09118549a8968f44cfea7a436913a428e30aa4ab44802a4ba35":"f7580f17266d68237747bf57c7ed8242ac1a1979c5a9e7bc67d7698c7efa"
CCM encrypt and tag NIST VPT AES-192 #16 (P=15, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82d4bc9aac298b09112073277205e1bf42176d1e6339b76c":"25a53fd3e476dc0860eeeea25fcb0c":"70325ef19e581b743095cd5eb1":"6d14bb2635c5d0ae83687f1824279cf141173527e1b32d1baf8a27f7fe34a542":"4a1cfd0023557a184b929965b0a445cb3993ca35acf354cb2b4254ff672e7f"
CCM encrypt and tag NIST VPT AES-192 #17 (P=16, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6873f1c6c30975aff6f08470264321130a6e5984ade324e9":"5051a0b0b6766cd6ea29a672769d40fe":"7c4d2f7cec04361f187f0726d5":"77743b5d83a00d2c8d5f7e10781531b496e09f3bc9295d7ae9799e64668ef8c5":"0ce5ac8d6b256fb7580bf6acc76426af40bce58fd4cd6548df90a0337c842004"
CCM encrypt and tag NIST VPT AES-192 #18 (P=17, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3cf8da27d5be1af024158985f725fd7a6242cbe0041f2c17":"f6dd2c64bf597e63263ccae1c54e0805fe":"07f77f114d7264a122a7e9db4f":"30457e99616f0247f1339b101974ea231904d0ef7bd0d5ee9b57c6c16761a282":"ce3031c3a70600e9340b2ddfe56aa72cffdc5e53e68c51ee55b276eb3f85d2cf63"
CCM encrypt and tag NIST VPT AES-192 #19 (P=18, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b46a3a24c66eb846ca6413c001153dc6998970c12e7acd5a":"56d18d3e2e496440d0a5c9e1bcb464faf5bc":"b79c33c96a0a90030694163e2a":"ea9405d6a46cac9783a7b48ac2e25cc9a3a519c4658b2a8770a37240d41587fb":"01baba2e0d5b49d600d03a7ed84ee878926c0ca478f40a6fbde01f584d938a1c91bf"
CCM encrypt and tag NIST VPT AES-192 #20 (P=19, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b71045ccef735bd0c5bea3cf3b7e16e58d9c62061a204e0":"890d05420d57e3b3d8dbef117fe60c3fa6a095":"2b9ecfd179242c295fe6c6fa55":"b89166f97deb9cc7fdeb63639eeafb145895b307749ec1a293b27115f3aa8232":"f842ff6662684de8785af275fa2d82d587de0687ebe35e883cbd53b82f2a4624c03894"
CCM encrypt and tag NIST VPT AES-192 #21 (P=20, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc7c67715f2709e150cceff020aaacf88a1e7568191acbcf":"f383bd3e6270876b74abbb5d35e7d4f11d83412c":"da56ea046990c70fa216e5e6c4":"f799818d91be7bab555a2e39f1f45810a94d07179f94fe1151d95ab963c47611":"377b5df263c5c74f63603692cbb61ea37b6d686c743f71e15490ca41d245768988719ede"
CCM encrypt and tag NIST VPT AES-192 #22 (P=21, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f41e369a1599627e76983e9a4fc2e963dab4960b09ebe390":"81ad3f386bedcbf656ff535c63580d1f87e3c72326":"68ef8285b90f28bcd3cb1bacea":"dbe3e82e49624d968f5463ceb8af189fb3ad8b3b4122142b110d848a286dae71":"9f6028153e06d14d30b862a99a35413413c04a49dc6f68a03a11cf00d58f062a7b36465d13"
CCM encrypt and tag NIST VPT AES-192 #23 (P=22, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3289e59e3a7b29bf4a309afc253030bba4b9bdd64f0722f9":"53911a67b65738f87fc7c20d6db8044bde1af95838d1":"30259ce106e9bd7a8bacbaf212":"2870bd9a26c510e9a256920899bbc77a4eb9b53f927045a943d5ed6b13638cf3":"70cf37d4b6f7e707376b1574ce17c040b5143da47abb2fe9afafc2fccd98ccf63b0fdec30eac"
CCM encrypt and tag NIST VPT AES-192 #24 (P=23, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"40f1aff2e44d05f12126097a0f07ac0359ba1a609356a4e6":"8d98c580fb366f330dbfda20f91d99a0878b47efd14c6d":"0df3fc6396f851785fca9aa5ff":"e9699b20b0574fce8b5cbc4ef792eb96e2c1cce36b1b1f06ea2a95fe300633cc":"579cdf9da62a2df471e03450516adb4ce99ae0f70b1776a39c3b429a1f922fac0b59e29a122e43"
CCM encrypt and tag NIST VPT AES-192 #25 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91f9d636a071c3aad1743137e0644a73de9e47bd76acd919":"4eaf9384cad976f65f98042d561d760b5a787330dc658f6c":"1bf491ac320d660eb2dd45c6c3":"3bdfd7f18d2b6d0804d779f0679aaa2d7d32978c2df8015ae4b758d337be81dd":"635530cab14e3d0a135bb6eebb5829412676e6dd4995f99cb7e17f235bd660e7e17b2c65320e9fd4"
CCM encrypt and tag NIST VPT AES-256 #1 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c6c14c655e52c8a4c7e8d54e974d698e1f21ee3ba717a0adfa6136d02668c476":"":"291e91b19de518cd7806de44f6":"b4f8326944a45d95f91887c2a6ac36b60eea5edef84c1c358146a666b6878335":"ca482c674b599046cc7d7ee0d00eec1e"
CCM encrypt and tag NIST VPT AES-256 #2 (P=1, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc49d4a397887cb57bc92c8a8c26a7aac205c653ef4011c1f48390ad35f5df14":"1a":"6df8c5c28d1728975a0b766cd7":"080f82469505118842e5fa70df5323de175a37609904ee5e76288f94ca84b3c5":"a5f24e87a11a95374d4c190945bf08ef2f"
CCM encrypt and tag NIST VPT AES-256 #3 (P=2, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"36b0175379e7ae19c277fe656a2252a82796309be0f0d4e1c07fdde88aca4510":"be80":"021bd8b551947be4c18cf1a455":"b5c6e8313b9c68e6bb84bffd65fa4108d243f580eab99bb80563ed1050c8266b":"ecacc3152e43d9efea26e16c1d1793e2a8c4"
CCM encrypt and tag NIST VPT AES-256 #4 (P=3, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ddb739acda6c56ec9aefc4f4cbc258587f443da4e76ddfa85dbe0813a8784944":"db457c":"0bddf342121b82f906368b0d7b":"887486fff7922768186363ef17eb78e5cf2fab8f47a4eb327de8b16d63b02acb":"54473c3f65d6be431e79700378049ac06f2599"
CCM encrypt and tag NIST VPT AES-256 #5 (P=4, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"62b82637e567ad27c3066d533ed76e314522ac5c53851a8c958ce6c64b82ffd0":"87294078":"5bc2896d8b81999546f88232ab":"fffb40b0d18cb23018aac109bf62d849adca42629d8a9ad1299b83fe274f9a63":"2bc22735ab21dfdcfe95bd83592fb6b4168d9a23"
CCM encrypt and tag NIST VPT AES-256 #6 (P=5, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bc29a16e19cfbe32bf4948e8e4484159bc819b7eec504e4441a1a98ca210e576":"3e8c6d1b12":"4f18bcc8ee0bbb80de30a9e086":"574931ae4b24bdf7e9217eca6ce2a07287999e529f6e106e3721c42dacf00f5d":"45f3795fcf9c66e1a43103d9a18f5fba5fab83f994"
CCM encrypt and tag NIST VPT AES-256 #7 (P=6, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f4b4f97b6aa48adb3336c451aac377fde4adf47897fd9ccdf139f33be76b18c":"1b62ad19dcac":"7a76eac44486afdb112fc4aab9":"a66c980f6621e03ff93b55d5a148615c4ad36d6cbdd0b22b173b4b1479fb8ff7":"4ad1fcf57c12b14e0e659a6305b4aeffae82f8a66c94"
CCM encrypt and tag NIST VPT AES-256 #8 (P=7, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f7aaeff3a1dc0cc5ecf220c67ad9f6dda060b4f1be3cc609cb4f18b2342a88a2":"d48daa2919348d":"d0d6871b9adc8623ac63faf00f":"e97175c23c5b47da8ce67811c6d60a7499b3b7e1347ad860519285b67201fe38":"eb32ab153a8e092fa325bafc176a07c31e6cc0a852d288"
CCM encrypt and tag NIST VPT AES-256 #9 (P=8, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"493e14623cd250058a7fc66a3fee0c24b6e363b966c2314aff53b276b6c2ea7b":"e5653e512d8b0b70":"fe2d8ae8da94a6df563f89ce00":"579a637e37a0974cd2fc3b735d9ed088e8e488ffe210f043e0f9d2079a015ad6":"75d31f8d47bee5c4e2ba537355ae8ab25cc9ed3511ff5053"
CCM encrypt and tag NIST VPT AES-256 #10 (P=9, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b23255372455c69244a0210e6a9e13b155a5ec9d6d0900e54a8f4d9f7a255e3a":"615d724ae94a5daf8d":"274846196d78f0af2df5860231":"69adcae8a1e9a3f2fe9e62591f7b4c5b19d3b50e769521f67e7ea8d7b58d9fc8":"f019ae51063239287d896e7127f17d13f98013b420219eb877"
CCM encrypt and tag NIST VPT AES-256 #11 (P=10, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbf06366f766e2811ecd5d4384d6d08336adc37e0824d620cf0d9e7fd1e7afa9":"2e3cf0af8c96c7b22719":"b3503ed4e277ed9769b20c10c0":"9ae5a04baa9d02c8854e609899c6240851cbc83f81f752bc04c71affa4eed385":"e317df43ab46eb31be7e76f2730d771d56099a0c8d2703d7a24e"
CCM encrypt and tag NIST VPT AES-256 #12 (P=11, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4dd555bd3a5253a90b68b5d4d46bd050340ee07ddad3a72048c657b5d76bb207":"8015c0f07a7acd4b1cbdd2":"bdb1b82ba864893c2ee8f7426c":"9bcc5848e928ba0068f7a867e79e83a6f93593354a8bfcfc306aeeb9821c1da1":"8e9f80c726980b3d42e43a6512a0481255b729a10f9edb5f07c60c"
CCM encrypt and tag NIST VPT AES-256 #13 (P=12, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3ad8cda9a0d91a205c4c05665728bb255d50a83403c9ab9243fcbbe95ae7906":"a203aeb635e195bc33fd42fa":"0b5f69697eb1af24e8e6fcb605":"ea26ea68facdac3c75ba0cdf7b1ad703c9474af83b3fbfc58e548d776b2529b9":"62666297a809c982b50722bd56bc555899345e0404b2938edf33168e"
CCM encrypt and tag NIST VPT AES-256 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e300fc7a5b96806382c35af5b2c2e8e26382751b59010d4b1cfc90a4a9cb06df":"8714eb9ecf8bdb13e919de40f9":"55b59eb434dd1ba3723ee0dc72":"9b1d85384cb6f47c0b13514a303d4e1d95af4c6442691f314a401135f07829ec":"ba6063824d314aa3cbab14b8c54c6520dac0f073856d9b9010b7857736"
CCM encrypt and tag NIST VPT AES-256 #15 (P=14, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ae5be5904bae62609ac525e2d1cad90133447573d7b608975a6a2b16cb2efc0":"959403e0771c21a416bd03f38983":"61bf06b9fa5a450d094f3ddcb5":"0245484bcd987787fe97fda6c8ffb6e7058d7b8f7064f27514afaac4048767fd":"37a346bc4909965c5497838251826385a52c68914e9d1f63fd297ee6e7ed"
CCM encrypt and tag NIST VPT AES-256 #16 (P=15, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fab62b3e5deda7a9c1128663cc81c44b74ab1bfe70bc1c9dec7c7fd08173b80a":"54be71705e453177b53c92bbf2ab13":"a5c1b146c82c34b2e6ebeceb58":"5e60b02b26e2d5f752eb55ea5f50bb354a6f01b800cea5c815ff0030b8c7d475":"788db949697b8cd9abbc74ed9aa40cd6852dc829469368491149d6bb140071"
CCM encrypt and tag NIST VPT AES-256 #17 (P=16, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ee8ce187169779d13e443d6428e38b38b55dfb90f0228a8a4e62f8f535806e62":"d15f98f2c6d670f55c78a06648332bc9":"121642c4218b391c98e6269c8a":"718d13e47522ac4cdf3f828063980b6d452fcdcd6e1a1904bf87f548a5fd5a05":"cc17bf8794c843457d899391898ed22a6f9d28fcb64234e1cd793c4144f1da50"
CCM encrypt and tag NIST VPT AES-256 #18 (P=17, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7da6ef35ad594a09cb74daf27e50a6b30d6b4160cf0de41ee32bbf2a208b911d":"b0053d1f490809794250d856062d0aaa92":"98a32d7fe606583e2906420297":"217d130408a738e6a833931e69f8696960c817407301560bbe5fbd92361488b4":"a6341ee3d60eb34a8a8bc2806d50dd57a3f628ee49a8c2005c7d07d354bf80994d"
CCM encrypt and tag NIST VPT AES-256 #19 (P=18, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0786706f680c27b792d054faa63f499a8e6b5ddb90502946235bf74c022d772c":"6a26677836d65bd0d35a027d278b2534e7df":"f61ef1c8c10a863efeb4a1de86":"67874c808600a27fcab34d6f69cc5c730831ad4589075dd82479823cb9b41dc3":"d1c1f3c60603359c7d6a707f05ecb2296f8e52f2210b7a798ad5c778ee7cfd7fe6e0"
CCM encrypt and tag NIST VPT AES-256 #20 (P=19, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bac55f9847d93325bf5071c220c0a3dfeb38f214292d47b4acb7b0a597fe056f":"c1a994dc198f5676ea85801cd27cc8f47267ec":"05b50c458adbba16c55fcc454d":"89ad6ae1e550975eaa916a62615e6b6a66366a17a7e06380a95ea5cdcc1d3302":"7c9b138177590edaafec4728c4663e77458ffbe3243faec177de4a2e4a293952073e43"
CCM encrypt and tag NIST VPT AES-256 #21 (P=20, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8beedeb85d42c2a7fa6f7237b05acb197dd8e1672471ac878064fe5319eab876":"7b125c3b9612a8b554913d0384f4795c90cd387c":"8479bdfad28ebe781e9c01a3f6":"7aebdfd955d6e8a19a701d387447a4bdd59a9382156ab0c0dcd37b89419d6eff":"6cc611d816b18c6847b348e46a4119465104254a04e2dfeeeac9c3255f6227704848d5b2"
CCM encrypt and tag NIST VPT AES-256 #22 (P=21, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c3a0c126cad581012151c25cf85a44472c23f83b6095b6004f4f32cd60ec2db2":"73b09d18554471309141aa33b687f9248b50fe3154":"94ab51ce75db8b046d6ab92830":"2a243246bfe5b5ab05f51bf5f401af52d5bbaa2549cf57a18e197597fe15dd8c":"b7e8264ca70fd2a4fb76f20a8ad5da3c37f5893fb12abeeaef1187f815ca481ed8ddd3dd37"
CCM encrypt and tag NIST VPT AES-256 #23 (P=22, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9cdebaeee8690b68751070691f49593668a6de12d3a948b38ddbd3f75218b2d4":"3cbb08f133270e4454bcaaa0f20f6d63c38b6572e766":"af1a97d43151f5ea9c48ad36a3":"f5353fb6bfc8f09d556158132d6cbb97d9045eacdc71f782bcef62d258b1950a":"3966930a2ae8fdd8f40e7007f3fde0bd6eb48a46e6d26eef83da9f6384b1a2bda10790dadb3f"
CCM encrypt and tag NIST VPT AES-256 #24 (P=23, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d34264a12c35cdd67ac105e2826b071e46f8131d1e325f8e0ae80a6447375135":"79ac1a6a9eca5e07ce635bfd666ef72b16f3f2e140d56c":"3891e308b9f44c5b5a8b59004a":"0cda000ed754456a844c9ed61843deea9dadf5e723ea1448057712996d660f8c":"1abcc9b1649deaa0bfa7dcd23508282d9c50ca7fee72486950608d7bcb39dcf03a2cab01587f61"
CCM encrypt and tag NIST VPT AES-256 #25 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4ad98dbef0fb2a188b6c49a859c920967214b998435a00b93d931b5acecaf976":"9cea3b061e5c402d48497ea4948d75b8af7746d4e570c848":"00d772b07788536b688ff2b84a":"5f8b1400920891e8057639618183c9c847821c1aae79f2a90d75f114db21e975":"f28ec535c2d834963c85814ec4173c0b8983dff8dc4a2d4e0f73bfb28ad42aa8f75f549a93594dd4"
CCM encrypt and tag NIST VNT AES-128 #1 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c0425ed20cd28fda67a2bcc0ab342a49":"4f065a23eeca6b18d118e1de4d7e5ca1a7c0e556d786d407":"37667f334dce90":"0b3e8d9785c74c8f41ea257d4d87495ffbbb335542b12e0d62bb177ec7a164d9":"768fccdf4898bca099e33c3d40565497dec22dd6e33dcf4384d71be8565c21a455db45816da8158c"
CCM encrypt and tag NIST VNT AES-128 #2 (P=24, N=8, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0b6256bd328a4cda2510d527c0f73ed4":"78a292662b8e05abc2d44fbefd0840795e7493028015d9f2":"21fd9011d6d9484a":"66ff35c4f86ad7755b149e14e299034763023e7384f4af8c35277d2c7e1a7de2":"5a0be834c57b59d47a4590d8d19a1206d3c06e937a9b57f74034d9fdb43c3f48932aa72177b23bf6"
CCM encrypt and tag NIST VNT AES-128 #3 (P=24, N=9, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"afdccc84f257cb768b7ad735edbd1990":"56d0942490e546798f30d3c60ad4e3e110fc04f5b1c1fa83":"b7776aa998f4d1189b":"9f9ac464de508b98e789243fdb32db458538f8a291ed93ddf8aeaacfbfc371aa":"96f124c74fd737819008ddef440320f4a3733d0062c83c893e259aecf12ba08f2a2e966a3341d6d4"
CCM encrypt and tag NIST VNT AES-128 #4 (P=24, N=10, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ccb68d3838d4ddf660b9cd904cad40f":"5ea35c082e2b190e9d98e6b2daad8672f587b4f2968072fc":"c4fb7519a19f13d9d1fc":"092e64fef08b5655a86cdb8de63ffaa7772e8730844e9016141af8bad2216246":"cda5fe3d15d00150b99120c7f206b88a4c2c4a39ca9143425603ab284a73a38cc916f8b653c92ab4"
CCM encrypt and tag NIST VNT AES-128 #5 (P=24, N=11, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e6ab9e70a4fb51b01c2e262233e64c0d":"ba15916733550d7aa82b2f6b117cd3f54c83ddc16cd0288a":"74e689eb5af9441dd690a6":"42f6518ee0fbe42f28e13b4bb2eb60517b37c9744394d9143393a879c3e107c7":"dcc151443288f35d39ed8fae6f0ce1d1eb656f4f7fd65c0b16f322ce85d7c54e71ac560fd4da9651"
CCM encrypt and tag NIST VNT AES-128 #6 (P=24, N=12, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"005e8f4d8e0cbf4e1ceeb5d87a275848":"b6f345204526439daf84998f380dcfb4b4167c959c04ff65":"0ec3ac452b547b9062aac8fa":"2f1821aa57e5278ffd33c17d46615b77363149dbc98470413f6543a6b749f2ca":"9575e16f35da3c88a19c26a7b762044f4d7bbbafeff05d754829e2a7752fa3a14890972884b511d8"
CCM encrypt and tag NIST VNT AES-128 #7 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ac87fef3b76e725d66d905625a387e82":"959403e0771c21a416bd03f3898390e90d0a0899f69f9552":"61bf06b9fa5a450d094f3ddcb5":"0245484bcd987787fe97fda6c8ffb6e7058d7b8f7064f27514afaac4048767fd":"cabf8aa613d5357aa3e70173d43f1f202b628a61d18e8b572eb66bb8213a515aa61e5f0945cd57f4"
CCM encrypt and tag NIST VNT AES-192 #1 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ceb009aea4454451feadf0e6b36f45555dd04723baa448e8":"c8d275f919e17d7fe69c2a1f58939dfe4d403791b5df1310":"764043c49460b7":"6e80dd7f1badf3a1c9ab25c75f10bde78c23fa0eb8f9aaa53adefbf4cbf78fe4":"8a0f3d8229e48e7487fd95a28ad392c80b3681d4fbc7bbfd2dd6ef1c45d4ccb723dc074414db506d"
CCM encrypt and tag NIST VNT AES-192 #2 (P=24, N=8, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1dd56442fa09a42890b1b4274b950770ea8beea2e048193d":"bd92d6744cde446fc8621625658fc4bc00dcb97f06195ad7":"ad749d596d88a4b4":"c67219909828adef64422286008e1e306867a1c0b3da95444507a68b45c953e4":"076cffd0ca978fe2bad411ced45a090abafb22a99896f6a75a1969276aa2b0cdb37ccaf2845dbf6e"
CCM encrypt and tag NIST VNT AES-192 #3 (P=24, N=9, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8cc622645065c72d0d2aca75802cf1bbbd81096721627c08":"597b3614ff9cd567afd1aad4e5f52cc3fa4ca32b9b213c55":"cd84acbe9abb6a990a":"447b6f36acdad2d1cfd6e9a92f4055ad90142e61f4a19927caea9dbe634d3208":"2d7fb83e6621eed9073e0386d032c6941bef37b2cf36a4c6c5e36222d17c6fb0631c3f560a3ce4a4"
CCM encrypt and tag NIST VNT AES-192 #4 (P=24, N=10, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ab72eef2aba30205c986e2052d6e2c67881d24ae5fceaa8f":"2a794b84fc9e4a7e6d70a82b5141fd132177a86b4e8fc13a":"d7a46e726ed43f1580eb":"baa86f14271b2be7dbb37ddc7c95ce4857e57aa94624d594d7bd6ceeaada8d5f":"2d7f76464417613bb61d3657481346b74fc9d6abc6a3babd39365dce86859cd82395d11bfc8cf188"
CCM encrypt and tag NIST VNT AES-192 #5 (P=24, N=11, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"af84c6f302c59aeee6d5728ed5da2e3c64a5a781c52c4d1b":"6db41aeb5f7c24df8929dbc30483b3c7934b3bd1cdce5bb9":"df990c42a268950677c433":"a6ab5d78427f297a4b7e21f1091ff3a5b20caa3fe1cbcb09459d9df596a6c8e1":"8c9328258bf71970d33e23a3ff81cc1c9cbe196a1294264bfd6a7255e4801963bb30a63de3fc5b82"
CCM encrypt and tag NIST VNT AES-192 #6 (P=24, N=12, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d49b255aed8be1c02eb6d8ae2bac6dcd7901f1f61df3bbf5":"062eafb0cd09d26e65108c0f56fcc7a305f31c34e0f3a24c":"1af29e721c98e81fb6286370":"64f8a0eee5487a4958a489ed35f1327e2096542c1bdb2134fb942ca91804c274":"721344e2fd05d2ee50713531052d75e4071103ab0436f65f0af2a663da51bac626c9f4128ba5ec0b"
CCM encrypt and tag NIST VNT AES-192 #7 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"36ad1e3fb630d1b1fbccfd685f44edd8984427b78deae7a9":"8b9db1c8f9b4892a5654c85467bcffa2e15e28392c938952":"3af625df8be9d7685a842f260e":"308443033ecd4a814475672b814b7c6d813d0ec2a0caeecbcaba18a2840cdb6c":"6bc6890fee299c712fb8d9df9c141f24ee1572b8f15112c2f8c99ccf2d82788cf613a61d60dae458"
CCM encrypt and tag NIST VNT AES-256 #1 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"553521a765ab0c3fd203654e9916330e189bdf951feee9b44b10da208fee7acf":"644eb34b9a126e437b5e015eea141ca1a88020f2d5d6cc2c":"aaa23f101647d8":"a355d4c611812e5f9258d7188b3df8851477094ffc2af2cf0c8670db903fbbe0":"27ed90668174ebf8241a3c74b35e1246b6617e4123578f153bdb67062a13ef4e986f5bb3d0bb4307"
CCM encrypt and tag NIST VNT AES-256 #2 (P=24, N=8, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"472bf7946bce1d3c6f168f4475e5bb3a67d5df2fa01e64bce8bb6e43a6c8b177":"59eb45bbbeb054b0b97334d53580ce03f699ac2a7e490143":"790134a8db83f2da":"a7a86a4407b7ecebc89434baa65ef173e88bd2dad9899b717ca578867c2d916f":"db4961070f528ccd1a5a0681ee4d0ce3515fb890bccedc2dbc00b1d8b2bc393a8d09e87af7811f55"
CCM encrypt and tag NIST VNT AES-256 #3 (P=24, N=9, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"58ae7965a508e8dd2eda69b5d888a28a1cb3783bad55d59d5b0da87137b72e93":"e61bad17640ecff926d0b0238271ee4c9f8e801dd7243e9e":"caa3d928d2bf2b7f2c":"304678b3ffd3200e33a8912bcb556b3cfec53ca17f70ecba00d359f9f51d3e3b":"7bb1137c14cb4d324a4a8f1115c619ebf74927f0bed60a8d5a9140ff50dc4da375c7d2de80de097f"
CCM encrypt and tag NIST VNT AES-256 #4 (P=24, N=10, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aecc5e18088bf9fd7b17f089bdd5607b69903b04b726361f8a81e221b1c91891":"d4291c99901345afe29f58912a414a7498f37b44362bdf3c":"c527d309ab29ee91c5fc":"8f9a73e7bc1c11e2919020ba3a404cbddf861e9e78477218e3be2cd4337b278d":"392784a9e0b14bcd37639ec5409d6ead3e75f855e5a92c33ffc040ef3977e0035ce6ea6d157c18d3"
CCM encrypt and tag NIST VNT AES-256 #5 (P=24, N=11, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97bc7482a87ba005475dfa3448f59d4b3f9c4c969d08b39b1b21ef965c0f5125":"b99bf4dc781795fc4d3a8467b06e1665d4e543657f23129f":"0bcf78103ec52d6df28887":"049c10f0cb37ae08eae2d0766563b7c5a8454f841c2061a4f71a0a2158ae6ce5":"0d3891fa0caac1f7ebe41b480920ffd34d4155064c24f3b17a483163dd8f228d1f20cd4f86cf38fd"
CCM encrypt and tag NIST VNT AES-256 #6 (P=24, N=12, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d6ff67379a2ead2ca87aa4f29536258f9fb9fc2e91b0ed18e7b9f5df332dd1dc":"98626ffc6c44f13c964e7fcb7d16e988990d6d063d012d33":"2f1d0717a822e20c7cd28f0a":"d50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c83997630":"50e22db70ac2bab6d6af7059c90d00fbf0fb52eee5eb650e08aca7dec636170f481dcb9fefb85c05"
CCM encrypt and tag NIST VNT AES-256 #7 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4a75ff2f66dae2935403cce27e829ad8be98185c73f8bc61d3ce950a83007e11":"205f2a664a8512e18321a91c13ec13b9e6b633228c57cc1e":"46eb390b175e75da6193d7edb6":"282f05f734f249c0535ee396282218b7c4913c39b59ad2a03ffaf5b0e9b0f780":"58f1584f761983bef4d0060746b5d5ee610ecfda31101a7f5460e9b7856d60a5ad9803c0762f8176"
CCM encrypt and tag NIST VADT AES-128 #1 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab1123301219c70599b7c373ad4b3ad67b"
CCM encrypt and tag NIST VADT AES-128 #2 (P=24, N=13, A=1, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"08b0da255d2083808a1b4d367090bacc":"1b156d7e2bf7c9a25ad91cff7b0b02161cb78ff9162286b0":"777828b13679a9e2ca89568233":"dd":"e8b80af4960d5417c15726406e345c5c46831192b03432eed16b6282283e16602331bcca9d51ce76"
CCM encrypt and tag NIST VADT AES-128 #3 (P=24, N=13, A=2, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1538cc03b60880bf3e7d388e29f27739":"e7b819a853ffe79baaa72097ff0d04f02640ae62bcfd3da5":"9e734de325026b5d7128193973":"c93c":"1d8f42f9730424fa27240bd6277f4882604f440324b11b003ca01d874439b4e1f79a26d8c6dc433a"
CCM encrypt and tag NIST VADT AES-128 #4 (P=24, N=13, A=3, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f149e41d848f59276cfddd743bafa9a9":"9759e6f21f5a588010f57e6d6eae178d8b20ab59cda66f42":"14b756d66fc51134e203d1c6f9":"f5827e":"f634bf00f1f9f1f93f41049d7f3797b05e805f0b14850f4e78e2a23411147a6187da6818506232ee"
CCM encrypt and tag NIST VADT AES-128 #5 (P=24, N=13, A=4, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a57a22c7f26feff8ca6cceff214e4c2":"035c516776c706a7dd5f181fa6aa891b04dd423042ea0667":"88f30fd2b04fb8ddbce8fc26e6":"a95bdff6":"b92f7ec2ebecebdbd2977b3874e61bf496a382153b2529fc9b6443a35f329b2068916fb6ab8227eb"
CCM encrypt and tag NIST VADT AES-128 #6 (P=24, N=13, A=5, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54caf96ef6d448734700aadab50faf7a":"c69f7c5a50f3e72123371bbfd6bdf532b99ef78500508dfe":"a3803e752ae849c910d8da36af":"5f476348dd":"20c43ad83610880249f1632dd418ec9a5ed333b50e996d1a4e5a32fbe7961b832b722bc07a18595b"
CCM encrypt and tag NIST VADT AES-128 #7 (P=24, N=13, A=6, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc0c084d7de011e2f031616a302e7a31":"15b369889699b6de1fa3ee73e5fe19814e46f129074c965b":"f0b4522847f6f8336fe534a4e7":"da853a27aee2":"f39755d160a64611368a8eccf6fcbc45ef7f1f56240eb19a2e3ca4ec3c776ab58843f617d605fd72"
CCM encrypt and tag NIST VADT AES-128 #8 (P=24, N=13, A=7, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d7572ed0e37261efa02f8c83e695efdc":"1edef80c57d17f969f8bde10ab38a1a8811a124de72c526e":"f4f96d7b4384a3930b3d830f82":"922340ec94861f":"de14558cc686e1836f1f121ea1b941a9ebd4f0fb916dc870fd541b988a801cb5751c7faaf5b0c164"
CCM encrypt and tag NIST VADT AES-128 #9 (P=24, N=13, A=8, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"98a42d7a0c5917deaf3b4de3f0cbe0a1":"9aa9c8358117564371366beeec923051ef433252197aaad5":"03d33ab0c2df7bfce88b5ee4c4":"2d5438b728b950d9":"9ff942baa60f440c17a78e9581216b9a947a67f04d54911feecfff971fdfaa856310b014aa59c978"
CCM encrypt and tag NIST VADT AES-128 #10 (P=24, N=13, A=9, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2a68e3fe746f593c1b97cb637079c3e5":"13b4a874888db0e5d8fd814b5e7e04f7fdfbc1601ccc02bc":"cd62d0f27b7f4864dc7c343acd":"abe4f1d3812bfe3ccf":"032835a3dbf688d09cf2a32a92b101959d33ff47500f92f4fd49840440f866d1a22b0854996111d8"
CCM encrypt and tag NIST VADT AES-128 #11 (P=24, N=13, A=10, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"46b067cf9b1a28cf187002e90b14e130":"cc0915194218d4536e467433cd6d79ff1d9eb9ff160ab684":"bad8c03292bf01cfd8d34f860c":"8d65880eddb9fd96d276":"bd56edc015692c6ab9bec493a9893863598414a3d11a6a0f27ecdcb257d0d30491e5bf1aa8f90958"
CCM encrypt and tag NIST VADT AES-128 #12 (P=24, N=13, A=11, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e94dac9c90984790a7c0c867536615ff":"4d64461c55eb16bf7b9120f22be349598f2f394da8460dc6":"c19f06f91e645d4199365f18c0":"537038b5357e358a930bd6":"e9fc5004c2359724e1e4411ae6f834ef6bea046d549753c88790c1648f461a31c84e62ea8592a074"
CCM encrypt and tag NIST VADT AES-128 #13 (P=24, N=13, A=12, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6bb5d59b0fa9de0828b115303bf94aa":"011fc50329bfd63a85ebd4f7693363602f1a4147371270b7":"05358f33e1fc6a53ab5a5c98ce":"040b25771239cc2a39446e3c":"4432d7eb42980734d34f19c50cf8abf71ac1b19ed75a727854e5d050a405f755047d09cb0f49546a"
CCM encrypt and tag NIST VADT AES-128 #14 (P=24, N=13, A=13, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d1da2e961e78063af8de41865b226873":"8e5fa1a6662a8378cda15697e926841594f2f394fa5a34ab":"03739f5474857006340cce554d":"e3afd091d2b588465872a6300f":"ca0d95e3ff186ad6b88d45fc4079e6b7b4a615e7e8dd5f4742d522cc9dc19c47a4fa0b1528069cf8"
CCM encrypt and tag NIST VADT AES-128 #15 (P=24, N=13, A=14, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1eee667267ef10b03624cf9c341e3f75":"798e31cce0a83702a95171fb1162a17b9ce00ec3592ce262":"0630a3eae27e505c61c56e6560":"d24651ef0561282d3e20e834960c":"f3c3e52f1a1ff528a8d3783ee4e75f114e3e6416334815d2d9236d5c5c9319092078411b72c51ba8"
CCM encrypt and tag NIST VADT AES-128 #16 (P=24, N=13, A=15, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbbd26f5d9e970e4e384b2273961be5a":"553714e17a208a2eceb847a4a2d95088388b1ac8d8ca43e0":"0b1eabe504ef4822542e397fec":"477937301c83ba02d50760b603e0ea":"1c80213268bad5402c4dc9b5d836ab7499810d0d8a974716df9a0e986ab2890736423bb3772cec3e"
CCM encrypt and tag NIST VADT AES-128 #17 (P=24, N=13, A=16, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"10a7720f2e18f739c26924925af6b670":"e59782a9aea45f467b90e51a0fdf166baba05663def2d8b6":"8c4e7813ab9bce9dafee01c628":"a209941fab710fda38d11c68b13d930f":"e357b1ccdaca6f3506dc45279c2e4c59f5307a5fd6a99cd72341ea8c0785569973f90ee9ee645acc"
CCM encrypt and tag NIST VADT AES-128 #18 (P=24, N=13, A=17, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6bffab1f4f4c1ff66b4a669b515b2f8d":"d91b12e8655dd92b1332fc1d71c391c96a17111562d90ba3":"ddb34d5e0140fb96d690e1a2b7":"5cbba9ea778e01af00afb2a934f28c7211":"d302e5b2d5d90433186b804cd7717e2db2f22cdc34fb2942ab30780a2c4f12af8f35350d65284c59"
CCM encrypt and tag NIST VADT AES-128 #19 (P=24, N=13, A=18, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae6136df9ab43631ef143515dacedbe7":"6a493c5ef3769ccc4101dbb2eb36e1e5bbc577a057ce0731":"c5c445792208a50c8e93d64aa3":"e04006b68c83a5dd4ceac3cde238e48895ae":"c7584c0203c2535c5702c6ae93b7cbfb066f4a055c627a180d6d676d11fce907b5c93fa1ed7bff2b"
CCM encrypt and tag NIST VADT AES-128 #20 (P=24, N=13, A=19, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f1908328edf2996ebfc9655472ca5ad0":"eede01b08f9a303cdf14c99d7a45732972c6eff2a1db06eb":"4c693364546930b6c5250e2699":"4a3634e5028df97fbe00eb016e8ea4f1918faa":"90c850790b0b380f5aeb2488fdf43c9d5ef1759861e86f6e52570e769629dcc2e568737ba53a1195"
CCM encrypt and tag NIST VADT AES-128 #21 (P=24, N=13, A=20, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61cb8eb792e95d099a1455fb789d8d16":"6ad541695a37c32d73ff6d5f870abd5b0f362a8968c4fce0":"1f37b3e59137f2a60dc09d16ac":"09db3efac9473f713da630ae92c2c8604c61c51e":"e65fcc975865c1499b088b58ba163283085d8ca68dc3b235d89756e5d78753ef22c012ae34b39a20"
CCM encrypt and tag NIST VADT AES-128 #22 (P=24, N=13, A=21, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"be1ed49e2cb0caf6b6a0940c58453b93":"a9eec383f63892521e4616fcbadc5485942ffaf4669c43a7":"b78ad129457681fa7346435b97":"161d92c7df1ebb0924719e066e08b95eb4914a5eda":"949be340720c4fdc4adc05cb777dd81a2549628d33fba07e62d2b338a7b34ebd9d85c244c952d681"
CCM encrypt and tag NIST VADT AES-128 #23 (P=24, N=13, A=22, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"34ab6fd7f54a2e0276fcb7cf1e203aba":"8d164f598ea141082b1069776fccd87baf6a2563cbdbc9d1":"6091afb62c1a8eed4da5624dd7":"1ab5cc3d7b01dc74e6cf838bb565fea3187d33d552a2":"0d30ab07153b5153637969e6bd3539448c541e42b3d432fd7ef14622a9b621d1721b944c60f7fd67"
CCM encrypt and tag NIST VADT AES-128 #24 (P=24, N=13, A=23, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ea96f90fbae12a857f5c97e0cba57943":"49db80f22bc267a70e5636dfbc8a21c83d9691fe4b9c3051":"21cc46d9ced1539b0ad946e600":"105258d2f25f62675aee975cfdb668aff833f05b61eb2a":"d2fcc8b7809b5fc07e44083e437d8180157f1782a9ce9f65c7fa9ee2e7cdc1b755258f2212a8a8f4"
CCM encrypt and tag NIST VADT AES-128 #25 (P=24, N=13, A=24, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"35b403a15212097085d6e2b77ec3d4f2":"7dd7396db6613eb80909a3b8c0029b624912aabedda0659b":"daa423bf9256c3fcc347a293aa":"d3c0ed74e5f25e4c1e479e1a51182bb018698ec267269149":"5b00cf8a66baa7fe22502ed6f4861af71fa64b550d643f95eee82c19ecba34280604b58d92dacd3f"
CCM encrypt and tag NIST VADT AES-128 #26 (P=24, N=13, A=25, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a459aadb48f1a528edae71fcf698b84":"0b3d947de8632dc8ff752f619ba7c84716fac7a23e101641":"fa4616b715ea898772b0e89dd4":"0c0b4a45df5c3919c1e1669c5af5d398d9545e44307d95c481":"7db9f3f7dc26fc2adf58d4525d26d5601e977de5a7c33911a1138cff7b624f9908b5b4d7e90a824a"
CCM encrypt and tag NIST VADT AES-128 #27 (P=24, N=13, A=26, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ca748225057f735f712ecc64791367f0":"e92cd0cb97afe4fb00c4f12e9b9abe1d08db98f49a27f461":"1341a6998eb1f50d4b710a13ac":"5fb96b045f494808c02014f06074bd45b8a8ad12b4cb448ec162":"82b666694232e86e82295beae66ae67d56aceb5d6b1484ceb4a6843ec16078038c10afedc41f5362"
CCM encrypt and tag NIST VADT AES-128 #28 (P=24, N=13, A=27, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fdf2b2c7fcb3789b4e90abe607dca2af":"d7aa4efa5d75195a400018bd38f7d8cd53fdffe88df1837f":"a69ddc66e63a3415f21009d53a":"c76846da496ed87b9c0f65c6266c9a822224acde9775efb186a4a5":"150d9a8b78d9c04239d66207a1f95021bbb1b7c70d7c354825d05e5a2e76a90f6fe489fd74cab2a3"
CCM encrypt and tag NIST VADT AES-128 #29 (P=24, N=13, A=28, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7d870d7e52d3053c65eefad47764cfeb":"109317556c21c969eda65a94176d7a11462c9ae18a865b6d":"37d888f4aa452d7bf217f5a529":"9610949f6d23d5b1f3989b2f4e524fab4f297a5bec8ddad4f16cb616":"4e6b967b1571c6d7b9e118b112b7ac949a4a175650316a242dd579cb0d201d22c86bbc7fbe47bd0d"
CCM encrypt and tag NIST VADT AES-128 #30 (P=24, N=13, A=29, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8fcac40527c0e7ca8eaff265ca12c053":"78d1e96af8cebdcc7e7e2a4ddcfa34f6cf9a24fb85672ad7":"ae9f012fd9af60a400e20b1690":"9ce65598cd1f86afc9aaaf172809570cc306333c25523f863c6d0e0154":"9adb9a95a9379ad795d8d3ffd4e37a045160d6d727f974a6cb3b5151f327e65447e52c7525562c91"
CCM encrypt and tag NIST VADT AES-128 #31 (P=24, N=13, A=30, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ddf9f150cc3f1c15e8e773663c5b061c":"79d8841ab83279724ce35e1a8abd4e158168dcf388ab4c3d":"98c5036b7d54da9a1177105600":"20c5ab290e6d97f53c74121951f39ba865b3acc465fa3f0fb8a591622277":"d00d29396ffa9e691290d746527777bf96a851f306d4da0b1816df1e0e82bb7bc8105930ad6a2232"
CCM encrypt and tag NIST VADT AES-128 #32 (P=24, N=13, A=31, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b1dc81d116d94f5eced526b37c004b95":"54390715b6e7c7bd51a234db059a51ba030cf22ee00b7277":"97c8f69fb91b17299461fd8d63":"f8b08aa83bed09ca342249b2cf9e2b45a89dcfb8711a120395e455921af481":"cb629994c3418a662a8cde1b5f4d99aa7df66e24c53dc6df11297930fd44c63675b7cca70671ef4d"
CCM encrypt and tag NIST VADT AES-128 #33 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a33980e71e7d67fd6cf171454dc96e5":"a34dfa24847c365291ce1b54bcf8d9a75d861e5133cc3a74":"33ae68ebb8010c6b3da6b9cb29":"eca622a37570df619e10ebb18bebadb2f2b49c4d2b2ff715873bb672e30fc0ff":"7a60fa7ee8859e283cce378fb6b95522ab8b70efcdb0265f7c4b4fa597666b86dd1353e400f28864"
CCM encrypt and tag NIST VADT AES-192 #1 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"39f08a2af1d8da6212550639b91fb2573e39a8eb5d801de8":"15b369889699b6de1fa3ee73e5":"":"6342b8700edec97a960eb16e7cb1eb4412fb4e263ddd2206b090155d34a76c8324e5550c3ef426ed"
CCM encrypt and tag NIST VADT AES-192 #2 (P=24, N=13, A=1, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9748798c0f3cc766795c8ce0e4c979c1930dfe7faefea84a":"100fa71462277d76ca81f2cfdb3d39d3894b0ca28074a0f0":"cdf4ba655acfe8e2134fa0542f":"67":"36e2415b4f888a6072f260d7e786d803be16f8b9cbee112d7ff74e3b05b7d7c13284573bd3e7e481"
CCM encrypt and tag NIST VADT AES-192 #3 (P=24, N=13, A=2, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"393dcac5a28d77297946d7ab471ae03bd303ba3499e2ce26":"262f4ac988812500cb437f52f0c182148e85a0bec67a2736":"fe7329f343f6e726a90b11ae37":"1c8b":"e6d43f822ad168aa9c2e29c07f4592d7bbeb0203f418f3020ecdbc200be353112faf20e2be711908"
CCM encrypt and tag NIST VADT AES-192 #4 (P=24, N=13, A=3, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a74abc4347e4be0acb0a73bb8f7d25c35bae13b77f80233a":"6372824bf416cd072a7ad0ae5f9f596c6127520c1b688ab4":"6a850e94940da8781159ba97ef":"a4490e":"b14a07bdc119d87611342c4c6935c5786ff1f9ae2eb49e6191c88a3cb4fbafcb8a4a157d587d7e39"
CCM encrypt and tag NIST VADT AES-192 #5 (P=24, N=13, A=4, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"df052e95aea3769a433ce4e4e800b8418649bbe8c6297eb0":"e8c1a89228d8212f75c136bab7923a89f9fea18e781cb836":"ba356d392c3f700f4f2706a4ca":"8ffc0e3d":"66b5d782323925e1bd0a8413a9a5a881356453d5df2cbeb199b2e1e803550dcdde55fd66ecb45edd"
CCM encrypt and tag NIST VADT AES-192 #6 (P=24, N=13, A=5, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16d345606a315ad2406abbcb43cd8cabe948107ba6d17a72":"d3bef460223c81e4579c9d1d463ac5e0881685de1420a411":"d4ef3e9e04f1b7f20ffc5a022e":"a468f08d07":"abb85db49a9b1c8724ecbc734cc8373bd20083cfa4007b1cfe4d3a3bb25f89f692884be230c6035c"
CCM encrypt and tag NIST VADT AES-192 #7 (P=24, N=13, A=6, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c476cfd7dd300d961fd3f24a6fe0e80742b00851676ca63":"6f3938932b5c1280311e892280d8a822a828a0be7fdb1bcd":"e300fc7a5b96806382c35af5b2":"28130f938c45":"df48662fe134e75a85abc2cece2c3b6236c88a70fa792e9beadc9601adf9fbdf4e3e94b395b0a332"
CCM encrypt and tag NIST VADT AES-192 #8 (P=24, N=13, A=7, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"79d1e38a70df1cf239be168833dcd0570bc8f37b3aa26c37":"83c24f3a77b83b4ef45277ba90225f3ba1722312f52b1a07":"8229d6d7e9e21fdc789bff5dcf":"076887d2abe900":"19d880f1d959a68f162de243d4a45747ace704613359b27218d1531a066de60a95d2924a6910e990"
CCM encrypt and tag NIST VADT AES-192 #9 (P=24, N=13, A=8, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"72e6cebdaf88205c4e74428664bc0d7eb4687a272217b7ca":"54bc7e3c227df4e83252a5848fea12dfdb2d14b9e67c1629":"3820db475c7cb04a0f74d8e449":"f427c47e10c45bb3":"91e7baff2b42af63e26c87ce6991af22422c1f82906858b1721961de5c768f4d19bd3034f44f08d2"
CCM encrypt and tag NIST VADT AES-192 #10 (P=24, N=13, A=9, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39c03a0c8634047b1635348f284d3dc1e752ab40548eb337":"0662e63c88e963d3e0cf2c4653515ae4474a2c78ab0394c0":"9e2ea8eb7f56087ee506925648":"28d157f09a71da80dd":"01dcd4dd3b8c1369518136ce45e8bb9df565b0ad231a887b02ada34addf0aa2f4744ed2e07995491"
CCM encrypt and tag NIST VADT AES-192 #11 (P=24, N=13, A=10, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e2a92ffbb0b5eb68cb82687f12449fae5167d375131b0b10":"048c9ba4597c3bb595bfd5048e5e9a1296f30e5c0118b177":"441ad5e1382e083a95224f395d":"2352648299b0413cb2ce":"25247a258e4ac0a988d8def60cc174a9d4578cd5346fb5150c96e8ab8774baa421f39c64a386c418"
CCM encrypt and tag NIST VADT AES-192 #12 (P=24, N=13, A=11, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef1ad3eb0bde7d4728389da2255d1f8a66ecb72e6f2f1ac4":"9f580cc6c62a05ce125c6bec109a48ca527ee26a64b14b68":"8e7d8a44244daa7df2b340993e":"521583c25eb4a3b2e46120":"ff0ff95bcb0bccd5e4aadd77ac6770f5013654eb3c6386fded2c87135861b43a99f258b6938f66e3"
CCM encrypt and tag NIST VADT AES-192 #13 (P=24, N=13, A=12, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"44cba20b7204ed85327c9c71c6fea00b47ce7bdde9dea490":"6333bde218b784ccd8370492f7c8c722f8ef143af66d71d7":"f3329154d8908f4e4a5b079992":"f1e0af185180d2eb63e50e37":"b9401a4927b34dc15e9193db00212f85f0c319781ec90e3b4484d93cb422cb564acc63d3d18e169c"
CCM encrypt and tag NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181":"fd80e88f07dad09eed5569a4f9bb65c42ef426dda40450119503d811701642143013f28ce384d912"
CCM encrypt and tag NIST VADT AES-192 #15 (P=24, N=13, A=14, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13f179aa2a23bc90a85660306394940e9bb226ce3885ec01":"d3b36c6289ad6ae7c5d885fe83d62a76270689ce05fa3b48":"aaa52c63ca1f74a203d08c2078":"5cc924222692979a8e28ab1e0018":"bc4fcef401c2e1d1c335734ff23ea52c3474d2e6f31648a7f58649400ac9e825b038d67f0c2a6f1c"
CCM encrypt and tag NIST VADT AES-192 #16 (P=24, N=13, A=15, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c1dfc48273d406a3a7b9176f80b2dc4e9a7f68134bab66d2":"67d9728a88f1fac3af43ed6d634ba902896bd226858697d9":"1ac53ba965cdaeeef7326a37e4":"39ba54a410a58a5d11615a2163cc3b":"360f0fc714994e3b59448b50cdd61d511b4f09e0e5fb5ac826a51fe5b9b598a17eb3da10f936813b"
CCM encrypt and tag NIST VADT AES-192 #17 (P=24, N=13, A=16, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d8a662ab8449bd037da0346a24565683a3bbbbd1800e3c1c":"61fdd10938557080191d13dd6c3002dd445d9af988029199":"166fb8d0e110124c09013e0568":"1c1c082eeb5b8548283d50cc2ace1c35":"23c05927502a4ee6e61e4e10552d49b020643eab476eeacc867601fe79a122a7817819655183283e"
CCM encrypt and tag NIST VADT AES-192 #18 (P=24, N=13, A=17, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"116f4855121d6aa53e8b8b43a2e23d468c8568c744f49de5":"1bd3b5db392402790be16e8d0a715453928f17f3384c13a7":"924322a3ef0c64412f460a91b2":"03c2d22a3bb08bbb96b2811ce4b1110a83":"ad736402626df0f9393fe4491eb812725ad39d6facf20b5b2f9340b0d48a17ae1cc71d7515e61ee9"
CCM encrypt and tag NIST VADT AES-192 #19 (P=24, N=13, A=18, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e67f3ba11282d61fe36e38cab7b559c2fd9cbe8bf7eb5863":"d7a954dae563b93385c02c82e0143b6c17ce3067d8b54120":"a727ed373886dd872859b92ccd":"68d199e8fced02b7aeba31aa94068a25d27a":"c6cfaa1f54d041089bd81f89197e57a53b2880cefc3f9d877e30b2bcc3f1ea9ec2b8f28bf0af4ecf"
CCM encrypt and tag NIST VADT AES-192 #20 (P=24, N=13, A=19, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e0a29a2c7840cf9b41de49780b9ee92d646a4bfc5b9da74a":"344dc8b6bd66a1fbbe330a95af5dd2a8783dc264d6a9267d":"fc9fd876b1edded09f70b18824":"36e15baafa0002efbb4bb26503b7e3b79f6c68":"43b3b96aa5a54378f3bb573ffda3e154aa7f425fc3008175b60a77b9d38740356b544b1c0f259086"
CCM encrypt and tag NIST VADT AES-192 #21 (P=24, N=13, A=20, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26d0a3a8509d97f81379d21981fe1a02c579121ab7356ca0":"37ab2a0b7b69942278e21032fc83eba6cdc34f5285a8b711":"8015c0f07a7acd4b1cbdd21b54":"093ed26ada5628cfb8cfc1391526b3bcc4af97d9":"a3a60b422eb070b499cf6da0a404b13a05cedda549c6b93e6ca0e07e04674f21a46df2659a5905fb"
CCM encrypt and tag NIST VADT AES-192 #22 (P=24, N=13, A=21, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aac60835c309d837aacc635931af95702a4784c214283ebb":"e8610756528f75607b83926597ef515f4b32a8386437e6d4":"0e20602d4dc38baa1ebf94ded5":"796e55fbe7bed46d025599c258964a99574c523f6a":"e0a3d5f43e688ce104f4ae1a4fcd85500aa6b8fdbcd1b8d3003c0c3b7369e79339433e1754c0937f"
CCM encrypt and tag NIST VADT AES-192 #23 (P=24, N=13, A=22, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"671544bf2988056f7f9ccd526861391a27233793a23f811f":"576b069ae2713f53d2924c1fd68f786cb2eec68892f9e1be":"0a259148a1d081e0df381ecd0c":"61dafc237cb52f83ab773ba8a885462b6f77d4924611":"ce06b3d09b02921f290544032a081a7766612940048867281bb089af0245792c16e6320cf5ffa19e"
CCM encrypt and tag NIST VADT AES-192 #24 (P=24, N=13, A=23, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"90e2c63b6e5394b1aeec03f95a9d13a01a7d4e9d58610786":"44dd098b1f869d670a8a841900c4bef023a1946a0c278354":"dada5465eb9b7229807a39e557":"f5629ca0eea589f6cf963d875a7d2efb656983f2dd2231":"6b38ca85450e05e7b9362ed7e6e291a130ff233b5a561cdef7ec84dd992fdf98514f845dac8f656e"
CCM encrypt and tag NIST VADT AES-192 #25 (P=24, N=13, A=24, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13cdaaa4f5721c6d7e709cc048063cfb8b9d92e6425903e6":"d7c837971b973f5f651102bf8d032e7dcd10e306739a0d6c":"f97b532259babac5322e9d9a79":"ad6622279832502839a82348486d42e9b38626e8f06317c4":"4709600418f2839841e6d126359f6982bdb53acc7ff209635623d15b24184481eadc63bb8c878fc4"
CCM encrypt and tag NIST VADT AES-192 #26 (P=24, N=13, A=25, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"90851933d4d3257137984cdb9cba2ca737322dac4dbd64bc":"ba1785a149cb8b69a4e011c11a3ff06f6d7218f525ac81b5":"be02df3a840322df8d448c600c":"69a9dd9ac8be489c3a3f7f070bdaca10699171f66ab3da9351":"89ab2efefa8406336d9e2245199fbc9454f0ef650b9ed0f446c7246bd3130803bf8d703ef5bdf15c"
CCM encrypt and tag NIST VADT AES-192 #27 (P=24, N=13, A=26, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c5d02c93faa74a848e5046fc52f236049e28cd8096dcac6":"b4da43ebfe9396b68f4689fba8837c68d0064841c6ddd4a7":"54cbf2889437673b8875a0f567":"09fc21ac4a1f43de29621cacf3ad84e055c6b220721af7ce33bb":"d40725397229021a18f3481e3a85f70445557bb2a85e4ae8101a34c777e918e16186fda05a386572"
CCM encrypt and tag NIST VADT AES-192 #28 (P=24, N=13, A=27, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0234dae5bd7ae66c67ff0c1a3f1a191a0d7bceb451bc2b7d":"0f960a89a7e806f8709047cb7a2e7c4211ad724692c88a05":"16d345606a315ad2406abbcb43":"c37fdf7449fd7e943595d75e977089c623be0a3926e63fdbbfdf4a":"3907880d25f910eab12dd14e704d1b33ea7c453634d54da2a461f44dac1112ae3f9c65671a931d3e"
CCM encrypt and tag NIST VADT AES-192 #29 (P=24, N=13, A=28, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6351a67fd6daabd2fd49ee944dd41dd37301f958dd17fcc3":"0c0663dd69ccbffbbd0c8c2e9473d0354451ae7a20fa3695":"b8d517b033754058128d13d11a":"511c6924fa96db716f6b053b7a48aebdc1504145a56cd02d6be2590d":"19f2745df5007619c79c84d174e4521b942776478a0601d982c560fede4741e2fd3b54b3a48f3e38"
CCM encrypt and tag NIST VADT AES-192 #30 (P=24, N=13, A=29, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a5a9560baed3b8e0e90b92655d4e5f33889e5d7253d9f6c":"5bbe9c1fb2563e3e82999fe097b28da4dc6ff2e020f3b4f3":"c0049382cdd8646756d4e6bff5":"c95a86d52088a8b0107cc5b437a8938b2c9e74e46e2e03bb9bceecdbe3":"6d5401db42b5c48b79203b6ad82806d7460ac4c82ad0809b811020480e834f6fe55900a162a4e61a"
CCM encrypt and tag NIST VADT AES-192 #31 (P=24, N=13, A=30, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e61094c80df0053e86d43fccf4e1d3ee2cdb862d3237b0a":"1fada8f4c7daea0d1c370184c169485b80a278708ed41451":"63f00b2488809fdc49ca5f05d5":"a08763ca936abdeece06467bef8c3c47c3a473636a039d4db540c867d3e3":"680dd22f16a1290bde42c9792dfa997aed24d5bd2265b6e095aa6b99d3f894d3790c2aa2dae1ba2c"
CCM encrypt and tag NIST VADT AES-192 #32 (P=24, N=13, A=31, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5664dd6ed435df006052f6ded74bb7ce9482ca9229886f7":"0b6de49b530703affc94010c2b793ddc6de0c44d48037ff2":"7a1649896f3e030c18f0205599":"c5f1a26351e53e6509c8bbbed03c42c23ad81c65fccec7ffa1cb494c7f1fc4":"56b02fea595cc24e798691ae905be3d466ca68ca744005dba260b5ea3b047020b73b5bafa17e5084"
CCM encrypt and tag NIST VADT AES-192 #33 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50925853a84a33ff392154e4e737efc18dcfc98f4d5235a9":"718f061e8b972a3adcf465d66c5b28e8661f080127f6722f":"809343e986f6ff47f54d4cac22":"d70aef3532bdc5293a3ebb11589ac1f801c9f93ea0d656e1d04068facf9f768b":"bad3b0e6772e9c4c9c631c095e259d99692292932efb72b8966e91a19617bb748f3495aa433585bb"
CCM encrypt and tag NIST VADT AES-256 #1 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886df3ba3e6da3a1389":"30d56ff2a25b83fee791110fcaea48e41db7c7f098a81000":"72a60f345a1978fb40f28a2fa4":"":"55f068c0bbba8b598013dd1841fd740fda2902322148ab5e935753e601b79db4ae730b6ae3500731"
CCM encrypt and tag NIST VADT AES-256 #2 (P=24, N=13, A=1, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a4490ed6ab51dbfccd6f3702a857575dad44da3a27eaf31178abc97da60d1e4b":"1b5cc6b1651dec4bbbf5130343852e971c7ff1774100d9be":"26ceaf6e3b28190a17c4f0c378":"9e":"789bce069a725a96c484e64a9e54dcb7a7c268c85df47815a462ff2dd8ba44a381e1f6edab12b5a9"
CCM encrypt and tag NIST VADT AES-256 #3 (P=24, N=13, A=2, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"df594db94ef8eca56a417afe946085eaed444c7cc648d07d58132e6cb5bc2bc3":"f4d7978fad36223623ccb5bb18a7373cba8a6e3b1c921259":"c1ad812bf2bbb2cdaee4636ee7":"c0c3":"bea778540a90033b2c0d087e3cc447711ea25f7eea96855506ec97f23bd6ea97834f92f7263c3195"
CCM encrypt and tag NIST VADT AES-256 #4 (P=24, N=13, A=3, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d98193ab2a465e3fcd85651aaeca18b8e91489b73b7c7e93b518c4b5b81fc6ac":"edba7d6312144e90ec9eaace7576045a46e553dcb8ee5a98":"2247dc7e2674e9e0a63fe70613":"4dc2f4":"44b9ea727c847336fd739ad11f4b906b292edb810462f06ef59626ad5cdac2e4d4cb07b538a1fd8f"
CCM encrypt and tag NIST VADT AES-256 #5 (P=24, N=13, A=4, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"45c8afd7373cb0f6b092af3a633d9fd97c4ca378e19d75f9b74d089429726c29":"0b92adbb251dc29a67f0bb97f8e7160862b6c4e843d07fd9":"fdb1fa230ae0b172ff98fc7496":"270981af":"274e2faea3271ea6fa0494c1951f115b5491a893056c3ee4c76fc350e585277e373e9119bf9595cb"
CCM encrypt and tag NIST VADT AES-256 #6 (P=24, N=13, A=5, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a2e6bf39efd1ceddc92b4333ed92d65efeea6c031ca345adb93a7770a8039bcd":"d822f84b023f12ea9e3ce16b904278e4aaab5e11c2c23f3f":"693cbb46bc8366086ec7cd7776":"3ba11282d6":"9f91fd2f6472e33b02b1eabb9d6655729d44c44dad6b3883fe0667bcc5806b225224b04ade8b21c1"
CCM encrypt and tag NIST VADT AES-256 #7 (P=24, N=13, A=6, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5a850167a5bfdf56636ce9e56e2952855504e35cc4f5d24ee5e168853be82d8":"e758796d7db73bccb1697c42df691ac57974b40ca9186a43":"c45b165477e8bfa9ca3a1cd3ca":"4759557e9bab":"93ad58bd5f4f77ac4f92b0ae16c62489e4074c7f152e2ed8a88179e0d32f4928eff13b4ce2873338"
CCM encrypt and tag NIST VADT AES-256 #8 (P=24, N=13, A=7, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae8f93c3efe38e2af07e256961dd33028faa0716e5320a7ab319a10d2f4c5548":"bc9ca92a9c9919e39095d3e53fb148694620ae61227e0069":"6333bde218b784ccd8370492f7":"0b1fabdf2a4107":"45811b0c8f754bf03950e520cd4afc81c2e3eb8a11f4fd386d5a6e4b1fbee15d35939c721004502e"
CCM encrypt and tag NIST VADT AES-256 #9 (P=24, N=13, A=8, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"548c2d1eb7d91e003633d4d9ff199e4a8447180edd89ac7867d25a1db288b5ce":"49fd5cbe4aff89dc3b8718f9ce545d612cbbebb289ecbf42":"23b205bd6ff8ed0bab0c98999c":"a6601111cd92c943":"3cfc6211e359ae322802fc9566f377b0dfe17d1dfe0878ebf2a9047e37cc0be1fab0006af8db8dc4"
CCM encrypt and tag NIST VADT AES-256 #10 (P=24, N=13, A=9, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aab793e377a12484dbdd74c9b3a85c74c286e1cc498663fbd7c718b5633bb91a":"7c0889854658d3408c5d8043aad2f4ae4a89449a36f8a3b8":"10022cddb323e88b3c08f95a0f":"82b8c736037ce2f2e8":"1044250f58857c69f72b5d3454d43949e5c02b3822970b280de1a3f7fc5d06cc30f06075f5504ed7"
CCM encrypt and tag NIST VADT AES-256 #11 (P=24, N=13, A=10, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"06ac39896073a44283611a66ccab067e2dd2faa8da82ff9a45bb29e54d2e6e77":"3216dce3b8b1ce0e79e40fffcac728ab191aaaf319d971d3":"6c7942c9819cf69b817bfcdb0a":"215e2a6c24325340fdec":"c5b3b50ed8a7b7b96b02ba9464b6a2ff80e90548605699a63d70e6dffb31a376a1eb7f94526dca48"
CCM encrypt and tag NIST VADT AES-256 #12 (P=24, N=13, A=11, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50412c6444bcf9829506ab019e98234af1541061557412740bc120b456052763":"6cdbd63f6d591f59776f828533b28e2453a214d1d0dd8a39":"85684f94c3702c5d870310166d":"f706a3e09df95d3e21d2e0":"8c8b4ae854a5d5c265b25e3b54bded9444cc454b3e0e6a24d6c05eaf406a5ebd578e19edd5227380"
CCM encrypt and tag NIST VADT AES-256 #13 (P=24, N=13, A=12, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a56588fe5e125237b6cdc30f940b8d88b2863ec501a0cb00b1abade1b5ce0ed":"c825952293e434ea866db558aaf486ef09a92bf366988f71":"d80210b9f9776ea36dc0e0a787":"e4296d1c8cf4ffc4b2635135":"b8b3b15fdf6a4a0b5abc313afc769e4e8413bd887552583ede3ed995d1b70561c8e28a7b1a7e3dc8"
CCM encrypt and tag NIST VADT AES-256 #14 (P=24, N=13, A=13, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a4cc7e1c90f8684e6a5f95e6898ab4e3c194cb46e196d8228062b9f3fa744930":"10d4cff95ef490923c9e0906880729d4d05412e7675cce76":"cdc2712e51c7f333d6bad78eee":"569c56b27268d3db54e728aac0":"be3ce3e9dc72499839a98ae52abb17415e8547687e8a3c7b8aaaac20d4c9276f2851cbba2b04d185"
CCM encrypt and tag NIST VADT AES-256 #15 (P=24, N=13, A=14, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"347e12eec56e95aafcc7d25bf10fc756b4e42bc2e43da7f97df24331f27f1f5c":"ca88dddfc876a12f45f19562bc9ca250f43267ab251a7f34":"b8d517b033754058128d13d11a":"511c6924fa96db716f6b053b7a48":"eeedcfa8f5b5b48c1d7e277526eecb7294213b9f5785167ae949b93003dfe63c95c1d49edfb4de3f"
CCM encrypt and tag NIST VADT AES-256 #16 (P=24, N=13, A=15, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"520902aa27c16dee112812b2e685aa203aeb8b8633bd1bfc99728a482d96c1fe":"533fee7d2c7740db55770e48cb1b541d990ea3f8f08ed1a6":"ddf50502f414c1bf24888f1328":"22b4f8f1aac02a9b2ef785d0ff6f93":"fc867b319e0e4ab45ec518a1b5dcec4f29982173f3abfd4d8a8f8d14d2bdac84c3737cfbd75b7c0b"
CCM encrypt and tag NIST VADT AES-256 #17 (P=24, N=13, A=16, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"57da1c2704219ed59abfdf04743a9a93c87a63d471818de0f1564b2db6421562":"ddc3c1aa73fb6de92bb4db138e26f3c2e0543ab4f5924871":"4b60a47b7e90f622fa0bf803e1":"0ae8c012ff39753510df3ee80707e4e2":"daa8256d4753fdf9cfef876295badaba89b45cc497f54d220ec2c6fb687753bca4580adc6aa2f296"
CCM encrypt and tag NIST VADT AES-256 #18 (P=24, N=13, A=17, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9267ebc99ccf648b146cba3c251187e24a9947d806ceb0ced6894211641a1e0d":"967daf12f16f166b7b5038f83a1cf0b980f5abf4c7746f2a":"9b7298950280e8762ecdc9bbe4":"5824689453bc406bf891b85e4576e38fe8":"7cfe2a7a54306eb8d8a63d3d1ae86794f9a2c22198b2cb4f10ca926f1a430c08c12e23db3d913e93"
CCM encrypt and tag NIST VADT AES-256 #19 (P=24, N=13, A=18, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a855e1690ee638de01db43b37401dcd569c1ae03dc73dd0a917d0cadb5abc29":"33ae68ebb8010c6b3da6b9cb29fe9f8bd09b59ec39f4ce4b":"8f160a873a1166c8b32bccbba7":"72674aca7eba2fc0eeafbd143c2c4d8aa6c8":"b22afdf4f12c43ec23e01ac1215a3f5286059211207e957057e9a9203da74387a9468f8af5e27547"
CCM encrypt and tag NIST VADT AES-256 #20 (P=24, N=13, A=19, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0ebdc6ddb4c502725dd6ee8da95d56a0d1044b4694d6ba8475a4434f23a8474f":"c7360282c85484a5a33ab1c68dd70873ab4e74ffd4a62cd5":"fb717a8c82114477253acc14f6":"41e9d65632f74f449a6842d5e6c4a86ef83791":"2e961b3a2fa1609a4e6fd04bff6ac5e306ae2638706f997b42be2e2ba05c54b619850db5c9d684fe"
CCM encrypt and tag NIST VADT AES-256 #21 (P=24, N=13, A=20, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ff64bbec197a63315c2f328dcb4837d0cdc21a5d6f89ff1d97cb51195330cd8":"4a17522da707b4b2587a0ae367a2cd2831bb593a18ef442a":"a235f8ee3de9896b71910ac02c":"2b411bea57b51d10a4d2fb17ef0f204aa53cf112":"1bf122798bd8ee8e73391d589bd046a294d1615794e69cb9e6f3ba30143acbc3a1c1c6ec74333107"
CCM encrypt and tag NIST VADT AES-256 #22 (P=24, N=13, A=21, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"24e9f08a9a007f9976919e10dc432002e2e078a339677f00105c72ed35633a3f":"d3416a81b4246eb0bf8119a72a886bbc0ac9449c69f71d2f":"15977424eeec0ec7f647e6c798":"2d838eb51a4bc69a001a18adf2084a680f02a3c5fc":"e001a8fae390dc5d672cdd18f86a1f728158ec83a002050def9af5679edbcbb7db20ab6af30698db"
CCM encrypt and tag NIST VADT AES-256 #23 (P=24, N=13, A=22, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0ec1b22b8df05dc92135d2dfbefed8ea81458f5ea1b801e8a218faf6cbdf1a79":"2f59d94d4ab8eeb84c2a6fefb7fb0a3ac059c1e1a65ae34a":"97ebcb8575bb58260208d5c227":"a2f6337f86dd00d1a58448851e95d8c9bace4a5c8710":"7ca0b1dbe34b0391e524b868b0af08b3e096917664d6aa2cabc1f9d0132394149c9062b74b82f04b"
CCM encrypt and tag NIST VADT AES-256 #24 (P=24, N=13, A=23, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0875020959ed969cfb38636d1d5aabce9658b00171a7614ea9e5395331c7659c":"065ef9eeafbe077c1c7049f43eb0d8999708e8609f214d5c":"451101250ec6f26652249d59dc":"7cc9c51b69f98a06391ab32742fb6365e15106c811fe8a":"990065322a438e136860f7b019807e9feff52a642bf3d44a9163fa7a867f04cab6f52dc250070f31"
CCM encrypt and tag NIST VADT AES-256 #25 (P=24, N=13, A=24, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef4c1d2314e671f666cc6667660f1438a293208c7cc29b412d81277f0a635c91":"c99c3e79125b6fd95e737326a842424eb6c6ecea4c0475c4":"50b23b052922366c25dd40e348":"cd0522ebe1fed82465277d1c10ae9316a98b4469be63b180":"76df4be4ec8373864399acda11294b220b9f7c3a7d2b3660b25764e40ac6a171e7e6bab4fdee4288"
CCM encrypt and tag NIST VADT AES-256 #26 (P=24, N=13, A=25, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8544808e8fbf8c3a5e1d4ca751d4b603af9fe119eabc6923205815e0e748b7e7":"617d54fc6a23601c79e3984f93bfc2d151fde420863206b3":"b44a58724596b4d8dea827c1a0":"f5b2c88f5232c37273b1e66aa31cfa7201e33c21d60054d025":"57b3414db48982c6567265e1e0173bf38fdfaffe4461fbebc1411af83237c0f9eb0bfe8ed914da66"
CCM encrypt and tag NIST VADT AES-256 #27 (P=24, N=13, A=26, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e19eaddd9f1574447e7e6525f7fd67e3b42807e44fbb60e75d8c3e98abc18361":"b3b0de10b7c0996662f1b064e04e528b7d85ca1166985d33":"a8c459ce0223358826fb1ec0f0":"ef88f4393d6c1e7b7be55a12144209ee051bb779e440432721ef":"d63e6082c95c6c5ff2bc0771321a4f883ef61cff7b99e0ea8a20a1abe7c842ebc08c8c81a2743c81"
CCM encrypt and tag NIST VADT AES-256 #28 (P=24, N=13, A=27, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9498f02e50487cfbda1ce6459e241233bd4c4cb10281dcb51915dbc7fb6545c0":"0d16cc69caa9f19b88b05e151b3d26accd018ca4a5786a80":"e3bd4bc3a60cddd26c20aa8636":"70cfcb828d483216b46c3cd22e2f9ee879e9e3059b566179b6e16c":"f1c4bedb8d6f91676881daa37656a7e6402f472735b04a0f1f8332f4236437737438e7aa1b5100c7"
CCM encrypt and tag NIST VADT AES-256 #29 (P=24, N=13, A=28, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ac7d5bc4698c021e49a685cd71057e09821633957d1d59c3c30cbc3f2d1dbf8":"89198d3acc39b950f0d411119c478c60b2422ffe7e26e00b":"54c8ff5459702aac058bb3be04":"ecbd7091732e49c0f4bda2e63235ea43bbf8c8730f955f9c049dd1ec":"7717b8e4447afcea1eeebf3e39ffdab2f52828e7931ef27e475acd27900478f09fec1f479ab3a7c8"
CCM encrypt and tag NIST VADT AES-256 #30 (P=24, N=13, A=29, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"948882c3667caa81c9b900996e3d591e6fcb3d08333eeb29911e9c6338710c17":"8b9130b0c3c15366831bbb19f377e3209a8dbf7619cd09bd":"43b0aca2f0a9030f90559fa6d3":"a516ca8405e5c8854e667921b5c5e1968bdd052915b55ac9984b7eefb3":"4646b2acdeb11174171da23999cd54e297daa32bbc13d30512e57c576b315f48c11877178389aaa0"
CCM encrypt and tag NIST VADT AES-256 #31 (P=24, N=13, A=30, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3bf52cc5ee86b9a0190f390a5c0366a560b557000dbe5115fd9ee11630a62769":"094b538110495e938b08cf748a6bcf3e0c80ff9c66570237":"f9fbd02f28ecc929d369182752":"ebf0b3e3199a5c3773c761c725c7600add5f9d8321c9f8e5e5fd1c7a5d2f":"4d8b53016fc8bc9677184c0fa15bbd3d671b9366d82ecb67f8562eadcdcbcdbad1299bea1523f5d2"
CCM encrypt and tag NIST VADT AES-256 #32 (P=24, N=13, A=31, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e45bb1730d0d539aab3805350ac986540de9f0f6c239ee70395c291397b70309":"bc8b3bc48c7a88c9fafde258b6ccaa9d4f0d018703d63871":"d5c7824af715bb7822b6b340fe":"860f4a09ad8b3d345c2aa18ffb803f0bc3b734a4d047a1437701a5e3d95288":"95f083ad6bbaee6ab540fe023858f8baf25e333fd3e89c00e678a392d228b210dc5c991905dacf3f"
CCM encrypt and tag NIST VADT AES-256 #33 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e6e34070caf1b8820ed39edfa83459abe1c15a1827f1c39f7ac316c4c27910f":"771a7baa9cf83aa253349f6475d5e74dba4525307b022ba7":"c49ccef869bb86d21932cb443b":"d37e35d7cdccd9824a1ae4c787819735e4af798a3beb49d4705336d6496853ad":"eebac2475004970071dfa2cfb855c4e78b1add8dcbccfc0bd6b14027324b657a56263df148665393"
CCM auth decrypt tag NIST DVPT AES-128 #1 (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4ae701103c63deca5b5a3939d7d05992":"02209f55":"5a8aa485c316e9":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-128 #2 (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4ae701103c63deca5b5a3939d7d05992":"9a04c241":"3796cf51b87266":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #3 (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"75d582db43ce9b13ab4b6f7f14341330":"5a8aa485c316e9":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-128 #4 (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3a65e03af37b81d05acc7ec1bc39deb0":"3796cf51b87266":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #5 (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"90156f3f":"5a8aa485c316e9403aff859fbb":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-128 #6 (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"88909016":"a16a2e741f1cd9717285b6d882":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #7 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"fb04dc5a44c6bb000f2440f5154364b4":"5a8aa485c316e9403aff859fbb":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-128 #8 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"5447075bf42a59b91f08064738b015ab":"a16a2e741f1cd9717285b6d882":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #9 (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb703e1fa6b":"5a8aa485c316e9":"":4:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
CCM auth decrypt tag NIST DVPT AES-128 #10 (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f23e5d81c":"31f8fa25827d48":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #11 (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f2d9a3fbc210595b7b8b1b41523111a8e":"5a8aa485c316e9":"":16:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
CCM auth decrypt tag NIST DVPT AES-128 #12 (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd2463af747cc88a001fa94e060290f209c4":"31f8fa25827d48":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #13 (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134a3e138b9":"5a8aa485c316e9403aff859fbb":"":4:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
CCM auth decrypt tag NIST DVPT AES-128 #14 (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654091a5ae9":"49004912fdd7269279b1f06a89":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #15 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb6a9a970b9beb2ac1bd4fd62168f8378a":"5a8aa485c316e9403aff859fbb":"":16:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
CCM auth decrypt tag NIST DVPT AES-128 #16 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065a65666144994bad0c8195bcb4ade1337":"49004912fdd7269279b1f06a89":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #17 (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"782e4318":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:""
CCM auth decrypt tag NIST DVPT AES-128 #18 (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"a04f270a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #19 (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"41b476013f45e4a781f253a6f3b1e530":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:""
CCM auth decrypt tag NIST DVPT AES-128 #20 (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"f9f018fcd125822616083fffebc4c8e6":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #21 (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"9f69f24f":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:""
CCM auth decrypt tag NIST DVPT AES-128 #22 (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"e17afaa4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #23 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"1859ac36a40a6b28b34266253627797a":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:""
CCM auth decrypt tag NIST DVPT AES-128 #24 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"edf8b46eb69ac0044116019dec183072":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #25 (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b338f125fa":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
CCM auth decrypt tag NIST DVPT AES-128 #26 (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c728a66b69":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #27 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b512cf3a20b7fd7c49e6e79bef475c2906f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
CCM auth decrypt tag NIST DVPT AES-128 #28 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a3081d18ca149d6766bfaccec88f194eb5b":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #29 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"934f893824e880f743d196b22d1f340a52608155087bd28ac25e5329":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
CCM auth decrypt tag NIST DVPT AES-128 #30 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a6559b3b3ee":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-128 #31 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375c0a458bfcafa3b2609afe0f825cbf503":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
CCM auth decrypt tag NIST DVPT AES-128 #32 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c390042ba8bb5f6798dab01c5afad7306":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #1 (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"9d4b7f3b":"5a8aa485c316e9":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-192 #2 (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"80745de9":"3796cf51b87266":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #3 (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"17223038fa99d53681ca1beabe78d1b4":"5a8aa485c316e9":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-192 #4 (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"d0e1eeef4d2a264536bb1c2c1bde7c35":"3796cf51b87266":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #5 (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"fe69ed84":"5a8aa485c316e9403aff859fbb":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-192 #6 (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"db7ffc82":"a16a2e741f1cd9717285b6d882":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #7 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"5a8aa485c316e9403aff859fbb":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-192 #8 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"38757b3a61a4dc97ca3ab88bf1240695":"a16a2e741f1cd9717285b6d882":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #9 (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138cddc93a54":"5a8aa485c316e9":"":4:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
CCM auth decrypt tag NIST DVPT AES-192 #10 (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"32b649ab56162e55d4148a1292d6a225a988eb1308298273b6889036":"31f8fa25827d48":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #11 (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8c5a5ebecf7ac8607fe412189e83d9d20":"5a8aa485c316e9":"":16:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
CCM auth decrypt tag NIST DVPT AES-192 #12 (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6e699f15f14d34dcaf9ba8ed4b877c97d":"31f8fa25827d48":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #13 (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a34fad277":"5a8aa485c316e9403aff859fbb":"":4:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
CCM auth decrypt tag NIST DVPT AES-192 #14 (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5a35df775":"49004912fdd7269279b1f06a89":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #15 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671ea7ade30a07d185692ab0ebdf4c78cf7a":"5a8aa485c316e9403aff859fbb":"":16:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
CCM auth decrypt tag NIST DVPT AES-192 #16 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312ef042c86363cc05afb98c66e16be8a445":"49004912fdd7269279b1f06a89":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #17 (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"1d089a5f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:""
CCM auth decrypt tag NIST DVPT AES-192 #18 (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"2f46022a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #19 (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5280a2137fee3deefcfe9b63a1199fb3":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:""
CCM auth decrypt tag NIST DVPT AES-192 #20 (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"d40a7318c5f2d82f838c0beeefe0d598":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #21 (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5e0eaebd":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:""
CCM auth decrypt tag NIST DVPT AES-192 #22 (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"71b7fc33":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #23 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"d07ccf9fdc3d33aa94cda3d230da707c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:""
CCM auth decrypt tag NIST DVPT AES-192 #24 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"65fe32b649dc328c9f531584897e85b3":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #25 (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"9f6ca4af9b159148c889a6584d1183ea26e2614874b0504575dea8d1":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
CCM auth decrypt tag NIST DVPT AES-192 #26 (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1ebd7965825":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #27 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd14d1d980d6fe0fb44b421992662b97975":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
CCM auth decrypt tag NIST DVPT AES-192 #28 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa206603c51d36c826f01384100886198a7f6a3":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #29 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854cccc25e9fce":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
CCM auth decrypt tag NIST DVPT AES-192 #30 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae98ecedb3e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-192 #31 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f3178464a6f7fa2b76744e8e8d95691cecb8":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
CCM auth decrypt tag NIST DVPT AES-192 #32 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c06bd6dc2e6bcc3436cffb969ae900388":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #1 (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"469c90bb":"a544218dadd3c1":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-256 #2 (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"46a908ed":"d3d5424e20fbec":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #3 (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8207eb14d33855a52acceed17dbcbf6e":"a544218dadd3c1":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-256 #4 (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"60f8e127cb4d30db6df0622158cd931d":"d3d5424e20fbec":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #5 (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8a19a133":"a544218dadd3c10583db49cf39":"":4:0:""
CCM auth decrypt tag NIST DVPT AES-256 #6 (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"2e317f1b":"3c0e2815d37d844f7ac240ba9d":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #7 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"97e1a8dd4259ccd2e431e057b0397fcf":"a544218dadd3c10583db49cf39":"":16:0:""
CCM auth decrypt tag NIST DVPT AES-256 #8 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"5a9596c511ea6a8671adefc4f2157d8b":"3c0e2815d37d844f7ac240ba9d":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #9 (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b722aa8d59":"a544218dadd3c1":"":4:0:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
CCM auth decrypt tag NIST DVPT AES-256 #10 (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a20277d00a75":"bfcda8b5a2d0d2":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #11 (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd374f3bb6db8377ebfc79674858c4f305":"a544218dadd3c1":"":16:0:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
CCM auth decrypt tag NIST DVPT AES-256 #12 (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"afa1fa8e8a70e26b02161150556d604101fdf423f332c3363275f2a4907d51b734fe7238cebbd48f":"bfcda8b5a2d0d2":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #13 (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f4123d14fb3f":"a544218dadd3c10583db49cf39":"":4:0:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
CCM auth decrypt tag NIST DVPT AES-256 #14 (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d8d0c0099":"894dcaa61008eb8fb052c60d41":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #15 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c423a578d179902f912f9ea1afbce1120b3":"a544218dadd3c10583db49cf39":"":16:0:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
CCM auth decrypt tag NIST DVPT AES-256 #16 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae769084607b83bd06e6442eac8dacf583cc":"894dcaa61008eb8fb052c60d41":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #17 (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"92d00fbe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:0:""
CCM auth decrypt tag NIST DVPT AES-256 #18 (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"9143e5c4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #19 (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"93af11a08379eb37a16aa2837f09d69d":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:0:""
CCM auth decrypt tag NIST DVPT AES-256 #20 (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"d19b0c14ec686a7961ca7c386d125a65":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #21 (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"866d4227":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:0:""
CCM auth decrypt tag NIST DVPT AES-256 #22 (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"94cb1127":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"867b0d87cf6e0f718200a97b4f6d5ad5":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:0:""
CCM auth decrypt tag NIST DVPT AES-256 #24 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"677a040d46ee3f2b7838273bdad14f16":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #25 (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc56083ebc7720":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:0:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
CCM auth decrypt tag NIST DVPT AES-256 #26 (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81c44db2c9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #27 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce1ac68bd42f5ec7fa7e068cc0ecd79c2a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:0:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
CCM auth decrypt tag NIST DVPT AES-256 #28 (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"d543acda712b898cbb27b8f598b2e4438ce587a836e2785147c3338a2400809e739b63ba8227d2f9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #29 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69ef891339":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:0:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
CCM auth decrypt tag NIST DVPT AES-256 #30 (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f63d488623":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":4:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM auth decrypt tag NIST DVPT AES-256 #31 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781367f30f2eaad8c063ca50795acd90203":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:0:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
CCM auth decrypt tag NIST DVPT AES-256 #32 (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc4b41096dfdbe9cc1ab610f8f3e038d16":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":16:MBEDTLS_ERR_CCM_AUTH_FAILED:""
CCM-Camellia encrypt and tag RFC 5528 #1
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0DFCAECE746B3DB9AD"
CCM-Camellia encrypt and tag RFC 5528 #2
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F3360B2295DF24283E8"
CCM-Camellia encrypt and tag RFC 5528 #3
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204F551D6682F23AA46"
CCM-Camellia encrypt and tag RFC 5528 #4
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A08B3A933A63E497A0"
CCM-Camellia encrypt and tag RFC 5528 #5
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A77258FA17BA7F331DB09"
CCM-Camellia encrypt and tag RFC 5528 #6
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BABAB36A1EE4FE0FE28"
CCM-Camellia encrypt and tag RFC 5528 #7
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2CACAFA3BCCF7A4EBF9573"
CCM-Camellia encrypt and tag RFC 5528 #8
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F5757388E4913EF14701F441"
CCM-Camellia encrypt and tag RFC 5528 #9
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A5778794D6E230CD25C9FEBF87"
CCM-Camellia encrypt and tag RFC 5528 #10
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5CD09299EB11F312F23237"
CCM-Camellia encrypt and tag RFC 5528 #11
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056079DAFFADA16CCCF2C4E"
CCM-Camellia encrypt and tag RFC 5528 #12
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748CBB94C2947793D64AF75"
CCM-Camellia encrypt and tag RFC 5528 #13
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F64558C02D25B127EE"
CCM-Camellia encrypt and tag RFC 5528 #14
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C867D6E1C48703806"
CCM-Camellia encrypt and tag RFC 5528 #15
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466CA80878A790476DE5"
CCM-Camellia encrypt and tag RFC 5528 #16
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"B005DCFA0B59181426A961685A993D8C43185B":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB226089368C354828D950CC5"
CCM-Camellia encrypt and tag RFC 5528 #17
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"2E20211298105F129D5ED95B93F72D30B2FACCD7":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF43147383276F66A9F"
CCM-Camellia encrypt and tag RFC 5528 #18
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340A1A3D31F8D4B44B7"
CCM-Camellia encrypt and tag RFC 5528 #19
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697A0066D57C84BEC182768"
CCM-Camellia encrypt and tag RFC 5528 #20
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B7FA775B150ED4383C5A9"
CCM-Camellia encrypt and tag RFC 5528 #21
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43CD20A02E0BDCAED2010D3"
CCM-Camellia encrypt and tag RFC 5528 #22
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"C238822FAC5F98FF929405B0AD127A4E41854E":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A2DEA0936B6EB5F625F5D"
CCM-Camellia encrypt and tag RFC 5528 #23
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA8924764296AD04119CE7"
CCM-Camellia encrypt and tag RFC 5528 #24
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966945F1FCEA7E11BEE6A2F"
CCM encrypt, skip ad AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM* encrypt, skip ad AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM decrypt, skip ad AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM* decrypt, skip ad AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM encrypt, skip ad NIST VADT AES-128 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b"
CCM* encrypt, skip ad NIST VADT AES-128 (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b"
CCM decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54"
CCM* decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54"
CCM encrypt, skip update AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM decrypt, skip update AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM* encrypt, skip update AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM* decrypt, skip update AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053"
CCM encrypt, skip update NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880"
CCM* encrypt, skip update NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880"
CCM decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5"
CCM* decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5"
CCM encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM encrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM encrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM encrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM encrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM encrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM encrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM decrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM decrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM decrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16))
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM decrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16))
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM decrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM decrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM* encrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM* encrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM* encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* encrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM* encrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* encrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* encrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM* decrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM* decrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM* decrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
CCM* decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* decrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* decrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* decrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM encrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98"
CCM decrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98"
CCM* encrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98"
CCM* decrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98"
CCM encrypt, instant finish AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af"
CCM decrypt, instant finish AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af"
CCM* encrypt, instant finish AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af"
CCM* decrypt, instant finish AES-128 (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af"
CCM pass unexpected auth data, NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_unexpected_ad::MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM encrypt, unexpected ciphertext/plaintext data, NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_unexpected_text:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
CCM* encrypt, no auth NIST VADT AES-256 #1 (P=24, N=13)
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_ccm_star_no_tag:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886df3ba3e6da3a1389":"30d56ff2a25b83fee791110fcaea48e41db7c7f098a81000":"72a60f345a1978fb40f28a2fa4":"55f068c0bbba8b598013dd1841fd740fda2902322148ab5e"
CCM* decrypt, no auth NIST DVPT AES-128 #15 (P=24, N=13)
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
mbedtls_ccm_star_no_tag:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"90929a4b0ac65b350ad1591611fe4829":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index 5aaaaa2..dbb313b 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -66,10 +66,12 @@
* END_DEPENDENCIES
*/
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_CCM_GCM_CAN_AES */
void mbedtls_ccm_self_test()
{
+ BLOCK_CIPHER_PSA_INIT();
TEST_ASSERT(mbedtls_ccm_self_test(1) == 0);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -80,6 +82,7 @@
unsigned char key[32];
int ret;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
memset(key, 0x2A, sizeof(key));
@@ -90,10 +93,11 @@
exit:
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+/* BEGIN_CASE depends_on:MBEDTLS_CCM_GCM_CAN_AES */
void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res)
{
mbedtls_ccm_context ctx;
@@ -105,6 +109,7 @@
unsigned char tag[18];
int decrypt_ret;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_CALLOC_OR_SKIP(add, add_len);
@@ -132,10 +137,11 @@
exit:
mbedtls_free(add);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+/* BEGIN_CASE depends_on:MBEDTLS_CCM_GCM_CAN_AES */
void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len,
int res)
{
@@ -148,6 +154,7 @@
unsigned char tag[18];
int decrypt_ret;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
memset(key, 0, sizeof(key));
@@ -174,6 +181,7 @@
exit:
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -198,6 +206,7 @@
/* Prepare tag buffer */
TEST_CALLOC(tag_buf, expected_tag_len);
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
/* Test with input == output */
@@ -230,6 +239,7 @@
mbedtls_ccm_free(&ctx);
mbedtls_free(io_msg_buf);
mbedtls_free(tag_buf);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -241,6 +251,7 @@
uint8_t *output = NULL;
size_t olen;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -255,6 +266,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -277,6 +289,7 @@
memcpy(io_msg_buf, msg->x, expected_msg_len);
}
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
/* Test with input == output */
@@ -317,6 +330,7 @@
exit:
mbedtls_free(io_msg_buf);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -364,6 +378,7 @@
iv[source_address->len + frame_counter->len] = sec_level;
iv_len = sizeof(iv);
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id,
key->x, key->len * 8), 0);
@@ -402,6 +417,7 @@
mbedtls_ccm_free(&ctx);
mbedtls_free(io_msg_buf);
mbedtls_free(tag_buf);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -443,6 +459,7 @@
iv[source_address->len + frame_counter->len] = sec_level;
iv_len = sizeof(iv);
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0);
/* Test with input == output */
@@ -479,6 +496,7 @@
exit:
mbedtls_ccm_free(&ctx);
mbedtls_free(io_msg_buf);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -495,6 +513,7 @@
/* Sanity checks on the test data */
TEST_EQUAL(msg->len, result->len);
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -517,6 +536,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -529,6 +549,7 @@
mbedtls_ccm_context ctx;
uint8_t *output = NULL;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -545,6 +566,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -556,6 +578,7 @@
{
mbedtls_ccm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -566,6 +589,7 @@
TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad(&ctx, add->x, add->len));
exit:
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -577,6 +601,7 @@
{
mbedtls_ccm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -586,6 +611,7 @@
TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad(&ctx, add->x, add->len));
exit:
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -599,6 +625,7 @@
uint8_t *output = NULL;
size_t olen;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -614,6 +641,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -625,6 +653,7 @@
mbedtls_ccm_context ctx;
uint8_t *output = NULL;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -639,6 +668,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -651,6 +681,7 @@
{
mbedtls_ccm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -663,6 +694,7 @@
TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad(&ctx, add->x, 1));
exit:
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -679,6 +711,7 @@
add_second_buffer[0] = add->x[add->len - 1];
add_second_buffer[1] = 0xAB; // some magic value
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -691,6 +724,7 @@
TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad(&ctx, add_second_buffer, 2));
exit:
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -704,6 +738,7 @@
uint8_t *output = NULL;
size_t olen;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -719,6 +754,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -732,6 +768,7 @@
uint8_t *output = NULL;
size_t olen;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -752,6 +789,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -766,6 +804,7 @@
uint8_t *output = NULL;
size_t olen;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -783,6 +822,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -801,6 +841,7 @@
msg_second_buffer[0] = msg->x[msg->len - 1];
msg_second_buffer[1] = 0xAB; // some magic value
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -818,6 +859,7 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -829,6 +871,7 @@
mbedtls_ccm_context ctx;
uint8_t *output = NULL;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
@@ -842,5 +885,6 @@
exit:
mbedtls_free(output);
mbedtls_ccm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data
index 92e9cdd..99a662b 100644
--- a/tests/suites/test_suite_cipher.aes.data
+++ b/tests/suites/test_suite_cipher.aes.data
@@ -1595,47 +1595,47 @@
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"fffffffffffffffffffffffff8000000":"2ca8209d63274cd9a29bb74bcd77683a":0
AES-128-ECB Decrypt NIST KAT #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0
AES-128-ECB Decrypt NIST KAT #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"a81738252621dd180a34f3455b4baa2f":"ff800000000000000000000000000000":0
AES-128-ECB Decrypt NIST KAT #3
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"77e2b508db7fd89234caf7939ee5621a":"ffc00000000000000000000000000000":0
AES-128-ECB Decrypt NIST KAT #4
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"dc43be40be0e53712f7e2bf5ca707209":"6a118a874519e64e9963798a503f1d35":0
AES-128-ECB Decrypt NIST KAT #5
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"92beedab1895a94faa69b632e5cc47ce":"cb9fceec81286ca3e989bd979b0cb284":0
AES-128-ECB Decrypt NIST KAT #6
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"459264f4798f6a78bacb89c15ed3d601":"b26aeb1874e47ca8358ff22378f09144":0
AES-128-ECB Decrypt NIST KAT #7
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0
AES-128-ECB Decrypt NIST KAT #8
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"71b5c08a1993e1362e4d0ce9b22b78d5":"c2dabd117f8a3ecabfbb11d12194d9d0":"00000000000000000000000000000000":0
AES-128-ECB Decrypt NIST KAT #9
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"e234cdca2606b81f29408d5f6da21206":"fff60a4740086b3b9c56195b98d91a7b":"00000000000000000000000000000000":0
AES-128-ECB Decrypt NIST KAT #10
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff0000000000000000":"84be19e053635f09f2665e7bae85b42d":"00000000000000000000000000000000":0
AES-128-ECB Decrypt NIST KAT #11
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0
AES-192-ECB Encrypt NIST KAT #1
@@ -1687,51 +1687,51 @@
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffffe00000000000000000000":"00000000000000000000000000000000":"fd5548bcf3f42565f7efa94562528d46":0
AES-192-ECB Decrypt NIST KAT #1
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0
AES-192-ECB Decrypt NIST KAT #2
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff800000000000000":"1b9f5fbd5e8a4264c0a85b80409afa5e":"00000000000000000000000000000000":0
AES-192-ECB Decrypt NIST KAT #3
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffc00000000000000":"30dab809f85a917fe924733f424ac589":"00000000000000000000000000000000":0
AES-192-ECB Decrypt NIST KAT #4
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0
AES-192-ECB Decrypt NIST KAT #5
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"b0ab0a6a818baef2d11fa33eac947284fb7d748cfb75e570":"d2eafd86f63b109b91f5dbb3a3fb7e13":"00000000000000000000000000000000":0
AES-192-ECB Decrypt NIST KAT #6
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ee053aa011c8b428cdcc3636313c54d6a03cac01c71579d6":"9b9fdd1c5975655f539998b306a324af":"00000000000000000000000000000000":0
AES-192-ECB Decrypt NIST KAT #7
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0
AES-192-ECB Decrypt NIST KAT #8
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"c9b8135ff1b5adc413dfd053b21bd96d":"9c2d8842e5f48f57648205d39a239af1":0
AES-192-ECB Decrypt NIST KAT #9
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"4a3650c3371ce2eb35e389a171427440":"bff52510095f518ecca60af4205444bb":0
AES-192-ECB Decrypt NIST KAT #10
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0
AES-192-ECB Decrypt NIST KAT #11
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"a6cae46fb6fadfe7a2c302a34242817b":"ffffffffffffffffffffe00000000000":0
AES-192-ECB Decrypt NIST KAT #12
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"026a7024d6a902e0b3ffccbaa910cc3f":"fffffffffffffffffffff00000000000":0
AES-256-ECB Encrypt NIST KAT #1
@@ -1783,51 +1783,51 @@
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffffe000000000000000000000000000":"00000000000000000000000000000000":"dcf4e129136c1a4b7a0f38935cc34b2b":0
AES-256-ECB Decrypt NIST KAT #1
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0
AES-256-ECB Decrypt NIST KAT #2
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff80000000000000000":"6168b00ba7859e0970ecfd757efecf7c":"00000000000000000000000000000000":0
AES-256-ECB Decrypt NIST KAT #3
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffffc0000000000000000":"d1415447866230d28bb1ea18a4cdfd02":"00000000000000000000000000000000":0
AES-256-ECB Decrypt NIST KAT #4
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0
AES-256-ECB Decrypt NIST KAT #5
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"797f8b3d176dac5b7e34a2d539c4ef367a16f8635f6264737591c5c07bf57a3e":"a74289fe73a4c123ca189ea1e1b49ad5":"00000000000000000000000000000000":0
AES-256-ECB Decrypt NIST KAT #6
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"6838d40caf927749c13f0329d331f448e202c73ef52c5f73a37ca635d4c47707":"b91d4ea4488644b56cf0812fa7fcf5fc":"00000000000000000000000000000000":0
AES-256-ECB Decrypt NIST KAT #7
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0
AES-256-ECB Decrypt NIST KAT #8
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"38f2c7ae10612415d27ca190d27da8b4":"8a560769d605868ad80d819bdba03771":0
AES-256-ECB Decrypt NIST KAT #9
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"1bc704f1bce135ceb810341b216d7abe":"91fbef2d15a97816060bee1feaa49afe":0
AES-256-ECB Decrypt NIST KAT #10
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0
AES-256-ECB Decrypt NIST KAT #11
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"0a6bdc6d4c1e6280301fd8e97ddbe601":"c0000000000000000000000000000000":0
AES-256-ECB Decrypt NIST KAT #12
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0
AES-128-ECB crypt Encrypt NIST KAT #1
@@ -1843,15 +1843,15 @@
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0:0
AES-128-ECB crypt Decrypt NIST KAT #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0:0
AES-128-ECB crypt Decrypt NIST KAT #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0:0
AES-128-ECB crypt Decrypt NIST KAT #3
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0:0
AES-192-ECB crypt Encrypt NIST KAT #1
@@ -1871,19 +1871,19 @@
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0:0
AES-192-ECB crypt Decrypt NIST KAT #1
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0:0
AES-192-ECB crypt Decrypt NIST KAT #2
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0:0
AES-192-ECB crypt Decrypt NIST KAT #3
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0
AES-192-ECB crypt Decrypt NIST KAT #4
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0:0
AES-256-ECB crypt Encrypt NIST KAT #1
@@ -1903,19 +1903,19 @@
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0:0
AES-256-ECB crypt Decrypt NIST KAT #1
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0:0
AES-256-ECB crypt Decrypt NIST KAT #2
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0:0
AES-256-ECB crypt Decrypt NIST KAT #3
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0:0
AES-256-ECB crypt Decrypt NIST KAT #4
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0
AES-128-CBC crypt Encrypt NIST KAT #1
@@ -2127,19 +2127,19 @@
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1
AES-128-ECB crypt Decrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1
AES-128-ECB crypt Decrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1
AES-128-ECB crypt Decrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1
AES-128-ECB crypt Decrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1
AES-192-ECB crypt Encrypt NIST KAT #1 PSA
@@ -2159,19 +2159,19 @@
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1
AES-192-ECB crypt Decrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1
AES-192-ECB crypt Decrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1
AES-192-ECB crypt Decrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1
AES-192-ECB crypt Decrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1
AES-256-ECB crypt Encrypt NIST KAT #1 PSA
@@ -2191,19 +2191,19 @@
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1
AES-256-ECB crypt Decrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1
AES-256-ECB crypt Decrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1
AES-256-ECB crypt Decrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1
AES-256-ECB crypt Decrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1
AES-128-CCM*-NO-TAG crypt Encrypt NIST VPT AES-128 #15
diff --git a/tests/suites/test_suite_cmac.data b/tests/suites/test_suite_cmac.data
index 03c799f..14eb797 100644
--- a/tests/suites/test_suite_cmac.data
+++ b/tests/suites/test_suite_cmac.data
@@ -53,43 +53,43 @@
depends_on:MBEDTLS_ARIA_C
mbedtls_cmac_setkey:MBEDTLS_CIPHER_ARIA_256_ECB:256:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
-CMAC Single Blocks #1 - Empty block, no updates
+CMAC Single Blocks #1 AES-128 - Empty block, no updates
depends_on:MBEDTLS_AES_C
mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":-1:"":-1:"":-1:"":-1:"bb1d6929e95937287fa37d129b756746"
-CMAC Single Blocks #2 - Single 16 byte block
+CMAC Single Blocks #2 AES-128 - Single 16 byte block
depends_on:MBEDTLS_AES_C
mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"":-1:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c"
-CMAC Single Blocks #3 - Single 64 byte block
+CMAC Single Blocks #3 AES-128 - Single 64 byte block
depends_on:MBEDTLS_AES_C
mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"":-1:"51f0bebf7e3b9d92fc49741779363cfe"
-CMAC Multiple Blocks #1 - Multiple 8 byte blocks
+CMAC Multiple Blocks #1 AES-128 - Multiple 8 byte blocks
depends_on:MBEDTLS_AES_C
mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172a":8:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c"
-CMAC Multiple Blocks #2 - Multiple 16 byte blocks
+CMAC Multiple Blocks #2 AES-128 - Multiple 16 byte blocks
depends_on:MBEDTLS_AES_C
mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"ae2d8a571e03ac9c9eb76fac45af8e51":16:"30c81c46a35ce411e5fbc1191a0a52ef":16:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe"
-CMAC Multiple Blocks #3 - Multiple variable sized blocks
+CMAC Multiple Blocks #3 AES-128 - Multiple variable sized blocks
depends_on:MBEDTLS_AES_C
mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172aae2d8a571e03ac9c":16:"9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52ef":24:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe"
-CMAC Multiple Blocks #4 - Multiple 8 byte blocks with gaps
+CMAC Multiple Blocks #4 AES-128 - Multiple 8 byte blocks with gaps
depends_on:MBEDTLS_AES_C
mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":0:"6bc1bee22e409f96":8:"":0:"e93d7e117393172a":8:"070a16b46b4d4144f79bdd9dd04a287c"
-CMAC Multiple Operations, same key #1 - Empty, empty
+CMAC Multiple Operations, same key #1 AES-192 - Empty, empty
depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367"
-CMAC Multiple Operations, same key #2 - Empty, 64 byte block
+CMAC Multiple Operations, same key #2 AES-192 - Empty, 64 byte block
depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"a1d5df0eed790f794d77589659f39a11"
-CMAC Multiple Operations, same key #3 - variable byte blocks
+CMAC Multiple Operations, same key #3 AES-192 - variable byte blocks
depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11"
diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data
index a72d8af..028a07f 100644
--- a/tests/suites/test_suite_ctr_drbg.data
+++ b/tests/suites/test_suite_ctr_drbg.data
@@ -1096,5 +1096,12 @@
CTR_DRBG Special Behaviours
ctr_drbg_special_behaviours:
+CTR_DRBG Threads: no reseed
+ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0:5
+
+CTR_DRBG Threads: reseed
+depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1:5
+
CTR_DRBG self test
ctr_drbg_selftest:
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index c689699..1f0a072 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -3,6 +3,10 @@
#include "mbedtls/ctr_drbg.h"
#include "string.h"
+#if defined(MBEDTLS_THREADING_PTHREAD)
+#include "mbedtls/threading.h"
+#endif
+
/* Modes for ctr_drbg_validate */
enum reseed_mode {
RESEED_NEVER, /* never reseed */
@@ -90,6 +94,19 @@
mbedtls_ctr_drbg_free(&ctx);
}
+static const int thread_random_reps = 10;
+void *thread_random_function(void *ctx)
+{
+ unsigned char out[16];
+ memset(out, 0, sizeof(out));
+
+ for (int i = 0; i < thread_random_reps; i++) {
+ TEST_EQUAL(mbedtls_ctr_drbg_random((mbedtls_ctr_drbg_context *) ctx, out, sizeof(out)), 0);
+ }
+
+exit:
+ return NULL;
+}
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -137,10 +154,12 @@
data_t *result_string)
{
data_t empty = { 0, 0 };
+ AES_PSA_INIT();
ctr_drbg_validate_internal(RESEED_NEVER, add_init,
entropy->len, entropy,
&empty, add1, add2,
result_string);
+ AES_PSA_DONE();
goto exit; // goto is needed to avoid warning ( no test assertions in func)
}
/* END_CASE */
@@ -151,10 +170,12 @@
data_t *result_string)
{
data_t empty = { 0, 0 };
+ AES_PSA_INIT();
ctr_drbg_validate_internal(RESEED_ALWAYS, add_init,
entropy->len / 3, entropy,
&empty, add1, add2,
result_string);
+ AES_PSA_DONE();
goto exit; // goto is needed to avoid warning ( no test assertions in func)
}
/* END_CASE */
@@ -164,10 +185,12 @@
data_t *add1, data_t *add_reseed,
data_t *add2, data_t *result_string)
{
+ AES_PSA_INIT();
ctr_drbg_validate_internal(RESEED_SECOND, add_init,
entropy->len / 2, entropy,
add_reseed, add1, add2,
result_string);
+ AES_PSA_DONE();
goto exit; // goto is needed to avoid warning ( no test assertions in func)
}
/* END_CASE */
@@ -177,10 +200,12 @@
data_t *add1, data_t *add_reseed,
data_t *add2, data_t *result_string)
{
+ AES_PSA_INIT();
ctr_drbg_validate_internal(RESEED_FIRST, add_init,
entropy->len / 2, entropy,
add_reseed, add1, add2,
result_string);
+ AES_PSA_DONE();
goto exit; // goto is needed to avoid warning ( no test assertions in func)
}
/* END_CASE */
@@ -196,6 +221,8 @@
size_t byte_strength = expected_bit_strength / 8;
mbedtls_ctr_drbg_init(&ctx);
+
+ AES_PSA_INIT();
test_offset_idx = 0;
test_max_idx = sizeof(entropy);
memset(entropy, 0, sizeof(entropy));
@@ -214,6 +241,7 @@
exit:
mbedtls_ctr_drbg_free(&ctx);
+ AES_PSA_DONE();
}
/* END_CASE */
@@ -228,6 +256,9 @@
size_t expected_idx = 0;
mbedtls_ctr_drbg_init(&ctx);
+
+ AES_PSA_INIT();
+
test_offset_idx = 0;
test_max_idx = sizeof(entropy);
memset(entropy, 0, sizeof(entropy));
@@ -307,6 +338,80 @@
exit:
mbedtls_ctr_drbg_free(&ctx);
+ AES_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_THREADING_PTHREAD:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
+void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count)
+{
+ size_t thread_count = (size_t) arg_thread_count;
+ pthread_t *threads = NULL;
+
+ unsigned char out[16];
+ unsigned char *entropy = NULL;
+
+ const size_t n_random_calls = thread_count * thread_random_reps + 1;
+
+ /* Based on the size of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA512. */
+ const size_t entropy_len = 48;
+
+ AES_PSA_INIT();
+
+ TEST_CALLOC(threads, sizeof(pthread_t) * thread_count);
+ memset(out, 0, sizeof(out));
+
+ mbedtls_ctr_drbg_context ctx;
+ mbedtls_ctr_drbg_init(&ctx);
+
+ test_offset_idx = 0;
+
+ /* Need to do this, otherwise if we are forced into using SHA256 for
+ * whaever reason, output will differ. */
+ mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_len);
+
+ if (reseed == 0) {
+ mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_OFF);
+ mbedtls_ctr_drbg_set_reseed_interval(&ctx, n_random_calls + 1);
+
+ TEST_CALLOC(entropy, entropy_len + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN);
+ test_max_idx = entropy_len + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN;
+ } else {
+ const size_t entropy_size = ((n_random_calls + 1) * entropy_len)
+ + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN;
+
+ mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON);
+
+ TEST_CALLOC(entropy, entropy_size);
+ test_max_idx = entropy_size;
+ }
+
+ TEST_EQUAL(
+ mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0),
+ 0);
+
+ for (size_t i = 0; i < thread_count; i++) {
+ TEST_EQUAL(
+ pthread_create(&threads[i], NULL,
+ thread_random_function, (void *) &ctx),
+ 0);
+ }
+
+ for (size_t i = 0; i < thread_count; i++) {
+ TEST_EQUAL(pthread_join(threads[i], NULL), 0);
+ }
+
+ /* Take a last output for comparing and thus verifying the DRBG state */
+ TEST_EQUAL(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)), 0);
+
+ TEST_MEMORY_COMPARE(out, sizeof(out), expected_result->x, expected_result->len);
+
+exit:
+ mbedtls_ctr_drbg_free(&ctx);
+ mbedtls_free(entropy);
+ mbedtls_free(threads);
+
+ AES_PSA_DONE();
}
/* END_CASE */
@@ -317,6 +422,8 @@
mbedtls_ctr_drbg_init(&ctx);
+ AES_PSA_INIT();
+
TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_rnd_std_rand,
NULL, NULL, 0) == 0);
TEST_ASSERT(mbedtls_ctr_drbg_write_seed_file(&ctx, path) == ret);
@@ -324,12 +431,15 @@
exit:
mbedtls_ctr_drbg_free(&ctx);
+ AES_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void ctr_drbg_selftest()
{
+ AES_PSA_INIT();
TEST_ASSERT(mbedtls_ctr_drbg_self_test(1) == 0);
+ AES_PSA_DONE();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data
index ede6f24..a6d5e57 100644
--- a/tests/suites/test_suite_gcm.aes128_de.data
+++ b/tests/suites/test_suite_gcm.aes128_de.data
@@ -1,735 +1,735 @@
AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d785dafea3e966731ef6fc6202262584":"":"d91a46205ee94058b3b8403997592dd2":"":128:"3b92a17c1b9c3578a68cffea5a5b6245":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aec963833b9098de1ababc853ab74d96":"":"4e0ffd93beffd732c6f7d6ad606a2d24":"":128:"e9fcedc176dfe587dc61b2011010cdf1":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4fb9e3393681da9cec5ec96f87c5c31":"":"845e910bc055d895879f62101d08b4c7":"":128:"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a930f2e09beceacd9919cb76f2ac8d3":"":"340d9af44f6370eff534c653033a785a":"":120:"0c1e5e9c8fe5edfd11f114f3503d63":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe71177e02073b1c407b5724e2263a5e":"":"83c23d20d2a9d4b8f92da96587c96b18":"":120:"43b2ca795420f35f6cb39f5dfa47a2":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b02392fd7f228888c281e59d1eaa15fb":"":"2726344ba8912c737e195424e1e6679e":"":120:"a10b601ca8053536a2af2cc255d2b6":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"21895cbafc16b7b8bf5867e88e0853d4":"":"f987ce1005d9bbd31d2452fb80957753":"":112:"952a7e265830d58a6778d68b9450":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb9742bf47f68caf64963d7c10a97b0":"":"34a85669de64e1cd44731905fddbcbc5":"":112:"e9b6be928aa77b2de28b480ae74c":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"":"1c53a9fdd23919b036d99560619a9939":"":112:"6611b50d6fbca83047f9f5fe1768":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"82fede79db25f00be96eb050a22cea87":"":"e9c50b517ab26c89b83c1f0cac50162c":"":104:"d0c0ce9db60b77b0e31d05e048":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1d98566fca5201abb12914311a8bd532":"":"590aef4b46a9023405d075edab7e6849":"":104:"a1cfd1a27b341f49eda2ca8305":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3038771820c2e1319f02a74b8a7a0c08":"":"e556d9f07fb69d7e9a644261c80fac92":"":104:"4d2f005d662b6a8787f231c5e1":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0fb7eef50de598d7d8b508d019a30d5a":"":"a2a2617040116c2c7e4236d2d8278213":"":96:"68413c58df7bb5f067197ca0":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cc58b609204215c8ab4908286e56e5c":"":"fb83ea637279332677b5f68081173e99":"":96:"a2a9160d82739a55d8cd419f":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81a5fd184742a478432963f6477e8f92":"":"da297cbb53b11d7c379e0566299b4d5a":"":96:"200bee49466fdda2f21f0062":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f604ac66d626959e595cbb7b4128e096":"":"269d2a49d533c6bb38008711f38e0b39":"":64:"468200fa4683e8be":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2e308ba7903e925f768c1d00ff3eb623":"":"335acd2aa48a47a37cfe21e491f1b141":"":64:"4872bfd5e2ff55f6":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1304e2a5a3520454a5109df61a67da7a":"":"dbe8b452acf4fa1444c3668e9ee72d26":"":64:"83a0d3440200ca95":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"":"ddf0b695aef5df2b594fcaae72b7e41c":"":32:"2819aedf":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9ab5c8ca905b5fe50461f4a68941144b":"":"96dd3927a96e16123f2e9d6b367d303f":"":32:"6e0c53ef":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fc7af605721a9cfe61c1ee6a4b3e22":"":"6b757d4055823d1035d01077666037d6":"":32:"e8c09ddd":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03c0b4a6e508a8490db0d086a82c9db7":"":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":128:"756292d8b4653887edef51679b161812":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b228d3d15219ea9ad5651fce02c8374d":"":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":128:"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"776afcbabedd5577fe660a60f920b536":"":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":128:"a5347d41d93b587240651bcd5230264f":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":120:"2a67ad1471a520fe09a304f0975f31":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bc73fba942ff105823b5dccf6befb1c":"":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":120:"ebdd7c8e87fe733138a433543542d1":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"356a4c245868243d61756cabe86da887":"":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":120:"ed26080dcb670590613d97d7c47cf4":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfa7e93aff73600fc552324253066e2c":"":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":112:"6ba5e4dace9a54b50b901d9b73ad":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2ecea80b48d2ecd194a7699aa7d8ccfc":"":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":112:"246a9d37553088b6411ebb62aa16":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d38fee3fd3d6d08224c3c83529a25d08":"":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":112:"803a08700ec86fdeb88f7a388921":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1899b0cbae41d705c6eed3226afb5bc0":"":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":104:"c5d58870fee9ce157f5ec1fa8f":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b95323d86d02754f4c2874b42ec6eb0":"":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":104:"c4724ff1d2c57295eb733e9cad":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30da555559eb11cf7e0eff9d99e9607d":"":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":104:"3c82272130e17c4a0a007a908e":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ed2ac74af896c5190c271cfa6af02fd2":"":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":96:"db8af7a0d548fc54d9457c73":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0225b73fe5fbbe52f838d873173959d8":"":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":96:"e2c2ce4022c49a95c9ac9026":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"89ca3771a0ef3287568b4ac036120198":"":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":96:"06b2bf62591dc7ec1b814705":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a41a297bd96e224942998fe2192934a1":"":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":64:"49a4917eef61f78e":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9372c058f42e0a1d019bdb528313919":"":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":64:"b82cd11cd3575c8d":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6302b7338f8fa84195ad9abbacd89b4e":"":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":64:"5222d092e9e8bd6c":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78b5c28d62e4b2097873a1180bd5a3a5":"":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":32:"eae48137":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d84130578070e036c9e3df5b5509473":"":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":32:"79987692":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08428605ab4742a3e8a55354d4764620":"":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":32:"3eb3e3a2":"":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd358bc3f992f26e81e3a2f3aa2d517":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"d8c750bb443ee1a169dfe97cfe4d855b":"":128:"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"43b5f18227e5c74288dbeff03801acd6":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"08ee12246cf7edb81da3d610f3ebd167":"":128:"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a433c612d7e1bdff881e4d63ba8b141":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8b670cf31f470f79a6c0b79e73863ca1":"":128:"8526fd25daf890e79946a205b698f287":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e9d75c781d63b29f1816859f7a0e0a0":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"748a3b486b62a164cedcf1bab9325add":"":120:"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe6b8553002c69396d9976bb48d30779":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"595b17d0d76b83780235f5e0c92bd21f":"":120:"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14898c56009b459172fef9c17993b54f":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"0862f8f87289988711a877d3231d44eb":"":120:"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5253d4b071793b081ebc122cc2a5f8":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"49e82d86804e196421ec19ddc8541066":"":112:"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3502d6f0d172246e16503cdf5793296":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"6ce994689ff72f9df62f386a187c1a13":"":112:"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5fb33dd73db309b9dfd3aee605cd94bf":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"3f6486f9e9e645292e0e425bac232268":"":112:"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a958fe3b520081b638d9e4c7d5da7ac7":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"c396109e96afde6f685d3c38aa3c2fae":"":104:"06ca91004be43cf46ed4599e23":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec319fb143eac8215b51541daec268f2":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"8a4684f42a1775b03806574f401cff78":"":104:"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14a3e69f351ac39b4297749a90c1365c":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"eb1c6c04437aa5a32bcc208bb3c01724":"":104:"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c34827771fc3918d1cee09ba9401b832":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"2379bbd39a1c22bc93b9b9cc45f3840b":"":96:"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b1f9bd2006ec550b7b9913d383200b5d":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"ca28fa6b64bb3b32ef7d211f1c8be759":"":96:"c87aac7ad0e85dbb103c0733":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b2cef1a92aa0af2b00fb2a99855d5bc":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"08d87b7acee87d884667f6b1e32e34d0":"":96:"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"175c306f8644b0c4b894ae3d0971505e":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"9860268ca2e10974f3726a0e5b9b310f":"":64:"f809105e5fc5b13c":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08c0edcfe342a676ccdc04bdf854b4b0":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"4a7b70753930fe659f8cc38e5833f0c7":"":64:"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"241067a0301edf0f825d793e03383ea1":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"a30994261f48a66bb6c1fc3d69659228":"":64:"36c3b4a732ba75ae":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03cccb5357bd2848332d1696f2ff90cb":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"e0754022dfb1f813ccaf321558790806":"":32:"c75f0246":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e5e53c84a05d5a5348bac7b2611cf62":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"47e40543b7d16bc9122c40b106d31d43":"":32:"81eec75d":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c94008bf377f90b7a1c0d2ea38f730c":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"abfe92931a8411a39986b74560a38211":"":32:"47d42e78":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"69eedf3777e594c30e94e9c5e2bce467":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":128:"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45cc35311eedf0ba093bf901931a7036":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":128:"266a895fc21da5176b44b446d7d1921d":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9edb5231ca4a136b4df4ae22b8588f9f":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":128:"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5fdcb8f5225090e63fae9b68f92c7cb":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":120:"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036198cd3a3ab9319684d0f811cf2992":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":120:"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c9fbbff8f25f951ba874dfc5ff38584e":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":120:"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a314ec178da96311e42334a616fb38b":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":112:"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e818372a63b7e2c23b524e29ba752bdb":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":112:"3744262bc76f283964c1c15dc069":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a04f16882ff45816739d1b6697ce8b7":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":112:"fbb37084396394fecd9581741f3c":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38cf029a4b20607030586cd2d82146e6":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":104:"7b021de5cda915ba58f90ceef4":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cf4d81fc5997c744a572bed71f4ae609":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":104:"0a86142a0af81c8df64ba689f4":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d88ad40b42ead744f1b7a36685658be1":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":104:"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3ce86a212a30e724b4c624057db4e79":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":96:"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0155360b84420b5bf4fb410ea02f31e":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":96:"ac5addcc10cae6c1345520f1":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"694f621f594d96b16c32254ff06f3f9c":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":96:"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78826a5215a1d5e1b39cad5a06861f8f":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":64:"a724bbb295a02883":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d450f5253251121606e56687952bf2f1":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":64:"6446398aff73ed23":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90a59f6b0abf932311f0b65623c17740":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":64:"dc77c1d7e0902d48":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be4ef629f0b38194c74f7b66418922d":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":32:"3d8fc6fb":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c50e37244931e8debc12b3d561c83ba2":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":32:"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8531ddb03977383405baf2ee9ca7d64b":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":32:"2fc9de46":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"862dd5b362cfa556ca37e73cff7f4a0e":"":"81530a243655a60d22d9ab40d2520447":"":128:"3b9b2af54e610ed0b3dda96961dd8783":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3452b7bc100c334292e08343f139b9d0":"":"8f92739a30fe4ba24079f5d42753d6ac":"":128:"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"31a0cbaf21b943f8badc939e94eac7eb":"":"d5bb2c4eaec47088230972ae34fcda9c":"":128:"580e728512c8e44fbb3fe2c498e05323":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e8fca537746e7cbff97f1dcd40a3392":"":"43e9f2bf186b2af8cc022e7c7412d641":"":120:"4465a3f9d9751789bcef5c7c58cbc5":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"35b5854ca83792ad691dbda1a66790fb":"":"cff61cf9b32ea30cf7e3692aa6e74bed":"":120:"726793199df533dd9055b0ac7c939d":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"07259267c1c6a015437a5d8cfa92f9e6":"":"18b9cf2ad7ace6ec1c8366b72878cf20":"":120:"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa1df8955aa3ef191900b06e7c1b7d46":"":"6928c138c98a4350c318fbdccd3f44ba":"":112:"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c04200ce41ce77d772babb206315ec7d":"":"a885d58f0f38f9ff26d906fa1bfb12f4":"":112:"9ee0d025421f2bf18caf563953fb":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"650df049461be341c3099bd1613dcead":"":"8a4ff6327b49d297248ce2d5bd38afa8":"":112:"13f067ef0d7b448d56e70d282fed":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee61b5bf5060fcc637dc833926898508":"":"b2dcf21f9ffa4a883044d29f087f9b85":"":104:"9ab1d66666d4dea3cbb5982238":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"01cc56ca7e64db7fbef66236a5c49493":"":"8ea5b63004189792cc040ef18b37e550":"":104:"d685aeb54aa129a21bed17766e":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"134dd72ac8e28ab46720c2f42284a303":"":"c6368e4c0ba0ec90fa7488af9997a4c7":"":104:"4ad9cdf19ff7d7fd7e273efced":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"180c04b2bde6901edcda66085f73ecd9":"":"9193b206beade4cb036f01a9db187cb8":"":96:"530f5e9ed0879ccef3a7b360":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaac85742a55ffa07e98106d6d6b1004":"":"630cd8ab849253c4da95ac80324ecc28":"":96:"37911820c810e3700c3a9321":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"":"86e6100669929e329a1d258cd3552dc9":"":96:"958d6141f7fb2b2dc7d851a6":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd756d49fd25380c4026ea03cafc2da":"":"6a6f7e39b0d730ea1670e13d16c12c28":"":64:"872ef05a28da5ea1":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bd8a834b288bdc7578b6c6ab36f5d068":"":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":64:"c5c094e83755f2b6":"":"":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"020d280dbd06939bbb5e6edc6f6d39c6":"":"09aea6f0e57598452719d6f63b6fe5a0":"":64:"05d6c56ba601e85b":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e47f41a27a2722df293c1431badc0f90":"":"227c036fca03171a890806b9fa0c250d":"":32:"86c22189":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9d3e112114b94e26e93d3855d4be26bd":"":"99b98525160c4bb2029da5553ff82b59":"":32:"33bee715":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b4b7688588125349fbb66004a30d5d4":"":"b4ae363edb529d8b927c051cf21a2d9d":"":32:"6a920617":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":128:"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":128:"c53d01e53ee4a6ea106ea4a66538265e":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c88b191ce6e8e4a3941f7960b7eae5":"":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":128:"92604d37407aff33f8b677326cbb94fc":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c818dfa0885a09f65ef78712f5ce6609":"":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":120:"20e9a3a98d71d460743e1efaab13c6":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2354c6b6afaa883e7ce91faca4981f8b":"":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":120:"3588c9aa769897dfa328549fbbd10a":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0af48e6aebbb6ff5b7c92bd140b085f":"":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":120:"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a05fe482fe164b2eca7f6c3e377b39d8":"":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":112:"3900bde9fa9ae2cbeee54d04f224":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dacbadf819eb16a63f6f091d13ed04d4":"":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":112:"8988fca83c8cfb1f8feefac46f04":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"969244c7444f3f3bf193b28f8e8e96dc":"":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":112:"a291c7527385f037f62e60fd8a96":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"525abe490c8434802b69439c590a5290":"":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":104:"038c7e95f790e6ca5ce73f9551":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51644e025659de983f5c8156516b812e":"":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":104:"77e3deba2c7f9386f85bc4a801":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08566ca7310302dfb84d76ea0525ba20":"":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":104:"873f037fc05252a44dc76f8155":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfb54db96383fa911bf5b4fa1218ef9a":"":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":96:"dada7fc7fed58db462854ef6":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"389cf888474e9403e5f4d0e22ffec439":"":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":96:"92726d90ad26130e65f2beb4":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e55abb2ca36c822bf2a030ac703cb8b4":"":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":96:"65025250343ed8c09b3fceed":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"586114f3b1dc087e1b2739b28c592dfe":"":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":64:"467a815610faeb82":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbfe806bddb7f06b3826b097550c68f5":"":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":64:"0697ac372a9acafd":"":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"96ce3a095a91effdd91d616f1f02ddcd":"":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":64:"55a0f61032e048f3":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24ece168c2971cf2b404ea206dc9e29d":"":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":32:"d2b15a23":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d3c3cf993f6740a019e61ce13c29955c":"":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":32:"f2d3a6ff":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f1e5bd45ee8bb207ebbd730510ff218":"":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":32:"0d6c15da":"":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3997050377cfbb802cc438d973661688":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"c95c84c263bdfd5f1de66e7e616cf3fb":"":128:"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"cee448b48d3506ff3ecc227a87987846":"":128:"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc2bde877e881aea512068105694968":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"05f0c34ab2e8e8026b0a23719344b71f":"":128:"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e14f45ba5d1eb52e0412240da5d7b5f9":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":120:"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a64579f3601b0022d357b601cd876ab":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"515efc6d036f95db7df56b1bbec0aff2":"":120:"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bda4acfd10ab635f357935bb0ab7020":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"48b77c587616ffaa449533a91230b449":"":120:"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d21cf24bc5bd176b4b0fd4c8477bb70d":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"208cb9dced20b18edddb91596e902124":"":112:"7edfb9daf8ca2babcc02537463e9":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d02e2b02170986944487cba8448f998":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"6336077bb83eff1c9ea715de99b372cd":"":112:"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd1ad1de0521d41645d13c97a18f4a20":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"413873a0b063ad039da5513896233286":"":112:"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cb120e9cd718b5119b4a58af0644eff":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"5a7087989bfe2f6eddcb56fde4d72529":"":104:"95d8bd12af8a5ab677309df0fb":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"315b206778c28ed0bfdd6e66088a5c39":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":104:"930750c53effc7b84aa10b2276":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e886de1c907c97e7db8ec80a79df90f8":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"612cacbf33266353d0a29a24532f3c0c":"":104:"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b936e09a6477f3bd52030a29df5001d":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"f93105be83fa5e315d73acfdcf578de7":"":96:"91b55bb5e3f3f1abcf335db5":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc9e2095de7b1b48481b56bf6a3604cd":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"9e5268db19a1b51c0496a160ca76f8f7":"":96:"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3f93901fd7cc88db3ba76a158d658c7b":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"7e98de461e6d96c0ce6c8d8b3854cf49":"":96:"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"42289f3d3cd5838e250ef54b128e60d1":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"e557389a216ad724aafdab0180e1892e":"":64:"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d772eabb7f19475665ca2a7e693bcfc":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"0747cbb486a013453fde1ca6abb11dbe":"":64:"8e761ffaea68f967":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fb7fd753ee6eaaf283a42a121dab4e43":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"8164929fb54485377ecccc9b9621af5e":"":64:"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30d757fd73a0fd5fa49159ad0653296d":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"b35b8df0aebd0608517f2830e0e70cd0":"":32:"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9d3cfd5900de5d5e2109e7721cfeef6":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":32:"2b81e8ce":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"68dc138f19354d73eaa1cf0e79231d74":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"e7147749560f491420a2d893c075bb76":"":32:"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7362c86344e0aefb0cf0d04768f9c05d":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":128:"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"58748bb204ccb7bdafdbf739b6c19a3e":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":128:"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6cc13cbd62428bb8658dd3954fe9181f":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":128:"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"286d3f5080cfe88538571188fbeb2dd5":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":120:"d90d34094d740214dd3de685010ce3":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"726ae113a096769b657f973ea6d2d5dd":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":120:"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73a9eeda721c6f292e6b399e2647f8a6":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":120:"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90dbda7397d8fc46215a1218a6ffd0d8":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":112:"776d871944159c51b2f5ec1980a6":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c85174d428fc1c7c89ca5d1b8aaba25":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":112:"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d89f06eb07744d43d44734faf9751d07":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":112:"fcad48076eb03ebe85c6d64f6357":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6150f14dc53f391e815acfabed9f9e20":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":104:"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e8216072ed6fcde0fe0f636b27ed718":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":104:"531a65cc5dfeca671cc64078d1":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1af434b73a1210b08595ffa686079832":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":104:"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04036d2f5273c6ff5b8364aa595359c9":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":96:"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59fe44c6e28d025b2ad05e6e867051ab":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":96:"296c4cdaeb94beb2847dc53d":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c314264cee0e6db30ebe9b2f6d4991b2":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":96:"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"26072018bd0bda524b5beb66a622c63e":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":64:"edffe55c60235556":"FAIL":"":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"201751d3da98bd39ff4e5990a56cfea7":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":64:"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bc0dcb5261a641a08e6cb00d23e4deb":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":64:"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"239c15492d6deec979e79236baca4635":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":32:"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db68a96e216b0dd9945f14b878487e03":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":32:"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":32:"8e5a6a79":"FAIL":"":0
AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":0
AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":1
AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":2
AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":0
AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":1
AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":2
AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0
AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1
AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":2
AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":0
AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":1
AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":2
AES-GCM NIST - empty AD, empty ciphertext
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_decrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"cf063a34d4a9a76c2c86787d3f96db71":"113b9785971864c83b01c787":"72ac8493e3a5228b5d130a69d2510e42"
AES-GCM Bad IV (AES-128,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
AES-GCM, output buffer too small, NIST Validation (AES-128,128,1024,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_update_output_buffer_too_small:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"0dd358bc3f992f26e81e3a2f3aa2d517":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"d8c750bb443ee1a169dfe97cfe4d855b"
AES-GCM Selftest
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_selftest:
diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data
index a87fb18..be3b067 100644
--- a/tests/suites/test_suite_gcm.aes128_en.data
+++ b/tests/suites/test_suite_gcm.aes128_en.data
@@ -1,735 +1,735 @@
AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1014f74310d1718d1cc8f65f033aaf83":"":"6bb54c9fd83c12f5ba76cc83f7650d2c":"":"":128:"0b6b57db309eff920c8133b8691e0cac":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d874a25f2269e352ccdd83cc2d4e45b7":"":"9717abb9ed114f2760a067279c3821e3":"":"":128:"0e09e53e5fe8d818c5397c51173eda97":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7dab77e23b901c926454f29677eb62d4":"":"8aaec11c4a0f053d7f40badd31a63e27":"":"":128:"cec2e3230d8b762acee527e184e4c0db":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2397f163a0cb50b0e8c85f909b96adc1":"":"97a631f5f6fc928ffce32ee2c92f5e50":"":"":120:"3b74cca7bcdc07c8f8d4818de714f2":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7adc0d3aacef42397bbca79dd65dbdf":"":"c6d3114c1429e37314683081d484c87c":"":"":120:"d88141d27fe1748919845cfa5934bc":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"10171805d7f7a6d87b64bda57474d7fc":"":"fad65b50c1007c4b0c83c7a6720cacb8":"":"":120:"c3d3f240d3f3da317eae42a238bcc1":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8aaa0c85d214c6c9e9e260e62f695827":"":"84e25c916f38dd6fdb732c0d6d8f86bb":"":"":112:"a774815a2a8432ca891ef4003125":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"def8b6a58b8e582e57700bab4f2a4109":"":"3615439e9fb777439eb814256c894fb2":"":"":112:"537be9c88d3a46845e6cf5f91e11":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5894231d743f79638687c070b60beee1":"":"e34cd13b897d1c9b8011a0e63950c099":"":"":112:"d582c4bc083a8cf1af4d5c2c9b11":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6b25f9cbdc3bcd27fd245a1c411594bc":"":"a6526f8c803b69dd5f59feca1cff78e2":"":"":104:"c7e19e08a09a9c1fa698202890":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b3235422897b6459798a97ddd709db3d":"":"96679e9362f919217d5e64068969d958":"":"":104:"44ed41bda0eb0958d407b7b787":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f65bc795434efba3c5399ed3c99ff045":"":"2e727c19a89cba6f9c04d990245fceed":"":"":104:"64830ed7f772e898800fc9ae2a":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c6c66d50f2f76c4e911b3b17fcdcba1d":"":"77b42158a4ef5dc33039d33631bb0161":"":"":96:"1bce3ba33f73e750ab284d78":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13558db9b7441c585d381ffc16b32517":"":"addf5dbe0975c5ad321e14dd4bdc2ad2":"":"":96:"f413c3bf125ce5317cd1c6bd":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"74638628b1361c2954ce0ac5456a1155":"":"c5861507c879e6864d7cb1f77cc55cc6":"":"":96:"8a514fdc7835711e4f458199":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7815d22c5c081df9ac2114aaa2c0cbf9":"":"822f83cd9f249dfc204b5957f0b0deab":"":"":64:"aa1f69f5d3bb79e5":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a847a47823cb9c298e4107c6aaff95c":"":"39348f80c6bc489f9315be7a6fcbb96f":"":"":64:"c3b3f31e56cf4895":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16e67ea248ea6db08af1d810cb10574e":"":"50386e2075eb15ca3f3e6db6bff01969":"":"":64:"3d4f3b8526a376ae":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26a8301636ba93e7f56309143f184241":"":"c7e32b1d312971bdc344aefaf45461bc":"":"":32:"25f1b41c":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"130a07c467067148da2790f90d73ff32":"":"800b81c9d2ff3a8e15690ffb4117e211":"":"":32:"abcc8d71":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccfaae59c3196b8c403716424ea601f5":"":"f9b059de0efa4e3f364763d63d098410":"":"":32:"8933444f":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5beefbdd23360f2dd1e6e3c1ddbfebf":"":"81a8494f85be635d71e5663789162494":"f9ebf242b616a42e2057ede3b56b4c27349fed148817a710654de75d1cfc5f6304709b46ef1e2ccb42f877c50f484f8a8c6b0a25cff61d9537c3fd0c69bbc6ef21cbec8986cbc9b6e87963b8d9db91b7134afe69d3d9dec3a76b6c645f9c5528968f27396cc9e989d589369c90bbfefb249e3fa416451bc3d6592cc5feefbd76":"":128:"159a642185e0756d46f1db57af975fa3":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c465aa8fe5d534c912e654f5aaed5857":"":"5c155f7194b0d0a17b9a0c234d609443":"a3f8d705b233b574399f72350b256cb4893e130688913ce3def8e44687688c0352ff987aea35dc53bc95cdb9cdcc6e6eb280265d9a1af38d526392ab63c9b043c1b1b43e18321e84eb7e08884f2463c32b55eb5859fb10918595a724a61cfdf935e4f96d0721612720d46a946487b525779f6ce0abf04fc5608351119b7427d2":"":128:"9595a6d879cd7a949fa08e95d2b76c69":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"744b9e1692d8974d7dec349ebd7fe1e8":"":"62ad4b09fd554e0d6b3937839e693e5b":"6f9978f7078f0030c45caf49128ff72943a208a2398d08d132239f3ab5c184708e4222ec9ccde69dc86d1700c2fe0af939454bbb3962327158557860b6fa492ab8201df262a6209705c7e3129419bce8b827320893c1579ca05b32c81b3963b849428f71fe7528e710557a272117199163a35ebfbaba78f7676f7e566b16311a":"":128:"634f6fe9625be8b1af9f46bcc0fa3162":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"097c059535037c6b358dbb5a68b5f2b1":"":"00caedfa078c27e3d9551e3fb8d98d77":"6c4bde11129a959fcd6a482cb19f5f1c582c042b314f7997b0450242f9e669dc1cbb0a3b7a185bf8b035267e6f03206268008e2b97864d44d6a9c6b1b4b067d623c4b4e9c608042ea9120aed3bee80886352683891496d8980e40b8480c98c2fe08f945aa1ef6007c65220319dd8678184ab54e81083b746ec6441e87a568e0c":"":120:"5075ef45c6326726264703f72badde":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d25db5eca46c16490294423ca0c35660":"":"6f37f15d6c7ea816278ab977c29fa45e":"bd76fd431cea72a288e5d7289c651c93b5f429a54f85249021d6b595eb9ce26e18914a381a6b0299acc3725431b352670f206b731be718a598ec123dce0a2c5ac0aa4641b092e704da9f967b909ca55c2722298365a50dcb5b5ec03a1d0cbb67b8de1e8b06e724af91137e0d98e7dc1e8253887da453cdcbd2eca03deacaabb8":"":120:"00510851e9682213d4124d5517ebaf":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b3c6258a726aff94a7bcc41646c68157":"":"7f5b3315afe5167a7e9061ab8b005588":"0ef3384862c7e00c2912e7fde91345dc3134b5448e6838f41135ba9199c03a7f208887e467563b39a6c1316540c1401e8ff148386c50fcf15724a65d3210b17832d63cdce76bd2b458348332b0b542122a57e381475a59440f280db6e1f4b8d0babfd47e3db11a9ef89cba5f334f0e8e72be30afb2b1ef2df8eb7f8d3da033c4":"":120:"180489039ccf4a86c5f6349fc2235b":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73cd0a1e2b6e12fbaa7cbace77d5119c":"":"d897681764bcc3b62c26b4aaf407cefa":"8c773e14a906c7deae362d1bf3d7e54c6be4c74c691b7f2d248693b2619219fba6eb5bc45f77af1cf7c05d3dd463158f884fe82290d145135889fd851b86ee282aa20bbdf6af78c7f9db6128b8b99e7f9b270fd222efa18f7aca6932a1024efb72113e812b3f9d2d4ccc7c85f5898ddacccbf1b441cd74097740dd922b57bade":"":112:"d8811a8990191f1e5bd15be84995":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c1dfddafe076d0ceebb0f37bb25bc0b1":"":"29c56db10cea802c19fb6230227ab2bf":"287b73cdc62ce058cdceff8e9af7afc321716f69da9eef60c2de93630ba7d0ed0a9d303cd15521a2647159b8478593f3dd3f5b7c52081e5154e55ccbff371d7e5dfc2d05e14d666a01ec2cc6028aacadfd78dfc73bf639fc4dfa0a0c46415902bbda2443620fa5e0ce4fccf1b8591e3a548f95755102a8438300753ea5f61b9f":"":112:"309fedad1f3b81e51d69e4162e6f":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2c4087ccd28ceda147d2fcfc18579b1e":"":"9cbdd67c79ab46bcbcfa96fa2c3d7e87":"35088d18dff0a9d3929ce087668aae1d364b37a97102f3f43e11950e6ec8296d0c99b00cd1c5dff53d3a38475e7da7b9ee4ce0c6388a95d3f8b036414e4b79cd02b5468cbb277f930e7c92432a609db1effe65f60f1174b58f713e199491f9e0c29ba1f2e43306775d18c1136274af61488a2f932e95eceadfe3fe4b854fe899":"":112:"b7e83207eb313b3ceb2360bc8d4f":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bb66584c8b18f44c11f3bd7180b9b11d":"":"39c82aee03ce0862ff99f8812cdbdcf0":"45ec858e0a5c6d81144ba893e0002818a70e9a19002a5471993077241b3fcfb4fd984f2450803293882d1c7ecb654e611578fe7d258f9a2ca3b5f0c0f0d0ec4828bdeb9299914ff2ac4cc997cf54fa908afdb3eae9f91d67c4637e1f9eb1eae2b3f482ddd5467668bc368b96bbbfc33b9ae2658e4ca43fcf4b66ba2a079d65f1":"":104:"24332fd35a83b1dfb75969819b":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b2a230c8978d4e38fa5096ddc19d6f5":"":"cd25e744a78af858e825e1fd070324ee":"628baac336862573cee158cd3935c34df3055dadc9c1695e9ea18724f6457f0d1833aab30b85a99e0793e56000de5d6d5cb2327a4cc8bec40cd198459e7b93617713e63bbd15381a066bc44a69c9ad3dfb1984f8b33a9429eda3068d3ac5fbbaaee2b952a486e58d674ffca641d9ec1d102600af11641fd5fff725204e6c34a8":"":104:"68d49d495ff092ca8e5a2c16cb":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73aa576e1dfad2c993afcc088bd8d62b":"":"712e665a0a83e8ecad97e92afeb35706":"314e5fee776e9d5d2a1fb64ceb78e2c9a560a34724e30da860b5588fe63d50838cb480ff8ac61d7958b470b1bfd4c84799af6cb74c4a331b198204a251e731f7d785b966da595b745d01769623492c18b9dd8bd3c75249effd2032658c715906a71dbbed847027ea75d647f9803296a41906e0915250854597a163035a8d3f45":"":104:"a41f5c9c7de2694c75856460d4":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83f7631c4d4c466c9246cbc48e2dde6f":"":"f5d6c8c252cb687a931c38f58f74943c":"1f35e94a35d0f424bf690a15038126a41502593612efe6333cf94ea0565ca6acdefae8d74dae62df95e9261c6596c3397220e044c5b08cf39cccb27315d9b795da321204910274a93436bc0573fdba04ae6bb14c6ca955cf8b9e193a12e05796d7f4b397507614dabc457f1cd3ce19e439b6e62703f2189372938b29b7a542b9":"":96:"bb85dbd858ab7b752da7e53c":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"784e023b2d4c978151d05ee71533c56c":"":"f16d041b9f0f454db9985c8558ef8a61":"91f6e108c294640c7bc65d102d3d25a7bfbbe114acec9b495636689afd65fff794837946602ef04de7d4304a81809e0f7ddc45c476c29fd5286fcf4dd1ba76ed3ce88abdb51cd21e7aaeecb13238ac031da87ab96b2a13157278bf669d0efae28852ec3585d520d54502881322f7977d03954e17e7c0c0d8f762e34f59ca141e":"":96:"59699c639d67be6a6d7c9789":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3a2ec66e4a72cb3540e87f4e67c7e58":"":"07a9cf9f44b07e3067d60e276322e9fb":"d7e722b82e8607a64fbfeefc7887009298f06a637fe937277e3a76e8addaeeb460ba0743912c07b500b4b51e9fec2b7eddf691d155baf689f75968160c19a8330e254220142ae843bf0687aabeb74ab607227b0a7539ec3cfea72a5c35f236623af78beffaee6e7b1adc2895732ffedb3f8520710f04eb9c2ce9b2cae215ed5c":"":96:"f29aec72368bfcfa9ae815fd":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83f382a90146544ef4871bde891aed22":"":"c6f664f5ccfd1aaefb60f7fa3b642302":"656a2f221a1339d8f5c26393a08fa31859f626eec9a68afb6ee30e5b6859d1cbb5ed7dea6cbc4a5d537d70227d0608185df71a0252fa313be4d804567c162b743814f8b8306155931fdecf13822a524868b99a27fd2ff8f98c16edccd64520e2dce1ad645fd5255c7c436d9b876f592ef468397b00857ba948edf21215d63d99":"":64:"09df79dd8b476f69":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"64334f10a62c26fef79d9024d4ba7c5f":"":"7b85251554d4f0ff89980cf3568c5caa":"dab2892262a1832a473cd3481acbd3d1820f14361c275514ec693b40f2170ea5ff82c4f7e95a7c783ea52c43a0a399c37b31319a122fd1a722e6631efa33f8bfb6dc193986580f0344d28842a3a4a5ca6880552557f3915a65501f6ee0c1b68a4c9040f0fac381cbccb6a6e9bca23b99f2ef1abbca71c69aa27af2db176bf37d":"":64:"3e8406900a4c28bc":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c98ca4971c3a6333c18b88addf13368":"":"7f617f08e826a3c61882c3e00c203d4b":"ab1531fce0f279d21091c3334bd20afa55c7155bfc275330ed45f91cfc953771cbde2582f4be279918ac8b9ae07cb3b2efd14292e094891d4841be329678ad58d714fc8ce4bffe51f539f4240c14ba883b95cdc32cf4a9fd6ba4ffeafa0d6718989c46483c96cfca3fe91000f9f923d7f96725e966de068b5da65546fe38f70e":"":64:"58cc756d3bf9b6f9":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"247d3abeb807bde959e68b40a3750045":"":"3f5390cd7921fcb42c59f0db05a8a62f":"81abf375da7157a1a56068d0918037fecb7296d9b1771c54ae6030abda4b9d76feff818de81747980b2c1b005e36b3be36afbf1092edef6fd875d2903d73612addf206a6ae65886421059c70990a6ee33197f92bed649901fed62fdd20c30d81baf6090f50d9f59290528e58a0b7412ace0a293369f2b4c8d72c2fb0e1c432f5":"":32:"37bb4857":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"622be8cd3c757de00fbb7ab4563ce14f":"":"16c53a843b1549716d7c06b141861862":"a15d101580d549f2401bf0f36be0f83724875205c9109d2d69d2609cbf67504b918f0859303192b4075f952454f3e7152f898f997b36afc0356712fc08db3343054b20e88ad1274e019bf8fcc3c921d3bc8f9c1d1d24adc61f6033a83ef46a84762304f1903553748b13b1647c96eb8702ebb41ccea4d9cfebcb177c453277f2":"":32:"35778596":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a660aa0191f9816261387d5aeb262f6":"":"c720cb31e841480da5ba656e9b93f066":"d979affe395bd048db26d26908a1c2a435905299086cc55bb65ef782f5aed99c41743c3ae252ea087f5453bdc605abd784b337b60960946358da2218b076826659a1fafa59124a00a3424fce0d00c38eea85cfb3d1e01bcb09d9870d5b3fe728f394e0e512f5aa849d0550d45a7cc384f1e4c6b2e138efbc8f586b5b5ed09212":"":32:"cf7944b1":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"ad4c3627a494fc628316dc03faf81db8":"":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":128:"5f6a3620e59fe8977286f502d0da7517":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"81371acd5553fdadc6af96fdeee4c64d":"940806fd5ddcab9937b4ba875e46bb4b7e9688d616d17fd24646f1ef1457819f55887f53bd70039bb83b4d346aabe805288ab7a5756874bdc2b3d4894217d3a036da5e9e162fa2d9819ceb561ecf817efc9493b9a60796f6dc5e717ac99bc4ba298eee4f3cd56bbc07dde970d4f07bbfa1f5fe18c29a3927abe11369091df28f":"3262501ed230bc4f5a190ab050e1bcee":"":"ffeb1907bdbfea877890a6e972a533ae661a903a257b3b912c7c768cc988e05afd71a9e6117d90d1e1b54f55de9b10cbce7a109452567483cc8d6a68b9e56da10802630591fdd8d55f9e172f0f58a7e0c56a73a1ae3c3062f0997b364eb0885d48e039b2ba1bd14dbb9c74a41cbd4b52564e470d1a8038d15207a7650bd3f1d6":128:"227d422f8797b58aa6a189658b770da9":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef5295e9ae74729e222df6dab251158d":"59372848432f86f5740500391d2e5d5fbe1f80ea876a0ecb9a5b298d9ea7cdc28620aeb2fda015345ae476f265351b2c6b6fcd66bc8aae4dc8a95c1350cda204da3d2d2fc5e6e142dc448296d5df0cc349d1eba2fa98d2f468662616274a147fbe07927440afa3967ac09a03a8de0b03f3036bde5e272e3c4c5ff169dd730238":"194d08fcc3c08ab96fa724c381274d3f":"":"fdceeffdc8390bde6b910544db61db2f345eba0664f78f65d94b90e3e2a5251be374b3c5d881460cfff3549a01f84eb9d54087306a20f5156cd555e46bd2173386c90ea47983320fcbf24e09a05f2ec4b2577287d05e050b55b3002b753de49abef895ee97015810c06d09212b0c09e4910c64ac3981795a1e360197740360fd":128:"e94603dbd8af99ab1e14c602a38a0328":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26db035f2ddd9f5672c6f6af156838d7":"92c315936847649756b0b1bb4a3453e6e6da866f8088d96da44412d9f47a22dda0cd817287ba42163be59a69f73963059139fb3ba44bc5ebfd95b6742546dfb4fe95608dca71911d1347be68179d99c9ebf7ee1d56b17195f8794f3a658d7cad2317ed1d4bc246cd4530e17147e9ecdf41091a411a98bb6047eee8b4f1e4a9ef":"3686d49bb8c7bd15546d453fdf30e1f3":"":"1ac98e9ccfe63a2f12a011e514f446c4c0e22dd93613b1b9b8f56d148be8a24e3682dfc1cde2b69e72d200b516a99e7466dae8cc678c6117dc14b2364cd2b952aed59722056d7dae4cfdb7d9c4f716aef2aa91a4f161d01c98d92d974247bb972de0557e175177ce34361be40c30ab9ac46240016e5ad350c3b7232c5920e051":120:"b744316880b0df3d4f90c3ffa44144":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5c63757197a132cbb33351fd2d81a46":"e970b62ce5f06b15f8448aa2a095c2b3c8adf535e110e7f374411ed51fa19f9c4926045f796b7cd8a942b6a19811b7aae59fce37e50d6ca5a4a57bfb041a5b51c1ee82b54d03be22d9dc2bb9a2e708503b85e2479b0425a033ae825b4f232ca373e280e3cc97cf0d79397a81fb30d3b41cdaa3e788470cde86734e10a58b1e3a":"a669a4d2f841f9a0b9ede1fb61fee911":"":"522ba7220d0d4bea7ab9ca74ad8fa96ba337f7aa749cd26186499081ba325df6d6b90a81bd1c7adda0cd1ca065894f14a074ec13eff117b2a00042038aea55850056a63adf04f58fcd7269085f5ad1ef17ce7b6c40804127f14747a2ad93ec31fada83663af025a3b90c20a4ae415b1c960094e5fd57db0d93a81edcce64f72d":120:"7bfce3c8e513a89a5ee1480db9441f":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f380d3bf0d55a1cd56b7e78359eb6c66":"c0e977e91c1c50ee78d4a56c527b2d31a1a14f261aa77e52d910f8f230de4908b5cc6943e28b8c6e7ac61eebe270dcfde48d140ec13792371932e545b6ef4b52d1dfdf54c60ff892b74095a3f4a2b9000acd2cac04666a2305343b8c09f89dcc0c25bbe2a39b14624118df025962edec3dfc58d36fcac531b291ec45b5159e22":"ba3300f3a01e07dde1708343f01304d4":"":"752f09b518616a91a802cf181532c7ec65b54c59c1bab3860f0ad19971a9e5bc8843524c5ffac827067b462ebb328e2eff4dd931728de882055129997204e78717becd66e1f6c9e8a273c4251896343604ac289eb1880207a8ea012626e18e69ad7573ef73071b8e2fb22c75c7fc7bf22382d55a5d709c15e4e8ff14e2bf81e4":120:"fbf8818aee5c71ebfd19b0bcd96a7a":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"47c807cd1cf181040a4e3b1d94659db8":"c4a52c1f1f0d32c21fb85fba21d1b358b332efa066c7893c566b2e859efdde99fc67bb6167cdb0485a8ed53dd1068d90bc990f360b044039791be6048ba0ee4ce1090c9fce602af59d69069f5bff8b6219aaaed5a9b1bfc8c5b7250c5a6cfe86586fa8064124d551da38d429a17696eb1a7a0341c363f010eafd26683eecdf82":"9963a3fb156beacd6dd88c15e83929df":"":"e784ab006de8a52de1d04bc2c680d847c5decdd777cb2475ad4ab1dc529882d9e51cff5451b14ea5ff9a9bab5c5474e8a331d79564acdb2ac8159e0f46e9019bf80650c481fdaf1680cadcb8c5de9f924760b376ce5736cc4970cb8715b5999f577436283a4c21469306840af36d1e069616157d1b9ce75de3adb13d201cdf1b":112:"51e8ce23f415a39be5991a7a925b":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a0b033d14fe902aa0892b0e87f966c41":"1cc751d890cd102486d81c618c23fa335067ac324ef11f7eddc937853db6e16d0f73727725a5a5bd580705416ecd97e368464ed0aea923ffb71c23c37f9cf9c8bd81cdbdc3d0ac34a875db3167ec1d519004d4fa4bba041af67af1ed3d4e09c32b3e8e10abd91f46836cec74b1f9c5b06c05f3b18caa78e7ff185db212b52ce0":"ad4dee18e6c19433ad52021164f8afb7":"":"a30044582dacf57332b04402e993831df0a4c1364a83c9bce7353979fb444cd1b3fe747e2c933457ff21f39e943a38a85457bfe99dc09af886734d6e4218fc65138055ad8eb5d3044f4eed658e312b6165199e682ffa226558dc4b516f8d519f149bb5a40d2bb7d59ece9e5fd05358c89e635792ad20c73c174719f9b28c7358":112:"6a18a4f880ce9e6796e1086ed05b":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c4030ca84f132bfabaf660e036f56377":"a8fe98e2b4880d12c99c9d5193b3537b3fbc5165cc1327395174d989be5741f867332271cdc52ddb295ddbeba33698073054c6d2416fafaeb0a76aad870a6fb6097a29fba99f858d49418572c8e4dc0d074ca8af7727c773c8617495b1195d6b2687a2e37fad116dd721b60bcb5471d548c6dafe3ecdcf0c962e4659a61f4df3":"975df9c932a46d54d677af8a6c9c9cc3":"":"86b20fecebc4cf88a6a382d693117cd2a3c9eab747bf5df5f1d35e341d204d8fea6694b92552e347da676bc8d3353984e96472a509f5208ce100a2a9232478417947f85f10993c9d6939c8138bd6151aef8e2038536e8ba1ba84442e27586c1b642f9505455c738e9fd2c1b2527d1ecd3a2f6ed6e3869000ef68417ec99ff7a2":112:"3516909124c0c1f9c30453c90052":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6e210de363f170a7ccb1b9cec8d34737":"89853fa002985a45651f2a7db2b45b7e7a7d33ce6c438ec4533c7fa257e1a384130369a68184a807fd0d92a70d91d7ddc56e5c5172c872257230d7aeb9293d785b1b8835dcde753798caff4abcd8bbc5378cd505dcf904aa69902e4f38699be972099adffc8778bd844a9a03e6b58a721a73324d956f20f2ffd00d3491f72f42":"39fe20b051ba21319a745349d908c4bf":"":"ac9d74f8f405fd482287a4a7fa359caca095c0f1b46744f19c3c11e13b0c605b9857c8cc5a1754b95bcc658416f463bf8764f373205941885948259916eaabd964f2d6c2d784f928dc5eefe331f6c04b4862d4c8e966530de6bf533a10818de852de3af7f521b167cb4eb7141ba8ae8a17be1eb714fd26a474bbbbe870a659dc":104:"7a2dfc88ad34d889f5e344ee0e":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6bbfeda23ea644fb37666b05dc47f590":"a85ec4c2c160deda7e3de0ae449eea6ed1d24e2c8f3d5151f2ac0fd869f5a763981733b68f46c5197d76c26cce7ddc8afc6cdf4536d771cf3e9cef0098e270c5e1ff72cb0ad7f84abf44b726e0eae052d0c1553afc67c7289a43851a4d04c2856cc46b4039380436465a3b19deb56e41b859aecaf22b90578a23288d5f7d9b0e":"9d154f3cc2c5b0bdd77e86e351220960":"":"dbe575ea04b58429e68c733d99d7fb3a57e5604d6fc3baf17e0c6f981d78c070144702861316f892023515f20b697a8f3a40d821162dc9255d4775e7578285acf2cca67e902c060f80eaae29b9c011b6c110371409d914782e1e4115dc59439a2823507330852f10436b121538f22a3b619075610f1da87b6035138d78c75a79":104:"8698763c121bf3c2262ba87a40":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce1407f666f2aa142ed4ef50eb2a4f64":"585fc1e86809247826f87424741f6ce2ce7c7228fb960803be643acd28332b2036715e2b639fe3f8de7e43e88bd8e65a6e2259391360aaf534ae7566cbd2b3961c874d08636fca117d4123b3063931d7a161d00220014339ae9f447f31b8a2d7d5466fb1ff2508397b5fa71f9b4cd278c541442a052ae4367889deaed4095127":"1225a2662d6652e3d4e9c5556bc54af4":"":"8bc13cc1cb52fbd15390cb5663ce3111c3fb943f8ed3c4f07b7aeb723649fccb90895999ec5dbdb69712d8e34ae3f325fefa49ecc7c074de8bb2ea01fa0554d7adbf49498f2f6e78aa0cd24620bab0f11bf9b2c73ad0eff780eb6c03ee9c4538952af754c566aba7c717d1ee6ac2f5ffe21dab9afd649cd65313ee686596fef0":104:"9a1f1137f9ed217815551657bf":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5ecea1da76d6df90fd0d4077ef631b17":"d87e9a0c6a9796d60ed78924f7a8c408d5b9fab03fc76790e74029f13358fcae0035bd971a400845f508c2c2cdc3949be498193afcca6d75f8d21521ac673bd41a936a133fb5ed61098f3cb89df5234c5ca5ad3dbbe488243d282412844df0d816c430de3280ab0680a2a5629dce53f94e8eb60b790f438a70fafb8a3ed78a1b":"7d7ae2ed1cfc972f60122dec79ff06fc":"":"1eb19da71857854420c0b171f1f0714972fe7090db125d509aff6d92e5192353187f0906e3e8187f73709d1a60e074af01e83d1306d582a82edbdbebc797a733d72e2d4208675ef98ea4eaaddae2292e336fcd3fa85cdc577f4b8d3f324f0c5cf3919701208d6978f83466a02ae6cc368f57e18b9ee16e04cf6024b0c7fbad33":96:"f74b3635ec3d755dc6defbd2":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6d6de51c30692d7863482cbbaa5ccbc3":"9f242c230ae44ad91cb0f4fe259684883968f3ca4f57a3e0cc4b03ab063a4eacdf63f9e7900a98073e345d1b497b985887e1ffb5fe7d88cefa57dd41076f2da55ce7ab0899bdc5799b23773f8f7a4dfbf1861cf4de377281fae9763dd4ea8dc7c0d632b874c86ac8e4c90339ec3f14cc51bf9241660ab828605cc602984a0f10":"c6c0fa3da95255af5f15706274fa54ee":"":"55e75daa3df3b13a33f784d5adacb2ff6861cacb297d5eaa61693985b6a0f82e9e0b3a28d10648191c6e62d6260d8a8bb471e6b37aca00dafdb2fb17454660f90c2849a9ad1733d7bc227d962b3cd86ab32d5b031eb2e717e4551cb23d448e06bac7b2a4cadb0886fde472d45de39eca2df474ba79eb58504318207325c81813":96:"8eb9086a53c41c6a67bad490":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"76b7f2307e9cf9221c8f3ff7105327f9":"bc076bfd1ff7a9fb043a371e5af7112bb0c9c442be44ca648567937bcc091c127f02ab70b81ce51b2f7a38954dca3d94b3716c6114f0ba349d6f87f5efd84506ed289dfe8a1277a5d1821c56f9f297cb647cdf36d308e6ad41c55d68a5baaa520d11d18f5ddea061c4b1b1ec162b2d5bcf7c7716235dd31eda3dc3094cb15b26":"3cdaf7932a953999a6ce5c3cbd0df7e8":"":"88c70d3cf5817f9fa669aadf731c0eb03c3d8e552f2dc763001ac94837353ab75b0c6553bb8ba2f83ef0556f73dae78f76bc22de9a9167d7be8e31da6e68b0f0bdf5566059901726b6f2890ac8745ed14f8898a937e7d3e4454246185124f65cebd278f8c11fb0de22da7248f33ef6bb82cb1c08259970714de39ea4114f85af":96:"6006fe48f74f30bc467c7c50":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bac83044f9d8fefcd24766644317c533":"a72daba9de96bc03b5cd7449c2e97c858385475127b9614e37c197225d5789535b69f9123993c89a4815c1b4393bfe23754ddc6c01fc44cd2009b5f886988dc70a8cebb12664fa4a692db89acb91de6a9eda48542b04459149f59537e703e3e89f6d683ebb797fce3874c819d08676d926bf2da2f83a22449b89e204b5ece58a":"1307cd0e6f9ba5570e9781fca9a4f577":"":"479cdb5f65b9baff52a96c75790e3b7e239125f94525068cd1d73a1b8475080f33451ec83789d7189f5ad6a9130e7aa4df10d71ecabb5ccd980d84d0fbfb342506edcf7298ccb310c0e297dd443ded77cf1d96fc49055534439f1af583217a5de36e4df036a3b640d0212658399b629193080d38aff0d4e8aecd6c8d8f48b44f":64:"ca192f8153aa5fb7":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"627776b20ce9bb070a88f1a13d484550":"1da4a24fb12538a724f62b277410d50e918bd6224d4a61df6fb7734300643198debea71686e018bcd8455c2041265d11f7f5dcec08c31fc94784404423bcf1dc8e615227d2b0840be123a1efb8201aaa15254a14a2d76a6ddf536701cb3379d3c6b1b0d689e5896186c88d4a2c53a70bb422ecc8e0a5c3b9f3d89ce40676e4f9":"57f3f9388ea1e2c1c73f60b7d711f6ea":"":"f8a06eea528dad12b11ead51763aa68ca062f9f6c1c1f740fb910974f7ad9d2ac87c16fb74d07c3bd3b45f2e26af417e00416bdfee7ed0b69274ead70a52201c1fc05937438855f5564ec3e824daa0c59da1aa6f6cb8a44ab5f73d661b219766b80656cd3ff1e2d6909c6ce91fb14931af8580e859e9d7642678c1c35d9435d4":64:"05b432826dd9b044":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8954e2c0a7ea80fe3c8e75246f75bdbd":"d77e11a837eff95c77dd56e9cd97f0ffcee0adcca4a2203d23ce74c804a75cef1bdd69b16228472a2395118dfce636b8916372d6a24106f9a168055c6d4b44264674ce3905b3b30f5108ebf939f3fa8f55c12e001b457b73669acd23c1dcabea05aaba34e2d0f66a4d1c9162764228ebc4d3974fdb38b1a61a207788c5deb878":"2b5f9420b3c583403d92d76a2dd681c3":"":"35b8a04d6557426def9915eb798312a7572e040a65990ce15a8a6e5acd6b419c3fa26828b6efd2f1f50f91f672fed0feaa09a6ca6b4844fac5d3db571db8bbce250086b8c89aa6fa07bdca8dd0e1fe76e0f5a821145bafa11f3a9b0b003ad09de73ad71849ac58f7fd50851aa0fbbed17d222a0a5607f9f75dd3b0d3fa45a135":64:"96511adc097838e6":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7d0f9109dd846c47527a429b98d53301":"506efc29c0f02910cc9f5b2e677bb811e366b9e4910c00b36e48e5d5b42718f3b6d1a08a2de9c6d4ce44fce00fb7e10cf89396a88bdb38dcb0dba69449195e19b72ff989666b366f03166dd47cf4c7bf72dba3048fa34329ba86bbbf32934a0992d72c463fffee94653379d23b8bb4dff03fd86cfc971a2f7cdb90589bbbcb28":"f58a5bb77f4488ee60dd85ca66fad59a":"":"2e2760c649f17c1b4ba92b1fc9b78d149a9fc831f0d0fe4125cbfc70d52047f32a7f25c716533d199af77ed05e259cc31d551187dbc2e7d9e853d5f65ab8a48840f22391072cbe29e8529cd11740f27d11513c68ad41f4acc6fb363428930fe3d7c0e698387594156e6cc789d432817c788480f3b31326fa5f034e51d2af8c44":32:"6ced7aac":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"034c805b5e83b59ad9d6a65ade3940a9":"efbec09f8189404f3dbe569d3bab9b8bfabde419fc80abb3b21a07a5fe42326d23d022406981abd558e94f4debf38f2c34c3c315cb1ae1d5f2d48eae1335b50af9dd05b60aee724edb7d4e12703d5ec8873c55e3a3d6d8d5e4daddd5240fa3ec2d1f32442ce32cde66dfac77ed213207dc4838ca9782beb9a98d6dc52838831b":"b0c19448b9f2a818fd21ba6489c34fb0":"":"a45ba5836011fc65882ba8b1d6bf7b08b17f26b9cd971eece86fbb6aac5cdfd42790a7c7390099b10dee98cb8e4bd8b3ccb3ca5d0b9d02f759431de640ad7f5dffb919a8aaa74695f94df8eff4c7cb242d643c55d6f9c8323006f3be595aa8cdbfb0d9260ad2473b244ca65a5df53d2edd69f47df608e22a68b05623150b5665":32:"43e20e94":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f3bad89e79691ae72f53964b928a09f3":"01913e4ef10226d80c5026ba9243fa41edaf5f5c232d17c034db4c0c8369f48d89a1d58b3b2dda496506c30457365bdd76710173a97022d647276a4a8ac73f0e9e211cfd7d64849409ef61cce618675eaffe88b3f14496e5eb013c0f8a122dbf16f2c675edf7f813abe9c56101e570e208e651fd956e710dc09f13ebd22b81ab":"aabf77116a75046e7ecc51a468aa21fe":"":"f7453670604ff6287ebdaa35705cf7553410452fdb1129a7fcae92565a4217b0d2927da21f3d1b2bd5ae9b7d4dcc1698fb97fc8b6622ddc04299fdebaba7f7090917776b86b2af4031fe04fa1b62987fa9ec78fbbc2badc3a31449be3a858ac7f277d331b77c0e9b12240bd98488a131dbd275b6a0ce9830ff7301d51921ba85":32:"15852690":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"839664bb6c352e64714254e4d590fb28":"752c7e877663d10f90e5c96cce2686f4aa846a12272a0aba399e860f2838827c7c718365e704084fbe1e68adb27ad18e993c800da2e05bcaf44b651944bde766e7b3ac22f068b525dd0b80b490b3498d7b7199f60faf69fee338087f7a752fb52147034de8922a3ed73b512d9c741f7bac1206e9b0871a970271f50688038ab7":"5482db71d85039076a541aaba287e7f7":"4d75a10ff29414c74d945da046ed45dc02783da28c1ee58b59cbc6f953dd09788b6d513f7366be523e6c2d877c36795942690ce9543050f7ab6f6f647d262360994f7f892e9f59941a8d440619fda8aa20350be14c13d7924c0451c1489da9a0cafd759c3798776245170ad88dbceb3cacde6ba122b656601ccb726e99d54115":"c7ee1c32f8bc0181b53ce57f116e863481db6f21666ba3fa19bd99ce83eee2d573388a0459dfede92e701982a9cc93d697f313062dbea9866526f1d720a128ab97452a35f458637116f7d9294ffc76079539061dfeff9642a049db53d89f2480a6d74a05ff25d46d7048cc16d43f7888b5aff9957b5dc828973afccff63bd42a":128:"63c8aa731a60076725cd5f9973eeadb5":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f2af1b14ca9598c341785189ac6e085":"790bc975865f44e3a1534e978e90b064530321a2280a9172dc7f3451773b01d4a56c1857ad0474350b945e4f34cd677c22ca89445a564b47a8526d31d18160c35d2be1e89428c3593b53877cea0d88d85b2a7ed0552e39a0e96e35ae0384a5d7868243045dcbfc245a3eb3ff99f4dd86c0a314f68d1971e773caf9c168b0aa0b":"bbf23307ad2718398b2791c16f69cc45":"26b160695de2ba40afca6bd93f1c2895f92ca9108847a8ab71ad35cac9f9c9f537ef196c5d41b10e3777c9a02ad3c73cd299a85f60e5d02794c3be2643c3e63f105b94d32cb4e3eb131d3f487fa5d1de1a4ad80cad742704ed5c19a7cf4e55531fa0f4e40a4e3808fb4875b4b5feaf576c46a03013625f04331806149e0f6057":"52c373a15e1bf86edfb4242049f186029b458e156da500ce7a8fc7a5fd8a526191ac33e6b4b79b36fda160570e2b67d0402a09b03f46c9b17317a04a4b9fbe2ddcfc128bd0e01b0be3fe23e51b69c28bcf8725b8e4208aefb1cf34fe91a2bb6d5bef7b936bec624a8f38c9cd4ac51a0187635138d55da1fb1791adfbf8459d3f":128:"db3bbdf556c9c1be9b750a208fe55c37":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02980dff205bfa5b18037486618e1fbd":"f037ae281e45c50c9fa875f0ec9eb43251d3ae1b6acde27cb5edda7a4e384f50301a68bb6f4caf426adb31457c5eeaa789edc84fd902cb82e00dccbebe272d90cf690ca82ee748885f02daf377970e985d55994fa668fc5e3e06763e6829059fe0c3eb67033b3f5223cd4bb654484c57370d2b856d7117e32ead3d179064315b":"27354e68a004b255a380d8480dc9b19e":"37eed8620136842938ee3c3c08311d1298d3fd3f0456c056e0851a75d844fe6c61aeb2191c024ffce38686c09ab456f0ec26bd76f935d747002af9b47648502713301d5632c2e0d599b95d5543ac1206170ee6c7b365729c4d04ea042f04363857f9b8ea34e54df89e98fef0df3e67eaf241ed7ebbc7d02931934c14bb7a71ad":"f8090d0a96fc99acb8f82bbbe58343fe227d3f43fceece5492036b51ac2fa6db4bf8c98bf28b40132b1ab46517d488b147e12ceb5e6b269bb476a648d8a1133d5e97d4f4fbdfa3866a04948851cfb664f3432de223f3333248a1affa671096708ce6e2c9b4f8e79d44c504ff3cd74e8dffd4ddff490bcba3abffbade0a4e209d":128:"b5762b41241cbee4557f4be6d14d55d4":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1fc9bcc5aee350f1ef160346b642cc20":"e0fb08cf7dc901bf698385a38e1a81acd4118f083e52aa52e1ded16ab1e840cc49fa1ead3292ce21096cc75c89dc3701102b0982fd3a6bfa55a7799e579aa7336edf365574a904bad924ec080b093a604994db4dcd8323d7d39c3c35750b0741b170481539d22551871d6a0e2ea17e4bebe8ce19ec3bc3bf4f6edae9cd7ab123":"910a81a5211ce0f542f1183c08ba96a7":"2dcf7492c4539d6abc3d259ba5970033ebc2e7ddfa1af8be11f81b459d7477f310be2171290bec2f2ae2cc51266f46e98c878dd2444afefdbdb73a417518f5fd4c116547bf442fa9a8cb2300c5ff563117b2641dcd65018081e62a7ce5c4d822563824e5eafea90cbceee788ed44e6c4f23fe8926603a15adfdb556f11a0be9a":"514d27f8413d7ed59d96c14e7e74b9f3d4518486876c469b369f8c5734145f4aa52506c8f832d4811e5f981caadedcf09875033c5b28a00f35605d773c7f9e1af7f0c795e3df1fa9b5a524f1f753836c1e2dc9edf1602d37ac120f3d8a5c093a5285dbe93957643a65f22995a2782bb455d23318f01bd18ae0d0813b01d233e5":120:"feb7a25a68b5f68000cf6245056a1f":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9cf329dc10bcebb484424c77eb785aa2":"92728a696b07704fb1deb648c5036a1c8602b4006fb2fd2d401c4b6692e252c7f66918078542cc0b1a97486964276d6e6c77bbb88a9fff0285aef70783d9f2be3b7b22f8a8c02771492150122fe022722bf64263f5d2406884108d8d608273bc02a9127fe4dbcb321ac44a7d2090cff7017d59d73ecf927b8b05968675a63ca0":"a430b979168f5df5ba21962d1bd6dd15":"4d94b7650297c66b43210c84e6e7b09385117ed8fb91adf643b2339f39a5d8dd0b0d75a793e2a669e42c5ddb0873714e01cb65da9eb73fd976a49ae9a4762bcbc06be5052f750d110a407764280b510da5fd0fdce969f86ea6bf52ad4fd9e2d81ec5cb84af0a1d406504a34c51c751daebb4421fe1994bf6db642e64bd471d9a":"c13dbfc60b34d75f8a84db1f6aa946dbfc19479d63900450389756cd1ada8f6d2d0776607f7053db6bfa6752c4b8456f0ace314ff3fd4890d6093a4a5d47dd8fbf902e3e3000f5e02ba93a00985f29ad651cb697cc061d8f3cc74e6d8d0743a1988947c9dc2305e2b7c5a78b29400d736acc238131700af38e72d8c98ba007eb":120:"82f1dd58425eb9821fcf67a6b35206":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf43ff6a1ef35c37862ae3b87171a173":"a1e670b3fd62039cf29edb61b26555bcd0f9184be4593bf6b20ceab263bdc76cdef34992fe0ce4d43bd93bd979b78bb252c120fbaafe4947fc0ec05cce4358a5089a841c7476b0ebfca6476e690cb9ee0b73c6700aa82aa8f4050f2c98500052a2d3274b30b0be67549d756efd163c4369b6df0236d608bfbecd784467db2488":"6c56540b3a9595f3c43f5595ace926bc":"5c0bc6e44362299642f3756acf09878bb05549eb6cd6c4942d39fe586ceac228d2aa9c92f8393e5017e73ee41002e60aa8b993c48a7638ce2ae0ae0eaa536bd749b07a8672fc620a5110af61232b6a3d527b36c86637cc1fa92c84008465fd861920884d8a784e194ec52fcbb767a68ca6fabb64ab0a0d680963140d5cfd9421":"8ad36522e4ad47d4a54c5eae0a8b9ff4911aa5b9b13b88b00488a7b678f63cf85945b8d4998d1007e27529b56f50b9e3b373bb6fd861a990514743b9707d535b40d1bdbc3f58a63b8ca30dd7934ee98ec3325d80afaa37e38b4e82d8851166589027d91347727b314e02ed08a7846e29fcd0c764834d12429d9f568b312081f3":120:"f5bf21d5eadeebdef3104d39362b85":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a0ec7b0052541d9e9c091fb7fc481409":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":112:"4365847fe0b7b7fbed325953df34":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9ba053776afb01d15915e7f82a04f21":"fb59858421ffbf43d09415a77320cc9250df861e4414817e7b78cab918fa890ea0400d4237f7ebf522d97318ea79f9979a73970296827a1a9690a039e6c605a0a3efc0077156e1b15f14d88685833e09f6cd6f783d0f50579de7a30907b9d8efc4c650ec57dbf7b425ffaf9a900ec91087d470409da4d67cae7328c15a5db1fb":"df26b109244f5a808f3ea7137f2f49fa":"b21c8101ac96c41bad2925b9b6c863f54888f36e4995820ebd51f53e323e46f528d91f4318183be0282312ccde8da075fc2e82041cb41a79e9933012a4cb6e9f89717444bc734da3b7e40e903e58dd0f38bcb115684227ec533c09a93c89c2c2584bbac83a4648f82b4c9207f43b61e5ec470602076ed4731756c87d4e0e24af":"2c306fc60bff58308f2b9f08d52369e87119d7f6de2279fcdea0c46c901c8dc5b4f83578b17a00786014a17d3e380e1af4b9f32fa58b9ac763bdf86ff0c6084afe413a5dcb7617f94d76e59e370eae4829e69bcb70f10545b04ed5fd137e1159f3961b2c01089ebbe2f16a91c782d4f383fbd4d61b66138319b63d79ce9fdec3":112:"d6db5aa539a6e2e70885508d637d":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbbc406a669b94374c7970f2ac10c91c":"a9f334d1ae7d2960f39da4f1df85830d27c0f13fa0bd23d607ace4cf58b359584120e7c90d3062b1b23b1a9e85a740c9063ff80423b5846257e4426c174e8cd77a3dbcfe12970ebddaaa00a8ffb554b2a80decc81f9917f5a1369e8bf7288ed868457993f480d8aff0b92b3db2fda233e32fabec1a4514715364d4f70f98d62c":"46152f5a68c03dbe2f28e69f5b52e2fc":"1052f8b2d3e11da53ba9efe02ce985098d171dff9b98cbc2f6755fd88214ddb8660225a63a1c8bcaf43ff3930e239824ae8e122068b89d7fe73c658ce030cb51dae9836aafb68fad77b1cb5bff8d7d9c920ec449181e10ea643cc73abb9620dbdfa32e06c29cfbd8c7cb8b1103763616ae6f9b19c4a6e1eed88c3971c4778c2b":"7b16424c508da3fed14bb53462d1805f0f9d09f803d4e166fdadbac76f9fc566665554317431642f6e527123ea6c1c0ddcf45005213b0f2747321fa112d7b893cdcf4c1a59e8bd1c48b7d77881c6d79de3d850bce449969305797196d187196d0d81dc3423295f552d3c27d6d70e42c9a1a744a039181e733450c9985c94ae94":112:"b51dca8e00988af0987860a663ad":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe96eab10ff48c7942025422583d0377":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f":104:"6bac793bdc2190a195122c9854":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f2956384a65f9627dccf5126141c7bca":"89dfd185bc33adbea0c69b55d37087de3fa7fd69a9fa76aa1568ac363c5f212ae92d202b9338ef397266dd8bd1ef36cab6d1368feafec69a4e3e11e1bf1beba35d96e040d91e9d3a838966bae62a15b18d621f33efd9ec511de4bd287c722cd39b4ba43e7a6f8c8ab672d69eac6b21a8d3544ab1d64f9de31956b93b1104431e":"2f61f76bcf074a3d02f51816c0411052":"bde1508823be7984d5921db4cab1ed3017c0d73cb9bff9874f39a6f5bc449719c1c43d8fb4e76f6813b0985d4b124517f9e4e2d3c552b2f75876563c93a44c18fb6523ee732ea5b6d13417db45120653df3820a32ebdb42d544768461b1d0b55b46b09f688e47240880930fca7097ddfae35f854891e21891dbad13f661a2534":"023a9c3ab3ed0181ec8926e4bfbc0fa63e38ec8980eabd2ed75e29b681b3ec04cc8b27fad3a7ce6dc1efd680479a78f02de7ba92f45dc03de02852a2e67b35bb1dd154568df7acf59081dfc05aca02c0aa9f3f7b4fd4dbdb671b1b973a48af0c325a23467ba5cb59183540f6edf4c00376be39a3a672feb9e795d1bda96f0017":104:"613eeca3decbe09e977e0beeda":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e9bb30ea25f50b3e7711fac05f9d44a":"17a52f4faa608dc9853d4511feb3dd9d2fb92d7a3deb3f8a7a6df3fa2a909b7db30babef12d9da71aadfad16bfd2bcb5706ef2addc58eeb8d8d13f31326f7ab1d0aabfe5525014f05cd8fb80e1ecb0654e62078440157df66f618f078cdf2b322b0f8878bcd924609c33e42059aa69fe0ddca659aea42ab907b483aa55aacc63":"9668e8b1ce9623ad52468431dfbed632":"f776c6e892e373ec86ccf706704d47cd89fa45c2abdeb0f9f6f32cde88c22f001150cc66f0fd83e9b75b97bceb98913cf143cd8a68bf06e1125031e3e7f09dfefbcaef4f04d7bf28aca1992a7e4228fd4017a5b32fc48101c8f5a609eaee9489d02200e8a13efeda60b57df53ccf2fe26309a1c1e1d40db6eb8431dbfe8d43ea":"407171db1dfb7ff20d5c97407375574220534ef75ba18dc616400e5e967e72db23783a6eb9506b611d0c67a83f5c423380ceae66d5dcdffc31e31239357b91794018e9c4c36c286f7b17ee911136d9cacf564baf5f9b9831779375e63aaade8734a91bd4000e53e5e412b3f92f8b68e0b7ad3bf6f274744e2c5a635894bf918e":104:"2741ebc33a4d4c156c21385a23":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa705ee70297e9212f70585d92f42aa4":"5e4b47d986d55f49708cb3e4d27072a7e850936b27b24723856acec7b2e03caccd98c2a002a2dd1d3f4dad8827a5910b42986cb00be7bff47eb401be5f324cd2cd3ea2fa41f4ef61f9771a4c0184d85d6023f37f3f54bb9d7cd621fe36ce11a82678a0754a33049106be597c53f287692ac5a42e59f09a2a117fad6c034a91b9":"89822c9db69229d1e4880afd19965908":"fdd655584a92e29a14a368f28a73f9dc608e5c2ffd308d4aeff7326bbef5ea58f84620c9ad43c0b598c271527ae60dae6db4ffd3f590e503ae7057d8c48e9b1bd8f8a8832629bbfc1391b954a4fcee77d40096eb5dcec5e0439375ed455378d716ee8f8b04ccde3291e580068dd7dbef4ba3685b51940471f24859f8e93b659b":"0f34bb4e2a4016ba41eb23e7688edd455f2d46a5097236d9a124ae0bd47349876319976aa4c3aa41680a63cea85f433e3a1b4376f79d004710d486a3fb5afbb7db2c41aca400e04f75ba91660bb68354029defeaae1853447f8fa0d470b25371da73c9e8ee841ba95fc273f88c2e4604ff29a131a7d73e60a00340e886df5359":96:"a247e88acbd4e354d7c8a80d":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ddeec78a0c23e8c5c32d3d4f9830f927":"134fd6be1a934053a539398aeaf5d3aceda3ef722a6b3568af6958a4b1207f7e9b9e835cfd46a7f3d4faed829ad23554fc7c0d1a9b32bad9477d9dd397a259cfb0bea30268aba7b8cf4a35dbf99a6b2ca968649847f717749bc5f41374e1574ad6c357f7b60b0cffcb822bd3924208d0472a973ae97550b921338792ca88fde6":"ae428ebb974ccfbbdbcf6203105724f1":"e3d5ce768c688e881e72f036341b2d91947e02b7327eb53240c85b0b93a40eb0f3346817e2c9e126209b31b57633c4384f7af46846d9bbe6fd0d6babc57b84d0f5be2a8a7b146b38914a4cea70273d5461126cfd7527ab397510176e790300a06066655907d499bded79f5bb39f6fdb03f85a415c2cc2ad1f25078f0da7df215":"865d6148c9820b67c08c17c9214de612ada6e24ed67933d13c3b3ec43637fa305673d8d52d15a195b27a6b2563682a9f98912908668e3335192b1daabf26e1e73d7d34764af006b0c14a0ffad3b6a0def59964b11eb52e829ad790069997931d09be88b8d60aef90e39dfcb0df4fd54b71597b8ac64670e703e7cb83efa3f2cb":96:"64b2458a6eaa6f12937a8643":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"829008339e983918b8d142091f84ee28":"6f30604d8c2fae216b1ed3d67485631eaada68fe89a7020d6e29f42b937e7640fc1f23c00ba48bf239740f6468289ed211ba81e809cda55fe067bdfa198bf0461daf86d4a7969de9a629513809b358630ce7eb50a783b8c98ec1bd5e56cb47032ee8fc64a939dfc4a870ea9419b16178109f1966ab964da34debcf00cc49f57e":"dc62cf12b6d0439578b457e516d8205e":"e700cd917923b16c968712b2fdbf08be1b5c3b5d9e42cc45465549898daa07c44b4cd321ba16a38aeb6720e217a58428e3a4cc125920cb3fc92f039b66716543bab71b64ebedbb1e5e3e8fbbecff3385ab0ab16b7f6554b7fbb3b4c92307c654361f984d5a6cb69b8708684d90bb1fdfabc0cb59f42c2b3707b3755a8c7abf34":"adf60c4affb2ac76cce20cf9f302b909bfda1bedc60be21b53f65d0b81bff08f7e90ecaaf12ee1f9d921926b75e244b7e8357c1cfc26013a6d1c874ed2e5cd0cce012bbfff0dff85b372d92c18dce887c1651b6467f173a67ac8cea194a6c41e77842675f60cacfbc9c81597a08959d19af632d3c191bf69505620e4290bb040":96:"6209c09dd1b7ea85d02eb9fb":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4aec55c7e4bb36c32cb543b57cfba3fc":"4cf1443a5448fd09e09e91b7cc5f8e00f53f0b75a6b17db5ab9a721167de5f7bc5de1fb711accdafb7f3f1bf6b98393e5f09e9091e26d1340122edc91f7e60f62caa218f1927c8f0032be0752520aa650f6f1ddf40412c96d49dcc2287ee17834504f1dda3f4a723e2fce064f0b8dae0789ec455922a14488623e3ac10b6e312":"6669c3022e0820634a95efa2b5578e93":"f6ae9b1aaba18acb741c9fc64cfba3841f5127b1cda5cbcd48af5987428daa5782d2676bc3e2ef23936ec29a80d6b5310282b39b77181dc680799ac9c8125fc48afd185cba2ca8900bd9a0039787b4f3a6846f3edf5f7b921dec2608fd3df67600ae0aba9378da0015bd57d66d2999bf751806d1b89214332bac50f721ca9474":"720c32b0d454f086af36a32cc7274e2f2fe08db9cf1cefecc14b42b3e5c573aefa7e9e1ee0042eee21104dc3e4d19b012099280c5a53e40a0bf662d8295dde743143a28be7305729767a37cbdf08fb3c87667939a8ffe44c96ad272e30b75aafada2963bb9636f189c37d976ed1c458295fe85ed19662c463d7c8155e9f04115":64:"4b3343b627095f60":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8629e8064b3ba2b95bc20dd075f8e931":"85896de4b6454acf8568ccf95ab68a632330ce71ca8b4e7bfe26ad8d7e2e6b63f2032e2cd365999ffd24ece0df16904d749d06e829a291f3d07fccee27d9c6f3ff3a139d9e33f0660803de8fe79dc6ad291fad47c93543522a1c38e40697426a9855255e3e0abcb84d474ead15341c6b235ccd755e58fe6e87898d216d65abac":"dc4bcefe284cfc606f39b057b7df411b":"abfd0cb6fee8588aa68606b7e487bb9c0d2bd11205611a6f30a78d9ccf28e827cef4e966fa245e4b7b39533a4bd00176ce3c97858b0c8abdff4c548c835bf1962a6115c4ce7c05b1ce5aa29b412e816abc925b8cb998eb4b69c43a7dda1b3cf0d728072d42cb5a489db521698c5daffc3013537bbf622ef76a2e96089b7d4b96":"b295ca0d7707892fb08537f42d28a844f5877177f136b4620f69b05c83f43bf2e61323e80076c88660f5385060228bdb91d866686e691cc7e96fdaff41f2ca5f5b5d93ecec7bba82515a6e0bd604c99ef93d3ea013d899464558bc822bd765eb1ca2b8b8a7d961a6a316bf135c22d2ee552e62d8bbc5b60ca31bb53cde82fb5f":64:"d26cba11f68a5e1a":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d901e59a491c86bf538f7b38247bb21":"4c370a9f316d25702195409d8e73bbfa40aa15c2b0ea55db9257a9ae4e8dccad14589718741a78e5a74c26a801857e388c9f141ef7df08bc01384b2b2338c38abce51d547056f4bbaf7484f9edc96df122e71f132b7bcb6484228c3ae2f741a2c8b9b208b6f49b07081334b93c501938808cdbd2e40cf95ae4f27a29e1121480":"39e2788c9697e82cae0e222a9e413d8f":"48d7d20e424df3c3efced29e860771647ae01312a96e68d33f982c540e74160a7fbdb623d4b19abb1871d74c6dadc56038954b154389b752bebc40cf4ee1505ec8d844e1a04dcae430befdb081cc84252e0840f5f5146ffe5b9594f856afc2edb33b3c6f9041c9631c5e3d812959c5504938635f72c6fe29a25bbf66a4ecd211":"262718671dd0e2c9a40b9d7297c7f6a26cd5fe4f301999a32059812719896d3a2f5350f6ec20d999fc80b8d7af5a421545b325de9180f14505f0c72250658a5014768fed63ab553de0fb01ab1368356043f6d1a6c9950c80e3d9d4637bbeea44c9d58a4148bb10974d507c62b67cc4e37eaebd7eb8e67077856cc5d1702f8e2d":64:"bd814b4584941681":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2f54229167862034ef6c5ff4a1246697":"af2c89d3600329779abfbcf5be8bb83c357d4d2435fc8f4c413b956b898d22a8a889db9e2ff5e7229d7495576989695a0b52d796f9a23e9570b7caec6b46059749c29a293d31a6224baaf73711bc0e4a587abe9d0379adec6de04ce444676dfd8672e6660cfc79d7ee2e7625ce57dd4681bad66aa29bea2baf936122c3db17e7":"8168ef8ef278c832fc0ec846bc9f62e9":"abb9ed24137915265bddbd4b63f1d02efa2a99c8c373f19077c7e1c389feae36a7af42c661b0adc5dc8e4b5520d334e8e0e112d42c2977fa23485c0a85aef83f1e52d6749bd29cbebe14aea6ee1c1098aa96c6360b0192894bb2001c7c0fed7f00bb84953c23bfdda00818d1568fb94c1bd971982d6c01c12a35ef7af34f947f":"cd6dede25433fd3da6137001219b57aa54bdf6039a5a8d66138171b006194fe3e13d484e5cf57a1acdaa8e76f001df7bf41cbed2c5561a37a32113fa116d0918167c29dd9e7d46f7c18d9db33d7f1bc33ac21d159ddec57a2e158f0c0993c16dbf50582371100a8d7c55cd47c03473c5770ad562240f754c99d95ec593dca284":32:"4ab63349":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b7b52fe74c5c3266edf731578d28a72e":"01a4b7da57c0f7d9aea51283004b23f899669dccd6dbaec9cd6e747c7adb52432c7c29d1411ec1df4e5e33311ad84218075dabe17f73c95511ce7950f08b618feff56bd452b33455a1a03caa8371dc7fb9aebedb3cb652d94e06bd00a98bb06d30b506d41cb516c759f6d7f793472e6d6dc9ae50cf3dc8b1ad3d0517c4f555a3":"a005750e9f8c68ae238668f0a8f015ba":"805cf3635f9d84c7608c242ee23a4837dd3f260de9afd6166b08164a0256200be9b52e5259a4a54186ec067ddfad90f5c4f92afd1c7e4f2d8443312ba3c4818b664439a02644e55467045071aa2cc7939a940e89cc52c8a53623bc6473bf843a4e0f00149b2ce1543a6540aa0d9c2c5b68ba2bd5791078deed1de3b5f48257c5":"d6124da0896d99fc7f2c3688fbca164f8fecd75b6260162c4dc2d2773ce75cf41a8c7a57998e0a7e49cc71e5ad6a04c7415f8d4fd11f1035d3a02ed744345d74ebc9c4f202f65bfa88d55c747fe777225e218f2149da22b53e6584823dbda42cc2dda56fc72b753f3923c443eb5c656515dd824d8c08cc78152226ed8c1808db":32:"60d86287":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a3501d9fbb86ab80f5faeaf8876b7c1":"4f0dfbd2aeab70c80814a1f261a1fe442eacff5d267fd0c0f93757919810f6610113f1b442270afcc47f2fa01ab01797683ec9267691a0dec45033c57f5cbdfcafdf154fc99e6140176eea92503b3f6fee5dfa5aad05f802e08a08f10e49a8b32a50c028f2bc7aa451be3747d10b96b3a1105c67c5167eccdc18b4a9b0612d03":"6d59be1833e75ce7f54ddc91ad6f5187":"3e556b1b33c42f1ad6cca67dabc6ff79d6cb667527335858e26cb4f6a3d8503ec415968ba97d2d79a3f80c1a10d75174eb5294cce8b89224eba7dfb258fb17cb5c5db7a914ace06e94cd2f2cafe3febc8adc4c2264afa2db2c6356e4c3e8667393a77a0afc36be678d5c0a4b63ae82d9922bbbc60559f331ece9947b67469469":"615ea4535f1e579d7aa45c011018f272c2e234c3ea9e2d102cfaa4a437c41e64bdef7a211ea4d858bdb656215e600911435ef9c8da68e8239e4782ced7e7add063f33f5bc62b85d9ae44ed1b139580118c5fc054ead08257b0a97632e8c503c6219294af423f0deb36758e05857ebb05c6835972488306ebfedd2ca4ce3b2c48":32:"74c6bf0e":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"195ddad2b0da195ea54a9dad0f86c161":"":"265ab1995fac4fca7c2b26c84e4a2dbc":"":"":128:"930f719034b76c232619ef2792fe6e65":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12be48e90c849063637b1c2ab0f2b467":"":"0020c3dff2f6f3acaaae982ce38f63c3":"":"":128:"c8891f32b8015024ca42536d633b1863":0
AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e792fc91675d5efd4d80d5a06378d24":"":"15ad63b969f8e313eac3c717ff9a994d":"":"":128:"de9a04b030954b0141dd78ffc67323d6":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a668cfd45b6ef8b766a4bb187d0824d1":"":"a111e94a6426ad9b4362132052eadf4a":"":"":120:"3a3331e6a41cada2cca8e856135549":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f36e07f2689832b914e0b817010c528c":"":"654104f9d16348231e6ba6fd30c1f02c":"":"":120:"be897583bae073f42138d64e622c35":0
AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"25d839a709d98ef9c0c9e78ece961eba":"":"b64537609040790ff648d51406710b9a":"":"":120:"4d5854c69cc973be8de41d5584407c":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"957dd619f9f19445c374ceda9e9ac082":"":"34887be03b4d4ca8ea2261b600ab0b0e":"":"":112:"60e2d50adff707d8b279bdedb277":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a5c9a2dcaf576e67828e806082d8e780":"":"f93732aac9448c4a427e634089d7edcc":"":"":112:"f67ed1c98bd2c5f3a738e75f15ac":0
AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0a30a816e8d4d85d40c8e4d7c93b777e":"":"bf1f332aa19682d05cf95f2b03d26af9":"":"":112:"acfb2f7884bc496f3089e50dbf42":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b45a16bba5fba362704149dc56ba8a13":"":"64cca850412091bf4e120ccd612df353":"":"":104:"7b1adc23af9be185e5ae0b0f0e":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0cbcbc1c72aa90e3ea7e2fe328d79723":"":"2fc5fd964b45082546636ae1e208a937":"":"":104:"fe091a768c731e54e2237bfdc4":0
AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"94297a1ad3f0c333cd9b087b1efd43c0":"":"52ec9dc82131d7b1c69c01fed6aada10":"":"":104:"5c927dda855b76ab8fc077203b":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1e8cf32008bdf867f0ff76e7d7ec21bd":"":"3854b7412de72fefcc4b0c2155f6910e":"":"":96:"cc8e7eccc056b06cffc307e0":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ce1a9bd93fdde2adfd8c2c16a395b95":"":"64072313ed36eef8209f079fa622d7f0":"":"":96:"cd9e8ffc1423270015bf8e8b":0
AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b15354ad3d874fe472719ebccd45f123":"":"1b2013153290edef60a6a438bd7517de":"":"":96:"f65a841ed510becf52b1eae7":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"14ef129784776647eb3fb8897915ab9e":"":"f7bbe9f699156549935f2b92c1dda163":"":"":64:"dd10fa64fd51231d":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5d4470053c46a577bba7000075e9bf2c":"":"854b768fdd7492c21618ca716bc8790d":"":"":64:"1f3c73722006023a":0
AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ea87d675a0d406c57f78a2531bfc0c9a":"":"0907503fcb06ee384526f7206180a080":"":"":64:"65d5466392b63bf6":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3e8e27568e6e17ff807cc207e5d4eea":"":"18e51cdfb4a3a5ebc7b0d7b17727aa95":"":"":32:"a7e3f637":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"596a602164b1a0bb50ef91bce3a98796":"":"2025e72bd6a511980a8ddce34565d16a":"":"":32:"f84f92de":0
AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"32ea8970a8cb70d6ffb3972a146c6984":"":"":32:"eef4b97a":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"869ce65e5e5e12c620076365f149784f":"":"317bf07e83c2e9717880b7d080957fe1":"ee185d738260de67f1792a7d548ea73267fbbb6543bc081fac43e00e6cca92d7d646f27054894664ffdcbe635e34cfa800912b59fdaa624b36c44c9ff4f193d3be2f97a7820a6d4ceabe967091ef672098baf82dd3b671cac4fd4f4b14e4ee388fbdaafb4dab2385df4fca23a78d31f11bca15eedd7cac778484258778106a07":"":128:"add6c89153c4c0eead03df44487742a0":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0a05baee927bf23dd2f4b57b90fb6434":"":"8147e99dc9e462efea9c1d7f30bdf45c":"6424ca7fbf24c6c3b0b5eb9d769b26a9792c96a8585dc596208ae6cfc0b265bd8d26af31027f278bb92a9e3b365beae8d964ec7a4096513f84fa73f8739fa7e11d54d678bed19546d2b71b3d0166b25b47ad7cfa69d74057d889258a796a65f2bf8d3bb151f4e721d398e74594a186e6182c16fe4c8813dfec67215b3c4a94c0":"":128:"05fac5520a99ad7fb407c48995a2c331":0
AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"":128:"2ce6d74cda466354a736636bf18acfc0":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b2bec16c7d326a35a8e4c0b8c2e3674":"":"4573eb54491ed91bfa2185b762115bc8":"7a4a6b3114dabc50b201472c5cb13a79430f78eedb2ba8492c01ce10a74d08565b9bf9874bb8fb72f694a23babdd08684cb68d7e09e65813728aaa5c41f9c2b10d921f8271e200e0c519c7c46f572bc9fe3f27e13d1e6d7bda4bd66c1c4b0fec8c68a1b0ed7b0659009dc894ad55e0712ddd0837315734f2bc3b757241af35ba":"":120:"5f5d4695795b8580b0bc414a81b002":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"886fb12554b075dd9663efd076acbe56":"":"7e7a73542868fc27a01865c3aa635ad5":"cb25c2f029c7a877a0aa565c7f7347b317ad534821edeeea838996dfc42b13787e5bb237525ac926ca8a6c5078210f4a27863e8114c728d09653fa93ae990e99f0c856bc8097c2cd33cdca1a407897e2f495d2e75356aabd891702f25ff20e6b6c8a785d74b78a734e311fd236f9e970202674004ee4151879d59340b20aa23b":"":120:"8255116ee1e3cf936633017c4dec3a":0
AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"920fdf4b39c63947d57a07eabbf3f2f5":"":"77431ebaad53e42ca7eead0d45e5bd18":"11f82f9ef7c2161ba73cf7da82c5397da5e8278da180a976f43222402e983b057171f793641a8343d6366d6cc9260dfe8becb8396b5bcfa0f46908bd809bdab61126cbb8d63f601965fb9e4b3afd66c594dfd394d4cf06f79f361771a85dcead6f45dc7df10fa434736eb109a76fe6cda32c5773d4db6449494f2a3f6c884bfe":"":120:"1291cbea1a9f8b166c7306ff9eb281":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"114060534f526895f30dfb4007356ea7":"":"5ed7fb59618ec3d081e60d8259a3f184":"a56566a98d9d4fdcebc932adc405e0b8190d537f931983168283d0431e7589333d42f2a3d6e41f268e7b566cf48694cdcfe01fbb9198804ad39e7d387039575c5de787610a23ec265505a448c3a64ddac1b0d8c567eefe5c3c2dc1bb15af45b4bd8fc2e1506ddeb2e39e04f72fd24a64cbbbc929800e0687b53eb89b3049f271":"":112:"62f770b3985388ac37e14e8d4696":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"697ca4e9de580b525d7149e8b69e8093":"":"e844153734eaebd86983aa3bf50068df":"cedcd5ffeb7988837c38a0be4234ab1b03f14367a1a3854b6dc9f33eb9a87c411326e5cb7d12dc730cb6f363da2ba68affdfb651fe497942e0dd59668f56c23dae80b7bbf905d36b501ff037fcdffa472efa4bcc1c975b67e5d7f348db73e0ce648b44ecc5b5bbbdf3101bf32ea99e3c8e8991c94fa609c93d4b375a4389023b":"":112:"95becb04cd39c868c9dbd1d4e59b":0
AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2fa92cc97ef469efeb2c25838193435a":"":"07e6492f2377c04a85045d24940fbe8f":"0f021fb787c6de2be054bdb2741aef82ce35d951de2986c86c3dac77ee0804dfbd010d33a5dcc109769d4b8ff1471eb98fe917c7b0b374e80539f2f4432f92aa55d8398a71510c2acf85c54975fb09ff5638b936283efa3c1d3b054865f97685d6bfa0dfcffde3a20525b5324573b69dde230ea87c685e4f6b5c3c4c55828a86":"":112:"397b2b0dad7f1926bfc25a3ba0ca":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a61f8a5777ec3da0c3e257d421286696":"":"14894cc4ff71e249f0053bbc1680331f":"9df46dde257054160854248e70625183bf957ecec36fa4f5a79a1650e04b500f7f2fab4bb873f0e813f0d6b17610bde0de95427a8e2d1293dcdde053f5b1a5a81af25d553289e89e77e4ad7d0a1190151724730149050bd021ec61a08ce2271390161c752df8b5f61c33ee39366de4c1db41d085ab9dd88e170e8c41c571e2cf":"":104:"e062ab7984221ed226be353731":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa2d04f4f5258c6363b1210c91aff7d1":"":"6b24c03273dcfd508cead2df0c65ef2d":"81a1b326f8f22bfecdf1f386bf8fe678a427e3886801b823a37860b9a832356724b1d352d6250cf8e8f89d0bf2314fd11464c3b4871478f0bc290ee1096c8f6cb5484176d70762289b44309d6a88e4750185abf30901bcf8d952da9abaaf9807c0c0ee8be2b247dbbfd182b83f9bfa67ca3bf448c3f5a3de3c31b058c3f944a9":"":104:"80dee09fed5183d6405beeb268":0
AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf221e6cade9f6cf509afa6979cc1fb9":"":"d35433be41a259dfaf58aac1d82af462":"b31c477490e5624c4aac8e590725bfa8b3efca618e2369e9b980d6a463a014d55aa8317a9e70ce6de7c574cd15242cf4eb3eb078cd2f49fd82d1a56c6c4241342e62a2e9d94f0aaa024055cb441d650f0a6ecabfe9ef563d6bd87d4cb1bed348aee42487c13b73e52fb70f0ca6ed81924fd519806e04babfd08df1a00191caa1":"":104:"f1776b1ee7a3c49f99f34f582d":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c98eb634c7caf52d3f3d9f344e141988":"":"a0e58176826910a69c2d68ae1c6a05c0":"6e559278bc469cc670c4d9105c3c2f8fa308e11b4a60f75664a9bfaff4f0176175ddd3c6c17ff91a208dbbc7c49efff099fa873f60849ffaa3a3003419cadaa06b92a678b80bf6c952bbbe596dd0a2eed35507c55c48a9e6131bcbda0621cff87e02be5d082944f2c8e27211527717272839601b0e26cb5aa2301afd05ae1b35":"":96:"3d8617b2db536ba7d367013c":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5018f4a8e2a850979b006d0498dd0fe":"":"75e4bebdd170159cff59f895ebdeb118":"25ed2831fef205690381c73e925ef7ba20d5f2e3a4b5d7beabd749fafa08a6941acb1385aed977ea824322d378649f646a812e6c87ded6ae437c68ffdd4fae937a8498ae825d7523746730af84d56380be8f575c60e7f836a862343916e98cc2aa5a27cd63cd92df63b8bb47c81fa6a53740a125bb9cbb247c916363e60f5f65":"":96:"0aa5aced93e0237bea9a0015":0
AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cefd40aeac28fbea6e3343a125fe1c9a":"":"324b9722166edc3831bd19c1db5bfbf2":"72b7a4289bf7f5a752665839adde8f79644424839db059ce40de326414c09691d5c7071e43722104a94e430e263bc974b98f167c50b97490bcd4286b502f607ddcec5387695463154bd9598ce8ffb6104d1f7010bc196ea2dcbfbf452d6257b1da00271fe1e6fb56c43656d5570b965e0369502443536cc46d4c05b1e863ed8f":"":96:"0c6b28de22e02fe6a4595d5f":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"58cb7cb58518ff3fecea4b44ad9fdef1":"":"fe619efb1c9502c03cb8a70792f9e046":"1a7c444a84267f52c36f3c09f8c4a88b6ffe3309b8edaad93a08d3961af28b7c2baba5165f0a9efe13fa6a0ac595da156741dc7f728c11edbd8ab02f03e45716be504778a75374ee882af488bfbc6cdd58fd81d3ac5f369f85ba42c6fd7f9df4b25fdd2fd32607ea800047e06058388c4f71a5eb4d825e8578106041c84c25a1":"":64:"8243f32002d33cdd":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"15cc4cb979a343f4adfb821d6f6e9c66":"":"68464e7eb64360c7c0a8540ac3473513":"d69f4a9595a48a50ec33ac1848df3d994eff838b28ea7c8b2c42876dadd60a3f9769bd4f61d8007c9dd4fde55edcec8f5ac3bf23b1a958fa714dd88cd5261edb69b7b086ef0f442179943f0871a6253aae99d31fdca448bc3efef353b5cc55cfc576e4a7fb73a5ab6b5af58dbd381bf7f9d69a5c2bfc902901fd485967b23bd9":"":64:"c0f4302d8276c3d3":0
AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6398de910ff8f3acdc2217811a1da2a1":"":"fc69b21ec18195901ffa62260fa20454":"021f225240cc9a68c4886824d373f3a70fa32b3a926c78164642450287d269d39dbd49c8c71ce7b914f83e8b53bc61c6773f98318557b45f0cc2ef2539939df7a1e6765117f75631dc5640291d20e6402d22cd2e231f9c2c67cb24ab5d8a69933c49b89c9fb2ea57136a6bf1bffe8e04d8d6c813040215f051c654d93224edfc":"":64:"314d1a332d3c590b":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"382d86868ccd08d417d94f3b73729e09":"":"069069c377958235171437b34e0fce76":"049af372e34ef7a92d0d49cf2dd03052dabacf2982eae6a817e6146ad799971be239ef5810ec3f6cc6990e9641a7b696392ad3faee38bb50746c1e93913c02dbbcbc6bf54f0d062f176779b7c0dd5d7ec7752601c9812fa80508a78bbd26922bed4f64b1ff2a8340ce1c01e317e3526cd8218ac24af87b07f8792849f6479b8e":"":32:"ffa59fa2":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"21052b2fc7bc7a662aa9dc4b6a04f25d":"":"d7e5432def6a24d486a608e5c5c919a8":"1970ed40003bccabf7f3c57bbe5ba27e4254c1511413ed421cef3a6ffb9f0192987de83ae965478c3e9979637f8b3fa5d10d69b916f03fdc92ace7736f171660156d880114aefdcc164adb6f8c03940d9b43ce8881441b41cafee3351a56fcb632aa4b09ea81adea26fb0d8c6e1ae380df922a429ae1f5b82b38d9bda4323c51":"":32:"ff342f4b":0
AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b6c53aa91a115db64653016375bd747e":"":"8163a4fd9c2c7010bc85c86177b194ab":"93cddd318b999262c7cde2838cb5c4d78f3eb1e78d305e5f808fa5613526d724e84a0188ff42a2c34bdf3b5fff70e82b3c30346e179fb3faf378bc4e207e335a44da53a5ae33770104b95397fb5acb746e6418d0dfc7368b035af53b470fc66bd0c210b68ce1b276820b621e919f044e5cff5ced7e07dbb8825bca6b4ddd8ee2":"":32:"50b8acce":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2251815f5bdfe1111c7f9ca246662f93":"2247e781763edb1349db2cda53e5853b726c697b34497761373c3b6a1c44939207e570e14ea94bd5f9bf9b79de9cafedeabc9241e9147453648071f2240e10488c6e3d7077750a6f7ede235d44c5a96392778ec51f8aeb1a17fabe9b6c95fbc479fff954a676813ad3d2f71c76b9d096a0527f2e1b151aa8972147582c0fd2bf":"58973280c2a7122ddfcb25eb33e7270c":"":"b202eb243338849600e2feba7f25a05fe98323bd7cb721ac49d5a8136422564391462439fd92caad95fc8cdcaa9a797e1df3ef6ba7af6c761ceaf8922436dd5c8b1b257f801c40914c1331deb274c58eed102fd5fa63161c697e63dc9dfe60bd83cea885d241983a7e5f0d6a8fd02762084d52bf88ec35f156934e53dffc0395":128:"c3701ce3284d08145ad8c6d48e4ced8c":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3199b70e7115c74e3aa3745c18fce8d1":"4fa0b090652d5a8dcd9b5f2ceaaa2dc87a40b30e2d59bdff09e1f204d1b90371de70935c385cf5b4d7e0c4e88661f418705370b901b97bf199b366e669bc727882d4aedf8171a8c39431f11af830358cd0d9e110da1a0cc6ef70efb255efdac1dc61e722a2d8b7fb4cd752c6350d558ae1ccd1c89f8ba44ab697df96681ee301":"808a019f7fb761e9701c0c4f1a1690e4":"":"8d5ed4146fb491db9456e92f753aa4f688a9bc276e6aebb782a0cdf7fe578d74ca3946fa7b7893eff6345e64251cb1b146442acb64041324e2847481fd4388b17f83206948e67c1e66b894d5d40ecac0bbe4db0c6f58b65a1f19f29429a9e76f78ef5dba0c94d88dfc06e6222a506f004d24cdb3fe26d6eb6e08e4fdf6289651":128:"908806d668451d849ba0268523eb0e4a":0
AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"63805cef84ca7fcf281b226c3ae37230":"543fd64d1454ef6c007ee96b3ff5d2e4b7f5d15c23e7548dfd1dfad4da7774b8795e817fab3be7fbf8e4d0d351a743ea793d9d01385a552f78ede054be079aebd1511013de2096456e9fc1b83457fa1240cd39c17440d4b55c4e390119a759055ac851a02ea481eb83e294922d35f687a56d801eed638d289350e141116ffba8":"1aa9e75d7854509a85d995ee482b8eca":"":"98db9e8e3ff23f09e585e5326f525e4f8350a1f233a0aebd60d5951583eaf5220f1690ee3607ba98cf8cc99a90efb7197835957f2bda918a32e528f55d548e3c83d65910b956634224cd5415ff0332c165d1241f7a93976649ebed2cc7e62addb76231bb738ee8a291b62365965392aeb72acc5f0fbd2f88f5613fcf44a1b074":128:"9b1baa0b318e1f6e953a9f90b21cd914":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ec9245e8f567e1cc8795bbf72f2999b":"f266d0060d290339def5f6d8dbf7d120a4c645aa90470e168b4f35342a00b8c7b7230003657d377d8568d252765df142e97a9dbfb9711d9ccf396f3d51bd91673f129d58efd80ab83a0678303e29a0dbeb1fa9fdb7fbde586a17ace65e894374ec8da1ccd3e21851ab998534de46cb43b38e241edc04b5c571dfc0aa0074d4fa":"413628d9ff3e4067d840b0abc2cda0eb":"":"145d83092a269c8afea604e9192b8bb550b9bea85f842fcc4997c2b00c6f3ca46100e814e82389f27a69a12d29340c5827e607657a00fc72c4de30079e23760769e800ee4ce46957f82d61935d07d1c70dca836c19969dfd0fe0ea740a52e2d09b1c9aa137b5e8527756fb2c2298f8400949ba24a8351c1093626723a68a79f5":120:"ad174d1edc713c187a5859a390fff8":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b08df4acd253f9dd4abc52c4be488015":"82f665910d853fd2b775bf66a1707935443574c90483fc33ba02d6479fafd99c5f816bc58a1393a44fb32711fbeb0d6936efeb3580f147c3019e9f2e2ef48b202bdd369c277791bce524f3b22ceb74c664143c4b1da819b229a5b480aa954be110ca006615d9cff5a158342a47cb6d04fbb817ae4ddff6d4f86b74205799c9c0":"e1c27d35520ea527f9a2cd9b0f717841":"":"f5b0fcd812061be999901595b3547e70f7144cc9e0b0098262be4c440e8637af782f536f571534a658ad1fb44360d9c454d1000d6957f261401e09c0f19f5146ee5433e378423f9c94a90af2185d38cbe2940a459d8409d987d04a1f3e686c2b91d4fae1f3e3bdc5a30569838201b7d30c7320d7cbd787bfd6cd40e7e2d071a1":120:"fa31e58fa32d1208dd8a67fed44033":0
AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9c08d6efb167beb035f71554f64c12cd":"704f59d5202108b949170532ac1e78edb0e06fa323c1c69202d7d22dea4d7342199cebe949e980a21ff0fac282b868cc31ff4f6674c393c0f2cae2374664314afaf7791974b6bd6af26ade7fc266a6cd2de4f3c1f479f895ff597998cc8b929c1f05db13d9b9a4d98c9bc606eee32915bbdaeec6576e1fa6e8b22e0bb1098074":"608d56f6dea2fdf175eae189d42a85fb":"":"2c7d2618808adcf8edf5a54119471b930e07488d5fac3dcb53f4ade43674d162881bee1f27dea6d158b254d4b432e17f211515bf595a9874d89f8cf748ddaf2324078029c6463312ad32eb0aa5ebefc31c7fbfd04b37ba6b766375952c211d160b943e9d3c5e144b581157bff9071d31cfc082b55c4a0fced386ef2fc75e1a7b":120:"7a1ae03e2838294e286dca4fbbd9f1":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"192dbfdf86e48bf18710e706dc90e356":"1d7c45c8ef6f9f073c7f186e4c876c2b8fbf22feeecdc111a19071f276e838ab0572c9a68e9ad464fa88ba8d8a162e9f5ee1c4983395a890990357673467988c057eb8a0342c41867baab41456edc3932531d1c4aa0b42ce2b388d2be579dfe332f40a9b864c5e33e2b3cfd73b68d65c4db9ec46d3ba1587a56cb7887dcb3c5e":"1a511f85e0e138f4241882c20689f881":"":"3e50e821fbf83433155de7b4eb3c9a2c148b08d9d3998a3486f517fb5d0a1338faabbf95e85fa9186385bcb9e26aaa5e473d3cc7af869872e4fb36ad16c5468d994e9c71a09dd2868977f3f9064664f6ffcbac1bd313a7803c304273d69ad20369bad36adeb38480563bc6db9aa0d11a0e03d09731171c1229a756037b2c285c":112:"9393edf0934796eb97a8c513bbfc":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"daf9455bad8bee905c6cd464677b803f":"af04226cc6eb84f8167a68c2cfde33a1521dcbe781e7b97a3fae732bcd8c0616a588200328902faa5a65a27e769a720d7ea23333cc1c66c4d4e4c53facca5d6af06aea7fb49b12b04cd6ae38fe28d71cd66f769d640beeb07f508a0e3f856902cbfde6919077de378cf0486cf177f897cd0a56b69db3a31b448ebbf8fdf63736":"6cfe8490e892f5ddba8bbd1cd522ba0b":"":"e5622ca7360272a33e30f7fbeaa00956e8af0d871c433c070c8854d818eab9717293e845106770ec07da372c75266239a225ad74465e255520218c6736e51070477d70976aa7d449c32a5c85bbd6931c76e9e4355f9697bad2ea3bcc0be005da15c62db219b074b71fe4a5512157143df2c1f70bb17c6d3740d8d20eef88535f":112:"25fe6c9b2303b40ed31d1beea39a":0
AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82d166dddcbf4f7f66aa5ac6b12516bc":"7883f4f96c0ef7f6d9fd7c2eaad25995943078559eb24a3e6650126ddaa32301b04f737dc27b648d6115ce08feac862cb888073b22aa648c752934bb7f9c566209a97499236f782758d6f6f9a012a2fb6885ca91858f9779cc93950baa731f1874629351e6186935475a20593f66cddefff89be0fc0f9b57695b147d9acd8157":"540c2a07689bf314bc8ede71df3f4358":"":"44806e76a40bbbc2de860cd36e93d64c9f4c11994f754db6a279d6eaecfdf19966512de5223d8332a407381114d50fadb03e33e347a5f4d87c3fbf35f2d5967ba295003a2c6c12fba8394aa5b7a31365791c630734a6b2ef84eed0738cb4bc229e93c4e8529aaeadecff7ab93887b9fad5f05a88a5ba9fb449053ce4c6375d1f":112:"756d65c1b8a04485c3944e2a3cbc":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"81c1fca371968513a68ac09a7459042d":"182cb89c94171b685016bad76c445cc4561aff8e3170dd251f62efbd44910ddf8eba8a67dd1a237f2f7336f436edcfbdf9928e94c3488189110d672488c6c4e0dc4a1fb6e67dee9a1bfc3f49d2f934f305f139e98f0ba9c1ab56b5ce9ddce4ab54b6970bf6499e5e825abbb23f9e320ee05aaf0d712c09b0134839c5609e178a":"7c962a92b8daa294b4962cc3020dcd0b":"":"f91e36c79db6789a3acec9e82ec777efc1958e7e5634d30a60239eb7cae1b48f40557965e8a6f6993db3f4ae443ba167753c89f52f610ab69159ff60233310c1bb2baccb936433270f8839758bc85c53604e771e3ab0df6d6bb02e860d0eb27f425c7d30fb7566aff982d289228da5ce5a45842e10ffbe9016c9e926d7f69863":104:"0114c2de8f733fc18f203150a0":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"09ce73e733e880c6d7be92be3144db40":"a283e20adb6efedc5530f4efd71840d5fe61c902a7511cdaa939f5030880f3675959ee96e39abe082a66eba2a5a93214b22c249d7167b7a0fda360d02df855d508c7ebae7016137e54290904909b2d41a59942abec76612b17ea76ffd1ee715aa2b05b1314c0ab28631f3934d0e9efe2aef0c711e75a5c62701b3358a414958d":"f72a2fc910fdeeefe8743f57290e80af":"":"fe9a7f59abc3720706c33fa40e106663d26c0f8da0d25deb90ada8130b6f95aaec07f4a7db342b678d102b2c81464e4ca9458732783cdc3a9d504232f44e2878b0aaeec0f88efa5d7e5fb146911dcdb4569de7f114e1854ad7a95894561bd0fc4d9a5b58b5164872833283ed88fdb4900b2a596db4e8379eed4e3a5c08d5fadf":104:"9de97bfec1325936bd171c996a":0
AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e61d415db78d9f2695344350e0a8291e":"730c3fa9e07eea73a734b17fcbc5a969dc2c04f448f44c7f6276e32ae3504e9b15fb664908f530e83a74e25a4525f74d315ab85d7b85005401370dc50fdb86e97baf3e7acb403e476193527a1a5d642ffad6cf2555d16d28cf4c4127189056389368b76aea806906b0a38b808cb02378eea48edc005cf2c21e6547502e31d2cb":"e09dee93466a3f35605b647d16b48452":"":"ae87e754c1af1175b474b0718e3560240f55194d946d101e7c0bc7af18d90a50fa41d68516e45dc2a4dba48d457ebff18a657a873e15620ed7cf6ed3a26195b9d354ea279b24ec7802e4e95d3f3765188a64d7b8d4b7c215e7d67385efc6288724a33a1a7994f21e0dc2970076af7cf31e9ad1098537543052a2b0f62e4e8a87":104:"5de3c5716735d7d1b859debb6e":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19bf00b228ddb6e8f1fa4ba85f866475":"10742aeda590024bac2696af8402580d2ec6ba3f51cc6f79b6cfbb3057634ced6033fa43dbaec9af8ce7e9706ca699ede88d89caed89ea023d14761bec49da724538b4f9672163a5bb5dbf92f5278fc0014eafce402cb408a1eaad6bc17ec0e835d6b80f4701f946661757b9b2d54d1b137841519dd38d72835893ea6d52a27f":"760c5b929ac3d33bee4dae0088a894f9":"":"b03d27bc7f4c9d48d555a38091347f371d0522ad4c347b4a23194c234c7877cd3621ce5a7c2fc26b38c7e6f1c2bf228ccec491f5bc352556c08e4e19ddc4e4b2c036f45a42aa425a5ff9a2e9c9e5580b538ee56fa804a86d9b1b59b6fb0d00216a96936755462979dc14990935919026fb51cdfef05b8dad03320a8112b7ada5":96:"2f1cc79408c85a9867214061":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"65bd9e7d9009dd6110dca657ccfe603e":"c1b539324a001901c2461b9747f605a2f4043b9b0f54d1357049fd1819de06df6e29880d62ef7d91f9cdd1108f3cce323f6c32cec16f7bd434e539fd00ada476ef41efe7c6907ad1cb726717ab56d6e2d32042ee2df3f90d15e1515f0a15a5f06703e06e14229d18328116148b3cc39683918e42927f62aec49ee9bcc19be38d":"3fddf7e943326e431be540c49bb917c6":"":"2813d6eef070cbdee9d5d71caa8a88c631f0b71c41813c6219a765e4fb3e6eff9afe8f8f4394fbd5646fe80bab78806eddf7549d6ca3d0d16d47ef63db93cb5620e3814efd86be151b338ee6e2c681bd37be4039b2ea4a190feccd7d65cbd56ebda81f4b66ce12cc3e2cece731c37d4237a9dd0a2c1a7697bae42176a673d62a":96:"96200bd3e64d5eea746693ba":0
AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b9b8ac9215289aa003cecd53a90e0407":"8a6fbd067144b6d50ea73a2a7abba3ee9677bbf00312c70d808fd124541ab936229d59842c8846569a063fecb8bd1945882abd987a936991d5cdbec087937f91c4f5513feffa1984a6b8d04a7b69eb4e93e90b6825778cd2ce9a0ce54d4a468c93884619f851d2294be0bbbeef5fc0c05d2384126289283d5ddaaccd89711d73":"27d367f3f0c60acf921f8d8b228a0b2f":"":"42d98ecfb4f707ec233c7f990b0cad8f39546b861b11d8cb9d939b29ff5ab315229d946ff55927dbde82c03aa73fd7857b2ad38fa55a827dda54d2726bcee66347ce42c9cfd13ba1507d209ff2388c0ea2474e17e31d8056593b722d3c2a302a716a288592b0a36547c7fd47f7595fee9d30f5bc09a9555d7f3169e26a924db1":96:"d66974c95917ae1bf79b6685":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccbcc39512425bc32350587f0fc3e8fd":"57d6ccda317b7ea150b18d9558b39fd78d9cb52509aa5c095c5b46da89b79918c85d469ffac7226caddd670ac8f5add47fc382df1f32b4de9cc1b2ca7c2acfbdcaa08429b97e77eedea55c8ddc7814fe4c3cc1e21f95d94301ab77b4df7572d0b8778cb2befc0f4c4a5e93429ad52d6c2a75481f38d92edb1dac563154bf90b2":"0862ebfeb40ff24bfc65d3cc600f2897":"":"e6a77e90750cf0e4c276c50c3880b3f6fa357179cbd84e22f5b43cd10abcbe04b43f191ed3fabf83eaca886f4a7f48490fb1fd92ebdacb68c5158e9f81243f7cadc7a8ba39721df68dbf2406fcb5dab823202ceea7112e5d25952de1b922beda271e7677421fde25f8cde450c40667387e5abf8da42dfe891c52bdd9f5060dba":64:"927d13cb90ee5f44":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"396b53a694b28b717c104111c4752074":"bbc3b818f4ff10b6822ea41f63ca53c27578a8126f5163a5014c60e1bc8c1a9bba67a3808c8aeee09ba9e584a3584e9b86895a3f0db2e64e71bb18b843b12f4ebbfaa1dff3734196f70c5a6d970277ab5337e8b940ae7c957646f8e96c6b5d84e9e97b620a926e655850d09bc2d94678704aa45d1788e7c23ecf37e2904a0786":"0981a151c6f6867d3830c1f9ef99c433":"":"72a5587076a1050b2b514f047ccdf7176c118db9236c0f72091513da39d7416734ac50e0a35b2905420214be8426a36e86863c9957693292bfc5bfc2e93d234a09e80f517edb7cf8e5d21d5ae6c2362b779a9b62b4c66202894d369d219ef0e4b52a342b71f248c18ffc345dc7eb0b47b3bc83ffdef921eb42b6d51abd889ef4":64:"af99f8797495dd16":0
AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"af090618cb454324a82a75a91944dd6f":"3ebca6ff138c527b851b27b9e3917bb9a07282197868351dd599b74b332610bd634422911393171305caa4fe3f6e89ab6c033ca759e118c2d8684b903966999125c748e04312ecd2c1ac3135c3be2df9c8c67be4d8303ac7aa6c21ca7b7c20b1108f5622d8e6079f41e4be4abda99f782ad35a085b7db83482dc71b8e5d8e71c":"3380a6f20875b7d561c4a137519cccd3":"":"6be8eebe7af78c062812513785e9803f302c771e8215e4c606fc5eddc3efd8b12c96e029b4287da55d8626583e58ce0e50c4ac5a39a1b0f309d5803386738397376c0ae155087f36fd86fdda4b5c8dd079011fa9a134ca8a76de570ef165b20d7d803544cd2f3a0ffede9b35ca1c982978bf95ac100af755553fdac38d988fe9":64:"3e869dcac087aa6c":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"041cae51d9e631ef70115be58f8818ef":"f6748f4a261d876e37fe44a419cfe965888aa5ee195ae12237322f6e7ac4bfaaf16e8e29be507e2978339a1855ab918485011fd52f834bf0876ba8d89dfc01927e0930d03c0ac7dc7ba1554a879a2051011bcb34a5e4c7cea4d4fb5ed53b41ec8d17bd52b2e1b9dd417a84ac5913ce3f9fb04daf4d14be65f49d0767b9431b47":"c32f227659e0566faa09eb72d99f89c2":"":"f30fe6c8765c8c0af579c95bc2d182ccc346e587a57aa226eafb692675377a85e9ee08339a047b9cb674dabf5a25301d2c8c264bc06573e36e55ceaee39239e367b8f1a3d781a2020e548001f9f98850994c3aa79b13dfc93c1d7291befd91e044b2f5d2583d1a9f868fab4afecd46fec7d315b0cbf8a7331ef8f588d75f97e2":32:"5629e1a4":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f0577d9a7dbf7b4ada5b9758eec4c847":"5b559738634825921b5cb620b5b9f637f8b7ce33998cce1ed1a23ff01f84e58255d852a02e59e4394752405ecc15248f7616a33e64936f726de6fc6d10c3fce9ac0b3fcffbd755f16bff8462b3be24f7cf342c8d0bf1ca79b1cb4ea88d690644998a8ac3cafc8c18c8cb737e38a681026d46966b89c7d6c7a4ce7a1e1faecdd5":"b432473ae67205bc7a99f5ab2a2721e6":"":"ddfe664e28c5face3761deda1ab2dac6e36cfed538e3faf9d79c54e3c85b4baea9eedcef7f8f28c2feedec72ab2cc6aaae101b99512ef18e759b7828364e4daf9a572f8c6ad88eb82f7304989345aa4985e498dfebc58cbc45aa31c18c0dda5b1991fd998901c65807c8cff6058b1d5dfd583297da8451cef13f246547ad11df":32:"ce55ac00":0
AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ca1d6ae9b5ddd6e3d68656c508df318":"d160740aed955e30c1f946088b5bc5bbaf5c84f282c32f65d099509993628ba5a51b411c6ebf57d58e9176b490ab90fa8db8a3cdc67a5f8322d06d719d91f00ca07aa2a3977dd0838487f2e9d4dd285067a1f72bb8a6c9dfca107acf1f404995bb68ed9d7e12423efe570f144e0533fa34b8d0b7156112b85c94a8fa33d7a6d9":"68a494c9002dadf4f0303dd0ebd600c0":"":"276e362cb73b405b10a98731333f6accf0d19cb96c21419d6d56b30dcf73f7208906b0e3eb103b721cdbb7eb1d4ff29ec3b7e9d433205bd9ec48c59d0075a1507ddf09275426c0ce9a58b973e06d6fceee7054ba92b1df771011ac73e39e451d9ac3375c595631090a2296d423e3ef806ac20770abf78ad04114f65661804fae":32:"8ff9a26e":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a3e577743b4581519b84b7538fb32e7":"172a0a14820448e5ffd017c18ee02219906f721c915c4f0ff13b7b7889812c0edb89f28be0c22deff76bc975d1ef8ef3fc40b10cce0d78933aa22e6adf2d4b7ee4ed6ef487eaddb666afd8671427f7525eb99af54a55d98159fc5d651266c65ccd915cbba60fb6e2c408ef177d682253c0b5410d77d08be1d8f175ca360becd0":"1e155ada52e250cee145d69b4a307bc0":"b9be2145b842d2f5c3d15ac032010400bffe31856441cb484d5c93e6710194b13e14077e132cfe03985d4b936bda9383c22c392968c748f7265213a8eac584aaa11eea35589e3536e39b3e4418248927fa9fcc027c5516e402445068ef793d349eb778b77fb0b37f51bfcc3c21df9999ca9985cc5bec6502445b068c2d061f41":"b5bd224140d6b826062e55754299a43a87cbe861360334897e82b7a6023ab0041736479c9aaca7c73f27e239a63e7433e048a8d2c2d26f0b18476aca7ac20837affacdffb57c618ce5982ba61fe1792c8a3a856970c095b0c4695dce961a354135075e0a786192d5875d16793a3ad0e3572a81efa24099f5ed9c92df55c15dd1":128:"74df58fd4a2a68657ce35a3ef11a9c0b":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"deb0ab6e8b0f392af6b89d253e923f1a":"14a86c431bde5c0861e6bd2cb748a13b9bfb2a4a67a0bcf067960b3a9c7a75fc7ea321863c83693c70076462ec3179f4d82ed4a1155a4b5004842fb47482bd6a83804a05af2504f6f535eb9bdc95a9a2eb80c7dcd7dff54e3c00437e4da9c433c88f6d248e4754656acdf8ea7d68106b04ebb2f1cdb247fddb0bca1f8e9ed6a5":"c1bc587c3440f1f5dea5b0a4b5ee8dfd":"602cfb09e8bf250c3a2c248c4e91234629a4fe9a18c5f8b59df215e97dd873a7c1204bd0695796908daa28b77353e0e5b37877a7441d35633119c0aee9aa82c3c18a7f577d09293fafce1895dafea42f97222a33b001907b978f11471cc0adc46243e8f7fce94803d4d0595bc9fccb9b9396b52deb943280eac2c4eda54841bc":"a72d27136d0b4efc0aa2126a246ae4946e2c62cf5055f7bde263e7516ace2b7e12179980f8dcff18dc4fcd662f38d3b9dc7f8a057827ebf27e5dab85264d9325e0eea3b12f8e9e39ad686263df75b0758cc8af0be89882bb159c95b8de392b3e295c039a520d2e56b50a6370afa57adc967f7e4ff670dab471a57fb6c81401eb":128:"eb26cdf879e0cb1320d786a642c4dfc0":0
AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"adf6006fb1cfea0f9641a4c35b864101":"d21777e1fab632bffd82a58cb732794f112cd88bdda5a7a8d19c68ace343fd786e5e512013887105c21299f2d6ae23cae4f03047c68f019d98e76d2aa1b3a204f13f4cba13f5a8957b9aa3ebb44b8024b26cb6139a3bca3ada0520a68b8571ae89501b212a1f8ede5753d557ad2f38d9465dbb09b555300b13194bf7817321f7":"a349d97fc677d8ba6f72e8cc7191ab78":"5717bee8b31640f3999efda463d4b604c1cef62fc0dcc856efb4c50a8c6b902019c663279e1bf66fb52d82f8570b9a314647f4b1ed86eb89f4be8981225f94d4285f5ca9167434a1569b520b071ee4448d08cb8623b4cda6d1f7ad28e51a2df980b5a999025e9ba646707075a6cb2464c2a0d5fc804c98a79946fae0b4fa61fd":"345af0d804490586c9ffbada0404176f4cb1331fc77705175619f27d107512d3e6068323b276743284feb938c5718a5b013305fb42282a89e270d24585236fa18265dc7e8ddd2b3efe93a2ea05ab359323c75211f2133aa97022c9a937a467af37c92a795c682a30f2ba1c4ab2dc45e63c56cd3b29b0efac2caa3150e6a72aa3":128:"ae7d2827c4f1422b728a9fd31d8d1918":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97c83d4628b65d94341984bbc266dc7a":"e998cc0b7677fa2e504994e99cf7bbd84ba7e356d7da178f8ff40dddc046c70554ddec1d28aa23f9c4e6fcb9effeb8e28a883ad05bd0a6041b8a24d0fceff200a4e33996e279cbf029b11d58185adeb5e5e797a74d0d8b17adcf06dfbe3ee11d8e6bc3b6a8434de6e0ddfa0fd08c913f9fb911cefca72bc3f616b4ac9821f53c":"671dcc5001c2146bf8a4e522ad702bd8":"9eb12a42d2ca06a7da37fbc23d213f5e3f5e15580f01b0ea80eb4b6bd283e307dec965745ea3b3509d3269cf25808fc6a923e97d87d0c1a30b447a5a27a06d0c88a96cd90d990bf208f1abc4934f6a0ae34a694750a74ffb27f4bb66bc799d43570b01897b98b00e6a01b95b356b11d33e852b2010da5785a691246d0be2bcfb":"5a6d8930e473e292e67425748e8618569b7a478f1e183ba4e4a64385ac4b75d3d42b1afc34cc6daff341f10c1ad8f03d77179f52a7239ab3261f5fcd5a0b4282d26fa4d08bf0c8a5c96782c073ad63ad233dfe3aa0290a03d73de14d445b9ce4ea0e3b10a4aef71c5919969b7086353c942c479a1c052a749afde2325ef46f7f":120:"b81cb7bfd0aaf22b7233bcfe363b95":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2dcd5c974c5d78cde0d3a677d0b1acdc":"21b61035ca3c149d66608d77edd9770411e0ef73a97d4be9dcde95ed7997ba97117ae6c1979195a5d916ff7a1d43ddced5287004fb60a2c81c82b5f7c8a336a603c3eb7cb160bbf21b454f810681450d65deb64e7cd229333fc5e85dc29040d7da48511b6b2524f02eaeab422b5ca817796c47b9f2d7d498abc619b2ce2912bf":"7455fea1bbbfe9479830d403e33c9d1c":"d684d38f2b12111197ca512c54c8e29ef1c3b9b089a6923cdb327c763f0ac8c2ec0900c716e211e7cba1d7c13a60fe87f5d78e5d5215d92e57a0645d9b2eab4b11870b5f7bfa9f2c9e4b9fcf7596e7719b7d0c0e6cc16efe71d8bc92e16a83d4782f08e9b97dc85a18c435b51c940189a3c2608379a21a8c46633020b9b6cd10":"eb039d8cf0bf217e3f2aa529ba872c385f2770ede6ca4ed32fd22cd3fcbfddfb92d681f00df6fbf170a5dad71c9988d556cd74bc99e18a68683e0ea7b6ef90b21ff42cef8c4627e4051bff0da00054390e10036f430dbe217e5bd939295d9c9f64c2614d42ba62efe78763cc427027edbd0b7f72eceaa8b4776ba633f2c3d500":120:"18e7b50fcec11c98fe5438a40a4164":0
AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e5b132bb7aca3e01105848f9b37ff516":"3b6d1a432b7fdb4022fc35d6b79ea03b6aa14d4ddf60a160e976909ca069242fb2e7d414d4e34ffdf9416823c4b3f4e018ac8ca689446647eda6a12029f886bcc9d18be150b451d78fa72b9c4dc13314077a5b04cffeb167005c7e8379940e6b998316bef9bf8b5a742e337663c0ed91d88d09d0c3ebec37aecaeb8277b13661":"24c1ba77d37f99253576f4963779fd59":"dedf78f05957bde906639bd35eacd8fba8582d288c9f14a25eb851a0a34c82fd91f2b78614ff46ca17fe7781d155cc30f3a62764b0614d57c89fddfdd46af4fa5fc540b9ee9076805d4d121aa0dad2449d228f1fc3c07d466c051c06db6846b9012e8d268c6e1e336121d272ca70d965389a5382fbfec0a439e979f16fab0283":"9976d2f3e16485b6b3699a541b6df386562b5ea4f6f9ff41d265b16e2d7d3c5f131bb5874cdffa87e704ae3cc24f1dccb62bababdcdedf8bac277a7277ca53a4d38fd31f9fc83f86a105663f045b70dabd553137b6d6222abb334b7be7689a4afa28103619f11b8b61aa92a63136ad5639f11bae64b25f09f1e2db701938fa5e":120:"29d1b8a68472f2da27aa84be714108":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"63628519a0f010620cbae37f8ad34570":"6db2919208b09a8abe5e95dcfe0f957dce1ae0e5b29f06bf321dc815ceca094f38c5c812f591aedbc9fc28cc0317bd1d89d4a3ba14f7b3e5fb2e03778990a6006e0ec2ceb47c923f3b17473f99521491a4cb2f9bd435e3133dc90e129ded9d15d78e75bfb3492458ce0964d5614508ef2a38ea02ec8664ba901891a7cc86a62b":"ce0ad75b94ab2d3918abf255c854ecf6":"c29384bd7cd013fa02487867595d739d99886a3bbed7fd5acd689f3a74f240f14c8fffd0bdea1f83bfef7b58ce512849e3a986f37afa54ddc11719169a49bd7e7138a745053417ff80cab1a32ae9be476ccb61ae055b319fdee5dcab629bb237aeb7d998ce36dd9c6908451c3bca9d3582f7fd60e69f6298d43a3b958341b611":"6205d37d720cbb628dbd5069f38ded8e566030eadb7fbdf2ed827d5f5a0117a21c75ade89782b3dc4e7307d9a7ae406ead0145aea1b6cce286103a55ce195999214b84bc25281bd7fe511868a69944d483e05ea6b39b11558ab46a33d227734eb3a386e30d58c3029ef0cb4046c0856078d57a6df194aa8c0e10f9b6ed8fb40b":112:"423fd542498825cc54501cb42b2c":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c0e1c6bde79315f79f22ebc77107228":"9cd56b16aa4e130c3dbf30e701e8784ff39f866031e778e9ab72b858c3e333e9589b4b6cd89d6546e52a478d92bd59d0e4756d6b5037ab1873d88242ef31be643745d26395385b71034f6f0c0c84816f0c6755965fc8a7718f891d618f226684bcc77f87fe168e178b330d4b4c0eb4791028017fe6c42e68b0e195654a5d65e5":"9011dee57c3b8e112efa4d2b816cf189":"57bfcccc6f00c0abbc5f30589dbb47597838fdd50dd622eeedee33824e63ba78753c05d2543687f60dde501757b6fb74c17fe34b3e9c455eb38cf078c8c77eff68d3e3b8c244cde70ddf61703664d34159a11785cc6626eb1cad70ab94405616fff52c0f781ee6b43ef2a449924a76b762035ff479cd6006c21a62a56a14650f":"2c1ef998747163104e5a7d2a440a1a1cc2c20446a9d0cf5f138f85c1f5afd90fdc3fa4932845c150518f40bfd56569a5479126c49061ef350b4fae895170b4eb94dad7b456890a822e1bcb57f9bde5bea747d17be3d18ea201cd99bc46fee21132c6918ffb0117744f6ba3f25bc8a50f9719854314b934c3a3230f4757a49113":112:"4ef9aebb721dabe2d09101037a63":0
AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"93f3fa85dbdb2784fb078a34b1116eb1":"e7a0fafda0b90cada671f5e2adfd2e2a5f14e4613ea76aad57e79e2cb532f655210614e2036d7ac005ed5e516814d8667ed71e0f29b9c7b470f4722327407cd6ce6dbd298cee37bff33c35e34cdfebbbf33934673469d6b98becd6d26868977e69e06deee99c118fd4da3530d367d20d15107c03efe0d7e7b38710231e0dcdf0":"f5a7b0b26d1e86f4fc69f81c9eeff2cd":"3d2a1dadccc597b5e7b6ce48760150dee01c8550b525c587abcce8c2c7fb6291683a58c2e42e7b7ba6a3c2a117ddb7e67ea058a78989d67946fd9551e30fcb52618dcb9fae079ca56b74572d7b6a7b6a5c60e906e9639eac5ee1a5a2db864721119da2c4c5110c2b8d487e792cf6929600f1587cb2d48efe6864019afc32af6e":"60da3f4b3a263bc0178379646bce391bf552f60d2833261962375d2960c629dedac681d86f7915ea3cffdad0f37e409668f923d7c860525b994b325396531994a2fbb2d4e909d0b1dce322e078b4b8cd99820a39ffd7b468bd3e73b418b9a2cd5757b7d45f0363574c925bc22d66645abd95a6b29ea6366d8c2252d1c5710d45":112:"833d2c55f5ee493060540d6b5349":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"163c05f69cdc4e518ff6445911d1ede0":"84d8a1855423293de37ebfd9715a9b46b175bc6d44e94ac8a3e7d409e8a227a57a6b85144a8ee23564fadc28742b69e89c0d4aadf0a786f9a5d5f9198923643ffc0bfd0f96e43b08f1435d4afc0e49c0e2241d938780975bc7a31cdf38f30380753bdd66be72b4dff260a35dc10b9ba35059ba61b0beab16e35068721bd950e3":"4b16188249096682b88aa5e4a13f62c1":"a238d1111efb7811f6838c3cb6f3bf3e0ecee6d8efb26845391f8adb51e497e840ea40318bf8e3cf0681c3b69951c4f03d5a4b5edf7119a150eafe6dc16b68f3d2b91e1454637135148f4fec132bfd96ca088169a35961d4c663535b9852f12a00ec4c08082553a09ea046379ce747c717036154d063d876a2b95cd7bdb42daa":"3bf751cf63bc1b433be6075303986ac1d0592dee400774d0bb7a9e72224417639e1e83e69f34226b873365f41fdac925628f32ed4b572b374310edfd892c5e0c3197e59efbc22ee11f0d4a66bd73a6f5b0de7c1cbb0612a63a262af51d418577a9bae0a8577e547382878f13047a92f51a867f8b7d283d2099c34c236918f718":104:"0d778299c4dc0415ca789dd5b2":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a2ff7cb9fe33b04a087d9ee6db58ec0e":"ed7c22218009ceb5b322045fecc1fd748f27655397a09c2c29813eba9a5cbeebe88d4a35dfd741ef0ac1d11c4adbc6bfae824af88e3ce09f68d8ca7671de91ec9e2bd5f790d1cb1748e34b3560c9b10726ea4b85b127731d8a7fdfd0ddbed11aaf181799f71a68e542b43ed9889237d2fffe370f41064b810c2e14d1ab661517":"6c58eb8f1f561b180f07ede0d3ae3358":"00cb63fa0cf526c6db37e33cf092f3f421fd258d28446c9a7c687b941c7eb5e1c5be267db992d0d93ede0b09030f979d451ecbdbbbb386cf1d74b23d55b74f5f4d520c000c9a41922f54567ca7dfcd84c68883a23c7acc3db3cd8d340217ee7c5ea39b41cf2c0e58c270a19ee9e146d2dbfdaf8ba3e24fda7f2c5e4ba6563ef4":"f0f119bddf5ddf147fe06da9d4510d97369d8e345519df2188b8d2dbaf8b7d3e01f3c26475141aae224e5ce1b131c8096f0e2a17c4c2df62f76f009cfc8aa20ddcd75a6a4281cfa2225485ca22aabcb60ff11265acb92a19ed66797fc2b418ae4b8c70fbecf0fd63f6c22ad62bfd6f40d8d0e2abeb620b7b4f5d8b3e041a53e6":104:"7885ca22c4afd7dc6cb440ea35":0
AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e739a485b6293b43535379e3b309fe8":"699b9a5668042c48c63ffb323c0fab18446546417b2f33a69addce6178f9d5b7dfa891ff2004eb57a98ca012c2668e0614276d89b21b7bfa436b2aa1582daaa81a6a7722186e99dd16a5786fd0e8b09b194746232fd413984484524793a379112e297d733dce063408fe59367f5929c5086bc2191a8fdd60a346052c0d109d57":"c4deca3eeea80352624c93523f35e0ae":"704aa36a82d02c56f4992469bb7e8a3f7dda1326068bf6017e4a0c810352b476aea129c1ba1d4974bc0d0503dcf816b89c0dc8e6d066774ce97cea65b5fb5c7b5a7f93e5e2c7126dd3b241b958e47d8150b422bb91c4afc47d53cfc2d20176c2ea0c85b376dc46a86bbaa53c584aa561f6662d11de4e39e50f1a095b8555137b":"30b8fa2e52577a7e5cdc12a7c619615b134ad4b41893ba9120651cd35c6f2d48ec6b8b9fa99366c4d60e643a8ccb2cbb3568f7647f4ad1a12d14deb8aac00dc4ef780133ee8df8f494675deb7f678fed54e70d6bf43476854eb0286a49cd322cc18daa238d4580ee665fbc759295a3e12567beff3e823811093cf0f02d00820b":104:"ff89ee52fa4eaeb748c8676490":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6bbb12361c95953a8d757bcbb92568eb":"c3fccc5693abe53a13e5209f80611fad1e81e7ce19a4612666d954b4b6d2062bee764181716d5fe0fe1de485bb739d6e8625d5b6cedcaaf6e4e5ec350bc2168c24d7764e75b0cf079d7ad1b5fc24dbed14c5ae4714734f424b3611de0f70a0a8d752fb143e1b7e51ebc965a06021de3718af30b067dde270d804fb5b87ffb29f":"48ca821e5e43fd58668380491d58cdfb":"e97280fd78eb8bd695227fc79420971081de8f24bc95d9a1794ed2bebf5b68d8b43ae8288eb5ce72db0740334ff9bc9b4e660418d3cff8c344e50c7962c367c26247806d0b5c2ae0420a724203dcf4fdefd6513f8263d995afa4780a9c4e92c25496106fec370d0450d907225190ecccfae634f11f8f74f6422a652b2b9af9e5":"61cfc5a6ab6847bf0127b35ce0712cbfa9cd28dfb3f0b4cac2624c52cf55f311e55e9abff2d4514c6feff801ea8739f874ded2efce4a440f2acd95eba6c75e09bcd91b898c98563a26b3df415658c4d04a6aaf547a90b03d1789bdf7ab8f09f6d9f222f567461380372a976240b7b180c3fa7b4507e53815af3f6b4a46973806":96:"f86d5374d1ad269cc3f36756":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a0a9b2dd1ae31b3e47b6df979dd2fbf":"353786f96620ae7dfa7aee163c7bb30384bb324b516cad13872f48e7251f6f4c5906748bf2a2f6167bc14453b2b2f513804308ba92d69639beac2f25274bd5477744281b7ef7d0661b3672cd45abd5bd30d98deac4ad0a565308c0224dff59e3190c86df6a5c52055f8e0f73fa024f99162219837c999a9c0a12c806f01227af":"b39c8615fa062412fd9b6ac3a7e626f6":"dea75b17cd13dd33b5016de549c44fa9c88baf424ac80c4835e868acb58082ffc4255c655878a1c627a44160d5e5054a0a04f65fdfb542cd342be2aa2e000117bf8cd67b02f3a3700755508f9af8379c226aded404117a5ca3fa70968495eab287064ee584b4ce596612f2c465d997518c6995518e3bb881967ab6b99d7f62d7":"8430b8735f0b002e098d513eec7b3a8431a3fdac2b7faf256a7bcf08f3dcd6fa549f029240acae4dbd4ad54752ba358c14893aaa67a003261c252020d14b521906b23c37dd80af703c2964ce13773dd72fa56c389768c6efbd485953900b56f6bbaa837f1668f478677621a297d4b5a2c1a86f689d8644caec51435b0dd66c77":96:"f000f2d398df18534428f382":0
AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4da736fba2b7202ea2ba60793da3344d":"4f004852edd5dcde13507252ed8c2b20a093ac9081ce2a8133c48d2807e5f968c04a20dd52c070d6c43c704b8650da7f94e5450e0d34cfc2b2d2ba7cb5343e6b4281633c6c065dae27fab18ca71bea018eba94d20e78c5e3223c70f50cb77399c1a89436f1e7213673ae825d4fc5523645031696df10f9b5238c03f733b4dfcf":"8572af442c9af9652a192d893c18b8c3":"429915c3309fba2a42b8e89f42a9376a2f329805a4d6daae11e9a20c2f982671ef8a7539a9657777d03cbf755ef93be0d8e426ed00899a59e8b963fd44269d64692ed07b231cde93e85397cf125a75032ca3726ea1ff1b05d79f2040c1135012b90597186c1db2e16cd128d45a7b9d934ec01341d9030e9721c62f62003059b8":"ff4e46c4236304b8d52ba2d6db269f95d2cd5fe4318ce930d407051469c7e36e44bbcc909c4966276f5a2ec70021982fecbeae34df235a3e9e0370afa5a269ca8847a84b8477f7ddd6055d0f800ff4d413f63db517c96d15dbe78655748edd820f2ee79df5eca31711870022f1f5394b84f05bfef97f99cbd6205f8e522b3d5e":96:"624b0b5b6374c5153835b8e5":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5bcc874114b9d78c3eb748a783d1448c":"7d57418bcea007247f5e18c17a2e4601c3eb8c89f61ed365d5aebee7593cdd63871d964a25fc9d723f291d39e0c4f75012471faf8e06db60c4ad8a26cf434bd82a29a8b653fdda1b86a7e4800c1d70cb5d8b8a1d1af52894082bb282ffdde8f0128a4abb68aedcfcb59160f6b5aaf452812f4d00472d2862a8b22480e71231b3":"5f4fde440faa9537d62e62994ab20fb5":"b5dfe0d971f2920ba4c029d4c346a49788b499faacdb18b8f905f1457a8b9fa48709893516a7b48bc601710bfd73c12da094c29df5776d491c9978f8ab237f605785b0304488f1c20bf5a767ba6d5e1e2961957aa107bdba2358b81ef1e06576db985b3ef8194725b75d49de1de3a57f161dede508e37ad3356134fa0a1aa48e":"6bc0dec98bece6c4e245fe978f6db113deca75e1b475bc31f1da0c7457a85ee7aac8be5f2121c0610b99a2c64519fc2514b643c379b4f53c5432b9729aea9fcecb88a2e2d0a6e74be04859a66f55fb2af1598bcb039108ef7fcfd99d94e79287ec1f62bd1bf5ff9dd51ab12fae4f6e21b95ca50032f9a65bd85f9a1aa0524950":64:"354fb8bcd38f2a26":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"427c89146eb7d76578dc173bd9e15cda":"1d39249130404d60ed40241cf3354458e06f1474b3723569d88235f03098053fc99010f39435620acc710a4e386b2ecbf9b327a8dcfbeddc084353fff029d24787ce81e74a5e1ac1ef096e0a2ae882a669ca168275806bb7f462e66c941fffc6ed44b9628450e03a5032676c1ee4aedfcb1767150d56c7d73a8a47f6d19854fa":"0092e76cd8882e5f77f4c8514491705d":"0ac4631358bb9375e07756692bde59d27012e921f054fdfea0ddb242c43421f4c7241cb210cb5c172d053de2763efd565f1138fbe7f9cd998d825ab800df900843474ebf857b3371c555b89670e86354fe430f715ebbd0ecad974fea34e3bbae43d3ca3ca178f3361f0a11fd75f60e9140f44364b02a073dcce8339fa28cb5ad":"2b385e9df4ed41cdca53a4ac8cb3e0af75eddd518b6727380712950d96c34bc6a0a6ac02184c1987548932b116ec9ae7abf01157a50e422b3e6aa62deb0cb2d81bf7fe0c25041a355ccaaeb049abb0393acfe90d869e9edfdfb646971bbb1ba9e5983cd0e2739158fab31be26cfdf9286d347b58b00f75d9f48ece1353308a91":64:"905cdf228a68bebb":0
AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e09660909a9aa0a50958016c3e07895":"d7b2ceb182d4a8ed57572c4237ba99bbdd589093db0f71732f9e67559d3054fa1af195aa4864fde413549d27468ffe7c5c23e242cab4ae4bb9e2657422dc3fc78fbdcde892ed202be1e47f095b09cfc53cfe86cb16e2e95444492ad5d0eef053178d6b0485731be7a5193563bf56f63cc0687fc01679254d74e9ed788645004c":"c4f865be8b5062e488b1725749a87945":"26f50acdefde4d585fc6de6c6234c9ead40684349a2bfd022df93d9774c9f5b8f50474032a417bdcc21a74da72c0297437a0cef8f527c9205797f77b4227c272e08ad0b120a2a31ef13e372cad2387ccc1bcefc88dd58899821d68f3be6a4b2cd08697d1897efcd6ed3a0d7849f6cbb50e46800627cfd26964e2cfe9f36624d9":"321f6d79a6658c7c2b67fe3c932237593a6ec7e6fd8198abc6b0b6ba5d4dac9e0695f0c64dde1c94c0383839ee37f8bbfcc516f24871fd79a9b9135ceef841e4c8ddf6b57962c0e8ad7aaf210e97a43489097270756404fddde637de461b8644fef244142820e1af12b90f16748b0915a6b773dfbbdf6b16f1beaccb4cd5edba":64:"b294db7ed69912dc":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5e45d57981f65a6b170efa758cf4553d":"bc8d4c418442743f2fdbaf95b8f87b7c15a3176085e34addf4cf0fb3c2df15587526691b07e6407ba16999b72382635a2aebb62d05c1547a7d074c857a23107c7577864e7f7bcdb5b6d1fb50136391f89c42d3f02754b0e4ed0fcb0c03576b986af5c12cf9bf5e0c585d6aaf49d0c6fb2ec30eae97b2b850a35474bfb9a2c069":"b43403b627fe9e0135192d1a048c6faa":"7a27ea26c7607e4e7e627f3161bdf15f21f3d62dc33df14951971712f960d3b2082d75395c5008e5ea00d282d350f86dac8c61f5c0f90e7797a5b61ee96f7e332ec5de51cb1377e47c641f326d1e58817c8c95feb5b2923758e33b279191d0a9ffd09b7619b0318a70775e36abf5f7ab59422ff68914e7b478c448a7b141c4bf":"90d8a6218da063c38e0f06d548a3d5685fd3e0fbaf609c77bdd573bb9c63f30590eaf8b181a2feb81c8b3f5f34a94dc94b905036a6c69b97263302b8674d9e09325065588e97c0b5b33116981f1f362a7c5bb1e996c126c31fbd63791772f4d594632f408fdf011b3f2cc750b060452c181e8e09697c8662c00c8d4f29d875a7":32:"611abef7":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"00d4bf20509a61bc76430ffa5f013589":"036a191a388cf3c57c9e6f0e2f5c8bc3d5c25ee8e2fedfadb7b7433155c7e79304f0905ab2a17e1f04f2f2dacd4a41521d6ce213961df9dc9101d41df4e44246488fbedb75a01256fbc7784769eb8f99d44d5eabf93cf667ebae2437ccedc79efa58c075183d46a5c20bf4c81e0f9754ad35af65f7c8aafe7daa3460c6892b1a":"25b1026a009470a5ca8caeeb67200792":"fd75acfd5aa25fb8bccb53672e5d6a8080081506cf03df2bab0746a353510996e0237d6354ee0210a41f20f88ec6569f2b200b28c6a31464a0533a6bc45afef3ae381425a3606de2866dba694124d96da9d0a2b061b787524ee6e5d3b1ef5c4bcf168810aa177660b7e1379ac8a480ce43d73dfcc696873cea2df419f372651e":"cab80615b666c47fcabf0d9805842ab2805150abad4de0ae8b12306bed504d4a7f91f52379df65cb9587577e59dafcd4203d2ed2743d35472285e9522db0ce3dd027a01c79ac64caee29ef3752a077254b0dca269f6f206f6cc575e8fedb0ba525dcf6252fa6f7b688556933f1dee84b2ad36a266695ce8672229cedd82f20a1":32:"3287478c":0
AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe481476fce76efcfc78ed144b0756f1":"246e1f2babab8da98b17cc928bd49504d7d87ea2cc174f9ffb7dbafe5969ff824a0bcb52f35441d22f3edcd10fab0ec04c0bde5abd3624ca25cbb4541b5d62a3deb52c00b75d68aaf0504d51f95b8dcbebdd8433f4966c584ac7f8c19407ca927a79fa4ead2688c4a7baafb4c31ef83c05e8848ec2b4f657aab84c109c91c277":"1a2c18c6bf13b3b2785610c71ccd98ca":"b0ab3cb5256575774b8242b89badfbe0dfdfd04f5dd75a8e5f218b28d3f6bc085a013defa5f5b15dfb46132db58ed7a9ddb812d28ee2f962796ad988561a381c02d1cf37dca5fd33e081d61cc7b3ab0b477947524a4ca4cb48c36f48b302c440be6f5777518a60585a8a16cea510dbfc5580b0daac49a2b1242ff55e91a8eae8":"5587620bbb77f70afdf3cdb7ae390edd0473286d86d3f862ad70902d90ff1d315947c959f016257a8fe1f52cc22a54f21de8cb60b74808ac7b22ea7a15945371e18b77c9571aad631aa080c60c1e472019fa85625fc80ed32a51d05e397a8987c8fece197a566689d24d05361b6f3a75616c89db6123bf5902960b21a18bc03a":32:"bd4265a8":0
AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":0
AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":1
AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":2
AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":0
AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":1
AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":2
AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":0
AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":1
AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":2
AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":0
AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":1
AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":2
AES-GCM NIST - empty AD, empty plaintext
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_encrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"11754cd72aec309bf52f7687212e8957":"3c819d9a9bed087615030b65":"250327c674aaf477aef2675748cf6971"
AES-GCM Bad IV (AES-128,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
AES-GCM, output buffer too small, NIST Validation (AES-128,128,1024,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_update_output_buffer_too_small:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"ce0f8cfe9d64c4f4c045d11b97c2d918":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"ad4c3627a494fc628316dc03faf81db8"
AES-GCM Selftest
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_selftest:
diff --git a/tests/suites/test_suite_gcm.aes192_de.data b/tests/suites/test_suite_gcm.aes192_de.data
index 5cf4e3b..90f665f 100644
--- a/tests/suites/test_suite_gcm.aes192_de.data
+++ b/tests/suites/test_suite_gcm.aes192_de.data
@@ -1,679 +1,679 @@
AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"":"4f801c772395c4519ec830980c8ca5a4":"":128:"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"":"335ca01a07081fea4e605eb5f23a778e":"":128:"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"":"d9172c3344d37ff93d2dcb2170ea5d01":"":128:"017fef05260a496654896d4703db3888":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"":"f47e915163fa3df7f6c15b9d69f53907":"":120:"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"":"a35b397b34a14a8e24d05a37be4d1822":"":120:"e045ecba220d22c80826b77a21b013":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"":"169a449ccb3eb29805b15304d603b132":"":120:"3a807251f3d6242849a69972b14f6d":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"":"538641f7d1cc5c68715971cee607da73":"":112:"07d68fffe417adc3397706d73b95":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"":"0d8eb78032d83c676820b2ef5ccc2cc8":"":112:"7da181563b26c7aefeb29e71cc69":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"":"646a91d83ae72b9b9e9fce64135cbf73":"":112:"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"":"55e10d5e9b438b02505d30f211b16fea":"":104:"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"":"e25ef162a4295d7d24de75a673172346":"":104:"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"":"08ea464baac54469b0498419d83820e6":"":104:"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"":"766996fb67ace9e6a22d7f802455d4ef":"":96:"9a641be173dc3557ea015372":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"":"75cdb8b83017f3dc5ac8733016ab47c7":"":96:"81e3a5580234d8e0b2204bc3":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"":"cfbefe265583ab3a2285e8080141ba48":"":96:"355a43bcebbe7f72b6cd27ea":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":64:"34b8e037084b3f2d":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"":"118d0283294d4084127cce4b0cd5b5fa":"":64:"507a361d8ac59882":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"":"b78d518b6c41a9e031a00b10fb178327":"":64:"f401d546c8b739ff":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"":"14eb280288740d464e3b8f296c642daa":"":32:"39e64d7a":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"":"f54bf4aac8fb631c8b6ff5e96465fae6":"":32:"1ec1c1a1":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"":"75532d15e582e6c477b411e727d4171e":"":32:"76a0e017":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":128:"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":128:"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":128:"d22407fd3ae1921d1b380461d2e60210":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":120:"fcbb932ddb0128df78a71971c52838":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":120:"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":120:"fd78b9956e4e4522605db410f97e84":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":112:"b11f5c0e8cb6fea1a170c9342437":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":112:"6cdf60e62c91a6a944fa80da1854":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc9922299b47725952f06272168b728218d2443028d81597":"":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":112:"dd515e5a8b41ecc441443a749b31":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":104:"f33e8f42b58f45a0456f83a13e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":104:"380128ad7f35be87a17c9590fa":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":104:"e9e5beea7d39c9250347a2a33d":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":96:"24483a57c20826a709b7d10a":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":96:"23012503febbf26dc2d872dc":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":96:"e8e80bf6e5c4a55e7964f455":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":64:"74264163131d16ac":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":64:"8f4877806daff10e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":64:"4eff7227b42f9a7d":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":32:"ff355f10":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":32:"cb4d8c1d":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":32:"4a28ec97":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"eb16ed8de81efde2915a901f557fba95":"":128:"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":128:"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"70835abab9f945c84ef4e97cdcf2a694":"":128:"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"7f770140df5b8678bc9c4b962b8c9034":"":120:"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"151fd3ba32f5bde72adce6291bcf63ea":"":120:"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"743699d3759781e82a3d21c7cd7991c8":"":120:"1da347f9b6341049e63140395ad445":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"85b241d516b94759c9ef975f557bccea":"":112:"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"9769f71c76b5b6c60462a845d2c123ad":"":112:"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"4b12c6701534098e23e1b4659f684d6f":"":112:"729b31c65d8699c93d741caac8e3":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":104:"fe1e427bcb15ce026413a0da87":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"927ce8a596ed28c85d9cb8e688a829e6":"":104:"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"508c55f1726896f5b9f0a7024fe2fad0":"":104:"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"b2a7c0d52fc60bacc3d1a94f33087095":"":96:"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"1bd17f04d1dc2e447b41665952ad9031":"":96:"01b0a815dc6da3e32851e1fb":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"5ea9198b860679759357befdbb106b62":"":96:"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7474d9b07739001b25baf6867254994e06e54c578508232f":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"3ade6c92fe2dc575c136e3fbbba5c484":"":64:"67c25240b8e39b63":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"41b37c04ab8a80f5a8d9d82a3a444772":"":64:"4ee54d280829e6ef":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"9af53cf6891a749ab286f5c34238088a":"":64:"6f6f344dd43b0d20":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"623df5a0922d1e8c883debb2e0e5e0b1":"":32:"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"9265abe966cb83838d7fd9302938f49d":"":32:"6f6c38bc":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"9b3781165e7ff113ecd1d83d1df2366d":"":32:"62f32d4e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":128:"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":128:"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":128:"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":120:"0943abb85adee47741540900cc833f":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":120:"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":120:"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":112:"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":112:"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":112:"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":104:"8781b045a509c4239b9f44624e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":104:"2ad4520ddc3b907414d934cc1d":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4382507dddccf1385fc831da8924147563416d0656e168ec":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":104:"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":96:"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":96:"b124eea927e2a62a875494a1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":96:"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":64:"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":64:"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":64:"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":32:"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":32:"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":32:"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"":"f1a23ce6e2bc9088a62c887abecd30ae":"":128:"d4d5c22f993c8c610145fcbe4e021687":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"":"ef221a1c66fda17906190b7c99ab60b8":"":128:"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"":"7c29b3196d44df78fa514a1967fcd3a6":"":128:"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"":"783f9a3c36b6d0c9fd57c15105316535":"":120:"23e21a803cac5237777014686564f2":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"":"2acc2073089a34d4651eee39a262e8ae":"":120:"7ac742c859a02a543b50464c66dcf5":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"":"c937615675738f4b3227c799833d1e61":"":120:"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"":"1f939226feab012dabfc2193637d15b1":"":112:"eed5fcb7607c038b354746d91c5b":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"":"e2076e1050070d468659885ea77e88d0":"":112:"b4586bdbd4b6b899648f2333eee0":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"":"2d07bb8616fc0bbb71755a1bd256e7fb":"":112:"6b60d645220cfde42d88296ac193":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"":"6c31194df99d08881fa5b1dd33b45a92":"":104:"69431593c376c9f8052bf10747":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"":"73599275f8237f14c4a52b283c07275d":"":104:"6f7249d25c9f273434c4720275":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"":"d0871bfc3693245be478e6a257c79efb":"":104:"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"":"c72bb300b624c27cded863eba56e7587":"":96:"ea2528e7439be2ed0a0d6b2a":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"":"28899601fa95f532b030f11bbeb87011":"":96:"35625638589bb7f6ccdb0222":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"":"375d4134e8649367f4db9bdb07aa8594":"":96:"70610bf329683e15ecf8c79f":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"":"9f502fb5ac90ff5f5616dd1fa837387d":"":64:"a4b5138122e1209d":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"":"2ee96384dd29f8a4c4a6102549a026ab":"":64:"3b33a10189338c3b":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"":"8d97f354564d8185b57f7727626850a0":"":64:"813d2f98a760130c":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"":"daf13501a47ee73c0197d8b774eec399":"":32:"a6d108c0":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":32:"a47cdadd":"":"":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"":"817199254a912880405c9729d75ed391":"":32:"d81d9b41":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":128:"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":128:"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":128:"2c84bf7a8947ab93b10ae408243b4993":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":120:"e8aac14b53cdbc2028d330fc8d92a7":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":120:"dc034564d4be7de243ff059b5f9160":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":120:"942b52277e9dc0a30d737d00f5e597":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":112:"87737873b82586bb29b406946cae":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":112:"06f95ca69c222a8985887925b15e":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":112:"c68842cafc50070799f7c8acd62a":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":104:"ec9a79a88a164e1a6253d8312e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":104:"9779b7c3ece6c23d5813e243ec":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":104:"ca82448429106009094c21d70b":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":96:"9d1603799e2485a03e7b05a0":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":96:"05ee6ce13711535864674a5b":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":96:"0c9c17388d0610f99d0a093f":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":64:"1c3bd1e0d4918e36":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":64:"dab612351f75e2cb":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":64:"f1d743b7e1b73af5":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":32:"4dc74971":"":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":32:"fb845ab7":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":32:"c840d994":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"cff291d2364fc06a3a89e867b0e67e56":"":128:"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"1c8f41424acaf009996ceaa815b24ad4":"":128:"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"a950ab0dd84115e3829ab0ad3bbb1193":"":128:"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"3a2acf69bba19f5d1d1947af2cfda781":"":120:"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"3cd95429c6de1d327b9eb3c45424a87c":"":120:"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"bd505fcba464e6e2c58fdf29f5695fb9":"":120:"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"776248381941e16908f52d19207881f5":"":112:"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"603977845d82faccb401817ecce6e2fe":"":112:"c955a3bc316841be07e406d289c8":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"4cd56de54e5140a587be7dfd02d3a39e":"":112:"1a29527a41330259f918d99d7509":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"afe986ead799727063958e2ce13ca846f76c51605439f839":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"f85a95ed10b69623162ab68d1098de94":"":104:"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"537a4ee307af3072e745570aaaadce34":"":104:"df01cffbd3978850e07328e6b8":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"5124b410c43d875eca6ce298c45994a7":"":104:"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"ff10234524433b871202c2cca6acb194":"":96:"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"49da91e926091a448d57d521cc90f3c0":"":96:"99198f55f9fa763651bba58e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"b5efb9feae3de41b5ce9aa75583b8d21":"":96:"9604d031fa43dcd0853e641c":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"aef257dd44d14d0bc75f9311ef24e85a":"":64:"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c15c9c0b0b70c7321df044bfde2b15fb":"":64:"c5c9851a6bf686d0":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"0bd64d222532dae8ab63dc299355bf2a":"":64:"3477cad1fd4098b2":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"37e3a300542d9caf3975c6429cb8a2e8":"":32:"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"6cba4efc8d4840aa044a92d03d6b4d69":"":32:"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"4f4636d1b283bfa72c82809eb4f12519":"":32:"16c80a62":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87b5372571fb244648053c99405999130f87a7c178052297":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":128:"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":128:"010195091d4e1684029e58439039d91e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":128:"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":120:"28a43253d8b37795433140641e9ffd":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":120:"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":120:"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":112:"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":112:"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":112:"3269922affb9d767f5abe041cc8e":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":104:"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":104:"673afea592b2ce16bd058469f1":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":104:"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":96:"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":96:"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":96:"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":64:"84f1efd34ff84e83":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":64:"15d456da7645abf2":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":64:"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":32:"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":32:"613ba486":"FAIL":"":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":32:"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0
AES-GCM Bad IV (AES-192,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
AES-GCM Selftest
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_selftest:
diff --git a/tests/suites/test_suite_gcm.aes192_en.data b/tests/suites/test_suite_gcm.aes192_en.data
index a3ebd1f..87bb611 100644
--- a/tests/suites/test_suite_gcm.aes192_en.data
+++ b/tests/suites/test_suite_gcm.aes192_en.data
@@ -1,679 +1,679 @@
AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f8022b8988383d5cfd7d9e0e208146e7868d3d714fe85744":"":"5fccd8cb551cfc9c20998da4cb981d49":"":"":128:"1b5c6c9a28f5edfa4cf99176b0f14077":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7d4456b8e16b82283b677bd8c4b1f56dc7f153b5cfa746f":"":"081de4a3f71f5d6fdf7801ff6c667f7d":"":"":128:"90c2729c5ba04f8f5c73726c910640aa":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5779b60b536b096c9348cd8dafb3451280791e319b7198c2":"":"62f8e195bc79957ca8ce99a88ded1a02":"":"":128:"699d71bb63c668b533c357662f861513":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"966cfb078f695c8ad84ede2fb96fb89488fa271dd3b50346":"":"4a7b709d45745d94c5433b01fc9d57fb":"":"":120:"4a9bd213420629a5f6e471650060e0":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc69ed684af2c2bd2b3e2d2f9faf98acf8071a686c31e8e3":"":"0bd4197e5ab294ab7ab1e6ec75db2ac0":"":"":120:"6632b618b4cab963dd671fd53d2075":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"99deafc5ec6155043b53a86d466c2b652d59b7274bb844ef":"":"09d18e85e5ed38f51e04a724faf33a0e":"":"":120:"90bfade2f07f38b2192e24689b61cb":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c0c706a1fd48005e0fd0ed91b4d9f0028c500dccb28ca73":"":"595716e15498454577d3581e94f5c77e":"":"":112:"8b10eacb1f127f4c58cbb8c3516c":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae8e125507ea16d5282fe8bac42d3cb4908b717f345e6a38":"":"0a7f64edb8cd8052fcd5b92e20c0bc2d":"":"":112:"467a2c0ba1d24c414f758200b8a4":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02176a5a5d8cb8f5ccee3f66a22181765ce730751c135198":"":"c19ed1f52f5ebbcf89ab1907b9ebc7f7":"":"":112:"6525beb5856d6f29105777e31457":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4434d6bce3a33551733d7afe8cd477a79be8eeac19bc0a05":"":"b0eafdf326886eaacb750dcf2c104abe":"":"":104:"ab9f7923a3b9228cb9ecd7f907":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39994c2520a6196cc3f3e8c6e4833286ce37399e0379563b":"":"dbf9c40266d95191d70739e932cd8572":"":"":104:"b29acaf5addd6b379315535375":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1f27d054114a264b37ee1821a077773750cc79d28594f506":"":"6739d43092620f44b57e65035ce14565":"":"":104:"25e0434a3660704eee4bb82962":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0e97d15f4992a6354e43944fd346da65ac1f0f1229189442":"":"32a64e826b500d7e85f4c42a784f7c19":"":"":96:"da8f3e0a6f156ec260aa34fd":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"27504fc47a9e9a85eaded3782cb5b088359ea1c0abbf2730":"":"c55c8dc3d6d2970c81659f2f87bf849d":"":"":96:"113e637538de291e2463abcf":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5fc67f73de736768e5c64c37459c5eec3d27f7e337c346c":"":"2691432d3935d4ea8cb8f7c17bef3558":"":"":96:"c0af76d6f62430106ca54928":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f28292ee2c54119511a67db0d2317433abaeccabfdd5d1f1":"":"cf9331a1bb3851b2fc3aeed2d1a33eb8":"":"":64:"8e14b869a95eb12e":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2042f9244079736291ba7fe1f030cba99672a97ce361dc14":"":"aadfa619bafb21b5c738b65d632bb8b2":"":"":64:"ad6f52f25aea1c55":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d9b4eb00ac03fabb5304ac38414f7782cb0186436a4b9036":"":"809939260117b759d8dac1a69c27c12a":"":"":64:"1f7d0b3104aae50b":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5128f4cf91d53b3a50e9b76b0b27da33cbd4b9349d89413":"":"644909f5fbcd61d850e43fbef1fb454f":"":"":32:"2ddbf709":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ac7ab2ade7a8e397d66be6dc7671f19cd39ad65490f1712":"":"d152359d765f41dd9cabf5c8f37cfd8a":"":"":32:"a6e4e30d":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9c2de7e3c74b7e318413a32892d4fd070de9882158bbc82":"":"63410c83fa363a63fa78303b9994b6c6":"":"":32:"49c514ac":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"66ebdc2332276784a69b6bb137161210bac9f1d6a36d6a4c":"":"647f41b60c6a579086ba8854d043495c":"da26eebd04c27bbe7fa7b54b87d3b7227f056dd9c085fabfcb59ec665a257c6de68fd2c1c51aad5e6188e02a56f70aac49ba489802247ca327de57ea3cfa87e72cae7dd82b50341a2133b03cd0027216fcd94cf43ec8a48e1c04145b597924b37f7977db3ff23b8edc913357037d0fe02afe2bba6b91e27554edbfb77f51cc41":"":128:"420b320c2d616a0b11a7605a84f88e26":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26b04d8427582b04318fefebac2a2298ec3ce61146f39a35":"":"99f3449c8538414e7ab595b92a7e6e10":"edfc2aa8ed91cfc0e117fc9e2d1bfe843c7cf365a2b6cabd4259686cd7aede9c7453623967a30ffbd52b30fc205208bb346ffc70584478f5f39a79d4971ed71cc3dd0200a89aef6aecda0a1f3a4bf2929b7b9e141be0ddd3671f727e5e793ef085f52ecb77a266b9a02a2c700b63d8c43da0b569510285e98b530abcdbf7739d":"":128:"091cfc38b248460eafb181ab58634a39":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82c8197e6641d0832639e2b1d7691fbac79618b2f5db45bf":"":"69e1a3e5eed54bedc941646e3ad25a6c":"d0fcb4f4d764efc0fb52c8108e61b67a1386f1a13c1761941cc9a28c6ad15e78474cd2a65ae9475d70d9c845f14bf4d2bd2bc46c29e507a347391829e0f24495b026f681c387b3e6aec8acfa5ecaf4c3cfe796c22469478ee6744cf04a22e6aec82489f53109551f58cc6602933d1780b8b45b933f76a94ef652a8ce8bac2cc6":"":128:"8e74343ae8cf1cdda4969c1a94aab5cc":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a349ba960b2c8f49b7e5314911ba8de358f2e74ceddf126":"":"f5998a62ec507c5fe5b280f9c57ac626":"78445eceecf2e6d2ecf2589fd24e854bed3aecc63aef934aec9aea93dca95d58629002a4ba91e9bf6d12e13f0a844977b3c2700645281db5de381adbccd34a84346a99f34889bd46c75b1956e21aa9f87684af55d7fd0de6da07e856d9b791c0a45e9e37881092f6040a9ae9d87757142d3c9c7fc6f25db0e5b5d377865ec4da":"":120:"4d7eab0a3719fa53e552b9e5a85bdd":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"019af03d23342f7916e329b6843161e566aa859402cb07ff":"":"c5fd96765fcf6d51e23ac6d206744af0":"f9808af3403051a52b6652df03b6b37d90a471bc242c436cab6ba699139eaad16847665093798731b9969709287199233c5e77351c5e42b15453b4171237a6d16aee63773c8c0d736b3a8bf38ccf922e561c456682fbc2c7161da3b89526d9de222351bbd04ecd4e8680f26d70fe57d577ea287b199be1bbb8b76328ddee3d33":"":120:"fd36fafe4f5571fafb6ece59b77381":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fab39ad2946b2a343d76b1ccc1939cce7ae3cd7b6ea187bc":"":"247bc71446489dd3495c4dee8a071c76":"cb2c06fa5aa54ad079741afc56dbed79061a02045b6c099d0ae2d7883b78c5fe09636cc8a5dbba0c0c76ebfdb81217526afbbe04fa4b2b78f3357025930b0f9488369bf3aa088a2107bfb6c4ba714f1c26d0380d647ada5852d2c539300a4779295412b202c3cb977a7b94c24c4dd2a891a2035f388257b84e5b31bdc895f062":"":120:"65e1aad214f49881a067d8b372ab6d":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"57b52697f72ae2df6354410a69dc3c5f28b31e6617bd78c1":"":"0d96720526491d196eca66457e3c9e71":"cbdfdb3cc73aed4297ff9aba76dd8ca4d8efe11b0f521fd7170f07461c7885252874b2ff8fd05a3943ecdc824ffcef0396980ebbddc0a53c6c99086c14fc806d90d35347d45e556e9a55ecc3a9fd74c8e5dbd19ed8b452eaeb673818ddc0695f56ddf3b139a3df378fcfe5b6ccfa358f5a5bcd1550f1d9d5f325f15f9dcd007f":"":112:"f0c49960e60fb63edbb50bfebd98":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7bf69ed06271107e11fdf016edc4aafb0e2d2ac05bdbc46f":"":"50e65aa338cfe856c80cbe1331b46abd":"a7cab4e1e56f4b9fccca08d3791560e4b6c7ceb40a10adec0536861c5c46fc3fd06c0a8eb32c9f18c40463b0f06cd0053e615dfd7caeb2b353b08ad6da1f8a23ebddf16524d2eaed70d4d7e565412dcc9598df7e107beb464b103cd8de9301cafe8b0420f0c156025d72b73d6e015ed2312535d35899aed73aa54374674d7f02":"":112:"d7fb9d78fede77981948eb013ea1":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"caa781bbed41d7a1c56d47673f74d4310a3bf8b1275031d6":"":"7795dc04261d9433367f51c3b87bf18d":"f44d77bd541e02a737c693ff3ea0adc091fff1966a593524e68954a2d7d66a48199366a5a600331cf392965b5ebedbf949203975fa9db53b72586615975e8a7b84e0633c6cf69caf482dd72b26b0a5687ec71667e7f6e5abea89c3d69d2dc42a242ef959e4039ba5b2d22a3e48424a431a77e816604769d13b7f892e2b33fcd2":"":112:"386930ced9a46097c0d1f6e65c62":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1b268de4ff644cfa4361f8014656d5d4decbcf9cede8605c":"":"4009bb00afad026cbad117c6047f4ed8":"140c5a93293598fab85b3948b53e0ba15438a0b948e91041a13104f0ad263c8a10613e20e87ef261999a54d469ba6f1abe56ec3979623df8520a0476801987c15410ec24f5a9be72acfca71e8c5904e2ea5f8b22b8cf404b9fd533aa37e33b3d4cf91599cbb3b85ecda4aebaa27ac0365df8312c399ba1767c47fe0923f2c53e":"":104:"af36bcee7561cd7d0861085d55":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c2843bd689ccbba60ce961b7dd50619a59234dad97567e39":"":"55a68cbaa5755d8c67bf26f03c5863c6":"d7980ab86ceb9b66ab265b68e078deddf7ba084b8967c3227839e8f31cdcfbbffa004953f3582ea9274dcf46e3ad7e7744a576dec37e0cb36fced2b2c2fcf4328f506302f5741e696ce25c49492e33c6a0c8aed5af03cdc1a266352623c6a52a555ce906f684bfd597b5e37f60b5175a981088b9d8b8b5493e4fc1bfeca64f95":"":104:"66cccb7d28d3fa70bce2900a84":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f451c5edf9849a390486dfecad437cb809c33d31f6898ba0":"":"9e2dd52c04651ceea88caf4adfb2e8ee":"87b804d4a81dc203d67a92b4fdeab959c2056dcedb28d29f216f9172817bcfb3d2256bc1c8aac23feb22b71f1fd02ea28cdf91785931750ba4865d672345b5001b1aade4f6acc7edb03758d2540e6472aff50ab3ea61a0b9ff37ff7a87b91013b14867c3e43cb097a923e6d8ddb1f52e4bd940b60d500a4e35bfa91935065f26":"":104:"e192a49f5f2b22fa39dcfa54c8":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd02ff8cb540ba572af3431597bdf3f23e61665f96a19b4f":"":"7198af3f594a4f0597f45fb592edef50":"ef06de48bd34f362fdb425c6e35e37d0dfa1ea874df7d201b6a1c25b736c96e3cc8ed0915807fb7ed759482ca701d28c08cbf955be244bf887df37394d1ca4d2e7eace0dc61c807b714f3161f9d7f554c9f87ad674849c136108cfd8f777997656489d3e993aad4a51b68616083876832b3085a5f8f154b83ea44702c70f2980":"":96:"43298281cd27a36e5cbac4b9":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9ecab4a4a9dda43477c993d6388387443c66ac253071c504":"":"9523b2722b927dc3afcc5f7dab2bf033":"fb84e38a84225c8ebb307df88325d020a5853bb05ac7a75ee38552c40c302d263181081b05918775cf9cd6905b9982b2ae9ef7993f28fd8714e878c9a4a8101c08e9f13581dcf4f16dabfcb9d3c471c0056805f51e67e9b75572639c3d6ce62d2f8abd64e1e66ffb292360c20155e4d528374a5a22d845340d6f1ac68d33040e":"":96:"696bb674e43cdc7d69346555":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"733df8c42cc2e70ac195615d4911ffbecbe2712230c5c292":"":"f76135eab5d42e82aedff3090a1ba606":"0c8aea747cacf2f0fdfaf368cf32b12dc49f5da9a29bee380d2d64035b73efb56fef13aa20c0b612d9615cefb94f26978fa0b371a47dd20051a1605b9f5e133b52dc514577c53319c9e2bd4ac7cdf37d56a9e715e27860a09d86cc21d0b9f0f302f6acf06f2ff00cc6c878dacb8bde51082f701314de7efd36a246f80f8a8fb6":"":96:"82e6d0c076c7d8ac0839fe18":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ba33c24c41bf9836607b6dd05e66a3d16298c897dd1d70ae":"":"4b30423df6de76dd684274afbea089d8":"71f5f6ee7bbd774fa691a3d7e0f694a6c8dfe8aaf9cd720e163ef6d5cd949c798f9e9c993adb6d64e7220aa0f17331bfa9a43b659be101726a80e5529e827c3e4b05cfb4d78db9952e58eebe64dfbc0d1baf20e7e48902215277a49ee953108526a70ee150eda85e6a0e49955f8c6323766ae10e13ecfdbe4815f4bb4ba43786":"":64:"73e80018235ded70":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1711553980e3fc5c14c98611ddbdf426463f82c66df83a70":"":"3396bd96b83ba611ed22e12e8a5ec911":"9506f34c90611acd6ecea385a782a5739f88b4fd13b77570c4d7e0617283e7b21568e32c42ada1cf6aca1a2e2ba184d4101306ff21c9d03e0ffda4854773c26a88a5173d52960286c18753df17361bb7046d2884ee600f58775304f49cf4e782ac70cb00b3d9c345cfcb38e3880743034640bbcae83112543cd1622ebaedb221":"":64:"5d51a0868a2161a5":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5d69dbec7ebe80f2b5b8f61fdff1f4413f5f6624010fb795":"":"a2eb3ba50dd93fa375cf682db7b2bc7b":"a0f9c0de86b54d3c176ece3305463237e1f70be3c52e2ab1c773a9d27d6fc5dadf61ce7a3d10dba8730d12c306fca8952403983bf242fc1b6efaaa153ca446a07d16a70af4cb1aa4d4c0c93d646dc3a5630f5a610aa9e6eeb873f9a06d3234642bc86b03c596235ec03019e762458abe17d37409a18ca5b7e0e0088391dd3acb":"":64:"1a827855ee98d679":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7aa732879f290aa442217212156920c69457b8ec41eab153":"":"cb593221c59846dc82fc0d0cd04af3f0":"15d7ebf94985c34b72b6675d7346f0b05bdb8fd3a278555939d2999028e4179e69352d398a5dd0e5b370bdd9cbd24d576b89709c98b6142f71f5b1ba224222afb67599fc58fe043d1a91d7ea95b56dbd086db8e3a061b1bfc6e82dc9ac728174fd3669d65db62a06380a5f72c3d091b7a1b6998041d5501e9fba8bf91a7d278c":"":32:"55b86d22":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"961a3e78f6a75944455f9d9d0345e08f4669972f3d5c202c":"":"ce43a19ac648e62ddc49d243fb34e29f":"393736558133078a0367b8248bc18c8352f92a9212e90318a5b63ad3c422ccda7c181c565629acf4fc73b2de85bc9cf38310fe703a877b3e7d3b2d416aeb962f1027077232cfa39c5e5284a1b323264175546ddfb250ce693e2dc78a0479bd89a7ab44b63e504866d2ec6b5153cfd51f29a91cd4fa2b8e09878747ae53981875":"":32:"ac701373":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c4d492904becde4e46c2557ac833265c715bb57f18cd040d":"":"df41b22b92d43a96a7504514b92e644f":"c4dd46ce3e486d89903482de247c1e7df05809a247302db3ca8457b93d6886c0a3d1be40a90f6502ec58d0ddd715896cee37322d48ec3f0c3ad716f1bb679afdcc0e4c79e5e2e346702d349ec7b391ef7eafde618bbadce5d14d22123de611c065780a4d05e928e87d12b749888d6004224c3e457aca0190bf1a7fba2453680b":"":32:"7a259bda":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"316660f013ced78a16701b35479ffb1f7c8c4e964c1b52b8":"d262c15d08aea46f614c7f8f6a54631289e54ca97d698777388e137f431bb783601e7999e7af98775d7b87ce061d9ba56570ed8c58b6bbac5f12f751fc376ab0f14b36b40b2b5533727be3bbc9a51183405d5fd0121201ff592817d06613b504a3440b0e1a57e9ed1771766a9a5b789054f7032d20b23c5c37d77f293c677fd8":"919ceb172d2cb460bdb3b3e58debe889":"":"5f5128f7f948f0cc9fb248a24b07c54247e40080a992acddb2615d90ef9328a17bd5e9a698b00103855738aea55c4944cde4a9148bfa8db12233231861c455e52c9889119ca402eabc8f41b27000156dd29b901024336cb2b7088eb5fd534ba58f23caf140a8b2549486074e4edbfc262ed9c7c7ccaae24be8de873ad43cd13e":128:"ae22ec4c19e7616a5b877f168febd202":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1bdb707c328304809bf0608874c9db373df3c7104a5a7049":"ca243caa145124997f5e2e6bb25d021a38d58d0ab1bbf06d086c2416c08e3512aa887cc215fdb34d0f2d78f6a45885767f15fc00b68a4df1130587de777efb9cfd59cafa077477e97edabf2bf04c9a6ce029c230385ca5f9928bca7fe5503b18774849199d2a39a378a2d3144aef4416c1718319ff1bed8021dd77a07f61eaa6":"b7e7fc0d5adaed1632c5f7d1f56458f1":"":"91c7954bdd6a49360fdce11c1bc710512bf5a57bcef241fb63e5ceabcdc9699d0c0ddb025c75195ec25e631507f13e18799e6be9798e5639ad8401f6244c5b0ace3905ae0de08e2d0fcd19d193de83943fe449af4b503a454c248e677d2f51100fd9b8b7e5388d5091089369a7c2ff38bd353e9757ef873a87f15f30232bafb4":128:"72337bdb2bfdd1f1ebe0dba6f9b7b649":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a6dd0d7e9d6ad1ad7c7394d53e9e081c436d34c8158bbc95":"2d95d64ed3be857a5c79c7af20aee00f142557e10d780383fef2d45f16c7e2823ffee495b220c87971610e5650f7c3e8d296b3f03fc883c00351df48d97717427101aa0c08a23c408b24511621b640c210b316cf17e3dfd714f0c9aa9ddd974692d1c2ae27b9bb0fbb428e7a9da3b3cf9bd869e730ccaa3aa4bd08f01f84039a":"60b4b9c77d01232c5d3d4af81becb0dc":"":"4494460ee73d3513814e1f779bfe3a229b49348d7641e9ed4dd959b582960097ef08b91292bb9db87b4e728d01b92683f4cdc81151a69bed2096bf6fb2e45d0148404420ea16b631b421e6f4c6665fe33c2d11e7b22b6aa82b610b83214ae4d17e681972e3a1f77306d3c54d96c47d8be1fb2c8cae8300ac9db99013f25a65a1":128:"d40a246c18518ea9f8d733b42181123c":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e9ed78cb5c10df05ad00c6f1fb35b4d28e6ddfcc16456807":"e465e57cbac0dcd1e8ccda22042abecd9d89c4ac91b0e82a41fd51107a792099e63f7cf23a889d8c04edae2c2b3a9e51dbee6c3b71ace3de08ab354a295888bb99ae0fe428dd69bc013d49a70511ef60524282347787a542fe9501b6452b5faad2f129a9795c2c4cc0881ec4af8f0e0d2d4a7a628cb051055fe831b51e250608":"3a8ad989c621ae1e82b8d255a3c95028":"":"6855e4702f1ea593bfe30ee65b3fab832778d6b11a0ad902dd37361b8d85ab76d1f2ccf7927d695eb3129286c26737b9573e26bf64b31de26f97525f84345f73bda2888a1f53c9b405ad627bbe5dea123c9fb0a4b7f193cd8fbc8fa4a5e5f64e9c083f5c048d61fd1d347b49afdc69e0ca6a82e3b064c49d5bffa2800b5cfcdf":120:"9661f5c3b0d99d4f762bdcabd48df2":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"76a5bc9a8d7c6e2822456156cea7d493702d61e7d504e3c3":"0a7fbca875fd620c3d8de788e5c27534160f68d60d70fa4167adf0c18ea25fa1f2cc551fdf447aa16678d3f82193cf421a6fa953532a3765bcb54183bf0e96527ae5e695ed3bba5d9911f36c1aa73132cd43b2698996eb43ff84420e315a06d7db02aee815461892c7ab9026953c4bc25f47153d5cb7b966b71b24dad69fa565":"09b681de6683751300c2ada84a214d02":"":"dd66e08fc500426feb497c39c5853b26376272dfabb82ab5978167faa91adb025a6ca0e8fe3d04a0d97062eee8ca6530c3788bebe4436ecdd3d9eab96d38a0cf9b8cc6a584a0facaea33ec2f4a6e61f780c3dad524df902f421e3204cec7c9a4bb3f0860e017eddeb939cdfbe6f924e1eebfbbf8ec63c55b62137d9f8845f38f":120:"4acc40a4882d7733d8f526365f2560":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f5cb564cdd6974219e87f93a030fdcad35313d4adf9d7a97":"210a799d480b4933e16fcbed632579beb6b00aec74c205dbaf64e2cb152c12f9b6969122f296efcfe328f54202446514066594848f42a3031425020b56d065d6eaf2caf507d5f51df493c11514400b889f33d0b996e721eb613569396df0528aa14eaed117dbb7c01d9c3ac39507e42a158413dab80aa687772475105eabcbbf":"90f91da5239640a70eec60d849d9ae70":"":"69a3dcf5b94a507a53fa5e62cfca269453623ccd3a537d971130a21bee884cf271b9833dec19862ab0dfe7052e7dc07b20f34aac42bc39bf1d495360c1d701ea53a9bba64b02962b4ef64fb1c90a1a2f3a6f81a6ba781d5f28b786efc365ec6a35c826544aab94b53b96613fddb65660dd336acc34a217960f6c22b9fe60dde1":120:"b67495a863fffcc773021dc7865304":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc2c5a020d3ea731362c29d559cb14aa4f8e3f6a554a5fee":"8cf098cb6ad79e0f0eb4ca888da004dfe6431b5982bf1490c5f2d1486c288b5d50ea0a5a63cf9d097a71348632391b4bf962bf464419c2c971e76c03eedd09d069a070c86837e16a2c39a2cb8de3e2d3f274e03998a874fa98de0933b0856e076e7f575f351d7ecd024753781f51ef600405b304e37f326846b84692448d3f2f":"bd4d45d970085e0b2bfc9477f5cd0244":"":"d44a4fd303e657670632da8dddb6a117f3e35d8afce245e7e6576711c663f36806b813ba6421ef9788681d9717a36d3eff4ae1789c242f686d8cf4ae81165191220e338bf204744c9fc70560683ec07c212846d257d924d5fc43a3d4297ac54428a32c8bb9d5137e0f4aaa42df8dec37793f3965ca658f22c866e259c80bcc59":112:"9c1d6c70e1457a8d67f81cb3dc8e":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"167cb184ab6ad15be36536f505ea5447fd996b1d9a092ef3":"0b6ec08685b5a9d32346a5fa25d208136433204f3b86182bd1d9578f0634dcbb5b59937fb87df0679334d7f41eb8bec60ae1b87994ed2cfddcb56e95a6fb4e3ab7845b0294e4afa5ad46eb5a431cbd7ad0eb0473c42c06f3f62de03d10ddda449d41137c8010af5c7c0eac7a5fde5a39b5437a2382639fe3388ce029a7d4465c":"b5cc89a1c10329bb417e6b519091cee4":"":"7ebe4a9547fb115b39b09880d6f36f8cd402bb798c6d9db036b1ebd8b87a8e9d56fc23b7ae4e8cac3500bf2f73952c37a068f1e472369b62319a8b1bc085a51fbe47e1c321dd1ba2a40692ecd68762a63467d5ecad66a3d720a8a81e02dac0ebe8df867e2f7afa367aa2688ca73565e55cf2b0072fa3681750d61e8e60275aad":112:"30454dae78f14b9616b57fdc81ba":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9bc7aad4f4bd73acf756311ff1b72b41631344b9b57cf447":"7cdf07e17f667227edc986827d55bb803c6e51f93e72d98a1cbd161b58155a1c14ca54d52254e5f88f2a08614df68cc37f6e9fac88895b53090f69544b18aee4cc03763d35e7dd94ed82d1435316e7e02367b1c43506b3ccd31e248dce81fe62fdaea3a0bfba03477d5c151b0f76f09799048d8b23699d000a9da11281efffc1":"ffa8e719f29139d12f741f0228e11dfe":"":"6ab304cb9d1ed675383ff95f7f61ffc2aa73ab1b9a691bb84777b14c7014e986ffb91da6847d3abc0349a7aa09ed1d86f2dabc09e0e25a05800bd5d616c1a665bdb119ef71bae065ed019aed20ad3b13262a902f24ccb4819dc71419994a8b4774a3b9f4f672d31aaec997cfe340d2abdc3958c41373d0315076d22189eb5065":112:"260cce7d5ed6a8666c9feaad7058":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5bd47bea08eab8694defc2b66e60da1be40fc1e398224f9b":"083ad3fe9273b8063e144a03f88fb179b18327aba37259d7f8532303306ac9d18cfcb746cab3f9385b5bb685fbc4a252dda268044642f5dbe33ea6e1634445311e440c5507fa6beaed343c83aeb0ffc4f1cba21b39f0ff6edfff961aed3ae1796f8bfeebcd3392d92e26dd26a19a7b7c2e5910f22557fad600f8cca8aba988d4":"e45a52c5e5ecc87b4320864b38683777":"":"8fa3cd91fb93a346e1f9595088c5503a840c7d7c33aa1be147e484e2aef2a8bda77275348ca59810abef6e179888f6781862990ba8e6d96af70febd2f671a3a8d6dce9be46c1cc6dbfaae35c35a7073205411cc8ab4ddd266b31b64edab4ffea076b29803149850cca41c857b05c10148182f8e7252e67069e7517da5fc08ee1":104:"9fa3372199a2484f82c330093f":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"850a811ca18044dee4487729e619cca71f05a5b164dd1250":"6ee76712d0b1fc00e43c2312743a881ed95a0b06276c5a4d93e3d56732af6b12c7c0d1aa6ffaec562229b6443e576caecffeadd9a65b91efa1bfe48ab1ecc63c381d00fe8dc7f11365f2b28945e844e7c6ca60972f733a96f29cc12e259c7cf29e2c7bbf8f572e158782a46093c5754656d0f2e1e1ea2a0b315b5fa02dadf408":"6f79e0f62236790c89156c14bd9540a9":"":"eb1ebd78d7ac88e6f927e09fecf7feb1aa64d7435aae76cc917edd9e0624a96e945df67648c187e397954da7b0888005f7a0d05d09de424c1a0648b56707b90da4021d5a36175500337e7341d1a474fbaa94e56d7ea52155829eb6bb9d95457c138875f0738034924d59681e7c2dfffb7dc0959697468ea2b65a884c897208ab":104:"91c74a30e5bff5b2585ac7699e":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91469828dafd30de415067236d5f49ea14e813637f1ee0c3":"e3aac00bd05ce3c9b87720db82104364c8ef6ef25d6f3c8bcf5f73f1a26f8619e831bf7bb28c4dcbac7013dc6282d07cc225bd969c582a26accd7cfffe878a3159a5ad3cb6c8b89131aada61e2960cc5431f4ef94394634e4c8b2938409bcd2e7668986c7c5cd2ed5f2c525fa0212996960ab842a43869ed430d3291799a2a1e":"cb5409aad9d227a3cf0e2c5f1031873e":"":"4aa82b1c81a911cbe84231ce7afb95188f2177b539fb77de68f3d4801a2bd09f5ee2f7e59b5d9e79be5f7a23f0612ae39d59259dabc8b1bf7dbd4adc0db520bf7e71b988fa96d6b4dfc76afdc22ea31f64c64388dd93b27518b3263b0a19007405fc08645350a69e863a97dd952c8d886b5e0f444a6e77a9ef7c7de54f405a04":104:"2a6b14c78bcb6e2718d8a28e42":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b6907853b7d4c4a19468111d96c5de048200b5441b9411d":"3622ba252c067ce7d6cae1d1f5068e457a0cf93be01fdce6dc8652a53135d5ed445388679e3f388ee6a81220b19356b275878fbcc2a6751bee7e2a50adb7c430e4c8cae03e88465f97bcaeb151d4f0007bee6bb9864b33020717adc42d6f8a283a20f6b62ec79fb8060e3e5ecc1e91a2eaef57e9dabd3b3634236f12d4bff475":"a66ee64c15094be079084c89cb1739c1":"":"2b8c1490e13881ab3bac875cbdb86baabe7fa30445bcb39315d057171e80d02aa8471355e80ba891b26d80b375508ba2756162cc688578be313a50096d7cd6253a8094970898fb99cd2967e78a57d12b8b3e3c10502634bead5bfe2c9dad332fcbda0c1bca16fd5cac78ebcbc7f15aad8b28abf3ed74a245a8e7a85cfaa712ab":96:"e52af33988855d1a31158c78":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe63e247e8de838a197a9e937e34c0f5a0b282533d445015":"17c5d748b8596901e97df660ca94fc970f7ebb769aff88f60acc425f50ebfb6744c6d8778c226c5d63653d9388d3fa0d4d630f94d668f3478c89e2708501edb12307a9b2189576cbc79388d291354cb9a5d1eace4ca1d9f734fc78e55ecbf86338a31ebe583cace752e8bafd0a820384136963eb2d2f4eea7b2f69597737a1ca":"8e018305675c287f802f28fe56ae5c4b":"":"c3d34e2cf1c3ad629490d70a0fec1a63c88d025ffed46ff8f5d8c0879c166ad716b702682cd0a437bdaa03a9b2e69a32fb7259b0fa930ca7a344aea37886cc9850e44de0aa049b8bc300caee82e26b2a1e5ab45c4c7cc6a15f5f595199999a0cacaa59da1b2be2a204fe13005b92ce722a000228545ae8a61b2c667a386f431b":96:"d7a6a917a286d8edf1289183":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c739dae83a5e64bd98ffaf68b5bcbcd0155d8109e9ff2518":"56dafc06b354e84ce3ce31b7f88193124ca7e7049272beb93fbedcb3ede8e017bdb9ee5d314ec5168443fe01258d9abc4c4c27580f6299b20082b4ca87eb2589bedc459f132dfaefafffdd13f82e153a2165dcab9a9b6c10f1d0d13b127312a6f5f3d65a73b8fd057f1d88038c5137254111f7aedf21af07a35e34cf4d2166d9":"d80ac4dacb0f1441839e2068013dde3f":"":"9ae5107f4394c9050f8ca8ae6d1eb66099ccd0166f38e45c1cbc17b30e218fcf6015ac92dd7ab48bbb095a0523904c72710a86e50518d6aade269c82bc5ecdfa729802441e09aeb939abb43f5960542ad87961e2141f967d12f7190b07de99811b264dc62cb8f067872f84d21b661558ceeae4922900ffd76084e450650de79b":96:"6a180ed4f3a9d5739e559d00":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c23ed64375d42c3a402fdadd143336d2f6babf4d4ebc176":"5541a219108ce3ce593cca8c6aa6504c84983a98851bf8610d71f79a38bdc21d5219266ad56e10ccba4898ea969815ed0d6df75312d657631e1e22e46f727a499696399a0955d94942a641383cadebc5328da2ac75bf0db709000ba3277581e1318cb5825ba112df3ea9c453ad04d03eb29d1715412cc03dbce6c8e380b36167":"daa6f68b3ce298310bcc2a7e0b2f9fec":"":"2a4e04101d4c822eba024dcea27d67eca7ba7f0ea6d5290ced9376049ae085ccae3ecb624c03eb5b2808982c88f0a5c4363a7271610b674317bbdf1538776f1fa2454c249a1b0d6c3e64bd4a356ac2aa2fd601a83d4fa76291f3ef1a9bfc858cc0aea10cff34ab9eb55411efec2a82a90af3fc80f3d8e2b56181630230890acc":64:"d408209fabf82a35":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"695dfde34f0af192faa50244ab95a6059e2e637e237eb60d":"33ca2c61a04467ad2bbd2ba8144573f0c2504a4e9945fbae250385406ed1757adb70534bd6ed854f227d93eee57c73a314f5955208e1ba5af8cc1e8b5bb07cb63030e3ae5f0ad287536f49b576418bb1d2dec40562f6bdda59c373d6668aaa9b791285716325fccbda2180e33955c8be19d05e389820ed69258c9b93e3c82e96":"a6a57792b5a738286fb575b84eea2aaa":"":"b2ce449fc806dfb93cd7c97c018c2ba7d702216ae29a530a8f22d07279c7570c6288fc01fa9915b42a6be7a7d9569f71b8fc2411dd9747b5c9c7b5c0a592bcd7e8f4530ebaee37e9c7d48d7a56be7e2df1d91cecfd11bec09bbca7ce7106942989594e791e00e23557c843acf5164f3863d90f606ad8328696f4ca51fd29346c":64:"050bd720de1b1350":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a89a516204837bc780ad9b26717e51ccf42591bf58c75c1":"c72a1b8707522442b992cb21a7526dfd341e27a11e761f594abbfacc2ac26ea48523d0113e38adbfc06d4af8809cb606454467fd253ca442241e8921b906d6c007dd09e139e568194666d5da0b33c7ca67876856cf504e8dfab4a5b0a77cfb1883d532ef7c70b35b0838882f144991c25a2331863eaaaa2059401f61378750e5":"a9b1ef7744075cd6cc024f8c7b3b0b6e":"":"0ec50150590bb419df0d6c410edfc2f8805a602ff247e3b50881ad3efb598ed053d8dd1deff86460db0081c0eb3effe9ea94564f74000166f08db24da6cfcba91a9ee1e98b8671db99edbe8fde11d0e898bb130e1b27358fc42be03fb3348af7de9376af495c0ec71aed56d680632195539b2d1d5bf804328d0928a44c9731ce":64:"6c9f55e67533828c":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4107d51f7d6e24aa605959d5d46b4c7e1743b7d5e3ae07b6":"e5074ffbaf5e771e12f9e7cc8e7701b970aa7897928681383ea0f91bce8200ec6782dc9618e065e142c4ef2f7019791e74edfe2040b08bdf328d7d9658e7473beab65359d35ed168a2bb39f3c3f59890353405a82f48e16d388eb8f2145ed9bff016e725791cabca913813e7485f387223711c1ad098ffa0f72f74a048ec17ea":"94a88f6872995b26da39efb5e3f93334":"":"bf32a717c945e1e2fe91fd38f3c7084210a7966cb83235d28f701ebcae6b2042226e932e4601eb3ed4728ca32bf7065fcdc98017dabcac23f0f80c65e92518db6c78bf4cd91f817b69f3c3a8891786d433f6c3c1a025c1d37bd1c587ba6004085571245591d615906f5c18994f09a03f3eef180d7af34f00ecfe153d5ab73933":32:"8d43426d":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0fa6270a44c8d14937cc3ff4cc2d2c997254a42ca8a09eaf":"2252d1c4706cc46ad3e4f8c49a92cdc7d1af24deaf7b08ab7304ef804cfe261acc3a202bec0d8df42cc36a5a3ace9ed7a9465cdec3513d31de9ae7821f9444226439c8f98a9a7d99b36b91b1b00eac71080d7eb550209af5fb7b3f28d09f5060070da73a40456d60c0470773af95d16c0b33d0b5327d44188619b950590ea862":"b5f3fde841156bc408ec3de9ef3438fc":"":"4fcfc56fa722af32e804dee0f4b67f5fea542b381bc47c41451844c82e5427f6cd90c37e088dbaff722d8700a11d5dfb4282e565f32e055324e5069931c86b62feb2cdf82ca1f62aee02a70e4e274b2b957650a5cc772be86c1b1cfc41b01d20d9be8b05b9e3ff65413520789ca0f198fe00d83483a1d85aeb13094c9a827e7d":32:"1ae8f9c3":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"104c18bd2a0641fd46c2d7590d60d6d8eea74a2758ed0f4d":"4434cf5d12d07614227cfc12716a8adfc651ffe5c6476cf4489afaa698d9d19947016bdbcb5b625773252745dfeaf9b10021a5b38f742ea8a0fc5f926c80cef6568ab8639cddcf8fee9678d45ad4937d6e6b054b65512f929e897ed5f965cd14cad939732c53a847bb2758d818d5d131977649db5b59a0c5ebac37db961f9d69":"2902faec60f754f0fbb1981aeba277ff":"":"1789524845a1e36322c44dd1e938ee5d0fe6df244b751f3023d5d64d40a72598d352d9d2faba68be4e035c258b68782273925a94527fcdb977a41c1e0a96f53119b5909b23b0327c820e8f6da049a5d144a98019c4953aafd481190117573869109c265012a42f76bb4c3353f6613ccbc40a4af2f9e148bf0a0324bb43337fb7":32:"d36d2d06":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"263451f187b6dcab9d8dc4364217a483dd80c1d75f24fcea":"5e236c282eb4646fbd16a95eff2b27873f625a7e919237d75989a8a112ea80ce8db0b4aeaf5da59c3b22649dabb584284ab9673ba7edef59043eb8e99763643941a4788e7cf11bad63e13c9ef08644044b76beef68928dac22975481da4afc723b3ab3b498189542cbdffbc3f467d190cd02e9b36b6981122aa80cfa3aa3561f":"6c4552b3a03152aa464e88fd5b14356d":"435453a304fcd3c4bd6ab90d6ed8c54e6d21f75b9e56c9d48030499b04f6754cff628c4c9216f7d8a0abed5b8b7ca128c099a7deab74ecfe2c4a494b30d74833f837d254aa00d75aa963ce9c041f1916eb63d673a4af3f88817c65d4c86f5a3c28a67de2aaf75f08d1b628af333e518a7e99d980571db608407d3f447563f2df":"12dea5ea9b54957c689c7c9c6a711e2880645109a4057fafe3b32727a60ee1e24f8450310d6b8402c26b307bb0bf3cb7c6407270d95590efb938e6d77359666b11a7a3833a7122697e959645d8e9d835e0bd39bdc30397115b4c348ea825c850c1e54a60a2522a6321e4b99fa2ad9215205628c595b07c6ffed939c779d23ab2":128:"585677e0f37ae13d886c38202c3860b7":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbcf735d7c8701f537090d3dcf914c741ed783c24bd8265b":"18eb70dff73341298ce33ff4049fa631f2c72c158fcdea55d1231c46c95ba4013012b713bc95ba25a2114d0380c297acd05c323696db466874083e18bf544dabffbc70be4649cfe7e8bf449aeb9789d6fa412a1adf57ce732702ab962561f9e1fa850733c97b8a4158786e8ccf32af0fc2b04907124e731ffaf3fa7eacaa64b2":"09ecced8460af635e46bc82450352be5":"cc5b8f82fce3797009fbd38dfad7055a5e2ac241363f6773191d0e534e2b4592a6805c191daad377245c414df8edc4d3d9ecd191a50cf9747dde65187484802e15797d7c7e1db49ea4e423e94d9ad3b99aea6bf2928ce6addfc00848550b4d2e466e85a282cc022c7c4469d2cb16151e81bf63df378e0c676036197d9470f42a":"8298f796428faffa6085e458f149675d6c6e2cdfbc7994ee6f19af40fe8926c28904fd5ac0b9bdbd2de3f1614500a3eab1f980f82ac23cae80f3e6ba71539d1723e9f3412df345536f7517d847aae79a83ee9ad5fe38d60c6618d870cb1f203a3e1847d14d8de5295209c0e05aa196fec0eab8389e4eb66bdf3dd49d0800ffad":128:"e53ca266dd93def5bee5daf70c953dd2":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f8d84908a8b7f5e118482bb867102a244bcbf48b7229115":"9cd2a4e2acbeea6a73b5bffc1191d8045f63f3a14aa762eb776f35518f72bde4f9c8decd61a9319e3dfca82e682910a43de2719451e1a32839b29b27c3eb1c8f6118512d6a19cf189e2d04cf4e22459397936d60f7551244387294a7994320546f070e54f166cd7c243d13f3017b786f7df6a7fa4ece05a2fe49fc39e2225b92":"5ba986f5115d40c2cfe404007a1e2403":"06f98d4807efecfc863309f3bc64b0f04e4c16c32675ff97a3295d5657d4443f6c8b0a394d3f942705bdc19c22b8ff58e9b7c209b528b745fa0424d5898ef0e42e0909aa5ad0b01f8549e3674102ddaf4784f0ff8908cf9f9a25e7e4dd9af4da7bd13ae0cd87b6aaa6b132dc518f4a95af403e612edce63e1424dacf8e349372":"2f168fd1c819b159739a7cc783ecdb0ef9639b7965918e343e2a55f196daf584f7f14bb6e42d37b504bfc2cc08c218c5b841b2d2abce05bbf15315f471e56f04f7d54d6f1dc7b7a68b8bc7026a1441105015bcee2c39d83be35d25f0d514bd1ffe75411b32867ebf2d532a766f9bfce9e55ea3e0240d2a3713ddc2ba790bad21":128:"7f121ea36b36449e1db85e8a91ab16f3":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6c3037a59e98a9a81094d65ca52752ad92f93bcfa671821":"26647f8f4092f80fc19f81f029c354c582b582516e8e27e97d50866e8ff755f50a8ae6422f4e996f0cf50826a68c007a5b16fd59002d368ed3285bbd04f8f9a5a524243cb8d5b3ffa184ba7384771bfc508f2e93abd2a1e7170d694d35cc0ff7f247e84ca8889efc820c3f6d9cd40afd56c5799972d7556c91cde50ac808652c":"43b4f15bbe525913a31a9adf23d1971e":"60826c97f0a99b88e7aeab774a3f2278f9d35b6c1a5fce49d9389a421543c99f68797224535dca4d7040313340da73982220040a063b045843a14f5d38763f95bdd26ef818f6e5171c8d5b47f183589afd6acd36e59b9946c1edf038ae285f500171e9850603cda36043c29860e75bfe03c21e0ef11a9aecc5d5c51bb2201d29":"e58df99cce5b2548cf39684df6a26b8f9b7969168ff21c410bc40b763842ab3b30cbb3c82e0b420c8100da61c9037a9f112db9563a3d069cdf2997e7f4dbb0b5d79b56f0e985cd8cb70355366f7afd211bd9909c48b142c6556326062d27f7f82d76b83c433f00f1716ebc95038cb57c550b5810b77788c8bf1e686a8a14b610":120:"ba6aa6d68a560642c266bf4469eaac":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8fd9b08232a1d3fbe319d0897c74098f75b3e801d10e183a":"a677a13ae26b7a05cecfd153aaaea02ccb50db601221a3df545164bb5fe638f6ed276d4bd172b9e740a82a690aec4f18f4f3a0afb80c9a32188958e1cb3651064f55ca1211647903f63013e46b46c7f4f95589012eb4ccd2451d8e8dacc3cd066281f1f0c71f69f1c49f3f94136a522fff0d02427e4bccab056e615ff6fde1d6":"304c759800b8e275dfcfd3e5e3c61a7e":"5d2dffb00a25788548ff1b2c94745e5bfcc05eeb11e63501007335d4bd06bfb3223d4682e7e83eca0e163d1a8f2a76096ab2839ad14b45eb59ea9b29feb76f40b0d8dac55247c65e5dbe6bb2d5155ddcf2b2f924c48e1c16c990b69ac48ef2350873c1ed524ce1b8ef6c92a11c8e461303f7c32b5d65b57154197e45f1c6b792":"0779e5050dd17837d40fe3427322e717f074312f160c1951e5560797c13e4fbe47f320dc8053a39d2def4d3cc20e215978647d917ddf93fdf9eee5e54a974060dbac2a478afe5f5acbf65af4dccbd3942d130dddfd90cfc969da0c7f4b4050e34ce2e049c3bb004782abf4744c9a3ca2713ebfc5dfa16d011bc0b33d0368c108":120:"54c8a1dddfaa1cafbcc1883587b4cd":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19d38467c1024611433a0b2780980538d88f3e8907a86e42":"2623cd0eb46a7366877149ce0204d7dc08a5e64a1adb3b6759178c4eab26ca1806fc25fc0fc99dfc77d1811e61ac1e04ee82eb69ef7527962df1707734e4aca970b8a499eb70c2b0386942906945abcd9234b92e7bec33009e70786c39bd241da3905d961473e50367cb7726df8da2662fb32101d13b75032838f01ad7946670":"8d56a9e4bed67a7eb0f7b8c5e6bbf04e":"1c7d2744a56f5185b9cdf14eb9776ffd315214540daffc69c217dd64c7d0fb4a9f7b1ccc4c1e325fc046eec4feb8df35d32f492a28d35858ad1e9bfaf95211f111473c2ff799a124b308fba996b08f185103607605922bad319c6b7fd211f97c861565bea34948bfd751e4ce2591ae777ab1df8dc9e820cdad13066ed74303c6":"edfdfa35b41c5642e5b4dd1769b635811a48ecf21915cbef3c9e2f8230953f2ed4fda8903ec7634f10d55aa58c975a6c6133a173c2aeb83d6d7fc6534ea1781dfc62408e7a17d255a983bd1c33d2f423c364893db8128a599cd037b2db318f86f1fbd895a64a9fb209490b7e9a30db8cdf42e348cfcfa7984e15c17db810ec19":120:"17dff78f61d21de4c0744e57174f70":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d69bdc9d35589e33ea9c2b956780cd9618e0df79d1083e69":"d8a75de22fd3e2d50127c6fdeabc09fab1178875998319e1ea83c9745a1d5833c6ba9df08177c349dfa412e13e1927bbd4cdfb54a21c86c149be1feb4d9de99ffd590850875a3d9c8d9306971a9802ad4ca48f73d0517322525ac8463e3d59ae9895c9b363b6f0728d7585de78cbb49757bd1919ba2f2d6ba042d0781e7a79d7":"abd4b94362501b8f307fca076fccc60d":"1ad9aa99a4c8158ec08d21ebfb62604a043fc0c248fe08daa15a89f4a7855916af8aeb681ac6600c0268ade231f918fe508f48c9cfa998effc350fa117e2772f04839f8fa1a53bca00693ecd28db27c6507750404bd89af07451d66fb7dfa47065e9d3fe24a910eb27911591e4f4e4746b35359afada4356676b3c7331c610ab":"52e88b54b410dbfb4d88092df52688ba9502b906752b4802aca5428437d795de0d3539945bebdf2bab070df4a7e630469b92fe2dde0998d44094cae7f21f84ea7806637fa5c73b138e87d04005ef1206ddf30a21f46c0aa718665e809ffc0b42b5250143604b20225ec460defaf554a8bfb5f69ef4244e02e9563c374a44f0a9":112:"1024f8e9997f5fa4684930d17431":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6960be8fe82061e9cd783cd1c03f63a00d60ce9fc47ea496":"e0f574ddbb04831b5a86f40182f5f10d8667fe13c7065b471df157f67230c41b8c069c0218ceab93d63964be8ee853c567add2c3eab1670b03a51f9175e8e763be778ec43833cd716e1c8fe5cfb1d663149b21e06df772a3973fe1297d65188201cdb0c3533f5e9d40bb0664a97db60fc99d7e48eedebf264024006ca36361ac":"672f4378862c82738055273c72555b39":"e3a4dbce87edac519ce86349eed2dba0d371cef0d8f20b4dda3e1cd9f5799c9fd0b7494daec5bc995a6936c501212eb957ccc9ddd4c9b8a205cac122ba87b5c5a0eeba6b2af2cbc2326d953d61d089b6334ce03257203072f8e06b8c6f37692748a13e681082900fd32f0df6a3072f3a8b9bbeb3ea558e97a43d6656093d7c75":"2a3c4b79bbcfa4af04baa8413f6f1d18c9c579060ecd0cc359fcdcfc0566697ff834f7dffec84b2292e8583ecb59c9e5e5d87913a6ccaacebf371f1fff67f0be749d4ea5f5c6f4c959e9d932414a54a8e25bf2f485ecce9e70990bbc4e621ce2c8fcc3caa66b0730c6639de1bfa0124afe351912279bc3ca363f4e6013496cf1":112:"dbdd6af194f2578a0d0832d0cba1":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b7d0115612c56a1f28c6b3cb3d51c2b4bbd4cd36ccf3dda":"3a88efa524a90b31873cba177a7e6e050dc59f42c934923db1e75fec924908370ad0c9c3b0b3c05adf12c6ef2627d8d16f832071c055aef5f581a39a8e7d9bed2629e26d5e3ecaed24048d744fba08d8d12132def62059f1a549044c1db121f47f10b3dc4a02849150aef53bd259d6814162761cbc9e1a8731d82101696e32d4":"317a60c3c29440b8ba04daf980994c46":"80d816bf4008ae51b9dd9a25c30cd7482f2289f5616c41d99881aa8f78b5efff84efe307a822174f3a5c08b381bc99b169b92057627f21dddc367723eaca2545ce3a4fba2b4633fd99459fb03e85d6d11ed041b63185f3b94f6004bdce556e2a0aaf811faf0153b3974d0bae3eabadccfc95474c940ecad5b4d5ea88f88b8c4a":"f193303bb781164e42b3d4d25569a446c86646bc0fbc93059603c0b46ec737ddfcd55df8c90e6d806bd9fef90f2b122a1758bef5c75fcdff95ce44217d9b6b0e75e77656cc7f8a8cc47729c74faf43cbf08202e9ad16c7ef8c832ce5f97f51153e178ccc3c168928f3c328cd5b4c341bb0482f6a292cfa2fa85e03d95bcd4cb1":112:"42308ffc76cb6ab3c770e06f78ba":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75737e01a95c2ad9c860e72a57da646e01c2286a14dfec75":"fa749799afcf2242a6000c4fe1e0628db53933dde99d672e3c7b24b0cd6533b8002bb7aa8633322f4ee2e343db3a0067ad44edaa398cd90ebdb50c732e8bf95aceb4aaa4dfd1eaca617c30c30c1a18761a6d24c2de0790f54f73e0802eb82ffc0124517ddafe8336f4ec6197219346deef4ce930e8ae20117e6ebe49a2582346":"1060d78543be384e7a9dc32a06bcd524":"528a6c34c3cb3aba402b856dd7c9677d0d88821686edd86287e7484b72248f949bbdfb640df27e3d1d6b6dc1293ea6c84be72c85e5ff497f5da74d796a21f2513385a177f29f2154b2362d5ac83c3897f368d06513333f2995b701fb3e5aabac559f6018fffd02cd6b65eba9cdc629067f15d1ae431d6a22811508cd913009f8":"7e8774cb73468ad9647f6946aea30e9468fac3850b5ff173c7b346891ecda32a78b58df8d835328615f36a12c18370f3abcf021ed723830b08627767272f769a2105e4786451db0512027ce0e3f770fbb0ee0e1850a5fc479df4ad5ceff4fa3b2b9124c330c2e79d770e6f5e89acdc8d0ca9c758980dfefaaac41aaf6d472f8a":104:"6bc6632bb5b3296ede9e1c5fcd":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a326226b24222b3389d793b61b723e9ac7059495a1b597f5":"1cc26e453a54c94c1cf902fe12307cce2fba4d5f0fc3bb63cdbac0dd0b5ba31d08dae2b4f054c86f3a3ee920d8b9f7ad8ae8b4eca090c8783cf35db5de3b95889a84f09ff3f70263c61681f00a454b0813813f0fe3ec38a6d30cc3c6a93c91a422743e7a72340cb012718b8a4a3b66a75f13e0165aa51ee4b00046cba12e966d":"327972d0c2ebc20ed5bdedc8a3a7aee5":"2edb1455bf4573a54ab921d31b7fc9e534bce0870eb6e973afccc3b1f93dd2c1a476dd88e705919caeb5d4f4a8516a718cff8858eb443ca7785579036cc7273570e7bf2489ce71a52ad623bf7223ce31232d8c9b18e52a2dd4519bb08d87301f3ae69dcc36c6dcb3b03d8fc39b6621f6b4471092e941ef090c9821a05df8575a":"5a219a0d997e879ffeb548d43de8e4f32a9ad196dc425c83f766134735ad2c9ff5d9665bd54ac3efdc50bb4a7a04ba59825f31a0f3e530aef45bba00cd6479efaa19c85edb4734f91fdad6686e50f9cc531fcabce9e8397381b4d691da4a27b7c487e93de3e3a9e769e831c69b07697e4bab470ebff628e710efa17e4c184e0f":104:"2b9ac273c059865fab46f05ae3":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf5f2d843042ab94fc4519d57d9229ea7e8172acf515fab7":"0e20f5a2afffa4a5f9219320716c8a26e35a19c525dddd528e5f5f06f0da082f43272361f07cfdf57423f67ad3cfdda9cf1747c602a93747cc571adfabcc9d1ec1a8128908df45fe0ede0e14ff40169dd1ecbff7f4062ee7be0a1afb370c9d5103132c1fbee9262309cb05ea150fa862d6303af71677d2de9cafdb4ecdab8d5b":"95b06c3ce1a3de73cf51e781b941097a":"765c3fae74b6fa4b6ed4ca7ab9b829d76a7759c50874a38d2ecfddaca2365f7a143c9584e255608be829950393e5f94131caf4caa04aeeeb9d595e39ef3f9830246d6066995b2d40438f7eb0944bd452ab493b422e93a3e0dc3c0fc2a4b83711ac6693f07f035fd9d031242b6ea45beb259dc0203f497a77106392e4da93c285":"f43628a227dc852e0ad931e23548fedfd57020a26638ceb95dc5601827a0691c44209d14113da56e6a1e44c72845e42ebbc7ffbbc1cf18c1d33ca459bf94b1393a4725682f911f933e3fb21f2f8cd1ac48bc5afb6cb853a09e109dadcb740a98e5e7ec875cea90be16bcdfec5f7de176eeeb07a3768b84b091c661f65e2b905e":104:"77964b5ce53209ee5307065d49":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"11cf18bbbc1d8778faf40391c30ca417739ff8e2a521926c":"a2e11ac093ab648118759183cd52ca7d5728ca87fe2f31eca28cfb13325e3e6e95974456857866dda78359023e2c998d2c93c6dfe8f72c6d4ac39ca0585a53fc074bf1124c3ada92e78462a445da23e650bf52e26b782ff50312ee2beb7410e93c8435f7b88dfb0ed63d9a3823992d796bf3ab147c33593c5e6193ef32f7a620":"bdd9a2b70e4ee0cc501feca2a5209c3b":"051c68fe0cd81b52fede137d0105e69c74771b770ea9b573ad92ecae86f420953f459755597f68c29f6fca39a27239faa940ce6c949ccd44c9f12a0160cf74a575753310f52ec5c5bb9c4474b85266494e63b6810ddf7a6abd1cf8244cebbf69d3198c4a09e8dccbc9429f81791f5c02628e9477b988e2bd10f9bd5d6731ad01":"ca899a00654730d68219ca2ed9b23058a5f40150c237143b24245de1e440329e513690f00c0c52bbd0de8074fe5d7a50fe420470249227f967340efeeb64c424881c7f3a20c405d58ea81f2309c7f74ae572b30313e2d4b419fbf5f2cf90c6706a1ae1a800a883e8b00fbbc9dc28bf5aa4a329246bbe94df5c2d4524f57370d9":96:"dd45503cc20493ec61f54f01":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"812481f8982b42b2fb86297c4b7c739652908dc498171c69":"32b27127582ceac21f968f5418e24ec8b84617f4daab0eb007f02d45812e81d486dc50909d79221c438def535b8a55946f50297963139a6b21e139e810d19bc1566b374d080a387a646bb582dc738c44156eb6c8dad613586662418edcbb18fe688d271108318de71734cb571d442e4d9537b0fcb2f5c763b3fbcac010f5c4e1":"0dad658c73c9c88dd927a502d7b14e8b":"af44f747d77a83ef0944f3bac8e835d752bb55772a7fbd3c6af27ca0eaadd122c9af1e2a9f37c2ba42779ed8cde2199125378fc88c7d6d58edc01c65491c5efc6bee58e7e8bf72f1a69d3dba47b38a50077130cbd71accd3dd4f193a53c6f2d1df694476767f79f8b71fd42745ee5bd41e90a7dd50a1597445251b32de303169":"003ae4798f6a0b97990d41373623e528618f9299cebdb0d23e3799f62bb063e5530eef7fc40c06af16965ff6895f675ffb81c004d826cbd36b5eec9bd3d90d785af03b64d12d311b6f90bcd75a40497d0fad5e54f829a097b25f7a9604f6fad475c9239a0f8d5589b8a76c6f7bc852a3b820734b426f59ee845ec3f09dd7d3d1":96:"b80bbc002cbebfb4ec5d48c0":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a6657a7a9ddc6b4595df94d7c6bee9d13ad231cdc46ae5b4":"36857eccb5b3c220265a40980e8949135e840ef270602940d3394f3f679aed55217c1de175f6b48a16f7b394ad7d288bc425762f971b752d1372b369fb1c3a64970c8d18ad6de2e1a9a561a749e3cf9a8524e239f3121e8643bebee471e55fb5d54a3453c51b1747defac98ead8b25854ed1cae7ac44fd28cf4b1ed8988875c1":"68621ea7c6aaf1e86a3b841df9c43aa8":"bc25c38d3a200fc17f620444e404f3b3999f51ed5b860c04186750f55cc53c6423c44d0eee02a83af27d16b9652a7cb3d34a5cb19694e5399a272dacd56c4b17872fd23fdca129a4299b9c87baf209dd1cd1f355088e3f938e6d5053a847b5913f0b9135d6f290e365508bed73c61160a11a2c23aaed7551b32882c79a807230":"de8bb8e69f9ff1322f0a6c30cba5a6fccd7d17a2173a86cff5478ac8ea4ad6f4e99ddd4149e6a9b24865cc8fd6394066e24a556f3f6d48c599592c56f06a946c6b3414e2fb47e14d1f128ef26b385912367f35082099c1f3d4ea86687f19f059c56dac21923e9a151567299416eb311f5bbf9a28968b080b0b200044668f0919":96:"065f6c2b86891c719ea76984":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"20cf8c2c47cd583286157b45b575d4d69c793b4250274fe4":"a64c2131c94fa827c3a510b23b20fb6d04579bc292d2ec33efc9eb31459115da143f73fba9bd8b03b67e591497d108f900a7279542b480bd3a13ea588a29efe66688b52c3fd58598c66d8595888e87b27734e6c5b2796cc60ab2aa3dd06a29c577de5bdbf0b6c69c7034f0181050f286b9300d214f549165a0b5b56ba8e40641":"ab58d2e18eb83c20df94cd6b569c65fe":"93ff6057eaaa9559d87e3276d4d900888cb1f56434ce2677ee1486a0aa8f4e8d02c47d06e6841f3fbe5bd72dd37fa9d81bbef807dca6961910844eb9611419936310d717e1843e7b278f48ae44a57c1f227a75fa8cbc7fd57c8cc3b101e036c8ef3043642c81f381561b61da7c9d79b6da9ec46f7cf093c29c1930b27c14f991":"a3f621261af17ec4756245414280017fd36133f2f9ff89eb8979d4417b8f93892bbf7b08bab785341bf0c7b5e3643f0e33f036633e5ebeae7a750ffdfcfbab690291731e92238ba6b45859b309629224fa7efc72298d3cf1ae3b6a9e94797552afc4e3a46205f9bab7eb64e4a41aee0e45289704a97221b7118d209e0b267a68":64:"ae53564271d5de5d":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a311bf356cb1d1f58eab411b45b8d78b88052f3c8ab821d":"3e915e92f186fde05ad55a2597ceab81495abbaa0be107dbf6a375525d1157a322b1f65460dce0c3aa2bc08fa89f777dac4d2fc3e5f7f20a0d5e33373c7f1c3551369737124c702928726bd9db96a33bacb56f1d645fa02ca1d88629c547c0eaf9585ee23b530ea971bf439c67e3b752af882668ebe0c739b26c837887b9d2be":"0569d05f3825d16aaa89e86812f80628":"28494a12026eb89b46b6139573dcda0836a617e00e25e2daa92f9372d86c3c162cfec34d634ea48294c784825615f41e06e555cf916983931e3d6a7ccbb4448670139616e3bbf7109387a852703b0b9d12c1fbd966f72bf49a7e1461ca714872ccdc59dc775c24a85e9864461123710fd8dcc26815894ee8cf2ca48a4ec73b3b":"9ba776653e8d9d240d9c1ec355027a18731c500928925e7c50ef83c6f36957073a8386ecbfaf430634cd557b1da1bf122f37456fea3e9b58a6e99413d9d16a2f1b40dff843fe16a2fa0219ad5dd8ae4611de53d7aabbef7a87ce402e62276addc7f44e09ae9e62c5cce4ddce5695db987084385ae9a98884ec97e67b549ad440":64:"c669ca821b6ef584":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82fc47638cfb361ecf7924c03925d6006cb99459ef5691e8":"d14a550d419b8e03762429a7abda3b17ad7a1305e5fc639e71538285cd70d78fa30e0c048e2c32d2a7fd7f82c874d63ae922db5a77111b46caefbfe4feef4df19786e5fec6a4df84f76df412b1f06bea149f1996b41b117d00d422bba5566d3af5289ca9377f325ca1e72f7d6a32df6607bde194cf4ac52c28e8aa1e8f1c9a67":"2a8e1cadd2f264f2ad7be9e7bdfa24a2":"8088358d7c3ca8951d7e8cd6cae15844edabccc8d0fcf8f169a48cf434d4814f1d7d9ae410e5581d414f952f52b852eb10fcf0f2a67bea826ea2e28331f0597152e624e148462d5952f10fa363666d57ebfe036695e1e68f79161b991e20c8ae6095232e63fde073c79603135849c62f8d98a1d80608fc081171114db41883f6":"e54cc95e845f4d1b28885e9b90d1d9d3cc51fd9d8fec9bce57de8781a28b4e5b7ab446074e84471d7a9a23748b689c354e402be77f9890a9c52a2eb9022a6a415e01285db1c6eb66d5e15f4216a4f3f45782677b6ccbf20ac7b35bd153f52a599712d09712ef1454ccf72ee48cca967f4917f1aeaeaa6eaaf8493ec7ff2dc1d4":64:"093343e49b70c938":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3180703e1ec93b20d1ac4d64e85d5461d75f783bcd2f4fa":"b7b350db6fc0796e9fd0cb239f561bf7e27b2aa26b8e3e76d8b737caa1c1c5ad624a32f5709e4b751f8c21172d4d0f4ba38ca4d1d0e2570c084cabdd0e8880b35140c84f775c3c301a9b260825e1fd75f9835777d6c0e23d359af1a5f7caef934b91bee521531582b639be2cca87c2991f5525f4a2f64c30a1453013d73c16cf":"916d72d515d3247ba48828d4113bda3b":"1002513035cb1d7e8b2710ff8c93cec55e2e2c2b56000d4c1182b5286736acd2d6f2fc9b82f71156dba6f77463805627e4bc38c96e091ecd945df7e996e7fc3bbfdae3d85ef1337fbce960fd1d60d06962a1669e9e8d20be151f6323cb38ef68ab5e838f02a0f379567f518f15d81b192cb25a42356807c1b9c02bef8309ff44":"d590f2afcd64c574ece12c675f509efdffc01e1404cbafbc923c4b44390eff66dd839e6d800df67bc06f49f76911df3cec36a3a1521762d6d4a8ee602ebefde0178863443f918668fcde8a531f3b5ee0e4c379ecf3e75e7c59f753e41f4e39811bd3e7dd3d6bbaa1e81fdbf8bd976384a6c4505f7e4270321c7329bba7f15506":32:"22e50ed0":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02bc0a8ab5468123009b2c69aaffd0a20a1fb082b55a7ecb":"8bf32af1632a7903f00e801ee6e5c690147c021be6886cf2462b2172786ab296e0feb96648e4a602ae6dc45e2aa60e6610356cde26b1dde3aa114c5449216a467fcde18332a6d482d24a1ee952379340d036a48b63efa092db4c30a95f402d57b9c837183e900b47805f170cfe9e69baea2b939799e983f7470bb1297f937bbf":"bcfc15308e891f32506a50c4ed41bff6":"01bff5e606a536e951213b23672db9074fa8bbf947e815d32cbfe30adc1e736517f86139840a4aa0a671b4e9bbd6a59d292db34cc87742c0dfd2d658ef157734c5fdebb3e5772d4990ad1b2675c23ddf1472e892dafe7bf140d614c50cf937923491662299ab957606f4ca5eed2facdc5c657784bac871fab04d6cd3ccb18332":"b8dff03141832970c925e7ff0038394a0df7f35add3046cc56f73e3eff59e18932aac697456107b6da7da3249049c3be5c098dd730cd4bf68cdf798c3a932b2c51f18d29e4386cbf1b7998a81b603372337784307b0beb59235eba4d3e4810899f6d71a994ba9742aea1875878ccef1bf674ee655a0720bd37e44b33cafe5742":32:"bd0be868":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c07d5ccaadb9e3ba5b5ddf380a7a2a175522b98e31e1d34":"04d3e6bcd5ebf696fe84a702ffd5f76dcbe9679c909b36d41ce6362f229304aeb19896c6376cb3c25081f709af57d36f39f421ecdb70bed9f829558bec6e78823275fc11f9a2d5f773d27136d903ff08e5926338dfdcbc182825794e5f739efc1f0ecda8e53751edbe0d08963471fb5099f2ff31f76b479677bd6d186a409525":"e4db5c6403a03daa703516763052bce0":"b747d97f263d0ff6119df1b5332640d2e4568813adc12ed76175fdfffafd087456748abb267195688d2db41caef301117979dfd2db9714b352398594005bebb449ea20415fcfb2671253f69bf6467ce7f5bce350a834c4586eb03e766c1930e7e6ccf01283ea31b8c73d7967cde0f2a53cc46b1b50c48649044d6f753f1d54b5":"f5faf7bdd99c62ec87f93da2ca3ce31e694df0a0fd04d61914f9a7a4235de20e0a406e297ba1099fff8c14e8fd37a9d6cbe2c5c572c988cb1ff87ffe7825e1947ea3da73b8b3633721fb4e08deb3f8fcae2407d73bd4c07f32b4f9ad0b1364003b11f84037a28239e96c3996874ba8e4ec7270bf0441d648f52f3730d30e3536":32:"e0820c4d":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd01d48789ef7f07f80a7385e4d1b1734903bc6ec768c9f2":"":"944ed7743be9ce370cba7b7c9b7dece2":"":"":128:"dfa0ab389c3a780f598af80200c84da8":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0383849ed0db3e52743aa82fe8cd9173b457755be8bbd46c":"":"c6b8518346ec52c001697b7bd38dc795":"":"":128:"48a1992549b627c8621e8fbaadacb16c":0
AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"936388053ee0116b3f783ae34f000d5fe2c5d712842d46f9":"":"c5426b20c014e472c7b85be2ed0f64c8":"":"":128:"4cf0f6a45f3544e3d391375c8fe176b1":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"40dfcb3151a8dab1cb79a6a1e6a24fb55024d0e256bd4b07":"":"b8495cc54653e7ad74206153ea64c3cb":"":"":120:"1d3786412e0ceb383de3898ef2cffe":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83ca41d8b33c6134a14d8b30b0c36d5b799574dd925f3b8b":"":"fb9aca5b4932035c65b571d170fdf524":"":"":120:"9787f7d68d2648963cb49fd7459121":0
AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"886e646688d573c2dcc8ca229a11b394b3400408dd801503":"":"c0744685722cb87717c76fd09a721dac":"":"":120:"794fe4df0084c21ffeaf959e5b0382":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0b845dc2c4e9e5a94bd3e8969300b16b45d3ad5eadb2e80a":"":"0900b3fa3cc9833d702655d285f904ed":"":"":112:"dc670518e150d326921bd5f43e80":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ac9fac2e32ab44a0774949d53a62c1cda04b132a3b07a211":"":"8cf6a81bfa21633ad95ffc690c737511":"":"":112:"4cd7a6e4f3ec3d41d086e6abf14c":0
AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9f9721ef784980d03140490f760313cc8a56424affb01672":"":"c104bd8482e3fe7359c85e0e94fd4070":"":"":112:"3f682fc71989804ba74bdad04a97":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f7c935f56970678ab89f6d97315a33efae76148263e95f1e":"":"1a91965c5458f4a1fde309cd42a3f277":"":"":104:"ce266c6f0447623a3ef1f6f57c":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30ecea6cac70a9de4f4f7f441d6b9b5608cca39d07c0ded5":"":"361e5cd21c670de39b5f0b2b89437f99":"":"":104:"48a9621522a98bc6c0acf03429":0
AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4fb80c4fd026c3f68ab8fcb8e28e144fdb3ba00d70295ebf":"":"ee552fb94a527d18d285d6c195ca7b2f":"":"":104:"5ec97630ce593e9d560136774c":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c0261023ee9f682789ce9ae970fb7601f07551259ef91945":"":"bffe4af76db75bc4a3d42b57c73c51b6":"":"":96:"bf827b4526da77ab2e21908c":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4fb4ab2071bff4ec239ac05c04800806df2c256a4845b13a":"":"3ee0e2e72eea437e46a873bd659b1c4a":"":"":96:"572d3ec2650ad57eec84fe00":0
AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"193d5ebeb466d3fe68754bba413c65112ae29c5ca5e450c4":"":"04e9d31b3b1205cae37c435d5a5579df":"":"":96:"71004356f266688374437aef":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a455ea1d9a78425a41d43e293e88de40dd6ad9ab2a63ef0":"":"c108c56a1b3261042adc89046ad1ecf8":"":"":64:"213d77ed0534cc20":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d6fff8797db2f1884b7d71e3ef3e5983234a837dbd0c2cd6":"":"6be4417d7c00fe9c731e0932a7037a71":"":"":64:"68b6c28786a017e7":0
AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"86e6c451ea0ecaec9e365bc4831e7a6c092b65ee9bcf1b86":"":"6258168da407ce43cc18d6931497c1f3":"":"":64:"cbf20172e75a6316":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9295cc6458d907da5e7c356a7de51eb8e8d3031f72a05fb7":"":"c7eaad3389fc24a4ef96a711ffbfff9e":"":"":32:"12508e37":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"308b6ee958f81a7fbf3bc386e167459206df9c1cb999d904":"":"2c61b991ce478d9aac818d7aa75ada36":"":"":32:"32ead170":0
AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"873d033773218387690c2871448578d8440ef36553583928":"":"02072ec745c856c6e86873a0523d603a":"":"":32:"e6a5726b":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cfd9c1375dfd19e64b5e4b75022fabaa049627d5238cba3a":"":"0a745c6910b23c78b1b44c02f1ce11b2":"0cc6724b9f3675619fbc70117bfcfb5871e903b0f01382e404793c1dfaff5a5b4131a7fc3041014941dc2c53871bee3ff18c08e9abbb13a8ea220cb89cf65bea1581eb8ac43d148203532dad8854616210ed7f1f9467e6b22071ccc8bb7e3bd89a0ed02a7058401aa4f2b5d0ce050092b650591282e66ee789bbf032dc105503":"":128:"8ec41e9c76e96c031c18621b00c33a13":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6c9f16c5dff4bd8d1855995dcad1c4253759b6e2a833995b":"":"3f25e3210d6d9caa8725eb55c6813cef":"7c6a66d930c95ce1028310cfa3670b77ffeb5e9b627a667859665c1dee8e69930c287fb1f1a3706ed1a0d35eb6d1becb236352a226a5b686bc27e1e1dce4ac6d5974d88b9812b39ba289b2490821319b5fd677da23fab3adbae4fb3630e2571ac887ed951a49051b0cc551e7ebe924c0cbb1c516f71db60e24773430dc34f47b":"":128:"5e000478b55ecb080c1b685f24f255a9":0
AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a8e393e00714cd94de0347351b924ebd555003f3a297493f":"":"9c7eaf730fa8074acd372fdc53b726c0":"ce4cb46e67d85c5e68afe61ddecb1a36da4de42774d45250d0d52b328834385ce1ceba96f703daab81d7a981cd80c469855e14d834df41e4c0c98873f3dbb777fc0562f284c466b701a530f27fc4e6838cecbd162db34b8e8a23131d60d1f9dac6c14d32a2141173f59f057f38af51a89a9c783afd3410de3f2bbd07b90a4eb2":"":128:"66bb46adf7b981f7c7e39cfffc53390f":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd356a8acd12b06de9f63825e93664cab1beae7f4112cc70":"":"72eaf459b8af0f787e91d117931e3cdd":"9295b227be3e1faf4e969be6c7f20d507431cf5da9e2a577c9b31538058472683bd52f0ad3f2fa9f68159c1df88e7dde40d6612f8abb0f11a0078419b34b558d9144ea6596a09e5d5548b275620e5a3096dceb2768d2f77a0b79e0b963387d3016ecc2f155d9182e3209d97c76329b830bb62df195cb2be11223565f496e751a":"":120:"2ff4aecc90e2de9a7d3d15eb314cc8":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80ecc9587bc2cec1ba87ab431c7ed03926169c01eba19729":"":"5a65f279f453572e169db33807d9b52d":"29520d9020efa1ecf514e39a286f398c7225b945608d4b57ec873ae8bfbdd40e4cbd75b9b535c9f171cd7913ed4b21e09d6bb030eaa27ca58b08131817113c852b6cbdf550d94dddfde8595e689470cf92f9c20960b936ac0692171158e54041155482f29e4acae41565d87f5641d1aac96b8cb763b7f1267ccdbce234d067d4":"":120:"83dec0fb36463b86270656681455a0":0
AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"94345293fb7733fea9c8b94be2f4fc26f8c3655f583e2b0e":"":"8bad4f3f289b9f4063ba39622ba2b7ee":"7e2b6520d7a554e612d01f462606c0e6d0181bafece1daf54f4316d707483a5dcd4275a08caecc1c20f3e32872fe3e57fa62d598949f5e49ef0efd53e918617e0a140338c007025493f2e0f8dbe5fca4a57d1db6333551bbca79243a73ae8a68dafb3089998359159df916ee6ba4f928a6a173390f15f2ee6045d578dd757bb1":"":120:"da305181a12517420c6f0d71fd3ee1":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a3915523031c3caa58ce02c2b1e6ee2eb42cdaf31332432c":"":"d5416986beb3131afd6b7967836d243b":"ba4e883147c8f07afc08735e6e439798bec60e00ed3f5982f66d6b82a9af7580934112a9858f83abbd71193190298f0683453d3f8388c475fbbc8f9b6a3d2c77046b73986a54cc4559c57cbb86330267e04bcf5fd583c6d2968a7971da64c99d98623676154b0ee413ba531ebf12fce5e06b4ee0617e43bdaeb408b54d1b4445":"":112:"f273fe664e5190a506da28ea8307":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"799d3ff266644128f330ceb8c028297991b2a5593e4afa3b":"":"9d27061dd9d50817b3086f453f1f401a":"d3b5c420ac597daaac7503cd17f580e94ad779fae0d4199ada2c7da7c4a611228752375647a03241f29f810d3a6a74a140ef9651e4a6099259f7d41ec4e51a02917e8cc35edf7f60ffc473805f56f0ad51fcc767670157c050c3214d36f831a54bfeb7ab2039cb10f7919b89b0f623a572aaed313983b105fdff495d979b8a84":"":112:"e690c9afdecea2494b6cf5a576bd":0
AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7480905cee8be7f42b9490936041a19b060331712882da55":"":"27500a09506e0133c88f65e77721b547":"52832d4118fddf182b21513db25d54a19220335f8676ea35c0941d2a38a3aa536b8c9cbf093de83c6b24da3372baba2826289bb3cac415795b9bd3ea62bb9b48450978e79b936cd70cd551e580a6de3418a2be0f4c1f062954aed6adc94d805e59ff703d239fc2318b80cee45c57f916977b319a9ce884d7e02726fdb71c3287":"":112:"52a5721e98ba1a553d8e550f137c":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"042db3f8af95ad68966bce9ca0297ed41b608683a37457f5":"":"32d3e97edd3f393da5abc3827cae1e67":"4d7c2ee6e024e95a6e684ded9898f5c7fae7da8658bdb40560dac6495e46a691e97c047e66046b55e8cf9b02d31d3caeebe3a9f8aeed756d6b0da1ac5d4ba2c5e7b54add22f681ab1d5a2ac1463e8447e08592e0c2f32605bd02f2f03c925a2159e5bdd880323f4ce18a826a00962ce418dbbd5c276e3ff30f1cbaa4795d1ce5":"":104:"e2afbb95a4944353ed21851f10":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7f5ea90f99fc76594f0f06448321bd4bb5e494a5e351e41b":"":"002a5da3c543ca56dd7e5b013b094f70":"b8150b50e36de85158a96d2096678f31f179c8765ae6ba5723ca655e890528eae96d438f9d9365575dadea3cebb4d7df3a9d5323f93696c40781a6661dd4849531e672f5cee7cdfc529416c9c3faa889d0f66ee4049c949c3c8459680f490bbb0a25e50af54de57d9e3241e0dff72604af55827b9c4d61b7d1a89f551cea2956":"":104:"db9fd90a0be35a29f805989410":0
AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"da287d34379d56f542edb02ea673bac097150f87648a57b9":"":"6696034b1b362927b89ae1b7ab5297d7":"45818b7b69b05a121fe5c573c9903cb11477873b24a544ba919baec78d1565f4ad0766da58bfabfaa17ac3c628238a4d38b5c0b14b52e397bcac991408dd7b322ff614bd697ce2b5b94ca155a4442ddd9e502c4a5f81210c32dff33481f4211897db38f619b308f3708d554bdb6c7b8a4d2a80ccdfd5f70501c83502a312ca8a":"":104:"8e65d86edc071446454a1bef34":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1782ac334cbffc92769a170c3cd43915f735b4423ebb4dc3":"":"736f2f24cd04e26d38e69c55b38cca7a":"5827d391efec2f8f102e5f053ac496e2910248a0eb72e8a0b3bf377c6349df02ab0410a3d28bc27abc7cbe582a03000db57843565e4fb06c4078de75c3f1a21130d55befb7ecb919ad789a4de2816c3a42d4e9b32e38d980c06045987d03739cbe7710d839c42f04f5088072c1a1044c3b89809b780e74e54ec135fbe4129ee0":"":96:"c6dc3c4ae52f3948503d84a4":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"20529c374f21c97b0a8f96f7bd5bdeb3fcd2b12db30b3ee4":"":"e6e45b7c28f7fbcae658acb533614e48":"b41290031906709ec8048f450a940eff0422a6ebc7b44666c05f17aec9debc1bfecce62d896d5df4618517fb57ce7b04ef1579ebb2636da0eead063bc74ec184b0a69ca3eba675fc7107bb52a49f93783608677565205ada7bf5a731441e44cede781120a026cc93cfe06a06fb3104a521c6987f1070823e5a880cbb3a8ecc88":"":96:"e9ec5ad57892ce18babfde73":0
AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5634789b29e373760ecb9952f4b94ca76f40dda57ba363dd":"":"7cd1d2d6beef44a6d6155181dfca3dc6":"0130a67935e2df082a95d0bc6dab17093fb08746a809cc82da7893c97c5efc0065388bb85c9c2986a481cc4bbdeb6e0f62d6cd22b7785a1662c70ca92a796341e90a538fe6e072976d41f2f59787d5a23c24d95a4ca73ce92a1048f0b1c79e454fb446d16587737f7cc335124b0a8fb32205e66b93bc135ad310b35eea0f670e":"":96:"4006685e2d317a1c74ef5024":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f0072110572321ad9804efb5bcbc2ae7b271b1cbb0f4897b":"":"604ed8056666b17fd27b111afd419375":"97f68c00513b2247bc88a331a3ffa1208038736d6761b3b080884a8dd46e0596f2c00c1a93bceeeee814210e57d7f1cbdb4e0c2ea6a0834baf716945af9aa98e2826ae0eb5717b241ede2b9e873f94c1db9eb5e1b25f75827c25849a2c7b92098b54845ed81f52871a2b0d12d317846cec34defaaafc3bd3cc53a6ab812bd250":"":64:"64881eaf78aeaa7d":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e91e8c2d6928bbaf870e141ee34d3a56d00dacc8c7e50514":"":"6f3d661a3e321844d1fc12d5ec2becf6":"fc8e5b45ad1647f9dbdbb6b437abecf0a8ac66065d0e250aa2ae75525455ee13adce8c59d643b96de9002d780db64f1eb9d823c6b9a4238171db26bf5d05153d1e3c839b93495084363b845fed75671ace0c009800454596674217b19832751252f051f3995776a89209c1636b4f4b28a364bccdedb78ad36876745c1a438406":"":64:"1f4f495adfed6c1e":0
AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"138ff9c8c556ffe7637f7602cae428d7e20dff882d44ddc3":"":"38d7005fadee55b5a0434d924d971491":"3facceb047e486998c945839ee5eddd67054bbb28308365b2909dabaed29fd5b7b34644043fa443165e07b20214710cd652fecd816d9273c700d6828d216db8f3ceaa9eed0e251585f4ee5ba4beb3c0582b8128a3ecc01f4b29cab099ba2a8931e56120802fdf6004a6c02e6dd00257a83adc95b3acb270e8000fd2126b8eb83":"":64:"fa8aed1987868388":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1187a34ccb75fc06dafeca0235186c64ba929adac6cf6e49":"":"9dd515d3481f21efbe43198f623b34f7":"8a1b00ea5d1f4e451cea71b3d2fc9bb03b9790a8ae8ae262b3e97ebf34911f9d865c8810b9fe779fff701c72f3639654e60898d1f57eb93381749f0e2cecb4ee342f5f34473215d5c46818338ff688637217fdfa8b7ee552db01973fdb6084c3c20b530863eeb1ce798046890994f5625df2a56042d62742097cc10d512a543a":"":32:"83f45529":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c1052610d05fb77543b6b517eb64b487ed902f9969a420f":"":"90f4c93301371158271a8f46df1c86c9":"83d009a1238f8aa40e36cbddf08a5f3d96403a03f7d079359cd6d3d0c719bf79c908654882919dbc6c27db34007b6732cb344a0f4babd26b1209ce6b134a8d2318f9a38af034b265562097b63794d7efee306e97c6ac0a991b3764ecd936c87000fa58e6689e302f12c2851b1ffc950dad7a553c8c67e01a2270e1e5e9caf30a":"":32:"30b3fd85":0
AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3dc62e54957bdd1968be71b7d205fedaa291349d69f2854f":"":"b8bce0f9263688ca41c4cefb26e79453":"22b6d92d8908bbdbcd0ff35299eddaf0cfb039befa2d2d83c896f373b92091d145f1771c58d60f94d3548d0cbbeabeb796d7632b5da3c66ef75cb41a35e7d1b032ccfbddbb9423e0ee054bd56b6288bdf1b616492c85393e4134ff9c066b23f3f626eac63a5fe191ce61810379c698de62922d3bdbe30697a3e3e78190756c3d":"":32:"67887aeb":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f170a6a761090355592968d67fb3514b8bfdb41cbf121341":"a050f858c87d56dfcba3ac1ccf5ba60628b3ab1b89845682a95b7f291c80f6eb1cbced4fa21e3584e21528746231e7311ec319a0fcecc329e1a7aaed0a8548e613e51db78c86c8d0cefa15e30b745b952809f87d8a4a7bbefc76a8eb824827d4334201bda7743dc497ef5fffa2812e67f2a04e5c10bf464179c6178db932ecd3":"e02ef73aee414041b137dd3cae8f2765":"":"c08c9bccf298c8a352cd72e9174f57dc9bf64d65191a9e97b43ce70afacfe76feb5b2695d72ea4635fa94144de02a54333a77c7d4adcde17c166b303f1d664e6edb081a85433a7496f91ce640f113935cdd4e7ad14c95247506ddc6620913b5c67422f599ca00b95d62a9371e44c5af5295bf96743d0f1228c96e95af3b4d366":128:"d64d9ac91548dc1bad618509633e0c25":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ce5a40618b8bb2d9fc1d87a3333a9cd4945cfa838c8e0c6":"4ad4d103da3fb2ef8adcd1e0e823f4a857f1d6fa6273bb66574033c18ba2f760951ee0fdbe06c5cd3a0a30bd11142450f2d7e71af2fa7b9556b663fc30766508aa24e1fb2219f30ec23a6cd48b58944541d1f3e3fbf596e2ef263bddf789e7a666a68638081f0ec1a6cb3cb7feb0fddbe323b307675324ebceb25cba6d9002d4":"0c4b6c940d091efee98bf27fad79b04e":"":"ad611dd6ebaeb5a634d4bfba9f965948ea79d16294b976b7c8bb57240c5d13e10a9fe7a5b5d39143000b4f24fc331cc4988685c8d6401593a420c12e6cbd7cded06504d6a1034f70153f7b5019084a66ce818761841cab52d5bcb2a579a4acd9df50caf582bc6da2b94d4b3b78922850993ccec560795417016e55cfab651473":128:"317596eefdc011081f1dda6dae748a53":0
AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f71d789a63213bbe17aa14f2956e9da2496a1efd1a63f6a5":"f5bf20dc6a11ce5142ff34d6c4771dbee4e74790c4ccd3cb5af408a5c7bd706bac550d7ed56805f550efc7648ab501fbbc63a1070402626c5788f076ae40e6bef2b9aab9a4bd8550fe38f7cdb0fcca2657ca26f1f729074326f45ae932182905d849b1534d3effe20dbfc3fc26dc6453d6544d481e58891405dbf876d0f254e8":"17327996f18c7096fc5b8e375ed86f47":"":"fed961a497502b2e49043ff29b9426a1e864a7fe0a88281a1572fbe62203f071710ea1d77873906369b195919a7bd5b44cbabab6eee23c3692cb8b9e4db7ee595b8d4b063d209b11d64150c45545b7eda984144e1d336a3bd3f187834bbc6950b3e7cd84895a3a5e27f8394a9aa9b657fba77181c9040b741c12fc40e849ba4b":128:"9dba8faf9d12905970ba0e29bc7e9dc4":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83182ba753ac16554e873281599113b7620bdb042704bce8":"6915d46189fcb0f9ab9b838da2124ce06398d638fec9c1c53f07a43fa0ea09feb2bf868fd1dd521f301f9f38e2e76716038f34cc0d18ab9bf27ac282dc349002427ca774e211027baacb9f6bfad6fd7885a665e508f654bb018f0323215153cd3a5b3e7b83482c08cf07ee5ef91d64a671b3ef22801ff21cfae95d6843ccdc16":"805c6b736d62f69a4c2cd4aa3745a615":"":"76dcefca6305ded697be4488513cc3fd3d9f08f06a7c1a9133b9b3fb0f44badf5c7544881b5babcb873cab912cc8a00337fc36100e6a5ad998eac5d8568795b41166377c5114757044b9b73206d19fc34b6378a06d55b5d5e9498c7693e818dd962af9b9da2345f4ebf152f33fe85f3398a65ad7dec823a1b1155c38cf67df84":120:"746c9972aa8481253d0d54db77398a":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b176e7a68da4c74aeb91760448c0257b1e17101299e1405c":"691c436811f82e747468571f80fa8502ef5f25936fca58a8fb6b619a7a95f4938da558a3b26a2f09c8fc1f5bd347c7724d9fa377d0a52094bfaac88f3fa9b3dacc2f56d880e825809533da5980a63e01d6199fbea07f3d070e29c5d50e1013224f0ea86e7c008e3a2e63df394ef6ad93ea97d73fd4429feee495b144ef3a0d6c":"42e2e70b0096ebd489bfcf4d6ac0f2a4":"":"81f9c34c5b0668fd58ec8822c6ba75bd7eb0d1741260fad6ad5e637903aa29d5f5facaccb4b885f62e10b7371f9b6b43e3aeb69bc5093bcccd49f3ee744e49f87cd2a2c36c808c47e4687194cbfd4faec4da66b99e3d4ced9cb8ac6ffb94d7fef3ae2b92b9f613f2bda3ca6c8efa9c6df8bec998e455f6eb48519e8f8ce4e526":120:"26d0921dbb7987ef4eb428c04a583d":0
AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8bab5bf1cd8f259129ce358cc56ace2bbbbaefa79727f66e":"57385955b9909a0856bf54ad25d00779cd7d3dea78e1ae8965c4b7a568934d15ba1a7b2ab899f69fb1b864bd4d529319b51bf85a9b63de9cd51997ee4b2f015307cc42be9257e1b0a84e1c9e55a370476bff0a5325b21850f5b686a3bd4f1599f36d0772c406047b8ef29245c42ade862cb9d25b1e108db4f33a42dccf45c985":"ca5beea7dac2d9d24d548463977d5956":"":"67deff1accc4f279ec2eb4c2a515c17886371bc4847bdaff4aa70e170775b64855a6fb0d347baf39bb53d7239b7a63ce451effc69e8d8c3e544b77c75170a68cbc45dc96ad238aabeb5ebec159f38089b08dfbbe94e1d3934a95bd70f0b799fd84a8f563d629a5bfbb4eb3d4886b04e7dba5137d9255268dac36cbb5b5c8d35a":120:"f212eaad0e2616a02c1ec475c039e0":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd0e0d0c7907bdb4b4e60510f73d8ab2a30700349206ce22":"e6835a650047033a4940f72029857fae6fff2773f2aa0e4f7cb0a4abe86b6e8cb0c3e468637057f7eb20d1d30723e3c3107d0f579e31a4c3e6fa8133e1b1b51fd21a8aa80ec657c4f674c032bc4a2d3e1389cb877883317c4451ab90692337bd8aa6e9312388a0acddb508fa477cc30eb33a886e8fbced97492c9d3733cf3fc2":"1f183eea676c7ed2ead9a31928f4df5c":"":"9f1a3017d16024dbfea4ba9df5154a6a2c794f00da070043c17f0204f06f637c8fffc760424187dce4fef044faccadefa1b1bd818522915e389d307caa481af0f1f767c38216fa048f621d46880afca5c8fc582853dec95d19d19cc943e9a1861597c99041c59e8bf8e7245f9e30b1f6607843a978d0ae7a4e0f716dabc9d9f6":112:"4ceea20bf9616eb73cac15fe7e2f":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d59c476dcef60a45be253d5cfbb24742de9e3879bdfe6949":"144696d85126c682f8446fcc2724fabe4b8840d46f3de6ae2ceacb2f06a1a80fed430e3a0242f4f7c308611c802c8b8e9c992b78a5cf401fe7a4671bf081f97520919f02b66e8bffd4fe3f4a69cf3d16667e7724890cc4b66c6ae487d2d987bfacec424fdc9865af4474b04cce03fffc828b2df66d99087e63f35eca52abe864":"9bca808f02295477f2aa7f6ac1a7bfe5":"":"9d23989edd8dd9911a3f5a80de051ec7812c6ce018e683751380ff990a079f3502ec0fabfcdacf6c1fb2503094124c39ec531b5d29ee8e4e46c324fc10dbe0f31e9aa56522bcc7085ccf768425227cbab6db4127671a4cab7bc65dc1d3d9d81469493329e29a9a1cb7e5e088e84eb243493cdf1a49b16fc8d4ea2f142aa9ad23":112:"d8b20d72d95a44dfb899bc6aea25":0
AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2f1594e840375405a682dbc1836344be8c6b3f3199ee7fd6":"9bc6b715c65347a383f77000b3efb33b16019d01605159e09c116ded52d20721bcdde3796b6f4dc33cb29ce1c48438e95d4db6102465440cecaa50ca33ebce470d8986663652e069079f9d92ff167b3f7ae568218fc62ff5a7be50b3b987dab4fc7979e5967bb0574de4bc51e774ba05f9780a49ac7b3ea46fdf35804e740812":"7f1f4a80210bcc243877fccd3e7cd42e":"":"773d6901ea64d6840ded9a05a7351c0c74737ad27e7c3dbd38dedcdede94722ae67e88851ee471aefc1f80b29a7312fa2a6f178ef2c9dde729717977e85783e2e49a1fa2e847d830fac181e95fe30077b338b9ac5d2cfa22ff9348a0771054322bc717343b9a686dafda02d6354cf9b53c932da1712b9bb352b2380de3208530":112:"fc3e0ca7de8fb79eb6851b7bca16":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"88a6d441c1b7472aecf92c294f56f3c1da1702d174eff431":"eecc12fbd00c636a7ff897c244593239d2dbca9d1f370660c9bf9759cc41dc6e95075516f8d7fc06fa91ff68701777725171c2dc0767a1953fac13008d77065cce8ee329283d3f64adb8a298aa100c42e75d62e47fbf5134a21b826fcc89ebb18707c0f4d54f6e93220484706a23a737341c601b56f6a28cc8659da56b6b51b1":"058a37eaee052daf7d1cd0e618f69a6c":"":"0f5e889deff370810ed2911f349481dfb34e8a9623abd657a9a2dc14df43dc8917451ddeee5f967af832296b148d6a5d267be4443e54cef2e21c06da74f9a614cf29ead3ca4f267068716a9fd208aefa6a9f4a8a40deee8c9fa7da76a70fcb4e6db8abc566ccdf97688aaad1a889ac505792b5ede95c57422dfec785c5e471b0":104:"5fa75148886e255a4833850d7f":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"abb4c4f8d3c44f07d5a57acba6ccf7852030daa84d09e13a":"24d82903e5074beb9a769f24a99b18c7b53c160a3c3ae4065335bec1c4170aa4c656bd7c87a8a13c0ffc6653c045445bf8a135d25a13b2d44a32c219adc6ea2695fb9e8c65f3c454dc0e2772f4a4ce51ff62ad34064b31b0f664f635de0c46530c966b54e8a081042309afb8cf1f337625fa27c0cc9e628c4ae402cbf57b813a":"c9489a51152eec2f8f1699f733dc98f5":"":"3e5528ab16aed5be8d016fe07f2ff7ac4d393439c4fe0d55437a68967d685815e359fdb8f77d68241940ce7b1947c5a98f515216254ac29977cc2a591fc8e580241442d08facbdbee9a9ff7cfbde7004346772b4607dafb91c8f66f712abee557d3da675bb3130e978a1e692fa75236676b9205341ead5277cc306f05e4eaea0":104:"fecca951ba45f5a7829be8421e":0
AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cbce5e6d0fdcd3ab08ccd86115149b5569584dfadf40256d":"3974339a1b90b19fd3857d812a0e59dcf43f9b0f360839940b99834ddedead79785396ab8fd0fc0e523c06f0555371fd5bc857a95c3ead26536e6deb1faabdc776ac7cfec4b60d9c24b0856ecf381efd98f941d5b2a38108922d9cf1113d1e484354b55f9c0f09d95a77fd30ec9cc04d19199931e187c56fd231f96fce5e1eb4":"ae3a25be73876b6e9dc88573d617653a":"":"4f57be0de00ca2c7c52c54b931c235fecb4ee1e5a30e29bf68f57248bafad87e484cc68465d9f64bbf502cefd2c84e5596c3c8e58a9fb51a8c8b132579a94bc32e92f7c7247dc5f69fda98727c423de5430f01b37d77e3ae6bcd06eaf5625e5c7c9c228b9dca5aad8f571369fe0964731bf1f143f2f709c7ed51641ecfc88ebc":104:"33375e21fd8df9f0196198b4b1":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"96779eaa8699469e2a3bfae8a03fd4bff7abc62d427ff985":"a343fd32fc513e0e9772acbf99feafe9de4b54e404807999b02e921e0914b2d64d0d402ef06f31e1db852899fb6db231ad4465af015b0c16407fa3666ef5c2a6d52d5b4f60b0f7fbcb13574b2aa5183393f3a91b455a85b3ed99d619bc9c5c2dbcc4f0a61a7b03e5ab98a99cee086be408ce394203f02d6d23a1e75df44a4a20":"cd7dca2969872581d51b24af40f22c6f":"":"74422abbde6e4ab674025735874d95d9fe3015620a8f748dbed63ef0e2271063b6c0d65e00d41bcf4ea86ac8b922b4d475f904c0724f0adebc2eef4a3abd0f9efd75408cc054cbd400436e0545e09e6b0bc83a9c7d1c1717589d180c7b1d4fe4ca18bde4d9b6bc98481b7971c7eb81c391ac4dd79cdefeabb5bbc210d914d30c":96:"b0e425435fd2c8a911808ba5":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39bfb4cf533d71c02932e1cd7b800dca9ce9bca843886962":"de76f63ecf9c8d4643599f4dc3f9ed837924915ce4216759013cdb46daa0a508e06bcdb77437b0a58c40a0bd30a05ca41433218c6869f1ecd26318aff27999a2ebbb651de8e03061b8ffe3e14060720eb35a8e4dfd8c870aa4562291e3758cc1ea6c4b0fafcf210e10b31f8521bb0f6b29e8450b0cd6f8c8196ca2f7acb807a3":"d2b937bb5d2ea7d54d2b96826433f297":"":"0b0b4c92f06b17103ed581fb32d46e874fea2a2171d32aac331daa4d6c863f844fbbad72e455cd5a3ef941d8cf667fed5855da6df0ccd0c61d99b2e40a0d697368138be510a2bf2e08a7648850d2410e4a179a6d0193e49a135524092ab1f842ed4057611daaeb93e7aa46e5618b354a1091a9e77fb92a8c3c0e8e017f72deb3":96:"a188107e506c91484e632229":0
AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"41b7d80ae487ac35aa498e5939a0f27baeedf48a494c8e91":"c26d4b918a0c967141fb5712a28698d16640d200b2934187b81ec58486b706ea1caaeb654e5fbbc0d078215aceed7d66939e0fb54d6131d8948cf58ec9571646ca75a051c2b5c98fe16f7733d42e5897b0263272015042f3134143ea3b08bc65292d8d31f30f2ed9830ccbfca2d33d290c28f4dad07c7137a4ca05f432a457c2":"626e1d936b38cf9c4c3a44ee669936ed":"":"8998e799985890d0f7e8b0fc12a8a9c63171e456ef5cb211f836a2dc7c9e3f4d1cd6280f9b0c469b703c55876b57cd1d8cef70dc745e3af8438d878cb2fe9fb1c5b2d9a2d90edf3bc5702ef3630d316574c07b5629f0db1510460af8e537dcf28d9c5b5cec6996eaa3dcde3354e39f60d5d896d8bb92718a758adb5cb9cc17d5":96:"69901cbafe637de5963e7331":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ecce8fb50a28a085af744b44bc0ea59d6bc2c8ff1f2ff8e":"54300bfd55b227b4758cf64d8a3f56cb49b436adb4b927afa8c4b70d2584a6cba425af4fbc3840dd6f2e313f793cbc7aca8219f171c809cf1eb9b4ae8a9d0cf1a7aa203d38d67cf7719ce2248d751e8605548118e5bb9ce364349944a2205e1b77137270b83555d5d804edba2f74400f26d2d0d28eb29d7beb91e80ad66b60be":"b7e43d859697efe6681e8d0c66096d50":"":"45dac078c05e6a2c480543d406c23f3dda63f2b616007d08fbfb075a90eefab8dfbc26d334266f5d72fbc52800cf457f2bbc8062a895f75e86df7b8d87112386c9bad85573431ccfcef6a5e96d717fc37b08673bf4a5eecedf1a8215a8538e1ddb11d31a24cb1497c7b5ba380576acb9d641d71412a675f29d7abd750d84dfd1":64:"2dfe162c577dc410":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6773e627f6c49a1687a3a75d2ee6754ebfc2628bdfceba28":"eb0a64ad510968c68a816550d9fe2eccab3bd8409ab5a685a8638f81b4b50a9a96318bff4e86f7f6e9076960be8eef60e72cee4ea81f3ba269d8ab4c9581a54638421520a6411a83e9dc83b6981a9dcdd9e4a367d57f156d131cf385c01a736b327218e6b6468d317ff78a01f1588c359a3a9b188bbe5d3ffad6b57483a976d0":"ad85becb03a05caa4533b88940ca141a":"":"959658fdff5fd802fca5c5a79d59536ba8ef1359ac7bfff81264c7827bd31b8f02ecb54f309b442a54a5a57c588ace4b49463f030b325880e7e334b43ab6a2fce469907055e548caffa2fe4679edbe291377c16c7096a48aef5659ad37702aed774188cb4426c3b727878755d683ed8c163a98a05f069a0a3c22085600759170":64:"4c0f4621b04b5667":0
AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c086f7404c14160f33d6efde231eda610f92fa55ac147b4":"fc8e5cd81755e489de7e3ddd2b587149ee013bffa2ce198c514641b0e1659261edd60bdbfd873e30e399869748bfe56ba543ceb9bf5fd0e7ba2b4dc175c52f28a8a02b4816f2056648e90faf654368c64f54fd50b41ea7ca199d766728980e2ebd11246c28cfc9a0a1e11cf0df7765819af23c70f920c3efb5e2663949aaa301":"71f154f1dc19bae34b58f3d160bb432a":"":"6d60da2fd060d2aec35faf989d8df33f2413ba14842b0406e38a6a847e191eac9f4570cea647c3988faaa5505ea20f99132df2a8799cf0543e204962da1fd4f60523d7149e0dee77c16590d7e114ac5d8f88fa371dcdd254eccaa8316ee922ba23a0a07b289739413ddffc2c709c391afee9289252ddf3ddb62a4532a5515e35":64:"f47bae6488f038fe":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bae1b3eef91ba79032117c60fb847d46f18175565d0ed10c":"9b71eeccdc91cb5f7a567a9189774f4c30d96477b88ac553df66b78a56e5c9e0986a17d80c811116d31985acfbf9d7a9bed291aa2fb6329457a836b3f8f11c16416f0a3b86dd9c717c8a050c6ceb5c27d8e2ee0dbe63f3e1e4f0aff4809e1f6f6ed64d31d494b7399cfa0dd9446321bd4256a49d0793a10a670e3f086408428e":"cec8b66a657e4bdf693f48ac52e60770":"":"015a318acb6198189ce908ab1af28578a37a48beeed772c6ed4dceb0a3bcb092df85f653234c56a25c075c8e028d4a8d90d974fb0477834ae2de8d5df53d0d03a979450b6e7a66fdc9b11f879ea9072699837f2de7192156f8e5d9411fd83d97d31fe63ece4e4326ff50a24fc75004a5ba2bd4845b29e0794696943dff1e5d6e":32:"9cf6f90a":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c1582240ad301f831902c66334546dd681c12308add0870":"d4b716b49858a23aad478581cbb6dfd015ae550d76497229b5b1776e83f2ded8542675c63ca6a007a204b497ed2ef71ca125d91f386be9b4213cd352a797a5d78a1373f00916bb993de14e1a0af67524acfcc9fd71daa32e5def9a3f2dab5b3bba4d2f9f2cfc5f52768b41157fe79d95229d0611944e8308ec76425a966b21ec":"b6f4f3959914df413b849d559dd43055":"":"79964f8775c78009bca1b218c03056b659e5382e25e43759c8adfa78aec48d70b32ffd56b230fc1ce8c21636a80a8c150e5dbb2bd3f51607d97ed097617963dc6e7653126fe40cb36a7f71051d77e4f3b768a85ee707c45d33cc67473f94c31da3e8b4c21859002331b5f7350e3e8f9806209255ceac7089176e9d6b70abd484":32:"79e5a00b":0
AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fd55a356943824d20630b1539627ad1a9dcd8ee2cb4dbf49":"b8d8d6dd0631f9183ca858033a31dd583d3ee3b9510fcc69d8cd412016bf854b9edcf65c2831e63d72f4cb61a99f6f4e6dab0c2ce9c5a8cdbc179ae93aaca2c8a5b848a15309be9b34e5226aa9a5908f543fdda983fec02e4073edcc3985da5222b53f8c84b9c54c78dd8b2712b59209463595c7552e28f2a45f51cb882c0354":"aa89a122c68e997d0326984fa5bef805":"":"107a9ed561e6c45c375d31dea321c7b4a4b7641024d2c9eef6a103a750ba15e1acacbcae121510b4f56f19d29e6fb3e6fc06950b1daa521528f42284130a40e5a6c1b58b3b28003673511abcf59a4b9df1548a00f769d8681978b632f75e5da2cf21b499a24fbdd4f7efe053d4a1b20b240856d3ae27948e35098aa617def5bd":32:"7f9c886a":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4cddc8f525640fc0a0875c65b788ea75c673f84f4aacaed4":"55e3ccb855c1fd6d33e28d308485fd85abbd8ade1299936996851d44dde063ddc37962f9f67e95df02eaf3d877516240771c469be2abf2ef6c8dcbb79eb1976f825b109f752079957a7c981faa2fcea599cc52e262b84f4c2031821619f0be6fa3c38d660e9eb3e0d5de2da6b83de9866eb3efbc6a2dff27e52587c6f79e1c26":"1b883a89413f62dd6d507cd70c048855":"eeaf21bc317660b0e2afb9cd5bd450ff0bfa6cfa7e49edad600f71b971347e93b9712a6e895540c665a1d8338f61b51da9e0a4a9122409824287ba4bc06bdbba10290a40b31b5eae9dfeb6471f4a0a0c15c52a2c677c4d472630d4078ecf36dc6008faa0235a688ebbe2662e46a49b1dd58cbee82f285f3cdebda1dc54673195":"18d11513661296035f6f42d264e0b4cc7ec47f43b758c6dac95e5e3b3834362eb64447d923e107a60cd66ac359cf3a203f9070eab9fe61ae64a86606c9b50a97a19e12f731de28719fe178c9713edbb4525b221f656a340c867405c41bed3bbcb9c6da5cc6a4d37acd7a55f251a50fa15ea8f9b8955606eaa645c759ef2481e8":128:"dec3edc19fd39f29e67c9e78211c71ce":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3b8c31830b1139a60425f6a34387f5ca2be6f5a5074adf13":"95f4ea90729de0f0b890fdf697948053f656bddf57e3d461e7ee1770161904bb2cbc8c2f801481bb54145af760e91c8b30cb22faa87efcc6f01e3f798af0bd460475754726514d53f419af2f2c373c76f05bf57d3fc1b763f72ba0fd2682d9d1d76f6ce8d55b56fc7ba883fad94f59d502244804bb87bd06f1217a4a6c5055b5":"ab5bf317ad1d6bec9cac8bc520a37b1d":"5a47d7474be6c48fa4bdbb090f4b6da494f153a4c9c8561cae4fe883000b81769b46cd65f4ce34abc3e5c6880a21d12c186974b0c933a16ba33d511e79b5f994c38e383b93eea1259d38f9fb955480792206461dd29d6d3b8ff239ea6788c8e09c15be99f094d2d5980c6c1a8efe0f97f58f7725a972111daeb87d862a90a7d0":"1d0211d7d7bc891e4fba1ba7d47ac5a4f3b7ba49df69fcfde64bf8689b0eab379d2f5567fcff691836601b96c0a3b0ec14c03bc00e9682ef0043071507988cf1453603d2aa3dc9fa490cdb0dd263b12733adb4d68a098e1ccd27c92fe1bb82fa4a94f8a1cc045a975ac368e3224ba8f57800455cc4047901bba6bf67d6e41f94":128:"23681228c722295c480397fc04c848a1":0
AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9c2386b948f59ce651888451021772287f14a92d807d88a8":"44f00c8a7c84e8207ec15a7be0b79c88fa347e2c3d5e8d07234536d86513bc39bebfff02efb9ff27280eb37f7e8a60a426538bc1e3830bca0e76faa33b30719fab51578d15df77893bce8740f50c491b8b9f1739a695c78406b5ee4d56f80d8d564b586b0f22ffa86eca46a9d8134a9507c5b9ad82757ec51b18741abc61f23b":"7a1f7d0be4c7f8869432cb8b13527670":"f76ea9d6e976616689709700a9638204e616f4c1c3a54a27fb0dc852990d81dfd6787aa5a83b9be5087d3f7dfcd522044911fa4186511de1957b80338025c6c4aa72058aa3160047cf42166aa0089e2ec1ac8ea6d9f5f2c057f9f838a72319dbd7bb4948da3bc87fc2036a0e7b5e8cee7f045463152ff80a1711ef1096e75463":"666c4d6d3f1bec49ba936eea90d864e8ecbe0ccc7b23872a4ad7596afaec628a8165a70397289a10c67d62942e1c158f1489a9de44443ac4181e74ebf2562995c9182b57bc960f4b5d3e33fb7cf7a0c32a59c716de23639de9bc430712524d74a087647e27ff1af87a2aa0cf0b58978ad8ed616b566225d3aef2ef460be7393d":128:"53d926af7bbf7fba9798f895d182b09e":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5852b4bbfa623e5e2f83b888f5eb6cbe06b57299e29a518c":"8cc85e520b45a85c69cd80072642ef1500b1e0a409c435d685544a6b96d3224cc40e5fe8a21c4959b2891d4a53bbff03db9939c655e6e92222c6b44c95204827bd800c74666db64907894bc4e3043fab318aa55a011ab9397592ced73f07a06282c22d9a57dd7a37eadb02f59b879b030d0a5005226c461281ce3061bf26de56":"b96f4bda25857c28fdfa42bfe598f11a":"0bfdc1b16eeae85d550a97a20211216a66b496c8c19030a263f896958e4d1decc310b955523e314647edcbe3f69970cda8e07f8b81f9074434fd86b8ec5b3fa8b155377ad28050b50523d3d185e5869bc9651d97c56ec6b8047c20d671f6dc657f4cdf73fd7d3caf4b872f3fb6376eda11b80d99cf0e85c4957607a767642da6":"b148312074ecfc8f118e3800dbd17226d55fc2c91bcbceeae2a7ca3b376f6d568dd7fcb5c0d09ce424868f1544097a0f966d354455e129096ec803a9435bbbf8f16432d30991384b88d14bcad1191b82273157d646f7a98507dc0c95c33d22e0b721c046f1c13545f4ed2df631fd2b8fc4940e10e3e66c0a4af089941a8ad94a":120:"e3f548e24a189dbbfd6ae6b9ee44c2":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2bd897e969ccee405ba9becf24787a1e1be17a571442c6da":"50b8ade5e6547c350c3f43a35a3cb641459c5ef902afc706ce2fb980b275fda62e8974d1577ef65ce9fd854d88caa10295d1045ed7563e9391d60700b5d2a4a7ba5f3de7a7d1541780b95a08eb3f0996d96aac7ee838b67ee869447617684c08566647a4991e31829907ebe4b32cfa46c0433a64f864b8b9316cb0ec2578ccee":"fef6a08d92b5b9bdae4c368fcd0cf9e8":"fb3144ec6d93704d625aa9e95be96351c6e25bccf1eaaaf9a1d405e679efe0f2da07510ab07533295a52cdc1f5a15ef5bec9e72b199625730e1baf5c1482f362f485d74233fbf764d0b6363075cebd676920a0b315d680e899733d6da05d78765db159c4f942a31d115d53f1d89cd948bc99c03adad1eee8adcef7543f9dea39":"e65ed5b6d0f51f8876f483f3d8ab8fed78ab6c2e1cf50693c8511e1cc9823e1030740ac33f05a5aa0d88205bb3071a087655f28eee7d0a07945d25e3dc00221a1dade4170cab9084c47b82376d5d439bed99150811843b176543f7944b1dd9684fa9a52117c2335dda750d9de0d9b3ef718123b6534cb012080f6ef8eda8d4d6":120:"468546d4199b9d923a607a78fa4b40":0
AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12141d5834b8ca48b57e0892b6027c997669dac12fe60411":"cf475b50672fd8cc4ba84d17ab1b733fee2073a584d5427155f144ddd945d4901d5a9d76e3d6ae55ab3f9514861c83bca7d53868f35bdc8606a167ac83591be30ddb954ee173ee172e8d7742a71c0fee04ccd16fb5d54a45820640405209e20f8494f08d791a2a15f5cb848df689296a04e4b01e2c19bd8d9ca8b4525853549a":"b6dcb39939a31df176dcec87eb8db90f":"daf4e0cd0b29343defb65562594b2b6fd3f005e6255500330f77a0550c1cfbade5f5973e836ce7046bc2b2ab8bb7983830ce6ce148d0998116183d1aed320d28adef9ffab48e0f6d6451c98eb83fafc75fb054991d123965dbddcf74a2c01c746bbbc8276b77f6732cf364d8a4a5dbf5aedbbe16793e8c406ba609c90f0e7669":"4c2d979b9c2dc9cbbd6d4ed04094285a44df92e7ebcdee7feccf04c66c45137a7df12110b8af805f5cae9b4a225c3f8dcfd8f401e05c6ce937cbfc5620acdf3a4917c5b857bff76f3d728cf6a82a5b356fb95d144125d53e568b313cef11c11585d310ca0f7f1234090b1b62536885e9e39b969060ad3893e476e88941fe2cdd":120:"99cec94a68d3e2d21e30cb25d03cd2":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"14b9197b7980d95b71ce1a1de6577ce769d6af4cb45f7c8f":"03b37942f12435f1c19dbcff496738207dc92edf1ab6935b564e693da1865da67fb51e8a838559ae1640da441f22ee79787f1e909cf3c32187b41a48fbc595df1c097fb37881b329fd7b30dd1e05d6052fe81edf2e10786acc8aeeb4fac636aac9432c3be3dafb55c76ec85cc13881735609773350b95eedbdb695b2de071a03":"cad0cfa7924e1e5cff90d749cfadf9f8":"283c8a38c7fc9dce071d4ff9ed79002a6862f9718678b435534e43657a94178353b9ec7e5bb877db5e4f62a2ca6bd557562989363c6fdedbd7f0f3eeec5445c41a2a8bc98117a1443ad4d5dd63a07806622cca8ea6f9f6019bd511634db28651b916e2399bbd84b03f8ec696ed5846f30320adef22ae6d164aed09edcfa25027":"83940097301e9867623c107d4447b250bf6db7d06f9e07b8d8bc6b72b079b725ea1f4b5f79bb80c518bc69a2bd73cf3aa7b88162773ac5b27a2dcccecce66e158ec0875937910e0b6f396cc7d7cac5d53b0fddf3cd70b570a647245a5264927be1b2d9c46fbc6a630b21fead46c4f35af1d163268e49a16083590893e6df4671":112:"3e3f677e68208208e5315b681b73":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80e2eaa70362203b7561b135db581cf32e9cd816464f0b2e":"62cc2db32584a8d90f348be32224bfdcefd1fd25c5cb05c7e74becb4b40ea09d6495f73adc1fd23d148c11849bd825efdf15e144587f785770d2aef2788b748c338373a0ea43882141bc9f7c693a291c512cdcdea6d5defb2efa2324736df7fc4b434d7f4d423fb1b8853ec3fdf2c1c2881610a8d81da5de5e761f814ed38e35":"3d7e99ddea0baa45e2f9f2289d2182a3":"71663fab717ec4d9da34d4851437f4504dbd71b65b0d04eccc513282c351925c23892958b4c9dc023c5a34944ef507e0b40857d8b508ab7104d13c2fbfce2d086d466291aaa449ad36977837216a496ff375959afe4dd50dc2620a062c926b939ffdb144a656bc04bcca8d1d4fa0a9cb0a5d713721accef2d2c9688a77bb42bc":"1c56b492f50fc362c5bf70622f817e1814ae0b69db7e3055fc9e690d2adb940f9a78cfd7e08044671913baec663d9f9af6dede42fe16d200e8421d22066009535704b05b3775ac41359d7c2697e2f4bec40df69b242392eb30e2d8a664d84cf95ec21797f1ccddb72926cfdff22848d14e373f5e6c3dd349196464c98dc38365":112:"e0c1b140cd7bc4ded916aab8780e":0
AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b7aa649cb1488a658b4387451bf59852e845ec7d2273c69":"245251595d10d719d8d00610d391735fad377b60d7430c7db488488c1ec25c12ee0dee3aac3d7dc19aa602924a1f27a2cfa8f6354315db93b5e4d2b6e8402c4254921e683ca681dfb3c7f433a97f119e01f2acb20988dced8494e086395351f2af356b11832472cbcb109c13ff92f10a4c8fe69bd264c8933cded19a980bdbd2":"07b50b1aacdadeb03e7488458db03aaf":"2a7970ee97d612b63d2a0c29e5045ddfc6621c237bc270b3147fc0191de199b6923947e3bd3750de5155e1df29caf96ac702f948c38619e218138945595156cc5f1dcfde0d1d6a5aec48ff37c9ff2b2209a904c59593779820ea68ad95898c7ca0d0d81583c44feb0fec30665cc56620a8c9408e4275e60f5284ed7c0e58285d":"6bd53e4415765f387239c6664f837371b39f6d7ff22453211e91de5dd14272784fffb4f6b2c0bb8c6b7d1cafc55133aa0d54d410ae383008fdd87645655062322fbaa06df0a2d7ccf4cc170d1f98ec6a7ad524a3e5b07761f8ae53c9c8297faa5b5621c3854643e0085410daf5bf6c7e1f92bbbfc3691eeff1c5241d2307bbc2":112:"78d37215234f9a32571d0d8b1e51":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"512bbb490d062fe5ecc8e5ad95920a9e9b78bec6a7694dc2":"862f2724ad82a53e0574c0a2a0515bd86c5ed0b5ae92278a78ea1a90c03059d08a91d1a46678aef862b56d0320e970b7f941b784841b4d8a38d056f2bd352d48c0028086a36426bbc1436da9e021dcac705b6e03649b426cebd7a235f6d060ab6302d777fc9316db4a85e8c1387648a8f5ce2398a247413cb9374124449e498d":"2d14fb3e058f97b7c9e9edd1d97cac7e":"290078e63c81abfe99010b8344ff1a03dac095e2473d7a31888102e838768892e8216439dc3355aedd073892f4449d9d4d3ea6c25a9152c329d24cc73eaa0004832691740e60f17581201c8f7f4023d8e55faa3942ad725d21dade4c03c790b5370d4cad3923527c20ca925a2ce534a652ed7e032cb1c7906aebbdc24e6b39a4":"44e78cf3a2ce4a5e498315cb8d5e841f926408921f3665d533caebe0a7fa6c164b3d2c0b21ff3a608a7194e3194fda165ada8d5fc2e924316aa4ce201531b857877c5519f875eb49e5908d8d81b69472d03d08c785ee374c5fe91b16aee173761af7ff244571fd40aadabb360f38d301463e9da8cf8dc44d20848688ab3be47b":104:"6037cb18f8478630bc9d8090e2":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3964ee03ec5e500f2f8c05313b78615420183fe2950be32":"b9424e4a79a08a7937da1da15061c1eb9a873748691ec9c1fc76aaa164bd34873d07437d203c92c0e89c0c5befedfbb17f721f576473253617547206fb2b340945536cd7a049864d099419cf3f7a9154c0ac8d676b0e9ec02947caa4057560af347ddb46002703f3531f27b2197790ba135e3d3c0709c86f4781890deb50f3ba":"d3d4e5fdf6e36ac75b4d51c47ce5b8f9":"6146a97a2a1c709458bef5049088fdf339e4fe29cbdf519c93d525b71c9fb501c4b58bef49d43cc7699b18fc89cee1a4a45834f517214a77fb3b91d741977308e1585c474245802118d0e2c7003057c4a19752a143195ec2a57102cb2a127d2dbefe1168492e072e74c5f6ee102a0c371b1fe2ddfd8ecbc04c6f42befecd7d46":"a2ae334bac969072e754c0e37765ca6253744941a35587bb4feda54233a7a59f037e971d254c67948b16e4c35f306c0984f00465399405ce701ba554419a736cdff5a1b4ae5ab05e625c91651f74aa64c96ab628243d31021ad56f535eae33a885b45730268f900b6df0aff18a433e2823ddb0628a7026b86b3835160e5121b0":104:"817be7dcf7adef064161b6c42d":0
AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a8049f521fe9a00f7bf566369e540a48ab59d83305e2829":"67243a336a10b82a0a8638b35dc147c14ac63b20977922a13de459ae2cfbdb262a79004c3a656dfbc073ec8878595e24998dc44b9435439af117c9635c479676f6edb8f522cf01571be5aa5b5bc7d1cc3264436566f8d3c684973d1e88d46282b53836a1ab5a698560e5bf7629ec12cb141867f684b369546a1d8bf48315b6c7":"e4d81f71e1de8cf4689bfe66a4647f15":"4cf6733482c218af832e99970d0717ac942ebace0fed4ce4dfa1f710b9e131a21cc03dd3ced25b78bccd1991a30bb53b463c1440b6543b19af91e31c18866c2acebb78c2a340b930518e61a63ff8d6a6e8e7960523de40a178614dad4ce5ab253e1090a097f8ec00dfeecb46aa0e8f772f01c4e706de7e824386a13944600542":"cfa8ba247ada9e6b3e5ab7dd0a7108574cc811c2986cad951168559ff697b77684880ec266f0b7d87a2ff559e368a85846becee312bb2991692d928a7c191cfdb7f1468f8b84be4bb592ea640743443bd4941a8b856c57be21eb22fcb3f6c0a80728ddc9dc5fab1c77dfceb91699009054c5a4eb0714a10b74cf0e09fa630299":104:"1dcee251cda10b2ea8f2bfe6a0":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"657567a56e585c84e4033268f08f712aa280015b77cd657f":"96d889651c4f3f5120bee233f6395fa0bbba1f6548b109be568ff96f11d24e34d67beb6c20268feba89240674b0b4552d0a6455d43e8edf943da3d8d785a5221df8ddb3a98d2fc611ac7362aef71f8f004eb455a16d1dcac488ee83d4f11c4a00c29d9990c5a2a97b897d67e51faa40999b1e510ac62fa4859123cdb37d202ae":"94dc757b6bdbfe925b762923cd0a08ed":"a2c54e8da7dca49c73550bd1f5e68449295f062d5dfe5aa4201bdf353a2a1ac9c3c61f2b5482184cef481fa378a1ea990ce203c2c7d76993c62b415ece06b9b7caacec0c4147c0cbf292e528d97c1a176fcb1ca6147cfa4bcce92cbdfe617738a92273282c7a65fcb997bceb867ce01ec74541582d3961dddf3a2af21cad3ce6":"55a5d07a77fc37090c4206f19483aa3cc03815194ded71c2b2806ad9563edfebfcf962806ba829373947e3e93f4f39794514ad7b6dbc626e29fbc35f90f573da33ab6afb5c94383fd0fdd1ee074d650d192f6d08fbd1e24a6966a81a2ffd83fab644ee914952de77e9427262314ac47c11a44bf7d2890f9b9980499bb6a1f692":96:"41c72043f6116ee6f7c11986":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61159242d48c2ca0c30377ec2ad701135adb62d113c9f9ba":"8ae40603f6cdae4b63ac7b18b4bcbb83c65867c2ae270102efb6f00aa8af5d0400dc95085910a50a16cbcf71f06c3f3eab71345d59c6054aaac02971111c7146add8c072158e0b374d481bb540036a136ccb91523f96f24ea237940ab011ad38f2a3095c0785df91604be1fe7734cc4119b27aa784875d0a251c678900334a0b":"4fda7236bd6ebe0b316feeea31cb5ebc":"ed28e9954634ec2c9e2df493062abf3ea3e199299053a15ce8d6fe051d1076287e4e7c0b2bab0a599b763a29d0aab680626f280c4f5ad94b7792d9af532681f6e4eb2672781f2342304daff902d03b396853eaf585af4d3bf5078d064e9eea6e94e667722f15c004f4cf52253a5c65b75319b07ba539558d8a2b552390a21577":"dba251e35422f60f902f594bb58dce37131e8ae06b5f40ad23c4a70a5e25fe24c76982c9bc11a7f4e3cc62d8c1326170432633eba1634972a9bcd093b08e1c63ece07c4be79cadc888b0408e40c09636e1cf1e5e9a6f2ea44eea5409a2ffe9c3ac9a18ad7aa9041f08eb109c01ed90732a8afe0694319ef98a0269685b4d16b1":96:"b0feebfc8324fd1e9e40f7f0":0
AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5b4c37150f8bf0e14e0bfd37ac14e606dd273577007f24b4":"48c6486b2691b86f5f107e8fe0122a821248206d2dd3ce898a2bb3772202ffe97292852bc61513529ad95faf6383b5f6c5a7c16c4cbe33cb02e5e50f32db95ee2962aae1c9c0f5470b3baa216cc19be5ab86b53316beef14397effb8afba5b5159074e26bf5dd3b700f4ea5abd43e93ca18494e1779b8c48fcd51f46664dd262":"664f553a14dcd4dcba42f06e10b186aa":"4386e28ebd16d8276c6e84e1d7a3d9f1283e12cb177478ab46acb256b71df5a2da868134ed72ef43f73e8226df1f34e350b7f936bd43caff84a317b1e5b2e9a2b92ccab1e3e817f93222dd1e2cf870d45a8458e57948a649360c6e2439bbcc682383b50bcd3d8b000592c3ca599e598a03b9953af485f1ecc22501dcacb7110e":"05fdbb5ad403d64011e15d27cd6f5a2247e018e479e58ad3fee1e0e8ddd9e114c0e82f2c947ff9af525ce752f4aea959463899542b85c9b413d065ea175103c3b3c35f56eea52af2c54ec08a1d5b7cd5ee4f59de8be86512b770e42ab176b6b70ccbcd264d6d5cfdd2e52e618dc24251ac339ea38cdc446c778d2db3c7c3e93d":96:"77f32401db21adb775e7f1d0":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"531a380b109098eafd997bd25bfde4868d2a1ca781795e9a":"466237db78d4c770a658b9693420a2e087c978fcc434c9ac82f3e2447b2fa08be32d2ce6da25846555ffe5764234b07b35dd1d1bcb710e8a49f918f2c873681f32765b092a836e9418faba61dc59a254c923159be16f585e526616fedd3acfe2748ce19ee03868ea9836bee2c6acb1b821e231eb2d30d300387c93390d51e3a5":"ad079d0b958f09732aaa2158f6215573":"09e002c2c48beaf1122411e8624522a9e90cc3f2a040c52ffcb91136519277c39fd6a79292b8835e0fbcaef2279218106aaf75036590f8a46f6b6912053a3b391849f7e204f096288d6141d5f80c7f91dd2f2b6ebc1ced6af8216e0a594814b56bd592df800299b29e26ed7461ba3f6f3cf151b9c10ad634a01d9c5e578aa372":"d1f49f94e6fbef7e21abad23e16c06fcdfa75a8c342be67baea8e0e57dbcd2971276e993faa124ac81e6be18f68af303518efd926513cee9dbcc5ef6cf5e9c068a1210e53fdd56776148d51597e359dbaa0570b4fe15476ccc9aa79f7c765755b6f694af4269b9e18fc62a0d47708bca67dcf080e200718c22bac256f641e7a2":64:"01ec395c99a17db6":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbd7a92120ff973ec69b6a8189c6ea827ca20743a8781518":"1583c1578a8c8d272a970f05d875f199e497c55f03f10f7bc934fee21c30379dad3c580b3f99304a5747b61fd43428506439ede2c57f5229e13da9cb7cd6174cccbb397e98fb90455ccf3ea3b1304f432a070a2eb5205ed863326b3b86d4eb7f54ee2ffcd50ed6ef01b3ee216c53f4f2659a88fb6343396b2ded0b389c6266c5":"57658c71b2c45f6ae2d1b6775a9731cf":"45ca8a168ecca7a42847b779ef152766b902192db621d2770b56c7d592207afaf52d19a6059feb76e96b90628995bd6517af3f114e97af8d602a493b77405e93095fee6761877dc292fab696a4303102dece60951cca20cacb171abdcfd0ef6da6c90b44edba63b9b6087d876b3fff24dea909899ebd0d0371c424f51a9a84b8":"58a290cf0e774293d1b55f5ef8a305f68605c0c81668b8a1ba95fceeaa65229404e18fa54dd811a6af085c98b8854d0f956adc2aaad742cafa9ed53d7cb445451ee7a4dc1e8399ec7e5b4d004ecd22496565bf444b2e3d82ddf6a6d5e6256c5095a699d7ff3f8cf2addec73e21013ee6f3dfc0a3abf316ea5ee1d6943bc394e1":64:"af737ec3512da2b4":0
AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54bfc8379e0a8180b931c5188c95ab3ed3461d6e9004d182":"93327664eb576bbb64e4ff061874346b4e80a779cdeb1fbe630bf5e4307d4f2c5d5ecc94aa8bdea755c1af165fc8925bfcdf128c1ee6571e9f8344b22dfc90ed893316031661a9438b305396f3a80452c9b11924163b7fc4422b00dc58ee0e674710239975a2cf3253bf2601cd155e09547a5f3be1adda84a4b29631a8e13161":"9d15df8de4150f44d342f2031de3611c":"63331936d2972abd44c1c9f62e42bfa932dff8cc75d9f555f5a7847d08558e76f5393e08909760edbef8d2922a7ca8e1c0c505ca627c02af73253791bb35ff080b4db7dddf4c8b304999ff645227cd79f13ac87f9c963b93a79a0e946e5781cdbf1b4b1967a75314f19c7219e3b69dc2c24ba09fbbdf7184278f82818bdd0958":"18ff87dccbc24c396190c7b37c4a77f86e609db7fb2b326802714d0f196b00b84af887f1b3bd30ee0b0b192d0801ac4e59ac40e5c652b3da32aa024da3acf648da0253674c391d260c0674853c7821861059772c9a7f2775a7ef77d1d31a6ec1c51c5f3089bb516f8cf52d5a15724281086abd92a74d255b7cc84b5051be4e5b":64:"bf0f7f8084e79da5":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"21b775ef8c40a5387d6c8eda4e90d0a00c795681a2887dfc":"6346f84301d6d83e1c5bad44fa7e0821f35723713ee8d4a9e2bf15abf953425b09bd77b2360f4e62e82bf9e14e2b56be51d032aa8a96e894f19f3e84630f9eae831b329f7638b09de7210cd29778059ef1d0bc039c1e10405f3ae5e4ca33216adcfc21869d9f825344d62b50bab03f7aa7b92fdb94951a68acd01f1dee75e428":"9763e6187d4b96b1801d1f6efe7e80a5":"3bd523c16a0022b780ae8318a28f001502120bb26e2f65f4fe94019686f9d1df330e70cef1b2ba4b6ce1f7ef37750f47e602843cbc5f13ff2ceadc5091eb3601604b70bd4acad3d61950b9dd2cbfd83a391223c8e09fddd4020c0f8a8a7057139fd92f3bbe034f03cc48afdde064c8b13ea942ec0d621db959ec9d5fa95afe45":"f25408848bc27ab087b3ea053762837a534c3702dd8be01d79f075f61d76ac1d6557d392e1fab475cc7d13a5f6be6f0718bad71c3c85b5996bd3c0159e264930988e3ed506bcc94fabecfb58caaf56e2e4315bb50817cba765636d1faa91147b3880815eeb90d0934180e49132833abfa6279247d9dd4048dff851e9a551ee1c":32:"d1fb9aed":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a7d8197d9ceebd8e3f6b3bfb74877ccf649ac91d7057af5":"37b01df357561f5aa43b5b4b0081148213f7b74babc80f4b3c6dd78ad17687f11443cd4a57f8d7a74ca3080e2a229f78d8e6db276c1142d5f4ee764eaf09cfd70c596d7a2cad5360c2de20d5e17ec6e06a9b049bb10f8742a30a94270cc6d7709b2f09f3cb8347e41117b7ddb99e4a939f3094c016330a8f170ccccb9d3651fb":"db5144951a9f1721397b7321713a723e":"ad72fa5a05adc40fb38245da019cbf50958ccfe26abf67dfdd49f4c4af6bda8bfc99d557913b2634c5c65d33ca909360adf598b703db1dbcc29481b17ca42fce3315ea1454693b5843e751fafd78158fc040c1cbe607063ba9c0ac02ae4b88989e3cc63adda8427032c70560349e1a8ec847906a9a7b0422a694a1f9eb2b3b72":"6985ec525cfe869e1709751eb6f1ff0aabcb39ae3aa708adc452ce1a8cad8ab4f1739f660b2841566f1f5c9e15e846de7f86ca1dc085188fcaa4a3f839ab2a5f0cfd36e36965ae519fe14f98899ccb07a3ca15ec705e3160df6dbc37ab89c882012eefe51e4da8d6d6b84b3144ca87a90864ff5390abfb92992e44c46807b3c8":32:"c51604f5":0
AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"713358e746dd84ab27b8adb3b17ea59cd75fa6cb0c13d1a8":"35b8b655efdf2d09f5ed0233c9eeb0b6f85e513834848cd594dba3c6e64f78e7af4a7a6d53bba7b43764334d6373360ae3b73b1e765978dffa7dbd805fda7825b8e317e8d3f1314aa97f877be815439c5da845028d1686283735aefac79cdb9e02ec3590091cb507089b9174cd9a6111f446feead91f19b80fd222fc6299fd1c":"26ed909f5851961dd57fa950b437e17c":"c9469ad408764cb7d417f800d3d84f03080cee9bbd53f652763accde5fba13a53a12d990094d587345da2cdc99357b9afd63945ca07b760a2c2d4948dbadb1312670ccde87655a6a68edb5982d2fcf733bb4101d38cdb1a4942a5d410f4c45f5ddf00889bc1fe5ec69b40ae8aaee60ee97bea096eeef0ea71736efdb0d8a5ec9":"cc3f9983e1d673ec2c86ae4c1e1b04e30f9f395f67c36838e15ce825b05d37e9cd40041470224da345aa2da5dfb3e0c561dd05ba7984a1332541d58e8f9160e7e8457e717bab203de3161a72b7aedfa53616b16ca77fd28d566fbf7431be559caa1a129b2f29b9c5bbf3eaba594d6650c62907eb28e176f27c3be7a3aa24cef6":32:"5be7611b":0
AES-GCM Bad IV (AES-192,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
AES-GCM Selftest
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_selftest:
diff --git a/tests/suites/test_suite_gcm.aes256_de.data b/tests/suites/test_suite_gcm.aes256_de.data
index 2777a27..8361c60 100644
--- a/tests/suites/test_suite_gcm.aes256_de.data
+++ b/tests/suites/test_suite_gcm.aes256_de.data
@@ -1,679 +1,679 @@
AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"":"3a0324d63a70400490c92e7604a3ba97":"":128:"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"":"7156358b203a44ef173706fdc81900f8":"":128:"9687fb231c4742a74d6bf78c62b8ac53":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"":"4fe6ace582c4e26ce71ee7f756fb7a88":"":128:"d5bdf8ec2896acafb7022708d74646c7":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"":"404efd26b665c97ea75437892cf676b6":"":120:"e491075851eec28c723159cc1b2c76":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"":"4037eadb11249884b6b38b5525ba2df4":"":120:"360c6ef41cbd9cd4a4e649712d2930":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"":"cebbce06a88852d3bb2978dbe2b5995a":"":120:"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"":"008d040fbd7342464209f330cf56722c":"":112:"c87107585751e666bedae2b1b7e8":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"":"947c5f0432723f2d7b560eca90842df1":"":112:"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"":"51f639467083377795111d44f7d16592":"":112:"02d31f29e15f60ae3bee1ad7ea65":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"":"aea6f8690f865bca9f77a5ff843d2365":"":104:"7f2280776d6cd6802b3c85083c":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":104:"ea01723a22838ed65ceb80b1cf":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"":"ae07f8c7ac82c4f4c086e04a20db12bc":"":104:"1132e4fff06db51ff135ed9ced":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"":"929b006eb30d69b49a7f52392d7d3f11":"":96:"33940d330f7c019a57b74f2d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"":"e34b19381f05693f7606ce043626664d":"":96:"2adc2c45947bfa7faa5c464a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"":"a56f27709e670b85e5917d5c1d5b0cc2":"":96:"177b9a5e6d9731419dd33c5c":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":64:"fe82300adffd8c17":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"":"1bd9ea6186450f9cd253ccfed2812b1c":"":64:"35214bbc510430e3":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"":"728cb9608b67a489a382aa677b1f4f5b":"":64:"e2ef5d9cc5791c01":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":32:"0fe57572":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"":"7b722fdd43cff20832812f9baf2d6791":"":32:"72dea6cc":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"":"729baa4c0ef75ed8aae746376b39fe3c":"":32:"2a0d607c":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":128:"c595b9d99414891228c9fa5edb5fcce3":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":128:"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":128:"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":120:"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":120:"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":120:"e3645db0c600dba52044efcecfc331":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":112:"c25fc157c3f2474885e2eea48aea":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":112:"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":112:"3bcb5c2a4261d75bfa106fb25ee1":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":104:"0e463806ff34e206f703dd96b3":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":104:"3f0ccc134091e0c0425887b1b9":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":104:"888b836c9111073924a9b43069":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":96:"b6044c4d7f59491f68b2c61e":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":96:"5c5683e587baf2bd32de3df5":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":96:"52e10495105799ead991547b":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":64:"6ff8fd87e5a31eb6":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":64:"49aaa806cb2eeadd":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":64:"a5b71ecf845b25d0":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":32:"e9cdbc52":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":32:"e35dbac8":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":32:"e7a37f15":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"2fc1afc1395d8409919248709f468496":"":128:"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"c571ce0e911de5d883dc4a0787483235":"":128:"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"275393276745bc43bae4af1e5d43a31e":"":128:"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"47f5264f7a5b65b671892a05fa556f63":"":120:"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":120:"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"4e022d8d86efbd347e8cbab7e979771f":"":120:"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"7c0f49fb54f5e68c84e81add009284e6":"":112:"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"5cea906737518c2cb901016e30206276":"":112:"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"387ee8c1e7f047e94d06d0322eec02fc":"":112:"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"d2b277f78e98f1fa16f977ce72ee22a7":"":104:"4c81c044101f458fdfac9ca3b9":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"94886a1845aebba5ed6b86f580be47f9":"":104:"4be34ff42085ef4443c8b6042d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"e5ca84b907ac761a5e68a9080da0a88a":"":104:"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"fa549b33b5a43d85f012929a4816297a":"":96:"afa61e843cee615c97de42a7":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"2f8512bb7e214db774a217a4615139e1":"":96:"f1da1cebe00d80eb4e025feb":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"3da9af3567d70553ca3a9636f0b26470":"":96:"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"b957f05921d21f2192f587768dc12b4f":"":64:"322374fbb192abbc":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"31bd7c971a6d330b566567ab19590545":"":64:"efc5a1acf433aaa3":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"2f9c0647a4af7f61ced45f28d45c43f1":"":64:"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"69d81c73008a6827a692fa636fbab8bb":"":32:"be2dda5c":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"e119e166471ecf44bc3a070639619931":"":32:"b2f54b3a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"cf296aa43cb7b328e09c8975e067404e":"":32:"56015c1e":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":128:"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":128:"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":128:"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":120:"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":120:"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":120:"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":112:"993fc8e7176557ee9eb8dd944691":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":112:"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":112:"92282b022e393924ab9c65b258c2":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":104:"6154c6799ad7cdc2d89801943a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":104:"1d6cd4ab3914e109f22668867f":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":104:"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":96:"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":96:"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":96:"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":64:"d8bd7d8773893519":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":64:"74110471ccd75912":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":64:"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":32:"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":32:"30298885":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":32:"1997daa9":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"":"7f8368254955e1b6d55b5c64458f3e66":"":128:"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"":"274367f31ec16601fe87a8e35b7a22dd":"":128:"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"":"796efaff4f172bef78453d36a237cd36":"":128:"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"":"45e6b23f8b3feefd4b0ea06880b2c324":"":120:"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"":"548c9c8fcc16416a9d2b35c29f0dacb3":"":120:"3aa21f221266e7773eeba4440d1d01":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"":"a5129e2530f47bcad42fc5774ee09fe7":"":120:"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":112:"55952a01eee29d8a1734bbdf3f8f":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"":"6404b111c6289eefa0d88ed6117bb730":"":112:"637f82e592831531a8e877adfc2c":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"":"3b87b08337a82272b192bd067e3245ec":"":112:"1f2dda372f20ffddd9dd4810e05f":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"":"58e70095c6f3a0cda2cdc7775e2f383d":"":104:"1763573f7dab8b46bc177e6147":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"":"d565c9cdfb5d0a25c4083b51729626bd":"":104:"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":104:"ea7b52490943380ccc902ca5ae":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"":"c993c1802df0f075ce92963eb9bff9bd":"":96:"edfab013213591beb53e6419":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"":"8f7e1621c2227839da4ea60548290ffa":"":96:"f9da62f59c080160ec30b43d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"":"05d363b2452beff4b47afb052ac3c973":"":96:"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"":"774f4e70a7577b5101c0c3d019655d3e":"":64:"98ff89a8e28c03fd":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"":"99f25cebd6cfa7f41390b42df6a65f48":"":64:"8e14a0a4853a156a":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"":"c1beff1ff6cdd62339aa21149c4da1e6":"":64:"f998d7c08d609b3a":"":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"":"88126c350dfc079c569210ee44a0e31a":"":32:"f2ebe5e4":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"":"af29fdb96f726c76f76c473c873b9e08":"":32:"13fd6dfd":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"":"1552604763453b48a57cea1aed8113f4":"":32:"660c5175":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":128:"6b4b1a84f49befe3897d59ce85598a9f":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":128:"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":128:"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":120:"2e080ba16011e22a779da1922345c2":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":120:"83de3f521fcfdaff902386f359e683":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":120:"cd4542b26094a1c8e058648874f06f":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":112:"96ca402b16b0f2cd0cdff77935d3":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":112:"8233588fca3ad1698d07b25fa3c4":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":112:"477b0a884d788d1905646bd66084":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":104:"0cb67cec1820339fa0552702dd":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":104:"08d7cc52d1637db2a43c399310":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":104:"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":96:"99230019630647aedebbb24b":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":96:"9553b583d4f9a1a8946fe053":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":96:"44b95a37fab232c2efb11231":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":64:"072d4118e70cd5ab":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":64:"1bcea0ac2c1a0c73":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":64:"faa5c13d899f17ea":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":32:"a3958500":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":32:"50fd1798":"":"":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":32:"07764143":"":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"5714732145470da1c42452e10cd274b5":"":128:"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"a714e51e43aecfe2fda8f824ea1dc4b7":"":128:"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"91d55cfdcdcd7d735d48100ff82227c3":"":128:"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"19788b2e0bd757947596676436e22df1":"":120:"f26a20bea561004267a0bfbf01674e":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"c6b26117d9dbd80c1c242ad41abe2acc":"":120:"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"0db3ade15cb0dea98a47d1377e034d63":"":120:"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"83f98eec51ee4cae4cb7fe28b64d1355":"":112:"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"2bc0847d46f3d1064bbf8fe8567f54a2":"":112:"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"b9194a4d42b139f04c29178467955f1d":"":112:"05949d591793ca52e679bfdf64f3":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"6a5335901284dd3b64dc4a7f810bab96":"":104:"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"fcb962c39e4850efc8ffd43d9cd960a6":"":104:"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"b4d9248bb500e40de99ca2a13e743f1c":"":104:"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"160c50c0621c03fd1572df6ba49f0d1e":"":96:"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"04885a5846f5f75a760193de7f07853c":"":96:"0c13506ed9f082dd08434342":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"0a93b883cbd42998ae2e39aab342cb28":"":96:"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"e20957a49a27e247d00379850f934d6c":"":64:"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"d533c2170c5dc203512c81c34eff4077":"":64:"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"2e2b31214d61276a54daf2ccb98baa36":"":64:"5266e9c67c252164":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"a8339ba505a14786ad05edfe8cebb8d0":"":32:"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"4f23f04904de76d6decd4bd380ff56b1":"":32:"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"531248afdaaf1b86cf34d2394900afd9":"":32:"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":128:"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":128:"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":128:"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":120:"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":120:"7b334d7af54b916821f6136e977a1f":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":120:"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":112:"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":112:"e3ede170386e76321a575c095966":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":112:"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":104:"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":104:"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":104:"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":96:"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":96:"bea660e963b08fc657741bc8":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":96:"7859f047f32b51833333accf":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":64:"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":64:"2111d55d96a4d84d":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":64:"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":32:"b1ece9fb":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":32:"cb3f5338":"FAIL":"":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":32:"3105dddb":"FAIL":"":0
AES-GCM Bad IV (AES-256,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
AES-GCM Selftest
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_selftest:
diff --git a/tests/suites/test_suite_gcm.aes256_en.data b/tests/suites/test_suite_gcm.aes256_en.data
index e2d34ab..c0f33cb 100644
--- a/tests/suites/test_suite_gcm.aes256_en.data
+++ b/tests/suites/test_suite_gcm.aes256_en.data
@@ -1,679 +1,679 @@
AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fb8094dd2eddb3d8004bb79134023ca2be4de9b668a9e4608abdf2130e8becb8":"":"491a14e13b591cf2f39da96b6882b5e5":"":"":128:"80883f2c925434a5edfcefd5b123d520":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"725313f4cb3f6a0d29cefc174b7e4f43cef11b761ef75e1995cb64c1306795f1":"":"27d1ed08aba23d79fc49ad8d92a2a0ea":"":"":128:"d5d6637ba35ef2ad88e9725f938d3d2d":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4e766584ce0e885e1bba1327e5335796de0831a40f74a5cec178081dd15bfd10":"":"cece0dea024ff47851af0500d146cbfe":"":"":128:"1abe16eeab56bd0fb1ab909b8d528771":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce7f2207f83a952451e714ba3807ddb3ed67c2739a628980411aa68366b1f2f5":"":"652fd951ace288db397020687135a5d1":"":"":120:"985227b14de16722987a3d34976442":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"855f8fa4ec6a1206173509d504d0b29dfbfbfa9aa528254b189cd72e6ebc1c1f":"":"1ad1507e6463e4e2e1a63155ac0e638f":"":"":120:"693146a8b833f324c1d4cbeeb8c146":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef8dd1294a85dd39e366f65e1076d53e046188c06c96b2c9e84ebc81f5c9f550":"":"9698a07447552d1a4ecd2b4c47858f06":"":"":120:"b00590cac6e398eeb3dcb98abe1912":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"25896e587570ff1823639e1e51e9c89192d551b573dd747e7c0c1c10916ece4c":"":"f0516457c09c372c358064eb6b470146":"":"":112:"5a7cadec600a180e696d946425b0":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02fc9cfffbe72e7954182993088e09d24ea8cad91a8ca9a336d9f1fe4156486d":"":"0e189e162e097eb2060b30c46d9afa70":"":"":112:"7d3d5cc55e6182ec5413ef622d4f":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f24e3d631d8961d3d4b9912d4fa7a317db837a7b81cd52f90c703a4835c632e2":"":"510740bfa2562ce99ca3839229145a46":"":"":112:"1402ddc1854e5adb33664be85ad1":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"720ab5aceb80ff1f864379add9b0d63607227f7c3f58425dd6ec3d4cea3fe2ea":"":"58f2317afb64d894243c192ef5191300":"":"":104:"e8e772402cc6bfd96a140b24c1":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f57dd16fa92a8f8c09d8f13cb5b6633a43b8762e90c670232f55949cdfdf700c":"":"3b7c14ee357b3c6b0dc09e3209ab69f2":"":"":104:"43e609664e48ad1f5478087f24":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"87c17ab919a4bc0d50343c0bb282a969283c2ada25f9a96d2858c7f89bc5139a":"":"02813d3faf30d3e186d119e89fe36574":"":"":104:"d1a1f82a8462c783b15c92b57e":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd8d5b6c5c938c905c17eab9f5ab7cd68d27f3f09d75177119010d070b91e646":"":"1df1c3ad363c973bffe29975574ffdf6":"":"":96:"749ac7ffda825fc973475b83":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d60a14cb789099c77b8991e7b0b40f787d3458f448501e8108e4d76110f94ef":"":"ca6b3485eb5dcd9dbfa7cffcdb22daa5":"":"":96:"3f868b6510d64098adc1d640":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"405b690717de993ad945d80159c2800848060de0b7d2b277efd0350a99ba609a":"":"63730acb957869f0c091f22d964cc6a3":"":"":96:"739688362337d61dab2591f0":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ab5563a387e72d7d10468c99df590e1de25ec10363aa90d1448a9ffcd1de6867":"":"c511406701bad20a2fa29b1e76924d2f":"":"":64:"390291ed142ba760":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"abef7c24daaa21f308a5af03df936ba3f70aa525190af0d959d6e50d836f4624":"":"e9f15950130b9524e2b09f77be39109a":"":"":64:"db2fb2b004bc8dc4":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ca630b0b6779a8de7a19e5279eac94bf29f76f8b0cf8ecf8f11c4f8eb04aa0d":"":"7373befc2c8007f42eef47be1086842f":"":"":64:"e2b8620bcc7472a8":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"acea7818a71df2c9840aef1c10ecbe2bac7e92216388416a2f36119a0745d883":"":"6d46aa39fb5a6117e9adf7ee72bc50ff":"":"":32:"fd5ff17b":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b301036d4b2b28b8a4502925986861eba2b67c24cb0c79c63fd62195d9b67506":"":"bb6f398e5aed51590e3df02f5419e44d":"":"":32:"47f3a906":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"89576d2aac554c8982c7df0053be9ab19f4bd80ba9f3dd433c1c054d68e68795":"":"aedbd482a401a7c12d4755077c8dd26e":"":"":32:"506fa18d":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43c9e209da3c1971d986a45b92f2fa0d2d155183730d21d71ed8e2284ec308e3":"":"78bef655dfd8990b04d2a25678d7086d":"9d8c6734546797c581b9b1d0d4f05b27fe0539bd01655d2d1a8a1489cdf804228753d77272bf6ded19d47a6abd6281ea9591d4bcc1be222305fdf689c5faa4c11331cffbf42215469b81f61b40415d81cc37161e5c0258a67642b9b8ac627d6e39f43e485e1ff522ac742a07defa3569aeb59990cb44c4f3d952f8119ff1111d":"":128:"f15ddf938bbf52c2977adabaf4120de8":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbe2d52b7f50bf23a16ff8cd864215034fdfbf4d1506ca3c1ffb015653efe33a":"":"b155f8ab1a8c0327789cfb8310051f19":"ed8d14adf1c362bbaf0d569c8083278e8225f883d75d237a4abcd775a49780603e50c00a1b5b5946c085e57a749b4946f6aca96eda04ac9944a7d3d47adc88326ed30a34d879dd02fb88182f9e2deefaeee1c306b897539fa9075bda03ba07b4ffff71ce732ef3c4befac0f18c85a0652d34524ccb1a4747ab8f72ed1c24d8fc":"":128:"c5fe27ca90e5c8b321cc391ee7f1f796":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e888721514fd01fb67513cb56bfd29af67a9ce525e3e697af47450f02053161":"":"9f6bd4a93e4f3f2f5f4a7c2c5b4790bf":"867d50923967535ce6f00395930083523c22f373cfb6c8817764f5623cd60b555572404e54f2fe7083ef32b9a4593a1f70a736d6e8fe61b77def51f3b1d8f679d3a8d50d0aad49e51ec1eb4d4a25f13d14f3e5253555c73eac759e484c6131cc868b46c18b26acd040c3e1cb27afecba7b7fc3f5ff4883f4eafc26c7f3084751":"":128:"ea269094330b6926627889fcdb06aab4":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d8f82b07e7319ca607c9aa0352070ca883dd7b32af370a774f63b0270f44835a":"":"e89e4484497cb728f86585d8918b7fae":"42340d96e1852de3ed5e30eb4a05e1fb222480b450e2bf4e2cf0fb2a525eb6602ef43a896adc5c52ea5381c642b2175691c014e7a6dae91fa6ff5b95c18a2dd2e8838d3abd46ace0b305f3f22d30a0bd82a81bbf6753362b54b0624c76c0d753e30eb636365f0df7e1bf8bf130cf36062ec23f58a3f7ed0ae7bfbbd68460cd76":"":120:"b234b28917372374e7f304f1462b49":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b49b04a54a08d28b077ea54c18bfa53e916723e91453b47f88e399046b9b4dcc":"":"6276c577c530f91b434ce5719e1c59de":"6b73f996c49e368fc4d21816153aefb081509f9dc0916dbe4fdf77f39867a2bd617b8a75f39f515b1bc1454009d5247efcd90ba0d4a6743c6f12a929b666584f3b55254c32e2bab2321f94fa843dc5124c341dd509788a158191ee141eb0bc4e1b96f6987bafe664a0f9ac6d85c59cee9564a27bcc37dffae80c57fbf7e748ce":"":120:"69dd5bdeb15fdbc3a70c44b150f70e":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"398bb37bb991898c7dad7bf5930dbad20d121f68d5ec6c56ffe66f23c0c37f8e":"":"0c3bd55b54c1221b0cf25d88ea4dfe24":"4c48b929f31180e697ea6199cd96c47cecc95c9ed4c442d6a23ca3a23d4b4833601ac4bbcdbc333cd1b3a0cd90338e1c88ef8561fed7ad0f4f54120b76281958995c95e4c9daabff75d71e2d5770420211c341c6b062b6c8b31b8fe8990588fbad1e651a49b0badd9a8d8042206337a1f2aa980b3ba3b5ee8e3396a2b9150a34":"":120:"8528950bd5371681a78176ae1ea5dc":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e8f7c317b22dea8eabe7eaa87413a98ff56570720985b6743a5f9af56387cca":"":"3a9a5a839045723afdfb2d5df968bfcb":"a87d95f8f47e45a1c7c5c58d16055b52b3256c52713fd092bcd6cbc44e2c84669f23ca2a19e34163ee297f592f6054dbc88863a896c2217e93a660d55a6cd9588a7275d05649940d96815c7ddfa5fc4394c75349f05f1bcaff804095783726c0eceb79833a48cefd346b223f4e5401789684e5caeda187a323962a1f32f63f02":"":112:"faad6a9731430e148ace27214e68":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"67c95e57197f0e0bbaaa866d337fcc37f3a10dc55a059f5ea498de204d2fff61":"":"5f171d203c653a316cac43df99f4033a":"84f281b388ca18bc97323657a723a56260731234720b02b6dde00ea134bd84a1893bec38af80214c4da01b93958ab00f3b648c975371e565d5b6bf2a8f63c0f3cfcd557c9f63574390b6ae533085aca51fa9d46cd2478b7648b6dcbbac7e61197a425778debe351ac2110ba510a17e2c351ba75d5a755ef547cf9acc54650222":"":112:"9ea9c716e06a274d15a3595a0c41":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9143f00e31c72bd9fced31585d047f67f1004e6244c3d9c10c8ae005feeabc84":"":"e49cd6af9a2f0da2a7198317da92ab2f":"ab9193a155140d265aabfe2dd5efca7d3fa6129498532bccd77f09fa1a480702620b3ab53df91b01262122f1a6fc387b5fc55dadfcdb99ada83d4a5b0666c8526de309f41eb54d69b52595c43550a6bf7b4b8f0e0c48311b521762eaa567744c4c4704dd977f84068b59db98a67e33cc65302ba59360d600a22138c5ad3317f3":"":112:"8293e361fe0308a067f89aea393f":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d0ba180075c373116bb037907b512add00ba9a4693a8ecc14ca0d79adada90e3":"":"5c1501b19cce5404dccc9217ac8253b7":"3a161605ec0055c479dd48cdaeed5981b8b60fb7b7781cc4e580218c7014c3060a9f706e6e16cf4021e4d38deb512534b484ff23b701975bdf901146ccaece9c3ffbbeeb172cfb64a915ae0dbe7a082b9077776a387b58559a881b9b79b90aa28ad1ac0f2bece314169a2f79ea4c08389f7f7dd10ee2d9a844fee79e7bf38bcf":"":104:"0541262fddfd5d01ff0f3c2fb4":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c975c7e59133c231d1b84c696761c413ba20aff7fb7d854c6947e65db3cc57b4":"":"d8fedda4cccaf6b0818edcfa7b1f03fa":"cb4cc9171367d6422abfaf2b4452da267eb9ccf1c4c97d21a0a125de486997832d16c7e412cb109eb9ac90c81dfe1a1dd9f79af7a14e91669b47f94e07d4e9bd645d9daa703b493179ca05ddd45433def98cf499ff11849cc88b58befbdd388728632469d8b28df4451fc671f4a3d69526a80c2e53e4fdee6300d27d97baf5f4":"":104:"77ac205d959ec10ae8cee13eed":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a86ec688222c50c07274ed2d2c8ae6f883e25f8f95d404a7538fd83224199327":"":"99c73fdb8f97f225f7a17cf79c011112":"cf5f707de0357262c0997fa3ebfe6e07192df8db5f029e418989e85e6b71e186b00c612ecedbfe3c847e58081847f39697337ae7c815d2cd0263986d06bf3a5d2db4e986dbe69071fd4b80a580f5a2cf734fc56c6d70202ea3494f67539797252d87cd7646296932959c99797a0446532f264d3089dd5f4bcceaaa7289a54380":"":104:"c2093ad4705e613b09eee74057":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3981f0aa1ed8cb369d9b0d7b0e529ec6089ff2d226c542885b1bff55276e891":"":"7331f91bd1a67c21c9dd336a2a922839":"406d9cf45fc8618d564154241dc9c006ecdcd847406e5a6e7127ac96e7bb93f4c339ff612c514b6f66df95a0845035d7535212a2aaeeb0ee512d1f4375c9a527e4e499389c2d7f7f7439c913ea91580e7303767b989c4d619df7888baf789efd489b08eda223f27da5e177cd704c638f5fc8bf1fecfcd1cab4f4adfbc9d1d8ba":"":96:"dbb7ec852c692c9a0e1a5acd":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8436967f97c59ca73b760b73c6e088d1da4e76b712188ab4781d8d849505ae47":"":"9401dd0998914645668d06d518bfe7d7":"a5f40906177417097c19a0a21dbb457a694e173141837f695b09c8eb58ac2ce28aace4e59275b6266da9369a9905b389e968aefc64d78c7e1d2f034ef413d3458edcb955f5cd7971c28cd67dc9901ef3a2abc6121704bb5ecd87a6568d0506abbc87a2f10205dc8eb0cd1b5109158d0e743c2c3a342d60b8d55bbcb8d8507ed1":"":96:"dd6d988d352decc4e70375d8":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce6b846bcedc6ae747e66e72cd9f7664e6cad9627ba5f1f1923f3d3a6ed590d1":"":"ac865ff8a6255e501b347a6650510d05":"1658b9f8469af1dfa60458cf8107db1edd1e4bba70a0bd23e13e1bba0d397abf51af8348f983fcdfcc8315ef1ffc9a26371377c62ddba08363bd2bf0ff7d0c3b603fad10be24ecee97b36d2255a8b2efc63f037123cef4bb4fe384aa0c58548b2f317c36ef3ef204b24769de6ba3e9d89e159e2bf1f9d79aeb3eb80c42eb255e":"":96:"7ee87acd138c558455fff063":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0038ecf1407bbf0d73afa5e010769b71e8649c4249345dcf923ef9da0254c6af":"":"74c6b98fc6ced3a59bd9c42d31d71095":"467f483c71c3404fe7f09d6f6b6b64c3b7613a0dd32470cf24bc590d3994a48f3e8cd5dc19ea8ca7d5366ad7c5ad31cc9612dafedaea109dde2aedfe5fc2a0db2c903dd1dc1a13949720a10babf37fba5a0ed7cb5f3dc9eb5a4d8331f218e98763e7794b3e63705d414ef332160b0b1799f1ff5cbe129a75e5c4e0a4ed35e382":"":64:"62fe088d9129450b":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19fc4c22151ee8515036c38bc5926c0e0bbd93db5d0fc522b2a6bf6298fed391":"":"9547f056c6fb9ef72b908f527cb500c1":"511b15c25b2a324159e71c3b8e47f52d3e71e5bc35e774c39067250f4494c9c4eb184ecbe8638de9418672d9ae2c6a0e7f54c017879ffb2a371de1639693d654a43cb86e94a7350508490191790d1265b99e7b3253838b302aae33590949a8761a3bb2aeb1ba798cddeb00a53daad05a33389d4a19269d65116a84f12dba5830":"":64:"04623912bb70810e":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3b5d3b1920b5a105b148153ae1f1027c6d48bc99640ea853f5955fed4eb3d625":"":"9a4091c2eb7e88759bd9169fee303485":"aa680d07143ba49a9099d555105fc3cfcb898cec11ade96776dc9778cc50fe972e1e83c52c837b71e27f81d1577f9bd09afe2260dfd9a5d9dfbd3b8b09a346a2ab48647f5dd2ff43700aecce7fa6f4aeea6ea01b2463c4e82ec116e4d92b309c5879fb4e2ca820d0183a2057ae4ad96f38a7d50643a835511aedd0442b290be3":"":64:"033bfee6b228d59b":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6c4ad8e27764157789252f4bc4a04145cb9721955330a2f6a2a3b65cacf22bc":"":"3de136cbd75061c888226efab136849d":"0f6951c127d6bc8970e2ad2799e26c7fb9ca31d223155f88374984b5660626c83276ffa6c160f75e0e1bcfa96616188f3945b15fc1b82a4e0ee44000a684b3c3840465aebe051208379ef3afe9f569ee94973d15f0a40c6f564fa4ba11d6e33cf8ae17854a9e12360a2b8495e2cceec463f5e3705c74069ba37ba6d725f458c0":"":32:"f658c689":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30cd99fed9706c409e366d47fefc191f79bcc47a28be78f9890fd90d4864eb85":"":"8c7ce34691503bf14c776f8809f24e61":"4b6b10c2e2905ab356769b6453dd160a08e8623b0878fcc1c1d64822f0aea1f4f5b4698ded5d23ebafa11bc1e4ce9e5cd7d7c7b13de02d11a945ba8361b102ba49cdcfd6a416e3db774cd7bda024fccd1ad3087560dc15bbfe9b1a5c6c71fae17a329f104f6c2cba7eb6a7459535ca328146d0ccc0a9bd28a3d1c961947a3876":"":32:"7777c224":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9472f2452933dcfac4bb22831ce83c6a1ddf25ef8d2d3ba59d72b0d173a986e8":"":"18fb2c34b0955d712960009617d300ef":"d283dd75cd4689c266c8e0b4b6586278aa2583c7c41bf12bd1cfdef21d349acbbabc0a2204dc4130f922949206c4fbdce3786ab8614e32908838a13b6990453abf14b84f5812e6093644accdd35f7ad611ea15aefae28b3cf1fc5da410bcea4f0a50d377fdcceffe488805bc5a71fab019b12fa8725d6e7c91e6faf12fbaf493":"":32:"c53b16a1":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e06d5319210f4107ea7267fa2e8183fcbf74fd3b0579b856577177d9cb307d42":"2b9179d21cb884581b0e4f462455167f1f7899717245d4aed3d8db5983daccccebfc2130a20c284563bea5997cc0438c83d8fa7bb9e3588efed285a0fcc31456dc9a3122b97bb22f7edc36973475925828c323565e417ec95190db63b21881016b5332f2e400bb4724c86a8ee0247149370ee5412f743dc6bf7ca5bcc31afa0f":"f2b0564705430bc672964b049115e122":"":"3fa342a76cb5d501e6a6fade14aab54a76620e4ea2287147d4ca2b9d62d2a643591e5df570ef474ee88ad22401c1059e3130a904e9bf359c4a6151ff2f3e4f78ef27a67d527da8e448b0ef5cdcfec85f3525e35f8d024540387e4cdcb1018c281a1af7d4a3688a0fec4d9f473c816f7d4c4c369f70d7dfe8f1b7fa4f581098a1":128:"18f186ed1ee1f4f8b29db495587d0ab0":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0dfa834e98b6c51ee925dd9edc9be72c209ddcd9099ded57b533f2236895a229":"7f4e4f11091bf51976c0fc71ecbcd0985cdad2135549c818c09567801d8a9a42c719aab7dc2cb58a10b5067d14c52cabe6bb9b939e7b9cd395eaf10ba6a53fd2e6446e1e501440134e04e662ef7ebb1c9c78bbd3fd7cb9de8b985418be1b43ebb5d7902ccb4c299c325c8a7cc1de9174f544bc60828c1eebad49287caa4108a0":"a101b13b238cfac6964fd6a43daea5a7":"":"bc60d2047fd8712144e95cb8de1ffd9f13de7fda995f845b1a4246a4403f61ca896bd635a1570d2eb5b8740d365225c3310bf8cea3f5597826c65876b0cbcfa0e2181575be8e4dd222d236d8a8064a10a56262056906c1ac3c4e7100a92f3f00dab5a9ba139c72519b136d387da71fefe2564d9f1aa85b206a205267b4cfa538":128:"c4cc1dbd1b7ff2e36f9f9f64e2385b9e":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce59144b114ac5587a7a8079dc0e26f1b203338bb3e4b1d1d987bddc24150a82":"bc7aa1b735a5f465cffeccd8dd4b0a33a571e9f006dc63b2a6f4df272a673bb2cc00e603248ab6be5627eebc10934fe4d1dc5cd120a475936eefa2c7bddea9f36c6c794d2c6bd2594094e56cac12d8f03e38f222a7ee4fc6c2adffe71c9c13003e301c31ff3a0405dde89bb213044d41782c4bb4eb3c262595d1c0e00522047c":"fdc5a40677110737febae4465b1a76cc":"":"084c31c8aef8c089867f6e0ce6e0aadafa3016c33c00ca520f28d45aac8f4d02a519b8ebafd13b9606ab9db4f2572f396091bc5a1d9910119ca662d476c2d875a4ab62d31ff5f875678f25a4775fa7fc85b1a3d442fb2c5047a3d349d56d85f85f172965e6477439045849a0b58014d9d442e2cae74709ed8594f0ec119d1d39":128:"4c39e0d17030a5f06ecd5f4c26e79b31":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e7a6b459a5370ceec4d429bba9472a49db07697dc66dbc2f294d3e62ffc8aac1":"cb959e5611a636317feb5265d33b315c2f5af64159029f0032e338babbdb0a525ba6b92cb3be7db9f0077561e6cffe1247bad32dea8918f562dc3cd83225cdbcaed652b87c62fea8eff153638a3a14ef9f9a88bcc8c9a6b65fa9dcc53f63d1b14fb9bb0baf17e7bfb95690c25cca2c3097497e41f7e2299a8518d5d1c5f6264e":"92468d42ad377affa7e808d95d8c673a":"":"599dbc47e2f2e3b06b641c510b238417b01869f0e7d08619752f6d9f4b08585731deaeb439ff26e02d7e51b45ca5e3d4a779fe4cfc9572d1d6407f98de69a8fca60bf01d1a769130bb38a67933a2be3aa3ea1470d8f32a34dc863dc800feb7ef71588edd9489bd59a23685ff5358f9b562fc0bbad9e11db7a6fedbd79225539d":120:"e853262ed43e4d40fea6f3835d4381":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9818904a99e3d80c95dc71a16483ade1b9b8e7df638ce6a4c1d709a24416cbe9":"2c073cdc11a8d58fb55e1dadbbc0372dde86c387fa99c9249bd04cb2f2d239de01bec8c8771a9fb33664ee06ea81c37a824525664054173b63a2894d8d7ffc60b9e93052802478a189be5835d979a28ce7025b219add0622f97c9bcf3ecf629b56408ed002a141061320400409345e94a7a7e3906611305f96f2abc9d62cc435":"96a301ab6bc0309be9735bd21cc9e10d":"":"4876e449b0cac09a37bb7e4b8da238f4c699af9714ec4fcf21a07c5aee8783311a13149d837a949c594a472dda01e8b6c064755b6328e3ef8d6063f8d8f19cfda3147b563b0f5fb8556ace49cb0f872822a63b06f261b6970f7c18be19372a852beadf02288c0b4079587c0f8eab1858eeec11c6ba8d64448282068fddd8a63d":120:"e1e8b62ce427e5192348b1f09183c9":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9b34f137e3f37addad8a6573b8b6dac9a29e97db53c0a7610f37c72a0efaebfa":"c1e09c432c68a2c119aeb3b19c21180e3c8e428e12033f416a92862036f5e8a39a8893b10fe5476e388d079143ee0b79b183a3400db779cfbf1467d69887306b124a8578c173cd5308d4448eefcf1d57f117eb12bc28bd1d0ff5c3702139655197d7305bda70181c85376e1a90fb2c5b036d9ea5d318d3219132ea6c5edf7b7d":"50dddb2ebe4f8763509a63d07322277e":"":"793e1b06e1593b8c0ba13a38ff23afaa6007482262bc2d0de9fb910f349eff88d3dd05d56eb9a089eed801eae851676b7a401991b72bf45ac005c89e906a37ed7231df4aeeeb1fcf206ca1311117e7e7348faf1d58acc69c5702f802287083d3ed9e16cf87adcdfa1bb0c21c40c2102fd0def91985f92285e6ea1cdd550e7f50":120:"b3c6ae17274faaca657dcb172dc1fb":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"66b40e2e671bdf244b45644d1a5adc63011b32156ba9f5e03dffacc1a9165061":"985546ee12ba89d95988ad8a4153c4f9d3c91c0e3633a95b4f9b588bba0032006c93210514357c91d574b436da13dc9f68194a981e7b65eb79e56be9cf1dabfdf531407727c034a3c7743bb22aa02b26f159c2eff3c7ed52027de2e8b8b2fefb72c04fbf20a1ffe10d6dda790a9812cdbe9f2ed6706d7a2639e851a42870efb8":"4e090871e889b4be36db5e1df1ea283d":"":"f93eebffeddfd16b4618b893d57b459b704b894b38a5eaf6cce54026c80090be8328e12261e1b10e81c73ac8261c2982bb25603c12f5ffff5c70b2199515c17200db2d950a3f2064d7b362607adbf3686f27420ec15e18467e86faa1efa946a73c8888b8fdc825742b8fbec6e48cdabbb45f3cd2b6b6e536b6fbf3429aebe934":112:"ed88c856c41cac49f4767909ac79":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"18c5105a9651144ce965b4270398b982120b885850114571ef8e2cbc5d2f5e04":"00c5ea3d91248bfe30c5a6d26dbdf0609f977afcfa842b603c1061b2a473c9a79b421b2509550309e4be9c5015c51c6def9ee68c242f6e206b3027ce8e58b7ab96aaa50ced1d78c2dfcbc2589575bec2ce3b6a5066276fe7dca4f1118808d1e5cac062667053c15350289da03cd073377c2d66c01e3098ed01b75788c7e1f9e7":"a3a5f82748acc887e33328fd7f4ce1fd":"":"d91ed6886a269dc1eb0745dc4b97fc54cbea5e6857d10a303a3caf828b4e0e20bb742bca17021b7852d09a6d7d3a56ad82298c15a2082fed0e0e326bb16dd677ee262ead93a24147de3c07eb8a95b108abf17357155f1de79171689407b6545c9fdf8ab4486576490430c0e043e21e7c40ce88e752cb006cb3c59479a7e56cf7":112:"add4e086d612a119c6aae46ba9e5":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4667cabeb3a644e371cbbe9195413daab025cc6efc12298bfaea0dd9bc028f9f":"9772ec47f3cd26f091bf117e085f2394db258c2c460dc3b1402edcb60a8f70517f82aa669607b78c2ad79c662c3b376cee1b9f34c4ec5d15319c33de78a440e7f2a4108c3c9da51604adde2025ff1dc336c49279c13a7153931df675df0e78f17a4d72973311af74fe755c85c7869baf3896bb738925942dc67f1b6e690c9d48":"7e8927c69951d901494539ab95ac5906":"":"5d62fa69cfbfdec30193408dad15cf983ad707ee921068b817676eca9f70f9ca4623a8c113df5fba86131415f4ec546c7f1a94ff9d02cb8ddcf421c7cc85ed87ce712fcd8d5f45460749ced0d900fe0368c59b1c082bd5811c1a648a51768d5e4bfbc23cada3791f289d8b61fd494398be1ad9ee9ff471abb547000ac2c1a5d1":112:"0ae6bd5e8c25d1585e4d4c266048":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3d58cd514de36ca7848aad1bf4d314b3b3415cae1ce9a169021ae84a67d4ab69":"e1c2e79e3f64c5c64f853ac9ba1a853fbf1bfd3001d48f7e73e0e97aa1b8ed1f1a7066178e75df688c5edb1c42e270ea38ab0e246c6a47fde4c3141436fe4b34beb9033ba7eebfc53cf1f6c8ae1794e9bb536152d196e1b96803316a05f1dcb9016c8b35bf4da06cd18da6243acc3a3dc641d3a1332b1915932ca89937cb0327":"4a1c2e7a3f9788c3c2fdd0dcc0cfe84b":"":"50d63c660a2b4f8e87276c5f58556cdf15d0fbb2c8ea5e3266d28c515643109aa7fc950d6d48f504dad52457e16576b581d37574574cd8b7ac12b7d59b819992c941a27e23ef9f257ed0c4ea4eda6c1f3b28b44decb63a92fae84c3556dcb9d6458e729dad6a7db9f7411690fce971b3b240f8f9979ed992f87d76e227fd7384":104:"ac842579bdd1ac77c84dffac2d":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b7e4cd80f03a7ed092c776b243dfad7776d9caf3e679939038e33ac94d8931de":"102e2d2c0d01dbc69733d2451d1ac1817d60418685d4ae8aa44e1ede1c1e08d2f71f0aef41a72bd9f052ea4a9a057330c95d964f8c3679b80fc9c0952b46f38e2ef055cb33703d686757400210fa5a39bc7e3bb9b8b9cc20c95d5607e2f10bb5501507680ef3aaad96553333b1d27bf2f7ac102c983eede2262a5c6237c1d754":"af160a983d674b7d19294f89c3c9307d":"":"6bdfae299d796ef36850327b091ba7bb02e29b643ca4c8bc199eb91ecbaf88426412cfd5570e0042cab735cc46ec648b0877955b3f9a5707d56c478aa77ae5510749beb1e44dbbb37791f18477123436a985e5e9f79fda0a057504847e4ecae841f24e1b53076d3efc6bdea2ebb336ee0e4b5e6ea973e3e50a27b5c2e6fee3e2":104:"fdf21e2ac356e507745a07fc96":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3a0c46eacfe85cbc0c5f527b87cd075bdeb386d0ca6de816a87cfddcb8a87ae8":"6d1203dc8395e35a35e234203625ea9d37d1c009db2ac8b1d5b29021997b5421f1d172f4c9a7eb7dbb67f0002720fc412f5b1550c739a2d7ba4387a1f978bd548fe6169d9473893782b10fab99198cb8b4553dfe27583c017136fd8c95070d8d7f9a602d15248d38d728157a0b26404e662f9a5554d3e1582bc0e12f0054792f":"b1cde63ad2ad4b8a7bfb36ab78385c3d":"":"9de3a45c976d32ed2af5074ef13b1f86f35b1689b1c698b2e427d5dd62556eb14439f77cd8fcbe686a9a08a922e3f54a78e86fd284de493a740586360b63da09bc1d001777582969c679db54a0ddb8d7dfdb46750edc882804a1c00e417912b72b4cad54dffa1897eba6188b3e61ebf0c3dfab292c2686dcb9db3012e0788c7f":104:"641896daab917ea3c82524c194":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d540e0ba27103667eb4511ce9d243592bccb8515ab59896c9922cb5f1b47a02":"d79f9b1c74e3141f188704c8d5bdaaf6083642be50d00f20c97b56646863895250d131e00db0ecf4f035d42f08cfe20f401c2d3062a38daa0b9e7c19fa7c5d344680aff48d506daa181451f6b34ed9099b9a5b39c0166e93ac4463c9ad51f48e3063b1c16793615336f55d516d079f6c510c2891b97aaa95e5f621e3b5202620":"a2ed37daa797522a39b01dd206d06514":"":"6a891bd289ec05990424a2775287f4725aecefe1ab21fa0ca643f37829cae9fcbbf805b883f807102ff12f1a85964df818057daedd41c7349ef32b24642186c45d2858c3260d5b90594969e26b691963ac7fbd2eb4eef466ae690ca274d9194dfc4df1c3baec02abc38fbfc0e2c7c4fcafed227d4f6607329f57ee439435c714":96:"9074ecf66bbd582318495158":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"151d7e4db9e21c87bef65c2ac6aab5b6b045b7dadaf6424644a91e04ba810585":"0984c5d3f68beba1db4e6ade429cb8954cccaba9fcf4d852897ef69f8483428932c8f18a891f54b68f7d49a03c57f7144d802eb996d233cec930d5eb19f43d0faf9c94a2d7aaca40c8066a2882481f521bb5f6ba15b213810da373817eab3d52b5dd143a1521239482fbf4a07fe68c3d35c90c6ce27b55e40abcf432a261dc58":"49e0e0d089e3574fa5a33c963b403ccd":"":"6938d8a7625d1291f249ef1e086bb030ccdc844a9271fee16db60e7acfe4aedd720de76345109d5e6849fd1576c0fe0c34e73dca4011f8565cffccef427198c927f19f63b821f43844d008ceee0566f0d8062d7860e92ebdf21dcde80039a04504cd8ee94874b2eeb038962a74ac9902d9d7ce09afdac7aa706bf3892de19531":96:"48d3a8116213f92bfbe86bfe":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e9615515ca45109316cc02bbf3a23406eeeab2092dc6614db76e4e047a3b023":"46c4c6bad0f21172094ae07a47fd76477b69ca75cc08970e8dbf7b8644d4bcdce96f9d15dd3fba5fba3f851af145652ad004ee525d180d2f3e03bc0ec1c0e8ffebc1474c342732b7247f657ba87ffcef9333857123f29c4976b048c89c24107529dc5dd69004fd176eb0ca6ddae1df7be7d28b3b9da976413588f20c1fff488a":"c1facf73da64e16e4acee3fdc3cc6b10":"":"4415dc96d3daf703d392ba1318254143a58870e691570ca6b1be6074dd9c1feae12c72f9314fc3d19b6affb59b642ade6c4e64b7c99f850bff781de193cc0a321a29356addcb0918a282e53801541b5b01383fa7624c36d1f67423f02d2b54f58deca582b7031d192a4d32bc154ae1149cb3c5b48538c803a8d01fa7cfc1683f":96:"322d8d1b475a7fd3d0c45609":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"52c1a14b4ed57cbfa317fe0db87528f4c5551deb9ffc88932589e3255b1d3477":"eb9081e19b63c94b5f3a696c5fc2c0b7f434e1574394d0b41dd67dfac28a73d4ba26c86b3728b2802fb9d0930c89586b09602900d33eddc5a00a4e98881b5acd5597aae9b80b1569ede74042948f2cd66c3eeae227ae10241df001c85dfe8a5fda0aa21142ecade76290dfdd4a27b6ff3a932dacc0b5f461501239ae8d6d5f41":"36d02604b5b24f49b08bb01053a23425":"":"12fbea9e2830ba28551b681c3c0b04ac242dbbde318f79e1cb52dba6bdde58f28f75f2fb378b89f53cef2534a72870a1f526b41619c4b9f811333e8ee639be1250a5c7e47ecbee215b6927ecffaf7d714327b2c4e8b362b1a4f018ff96f67557ca25799adfac04dd980e8e33f993051f975f14e05be8b7342578d0c9d45b237a":64:"01e6af272386cf1a":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d08a07b3e94025523a4a6415029c8f9e11fbbfd72564964c53b8f56f865af0d":"4ac7c27b07a4aebe5caf1de0538d13a56e8c11bc73713bf78c7abbad3b9f6d690e00487267da108e2f2ae67c24b4657e77bb83e2d5e4b244cf34e924cf7bdb443f87ac8cdb374147449f8d06eb517a25dc86f03a389f34190aed5a7faace03ebf646fec2b173b2c15fd5cbe7c5affb6c3ee6d1cace8b00dd8f668a2336da5bfc":"98b745c7f231ba3515eddf68f7dc80f4":"":"337693c5c746d8fcdf7cd44d8f76a4db899402b891176e85b4c549c366ad709322874e986d6b939a350d2a0e3b77924d6d15454d882d1d3c94469d749a20d8f0116504cb31888a1e81d3abf25dbb7a7f9e7def26b9151ee649c059da1955f1716423c734dcd26a548844abb6b64c44383ec698e59361b6582c6883b77c338342":64:"7a9266c4e5ae48f1":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b9d9fc42b58deafe9bc9734f4129dcad34a2e55ee5ad8abcc3f7bc42dd2c0e05":"11dbcd6cd53d2af766a1b6e4af2bc8bac2811ef818da2d1f81c140ab6e0298e958fef033736bc6e0dccd660b9a3e4222bdf3f89a95b206785d22852201e6dd00b44232ef3c03393893813dccf1960410b50cf50602ead8bd246fad88e66c88b50821578004779b6c45c13d8211df1cfc0fb2d7a342f58e4f2f3623fd31b12c30":"67931493096f4550633c322622bc1376":"":"66ab6e7a547705d8ae8ac3cb9bc5fbbc18cd220f89aec7dfbf4f72e7bc59b483c50c9471523c3772efc5deee3a9c34c96b098842cc42f9b7d7c0d2530f45900eeb9502e4dd15363b0543c91765121fd82fcc9db88fe6a531b718c1fe94b96a27856d07707fced3021cca9cf4740833d47091797cc87f57f5388b48e2296ff352":64:"0de60d4126733404":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97e736a63870546ec9c2325a8e367c8ea17a7ffa71f6cadd6909a5bb9eb12814":"608280a9dcbd6dd66100a9fdd00e6dac2183e32c945b2b4d255c048243bfea15aad1a10ff3eec0ba79c531239b489a5dc155dc2775519f8d3d2ed82fa7ac653fb7c77e0dfad1c175b6c69963f5c12ff9840f18e0202502e9d1e3b170965cd86ae411af20e6d69a608c99ca8dae3cb3bcce666841132a99429bcde490d9f0b6b5":"d35192b4d233507b70c6d32f8e224577":"":"568a0d584fc66c876b7beb9ef8709954a2c426fb8c1936b9024181ca2cd3a7684c412715c11eab80a181be0238e32a2b689e9db36a2ac87db651058080531e7b1110938dcb09615e385d7b224b11222469145f6fb5f4c0e87b08bb3006bc5b6d2ce0a15be7fc29b27c10c645afd9d8253c094fc0f775086bdf2adac265b474d7":32:"af18c065":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6d05193cc0885f7b74057ead3a0738b74eb3118b1a7e74c5c941ce0011197122":"c58f51bad815a43a5705c311de4a846ea2a70cbdd2c30d709a2ae0ddf82b7c889dc599fb6e0328fad21555a99530be6deeeb5b1beb333322c2b747288e52fad008513f8040a4735cab3c8cf32c4e18bd57339c85cf5dd71e382067bee7e9ccaf68e767d77fb005a3b73a51acf942fc3b2c5c9eec6189d01a26c6ffb070165874":"5160b65bf7a2ccf77fa2e3e0b3866f26":"":"64dc5834a63be414c3714f1b34feddbacd568c6466cbd06f665aa269187a160db79306a53b629fedc1247bd892998fe3208b3105f6273676bbdbff6e254de332d02bc8842ef98d6b79994792eeb5be3a807452b14ae5b5027db81421cc22936ccaa7ae1b77a145462634e424ccf2dfaf001ed4477b804e204120a1416b449b8c":32:"364ef0b5":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6e8006983712ddfedfebf95e6cc3b0aadc23077055e500ae49fae7705787f2e3":"e3ba14c4e39ebad925997649872b8331f1700c8f98f80e58d92c85a84f2a427094d9d771b276a0d35b17c0c030734399070a57345d4dcf082b96c7eb580618f7af8bdf036296e20379e74e29f905b52a0c46fe7d46201a075e7de7e1a523a0492c1f228102fdb89f019bcd4571e041c5d37159dc487ec139fa37d33142fc8082":"e36e39d787394f1401fc4b173e247db0":"":"4d5db4b65a1ca31f3d980cc30037b5d79d28280a31cc5d0274be77dad70dcd37f652f2ca999c9aecf08fd2a02d382457a277002a1a286ab66f9e437adee00c3bab04f831dd52147005a989606171b6017d28970c8986899fb58900e23d1bc6a9ac0bd4d8b5d6e3fcaebc9903923e68adae7d61cf929388e0e357c7223523d1ff":32:"d21637c0":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cd8ec237009eab590dbd9b31e76513dfa3501701b1a706982944441d996e1839":"9eef7c9a0fa3e9a7fcc4b2f9d210a97d6653ded7913f2fb2de825a0dfd78ae1cca68c040f2328009fffe62937d630ee9d6e0e67bc12c38c0b3d035697d4c2311371aacf41cce0d523016ee436a47d93af0df77011131856d072c718c310f0995b71530d70a3da881481f46f21dda62e3e4c898bb9f819b22f816b7c4e2fb6729":"a3cae7aa59edb5f91ee21231002db8e2":"45fa52a0e8321d82caea95bd9506f7331923e2aa95e9238908f3ff30e17a96389dfea75e225e34e1605354eaaf999a950f469c6e2e8722da5ad9daded6722baca00e5d1b8e63266ad1b42cae161b9c089f4ffdfbbaa2f1fb0245d1a4c306d46e215e8c6c6ae37652a8f6016f92adb7695d40bde8c202ab9c2d70a96220b4b01b":"833d58f0bbd735c6164ecaa295e95ad1143c564d24817d5f6dded5d2d9b2bed2dc05da4a8a16e20fdf90f839370832f9ddc94e4e564db3ae647068537669b168cc418ea7d0e55b2bb8fd861f9f893a3fdba6aace498bc6afe400fea6b2a8c58924c71ce5db98cfce835161a5cf6187870aa32f522d406c52f91c30543ea6aa16":128:"c1df4ee60b10f79173032e9baaf04d3f":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f0b24f054f7455f5821fdc6e9ca728d680e8004fe59b131bb9c7cddb0effa51":"d406138587fbcb498e8ec37f0f3d7f6b2faa02e6880424e74cdba67ae3468b6823d37fd917a7fede6b34a2f0fc47c520e4088766ba82a989f0d8051a3a80cc8b1e3e1e2b1c6620b90e99b27e65951aeb3936263fc2f76c1c8effa742f53987f8a38c731a411fa53b9f6c81340e0d7ce395c4190b364d9188dc5923f3126546c3":"f52f7a2051047f45ec6183b7c66e8b98":"756cf485b6a8e672d90d930a653c69fdbf260d3ea18cd3d0c02175d3966a88b70ab8235d998b745a0eb6a5c92899f41e8c0b7aa4ec132c8cbb1bac97a45766a03923c9b93c2a055abd0127a83f81e6df603a375ca8cc1a2ee0a8b7fd226226b0b19bd2e81f73c34dfafa4fcea08dd93dd4ab7e4b437408af91bff566068a5f34":"e58a03f664003d0ef5bdb28931afd16e7747cff62dcc85bf4eed6e573ea973cf615e4ebee40f35d44e18e391b391e98dca5669a5b0abbfa67834836b122d1909b53acd50e053d5ca836894414bb865b1fb811d8af68b88b4a302fdedf27fdd27456e9aaf34a8d53c9c8587e75843e09776392dbb0501ef41359c01e8980e5221":128:"258492b9f549d1b90555eafbe5292806":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6f50efb3946f6a6dfe63f12780f764bb6ebcf2127d3804610e11f0bd9b68ce0f":"bfc89d5049a5b4015c9eb64fdaf9fe9f4be7229e67c713a7b368f0550b3a5e12ba3a4399c64f60b7157e1b289b154a494deadecff0d0686ab44fae2a34ae4cb120a7f00268ab551f41c16a05f8999157be1103464127a8a9bccf736c32db045124178c90472e664d8e67a2ade0efe9a3b048c453d2fb5292dd8d29e62d52c5b5":"63c1192ab7fc75c17e7812fd960f296e":"335cc5c8fb5920b09e0263133eb481fd97f8d9f29db8689fb63034bc40959a176ccdca6725e1f94f822e4d871138fc39776fbe062f07bf80e5c8891c2e1007efeb77c158ced8d6c002b04442ed35c40a2187a59c02339c05762942208e3be964736a431017f472dfd5fdaf8fb8c645cdb684f9632057b9eb755253b4b75e3688":"ca974942ae0f4955ca0736218e4e356145c1ef42135b1142b55ccb3fc5caeec630eb50e69b5a6f97c11d4b604189b27496623bb0365ae69f4150e201e72bad8e7b883185588d0a31c44273bae87194b1610114a83ec47ba68a02e29891de43204977fcd0d551778335fc77fcfdf3fd63e9e5e0c02930a0321ffb093c521cd0ed":128:"2f11a01cb0ef8dcefad9233bec44d6f0":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ec566324ad9d4cd015821e2cd4ed4d3d507bdb3c65bd50acc85f690ef06740fa":"348d35768d7192415cbb92c5625f10edd79f24c56d4b821aaf80d7dc83e901ede6be94d1efe11a3acd16ac00aea8d0d4875c47522332fed11cdf0816b26978de431c89d2fe6d122b2d4980f1d53a97edc15e490a44e73cba9394ca4bbb871675c729c39de80d6678c71b1bd220e4647bfd20a7ddbefe2b7eec7276b87c92ba77":"95c8a544c4b94e9fbfd76e66f40bb975":"fa6f38f8e562a54bb2281dc9a7cbe0b981292fb00dc0053185550a300661852179d0f2beb4e7759b81316fbfead5c858e6fce73f3cd2c2462925dbb199a4e6c121d051b1b5ebf60e16d1e30f6973b19cf31830da30588fdfff6115a4a1f6d977a72583379a56055724581be5232b0d1b0ae88bab5d4a031b058bc8d03078dcd5":"8b4da79f3ae1ea35a80af2f52fc640055e6a3b92617ddfa79fe5d8a49f28ddf36a82a17ca0b3cdf1726700f7ffc09ae5b412d064fd52a90a76bacc74a0b89e38dc474e880a2b768ffa91fef34c47759a7b8fd7faa32a4fcb258349495e4438c7b2055a8f462729fa4e7223aa9b47087695e3aabf43afb32e272d536b257b748a":120:"b1faec277697add8f756391dd9c7f4":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd6aa4ff63efad53772e07e0fa7d6eda5e73be167620fd7c9f3997cf46cd25a9":"592b3a6f09841483770b767bed73498c286896d2ad3d8bd91f83f92f489b1e83b0456a54e067a79e1bf59eefc1d3bd35cecfba940811d06a06e9b8f774bfeff557bd7e3f0864cb6bd3f867efbe3f040d2384ae8e1a0e20ed38caa668159d3e33c4669478d00963a1152305aa2037a5e06cac52d84021234a7f5d46ab060bd03a":"6386e03bcb6ac98140ee0706b54c8492":"0ccdaa4f54cfea1026a4d26338b1e6d50a70b00c46147fe906c95f0a2fb5d92456ca3aa28a257c079eceb852b819e46646997df87b873bc567f69a2fae471df03b0e5b94511189eaeedd238a991b326963c46d53080f420ec9fd1a74145a0b155cbcc0b5e47fa69450c7eb447080e34868d640f923923b91a9e13a05c73550ca":"c1be540448f1e3f432a10b3cc1a913cc4046595f5a57bf57c9d856cdf381832e914088d3388199018ff26327e3001678ab363da9457ba2084f5aa81320f1a0343491e0b44424018765861c5db917ce14e91a77f7e805d7a97a17a288ee66567c5c01ee61dc46a9aa8b281438ed377b792e9539e311676f81c567339cf92b8e1e":120:"ce7e361713630ecaff81866c20fce6":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ad3990cd57ce4e95342cdca4f07d7e35d575eb19f224a7c821b1f5a8c54d4bc3":"732809c29b5eeda974039b122b875aec2823e082ef637294658cc54f9bca88eb7eea87a366234f89919975d0e7dd2f8ea83198d5a6e349149a016a4b177ba43df2f3ca28e27b8566591d225ac25dfd9ea431cf1fb3ea530d65dac93aad47764a6aef8ec6903b6d145ea9a2663034d2a320690b92afd8032084b754be97604382":"fd4ed75d861da2cc14fd1054976c8566":"ab44689839fdf47e887b70fc1b0422dbbe5c1b50f4e704f9a435967ba8b70cf1e144a025d37292f628f9f7dd9d05557b65340090503201e8cf2cea2d6a73ea4850bd0931b90fd4a4306ba84b8aec99fed47ca1b16daee6c95c97e4ba0dd1fb130cd13f5ef77c5af96f61fa05305a3aca3775e927f72f08fc34bc994e69abaad8":"f48721b08101b35cde1c4ce08a8ba0049185b9dd48b66ab9971fd67dee24f89b456e9ca19ac8a9b5b3b088cbd53898a8c2ac1129752fb7fc55a0c3e2e7266ff40f7a9d63ebc4ab65f47422fc17cbe07fcfda582fd1b8f50e840ae89837e84add8be17d4cac3d2be26bef4aa8438daec9d2b139e442f99c32f2789378c8029ad9":120:"da6da2af0fc14b591a86359b552e20":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30823396ac90db573b6587676564d09fa680906bd6eaa6b8597e2e7549c9d848":"c55be5a0b8559e02de4667ba5656f7e46f5627af13fd34d327f6fbfc4f3a9273036fce2fb21232f8e2ed115b39b0ecb9a119c8fc17070bbe4e34d3544d7117ffda5e1ef05e063b5a8fceb23158d7824d6a1eb4d90a1d0360c6bd78fb24fdd4cfa35924beb4e090891d06f53fc52cdcaa6b8bba6772d549eb95b64ebf3756ae45":"496ac734afadcd54f1a4372ceb5645fc":"2d582131f7071e80cde1b11106b7d79bb208743de759d40b897efdab018f4eff1f91d2fe67e27af25a13f201bbe4446f20ac6b942ff7b32cf10ad1cea36945b67ac08b114fc616175a87437ee05f3a8b6566e9edfbc1beec0ed8696b5d5c41a25ac43bf3ce2920dd262233ab3405d46f523894dcbfb6c90b6e911ceb93bb7fa6":"c9da3df66111dcbabf731c6891eb698ac3283780f526e81383e201244efe4eca7a1c84a3bfa9ba5616afb15c1f1af0f3af2e071df6c1d34a343c3e3440f1a3e1b6620243d9e7d9a4dbda5981c3e876fd07f392d44bf3e0a4edbd884462ec2f71d36bde4a1b5792629da09a1fb01bfdbd532fbac71887a05a7077fc119a4638d4":112:"cec973a27c42e31b779a6a91aa34":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"815f2b2f0b1621aa198eef2761380f10ac9872a5adbdf6286bdf3386e56aae4e":"d16930c570414bb620e0eaa2e9b5d96e4424127e16461aaa5885c616a02ae974fb2890e73bade9ffa5066eb88a46ac7fcf258d55733d315951b1b71c5e3c13d78d60344ce921966297a0f6361cfeab03b346a7fa4f83a7a0eaf37576fa33a496102446f9f31b06ed91b51672c879cb18d4e38fa86e156d5b1dbff27925922470":"0843984bbaa565ca24f148e57a7d9c57":"1514b99c0ad3493c36fe1216d1a887a69ea0340101aebb03f60d7ed26893119e81e8b8c3f0bb4af5e10a3bf4edcf257473be9dcebb44a9d912f04d97a556ecf020c0bed7ccef2bfd5580f1fc74b706fea45f8c63d8de6f8deccc47a02dc86d3f0624e52f6f1dcd09de8000f2d98a4cc0896da6a564b92263673adf390ed909fa":"7506175acd64224b39f890e498ee5013bb46fc571dc2b125ed5891b8ce8bcf42342f015fd2df5f4b9cc220aab52386bf2247d4163951e86467633f96c28bdda166d778855a7f60465dd2983232c9e53d5f89432407807b0402a10f155f80055c339451a106ac54438ae4a945e60d5320eab0adad9a1e66d59b9d3cc53887811d":112:"28d9d780052b36dbe80a25d41d5b":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d1325ecedb8fc0fe449de558fbc11ddebef660e47aabb84edfe69837a6a9066c":"f9a4f7029feae5cf5bdb8385d6ad7d7da6a243c5026818e5a794c6cffb8dad3227964501c5a049b5a94a7ea2e24434e086800094118444c5a971bbe575324fb6b51c5939f81e78bb11d85d324742b462ce8d13584b3882617d0c94776f328a554f9d532b6515ade9fbbd2de1c12ab53671b7f7edaa7e20223f4c371c1f229568":"8aff702c40a8c974cf24bf3c645169a5":"9ec2e851dee3834d4843aafa740f3aac4cfb1e4d3a7e3e77349113f5200768c3e9dc37481d6292ebeebd2372db02ef8ac7180830c7187995c815d1d1520c3e2f8cf2a94993b18c828b53485073c8a845066772615b26d7a3d7d3e7d81ad1725797153f7ba5e313bdec582c5482adf76b31c871cd42a313018f40d7e23f1a7f33":"3a93663aab93c6cd236cba4db2c03942d9ebc669633936370c2834357e76f6555c34d40dfaab1e78a105da9092acdba8be89e2dbf72e89518d55e09eb2fa1ea7da505484ad4531dba3eb853d1ae1a477355ea9448067b0adbc782d64ec342c7cb781d9dd8dc2b14dc1c9ab5542b679782b8bb9b45ff6a4e36c513df169c8eddc":112:"7e682b0ddbe6c55091838616c352":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b92242268e598ddcf3a5a0de26d74356693c4dbca354e44be401f3d6804ea1e":"72dc75bc4c8f5bbbd9c639fbdb34afbb84706404c9e67eaee1959aa4b51eac0db4f975cb3ed8d8ca27f72f61c8562ec953a7b8745826121a7016e60e877dcdb046f236af3826c1ddf5b929c5bd9a92b0d5c23cf8983bf2459ced6595882b3dd0cd25da7eba981bba122623dae22dbdce05cf4e5d82d2cc54eb4f68e9e8eff02b":"3c292bbcc16c94b0a263f4d22f328915":"167dfab08aac8350574693b31210138f6b99cfb61ba7ade2e2abffe2255837a913c9afe332e8fc4b2463310df46492e7d982dcb70fdda2a8b03911e6be9a5c5621d0ae8ecd1cb390910b6702aad33394c25d1160b86687e25bb6cdc4811e3158bb85ba75548329dacc19287d9c004a0473029b77ca290fc47c1f96d9583bcd67":"c2dd42ab9bf3fda78032f73cbf7d28dd8e32c582a3b7ee79795551f133234d62ea6571a466b8e1af0b3d354b71a6582c9c8013d5f8a2c34eb3e848360adac1d5005cede58eae7784f32a31c40eec5a3f03cc1e7263d8515b36225b3515ebcf8dca2a77172c797d347ed3921ca0bc73e8ae56347134a6a2a06ae084f1ebb7b0fe":104:"02fb002d8e4a1d11bb0f0b64d7":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5c50059a61692a8f1ffae1c616158c67d276dcd4a029ce197ed48567e5ff889":"ab7e13923e66d0f600accd2462af74192c3de6c718a27052ef7c1302239c7fb2413df7c662657ca18228575ed138bc54f31663df548618e98d64402feab529d5bf6a678431c714df1fe24ea80017f455a8312bb5b710df8dd3571970404a806ec493dcb1f3f1ac980663f0b9c9823e0d0304ed90689f70d4a24da7d8504c5b0b":"920d82c6b97a7bea121f64f83b75dc65":"a9bd57db2bbe83177287e5f614dab977071abfe0b538067f7d0c5acd59bfba95dfb725b8e1af4573ff10ce135148a3bab044552348378d5ff0c4f8be1aef7ed60bb9a374a6c7b8097d7c1804fdf078f212e63e9f11d7404ad0d1a9cb28d5ba199aec3a6c41b9e523b541ad38cea763159836ede6371357ab1aeaedaaf4481c29":"8f7e87e3ff4f7ccd1cedc1df125199cfb588339119a5ea5f9bdb918f89ca35f9dc16c6465fb25ea250eaaa8e7f00aca2199f92a2c244642bd15cbc9b62caa58115ef01d0b4a9e02527e035744b20892f79b07aa47b6c6db1332f82434764c43124b27148f2f611766781df8e4cc0b5ba99b858c13c233646dcb2b8749a194f08":104:"65da88676d2ab3f9c6d590eb80":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c7cc3588436ad9e877de72578d30026d32746817ca7a8fb7df9870650aa48d8":"00c2845fc495b89f870bce714f8604a7e7a96ede92c4b9bdcf044c9a176f66a28761089c083d5e2d613c746711238477c0efdf475e18af99e88cf76d04d4e40495ea16c462801443cd7f69c5d36ac9f337e828c308f1d1938b1fac732274459827cf9806c1661a247167948a93eb6e998a4cea76bb825baa27e4180e52633bb3":"5e82285a3b332c693e427f9410564489":"9971b8e234fc3e1e9644545e383eb065e1866e2faa6513278d3972add5ec0e71b1558329fe1ee038a27919e43bfdac8cf08141ab540528f74f9d5bc8c400bb6ee7867e4dbc2aa081d9126ac374dc62b10004d0e233dc93376b93c0da415e7d3e09851f2084a99feeb25939e21893056870cefe7cdfaf49f728a91ea0eef605af":"ab7bac4ddede796576e1fc265c3c598055827be74dc7ed8ef172d00a648da56727767d68fcbe6c44e7272dc8cb15f03a26dc439178849b0e9ad6c7410dd4cca3f9ef40ec7c280042bbc199155c7341e88d35e5e8d0b42856e618c6c30e43d49506ccc3518585c951a3898409315e8b3b4d0adccdb561ddcf1b9d3b2cf3de9750":104:"2474c830c6ebe9c6dcb393a32d":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9d73aec506e022c0692892f6dbc3b4d41e86b97fb377c1956ee27b9c9ab3b32a":"f02bf60f10ed876a803a96e75f3fe17b4e355246135a0cd5497baad2a40a523c27e27bf848f0cb5d0c6428d08bec9590b17fca5e697990d2a6f7d21080ab614f378a07461e7a6207229e0a087e285841ef2f119cac7d8a2d3abbb1e7272a0d7dd493c8c4f797e160c36e086227ceae4923658365b2d3a3fbea11aa2fab3499cb":"bbacc081a6107364dcdac83abceddbfb":"77e1da090e4d3a892baf1afbc12a56201a4362d8f09cda5e9bdb23411e6908915301d66403acb3524898c1c51d6970a71878accd0048cb6cfbd4bf941c174ee05eca2c4a29f1c24e936d3a63cb6cfa710617af1bbb41d755b2f79e135db914a7dd00c590cf741078eb72c3ab559787213202dcc0a4734bdd612b917e372f0e61":"d78fa4024b8d073899ac09b8151c29b10a37793b76f04921bdc7dd3d2ef530a831e53cf6a7ddeec0e033ceeabb525bf5ef57bf9b3661ffb57d3bd4024252fa11dd569102c787c2d8489a1ad1290dca2e8edf82fbe6b5f83bcc0e888045b895e20c8556ee80430cc8640fc070491d2bb81a1209428938cd8e7a27e0e858029421":96:"2235d00a47d57cfbd383b69d":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73198dfd92d26283637e451af6e26ff56e3b7d355ed7ab8b2059c1022e0ea904":"2471b3c4cc1d6884d333d1c998c7c441808ca884cb88173a225569e1689ef39e266e9ad381926adeafc2daccbdd3c9457ea1bdc3bb05168ef1eead1504d1d44dde34f96e1a7f2a5d3fb33cf5292d52fa9412800419570db0eb24fb74d55de202f5df74073c5a2eb9eb726393996eaeb32072bebb00593de41b97ecbab2554186":"e36403ce1acc63bf50b47387250ef533":"cad023cfb73d08e5b082c3061f3a6502a1c1d53038cfb19074d0ec26c9b272db93094147ef0ab2bdce440a2b3233bb0429add47601f011df679698264c0f81444aba14576a1a565e5c169f967c7571bfb32a2a4d7fcae897863d78964c5b1a040cc845494c0ad8ff4353317b28ca3798e6252d5015b58e99354ce6dfbe8b7a95":"32afd6d6fdab2019ce40771b5298aaadf753d1c4cb221f01e4dfc8b1968f898188fa4d448d8364510a7e68c7393168efb4b4ead1db1c254c5cea568a84a997a76dbc925a6c19a9092002629f1d9c52737005232e5c7620b95ed64741598a65a9ec95f2c97b6b78bd85380811c11386074b1e1e63b9a7e99d1cb2807bfaa17f0e":96:"e22deb1276a73e05feb1c6a0":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1dcbd278480434135fb838ffcdc8e7716e95ea99a1cc36d544096dff9e9aeba0":"da3b8c9e4aa8443535b321c3e9bde3c6742cd9f228c971257430b27293ebeb635917d6cba976c81934c3077902911169e8c6197b2d56a046b7ff03b482c38172accac98aacc90076370df28bc8a2044c393c7541b7b69b0fb852746dcf3140ace4e76861975814d2b5966f7714fb6cfe3e4299d79182fc63a345067a0aa54d8b":"b737bcdee4ef83aa83f124cf7208a671":"49a544aae76b04e62211428a2cc3719e4451f3dbf9a23b6ac824fc472e95e38386d267415c1472a8b0707b0573b9eb2a39a5d5a13464947cc3a7a7dd3b7196f11e87ab5233944f7cea3f4d62b088febf8b82a44d4ca6148be1ba24905432b7ac2bb4ebaf22d3bce97ac2bd34158b6011fbac77ee1fa96ca0c9c9e0207044fbbd":"061b491b73f9250798a0fb1fdcd72a70eddc9cb48c1f10119387d45c50d5fbb8b85592a7977487e45342fddeb8d481eef3b99463972f66acb38fe04953c223c5f3e02611c8f33cb9ad7466860895fae585d40bc78ec14d1cf17b4c5b75e4d8c6341f1eaf80da4a78aaaa30d3bc8bff15f234aacbee4067a947e42275b12e0bdb":96:"b897da3061c77aab5eb54622":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e00467f18536ea6b4d582b2480ebee883e4f56bd91af3ad7a47ceea3ece9acc":"d5334398318ade59e6bda5cfce8e11b25c9ccefa2f651eb16f66c03d84dcc900dc7c85e6d2b778b155ae4591af0698df7f3b8b9f64d4442ecc82035f7d8e71a5f61c515a963f2fba077f3cb8276e91b31b3f8aa193988a16a86ccaec4a688ad68b5146925ec21d55ded407709d34d140f37e1f87d955619453c3704e83918088":"aa6716e6b7107876a3321d807a810e11":"5606a0b77cc9020955c7efda33b7080e9c0e9fd374c4201b4324b3e6523b0407171141e8246d01292a34dc69331f7177d6b7238e16e0303e85741f9cea5698e42fc79217d9e141474068d6c192713c04b1ba3573e93480f69e4cbf72090d46d62d5b52e4a7613af8fcf0010d0024ea11c19cb04571c6d7045a1157cf81df18d1":"249119ace4e292ffdfebb433d5b57fa1518af3389eb832146c3adc2dc62fcc9121d7f6461a53ee107ce7edf362b365d8bc18e50cf9c328cb7c7aa7b4e8bfa07c34dc81c38fe0982bbc3b543485ea4b0ce5a76c988cdfcd241911cd66f5a5f9e0c97332bb0f3926117c0437470717c63957aeba1c55d96b1ff0f4d6045f908cd4":64:"70e986fced03ae67":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a18240f6135e7b6eac071546ee58bb52394bc34ad4e91ee678b72e4514fddcf7":"02f288eea5588e7a011f4d91eca232af70f60ae3d9302cae5a8a58798c1b4e973e3b1d07695934ae871201682554ef6a5b94976c6a1aa73d354f1d65e3f025bb2a3f1e93009e822a87590dbfd1965904223049c5ac0da8596955199ff767b92df10d1f9c05c40bd8204846c719c5594000cabd87342f0447e4e466c3788723f8":"149da8186ca73941582532ede16edf3d":"4d46e1e87322ca84d5bb92d58670f644083db06bdffd99fab0055a62b64a30b5a5673a108f0b9f114d379d3fe63a1f63407881c5b5cb03142109c158af42a00eb24d3b1873edd2284a94a06b79d672bc8f13358f324af2622e9aa0da2b11e33567927e81aea24f3605168e602b532fa2cf9bde5f8cc0b51329e0930cf22e3752":"36cddac99e2673588ba783d3c085b9935626687a2dbac9ad10deb4867c577d6f80453266b2400afd773e4edeb743c32562e85f7f8f43dfd87b10a2dd79eddf6e580aeb4cea92ac21cf49ca97398cc23c02b0ca59257643fb2bc6462b9cf04658352d53c2ee50d87cc5ca2ecb722d950f0daecfa0b7c33aaa2c91dd8b093916cb":64:"73cbe40df3927e80":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b64bded6c658090a85b5d889679c6a00579498aa82be1e3a628a1cd001e52a6":"182cd59dc1934199d2d2a2712157438c347e286f66b5a2b8b5149aa41ff7ba82adc3751be379741124dfcf05c531416a64f25f0d28abb6f7bf98c80762f0fa363da679437621dcf61bce43ef4d63178779d1a3ebffb82044d427ef522cbd2643cf1f5617a0f23103cd2a164a59f182b151f47b303c4eb7387ee5cb97cabdf985":"99aa6f359534da409a18540d82fb3026":"f55fd6255d8a188ce9a4a2727699ce16c8bc5c6adba88d94106038b74deb79c9d43bfaa47375148d843a5ce248d70193c8017196941b2d9e2dfd4375a3390c19d2f833b0b265dab30f26adee07ab0aeeb930dc3a9fbcf719a707fac724deb28dee2a6788b17fa3505290c2797c6dbf930b41eca1f6d54d75b820e62ec7023e93":"5a1211218174e60690334856483a3066e2e8d996fe8ab86d0f8fef09aba9ef0acff9d3e1e5cc27efb5464bc23bea9c778fc74206ae3a16e5fdbf99694ab7096f23c4b395d7a7b8d6675e56b5505ff62f52bf183bcc4433298296e41662d6519d9c1f0a5fb3140376c8890547eae72afe75c338ba97fad9f0184dd311bbdaf3cc":64:"8dbdc0746074b486":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cadef353122cec1fdbc236c0ab195fc4d732655cef444c00b6cba5c61e01c614":"a3d5e55fa3110a268cf1414a483adab6d58ec8762a6e6be81269c0369e8840333503bc3688c7be001cdb84d163fa1dfb05f3b01ffff31151f1af780c796822e3d564f785964a546bcc2a320d81a2bc61058652a8594ae9b9b0917400e08d4a99fa161376ac53cba54c92889fd3497e233aff4e12cd85d57375c7c89e92cdf5f5":"d765b5954e5b486885dc78ce6801516e":"ba0405745971eaec5d337fd22e0ad287551e7084f1c9c38231d675719e3980356e183a99a3c760ecf7a8ede5e0dac8d2bc13e135570ff6e91a854ea3b457263b0e77896fdf7bdf0b53c8276cfd1ea3e8e22450ff2665eacd24e5fb2be89373349fc9e2967763d43cbd7adc9a376b1b4ab956ddf8b1a56d9385fb7e861bc34df7":"9b99f984ae26f9cad5b3c8058757a0a5caef0fb86b8ecef0c1bca6b99bc72b0d5345a00ae75e37d4e651008bb733105d2172edaaf5bda4ad950a49de55a514e882a470dca7c7bbfddde40d38fef4e1f3864fd7e212bbc0383d0bc29ab2303c8935d49c35d7d73df2fba0daeb5f37f9ab0d541766da71b33da1018a3f287ba312":32:"c374cd77":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0cfc42773fe2d16a59da52234af5015271332344448c214a2b4a0bb53b07a0a0":"dfbf9eaa46c368b28ef50227db97f29b5d9ed599760bb83f5d52f92ef5522815d6952ebb0d9b4efe8844216d37510746caf8c775d2c862bad8d67effe109a0cbcdd14ba8e31fa420a475e55ac6b02908346ad1b064d5b6b869503e08d057ae65e9dc2a2a26345917b18d1b715a2372e8e114a071eced0c29cc9966d7205ae010":"45afb3ba2db9287f06cf48405764a955":"16d3ad553cc0fde3f32112bdb478450c65c854927b198914649a2820a9e3d01131b693765d40bd2bb74a50eb4cd7bc8dd8dbac9c6a61acaf5e4cf81570814b30a6a11877a8f9c5df342f70008cbf0576bd27a50bfaf6e22a40bd77435da16b666a06d172aa981bdcae0d25b8ab002c6c1994a356d3c3b7e4dd7b99892b0784f6":"e29db2c4bccef2dda828ce652791d424a86cd5790e6ece67bc029ba9520bd8f35a214a73d8b86564df0eccdb60eafee4170da2694eb563e5a854b25d7ba0a4c53465fdc15c6e267be2e54263f97aa3edbe2358f3d9b8d28997388a57aa427a239a74534393593196253de1c2946b7a437a00480ecb2eb08dbe55ca2b3641c36f":32:"39e01fa0":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2a840df4be22c70786c873058d2a6e16dd9895cbfb55b9c9e98f958cfe62e65d":"313eddc53f3986927a261f498283b6dc4a39d26f98c7428127237d79a11c5e626e2e9cdb68f72aa3168ab23dfa2f5e03bc65a68d781f23fb9e295909cd9f0f3e5648cf82f3f6b3b509b0a333cb7d9f2b6e444c351a318f8f200a921ccb409def21b87bc55ec211a76a518350e6ee21d7379edd004b3bfd1ce9086b9c66d80ec1":"ebf155f7cf55e6aabdc1171c95c45293":"8abb8843de1766cfb8d6474496acda2f7a14e78a5e4c787ac89e6bc06cfd42173c35b3a75ddff644f4a58aa7502fedada38a7156457365b4c3c07bc12a8f9061331139b9a2b8d840829b876beb84f27d5a64093c270fe6c310ca3afe987bbc5ec4dc06358d5bf77c7b4e4fe4078c6d3ec28e9a281318da88949c478094c0065b":"769869a55754eb5d6d42e22a2b5271b38533fc0c79642e250347d34566eeca732e0565f80672054bd10cbd3067730dbc567039c730d8bc32a2bdaad09885651533a4f03174d4e6510547c1e1dd51be6070ab0ca0cceeaccf64a46d0ef87c0311bd09973f3b588a4dfb39c85086ea5d67dc531c287b83c161dcb25e07b671343f":32:"c364c089":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"461566cac74f9220df97c1ab2f8bb74189a634bc752f7f04526923d30506949c":"":"546d821e437371061cf3207f3d866c15":"":"":128:"44193072791c435d6e8ea7756a0bd7bf":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7736dbb38f1fe351a7fa101d91da62124c22ac02ee06b9413f56691067572f73":"":"5f01779e5e4471cd95a591f08445eb5b":"":"":128:"1a1f08c8f40b93e7b5a63008dff54777":0
AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"eedcae924105c86190032650e2d66cf6927dd314de96a339db48e2081d19ad4a":"":"a39d400ee763a22d2a97c1983a8a06a6":"":"":128:"3b4294d34352743c4b48c40794047bea":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"714df4b69dc00067c4ab550f37ff72358b0a905dea2c01f00be28cec130313c2":"":"c46d63d6fead2cee03bd033fbc2e6478":"":"":120:"2a0271b0666889d2d0b34e82bf17d8":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"454021ece9a87a9543a1626820d39edd1eff3dca38a287d8fb68bd315a7a2677":"":"51de54b633a7c9f3b7b2c1e4b47d26a4":"":"":120:"114708102a434e3a30088b5944c272":0
AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d7e90b539c99e8c2187ed72823258c1149890a69a9c0081ff8c66e1cdea9f2f6":"":"6dba3273560f30f118a2e0251f7b7d76":"":"":120:"5f45e00181cd2d7feb4723e0cdca24":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2948233eec9bf8adf7250b20d62df9219d30e314c5932383203805ff9f3dc5cf":"":"d6b8e723272e26922b78756d66e03432":"":"":112:"14c9a9a217a33d4c0b8e627641fe":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c73fb5e732ebc1dc7c91ac25de0d01d427de12baf05ff251c04d3290d77c34d1":"":"c31220835b11d61920ae2c91e335907e":"":"":112:"9eb18097d3e6b6b7d5e161ae4e96":0
AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a46aff2121825814c603b258f71d47bd9c9d3db4c6fe0f900e0e99d36c8f8d66":"":"7cb5550a20d958490739be8a5c72440f":"":"":112:"8c76eebda0f1fd57f05a62c5f93d":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61a612c76de551f794a146962d913f60fbd4431365b711217aaa4beaa115f726":"":"2d25462c90ad9a21073729e5efc99957":"":"":104:"e4d3b277dc9a107c0392ca1e5b":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b233480239fabd2035a7c9207a8e1ab2da45a90a472b30848fe4b4757c628db":"":"50d45096afd0571e171e1ab1ffb3720f":"":"":104:"5393bc06b8c5ecef1264fd6084":0
AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc051ac63e6b051594158399291ed101a3efbb1701b98819c4835a4863734371":"":"1f304d4d7f84ab560366215649b0a064":"":"":104:"1081dda9e0a793916dc82f7848":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75f76df772af8e3019a4c1588a7d59925f80ce0d5647030f29548374e7bcc9e8":"":"d407264e09fbc853b131c8a9f808f1de":"":"":96:"d515522db52bb872a4d3f9d1":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"608d7592c094322b31d4583a430986bdf6aa639cc4b4a0b3903e588b45c38d38":"":"6a631952e4990ae6bdd51052eb407168":"":"":96:"eb8851cfdd4fc841173c4985":0
AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"86a90631e5341e67dfa55e68b07522507b437fbab7f3e2e26cfc6e89ef9d2410":"":"67763ee1890e4bb430ac3c0dbc2af997":"":"":96:"c6d11901b53cf6b13ac03cc5":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b8d12783ba2548b499ea56e77491d2794057e05fd7af7da597241d91d832b33a":"":"0365436099fe57b4c027c7e58182e0b9":"":"":64:"41fc42d8c9999d8c":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"eb17c1bbcd356070ca58fc3899bb3751eea5b9f3663c8e51d32c1fc3060b7ac2":"":"aca76b23575d4ec1a52a3d7214a4da2f":"":"":64:"fbcfd13a2126b2af":0
AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"916aea7c3283aadb60908ec747bcf82364c1827ec29bedcbadacbb9b935221c1":"":"e4aefe6f81872729ff5a3acf164922aa":"":"":64:"2035a7ce818b1eb4":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"47b4b7feb91582a2f6121d12fd465967352e58d9f3d1bf27478da39514510055":"":"137bc31639a8a5d6b3c410151078c662":"":"":32:"822955ba":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8955cddce65978bd64ef5228308317a1ba6a9fbb5a80cf5905f3aed03058b797":"":"1370e72b56d97b9b9531ec02e2a5a937":"":"":32:"b2f779e8":0
AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7795d631f7e988bf53020d2b4607c04d1fab338a58b09484fe6659c500fd846b":"":"f3f5cc7c1ec0b7b113442269e478ed81":"":"":32:"e4e6dfcc":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9aab5d2ea01b9dc35c728ae24e07c54e6d1452e49d9644776f65878199bc5e4":"":"96ec2252e51ebfb731b680729be73297":"983a102a67359f4eecac465b0d65908a487c98c593be89494a39b721728edc991726e1fba49607eed1f8ba75ae9ab82a1a95b65ebdf48d7ee3c4a2b56832f21a483d48c8400dea71537f4c459d1cfcf9d2cc97b32eb7c5146cbf44d7e5ac779e9be0ae758eafff2138d4c5370b8cb62d70ebb713dfd2fd7772fa250590609844":"":128:"766b6dcf491a5836ef90f47ac6ab91ec":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d713b33af57762f933d6abfecbac7fb0dc1e545dd7c01638b0e1510af719769a":"":"5da52833b6fc73c0e4b1403e1c3c10a2":"374dd4ebdfe74450abe26d9e53556092abe36f47bbb574e8184b4e0f64d16d99eaf0666fa3d9b0723c868cf6f77e641c47ac60f0ee13dd0c1046ef202e652b652f4b5de611989223b0acf1ead9b3537bba17ccf865a4a0fda1a20b00e3c828b9726bbd0b0e92fa8ed970eed50c885e6d69604278375af7b9ae47fbce4fed7d03":"":128:"6151956162348eb397e2b1077b61ee25":0
AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"77a1e4ddfbe77a0ca3513fc654e7c41609cb974a306234add2fc77770a4a9e16":"":"30d6ec88433a6bdd7786dc4d3693bde8":"69beef4dbdcdf4e8eeb9bf8ae6caff8433949afc2ffef777e2b71a99fde974797dfed2254b959430ecc48db72cee16c7ef41fa4165ce4a0636ad4e40875d193a3c6c56a6bca5a55bce3a057a2d3ac223eba76e30e7415f00e6a7643fda9a1bf4d4b96ce597ffe30c3f780dd767cb5681bb7a3fd11668380e272bdd70e66f18b6":"":128:"d4a3c91e02a94fd183cb0c9de241c7d1":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"303930b8ba50f65a50c33eccd879990d5d87b569e46f1a59db54371fcbda7fd6":"":"2b2b28d8a5c94b6f7ee50e130268a078":"c2ff20441d96bae4d2d760dcbae636ca7e01d263c28db5faed201bdb39bcacc82ebdc943968aa0accd920d258709c270df65d46d3f09910d2ea701c018ec9a68af7fb3d76a9b360de266b2ac05e95c538417fec59cec1f07d47c03511751978baebd2e0e4f7483f7351b5e61c2a60138c97b751f6a8c8323970f6be05357aeb2":"":120:"b597491dfe599eaa414b71c54063ed":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1e3b94f5883239c45ed4df6930c453c9ffd70b1c6cee845bbcfe6f29a762713b":"":"61155f27c629dcb6cf49b192b0b505d6":"5b7482e9b638cb23dba327cc08309bdb40d38100a407c36091457971bad3ab263efa8f36d8d04fdc4dea38369efe7ae5e8b9c190dad2688bda857e48dfd400748a359cfe1b2a3f3d5be7ae0f64a3f44738a7c7cf840a2e6b90ec43f8c9322c60dd91e4f27fa12197fab7ed092990879e964ce014f6be2a1ef70bfefe880a75d5":"":120:"7003f04d6b6d9dc794be27b9c5d5e5":0
AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9080effb27994ef831689da10600e7a219db93d690647457702c217b08057eb3":"":"f45514696ff5ee1e6e5797f7bcff05c0":"5251f800f7c7106c008c0122971f0070d6325b7343a82fc35f3853d25c878215e7a929bf63cc8996f0ffb817174a351b71d691f23021f58777f962fd1d45ff849e4612e3304ae3303ace7b8ca1a43f54e662071c183a1695873f5567397587283433d1e76cec1103ee76f8e0472814424b8981caea1f624131fb7353afcd2cd2":"":120:"cfb6d9bccf0378fabae08fd230edc1":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8c291f0ad78908377039f59591d0e305bdc915a3e5bfb0b4364e1af9946339c0":"":"a9830d5663418add5f3c0b1140967b06":"e43c04e1f7304c1d83235120e24429af8dc29dc94399474d06047fd09d61ddc682684776c81ef08d97f06db6e4cfb02daea728ec6ac637e1ecfdb5d48f0440d8d8ffee43146f58a396e5151701b0d61d5f713b2816d3f56d6ee19f038ccc36493d9ad1809a49aa5798e181679d82cba22b0b4e064f56af5ec05c012b132bda87":"":112:"275480889efe55c4b9a08cef720b":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"96c77c11a3336a41b61ffdc1724a80735bbe91dd4c741fdbcc36e21c53335852":"":"655502d70119326405d8cc0a2c7a572c":"c01034fc6b7708128fbf4d6ffa4b4b280a1493b9e1dd07079f509479b365f55ae9290689f1c4bdfa439344e3abb17f3fd3d5e2f8b317517747714a82f0a9ace04938591d3ade6d6095491a440322d347e8634008cc4fd8add7c1c4764afdb2b098b3f5604e449e8049a46b6192647d19cf88fa5ed1abab7f313b4285560cba44":"":112:"b4d581464c4bb23433699c418ddc":0
AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e2a3957393669278f052ff2df4e658e17f2fe32811e32b3f62a31a3938930764":"":"a6f5a1f1f1ac77a1cb010d2dd4325cbe":"ce9c268429ca9c35c958ca3e81935ec60166aea0be15975baf69103251efafd54cbcc0bed76a8b44a5b947199cd3c2dee6878dd14a5a491a4a3d45788405d0129354e59c047b5367f1158bcf4e066a276951d2586bafc3c11f8a982ca7c3ba4677a938498bd51171552ea032fe1bd85cfeaeb87e87168f7a28e979b08358f841":"":112:"cd5986df8e9761d52cb578e96b1b":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b17652f7f04073afe9d9eb8b2615c7550968b9776b139fcc4f9b0300912cbdb":"":"9a8ac23ea74b292b7386138666a0fb60":"2732107241e6136f1dd28d233373079d75d6ac13828ae7afc751b6f9c57e77268c52ae91f4ab3016af2764597994573cd6b41f72e21b60ffbb3aafc9487ac19d0ffe8db2ae2c7505ae5963b032d1ee1bffb4c5bd88bb0c9a350ba26ee3eb8dc0a157955333e4f28c5ec7349c39229dff9f440da72909f2870aea873a76545ee8":"":104:"f7b94229439088142619a1a6bc":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16fe502e20d6473ed9a27569b63a768ecd428738904cf0b337df510775804619":"":"431a8d78b91414737e7c6188328a6d37":"934bcacbac10ea4ff6ee94b17bd7379b88489fbf123bf496c78c9b6b02ee97dd62eedd05b8f44f4912764920129e711701628991a0009ebc7017a1a19b177ec9bc3b0f280eeefadfa310708dfe214428a184147b4523e66f2d62630d4a12fd3e366d27c3b7d1566553c9b434ed193db083160da1f241de190bcbd36f435e30f4":"":104:"1dd3e6d610f359cc4e98d36244":0
AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccc545fd330cf17e27d75582db28807ec972b897f812d6ed4726d2a18daac76a":"":"caf2f56584a59c42a51fdbfe4ad78f3c":"e85ae6b27778893f36f130694af0b40f62a05aa386b30fc415e292761cab36fdc39bf5687a513e25ed149414f059e706d8a719b7165044fcbd48c773eae546380b8e667b56824e23685173ad9015a9449bc1cd0b767981efe09da43a07bf1aeee08ba05d387b8a00199e18c874fb3a91f77ba448c3bff971593f94747fce9cbd":"":104:"5cf5c7ca6fbfee63854f3bcd15":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8340d604770c778ee83d0fdd5703b1fb304c3bffeb6f4c65e2dd0e12c19bddcc":"":"c0a580465b1b2e8344f795a6578a5151":"799f228962ef87865dfcfa0addde7366de2e4aa78029dbc8d57d7e50fa7c74343458df3465103556a3bfc5ce217fbbb5b2835c9f76b70240b40fd605bcfa6b790d5985a8ba54354e0625263c628e8746c451504fc58a179f90f77f2b293d8dbf5582b031082025c806e60143da9ebb6133ac8367376d0572b32569ee799540ae":"":96:"318f56bd0f3832d043ef700a":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"74de45262fe09e12c9ee7100030352112a6532d1874cc6792b4da6950677eb2a":"":"9f7fc7367f9afdb67fd1afffac058e2a":"289ac6f5beecbbcbde5cb3b0fdf4a27ba237fca33719f774ed33a5fd35d7e49f76d3e88c53fd35561655c35469f3eefb5b2f776ff2799aab346522d3f003154e53f4ef075f016aaa500c76870e6659a5f9af197c9a8f5b9e0416ed894e868463cc4386a7442bb0c089a9ab84981313c01fec4fc0ba35829b3cf49c6447f56a4b":"":96:"bc1b8b94ff478d9e197551cd":0
AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"441ec8afce630805d0ce98b200e59f5656a5ce19e5ef58241e6ef16cac7646b9":"":"a1cbeffaf55708c375dcfeb496b21f4e":"5a6ba5d3f5a7a4b317c6c716564c648f0e6bc6b0f9a4c27affca6d5af04b7b13d989b7a2cb42ce8eedd710be70c04c0e40977ca1c2f536aa70677038e737064fb0e23d3dd48bc00ebdd7f988f57141e164e3c18db81e9565a62e28c73770666ff3bfd725eebd98946fed02f31d500b0b7ab4dafeb14e8cc85731a87f50d95fae":"":96:"aa4bb3d555dabaaeb4d81fcd":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d643111c973ffb7f56bfbf394eedac54be2c556963b181cf661ba144f7893a62":"":"4575b00b9af2195a0cc75855d396e4e8":"b2c53efe59c84c651979bcc1bc76b0bbf5e52b5c3115849abdbc469a063e2b1699bd292e5fcb3476e849c9edbe6ea14c2ab948ed7d21a21f69406621d3d412b043eaf813be722d92739a33a361ed8081c0eb00400c3c7d4e329f5ba4f7b75d534500f42f178048cf2e95b768ffed79c350f2ff72cb355abdb30af0a1363c0b4a":"":64:"9d1d182630d7aeee":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91301ee0ca694ae6971ee705f53c7ec467f4c88257d6466f6f8159a8970384b9":"":"345fb57e88124a414828730a85f57871":"c13623824a204385f352388098f5e2db23426f00a73c60c1bf1047ce2c7cdf7f7cc8475781fe7075d1226ad18871e12f0156f35e6ce7032efe3bade1c807f9eedc720fff7a27a2f4690f904be9c99b54a65509eab60e97c4283596eeefa2b2517e95de7620382e3f780efa1dbf5d3908373adfe784a4faf298681e171bade4b3":"":64:"325d08c5b96068c1":0
AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b6ba5c11daed7f868da9bfd7754d555a147a1ffd98c940c1cd5d136680e05c10":"":"b0c92b79d78547496d770678e1ce1552":"5b1ac8ff687f6fd2429dc90a8913f5826d143a16a372cca787845cea86d9b4778708bc0aa538f98e1031850f7c1d97fb64fe29adce6e1d51ca7f5203fc0358fe0bc54347e777dddfe04e3d7a66a1d1e2bdb8b8929e2100daf073845db5dc0b243819754c4c08f4fc3631d1cbd79ac7604746d677ff035930fcd6bd652e7864db":"":64:"b1819b6f2d788616":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5fcae1759209e784dae5a8278b267c414a03ce7c803df1db7815b2910d10ce19":"":"24c5c349b3effebfd076c88a591b8301":"ca2778e39fffce7fbe8f912e69d55931848dd5ab0d1bd32e7b94af453251a47f5408ebacd7b50ddd1103fab1c72acc0a02f404c5661d8450746d781e2c0861b6974ade9ee2515da88b470f16d5f06007f35ce97cfc17fd015e438af39ca6127db240babe9c42ed5717715f14e72f0ef6ff4ce512de95a179e60d6393e73f216a":"":32:"8e59f30b":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8d71a70fd58125b0da8dddf8d23ddbe0bc44743753bdf259448d58aae54775a6":"":"d15b02572dec98398ba9e68e1a463738":"81313be1eda9f27e01b30877ca90e825f55ef60b15548c45c786c44b024e7198f333be7ddd2c3f593a9b77b68e6a7ac4cfc015aeec66f4823d9be7152f02a533f375554309a4db0fea8e76255144458e488fd19106d9a9614e828ae306fe82af89e7981369b2259c49bae77f8ec2b1f169ef0449ad083d11907234b72ed2e464":"":32:"99df1b8d":0
AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b52398c7c75e1b146cc9998eb203159925cf6fc0b1c993ba46528e2f8e8087f0":"":"afc9a60ab8448b77fb05e8410d0a26e8":"770b3782f0e3a19d7d6bb98fa3eb0b916928a2970701c0f4a372a0ecd63499444ae02fd269ddb7d92e11a9e11d0e0b8bc60096a4be79a1e063174b710c5d739d8d05ab5c8ba119ff40843cf8c5dc4e1bd6fcad8389de3b606284c902422108d85eb3589524776641b175946c9ade1465e0d1064c5ae073be90e3261878a9af98":"":32:"32d6b756":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6793869513ac886ed66e5897bcfa263877d8465fc762b1ed929ba3d08615fdd5":"cda45e29f487f21b820e1af2c8e6d34a8bdf3f72d564a4625a6e06f9bae1c2eac3bbd5c5958fd75cf389a1a31391211745029dcd4cb2575f40ab04710a909b88c2d430cdee279f54cf7c0ff6638d1e0e631f526ee198cfd6e5cdf73d1a11b69de01d640f385fd829616cd2c0e78f09b5f64012e42dee9eb0245b72aba1404e0c":"a43de15dae25c606da1e7a4152f0df71":"":"385834c853772af70675b6be2d5087df84f88b6a303ea594a170e6dd0398ae270fcec61661ca373f4653d8dcc9e71767568c0fb03023b163bdc9ae8a08ea858cbb03b8182b4674147cb35ffda14a2f50ed9eb48d5351f00eb2fa433fdfed6f94833bcf656a7e350eb978a0aaf7a91674145f28f64693197a116b21328e273dca":128:"159ffdb05615941e11f0db46ac8f23de":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9f77c141b234907b38fb45f1b3602f3c29de1ed839bb7ba51f6192aa8baaa287":"96dcb74a78e99676a71673e3c9f94c34b34dad2748a6e42cc70ea50e41ef8b86b5992295d2cbc8d621fefce09e8948de7e696b9788377d598796afd002a82b628d9890db78359e1edc075cbc0d3f11d544bfdf5c8a838390cb856735942dff260189c00accfabf720e5fef1d9b7131a6b2b769f67374602d1a7ed9b899b2c398":"1b49005788148665cef20d8dcde41889":"":"b4ca59caaa94749317789b92257f2ef1dd3d9b1f4ee9540927a6ae7bf5bb0b348fcf25ba8ddda79a89d3174ac1713421291910c8926cfbb4ec1e59be7dd50e816ff586f165c605371ee6077ba4ac0ce10499f9a2a44866ce6319fce22652226164cc0a813c3147c4461dd0410e3701d4647d5a003090082e367cb9249cf1be47":128:"8048ae0c35a656fcaa2f4c1b6be250e2":0
AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2419fd9dbe58655122ac1022956a023446b7f4756163769fc1b99eaf8fba1474":"93bc33dc647c7321152b12303f38937bd191ab3ce3b3a43a29f6853b33e415667d97192fcab2d1baa017042b301d03bae2f657505cc58e3aa4bd849d1ce85ede0e192a373a3894c41c54edbae29a209e16c87c81445d43968595297b50b55659f8b92d7282a2b3ca85e4b5d4ac4ff5062635103f2c7806fcc7378d5c2013be72":"94ef13dbfe9f362da35209f6d62b38a4":"":"3db23c161cf352ba267dab6a55f611eb5fff78a75288779a167cd0e4db6e75d21f11f4ff2928abcb1b46d82c2a0b1f647c60da61f9a72565f629b06a7b3fe96e4141a6886436859f610724bbe43fb99fac9b78b1e0138e2d57ce5fcfac1599bdba5701cb424535fad9ac482ab381eadca074e7376101b4b436f9c43ed760a0a6":128:"ecd4a7370096dc781c3eb3f7e5985ef1":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"08e11a8b4b24e63060c5002713725bb5b4a412f1d76eac13989738ce94e19642":"d5598f4e37274f3b617aa4f9cf6b8547b4eb1e0eac79f6eedd6cd5364f8891f66b8d0cb09f54777d461bbf92d6fd74b3fac412b77f2c48e1024cf09b83c1e71bb86f0a20f82d296883ffee62a4a192b184bc6d7ba0448c1519310c83b18c00e71153137afad14f096b43d454f205ba6b6c2ec162aa992cebf50735dd9bb37c7c":"c6f1e6a39cabda1089048b536e39cf67":"":"1fdaf0156456b6b2a68d66091bf2260792748acf3e7bbb7906af8e0df3b569a7c03ee3a48bdfdff7ccd52433d0bbe8c5fe30d93633bb9d591dfad7d81bf8efd4d4a3c5c0bf2ac9832f0a8687f16be640fcf9b19169c251f46b97167d95115acdee3d4443df416275f5597a52c17a4b8c4b723d4b35a7fd0b380fdebd44df8bd5":120:"cb9f4d4610c67acfe612af5508bb8c":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"da2dae0107c284ec2aaf6e7306959df1e92d3932b88954f119ab677c6b9dcdb5":"277675044caf1713109d4d3abf50c6fb67dc67f7fa584fb1a41c833feead03177cf4b42edac139807ede16eb1d9bed27db741f9542d437781405608de18418c9f7269ab3fd88f6a922a31eab5a3b8b2aa75ee4315fcea80c4954ea6613b1360b1c7c6b6da815e3f6e50f72b7e69c3b6cb3d154855e3f83cbd1947eb54018155a":"2005f79d55b12e6dfbab7fedecc50e2d":"":"c2aaab524d1738b5244af642bbd16b32ba954e69ae51acc804a6b0f89f6cb77ba2db2b0e109cda6036786f9cec5587b01e306ee8b3d588748c61ad7fce1266165729d0153ee189746b107ce15ced667279a484294725e120dc1803d2c751784436ab8ff1d5a537628ee35742d1917dc51f8cb46c2d6b983bdec502e99b85e5b5":120:"52b4d7f2cc44f0725ee903551f681d":0
AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"637807b3e472e2287b09d5a3ee62f791a416419ba35e11c49b24dbadc209f0ba":"e91a0a7320329dabb0d0fd7f099a4d313724aeeebcffe6fcea5b00af27d258cf9774845d29aaf5dad634c6f087c3311b1c92775fda8df8820c91186da30dc79747be6ec6230f2c261063143f4fc89d94c7efc145e68bfdbd58fb14e856578ed57ee5b3cba2cc67dd6497f05d1570efa496b46f5bcbf82ff9c6a414f76fcf3f5c":"46909d8dba6c82b86c7a2aca3c9e71e0":"":"13b4ad9c51063a7f697f3fc68030144aee0aeef0b5a52c9d4920a7185b0452159cf13e64ca216ff16637d0946a75fb5da283fcd263dd7ef2c8f14cf75537742d1f0e48846fcdbf03bc343203f7c31cf61b36374033462a7b813f4dbe9386e57874591fde606fbc150d4916c339f1950b09b1911b1b9119c3ff4053e05910ffb2":120:"6a5c83f807401d1a9a3a2688289f61":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"33613dc6e029df0f3ab9ca66fa96cdeaa84c1261dd586723b1ce873545565f7a":"775862b39c2a509afd3470a56891fbb79bdb7dacfdb9ac72ba4730cb936d364e1aed3c92c01a018cfcd7953f751003934c15bdfdf2826e9947ea8e521f55fd2a04c75156e4910f38932c9732eb3e60423e849d34c55e3fd00b48d83028e3b4f35686016126ff16c942ec859d3c3aa2ee6d322a92dc9fa9b0247423416f5a4b47":"59484fbc27cdbd917bb55f815f9faab6":"":"069f80826dbee03e6a3437e7c6d16eb6022bd14827b8e45bd440d9b1a8ddae09999388ba0b1be0a6bafdb96f26dad523a3592fa610d5091f68380f4c1c3fa9ef7a0796ab183e8a82c2bf1f76300f98ce983eab7a93ddb18f1c10534fdb61ace83cae37e225930ab870a46285e733788e907255ca391945d409d2e53dd8a28390":112:"9f31f8f8459eb03dc3654caba5c2":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75d8132f70ef3f2d8946d296c83014683eb2a4a58b555c0f48e4bfa5774d6672":"a5be88fd43dc761838f3a9c7d62923c38414fa61b3678313cbc8fa9c2e5effb6cad7d5be5f39a71a28ff327b68a69f7e6a6bcb90eccacaf3a8659aeb905dd3e38efe57f2bd0d19daacae238baa01a7051084da6598fc5a3783a18decefc8efc8d46c7b1887f87d6d70c909df49340bcc680832faac3dd23cab5bcd80553dd485":"5ff41f3e75c25cedda1b08a41b89c4b4":"":"959396b86913337f2b1fb19767b787c18f00661c5d601bc65e884e15ac8043081459e889453e906ee267cb5d04fbaf250144a56c820eca34469967c73daf50796184ecf74f3c054bfa63bdd0c32425a8e10546ac342bb8e38a186e42a403cb80110aefd5f2d0bcdd353daa4430b8e7ec2134925c454745e2f708cd0b90d9d672":112:"ca0889a0eb12995079cf9ba77019":0
AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8d44344d2ff9a02b1c75785bc84f16e4d23614bf43b2b9a87798b418e905c532":"e5689cef9f8258a748a615070fcbf40ed0b24c077e2f9a362cb536737ffbc5383bcafed278d4c5e0f3c83fdd5cde79483c2c178f6fef05ab50f2b8db680027a175bc6d702d249efcd6cbc425b736f1905307c9303a4bd8aca620b57e3bb4b68f2a515259b06cf5365b675edff3457e2e915d7da1e0802f7300b3d56c4644f4ad":"256a983cd6d6eb4e80b5c1d1cd2a9f21":"":"13eeadbecc4c9991e2aa0b1ca819572ef28517528320db970739a16994f82cd8b5bb53d889f298f65c63dcc07089dbf7e9d00612d2cc8220b5630ca0262a698836d906256896eea446f6de4506e558b4f20950528c8c397b6b5b04890204b77a163e46c80c96b3e268fd2754e0380e7330782d606c771d6085b34200a80335f0":112:"b33ab1e4029998e2566583dd550d":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3999a6a394943be3d6e5732af5faf26caf483a3fd42c13b7f4f02132e93a990d":"8907e8832553264d7e92afa1595842ac661ddfec3f4294567faa0af61b3d0fdf76a922a2f3affb36b3b3b97f18d5172aec0b8f6f01239bb750c0fdd5da1e1244473cdfade83797037ca46d83123e6105c5c54071971f190da0c59821b0bf87242502bd19d19c7f463145bab0e687a18ffb2216c4a2ad2caf9488801c33c78c03":"76e2a5141d094b3a77765ba328f33576":"":"995189a396486b451db0167cf6990557287074def46eef872e6cfe1a297e256bdff2b71668ff0184eedf00ff1a3ec91358874718f0af88acf2bdb191e97332dc544d940412363840d4c03c7b2231852393c62d625093011ef314e4f755b1d0ee37690b4dfb55194a1465714cc3cbcdf93af39e666be0407508b8764f7ee95d3c":104:"87c8f61f459fd4a09d9ee8b331":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4359a62d54c43770c3a0d51da25cc32fd985d9b41c282887299d2e348aa25a36":"f020c9cafba399009bd920c3ffc165d4db47a9ee15ca8c1f51c65e306ccccd3f1d694071a3c765b5255eba6ef6a280f6095f8c195ebdfbee6968b57366e62e16d05b1768825ab7fe66300941270aa121b4fc02ab970ca6e32170cdbccb46fc548620fa1777049343b1600bfb1bdecec6682f0aa7244a0852adbc7aacedfba446":"5fefa85c958417b6bc8a61b5496fea93":"":"3b8f829aa1cc1532a434bfbbd25f42480311657215946b9216846704fd5da5e886ca9d130df466c3b58f5259102ea6b9ad756e9f484a38dd0ed289fea083ab99fefbc2747100071744f10e362351d4ffac6c7c1f5a49ef3c78e2dc667f6b3bfd0fec454c4e3139443da71e514540d7a228db193a4c35d639ec13c1198ee7f81e":104:"591db861b9060869edb228a324":0
AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0d798a357de5a686d06c329e451d7384bfbd462063fb8ea7d77a13dfa1f2aac2":"d920785bd7d7b1a2c9c20139380a6ac5f27a11b614ae110da14203146c2615d81e97649e95edb0eda71a0fa1589244ed42fd9449962a92942e38001ac64b212c7e06c113129712a01556577ae02325a26eb92581c0a690a894225e83ff1e36776f22b600508d6d96a0d1c55316b518df8d09769df5e8340cbeabaa0bf7752870":"50a003c0cb50ae8a3183cd640ea4c6f6":"":"9af6a5341cde4b7e1b88346ec481024b40ad95a51533cdd8e09e4809a20684f18eaf243e1df56f02ace9667264cc1c6af6b0914f154b332234f6468cc471ecb2078a9f81c17f4ade83d326b670795458d110e4c4b4cd7fe7f9f5f4d4fb23a038969e4ff4f74839b1edc270fc81fcdc8a0b15b9c2f0561567c471b783b4322ebf":104:"6c2f01264f9dbf29962122daff":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"29b01b6d15f6e68fc2e7079429dde5363888a6410191d603941bed272daef7ed":"123b6da306978f745d1dd86d7df32d9421523a7f329dd29ad98d2c309145844010295ef443a18d37ffe093080682fb96ba9c2c92105d35d77897b589e2abc7269aba8752c2a48c843bebad2c0fa281015ba85f5f709f6aee9b1d49236d5695f7f7d01554b193c89adcd1a91749138952cb3f0ec8b5f046328b3113aaa0715ef4":"cb4ac8373bcbf1b14cf2a6a6a16a422a":"":"caf71e09395d596d5a7b091c9e87ba6d522e974451e41f33f3e7ded554f24daa9da719e87793424eca9a3eb3972983354041091ba4b16c5c8c14913e1f6cbda09779188e9b5512917a0adf4b4344f119736ba6328897726a317989cddc66f16bab64707564bb0064fe6ab7b2b5cce143e94d4b6d739f58c47b6d4850697f8101":96:"f635ff3d8bfbfb49694e05ec":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f96d8cdcc21884e050f762c049930d78360b56cef5b99ae232c9a8c6e8fa89f7":"9cf05e5065531d2539d92ae76a43da1fa3614ffa4b1c73ddc2358f8d71345c01260060239edf629efc3650e0d13174af4294b6da0f39cc7fbecfa324afff89dd7d203416bd144c5e03df60a287fd4a8d54ef9b4b44b3d6de1d9de07418b8a34ec5c28cec3c5b2fb861583178a68ea0af89f2dfbfbd86f7cf1e572e1c8d4b0675":"5a7eb964b6bc9e75450b721b4d1f8f92":"":"566abaa23b8d464d6f107699453740e9e189254145c5132fe46989a6654de297398913daacb4083b29f7b31832079616e9a43c9c2878df1df451e49f1e629c8b9de2fb0e4ae9df48e3e8880f3f1ff5ace8842d2695e702dd1b7bfa7c25b0539b8c80d31ac91856796beced082c213e8be56efd646dae932f5bf503af46f491d8":96:"c049cce29c401d3d198773b6":0
AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"253234c3dc9cb3d50a80598c5cde0e37b6b13bf834f3595a9458dee698a6d19b":"686ad2740bdad507ebe97aa5bdbef25b8b030c4cdcaccb0d3b675ca91279db3ea75aa222c0ae98f86c24b10038cbb4fe9f897e1145b2f58cd3e9120f9a5620f38aa1e1f63906f557ff4a4c3223f5bb13dca34f8a1c6419e24ea57d114c62fec6fb9eee58a16b9e6a6bd930aa6fedcfc591311250e7167d43cca5916d5beead27":"9d156414acb63d11cb34870b937c837d":"":"96abd56d2f8aefe6c687f035df46c3f952a9933b8a51698e47d973b7d47c65ca3ba2474cb419c84a4c3cefb49e78cee1443a8fbbdaaecf73e9059ef34ac5a0df3fc152ecde2286da8840ad4617fd6ebc1e126314204bdc0a17b958430eb9f727498ff1db17aabbdaf43acca0945342d2ba9346da5373b2372b3081605e895c99":96:"3d998e5be9df433da001a686":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1054d48d52693d2797c80d3f10509d1c808f36a4d65e8fd968e5d56239f856bc":"a708e9d2d27ed4228e5b23d358561a77d684d855db9827be2bc102f2278f1961d3f056fb76f76204b2c96b916eb5e407f98e58edfed06de2388521832d97211d851d3e29658df738e3a15593b9db016d9e46fe9df98ce972d59f7058d484886ffaec7b9fd973c55644831241c1ce85bb478e83ccefd26b9718bfe910ac311ecc":"87611b936873b63abeaea990d6637a22":"":"94473e84659bc18eddcebe3112f55426f48ca4d670291fdedd42cc15a7415aa6795fb75b39434884eb266677e1fa7f530c6f3aaa733c0d9c06291bd7dff4c4e5857b2ee9e9f1f61a85571ad32dc9a3259017abe9eb5111e56df2913535669f3b2d722bd35fcdbd6541918885d9677cccaa902b9d3599cd4f0df1f35f4d11b8cf":64:"9bd7cfe1023448ac":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a95dc5127b9cb1c82d558d5b24ae049e24447fd676a49350089951afe01dc797":"45f81fa4780a256c40a0efec9547310406904d8991bcf964aa35ec9af457e2a642c1343827839f1f4b42f2b226da351731f416a4b4151f07927c278b371404f027bb2058e1765b367f5433a43fa4153883351041db3f066ef284a3eabd584d1d0b1d594b4ce7b5bca1708fbc661d95a9ac0d77dc29547f022eedc582fc7158c3":"0b177d01993ec726fff082ec88c64a31":"":"16c77b7f541d2dc4e8d31da23e04f18f4254aa283e8cee5b776f3d9a27584f459d0747955efff8945f807209ddaa6421846647d4198534b244498fe13a9073d372171d1b2fc38af66204f3de04000c093ebe659173b8d78dcfb8ca9003d2cd44ed168e6aaf55a06f29e83ceb32b98bafb59f109599f88b5c0f0557bd2b28f03f":64:"19eb5f808d65989d":0
AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"53d6393dd7ecc40f2d52460ecdb0607133ad843ef53f380cd3a2755bfa567abe":"72199c54dd5efb28c104e3b7210855506f6577d15c4eccdaa6a621a572e15f5845d648cf71b9fafef3411f6c1a664c7974fe71126a5cbab907e2caa342d8d7a05bc68a72c824896ec40e520e90b704dea441d22c5918f98803a88293384f64f92f11650c2cf4d3b062d30e14d149160742f59a473faf8fe00f4bdab9128c3281":"db7e93da21f0c9840c54c56e9c6ceba3":"":"5e83f559fa54926b731334f815783914530bbcc472d4bbd5e65908fb1c421442cb4c57329f2e4ba3d146a6499f34d8f1ec6d43e0cf98bdba923f404b914700edb235b08b0330097ea4162fd0baa1b7177ef0b29d5a6689bc56b8f975d6b6067ade4b8baf1d47a2eeb5b2ed28ebeded381d55d280cb2fb65ce4d82b69cce0594d":64:"4e65dde857a0f5c7":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa4a53c7764a254b06e1d8003810300b70f5729306effba9fb6210f97648a499":"19f3a8c298478d6868bf3b31785eb62e844c37200672e6ef1ecc05c616d981e02c333dbc3f86dbb7ab9ba40e9e57e133e6d1d595fcc6d8e9886a84517212669d5d7ce0f1383cb58681b92dc180c06caa1a7ac1ec974dcd7f2bca7ad2ab2789c9a3a487d64c484319bffa56d854a6d40c62b02d0c7898f641f106ff50d22a12e7":"c32288f97af9b6e31aa7e40d9ef8d016":"":"1fa6aec7a28767c8961363dc4264e6ab97014264f6fe1dda7e9db8646ce9a5463f69e91aad2fce696f9b641d75635bfb0f97ed2d7beaca944cf8bd9dbfffe77b5ae9fd032575e5333c7ce27538c609922843de87b960ebca7c2a2ef9702dd0c32f787b4d7df248fdf526d594a90bad0d6a8dffe212246c36db71e2d348326624":32:"1699444e":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f420b6ef96d9bfe46dcf18246ee230790a6fc854e730f1dd2d1ffd0e8b5c4776":"658a954d6c61d0d6f0e81a3c1cc65684483fdc95f280b6d4c964358596c25ca41c389932d74a1a3a17d041e89b7110ea315fadb3128c2c469c350bf9b4723aa9c8abd9065ebbd12c317bfb7090f09633f8c1184f0c4fbe10f5486dbfb847536c886f7d144ed07272a7e62fb523a04111e5ea9e1ab415fd17e72143006db14e9e":"4982f502a37eea8bcf316ced466c9fb1":"":"8630aa78aabe35d9360a44bb2094209b6f70d46d71e3949803cf54e33dafd54c6e49eda9e26dc5c0c1e34908f5281c8cb2a1aeee81186cf45d3eb22f486320c7ee0fb7bf3c211b232a8426e7e82f3e05881bf7d9454cddec7f28e5358cd0e9ea2e9cff938be044c1b21911d50b2ae23ab1aef377511ea657adcb560c34209f8b":32:"3aa91b73":0
AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50f3b822dfc70382d8695811e6b0a2896ea2bcd4d5268778cd484053c8a19288":"15bfb3a562ced63c92561a78374af40c88a08ce02392419e03d7543365c5b6525951ef2dec5927474a0ef85f519e5ef795881db3eafa765ec38e6be7b565a878c13d90c02889dc50cbe87081d9225a515504c7be15bf97f5d72a4d81f218a148a46fbd42983ab002fce0a54719bfe301bb761753cb330dc25be517b87d0428d9":"980810c11abd3aff43408ec9a69abcb3":"":"12632296f27eb2439009f6032a3f648370303dcebaac311b684de2496f399b271347b19e045c1060802f3f742b6c780d20b9d589cc082d7d0d580dfb7231171cfb612227fcdee7feae4f8defd34c89fb0d68570e782192a7bdd9a5464f35dc6a4282cf9cc3fdfac988d129eddf8e0795ccc24a113f872ada88834c974df8bc69":32:"32c1c4c5":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"29072ab5bad2c1425ca8dd0ae56f27e93f8d26b320b08f77b8bd3fa9d03edc6c":"3c7afc5cfc5a1e141587e93fef8427d4f21d892b983b7c9b6e9de3ee168837a1533847c8a2e2ab0706ac1474e9aa54ab57e7860bca9ebb83bd6d3ae26ca5387abdb9a60c4a9928484742a91294b13ab8f51eb4f599a30e9cb1894aca32a62a4c2793ee6793df473f43234c9eafb44d585a7d92a50aebef80c73c86ef67f5b5a4":"0201edf80475d2f969a90848f639528c":"4c8ff3edeaa68e47bbc8724b37822216d42e2669ca127da14b7b488fde31a49c7d357fb9aecc1991b3c6f63a4ce43959a22de70545e6aee8674d812ecaaef93ad03b5d4c99bdef6d52f21fc7fdbeb1c5629a76df59620aaefda81a8e73cebe4c646beffd7f4a98a5283cc7bc5e78b2a70f43e0cab0b7772e03a5f048ec75081a":"f3755aae6813e4e4b84a089ca1496564676655ba3c94e59c5f682adbbfed21e76aed0db78390258cf5fbf15f06c6b6468414cb6493c8b9b953b4954ecaf07ecaf8586ae001710d4069da6d21810bcdcbb831f7041cdbb984b7c55878598a6658883178dcc0fa03394519b8b9c3bed0e5c073429f5dd071a9184b015cbbbc62e1":128:"0549dd9f2a123bd6d58e5cd16c0624a1":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa9999af53720d0c1288fd3fe307a471160635287eebf41dd77c82d1f9cc9d61":"6ce6f2dc202750219e15a24e1ff0678ffdde55b27cdcab6da188bd5235a3bdc677f72f106579d02c2970d4542e4e2372886e1a6d74c596ce735f51f2ee6aff4d62bd24112ec7cd1adc7c660561f163170cdf047c241c53b8a5b2e03fde48c249a319bb90c2693c468c9dd136e94e05f067cd1d68244ce50be318ae0464b79acd":"6299d651a032bdf3a7e6b25ace660e30":"afab0a3d1960ac973ee2f4461dacd10d189412b37e572cad7888bb4d2453f1eefbd6725aadd5f982393dfa59c3cf1ee342dd91e1fbfab10a802e3a0eda226fde2686e7db1015405a3d33c921e5aa857bfda53ca3aed3ff0e18c289406740a7c5d9f86ce43db40c9032e98ab126c7c0364e2efc008312b7641d36503d183fa5a5":"a8059fe6ff711616afb591b5e5de497b3b7813f9de658c7b47cc3e7b07d0805c1ba05856d98341869b8394f3b5df2876ae19837edb3931eebeb0f26eb6c4a2ea78003d82a98111305208ccaceaf77e5d71996cca4f9a5eb712dd916b71455f741ec2dde51f56828667b7a2da015e1886fba71e496a542d94a38efbcb5353fb89":128:"2ff4d8d00400ad63a6ae7842eefb16eb":0
AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"31721e5e3a748a7f7369f3dffc1cbb570ceac868ef9d1f29b944b7e86a26d273":"6afc1d22233a60c3e6851447de89152a0dbadcd87e35fc947ca4bc886f1f87549ea106b097e2655136833d06dfb879a85732298860c149c5e5ff03bb2a95d9cd3deeb8ffdf951ea5f97e32c1ed75271d2ea58d158ae6d568bf197d69130977e330ebfef33f222bfd5b56bc6b0382dc99c4f0e42b0aa7a117b43f96d43f6e02dd":"523247d56cc67c752b20eab7a28f85fe":"11eb41aeae3611f0de77bfa1221ef5b7d254faf893dbdaead926a61605f8a86f20f1fb84e0c5acd195143bc5a4f297bf729129f898a2013175b3db7004115a6120134d8e354afe36699a6c6618d739c805b5b91739df67de7667729f1d6eae1a0609897999d474be4d8b826df901c6f39d522570d38d2d1aa828382932a177b1":"39e7f32bb3e8436d97a1d86a22750768001fe3a805516d3f800352323afd221991105d12da69ce7430402fa7923958ad5ed85506b968c4dd89516d6e3d02e722db3954ce098ec3299ef4f2ed4a89f383408dceca9dabc6f8eefe5a1f80093961c29a94b222d1a04d2c1e453d2e02977f3dd77a4659e2bde2fdbba8e2829db4f1":128:"506883db674fa0417e0832efc040227c":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"100bd2bf9c8b24cc2e8d57697cd131c846b55ad6ff0b214c0de14104b465b58b":"81c3370da989f774c1962f60c57299747481bea0e6b91df846e6ef93cada977bc742ee33ce085ae33eb9f7393a0943b647205a7e1ffb2a6a803a1ce7a88902456d66612362962b97c7152b57f1d54de94a39f07c1a8098da4ea5e498d426b7036c642fbeebefda50b8c421a7a33b1a8499dc35011d80a51d34285824d6f01722":"363e8af6f38307ec126e466e7056cc45":"471f7e9a0b505b12996747ec9e32731f11911ee95d70795bbd1bba34cf782d4100ce30a85b23f9f817f30e8f314e1a23e101201c920ce12ce732cc3fe01c74a9ee8d3e1599aa22f2398c3265d4dbda626a8ff4262889009e087fbef6babe33d7300e5cfc4c0056f3562a913d2594fee8e44959cf728599a9d3e7ee4a9ecd6694":"9494d01966ac887b8295bde61f0e7d006ea7b5c984a29cf5d849194f35d7b0f6ddb3bbd9646d7b9b961c515179901d2b04cb7cf7b6c8736d1d472ae8bb9a6dc9194b03b3f5373551a5ae0c0f023967669c873f0acfb02c0ae3a384e70f7a7ca05861f257f36a2ad5fbb591473dfc3ae1264dca0e889e0ddbf93dadf75db2059b":120:"5c78d914cac78c514e275a244d0ea4":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"614dd1762deb5c726eadf0e6587f9f38fa63d16bca1926955404f1b9f83e241a":"1ae828a1693d3c24651ab8ba59fb1185d08e6cc4a964f30dac59cd81ff4bdfce8023ab1b6dffb594a4250d25f611763efb4152cd35b937ca11373d237f1f8b3c0e21b942beb1f4ffe5014198c9ff59896ddfbb55e69963e3ef6b03d3fa134977870cd6f3ac10bbf59bdcc9f103cc2d58f294ef5f007a9f903c7bada08cb454e6":"10d079a86894b0c17bfcc8ffc4ecf7bc":"c4035f80b6d2ea288afd4ddaec1eb232b78be5a86583fa85f791d546102c97ace9716c2702483d762c8e4eda12f3dd10a9a49a2d72cd4694fa794477b54b4367be6b548675aee4c351e3f66c7e113aecfbcc57b8bbab4a039f28488237c75313e62612847b915ef9b582e146b2bfabbfce576a984f5ce4be0e6bff5480584fc3":"bf5fb0445aab46aba504801d5356455f28c98f300670a731bdd0c901a1d5564aa31f5d467e5f80dadbfeca61d2bf72b570f3935ba04c45a2ff7994bac6cabf84db2a42cd5db2a4f160c97c76817cc5cb62d4006d895fcdb218c1464b5caaadbd1f61779938e9a84440615eae050cd6f1713cfbd695d78818b2af78157339e9d9":120:"6d815ee12813875ce74e3aed3c7b73":0
AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12e97fafff7d397ea34efc0a8528afcd51c1b2ccda680ae9049edc8359b78ec0":"9fbf0141cd50bd1b3ccaf137b808b698570642ab20c32120901622b34173d7ad119abca3c61bbf1e6dd5cb182a079f3e01b0e5263d984c6186f01792125dd6c47c30033008ca2e0377f990285094f652c55a348242dfaa59f76989fcf86033c8d9c0b2a526bf46cca207e055e1dbc7cf3d0b7a840c8fb5f85784c9e4563f71de":"8eb11abfe350c0d5a6b02477b44867e9":"0a830029d450e20aaef484d4abee9dadeabbd6feaf800b3a693b4746db059efb7d110405b45e45a9e5acf90957c154674dfb2c1cd787af371e01bafc4e8475d0268b969d25756a1121a519afa61f3d6ecded4e0640f0ddd471f5b8e82029fd2887df4e65af9580390b6924022e39acfede7530e5f0e54f0285ba565ff49af542":"067cd6ff8461ac80217ef70a91dcf6edb2fbdd31856815cf356fffa63ba3f5cb293d7f1ed32ae40248693617f27839a34e871fdde635c04d1e66743f730a06e2be25cafe1d67d804879fe38e009268ec50a0294da445c795742ff1e924170e4c2e0e9ef3bdc26c251f5537218d295d93d57baccc4dee6185c235d7ec5c9926a6":120:"931f44f10993c836e534a59c1aeb98":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c732da000262de558bd3ea65e66e20e11605170c90b67708bda43f40abed74fe":"7d6c981c30ef87a46f53aecb4c97124fb94b45057635d5bf1d4f3a3bdb534e9ab62b4a425de9dc52537575ed9ff406cfbf75403d3d9cdbd9fcd520d62065f81483427fa27964642cc1a07822da0f6234a689eb30e8425d7709abfd18666c76c963eecef20503ee77c96802c120abea1428cc64a08fc20860527854fecc571a6c":"523dd34ea263c31c2215053986626d02":"f170556ac5d38f0661bae33e0826356c8488218903eba1bfa49b16882537ef78283fd9351f37f44a7687049a608c3ddcc82817d4ba96a40d05807a38ee3f2d5cb8b1121db61318fe22bfd3afb319e84c4e2f94570a92433db29bd2193485449c719a2c6030696f53ac729df90678eb018783b25740d806d1ef6980e10d396595":"3470d4544f7bfa3ac0627a56e66c56fa062188440834b9238bd20e89dfc701fe6cfe0bf4ea2387014bd83c63ab7c912e1c0dce7c2d92eaea155f886b574bc94a8f4f275dffe2d84173a05b99d8029c36dd3c35c12709d33f55c3bcd96e9a815f77a4fe8e50639d8f195a526486f1209d7bf7e86ac3dfc4a1d2cbddb6d330e5db":112:"5924f3ceff0207fc8ba8179a9925":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2684bccf2b845314a0c4b8b5a780f91aa7ed1177539122dc8717c14bb50e2dff":"1a4174d4e18ae0b6434f35dcd9c86cf158c42ce00ceb12f4356ec118d659820518c326a1b2ab92279d949f74c45219c660cb84fb6b10b14d56a501173fd3b129ac89db0de22874d92bec724e94751f91a817a42a28e8e15672172c0b0db4ead46b14d4bc21ad8f5ba1f9e7e0fcc867700681349b8102a208d76ae4ef7df5b56e":"8433b59b41fe0cdc5b30e4e87c5028ec":"280026eeebf05e26e84955e4a36352d4f97f3193dce0795d526d05645bf5d2eec4b92ee8dce54d78fd3fc3e36bc79d5bf9ee3b2699310a75dbc5007bdacb4dc88d06515995f8f5b1aa90cb8fc036b763a5e819db70c091802fb7f24b9c2a68ff194032fffc4ef798936aabccbb43f22a2bbd7e1ab9d0434d443dac4929b84193":"cc155e04472c0872d5ccf8910d34496f380954da7653a1e1d3c460fbbc791c9b82e35176e938b7e21eb4690ed9fca74ba45a03dac4abc4f625ffdfad02e1acccf18b5a1878f911fb6f6e09ce0d4c6a0bb87226e914879a1b3085c30e8328aa6e0d1c49c21b760b82e469981b40ea102f3998c81dd9799f484ab89b19396ab7e1":112:"5a80008e6da40c71b316b84ae284":0
AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"484a33ba0b97c2887a86a1476f274e236eb37a72e05f9e74348248877ea99e98":"4d81cec14b398257a31ad1e3581c00d05e12b37b71260bdd95bc0b6981b614598ffbbb3ec4bb7deb5673a1020139877122f88504c9c53265706fe76623a9b488a3dfdd4cbc1b7b46c7fce9d7378e164964c0a377337a5c172e5e4de6206375164cd7beb0305d7a90f5c73e12f445326e1bc9ac5acd1bd4bcbe4662524891a2e9":"c3a5cc19aef6d64b656d66fad697b829":"30f276f96a50e17b452dcb5e1b4ab666dc7c4c72d0d9ab2abaf77eae2e3bab7dbe5ac005d7eac5480e1bae13646b59155528abdc148b3b71f06d017c4b12d64aa3990cc96941eaac14b60eb347e0be873de2b6fe2b86e2c2fc063b29511b70144ecd315b9491001b122701b9c8cc1d85427b6c60663ccd9d1fa84e1c2f609f36":"579fd8fb50d795b5b208c2d5b0a8b1804f754a30a1003025301655aebcda2d2ff30d29a16d0fb17a28401127750fc87c9e3aa08540817228b049c387253ea2359035b8063ab4bf54504ca5ad93b54b8ac5bd0c1ef3c6769fb1ed239bb76f3e0bc51d356aa91b494d22749c8e4cdb1629e93f7c6e46ff9145916c1275669ae5ba":112:"1c39aac1d5ffe7916a08ab2ce279":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4a5f5321b515cfcde493148ee4c44c693b1979b3a3ba522a2a80e5d27c93fd1b":"962b8504feb57ae73e93c2e8962c9562f409c908e51f9904df1623eaa0c6b998db6ee8919d805b6ffcc37da51300c1ae16bca21f8f6f63af989a813ae8fe28c3fb012f003dab7e71b08d757799208806062d62b4ac937712409f9fafff3e3579a4d92d4437a6f0b263e1da7e4651e0a521be5f6f49ff5a0778f07bd5d3dac696":"c2cb0166046bad0cf0a107af83921d7a":"e48abfb657ab33f58eeda8c58a20e7e299bc3e7481f704c326529408580f9a5130cf6f7368502d20b03ba6c3b8f6f28c076a3ef7b8e987750dc972be953e712483e6f328da57e4b5c501fa7c720593eb89ff9644fbdc45478f80ee89f096694dcb44a9b3a6aca0904d4aa4e475b4b24771df9fd6ef9557f4f5c842ac241b212f":"11bd55d969603ff3d46355cb19c69557b99825a4c23eeafc8eed8422dab537c0fa9753191c49a6fd9e0d6760ed816a49e7f5704b5936a498544e2bbba7875c513c031f11527ca1b9b579960be6964fba9119dcece8205c174be07ebffada83375678de76fc012b0ee179787b4aa9fb6e2b459575260eb01f23786dc24d1d45ef":104:"36853a029b5163ca76c72d4fec":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c8f7b7e6295fc8e33740bf2807caeaf4b90817cc3ef3d9f38f704d9f6164e41d":"4c26e489069b487ce9dc0e295d5e89760401185374041b0efca5bbf758e7d010ccbfe5999e2a817776aa8f49c1e5d43bcdade2989fe5be635dab54cb0e390a21b832b30f688857b9e09c346bcc5397e51cf71acbe1bfcaa1ecd7e87fe5dfde180d951922e60dd8203ff210c995eb54bb981f7e931f0b1f52dce0cf1b2eba503f":"903b2eeb9d0b3794acb7439d341cfe0d":"83e99497bfbe9393b065b0b18c13f99b67f1fdd724fd5d70cdccd2b8dd658499cb9f57e1a1fe39634ab0869182de085722a79eaabf057aac7b3f3230f51a2f9b48b49d592f02246dacbe915ff9d9a53f7e5332f7a9d89649050b075c07e5e74f281ca1a0dbe632c0aecf3b1911cd6ec4f8facc2777d0d14784bf5951a1c62c33":"63e2941bf4a13374627be66bdd4e57119149f81f4c1a8a321d27a4a79e7d61e2dcec9d7b13fcccf12f5b059cc209f8414ae81966462a266e92b4b3c25198ee240e0bc6f6197df1e24e8d4379fcae89e6240a7f9c7bab886e79990b846e98e4bacb8b3b17422249943e9973de42da5e38e4eb52830b1facce766b3389a5312476":104:"6e31c5db3146ae45ef5d50485e":0
AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dec062efc1bd2556b87a81143d025abbaa532c586d5ebb065859a2071f8f07e4":"02191bcb060e61827dbddac6c2961dbab8812cdc2ac77bf0275628e8e36bae18ad4deb77b2682ade0aef76afd4592173ba29dae4d0735963c803856eaa6f60a6c21785358e87f3c4a91e321c59e04c150297de873679194ba5ca857f7d91ffc358e73810d555ebd4dbd1fe4fbc4ffa4ff38e4b41db9af0a84fe9828708631469":"19abd0361443c3ac2a46f2606eeb1a69":"c3785e7c0095726fd1f3ca842057b0ea2baf9c3fe1119c2147609158a2039f26cedf8a44e046955ba7e7cad9f48cb49274fc53b109d7897e080af252e7dc64807c276bcf668d2cd505c9ce8e584609d293ebd2a4515bfbaf78c413d6e29dc90974db38b564ffe9a40d3955dba9f19b6f39bf942669cf80e4676d6c10df566ca1":"91a16c7fe029e3fddacf0809dde7d041c438977b89192e6fed7605d0133f3d9e810355d186432f6529bd2c4cb9dadb4fedf5128cb45e25a3a46bf74ed93f31349f64a69dbe86592d76e437947f1c1d7270d1cffe80afe10ae8523541961eacee1838c168a2ab76703ea4674a68a96b8a298a672ffc140e98e452d501fd57f000":104:"5b4071a4be0543aaa59b56de35":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9b7b700d978e33ae9311b206347f488e2832fad5ce7e6026ad5e24fb47104fcb":"37aef6e4200c6abc3d161daaf9dd6ede002ce8c63d9ed54e8ac56bdc8d36906bea663d2857d8d543166ba150827735ec78e37f92e682275e268d377b1880970df232162e55c9311882f889e7d183e5cf4972691c85f81c47e1224b9c97ee3963d75c6a032270ad6d713c999913f0b58a2d4f42b85a3b0b40541a31398cdfb4b0":"d0bbc284af767af9a31b863d66cb6138":"dfb87a65ab2d99d7d753042aa47448ad830e546d298d6ad52b85207bbb0cbe8cf3cdb12b3544f1fc228fdae04a241abf9e71de8ae14f2de2c261469c383c682e13582e07cddb1ed9bff1fd2aa0be7978096a914676dfbe7bec6edd927362f656ce1de86229bc511cfec4cda77a1e761e7ab8664e4df08cb820ebdb604c2cdbb0":"dcd5575d94fffc647d4c081e3ce03928651419a32ada2af02de2f58d68fa98eb1fd5ef671875719a9c65b9ecc69513408a79a0a5d57cabd04f8e651f5b8fc1ff42ce58d8a212ac2bcb83c5c53c542c282553a62b4e3d7d4f049ab13172739a0f46e0a2fd9aec54eb0c84141c6b341783754372df69d39e48cc24eb3d9ddb21a9":96:"4a7ac79db94b27469b92343a":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce15e61edd9320ceacbf3984d87c707159caa738e7e76285be00b5a95954b523":"8af4a7d92441ce931815fa4e24d69f66256fec7e62f79a029b684b5db304a46b2a3d3a7ee8d6b7ae38caa7de526d5c0f28dc65a0913a383b7ee1640cbe24997ba95b9b12fa1e9ce9f9100d883c16b6286dce17e381af15113f56197c97fe6b45be00a3df05045f476829d7b303211ac97cf989a18c16e27fbf23570d9d18f04b":"b1269c8495ea1469ff41d8154ae6765e":"0ad26a08a5cc2ec825347d7ffd5aac795eb68aa7e22970d991c863fa6d1fa720137aa5cde4e382625a0038e6ed72da3b5003c1b2a953c2b2138e0cf870cca4afb595c0451aa793fb0a2bc43834a0aca1e760590cca765ad672ead975993f82ae6765c5afbddc6062d7c4babebf650ab097db1a1d9a2a99e8fd2e0eb8a7b916f6":"ad0ab4e77257866e4a57cf44fa4049428e56a6e8b8fd47b4cd00bfce84fa8f5a43f1df2061b0a37311b4a1436bad0d61d52ced5e262ed41a7eb125d61cec2e3fbaa95e533b43f318048096ebc8466f0cd609bb5e7c3fc6e5701aace546618a170f88c0b7ed76b63759ca4e4b931a86ac379dd12ad2cba7d47a19a3ae7c242fb0":96:"fb1e988f9c97358a17e35e6f":0
AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aef24b8205d4085d978505f04724293c2819ef9f3f03a6c758078690fc4bf7c8":"db26453170db2f984312e0cf961d1a7df1154f0525c31f166be5c9f516736501f9f2dd8096a69b6441888ce27aaceacb0b365a38e4e01e2e34027c023206e814f22d46fd2fa69f87509ddced4b8852a76b2532b92f069b8c922ac13b2b7f19cb7c524657a4ee6e989cf2598bef674aa31576776853fb7f9a2704d6b3ee7fbcbb":"81456baa337c3dfd162d9c5f72a2e216":"484a5f4772643cf74ccdced0e5d80862f9300f26ae3139968649d3d7bb761b313f2ba63798b2040d397c3d1569285fee8498fd9254851c15b98af5bd351fa72e7d574c62ede0d728e1279e8b4e4784fd63ea7851e99d1d2356bcbf868528f8d0a90fc3b884ece631648d916ec97abadca1b0dd7670e6ad42245021570582ec7c":"da95c61cd2bb88fea78c059c254d2b949d4fc291c73ac178ace44c1e6a339f64931c857d3a7cb276a04993620adb6918dfd3f9083edad384a8e6c1d4799d526a1c969d8deb0e2667d6d06f559baf914b49fc463244528aa6522d19699065438d939521d7d7bb149835298f2054bcaae6d786f6dde133b640697a3d37c697579a":96:"bc1c1cbcad2e1a66ace079a2":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9685aea9aaebbd691e679779034729306d5887bee4c1f90f6ee3a397a0ff3ece":"ae3b2fa1e209f72c167eb16bc15b7669b87d4ab516e428157810b87a83e90d56e267bd4996522b5b22c2a349d3765ca27ea27057dd71f7c18ddd053033bd780b6cb689f48c383e9c717b9b265cb9e32c70c4a7d8fb933e986d996b5ad914cd645b74c47ac3a0de952ee3fc73ada83d896da7ca0b2a0b10e4f701fa13cba9ec50":"b1bc140531ae8c69e2ffc784e0988038":"294ff858fa6efc82ca3be4d05332bbb951a71a7ddfa4b78472e1582b445312eec11793d8d6e1e858d9cb078b5fc9083ac8a3e3bd82964cb07c08450567922299f68fd47663c7a77c29f2b5347f229301433d5a75263158a0d80095859e7e45476b99b23412046bfbe4eafff9f7820ba49919d2c987cf00c286c784e7669d8fe8":"6575128b576e68f7b3709e325b3d616783b42ff7f7631eb62b90cb0c8a86bd324756f43af53c33cbdaf9cf64ea94cf1b7fab5003f00c1d07f3fc8eb1931d759f9c43477ba22311a111488092c42b7786facf42b861a824cd1bcdc603a77d11253f15206a929a3e16e8737d080b8e5f0da8896226989a9964d72e491187250472":64:"f78c4dd37c06b197":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3adf0da24394a98c7beae01d28f261a9cbd887aeeecc0c29e84540264d5a6bad":"8cf023d717b0f82f2b81750b53fb665c1c90f4740af4a3534b36b847df33ba5eec19eb24ead70a4b613a82572878216181d59b0c4c4df99be08d021cf182724d8ff5ec4e85884d0f69c16238fbbdbc5529ffcc4e418405e4e95139f79d3115a1ac56820cd39fc413ab72f7d447f947cb0541fc2be261f1246c0a786199013b22":"ad41288817577316df2d881ac93fcdef":"ad33ce922372fbe3531c0dece69f85f18eb1bbfb09a178403832308de0e54b1010db2636c4b7d9caa478138f61db5149c9fd7f3b45b7a1876729fe67622a37f0b322ef9cf6043b301a5d4c81e6f347d22bd3e40722059d3be945845c6b0629fbcfcaf885c7f393aa81f242c48c61a439574761ef6b671972cac664403250750e":"9d465e9c4228323946b1261892243d8455edb9eb8633d026d4033fa3965d20730979ba6952c0f6f2c5768f03c19256b64bc759d2e7b92424bbc668308504ba34384c2bb37baaf91a3a4f0952a050a3d69853141b49e86eda3bf0c4db4ebcd1c41e7f13eca20bf574a47ec45b8c98def17c0741805bf8f37923ba2b5221428578":64:"507618cec6d03964":0
AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9ef64b4132db54668568e2ae66ab61f62a820c7002a67a7e42006280a373feba":"4b96dce753273188c4cca3386a7415d5d9263757376e1f32797df47992e92e1bc0ab0833363b3acffde22602d4e47307bc8f252944414a15e1398693fd3b8bf4d8101cdcf70ce2c9de8cb7f5bb17cd83f09b1bc78ba07c34b9214e250c5940e9794199cb392309027d5ab4f32b51c533db6732024bd412f2cb0c5178d5296aa5":"07a86dbe2cce040eccdad79b3d211ecc":"af7a75748ee293015b600ca82ccc7718f4ecc20c3a2357ee02fb726330a0d79ca8bb97979bc0c89f4c60d7154f8bd29ba6ec5f2f4be286ea8a258cf6bd39b4f42d6db8e70c99ec3af26bb4d8003dc6fd0fdfbbc620d511d4d5f09ddf975a1663ac2979ae0978b0bc1e7bfcd660ae4ac7f1a8f6d8ee35752ed59a604f07dfda53":"e3e862146b6fb48b01ababc462dd560298eea7bfe5f3248e28a908d1de08c7e91fcf63922c394e7a51b64f4382225093e78598c050e588ff4ad38f3e83dc07b77ce569c6ab8f8a9cb0056b3155aa1503cebeb64c86d6d9cdbb178ea9a01a8ba33a1c48beb92ee4cf60e7dedf986019e19089cd186c98c229b0ff42c9e1aca571":64:"8614c216055c0660":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f14ac79f35bc5a685433eea5bb7fd69fc959aabda24cbd8b7795fb2e41f90ab0":"8a20da14819079960b77ed5e548d0aa0bdcffb752817c1abe4195e612cfbb58c8e5a8af69f75bad10ee8afdf0b0d5c46c4dc11c32bff16d5e7e82e77fd80e475c6a5a0be36718af232697ab22314306b8ee32484b3461da657710c06170e80a6a8844f898c2be29366c8430f2392d100ffd419603cbce406dc7315577e6e9ee2":"353e1d08edce44c966430513cb7a0383":"cb1dde4ff5a6867038c170192fc2d292f5bb349d5b9a903cf3d88c09ce78fb1f4a776ff7588a25abb5e5f6a44791d7296afef3f32ed31db1def37dd25be0570a204955121f9c65b79a3ea88fc452dbcb82719243c11bc27e3408adf802b6e8b4e701ee4e9dfd140cb3277bf605bd5fb757d2325f7805fc6f0d1ea5a6207fac5f":"49b5e4ea0421034c074cde67dd39a0310c3f31e8138672ba2ecc0777be542f1c6529836d5206b79dac83d96aab56787a35c584b31228f007f11630328c3f40a57be37487689ee5babb576e7d14ff0f1f1ba6e4be11637352a4336327681058b99df2e44f9772de4e0e456d2e34dec5eeb335b238e862841d166e0612cc0f18f3":32:"88aed643":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b55ac909e73989e310ae37d13c54bbd5a126f419a3b01a2ad8961d89bd247f81":"8a663e8b21a027c4a9545d145d42d9c67b4fcd5d0e39aa68822aedbd609e2c681f60e6315035321de739858b2b082bc05551fe9b8456c2e89c6151282c6068b915eae5762e4d6d765d667de58a315e061b3d60035ada50f59258eb6e2a1cd6b52eea7eb9d404fd96e71f19feff65b74a4b4f07061adf7c1b0e54e2ece7a2cd49":"9328abab0d3f63c75ddafd8559d96b4f":"cbae20aa1996abb62471aac91cd78080953fbe3b165d4c9435832ef1106e7e3424db8850f44a431c289ab4f2bbbea9e5c0c7aaf2e8de69c0ced176283662cadd280d8fda0c859551f0f90893ca57695c95803a1546826922ac78703d7ccae285b7ccd4bbab551756cccc6869dcf34b6af8d8b80c25c6fb1d2caa7f28161fb854":"457e13ff4eeaaae75d14bbf1bff91706c3168b9b146aed29dbe31b12ad90c1c158833be95701229ac6e4a13997e0a2d961d4a0021c4d8920ec54a9a935e5ea73b17e8fa60559df76bd07d966dfa7d86d1a77a313228b2ae7f66b5b696726c02af2c808bf75e0b9591a220e762f57c680ca68f20b2b5413b07731bbd49de039bf":32:"5de0434a":0
AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1477e189fb3546efac5cc144f25e132ffd0081be76e912e25cbce7ad63f1c2c4":"7bd3ea956f4b938ebe83ef9a75ddbda16717e924dd4e45202560bf5f0cffbffcdd23be3ae08ff30503d698ed08568ff6b3f6b9fdc9ea79c8e53a838cc8566a8b52ce7c21b2b067e778925a066c970a6c37b8a6cfc53145f24bf698c352078a7f0409b53196e00c619237454c190b970842bb6629c0def7f166d19565127cbce0":"c109f35893aff139db8ed51c85fee237":"8f7f9f71a4b2bb0aaf55fced4eb43c57415526162070919b5f8c08904942181820d5847dfd54d9ba707c5e893a888d5a38d0130f7f52c1f638b0119cf7bc5f2b68f51ff5168802e561dff2cf9c5310011c809eba002b2fa348718e8a5cb732056273cc7d01cce5f5837ab0b09b6c4c5321a7f30a3a3cd21f29da79fce3f3728b":"7841e3d78746f07e5614233df7175931e3c257e09ebd7b78545fae484d835ffe3db3825d3aa1e5cc1541fe6cac90769dc5aaeded0c148b5b4f397990eb34b39ee7881804e5a66ccc8d4afe907948780c4e646cc26479e1da874394cb3537a8f303e0aa13bd3cc36f6cc40438bcd41ef8b6a1cdee425175dcd17ee62611d09b02":32:"cb13ce59":0
AES-GCM Bad IV (AES-256,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
AES-GCM Selftest
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_GCM_CAN_AES
gcm_selftest:
diff --git a/tests/suites/test_suite_gcm.camellia.data b/tests/suites/test_suite_gcm.camellia.data
index 9b71d7c..0297806 100644
--- a/tests/suites/test_suite_gcm.camellia.data
+++ b/tests/suites/test_suite_gcm.camellia.data
@@ -1,215 +1,215 @@
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #1 (128-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":"":128:"f5574acc3148dfcb9015200631024df9":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #2 (128-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"00000000000000000000000000000000":"000000000000000000000000":"":"defe3e0b5c54c94b4f2a0f5a46f6210d":128:"f672b94d192266c7c8c8dbb427cc989a":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #3 (128-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":"cafebabefacedbaddecaf888":"":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":128:"86e318012dd8329dc9dae6a170f61b24":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #4 (128-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":128:"9f458869431576ea6a095456ec6b8101":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #5 (128-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":128:"e86f8f2e730c49d536f00fb5225d28b1":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #6 (128-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"2e582b8417c93f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":128:"ceae5569b2af8641572622731aed3e53":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #7 (192-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":"":128:"ba9ae89fddce4b51131e17c4d65ce587":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #8 (192-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"000000000000000000000000":"":"8f9c0aa2549714c88bb2665e8af86d41":128:"783cff5c5aca7197320658a74279ab37":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #9 (192-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":"cafebabefacedbaddecaf888":"":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":128:"8d645a0b0e48d3c3b60a014157cb49b4":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #10 (192-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":128:"01b15bb5ab6fac0c422014e91eacbf2b":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #11 (192-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":128:"f876143d933214a5035ff0bb96ff650b":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #12 (192-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":128:"4b72e520b2521e63d240ed5c903216fa":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #13 (256-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":"":128:"9cdb269b5d293bc5db9c55b057d9b591":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #14 (256-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"000000000000000000000000":"":"3d4b2cde666761ba5dfb305178e667fb":128:"284b63bb143c40ce100fb4dea6bb617b":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #15 (256-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":"cafebabefacedbaddecaf888":"":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":128:"c912686270a2b9966415fca3be75c468":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #16 (256-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":128:"4e4b178d8fe26fdc95e2e7246dd94bec":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #17 (256-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":128:"e6472b8ebd331bfcc7c0fa63ce094461":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #18 (256-en)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":128:"5791883f822013f8bd136fc36fb9946b":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #1 (128-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":128:"f5574acc3148dfcb9015200631024df9":"":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #2 (128-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"defe3e0b5c54c94b4f2a0f5a46f6210d":"000000000000000000000000":"":128:"f672b94d192266c7c8c8dbb427cc989a":"":"00000000000000000000000000000000":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #3 (128-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":"cafebabefacedbaddecaf888":"":128:"86e318012dd8329dc9dae6a170f61b24":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #4 (128-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"9f458869431576ea6a095456ec6b8101":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #5 (128-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e86f8f2e730c49d536f00fb5225d28b1":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #6 (128-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"2e582b8417c93f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"ceae5569b2af8641572622731aed3e53":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #7 (192-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"ba9ae89fddce4b51131e17c4d65ce587":"":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #8 (192-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"8f9c0aa2549714c88bb2665e8af86d41":"000000000000000000000000":"":128:"783cff5c5aca7197320658a74279ab37":"":"00000000000000000000000000000000":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #9 (192-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":"cafebabefacedbaddecaf888":"":128:"8d645a0b0e48d3c3b60a014157cb49b4":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #10 (192-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"01b15bb5ab6fac0c422014e91eacbf2b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #11 (192-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"f876143d933214a5035ff0bb96ff650b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #12 (192-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4b72e520b2521e63d240ed5c903216fa":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #13 (256-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"9cdb269b5d293bc5db9c55b057d9b591":"":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #14 (256-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"3d4b2cde666761ba5dfb305178e667fb":"000000000000000000000000":"":128:"284b63bb143c40ce100fb4dea6bb617b":"":"00000000000000000000000000000000":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #15 (256-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":"cafebabefacedbaddecaf888":"":128:"c912686270a2b9966415fca3be75c468":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #16 (256-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4e4b178d8fe26fdc95e2e7246dd94bec":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #17 (256-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e6472b8ebd331bfcc7c0fa63ce094461":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #18 (256-de)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"5791883f822013f8bd136fc36fb9946b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #1 (128-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":128:"f5574acc3148dfcb9015200631024df8":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #2 (128-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"defe3e0b5c54c94b4f2a0f5a46f7210d":"000000000000000000000000":"":128:"f672b94d192266c7c8c8dbb427cc989a":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #3 (128-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":"cafebabefacedbaddecaf889":"":128:"86e318012dd8329dc9dae6a170f61b24":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #4 (128-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"9f458869431576ea6a095456ec6b8100":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #5 (128-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":"cafebabefacedbad":"feedfadedeadbeeffeedfacedeadbeefabaddad2":128:"e86f8f2e730c49d536f00fb5225d28b1":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #6 (128-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"2e582b8417c83f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"ceae5569b2af8641572622731aed3e53":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #7 (192-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"ba9ae89fddce4b51131e17c4d65ce586":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #8 (192-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"8f9c0aa2549714c88bb2665e8af86d42":"000000000000000000000000":"":128:"783cff5c5aca7197320658a74279ab37":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #9 (192-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"ffffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":"cafebabefacedbaddecaf888":"":128:"8d645a0b0e48d3c3b60a014157cb49b4":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #10 (192-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"11b15bb5ab6fac0c422014e91eacbf2b":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #11 (192-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad3":128:"f876143d933214a5035ff0bb96ff650b":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #12 (192-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a328a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4b72e520b2521e63d240ed5c903216fa":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #13 (256-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000001":"":"000000000000000000000000":"":128:"9cdb269b5d293bc5db9c55b057d9b591":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #14 (256-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"3d4b2cde666761ba5dfb305178e667fb":"000000000000000000000001":"":128:"284b63bb143c40ce100fb4dea6bb617b":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #15 (256-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4949d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":"cafebabefacedbaddecaf888":"":128:"c912686270a2b9966415fca3be75c468":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #16 (256-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":"cafebabefacedbaddecaf888":"ffedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4e4b178d8fe26fdc95e2e7246dd94bec":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #17 (256-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e6472b8ebd331bfcc7c0fa63ce094462":"FAIL":"":0
Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #18 (256-bad)
-depends_on:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a9f9467308308feffe9928665731c6d6a8f9467308308":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"5791883f822013f8bd136fc36fb9946b":"FAIL":"":0
diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function
index 747914f..599c926 100644
--- a/tests/suites/test_suite_gcm.function
+++ b/tests/suites/test_suite_gcm.function
@@ -171,6 +171,7 @@
mbedtls_gcm_context ctx;
size_t tag_len = tag_len_bits / 8;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
memset(output, 0x00, sizeof(output));
@@ -183,6 +184,7 @@
exit:
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -200,6 +202,7 @@
size_t n1;
size_t n1_add;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
memset(output, 0x00, 128);
@@ -230,6 +233,7 @@
exit:
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -247,6 +251,7 @@
size_t n1;
size_t n1_add;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
memset(output, 0x00, 128);
@@ -287,6 +292,7 @@
exit:
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -300,6 +306,7 @@
{
mbedtls_gcm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0);
@@ -308,6 +315,7 @@
cipher_update_calls);
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -322,6 +330,7 @@
{
mbedtls_gcm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0);
@@ -330,6 +339,7 @@
ad_update_calls);
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -341,6 +351,7 @@
{
mbedtls_gcm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0);
@@ -348,6 +359,7 @@
iv_str, tag_str);
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -361,6 +373,7 @@
{
mbedtls_gcm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0);
@@ -370,6 +383,7 @@
exit:
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -384,6 +398,7 @@
{
mbedtls_gcm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0);
@@ -393,6 +408,7 @@
exit:
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -404,6 +420,7 @@
{
mbedtls_gcm_context ctx;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0);
@@ -411,6 +428,7 @@
iv_str, tag_str);
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
@@ -444,6 +462,7 @@
size_t olen = 0;
size_t output_len = input->len - 1;
+ BLOCK_CIPHER_PSA_INIT();
mbedtls_gcm_init(&ctx);
TEST_EQUAL(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8), 0);
TEST_EQUAL(0, mbedtls_gcm_starts(&ctx, mode, iv->x, iv->len));
@@ -455,12 +474,15 @@
exit:
mbedtls_free(output);
mbedtls_gcm_free(&ctx);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_CCM_GCM_CAN_AES */
void gcm_selftest()
{
+ BLOCK_CIPHER_PSA_INIT();
TEST_ASSERT(mbedtls_gcm_self_test(1) == 0);
+ BLOCK_CIPHER_PSA_DONE();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index e697491..af1e20c 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -621,62 +621,62 @@
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_PK_WRITE_C
pk_psa_sign:1024:PSA_KEY_TYPE_RSA_KEY_PAIR:1024
-PK Sign ext:RSA2048,PK_RSA,MD_SHA256
+PK sign ext: RSA2048, PK_RSA, MD_SHA256
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256
-PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256
+PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA256
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256
-PK Sign ext:RSA2048,PK_RSA,MD_SHA384
+PK sign ext: RSA2048, PK_RSA, MD_SHA384
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384
-PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384
+PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA384
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384
-PK Sign ext:RSA2048,PK_RSA,MD_SHA512
+PK sign ext: RSA2048, PK_RSA, MD_SHA512
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512
-PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512
+PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512
-PK Sign ext:SECP256R1,PK_ECDSA,MD_SHA256
+PK sign ext: SECP256R1, PK_ECDSA, MD_SHA256
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256
-pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256
+pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256
-PK Sign ext:SECP384R1,PK_ECDSA,MD_SHA384
+PK sign ext: SECP384R1, PK_ECDSA, MD_SHA384
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA384
-pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384
+pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384
-PK Sign ext:SECP521R1,PK_ECDSA,MD_SHA512
+PK sign ext: SECP521R1, PK_ECDSA, MD_SHA512
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1:MBEDTLS_MD_CAN_SHA512
-pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512
+pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512
-PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA256
+PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA256
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256
-PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256
+PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA256
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256
-PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA384
+PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA384
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384
-PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384
+PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA384
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384
-PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA512
+PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA512
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512
-PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512
+PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index fa0b03b..226598c 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -84,25 +84,25 @@
/** Generate a key of the desired type.
*
- * \param pk The PK object to fill. It must have been initialized
- * with mbedtls_pk_setup().
- * \param parameter - For RSA keys, the key size in bits.
- * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
+ * \param pk The PK object to fill. It must have been initialized
+ * with mbedtls_pk_setup().
+ * \param curve_or_keybits - For RSA keys, the key size in bits.
+ * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
*
- * \return The status from the underlying type-specific key
- * generation function.
- * \return -1 if the key type is not recognized.
+ * \return The status from the underlying type-specific key
+ * generation function.
+ * \return -1 if the key type is not recognized.
*/
-static int pk_genkey(mbedtls_pk_context *pk, int parameter)
+static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits)
{
- ((void) pk);
- (void) parameter;
+ (void) pk;
+ (void) curve_or_keybits;
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) {
return mbedtls_rsa_gen_key(mbedtls_pk_rsa(*pk),
mbedtls_test_rnd_std_rand, NULL,
- parameter, 3);
+ curve_or_keybits, 3);
}
#endif
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
@@ -112,7 +112,7 @@
int ret;
#if defined(MBEDTLS_ECP_C)
- ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, parameter);
+ ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, curve_or_keybits);
if (ret != 0) {
return ret;
}
@@ -123,7 +123,7 @@
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- ret = pk_genkey_ec(pk, parameter);
+ ret = pk_genkey_ec(pk, curve_or_keybits);
if (ret != 0) {
return ret;
}
@@ -319,7 +319,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg,
- int key_alg2, int parameter, int alg_check, int usage_check,
+ int key_alg2, int curve_or_keybits, int alg_check, int usage_check,
int result)
{
mbedtls_pk_context pk;
@@ -336,7 +336,7 @@
psa_set_key_enrollment_algorithm(&attributes, key_alg2);
}
psa_set_key_type(&attributes, key_type);
- psa_set_key_bits(&attributes, parameter);
+ psa_set_key_bits(&attributes, curve_or_keybits);
PSA_ASSERT(psa_generate_key(&attributes, &key));
@@ -350,7 +350,7 @@
} else {
TEST_EQUAL(mbedtls_pk_setup(&pk,
mbedtls_pk_info_from_type(key_type)), 0);
- TEST_EQUAL(pk_genkey(&pk, parameter), 0);
+ TEST_EQUAL(pk_genkey(&pk, curve_or_keybits), 0);
TEST_EQUAL(mbedtls_pk_get_type(&pk), key_type);
}
@@ -407,6 +407,16 @@
buf, buf_size, &buf_size,
NULL, NULL,
NULL));
+ TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+ mbedtls_pk_sign_ext(pk_type, &ctx, MBEDTLS_MD_NONE,
+ NULL, buf_size,
+ buf, buf_size, &buf_size,
+ NULL, NULL));
+ TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+ mbedtls_pk_sign_ext(pk_type, &ctx, MBEDTLS_MD_SHA256,
+ NULL, 0,
+ buf, buf_size, &buf_size,
+ NULL, NULL));
exit:
mbedtls_pk_free(&ctx);
USE_PSA_DONE();
@@ -443,14 +453,6 @@
NULL) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
- TEST_ASSERT(mbedtls_pk_sign_restartable(&pk,
- MBEDTLS_MD_NONE,
- NULL, 0,
- buf, sizeof(buf), &len,
- mbedtls_test_rnd_std_rand, NULL,
- NULL) ==
- MBEDTLS_ERR_PK_BAD_INPUT_DATA);
-
TEST_ASSERT(mbedtls_pk_sign(&pk,
MBEDTLS_MD_NONE,
NULL, 0,
@@ -458,6 +460,13 @@
mbedtls_test_rnd_std_rand, NULL) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+ TEST_ASSERT(mbedtls_pk_sign_ext(MBEDTLS_PK_NONE, &pk,
+ MBEDTLS_MD_NONE,
+ NULL, 0,
+ buf, sizeof(buf), &len,
+ mbedtls_test_rnd_std_rand, NULL) ==
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
TEST_ASSERT(mbedtls_pk_verify_restartable(&pk,
MBEDTLS_MD_NONE,
NULL, 0,
@@ -536,7 +545,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void pk_utils(int type, int parameter, int bitlen, int len, char *name)
+void pk_utils(int type, int curve_or_keybits, int bitlen, int len, char *name)
{
mbedtls_pk_context pk;
@@ -544,7 +553,7 @@
USE_PSA_INIT();
TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
- TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
+ TEST_ASSERT(pk_genkey(&pk, curve_or_keybits) == 0);
TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type);
TEST_ASSERT(mbedtls_pk_can_do(&pk, type));
@@ -848,7 +857,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */
-void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret)
+void pk_sign_verify(int type, int curve_or_keybits, int sign_ret, int verify_ret)
{
mbedtls_pk_context pk;
size_t sig_len;
@@ -874,7 +883,7 @@
memset(sig, 0, sizeof(sig));
TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
- TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
+ TEST_ASSERT(pk_genkey(&pk, curve_or_keybits) == 0);
TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_SHA256,
hash, hash_len,
@@ -1175,22 +1184,31 @@
memset(hash, 0x2a, sizeof(hash));
memset(sig, 0, sizeof(sig));
- TEST_ASSERT(mbedtls_pk_setup(&pk,
- mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
+ TEST_EQUAL(mbedtls_pk_setup(&pk,
+ mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)), 0);
#if defined(MBEDTLS_PKCS1_V21)
- TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
- MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len) ==
- MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
+ MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len),
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
#endif /* MBEDTLS_PKCS1_V21 */
- TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len,
- sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len,
+ sig, sig_len),
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
- TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len,
- sig, sizeof(sig), &sig_len,
- mbedtls_test_rnd_std_rand, NULL)
- == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+#if defined(MBEDTLS_PKCS1_V21)
+ TEST_EQUAL(mbedtls_pk_sign_ext(MBEDTLS_PK_RSASSA_PSS, &pk,
+ MBEDTLS_MD_NONE, hash, hash_len,
+ sig, sizeof(sig), &sig_len,
+ mbedtls_test_rnd_std_rand, NULL),
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+#endif /* MBEDTLS_PKCS1_V21 */
+
+ TEST_EQUAL(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len,
+ sig, sizeof(sig), &sig_len,
+ mbedtls_test_rnd_std_rand, NULL),
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
exit:
mbedtls_pk_free(&pk);
@@ -1286,8 +1304,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */
-void pk_psa_sign(int parameter_arg,
- int psa_type_arg, int expected_bits_arg)
+void pk_psa_sign(int curve_or_keybits, int psa_type, int expected_bits)
{
mbedtls_pk_context pk;
unsigned char hash[32];
@@ -1300,8 +1317,6 @@
int ret;
mbedtls_svc_key_id_t key_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_type_t expected_type = psa_type_arg;
- size_t expected_bits = expected_bits_arg;
/*
* This tests making signatures with a wrapped PSA key:
@@ -1315,19 +1330,19 @@
USE_PSA_INIT();
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
- if (PSA_KEY_TYPE_IS_RSA(psa_type_arg)) {
+ if (PSA_KEY_TYPE_IS_RSA(psa_type)) {
/* Create legacy RSA public/private key in PK context. */
TEST_ASSERT(mbedtls_pk_setup(&pk,
mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
TEST_ASSERT(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk),
mbedtls_test_rnd_std_rand, NULL,
- parameter_arg, 3) == 0);
+ curve_or_keybits, 3) == 0);
alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256);
} else
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
- if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) {
- mbedtls_ecp_group_id grpid = parameter_arg;
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
+ mbedtls_ecp_group_id grpid = curve_or_keybits;
/* Create legacy EC public/private key in PK context. */
TEST_ASSERT(mbedtls_pk_setup(&pk,
@@ -1338,7 +1353,7 @@
} else
#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */
{
- (void) parameter_arg;
+ (void) curve_or_keybits;
TEST_ASSUME(!"Opaque PK key not supported in this configuration");
}
@@ -1366,8 +1381,8 @@
PSA_ALG_NONE) == 0);
PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
- TEST_EQUAL(psa_get_key_type(&attributes), expected_type);
- TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits);
+ TEST_EQUAL(psa_get_key_type(&attributes), (psa_key_type_t) psa_type);
+ TEST_EQUAL(psa_get_key_bits(&attributes), (size_t) expected_bits);
TEST_EQUAL(psa_get_key_lifetime(&attributes),
PSA_KEY_LIFETIME_VOLATILE);
@@ -1378,7 +1393,7 @@
hash, sizeof(hash), sig, sizeof(sig), &sig_len,
NULL, NULL) == 0);
/* Only opaque EC keys support verification. */
- if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) {
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256,
hash, sizeof(hash), sig, sig_len) == 0);
}
@@ -1420,7 +1435,7 @@
mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0);
TEST_EQUAL(mbedtls_ecp_group_load(
&(mbedtls_pk_ec_rw(pk)->grp),
- (mbedtls_ecp_group_id) parameter_arg), 0);
+ (mbedtls_ecp_group_id) curve_or_keybits), 0);
TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec_ro(pk)->grp),
&(mbedtls_pk_ec_rw(pk)->Q),
pkey_legacy_start, klen_legacy), 0);
@@ -1440,14 +1455,13 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_GENPRIME */
-void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg)
+/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
+void pk_sign_ext(int pk_type, int curve_or_keybits, int key_pk_type, int md_alg)
{
- /* See the description of pk_genkey() for the description of the `parameter` argument. */
mbedtls_pk_context pk;
size_t sig_len;
unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
- unsigned char hash[PSA_HASH_MAX_SIZE];
+ unsigned char hash[MBEDTLS_MD_MAX_SIZE];
size_t hash_len = mbedtls_md_get_size_from_type(md_alg);
void const *options = NULL;
mbedtls_pk_rsassa_pss_options rsassa_pss_options;
@@ -1455,16 +1469,15 @@
memset(sig, 0, sizeof(sig));
mbedtls_pk_init(&pk);
- PSA_INIT();
+ MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_pk_setup(&pk,
- mbedtls_pk_info_from_type(pk_type)) == 0);
+ TEST_EQUAL(mbedtls_pk_setup(&pk,
+ mbedtls_pk_info_from_type(pk_type)), 0);
+ TEST_EQUAL(pk_genkey(&pk, curve_or_keybits), 0);
- TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
-
- TEST_ASSERT(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len,
- sig, sizeof(sig), &sig_len,
- mbedtls_test_rnd_std_rand, NULL) == 0);
+ TEST_EQUAL(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len,
+ sig, sizeof(sig), &sig_len,
+ mbedtls_test_rnd_std_rand, NULL), 0);
if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) {
rsassa_pss_options.mgf1_hash_id = md_alg;
@@ -1472,18 +1485,17 @@
rsassa_pss_options.expected_salt_len = hash_len;
options = (const void *) &rsassa_pss_options;
}
- TEST_ASSERT(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg,
- hash, hash_len, sig, sig_len) == 0);
+ TEST_EQUAL(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg,
+ hash, hash_len, sig, sig_len), 0);
exit:
mbedtls_pk_free(&pk);
- PSA_DONE();
+ MD_OR_USE_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_USE_PSA_CRYPTO */
-void pk_psa_wrap_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg)
+void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg)
{
- /* See the description of mbedtls_rsa_gen_key() for the description of the `parameter` argument. */
mbedtls_pk_context pk;
size_t sig_len, pkey_len;
mbedtls_svc_key_id_t key_id;
@@ -1507,7 +1519,7 @@
mbedtls_pk_info_from_type(pk_type)), 0);
TEST_EQUAL(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk),
mbedtls_test_rnd_std_rand, NULL,
- parameter, 3), 0);
+ key_bits, 3), 0);
/* Export underlying public key for re-importing in a legacy context. */
ret = mbedtls_pk_write_pubkey_der(&pk, pkey, sizeof(pkey));
diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function
index 1d0c287..2a5a5ba 100644
--- a/tests/suites/test_suite_pkcs12.function
+++ b/tests/suites/test_suite_pkcs12.function
@@ -69,7 +69,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_CIPHER_C */
void pkcs12_pbe_encrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw,
data_t *data, int outsize, int ref_ret, data_t *ref_out)
{
@@ -124,7 +124,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_CIPHER_C */
void pkcs12_pbe_decrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw,
data_t *data, int outsize, int ref_ret, data_t *ref_out)
{
diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function
index 2b0b0c1..afe9f38 100644
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@@ -27,7 +27,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_CIPHER_C */
void pbes2_encrypt(int params_tag, data_t *params_hex, data_t *pw,
data_t *data, int outsize, int ref_ret,
data_t *ref_out)
@@ -75,7 +75,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_CIPHER_C */
void pbes2_decrypt(int params_tag, data_t *params_hex, data_t *pw,
data_t *data, int outsize, int ref_ret,
data_t *ref_out)
diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data
index f82dcb5..6387735 100644
--- a/tests/suites/test_suite_pkparse.data
+++ b/tests/suites/test_suite_pkparse.data
@@ -1,893 +1,893 @@
Parse RSA Key #1 (No password when required)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
pk_parse_keyfile_rsa:"data_files/test-ca.key":"NULL":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #2 (Correct password)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLTest":0
Parse RSA Key #3 (Wrong password)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLWRONG":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #4 (DES Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_des.pem":"testkey":0
Parse RSA Key #5 (3DES Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_3des.pem":"testkey":0
Parse RSA Key #6 (AES-128 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes128.pem":"testkey":0
Parse RSA Key #7 (AES-192 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes192.pem":"testkey":0
Parse RSA Key #8 (AES-256 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes256.pem":"testkey":0
Parse RSA Key #9 (2048-bit, DES Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_des.pem":"testkey":0
Parse RSA Key #10 (2048-bit, 3DES Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_3des.pem":"testkey":0
Parse RSA Key #11 (2048-bit, AES-128 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes128.pem":"testkey":0
Parse RSA Key #12 (2048-bit, AES-192 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes192.pem":"testkey":0
Parse RSA Key #13 (2048-bit, AES-256 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes256.pem":"testkey":0
Parse RSA Key #14 (4096-bit, DES Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_des.pem":"testkey":0
Parse RSA Key #15 (4096-bit, 3DES Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_3des.pem":"testkey":0
Parse RSA Key #16 (4096-bit, AES-128 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes128.pem":"testkey":0
Parse RSA Key #17 (4096-bit, AES-192 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes192.pem":"testkey":0
Parse RSA Key #18 (4096-bit, AES-256 Encrypted)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes256.pem":"testkey":0
Parse RSA Key #19 (PKCS#8 wrapped)
-depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C
+depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C
pk_parse_keyfile_rsa:"data_files/format_gen.key":"":0
Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"PolarSSLTest":0
Parse RSA Key #20.1 (PKCS#8 encrypted SHA1-3DES, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #20.2 (PKCS#8 encrypted SHA1-3DES, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #21 (PKCS#8 encrypted SHA1-3DES, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"PolarSSLTest":0
Parse RSA Key #21.1 (PKCS#8 encrypted SHA1-3DES, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #21.2 (PKCS#8 encrypted SHA1-3DES, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #22 (PKCS#8 encrypted SHA1-3DES, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"PolarSSLTest":0
Parse RSA Key #22.1 (PKCS#8 encrypted SHA1-3DES, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #22.2 (PKCS#8 encrypted SHA1-3DES, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #23 (PKCS#8 encrypted SHA1-3DES DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.der":"PolarSSLTest":0
Parse RSA Key #24 (PKCS#8 encrypted SHA1-3DES DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.der":"PolarSSLTest":0
Parse RSA Key #25 (PKCS#8 encrypted SHA1-3DES DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.der":"PolarSSLTest":0
Parse RSA Key #26 (PKCS#8 encrypted SHA1-2DES)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"PolarSSLTest":0
Parse RSA Key #26.1 (PKCS#8 encrypted SHA1-2DES, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #26.2 (PKCS#8 encrypted SHA1-2DES, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #27 (PKCS#8 encrypted SHA1-2DES, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"PolarSSLTest":0
Parse RSA Key #27.1 (PKCS#8 encrypted SHA1-2DES, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #27.2 (PKCS#8 encrypted SHA1-2DES, 2048-bit no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #28 (PKCS#8 encrypted SHA1-2DES, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"PolarSSLTest":0
Parse RSA Key #28.1 (PKCS#8 encrypted SHA1-2DES, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #28.2 (PKCS#8 encrypted SHA1-2DES, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #29 (PKCS#8 encrypted SHA1-2DES DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.der":"PolarSSLTest":0
Parse RSA Key #30 (PKCS#8 encrypted SHA1-2DES DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.der":"PolarSSLTest":0
Parse RSA Key #31 (PKCS#8 encrypted SHA1-2DES DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.der":"PolarSSLTest":0
Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTest":0
Parse RSA Key #38.1 (PKCS#8 encrypted v2 PBKDF2 3DES, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #38.2 (PKCS#8 encrypted v2 PBKDF2 3DES, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #39 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"PolarSSLTest":0
Parse RSA Key #39.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #39.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #40 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"PolarSSLTest":0
Parse RSA Key #40.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #40.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #41 (PKCS#8 encrypted v2 PBKDF2 3DES DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"PolarSSLTest":0
Parse RSA Key #41.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #41.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #42 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"PolarSSLTest":0
Parse RSA Key #42.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #42.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #43 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"PolarSSLTest":0
Parse RSA Key #43.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #43.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #44 (PKCS#8 encrypted v2 PBKDF2 DES)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"PolarSSLTest":0
Parse RSA Key #44.1 (PKCS#8 encrypted v2 PBKDF2 DES, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #44.2 (PKCS#8 encrypted v2 PBKDF2 DES, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #45 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"PolarSSLTest":0
Parse RSA Key #45.1 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #45.2 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #46 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"PolarSSLTest":0
Parse RSA Key #46.1 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #46.2 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #47 (PKCS#8 encrypted v2 PBKDF2 DES DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"PolarSSLTest":0
Parse RSA Key #47.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #47.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #48 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"PolarSSLTest":0
Parse RSA Key #48.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #48.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #49 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"PolarSSLTest":0
Parse RSA Key #49.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #49.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #50 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #50.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #50.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #51 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #51.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #51.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #52 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #52.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #52.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #53 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTest":0
Parse RSA Key #53.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #53.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #54 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTest":0
Parse RSA Key #54.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #54.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #55 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTest":0
Parse RSA Key #55.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #55.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #56 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #56.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #56.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #57 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #57.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #57.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #58 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #58.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #58.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #59 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTest":0
Parse RSA Key #59.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #59.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #60 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTest":0
Parse RSA Key #60.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #60.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #61 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTest":0
Parse RSA Key #61.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #61.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #62 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"PolarSSLTest":0
Parse RSA Key #62.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #62.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #63 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"PolarSSLTest":0
Parse RSA Key #63.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #63.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #64 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"PolarSSLTest":0
Parse RSA Key #64.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #64.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #65 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"PolarSSLTest":0
Parse RSA Key #65.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #65.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #66 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"PolarSSLTest":0
Parse RSA Key #66.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #66.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #67 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"PolarSSLTest":0
Parse RSA Key #68.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #68.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #69 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"PolarSSLTest":0
Parse RSA Key #69.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #69.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #70 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"PolarSSLTest":0
Parse RSA Key #70.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #70.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #71 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"PolarSSLTest":0
Parse RSA Key #71.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #71.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #72 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"PolarSSLTest":0
Parse RSA Key #72.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #72.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #73 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"PolarSSLTest":0
Parse RSA Key #73.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #73.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #74 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"PolarSSLTest":0
Parse RSA Key #74.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #74.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTest":0
Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTest":0
Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTest":0
Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTest":0
Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTest":0
Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTest":0
Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTest":0
Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTest":0
Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTest":0
Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTest":0
Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTest":0
Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTest":0
Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"PolarSSLTest":0
Parse RSA Key #88.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #88.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #89 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"PolarSSLTest":0
Parse RSA Key #89.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #89.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #90 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"PolarSSLTest":0
Parse RSA Key #90.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #90.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #91 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"PolarSSLTest":0
Parse RSA Key #91.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #91.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #92 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"PolarSSLTest":0
Parse RSA Key #92.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #92.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #93 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"PolarSSLTest":0
Parse RSA Key #93.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #93.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #94 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"PolarSSLTest":0
Parse RSA Key #94.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #94.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #95 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"PolarSSLTest":0
Parse RSA Key #95.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #95.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #96 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"PolarSSLTest":0
Parse RSA Key #96.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #96.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #97 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"PolarSSLTest":0
Parse RSA Key #97.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #97.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #98 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"PolarSSLTest":0
Parse RSA Key #98.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #98.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #99 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"PolarSSLTest":0
Parse RSA Key #99.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, wrong PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #99.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, no PW)
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse Public RSA Key #1 (PKCS#8 wrapped)
@@ -1003,7 +1003,7 @@
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.comp.pem":"NULL":0
Parse EC Key #3 (SEC1 PEM encrypted)
-depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA
+depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pw.pem":"polar":0
Parse EC Key #4 (PKCS8 DER)
@@ -1220,11 +1220,11 @@
pk_parse_key:"3072020101300506032b656e04220420b06d829655543a51cba36e53522bc0acfd60af59466555fb3e1e796872ab1a59a01f301d060a2a864886f70d01090914310f0c0d437572646c65204368616972738121009bc3b0e93d8233fe6a8ba6138948cc12a91362d5c2ed81584db05ab5419c9d11":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Key ASN1 (Encrypted key PKCS5, trailing garbage data)
-depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS5_C
+depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_CIPHER_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C
pk_parse_key_encrypted:"307C304006092A864886F70D01050D3033301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC3949100438AD100BAC552FD0AE70BECAFA60F5E519B6180C77E8DB0B9ECC6F23FEDD30AB9BDCA2AF9F97BC470FC3A82DCA2364E22642DE0AF9275A82CB":"AAAAAAAAAAAAAAAAAA":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
Key ASN1 (Encrypted key PKCS12, trailing garbage data)
-depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS12_C
+depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_CIPHER_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C
pk_parse_key_encrypted:"3058301C060A2A864886F70D010C0103300E0409CCCCCCCCCCCCCCCCCC02010A04380A8CAF39C4FA001884D0583B323C5E70942444FBE1F650B92F8ADF4AD7BD5049B4748F53A2531139EBF253FE01E8FC925C82C759C944B4D0":"AAAAAAAAAAAAAAAAAA":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
# From RFC8410 Appendix A but made into version 0
diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function
index 64a3175..d416b87 100644
--- a/tests/suites/test_suite_pkparse.function
+++ b/tests/suites/test_suite_pkparse.function
@@ -34,13 +34,13 @@
res = mbedtls_pk_parse_keyfile(&ctx, key_file, pwd,
mbedtls_test_rnd_std_rand, NULL);
- TEST_ASSERT(res == result);
+ TEST_EQUAL(res, result);
if (res == 0) {
mbedtls_rsa_context *rsa;
TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA));
rsa = mbedtls_pk_rsa(ctx);
- TEST_ASSERT(mbedtls_rsa_check_privkey(rsa) == 0);
+ TEST_EQUAL(mbedtls_rsa_check_privkey(rsa), 0);
}
exit:
@@ -61,13 +61,13 @@
res = mbedtls_pk_parse_public_keyfile(&ctx, key_file);
- TEST_ASSERT(res == result);
+ TEST_EQUAL(res, result);
if (res == 0) {
mbedtls_rsa_context *rsa;
TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA));
rsa = mbedtls_pk_rsa(ctx);
- TEST_ASSERT(mbedtls_rsa_check_pubkey(rsa) == 0);
+ TEST_EQUAL(mbedtls_rsa_check_pubkey(rsa), 0);
}
exit:
@@ -83,11 +83,11 @@
int res;
mbedtls_pk_init(&ctx);
- USE_PSA_INIT();
+ MD_OR_USE_PSA_INIT();
res = mbedtls_pk_parse_public_keyfile(&ctx, key_file);
- TEST_ASSERT(res == result);
+ TEST_EQUAL(res, result);
if (res == 0) {
TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY));
@@ -98,13 +98,13 @@
#else
const mbedtls_ecp_keypair *eckey;
eckey = mbedtls_pk_ec_ro(ctx);
- TEST_ASSERT(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q) == 0);
+ TEST_EQUAL(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q), 0);
#endif
}
exit:
mbedtls_pk_free(&ctx);
- USE_PSA_DONE();
+ MD_OR_USE_PSA_DONE();
}
/* END_CASE */
@@ -115,18 +115,18 @@
int res;
mbedtls_pk_init(&ctx);
- USE_PSA_INIT();
+ MD_OR_USE_PSA_INIT();
res = mbedtls_pk_parse_keyfile(&ctx, key_file, password,
mbedtls_test_rnd_std_rand, NULL);
- TEST_ASSERT(res == result);
+ TEST_EQUAL(res, result);
if (res == 0) {
TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY));
#if defined(MBEDTLS_ECP_C)
const mbedtls_ecp_keypair *eckey = mbedtls_pk_ec_ro(ctx);
- TEST_ASSERT(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d) == 0);
+ TEST_EQUAL(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d), 0);
#else
/* PSA keys are already checked on import so nothing to do here. */
#endif
@@ -134,7 +134,7 @@
exit:
mbedtls_pk_free(&ctx);
- USE_PSA_DONE();
+ MD_OR_USE_PSA_DONE();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_platform.data b/tests/suites/test_suite_platform.data
index 4d57450..653d254 100644
--- a/tests/suites/test_suite_platform.data
+++ b/tests/suites/test_suite_platform.data
@@ -6,4 +6,10 @@
time_get_seconds:
Check mbedtls_calloc overallocation
+# This test case exercises an integer overflow in calloc. Under Asan, with
+# a modern Clang, this triggers an ASan/MSan/TSan complaint. The complaint
+# can be avoided with e.g. ASAN_OPTIONS=allocator_may_return_null=1,
+# but this has to be set in the environment before the program starts,
+# and could hide other errors.
+depends_on:!MBEDTLS_TEST_HAVE_ASAN:!MBEDTLS_TEST_HAVE_MSAN:!MBEDTLS_TEST_HAVE_TSAN
check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index c7aab88..1bd8b65 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -2267,15 +2267,15 @@
cipher_encrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric encrypt: AES-ECB, 0 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":""
PSA symmetric encrypt: AES-ECB, 16 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97"
PSA symmetric encrypt: AES-ECB, 32 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1"
PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good
@@ -2411,7 +2411,7 @@
cipher_decrypt_fail:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-ECB, input too short (15 bytes)
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
@@ -2423,15 +2423,15 @@
cipher_decrypt_fail:PSA_ALG_CCM_STAR_NO_TAG:PSA_KEY_TYPE_AES:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"2a2a2a2a2a2a2a2a":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-ECB, 0 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":""
PSA symmetric decrypt: AES-ECB, 16 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f"
PSA symmetric decrypt: AES-ECB, 32 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97"
PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
@@ -2487,15 +2487,15 @@
cipher_decrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"000000000000004a00000000":"fb6d7b60e9e67669b607a9b94a606bdca678d44f0ebf24cbd623efd69cc2bdc0f615ac19d0366a8d00e3d6728f5ee01d61d74ab77edc17a7621f2268eea12e656e2e359a2568f98041ba0728dd0d6981e97e7aec1d4360c20a27afccfd9fae0bf91b65c5524733ab8f593dabcd62b3571639d624e65152ab8f530c359f0861d807ca0dbf500d6a6156a38e088a22b65e52bc514d16ccf806818ce91ab77937365af90bbf74a35be6b40b8eedf2785e42874d":"546865205246432037353339207465737420766563746f72207573657320636f756e7465723d312c2062757420505341207573657320636f756e7465723d302e4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e"
PSA symmetric decrypt multipart: AES-ECB, 0 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS
PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS
PSA symmetric decrypt multipart: AES-ECB, 32 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":32:32:0:"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
PSA symmetric decrypt multipart: AES-CBC-nopad, 16 bytes, good
@@ -2519,7 +2519,7 @@
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
PSA symmetric decrypt multipart: AES-ECB, input too short (15 bytes)
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":0:0:0:"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt multipart: AES-CBC-nopad, input too short (5 bytes)
@@ -2551,7 +2551,7 @@
cipher_decrypt_multipart:PSA_ALG_CCM_STAR_NO_TAG:PSA_KEY_TYPE_AES:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":10:10:14:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":PSA_SUCCESS
PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_verify_output:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
@@ -2663,15 +2663,15 @@
cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 16+16 bytes
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 11+21 bytes
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 28+4 bytes
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
@@ -2735,7 +2735,7 @@
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric encrypt/decrypt multipart: AES-ECB, 16 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
cipher_verify_output_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 16 bytes, good
@@ -7342,7 +7342,7 @@
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT
PSA generate key: RSA, e=2
-generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT
+generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"02":PSA_ERROR_INVALID_ARGUMENT
PSA generate key: FFDH, 2048 bits, good
depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a510f8e..4c08a90 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -9688,14 +9688,24 @@
PSA_ASSERT(psa_get_key_attributes(key, &attributes));
TEST_EQUAL(psa_get_key_type(&attributes), type);
TEST_EQUAL(psa_get_key_bits(&attributes), bits);
- PSA_ASSERT(psa_get_key_domain_parameters(&attributes,
- e_read_buffer, e_read_size,
- &e_read_length));
+ psa_status_t status = psa_get_key_domain_parameters(&attributes,
+ e_read_buffer, e_read_size,
+ &e_read_length);
+
+
+#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
if (is_default_public_exponent) {
TEST_EQUAL(e_read_length, 0);
} else {
+ TEST_EQUAL(status, PSA_SUCCESS);
TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len);
}
+#else
+ (void) is_default_public_exponent;
+ TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED);
+#endif
/* Do something with the key according to its type and permitted usage. */
if (!mbedtls_test_psa_exercise_key(key, usage, alg)) {
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index 1d96f72..032fa47 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -845,10 +845,10 @@
psa_set_key_bits(&attributes, 0);
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
- mbedtls_test_driver_key_management_hooks.forced_status = force_status;
-
PSA_ASSERT(psa_crypto_init());
+ mbedtls_test_driver_key_management_hooks.hits = 0;
+ mbedtls_test_driver_key_management_hooks.forced_status = force_status;
actual_status = psa_import_key(&attributes, key_input->x, key_input->len, &key);
TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1);
TEST_EQUAL(actual_status, expected_status);
@@ -906,6 +906,7 @@
}
mbedtls_test_driver_key_management_hooks.hits = 0;
+ mbedtls_test_driver_key_management_hooks.hits_export_public_key = 0;
mbedtls_test_driver_key_management_hooks.forced_status = force_status;
if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type)) {
@@ -923,7 +924,7 @@
if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type) &&
!PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(input_key_type)) {
- TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1);
+ TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits_export_public_key, 1);
}
if (actual_status == PSA_SUCCESS) {
@@ -1059,9 +1060,11 @@
PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
&key));
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits_encrypt = 0;
PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1,
output1_buffer_size, &output1_length));
- TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+ TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits_encrypt, 1);
mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
@@ -1161,6 +1164,7 @@
PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
&key));
+ mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
mbedtls_test_driver_cipher_hooks.hits = 0;
@@ -1289,6 +1293,7 @@
PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
&key));
+ mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg));
TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
mbedtls_test_driver_cipher_hooks.hits = 0;
@@ -1414,6 +1419,7 @@
mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output,
output_buffer_size, &output_length);
TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
@@ -1468,23 +1474,26 @@
* First test that if we don't force a driver error, encryption is
* successful, then force driver error.
*/
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits_encrypt = 0;
status = psa_cipher_encrypt(
key, alg, input->x, input->len,
output, output_buffer_size, &function_output_length);
- TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+ TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits_encrypt, 1);
TEST_EQUAL(status, PSA_SUCCESS);
mbedtls_test_driver_cipher_hooks.hits = 0;
- mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status_encrypt = PSA_ERROR_GENERIC_ERROR;
/* Set the output buffer in a given state. */
for (size_t i = 0; i < output_buffer_size; i++) {
output[i] = 0xa5;
}
+ mbedtls_test_driver_cipher_hooks.hits_encrypt = 0;
status = psa_cipher_encrypt(
key, alg, input->x, input->len,
output, output_buffer_size, &function_output_length);
- TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+ TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits_encrypt, 1);
TEST_EQUAL(status, PSA_ERROR_GENERIC_ERROR);
/*
* Check that the output buffer is still in the same state.
@@ -1545,17 +1554,18 @@
TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
mbedtls_test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits_set_iv = 0;
- mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status_set_iv = PSA_ERROR_GENERIC_ERROR;
/* Set the output buffer in a given state. */
for (size_t i = 0; i < 16; i++) {
output[i] = 0xa5;
}
status = psa_cipher_generate_iv(&operation, output, 16, &function_output_length);
- /* When generating the IV fails, it should call abort too */
- TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2);
- TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+ TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits_set_iv, 1);
+ TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status_set_iv);
+ mbedtls_test_driver_cipher_hooks.forced_status_set_iv = PSA_SUCCESS;
/*
* Check that the output buffer is still in the same state.
* This will fail if the output buffer is used by the core to pass the IV
diff --git a/tests/suites/test_suite_psa_crypto_pake.function b/tests/suites/test_suite_psa_crypto_pake.function
index 96c1195..fed2c41 100644
--- a/tests/suites/test_suite_psa_crypto_pake.function
+++ b/tests/suites/test_suite_psa_crypto_pake.function
@@ -44,7 +44,7 @@
ERR_INJECT_EXTRA_INPUT,
ERR_INJECT_EXTRA_OUTPUT_AT_END,
ERR_INJECT_EXTRA_INPUT_AT_END,
- /* erros issued from the .data file */
+ /* errors issued from the .data file */
ERR_IN_SETUP,
ERR_IN_SET_USER,
ERR_IN_SET_PEER,
@@ -59,9 +59,11 @@
PAKE_ROUND_TWO
} pake_round_t;
+#if defined(PSA_WANT_ALG_JPAKE)
/* The only two JPAKE user/peer identifiers supported for the time being. */
static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' };
static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
+#endif
/*
* Inject an error on the specified buffer ONLY it this is the correct stage.
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index b4f2d23..8564d35 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -746,19 +746,12 @@
* MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) is a volatile
* key identifier as the imported key is a volatile key. Volatile
* key identifiers are in the range from PSA_KEY_ID_VOLATILE_MIN
- * to PSA_KEY_ID_VOLATILE_MAX included. Thus pick a key identifier
- * in the range from PSA_KEY_ID_VOLATILE_MIN to
- * PSA_KEY_ID_VOLATILE_MAX different from
- * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) to build an
- * unopened and thus invalid identifier.
+ * to PSA_KEY_ID_VOLATILE_MAX included. It is very unlikely that
+ * all IDs are used up to the last one, so pick
+ * PSA_KEY_ID_VOLATILE_MAX to build an unopened and thus invalid
+ * identifier.
*/
-
- if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) ==
- PSA_KEY_ID_VOLATILE_MIN) {
- key_id = PSA_KEY_ID_VOLATILE_MIN + 1;
- } else {
- key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) - 1;
- }
+ key_id = PSA_KEY_ID_VOLATILE_MAX;
invalid_handle =
mbedtls_svc_key_id_make(0, key_id);
@@ -938,11 +931,16 @@
mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT;
mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
mbedtls_svc_key_id_t *keys = NULL;
+ mbedtls_psa_stats_t psa_key_slots_stats;
+ size_t available_key_slots = 0;
TEST_ASSERT(MBEDTLS_PSA_KEY_SLOT_COUNT >= 1);
- TEST_CALLOC(keys, MBEDTLS_PSA_KEY_SLOT_COUNT);
PSA_ASSERT(psa_crypto_init());
+ mbedtls_psa_get_stats(&psa_key_slots_stats);
+ available_key_slots = psa_key_slots_stats.empty_slots;
+
+ TEST_CALLOC(keys, available_key_slots);
psa_set_key_usage_flags(&attributes,
PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY);
@@ -961,10 +959,10 @@
TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, persistent_key));
/*
- * Create MBEDTLS_PSA_KEY_SLOT_COUNT volatile keys
+ * Create the maximum available number of volatile keys
*/
psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_VOLATILE);
- for (i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++) {
+ for (i = 0; i < available_key_slots; i++) {
PSA_ASSERT(psa_import_key(&attributes,
(uint8_t *) &i, sizeof(i),
&keys[i]));
@@ -983,12 +981,12 @@
* Check we can export the volatile key created last and that it has the
* expected value. Then, destroy it.
*/
- PSA_ASSERT(psa_export_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1],
+ PSA_ASSERT(psa_export_key(keys[available_key_slots - 1],
exported, sizeof(exported),
&exported_length));
- i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1;
+ i = available_key_slots - 1;
TEST_MEMORY_COMPARE(exported, exported_length, (uint8_t *) &i, sizeof(i));
- PSA_ASSERT(psa_destroy_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1]));
+ PSA_ASSERT(psa_destroy_key(keys[available_key_slots - 1]));
/*
* Check that we can now access the persistent key again.
@@ -1011,7 +1009,7 @@
* Check we can export the remaining volatile keys and that they have the
* expected values.
*/
- for (i = 0; i < (MBEDTLS_PSA_KEY_SLOT_COUNT - 1); i++) {
+ for (i = 0; i < (available_key_slots - 1); i++) {
PSA_ASSERT(psa_export_key(keys[i],
exported, sizeof(exported),
&exported_length));
diff --git a/tests/suites/test_suite_random.function b/tests/suites/test_suite_random.function
index 58cddb7..155b8e7 100644
--- a/tests/suites/test_suite_random.function
+++ b/tests/suites/test_suite_random.function
@@ -26,7 +26,12 @@
unsigned char output1[OUTPUT_SIZE];
unsigned char output2[OUTPUT_SIZE];
+#if defined(MBEDTLS_AES_C)
MD_PSA_INIT();
+#else
+ USE_PSA_INIT();
+#endif
+
/* First round */
mbedtls_entropy_init(&entropy);
@@ -56,7 +61,11 @@
exit:
mbedtls_ctr_drbg_free(&drbg);
mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_AES_C)
MD_PSA_DONE();
+#else
+ USE_PSA_DONE();
+#endif
}
/* END_CASE */
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 85776cc..8a03d1b 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -1145,21 +1145,21 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
-void ssl_set_hostname_twice(char *hostname0, char *hostname1)
+void ssl_set_hostname_twice(char *input_hostname0, char *input_hostname1)
{
- const char *hostname;
+ const char *output_hostname;
mbedtls_ssl_context ssl;
mbedtls_ssl_init(&ssl);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname0) == 0);
- hostname = mbedtls_ssl_get_hostname(&ssl);
- TEST_ASSERT(strcmp(hostname0, hostname) == 0);
+ TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, input_hostname0) == 0);
+ output_hostname = mbedtls_ssl_get_hostname(&ssl);
+ TEST_ASSERT(strcmp(input_hostname0, output_hostname) == 0);
- TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname1) == 0);
- hostname = mbedtls_ssl_get_hostname(&ssl);
- TEST_ASSERT(strcmp(hostname1, hostname) == 0);
+ TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, input_hostname1) == 0);
+ output_hostname = mbedtls_ssl_get_hostname(&ssl);
+ TEST_ASSERT(strcmp(input_hostname1, output_hostname) == 0);
exit:
mbedtls_ssl_free(&ssl);
@@ -2096,6 +2096,10 @@
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ TEST_ASSERT(original.record_size_limit == restored.record_size_limit);
+#endif
+
exit:
mbedtls_ssl_session_free(&original);
mbedtls_ssl_session_free(&restored);
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index 28cef30..5c6a903 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -265,3 +265,6 @@
Check max serial length
x509_set_serial_check:
+
+Check max extension length
+x509_set_extension_length_check:
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 4de9add..503d976 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -665,13 +665,15 @@
mbedtls_x509write_cert ctx;
uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1];
+#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
+ mbedtls_mpi serial_mpi;
+ mbedtls_mpi_init(&serial_mpi);
+#endif
+
USE_PSA_INIT();
memset(invalid_serial, 0x01, sizeof(invalid_serial));
#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
- mbedtls_mpi serial_mpi;
-
- mbedtls_mpi_init(&serial_mpi);
TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial,
sizeof(invalid_serial)), 0);
TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi),
@@ -750,3 +752,24 @@
USE_PSA_DONE();
}
/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_WRITE_C */
+void x509_set_extension_length_check()
+{
+ int ret = 0;
+
+ mbedtls_x509write_csr ctx;
+ mbedtls_x509write_csr_init(&ctx);
+
+ unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 };
+ unsigned char *p = buf + sizeof(buf);
+
+ ret = mbedtls_x509_set_extension(&(ctx.MBEDTLS_PRIVATE(extensions)),
+ MBEDTLS_OID_EXTENDED_KEY_USAGE,
+ MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE),
+ 0,
+ p,
+ SIZE_MAX);
+ TEST_ASSERT(MBEDTLS_ERR_X509_BAD_INPUT_DATA == ret);
+}
+/* END_CASE */
